====================================== Sat, 10 Sep 2022 - Debian 10.13 released ====================================== ========================================================================= [Date: Sat, 10 Sep 2022 10:40:42 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: elog | 3.1.3-1-1 | source, amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x Closed bugs: 1010197 ------------------- Reason ------------------- RoQA; unmaintained; security issues ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 10:41:02 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: libnet-amazon-perl | 0.62-2 | source, all Closed bugs: 1018247 ------------------- Reason ------------------- RoQA; depends on removed API ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 10:44:19 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: affs-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel affs-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el affs-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel affs-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel ata-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel ata-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el ata-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf ata-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel ata-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el btrfs-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel btrfs-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el btrfs-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf btrfs-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel btrfs-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel btrfs-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel btrfs-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el btrfs-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x cdrom-core-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel cdrom-core-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el cdrom-core-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf cdrom-core-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel cdrom-core-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel cdrom-core-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel cdrom-core-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el cdrom-core-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x compress-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel compress-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el compress-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf compress-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel compress-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel compress-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel compress-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el compress-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x crc-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel crc-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el crc-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf crc-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel crc-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel crc-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel crc-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el crc-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x crypto-dm-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel crypto-dm-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el crypto-dm-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf crypto-dm-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel crypto-dm-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel crypto-dm-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel crypto-dm-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el crypto-dm-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x crypto-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel crypto-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el crypto-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf crypto-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel crypto-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel crypto-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel crypto-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el crypto-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x dasd-extra-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x dasd-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x efi-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf event-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel event-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el event-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf event-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel event-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel event-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel event-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el ext4-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel ext4-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el ext4-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf ext4-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel ext4-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel ext4-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel ext4-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el ext4-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x fancontrol-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el fat-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel fat-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el fat-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf fat-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel fat-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel fat-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel fat-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el fat-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x fb-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel fb-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el fb-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf fb-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel fb-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel fb-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el firewire-core-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel firewire-core-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el fuse-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel fuse-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el fuse-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf fuse-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel fuse-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel fuse-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel fuse-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el fuse-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x hfs-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel hfs-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el hfs-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel hfs-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel hypervisor-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el i2c-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel i2c-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el i2c-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf i2c-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el input-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel input-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el input-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf input-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel input-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel input-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel input-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el ipv6-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel isofs-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel isofs-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el isofs-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf isofs-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel isofs-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel isofs-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel isofs-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el isofs-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x jffs2-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel jfs-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel jfs-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el jfs-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf jfs-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel jfs-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel jfs-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel jfs-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el kernel-image-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel kernel-image-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el kernel-image-4.19.0-18-armmp-di | 4.19.208-1 | armhf kernel-image-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel kernel-image-4.19.0-18-marvell-di | 4.19.208-1 | armel kernel-image-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel kernel-image-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el kernel-image-4.19.0-18-s390x-di | 4.19.208-1 | s390x leds-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf leds-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel liblockdep-dev | 4.19.208-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x liblockdep4.19 | 4.19.208-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x linux-doc-4.19 | 4.19.208-1 | all linux-headers-4.19.0-18-4kc-malta | 4.19.208-1 | mips, mipsel linux-headers-4.19.0-18-5kc-malta | 4.19.208-1 | mips, mips64el, mipsel linux-headers-4.19.0-18-686 | 4.19.208-1 | i386 linux-headers-4.19.0-18-686-pae | 4.19.208-1 | i386 linux-headers-4.19.0-18-all | 4.19.208-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x linux-headers-4.19.0-18-all-amd64 | 4.19.208-1 | amd64 linux-headers-4.19.0-18-all-arm64 | 4.19.208-1 | arm64 linux-headers-4.19.0-18-all-armel | 4.19.208-1 | armel linux-headers-4.19.0-18-all-armhf | 4.19.208-1 | armhf linux-headers-4.19.0-18-all-i386 | 4.19.208-1 | i386 linux-headers-4.19.0-18-all-mips | 4.19.208-1 | mips linux-headers-4.19.0-18-all-mips64el | 4.19.208-1 | mips64el linux-headers-4.19.0-18-all-mipsel | 4.19.208-1 | mipsel linux-headers-4.19.0-18-all-ppc64el | 4.19.208-1 | ppc64el linux-headers-4.19.0-18-all-s390x | 4.19.208-1 | s390x linux-headers-4.19.0-18-amd64 | 4.19.208-1 | amd64 linux-headers-4.19.0-18-arm64 | 4.19.208-1 | arm64 linux-headers-4.19.0-18-armmp | 4.19.208-1 | armhf linux-headers-4.19.0-18-armmp-lpae | 4.19.208-1 | armhf linux-headers-4.19.0-18-cloud-amd64 | 4.19.208-1 | amd64 linux-headers-4.19.0-18-common | 4.19.208-1 | all linux-headers-4.19.0-18-common-rt | 4.19.208-1 | all linux-headers-4.19.0-18-loongson-3 | 4.19.208-1 | mips64el, mipsel linux-headers-4.19.0-18-marvell | 4.19.208-1 | armel linux-headers-4.19.0-18-octeon | 4.19.208-1 | mips, mips64el, mipsel linux-headers-4.19.0-18-powerpc64le | 4.19.208-1 | ppc64el linux-headers-4.19.0-18-rpi | 4.19.208-1 | armel linux-headers-4.19.0-18-rt-686-pae | 4.19.208-1 | i386 linux-headers-4.19.0-18-rt-amd64 | 4.19.208-1 | amd64 linux-headers-4.19.0-18-rt-arm64 | 4.19.208-1 | arm64 linux-headers-4.19.0-18-rt-armmp | 4.19.208-1 | armhf linux-headers-4.19.0-18-s390x | 4.19.208-1 | s390x linux-image-4.19.0-18-4kc-malta | 4.19.208-1 | mips, mipsel linux-image-4.19.0-18-4kc-malta-dbg | 4.19.208-1 | mips, mipsel linux-image-4.19.0-18-5kc-malta | 4.19.208-1 | mips, mips64el, mipsel linux-image-4.19.0-18-5kc-malta-dbg | 4.19.208-1 | mips, mips64el, mipsel linux-image-4.19.0-18-686-dbg | 4.19.208-1 | i386 linux-image-4.19.0-18-686-pae-dbg | 4.19.208-1 | i386 linux-image-4.19.0-18-686-pae-unsigned | 4.19.208-1 | i386 linux-image-4.19.0-18-686-unsigned | 4.19.208-1 | i386 linux-image-4.19.0-18-amd64-dbg | 4.19.208-1 | amd64 linux-image-4.19.0-18-amd64-unsigned | 4.19.208-1 | amd64 linux-image-4.19.0-18-arm64-dbg | 4.19.208-1 | arm64 linux-image-4.19.0-18-arm64-unsigned | 4.19.208-1 | arm64 linux-image-4.19.0-18-armmp | 4.19.208-1 | armhf linux-image-4.19.0-18-armmp-dbg | 4.19.208-1 | armhf linux-image-4.19.0-18-armmp-lpae | 4.19.208-1 | armhf linux-image-4.19.0-18-armmp-lpae-dbg | 4.19.208-1 | armhf linux-image-4.19.0-18-cloud-amd64-dbg | 4.19.208-1 | amd64 linux-image-4.19.0-18-cloud-amd64-unsigned | 4.19.208-1 | amd64 linux-image-4.19.0-18-loongson-3 | 4.19.208-1 | mips64el, mipsel linux-image-4.19.0-18-loongson-3-dbg | 4.19.208-1 | mips64el, mipsel linux-image-4.19.0-18-marvell | 4.19.208-1 | armel linux-image-4.19.0-18-marvell-dbg | 4.19.208-1 | armel linux-image-4.19.0-18-octeon | 4.19.208-1 | mips, mips64el, mipsel linux-image-4.19.0-18-octeon-dbg | 4.19.208-1 | mips, mips64el, mipsel linux-image-4.19.0-18-powerpc64le | 4.19.208-1 | ppc64el linux-image-4.19.0-18-powerpc64le-dbg | 4.19.208-1 | ppc64el linux-image-4.19.0-18-rpi | 4.19.208-1 | armel linux-image-4.19.0-18-rpi-dbg | 4.19.208-1 | armel linux-image-4.19.0-18-rt-686-pae-dbg | 4.19.208-1 | i386 linux-image-4.19.0-18-rt-686-pae-unsigned | 4.19.208-1 | i386 linux-image-4.19.0-18-rt-amd64-dbg | 4.19.208-1 | amd64 linux-image-4.19.0-18-rt-amd64-unsigned | 4.19.208-1 | amd64 linux-image-4.19.0-18-rt-arm64-dbg | 4.19.208-1 | arm64 linux-image-4.19.0-18-rt-arm64-unsigned | 4.19.208-1 | arm64 linux-image-4.19.0-18-rt-armmp | 4.19.208-1 | armhf linux-image-4.19.0-18-rt-armmp-dbg | 4.19.208-1 | armhf linux-image-4.19.0-18-s390x | 4.19.208-1 | s390x linux-image-4.19.0-18-s390x-dbg | 4.19.208-1 | s390x linux-source-4.19 | 4.19.208-1 | all linux-support-4.19.0-18 | 4.19.208-1 | all lockdep | 4.19.208-1 | all loop-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel loop-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el loop-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf loop-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel loop-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel loop-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel loop-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el loop-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x md-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel md-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el md-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf md-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel md-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel md-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel md-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el md-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x minix-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel minix-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el minix-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel minix-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel minix-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel mmc-core-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel mmc-core-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el mmc-core-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel mmc-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel mmc-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el mmc-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf mmc-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel mouse-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel mouse-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el mouse-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel mouse-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el mtd-core-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel mtd-core-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el mtd-core-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel mtd-core-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel mtd-core-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el mtd-core-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x mtd-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf mtd-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel multipath-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel multipath-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el multipath-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf multipath-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel multipath-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel multipath-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel multipath-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el multipath-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x nbd-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel nbd-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el nbd-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf nbd-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel nbd-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel nbd-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel nbd-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el nbd-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x nfs-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel nic-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel nic-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el nic-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf nic-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel nic-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel nic-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel nic-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el nic-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x nic-shared-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel nic-shared-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el nic-shared-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf nic-shared-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel nic-shared-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel nic-shared-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel nic-shared-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el nic-usb-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel nic-usb-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el nic-usb-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf nic-usb-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel nic-usb-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel nic-usb-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel nic-usb-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el nic-wireless-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel nic-wireless-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el nic-wireless-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf nic-wireless-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel nic-wireless-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel nic-wireless-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el pata-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel pata-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el pata-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf pata-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel pata-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel ppp-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel ppp-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el ppp-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf ppp-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel ppp-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel ppp-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel ppp-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el rtc-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel sata-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel sata-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el sata-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf sata-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel sata-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel sata-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel sata-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el scsi-core-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel scsi-core-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el scsi-core-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf scsi-core-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel scsi-core-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel scsi-core-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel scsi-core-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el scsi-core-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x scsi-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel scsi-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el scsi-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf scsi-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel scsi-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel scsi-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el scsi-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x scsi-nic-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel scsi-nic-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el scsi-nic-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf scsi-nic-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel scsi-nic-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel scsi-nic-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el serial-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el sound-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel sound-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el sound-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel sound-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel speakup-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel squashfs-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel squashfs-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el squashfs-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf squashfs-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel squashfs-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel squashfs-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel squashfs-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el udf-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel udf-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el udf-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf udf-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel udf-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel udf-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel udf-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el udf-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x uinput-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf uinput-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel uinput-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el usb-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel usb-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el usb-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf usb-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel usb-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel usb-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel usb-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el usb-serial-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel usb-serial-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el usb-serial-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf usb-serial-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel usb-serial-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel usb-serial-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel usb-serial-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el usb-storage-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel usb-storage-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el usb-storage-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf usb-storage-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel usb-storage-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel usb-storage-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel usb-storage-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el xfs-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel xfs-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el xfs-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel xfs-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel xfs-modules-4.19.0-18-powerpc64le-di | 4.19.208-1 | ppc64el xfs-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x zlib-modules-4.19.0-18-4kc-malta-di | 4.19.208-1 | mips, mipsel zlib-modules-4.19.0-18-5kc-malta-di | 4.19.208-1 | mips64el zlib-modules-4.19.0-18-armmp-di | 4.19.208-1 | armhf zlib-modules-4.19.0-18-loongson-3-di | 4.19.208-1 | mips64el, mipsel zlib-modules-4.19.0-18-marvell-di | 4.19.208-1 | armel zlib-modules-4.19.0-18-octeon-di | 4.19.208-1 | mips, mips64el, mipsel zlib-modules-4.19.0-18-s390x-di | 4.19.208-1 | s390x ------------------- Reason ------------------- [auto-cruft] old Linux ABI ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 10:45:25 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: acpi-modules-4.19.0-18-686-di | 4.19.208-1 | i386 acpi-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 acpi-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 ata-modules-4.19.0-18-686-di | 4.19.208-1 | i386 ata-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 ata-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 ata-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 btrfs-modules-4.19.0-18-686-di | 4.19.208-1 | i386 btrfs-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 btrfs-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 btrfs-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 cdrom-core-modules-4.19.0-18-686-di | 4.19.208-1 | i386 cdrom-core-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 cdrom-core-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 cdrom-core-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 compress-modules-4.19.0-18-686-di | 4.19.208-1 | i386 compress-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 compress-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 compress-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 crc-modules-4.19.0-18-686-di | 4.19.208-1 | i386 crc-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 crc-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 crc-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 crypto-dm-modules-4.19.0-18-686-di | 4.19.208-1 | i386 crypto-dm-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 crypto-dm-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 crypto-dm-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 crypto-modules-4.19.0-18-686-di | 4.19.208-1 | i386 crypto-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 crypto-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 crypto-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 efi-modules-4.19.0-18-686-di | 4.19.208-1 | i386 efi-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 efi-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 efi-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 event-modules-4.19.0-18-686-di | 4.19.208-1 | i386 event-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 event-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 event-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 ext4-modules-4.19.0-18-686-di | 4.19.208-1 | i386 ext4-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 ext4-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 ext4-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 fat-modules-4.19.0-18-686-di | 4.19.208-1 | i386 fat-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 fat-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 fat-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 fb-modules-4.19.0-18-686-di | 4.19.208-1 | i386 fb-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 fb-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 fb-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 firewire-core-modules-4.19.0-18-686-di | 4.19.208-1 | i386 firewire-core-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 firewire-core-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 fuse-modules-4.19.0-18-686-di | 4.19.208-1 | i386 fuse-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 fuse-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 fuse-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 i2c-modules-4.19.0-18-686-di | 4.19.208-1 | i386 i2c-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 i2c-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 i2c-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 input-modules-4.19.0-18-686-di | 4.19.208-1 | i386 input-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 input-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 input-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 isofs-modules-4.19.0-18-686-di | 4.19.208-1 | i386 isofs-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 isofs-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 isofs-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 jfs-modules-4.19.0-18-686-di | 4.19.208-1 | i386 jfs-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 jfs-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 jfs-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 kernel-image-4.19.0-18-686-di | 4.19.208-1 | i386 kernel-image-4.19.0-18-686-pae-di | 4.19.208-1 | i386 kernel-image-4.19.0-18-amd64-di | 4.19.208-1 | amd64 kernel-image-4.19.0-18-arm64-di | 4.19.208-1 | arm64 leds-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 linux-image-4.19.0-18-686 | 4.19.208-1 | i386 linux-image-4.19.0-18-686-pae | 4.19.208-1 | i386 linux-image-4.19.0-18-amd64 | 4.19.208-1 | amd64 linux-image-4.19.0-18-arm64 | 4.19.208-1 | arm64 linux-image-4.19.0-18-cloud-amd64 | 4.19.208-1 | amd64 linux-image-4.19.0-18-rt-686-pae | 4.19.208-1 | i386 linux-image-4.19.0-18-rt-amd64 | 4.19.208-1 | amd64 linux-image-4.19.0-18-rt-arm64 | 4.19.208-1 | arm64 loop-modules-4.19.0-18-686-di | 4.19.208-1 | i386 loop-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 loop-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 loop-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 md-modules-4.19.0-18-686-di | 4.19.208-1 | i386 md-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 md-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 md-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 mmc-core-modules-4.19.0-18-686-di | 4.19.208-1 | i386 mmc-core-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 mmc-core-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 mmc-modules-4.19.0-18-686-di | 4.19.208-1 | i386 mmc-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 mmc-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 mmc-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 mouse-modules-4.19.0-18-686-di | 4.19.208-1 | i386 mouse-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 mouse-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 mtd-core-modules-4.19.0-18-686-di | 4.19.208-1 | i386 mtd-core-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 mtd-core-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 mtd-core-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 multipath-modules-4.19.0-18-686-di | 4.19.208-1 | i386 multipath-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 multipath-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 multipath-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 nbd-modules-4.19.0-18-686-di | 4.19.208-1 | i386 nbd-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 nbd-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 nbd-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 nic-modules-4.19.0-18-686-di | 4.19.208-1 | i386 nic-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 nic-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 nic-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 nic-pcmcia-modules-4.19.0-18-686-di | 4.19.208-1 | i386 nic-pcmcia-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 nic-pcmcia-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 nic-shared-modules-4.19.0-18-686-di | 4.19.208-1 | i386 nic-shared-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 nic-shared-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 nic-shared-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 nic-usb-modules-4.19.0-18-686-di | 4.19.208-1 | i386 nic-usb-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 nic-usb-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 nic-usb-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 nic-wireless-modules-4.19.0-18-686-di | 4.19.208-1 | i386 nic-wireless-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 nic-wireless-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 nic-wireless-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 pata-modules-4.19.0-18-686-di | 4.19.208-1 | i386 pata-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 pata-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 pcmcia-modules-4.19.0-18-686-di | 4.19.208-1 | i386 pcmcia-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 pcmcia-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 pcmcia-storage-modules-4.19.0-18-686-di | 4.19.208-1 | i386 pcmcia-storage-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 pcmcia-storage-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 ppp-modules-4.19.0-18-686-di | 4.19.208-1 | i386 ppp-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 ppp-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 ppp-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 sata-modules-4.19.0-18-686-di | 4.19.208-1 | i386 sata-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 sata-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 sata-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 scsi-core-modules-4.19.0-18-686-di | 4.19.208-1 | i386 scsi-core-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 scsi-core-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 scsi-core-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 scsi-modules-4.19.0-18-686-di | 4.19.208-1 | i386 scsi-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 scsi-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 scsi-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 scsi-nic-modules-4.19.0-18-686-di | 4.19.208-1 | i386 scsi-nic-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 scsi-nic-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 scsi-nic-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 serial-modules-4.19.0-18-686-di | 4.19.208-1 | i386 serial-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 serial-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 sound-modules-4.19.0-18-686-di | 4.19.208-1 | i386 sound-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 sound-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 speakup-modules-4.19.0-18-686-di | 4.19.208-1 | i386 speakup-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 speakup-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 squashfs-modules-4.19.0-18-686-di | 4.19.208-1 | i386 squashfs-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 squashfs-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 squashfs-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 udf-modules-4.19.0-18-686-di | 4.19.208-1 | i386 udf-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 udf-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 udf-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 uinput-modules-4.19.0-18-686-di | 4.19.208-1 | i386 uinput-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 uinput-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 uinput-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 usb-modules-4.19.0-18-686-di | 4.19.208-1 | i386 usb-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 usb-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 usb-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 usb-serial-modules-4.19.0-18-686-di | 4.19.208-1 | i386 usb-serial-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 usb-serial-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 usb-serial-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 usb-storage-modules-4.19.0-18-686-di | 4.19.208-1 | i386 usb-storage-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 usb-storage-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 usb-storage-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 xfs-modules-4.19.0-18-686-di | 4.19.208-1 | i386 xfs-modules-4.19.0-18-686-pae-di | 4.19.208-1 | i386 xfs-modules-4.19.0-18-amd64-di | 4.19.208-1 | amd64 xfs-modules-4.19.0-18-arm64-di | 4.19.208-1 | arm64 ------------------- Reason ------------------- [auto-cruft] old Linux ABI ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 10:46:55 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: libstd-rust-mozilla-1.51 | 1.51.0+dfsg1-1~deb10u2 | amd64, arm64, armhf, i386, mips64el, mipsel, ppc64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by rustc-mozilla) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 10:48:25 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: libstd-rust-mozilla-dev-windows | 1.51.0+dfsg1-1~deb10u2 | amd64, i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by rustc-mozilla) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 10:48:50 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: librust-cbindgen-dev | 0.8.7-1 | armel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by rust-cbindgen - based on source metadata) ---------------------------------------------- ========================================================================= adminer (4.7.1-1+deb10u1) buster; urgency=medium . * provide a compiled version and configuration files (Closes: #952755) * privacy: default to disable check for new version * Backport security patch series from upstream: - Fix open redirect if Adminer is accessible at //adminer.php%2F@ - Fix XSS if Adminer is accessible at URL /data - CVE-2020-35572: Fix XSS in browsers which don't encode URL parameters - CVE-2021-21311: Elasticsearch: Do not print response if HTTP code is not 200 - CVE-2021-29625: XSS in doc_link apache2 (2.4.38-3+deb10u8) buster; urgency=medium . * Non-maintainer upload. * CVE-2022-22719: denial of service in mod_lua via crafted request body. * CVE-2022-22720: HTTP request smuggling. * CVE-2022-22721: integer overflow leading to buffer overflow write. * CVE-2022-23943: heap memory overwrite via crafted data in mod_sed. * CVE-2022-26377: mod_proxy_ajp: Possible request smuggling. * CVE-2022-28614: read beyond bounds via ap_rwrite(). * CVE-2022-28615: Read beyond bounds in ap_strcmp_match(). * CVE-2022-29404: Denial of service in mod_lua r:parsebody. * CVE-2022-30522: mod_sed denial of service. * CVE-2022-30556: Information Disclosure in mod_lua with websockets. * CVE-2022-31813: mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism. base-files (10.3+deb10u13) buster; urgency=medium . * Change /etc/debian_version to 10.13, for Debian 10.13 point release. blender (2.79.b+dfsg0-7+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2022-0546 out-of-bounds heap access due to missing checks in the image loader could result in denial of service, memory corruption or potentially code execution * CVE-2022-0545 integer overflow while processing 2d images might result in a write-what-where vulnerability or an out-of-bounds read vulnerability which could leak sensitive information or achieve code execution * CVE-2022-0544 Crafted DDS image files could create an integer underflow in the DDS loader which leads to an out-of-bounds read and might leak sensitive information. booth (1.0-162-g27f917f-2+deb10u1) buster-security; urgency=high . * d/patches: add patch for CVE-2022-2553 cargo-mozilla (0.57.0-7~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport to buster. * Bump rustc-mozilla build-dep. chromium (90.0.4430.212-1~deb10u1) buster-security; urgency=medium . * New upstream security release. - CVE-2021-30506: Incorrect security UI in Web App Installs. Reported by @retsew0x01 - CVE-2021-30507: Inappropriate implementation in Offline. Reported by Alison Huffman - CVE-2021-30508: Heap buffer overflow in Media Feeds. Reported by Leecraso and Guang Gong - CVE-2021-30509: Out of bounds write in Tab Strip. Reported by David Erceg - CVE-2021-30510: Race in Aura. Reported by Weipeng Jiang - CVE-2021-30511: Out of bounds read in Tab Groups. Reported by David Erceg - CVE-2021-30512: Use after free in Notifications. Reported by ZhanJia Song - CVE-2021-30513: Type Confusion in V8. Reported by Man Yue Mo - CVE-2021-30514: Use after free in Autofill. Reported by koocola and Wang - CVE-2021-30515: Use after free in File API. Reported by Rong Jian and Guang Gong - CVE-2021-30516: Heap buffer overflow in History. Reported by ZhanJia Song - CVE-2021-30517: Type Confusion in V8. Reported by laural - CVE-2021-30518: Heap buffer overflow in Reader Mode. Reported by Jun Kokatsu - CVE-2021-30519: Use after free in Payments. Reported by asnine - CVE-2021-30520: Use after free in Tab Strip. Reported by Khalil Zhani chromium (90.0.4430.93-1) unstable; urgency=medium . * New upstream security release (closes: #987715). - CVE-2021-21227: Insufficient data validation in V8. Reported by Gengming Liu of Singular Security Lab - CVE-2021-21232: Use after free in Dev Tools. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research - CVE-2021-21233: Heap buffer overflow in ANGLE. Reported by Omair - CVE-2021-21228: Insufficient policy enforcement in extensions. Reported by Rob Wu - CVE-2021-21229: Incorrect security UI in downloads. Reported by Mohit Raj (shadow2639) - CVE-2021-21230: Type Confusion in V8. Reported by Manfred Paul - CVE-2021-21231: Insufficient data validation in V8. Reported by Sergei Glazunov of Google Project Zero * Disable libaom on arm to potentially fix FTBFS on armhf chromium (90.0.4430.93-1~deb10u1) buster-security; urgency=medium . * New upstream security release. - CVE-2021-21227: Insufficient data validation in V8. Reported by Gengming Liu - CVE-2021-21228: Insufficient policy enforcement in extensions. Reported by Rob Wu - CVE-2021-21229: Incorrect security UI in downloads. Reported by Mohit Raj - CVE-2021-21230: Type Confusion in V8. Reported by Manfred Paul - CVE-2021-21231: Insufficient data validation in V8. Reported by Sergei Glazunov - CVE-2021-21232: Use after free in Dev Tools. Reported by Abdulrahman Alqabandi - CVE-2021-21233: Heap buffer overflow in ANGLE. Reported by Omair chromium (90.0.4430.85-1) unstable; urgency=medium . * New upstream security release (closes: #987358). - CVE-2021-21222: Heap buffer overflow in V8. Reported by Guang Gong of Alpha Lab, Qihoo 360 - CVE-2021-21223: Integer overflow in Mojo. Reported by Guang Gong of Alpha Lab, Qihoo 360 - CVE-2021-21224: Type Confusion in V8. Reported by Jose Martinez tr0y4 from VerSprite Inc. - CVE-2021-21225: Out of bounds memory access in V8. Reported by Brendon Tiszka @btiszka supporting the EFF - CVE-2021-21226: Use after free in navigation. Reported by Brendon Tiszka @btiszka supporting the EFF chromium (90.0.4430.85-1~deb10u1) buster-security; urgency=medium . * New upstream stable release. - CVE-2021-21201: Use after free in permissions. Reported by Gengming Liu and Jianyu Chen - CVE-2021-21202: Use after free in extensions. Reported by David Erceg - CVE-2021-21203: Use after free in Blink. Reported by asnine - CVE-2021-21204: Use after free in Blink. Reported by Chelse Tsai-Simek, Jeanette Ulloa, and Emily Voigtlander - CVE-2021-21205: Insufficient policy enforcement in navigation. Reported by Alison Huffman - CVE-2021-21221: Insufficient validation of untrusted input in Mojo. Reported by Guang Gong - CVE-2021-21207: Use after free in IndexedDB. Reported by koocola and Nan Wang - CVE-2021-21208: Insufficient data validation in QR scanner. Reported by Ahmed Elsobky - CVE-2021-21209: Inappropriate implementation in storage. Reported by Tom Van Goethem - CVE-2021-21210: Inappropriate implementation in Network. Reported by @bananabr - CVE-2021-21211: Inappropriate implementation in Navigation. Reported by Akash Labade - CVE-2021-21212: Incorrect security UI in Network Config UI. Reported by Hugo Hue and Sze Yiu Chau - CVE-2021-21213: Use after free in WebMIDI. Reported by raven - CVE-2021-21214: Use after free in Network API. Reported by Anonymous - CVE-2021-21215: Inappropriate implementation in Autofill. Reported by Abdulrahman Alqabandi - CVE-2021-21216: Inappropriate implementation in Autofill. Reported by Abdulrahman Alqabandi - CVE-2021-21217: Uninitialized Use in PDFium. Reported by Zhou Aiting - CVE-2021-21218: Uninitialized Use in PDFium. Reported by Zhou Aiting - CVE-2021-21219: Uninitialized Use in PDFium. Reported by Zhou Aiting - CVE-2021-21222: Heap buffer overflow in V8. Reported by Guang Gong - CVE-2021-21223: Integer overflow in Mojo. Reported by Guang Gong - CVE-2021-21224: Type Confusion in V8. Reported by Jose Martinez - CVE-2021-21225: Out of bounds memory access in V8. Reported by Brendon Tiszka - CVE-2021-21226: Use after free in navigation. Reported by Brendon Tiszka chromium (90.0.4430.72-1) unstable; urgency=medium . * New upstream security release (closes: #987053). - CVE-2021-21201: Use after free in permissions. Reported by Gengming Liu and Jianyu Chen when working at Tencent KeenLab - CVE-2021-21202: Use after free in extensions. Reported by David Erceg - CVE-2021-21203: Use after free in Blink. Reported by asnine - CVE-2021-21204: Use after free in Blink. Reported by Chelse Tsai-Simek, Jeanette Ulloa, and Emily Voigtlander of Seesaw - CVE-2021-21205: Insufficient policy enforcement in navigation. Reported by Alison Huffman, Microsoft Browser Vulnerability Research - CVE-2021-21221: Insufficient validation of untrusted input in Mojo. Reported by Guang Gong of Alpha Lab, Qihoo 360 - CVE-2021-21207: Use after free in IndexedDB. Reported by koocola @alo_cook and Nan Wang @eternalsakura13 of 360 Alpha Lab - CVE-2021-21208: Insufficient data validation in QR scanner. Reported by Ahmed Elsobky @0xsobky - CVE-2021-21209: Inappropriate implementation in storage. Reported by Tom Van Goethem @tomvangoethem - CVE-2021-21210: Inappropriate implementation in Network. Reported by @bananabr - CVE-2021-21211: Inappropriate implementation in Navigation. Reported by Akash Labade m0ns7er - CVE-2021-21212: Incorrect security UI in Network Config UI. Reported by Hugo Hue and Sze Yiu Chau of the Chinese University of Hong Kong - CVE-2021-21213: Use after free in WebMIDI. Reported by raven @raid_akame - CVE-2021-21214: Use after free in Network API. Reported by Anonymous - CVE-2021-21215: Inappropriate implementation in Autofill. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research - CVE-2021-21216: Inappropriate implementation in Autofill. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research - CVE-2021-21217: Uninitialized Use in PDFium. Reported by Zhou Aiting @zhouat1 of Qihoo 360 Vulcan Team - CVE-2021-21218: Uninitialized Use in PDFium. Reported by Zhou Aiting @zhouat1 of Qihoo 360 Vulcan Team - CVE-2021-21219: Uninitialized Use in PDFium. Reported by Zhou Aiting @zhouat1 of Qihoo 360 Vulcan Team chromium (89.0.4389.114-1) unstable; urgency=medium . * New upstream security release (closes: #986335). - CVE-2021-21194: Use after free in screen capture. Reported by Leecraso and Guang Gong - CVE-2021-21195: Use after free in V8. Reported by Liu and Liang - CVE-2021-21196: Heap buffer overflow in TabStrip. Reported by Khalil Zhani - CVE-2021-21197: Heap buffer overflow in TabStrip. Reported by Abdulrahman Alqabandi - CVE-2021-21198: Out of bounds read in IPC. Reported by Mark Brand - CVE-2021-21199: Use Use after free in Aura. Reported by Weipeng Jiang cifs-utils (2:6.8-2+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * mount.cifs: fix length check for ip option parsing (CVE-2022-27239) (Closes: #1010818) * mount.cifs: fix verbose messages on option parsing (CVE-2022-29869) (Closes: #1010818) clamav (0.103.6+dfsg-0+deb10u1) buster; urgency=medium . * Import 0.103.6 - CVE-2022-20770 (Possible infinite loop vulnerability in the CHM file parser). - CVE-2022-20796 (Possible NULL-pointer dereference crash in the scan verdict cache check). - CVE-2022-20771 (Possible infinite loop vulnerability in the TIFF file parser). - CVE-2022-20785 (Possible memory leak in the HTML file parser/ Javascript normalizer). - CVE-2022-20792 (Possible multi-byte heap buffer overflow write vulnerability in the signature database load module. - Update symbol file. clamav (0.103.5+dfsg-1) unstable; urgency=medium . * Import 0.103.5 - CVE-2022-20698 (Fix for invalid pointer read that may cause a crash). - Update symbol file. clamav (0.103.5+dfsg-0+deb11u1) bullseye; urgency=medium . * Import 0.103.5 - CVE-2022-20698 (Fix for invalid pointer read that may cause a crash). - Update symbol file. commons-daemon (1.0.15-8+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Apply patch from unstable to fix JVM detection. (Closes: #935336) composer (1.8.4-1+deb10u2) buster; urgency=medium . * Fix code injection vulnerability [CVE-2022-24828] (Closes: #1009960) * Update GitHub token pattern (Closes: #989315) * Use Authorization header instead of deprecated access_token query param (Closes: #955485) condor (8.6.8~dfsg.1-2+deb10u1) buster-security; urgency=high . * Non-maintainer upload. * Fix CVE-2019-18823: HTCondor has Incorrect Access Control. It is possible to use a different authentication method to submit a job than the administrator has specified. If the administrator has configured the READ or WRITE methods to include CLAIMTOBE, then it is possible to impersonate another user to the condor_schedd. (For example to submit or remove jobs) * Fix CVE-2022-26110: When a user authenticates to an HTCondor daemon via the CLAIMTOBE method, the user can then impersonate any entity when issuing additional commands to that daemon. cups (2.2.10-6+deb10u6) buster-security; urgency=high . * CVE-2022-26691 Fix certificate comparison. (Thanks to Zdenek Dohnal <zdohnal@redhat.com> for the patch) debian-installer (20190702+deb10u13) buster; urgency=medium . * Bump Linux ABI to 4.19.0-21. debian-installer-netboot-images (20190702+deb10u13) buster; urgency=medium . * Update to 20190702+deb10u13, from buster-proposed-updates. debian-security-support (1:10+2022.08.23) buster; urgency=medium . * Introduce release based versioning and add an epoch to achieve that. See https://lists.debian.org/20200817100153.GA944@layer-acht.org and follow-ups. Closes: #988321 * Makefile.PL: strip epoch from internal version just like ~deb10u1 etc are also dropped. * Update security-support-ended.deb10 from 1:12+2022.08.12 from unstable, thus adding these packages to it: - chromium - ckeditor3 - gpac - libspring-java - slurm-llnl - xen * Update security-support-limited from 1:12+2022.08.12 from unstable, thus adding: - golang - khtml * Drop libv8-3.14, mosjz, mosjz24, swftools and webkitgtk from security-support-limited as they were only present in stretch and earlier. * Also drop glpi, ltp and wine-gecko-2.(21|24) from security-support-limited as they were only present in jessie or earlier. debian-security-support (2020.07.12) unstable; urgency=medium . * Drop support for jessie: - drop security-support-ended.deb8. - set DEB_LOWEST_VER_ID=9 in check-support-status.in. * security-support-limited: - add mozjs68. Closes: #959804, thanks to Simon McVittie for the bug report. - drop glpi as it was only shipped in jessie and before. - drop ltp as it was only shipped in squeeze. - drop wine-gecko-2.(21|24) as they were only present in jessie. * lintian-overrides: drop unused maintainer-script-should-not-use-adduser- system-without-home. debian-security-support (2020.06.21) unstable; urgency=medium . [ Mike Gabriel ] * Add cinder (OpenStack component) to security-support-ended.deb8. debootstrap (1.0.114+deb10u1) buster; urgency=medium . * Non-maintainer upload. * setup_merged_usr: create skip flag when merged-usr is disabled on bookworm+ * Add usr-is-merged to the required set on testing/unstable distro-info-data (0.41+deb10u5) buster; urgency=medium . * Update data to 0.53, without new columns: - Add Ubuntu 22.04 LTS, Jammy Jellyfish. - Add Ubuntu 22.10, Kinetic Kudu. djangorestframework (3.9.0-1+deb10u1) buster-security; urgency=medium . * Backport 4bb9a3c48427867ef1e46f7dee945a4c25a4f9b8 to fix cross-site scripting caused by disabled autoescaping in the default DRF Browsable API view templates (no CVE yet) * Backport ae649336b110afe21b9429f2554052f31a9dfaf9 to address CVE-2020-25626 dpkg (1.19.8) buster-security; urgency=medium . [ Guillem Jover ] * Perl modules: - Dpkg::Source::Archive: Prevent directory traversal for in-place extracts. Reported by Max Justicz <max@justi.cz>. Fixes CVE-2022-1664. * Build system: - Build gitlab CI images for buster instead of sid. . [ Updated man pages translations ] * German (Helge Kreutzmann). dropbear (2018.76-5+deb10u1) buster; urgency=medium . * Backport security fix for CVE-2019-12953: Inconsistent failure delay that may lead to revealing valid usernames. The fix limits password length to 100 bytes. (Closes: #1009062.) Cherry-picked from https://hg.ucc.asn.au/dropbear/rev/228b086794b7 . * d/gbp.conf: Set debian-branch = debian/buster. eboard (1.1.3-0.4~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster. . eboard (1.1.3-0.4) unstable; urgency=medium . * Non-maintainer upload. * Add upstream fix for segfault on engine selection, thanks to Eric Cooper and Bernhard Ãœbelacker. (Closes: #962627) ecdsautils (0.3.2+git20151018-2+deb10u1) buster-security; urgency=medium . * debian/patches: - Add 0001-verify-fix-signature-verification-CVE-2022-24884.patch, Fix CVE-2022-24884: Improper Verification of ECDSA Signatures esorex (3.13.1-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Fix testsuite failures on armhf and ppc64el caused by incorrect libffi usage. (Closes: #934081) * Re-enable Python tests on armhf and ppc64el. (Closes: #893206) evemu (2.7.0-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Add upstream fix for FTBFS with recent kernel headers. (Closes: #971161) exo (0.12.4-1+deb10u1) oldstable-security; urgency=medium . * d/patches: 0001-exo-open-Only-execute-local-.desktop-files.patch added Fix CVE-2022-32278, exo allows executing .desktop files with remote URI scheme. (Closes: #1013129) faad2 (2.10.0-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster, addresses multiple security issues faad2 (2.9.2-1) unstable; urgency=medium . * New upstream version 2.9.2 * Install pkg-config file. * Rules-Requires-Root: no. faad2 (2.9.1-1) unstable; urgency=medium . [ OndÅ™ej Nový ] * Bump Standards-Version to 4.4.1 . [ Fabian Greffrath ] * New upstream version 2.9.1 faad2 (2.9.0-1) unstable; urgency=medium . [ OndÅ™ej Nový ] * Use debhelper-compat instead of debian/compat . [ Fabian Greffrath ] * Ack NMUs, thanks Hugo! * Upstream moved to GitHub, adapt packaging accordingly. * New upstream version 2.9.0. * Remove all patches, applied upstream. * Build reproducibly. * Finish debug symbols package migration. * Bump debhelper-compat to 12. * Bump Standards-Version to 4.4.0. * Add Build-Depends-Package line to the symbols file. faad2 (2.8.8-3.2) unstable; urgency=high . * Non-maintainer upload with maintainer's permission. * debian/patches/gcc-9.patch: Fix build with GCC-9 (thanks Gianfranco Costamagna for the patch) (Closes: #930363). faad2 (2.8.8-3.1) unstable; urgency=medium . * Non-maintainer upload with maintainer's permission. * CVE-2019-6956: Buffer over read in the function ps_mix_phase() (libfaad/ps_dec.c) (Closes: #914641). * CVE-2018-20196: Stack buffer overflow in the function calculate_gain (libfaad/sbr_hfadj.c). * CVE-2018-20199, CVE-2018-20360: NULL pointer dereference in the function ifilter_bank (libfaad/filtbank.c). faad2 (2.8.8-3+deb10u1) buster-security; urgency=medium . * CVE-2018-20196 * CVE-2018-20199 * CVE-2018-20360 * CVE-2019-6956 (Closes: #914641) * CVE-2021-32272 * CVE-2021-32273 * CVE-2021-32274 * CVE-2021-32276 * CVE-2021-32277 * CVE-2021-32278 feature-check (0.2.2-3+deb10u1) buster; urgency=medium . * Add the cmp-num and cmp-rest upstream patches to fix some version string comparisons. Closes: #990276 ffmpeg (7:4.1.9-0+deb10u1) buster-security; urgency=medium . * New upstream release. - Drop 0001-fix-mxfenc-index.patch, contained in new release firefox-esr (91.12.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-29, also known as: CVE-2022-36319, CVE-2022-36318. firefox-esr (91.11.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2022-25, also known as: CVE-2022-34479, CVE-2022-34470, CVE-2022-34468, CVE-2022-34481, CVE-2022-31744, CVE-2022-34472, CVE-2022-2200, CVE-2022-34484. . * build/moz.configure/bindgen.configure, gfx/webrender_bindings/webrender_ffi.h: Work around build failure with newer cbindgen. bz#1773259 firefox-esr (91.11.0esr-1~deb11u1) bullseye-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-25, also known as: CVE-2022-34479, CVE-2022-34470, CVE-2022-34468, CVE-2022-34481, CVE-2022-31744, CVE-2022-34472, CVE-2022-2200, CVE-2022-34484. . * build/moz.configure/bindgen.configure, gfx/webrender_bindings/webrender_ffi.h: Work around build failure with newer cbindgen. bz#1773259 firefox-esr (91.11.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-25, also known as: CVE-2022-34479, CVE-2022-34470, CVE-2022-34468, CVE-2022-34481, CVE-2022-31744, CVE-2022-34472, CVE-2022-2200, CVE-2022-34484. . * build/moz.configure/bindgen.configure, gfx/webrender_bindings/webrender_ffi.h: Work around build failure with newer cbindgen. bz#1773259 firefox-esr (91.10.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2022-21, also known as: CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747. firefox-esr (91.10.0esr-1~deb11u1) bullseye-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-21, also known as: CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747. firefox-esr (91.10.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-21, also known as: CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747. firefox-esr (91.9.1esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2022-19, also known as CVE-2022-1802 and CVE-2022-1529. firefox-esr (91.9.1esr-1~deb11u1) bullseye-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-19, also known as CVE-2022-1802 and CVE-2022-1529. firefox-esr (91.9.1esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-19, also known as CVE-2022-1802 and CVE-2022-1529. firefox-esr (91.9.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2022-17, also known as CVE-2022-29914, CVE-2022-29909, CVE-2022-29916, CVE-2022-29911, CVE-2022-29912, CVE-2022-29917. firefox-esr (91.9.0esr-1~deb11u1) bullseye-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-17, also known as CVE-2022-29914, CVE-2022-29909, CVE-2022-29916, CVE-2022-29911, CVE-2022-29912, CVE-2022-29917. firefox-esr (91.9.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-17, also known as CVE-2022-29914, CVE-2022-29909, CVE-2022-29916, CVE-2022-29911, CVE-2022-29912, CVE-2022-29917. firefox-esr (91.8.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2022-14, also known as CVE-2022-1097, CVE-2022-28281, CVE-2022-1196, CVE-2022-28282, CVE-2022-28285, CVE-2022-28286, CVE-2022-24713, CVE-2022-28289. firefox-esr (91.8.0esr-1~deb11u1) bullseye-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-14, also known as CVE-2022-1097, CVE-2022-28281, CVE-2022-1196, CVE-2022-28282, CVE-2022-28285, CVE-2022-28286, CVE-2022-24713, CVE-2022-28289. firefox-esr (91.8.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-14, also known as CVE-2022-1097, CVE-2022-28281, CVE-2022-1196, CVE-2022-28282, CVE-2022-28285, CVE-2022-28286, CVE-2022-24713, CVE-2022-28289. firefox-esr (91.7.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2022-11, also known as CVE-2022-26383, CVE-2022-26384, CVE-2022-26387, CVE-2022-26381, CVE-2022-26386. firefox-esr (91.7.0esr-1~deb11u1) bullseye-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-11, also known as CVE-2022-26383, CVE-2022-26384, CVE-2022-26387, CVE-2022-26381, CVE-2022-26386. firefox-esr (91.7.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-11, also known as CVE-2022-26383, CVE-2022-26384, CVE-2022-26387, CVE-2022-26381, CVE-2022-26386. firefox-esr (91.6.1esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2022-09, also known as CVE-2022-26485, CVE-2022-26486. firefox-esr (91.6.1esr-1~deb11u1) bullseye-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-09, also known as CVE-2022-26485, CVE-2022-26486. firefox-esr (91.6.1esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-09, also known as CVE-2022-26485, CVE-2022-26486. firefox-esr (91.6.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2022-05, also known as: CVE-2022-22754, CVE-2022-22756, CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22763, CVE-2022-22764. firefox-esr (91.6.0esr-1~deb11u1) bullseye-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-05, also known as: CVE-2022-22754, CVE-2022-22756, CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22763, CVE-2022-22764. . * netwerk/base/SimpleChannel.*, netwerk/base/nsBaseChannel.*, netwerk/protocol/res/ExtensionProtocolHandler.cpp, netwerk/protocol/res/PageThumbProtocolHandler.cpp, toolkit/components/places/nsAnnoProtocolHandler.cpp, dom/file/ipc/RemoteLazyInputStream.cpp: Apply upstream patches to fix excessive CPU usage in web extensions. bz#1706594, bz#1735899. Closes: #1002868. firefox-esr (91.6.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-05, also known as: CVE-2022-22754, CVE-2022-22756, CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22763, CVE-2022-22764. . * netwerk/base/SimpleChannel.*, netwerk/base/nsBaseChannel.*, netwerk/protocol/res/ExtensionProtocolHandler.cpp, netwerk/protocol/res/PageThumbProtocolHandler.cpp, toolkit/components/places/nsAnnoProtocolHandler.cpp, dom/file/ipc/RemoteLazyInputStream.cpp: Apply upstream patches to fix excessive CPU usage in web extensions. bz#1706594, bz#1735899. Closes: #1002868. firefox-esr (91.5.1esr-1) unstable; urgency=medium . * New upstream release. firefox-esr (91.5.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2022-02, also known as: CVE-2022-22743, CVE-2022-22742, CVE-2022-22741, CVE-2022-22740, CVE-2022-22738, CVE-2022-22737, CVE-2021-4140, CVE-2022-22748, CVE-2022-22745, CVE-2022-22747, CVE-2022-22739, CVE-2022-22751. . * netwerk/base/SimpleChannel.*, netwerk/base/nsBaseChannel.*, netwerk/protocol/res/ExtensionProtocolHandler.cpp, netwerk/protocol/res/PageThumbProtocolHandler.cpp, toolkit/components/places/nsAnnoProtocolHandler.cpp, dom/file/ipc/RemoteLazyInputStream.cpp: Apply upstream patches to fix excessive CPU usage in web extensions. bz#1706594, bz#1735899. Closes: #1002868. firefox-esr (91.5.0esr-1~deb11u1) bullseye-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-02, also known as: CVE-2022-22743, CVE-2022-22742, CVE-2022-22741, CVE-2022-22740, CVE-2022-22738, CVE-2022-22737, CVE-2021-4140, CVE-2022-22748, CVE-2022-22745, CVE-2022-22747, CVE-2022-22739, CVE-2022-22751. firefox-esr (91.5.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-02, also known as: CVE-2022-22743, CVE-2022-22742, CVE-2022-22741, CVE-2022-22740, CVE-2022-22738, CVE-2022-22737, CVE-2021-4140, CVE-2022-22748, CVE-2022-22745, CVE-2022-22747, CVE-2022-22739, CVE-2022-22751. . * debian/rules: Build against embedded nspr and nss on bullseye. * debian/control*: Build against rustc-mozilla/cargo-mozilla on relevant older release. * debian/upstream.mk: Add definitions for newer releases of Debian. firefox-esr (91.4.1esr-1~deb11u1) bullseye-security; urgency=medium . * New upstream release. . * debian/rules: Build against embedded nspr and nss on bullseye. * debian/control*: Build against rustc-mozilla/cargo-mozilla on relevant older release. * debian/upstream.mk: Add definitions for newer releases of Debian. firefox-esr (91.4.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes cubeb deadlock. Closes: #998679. * Fixes for mfsa2021-53, also known as: CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43546, MOZ-2021-0009. firefox-esr (91.3.0esr-2) unstable; urgency=medium . * debian/firefox.in: Use `command -v` instead of `which`. Closes: #996455. . * modules/fdlibm/src/math_private.h: Fix FTBFS on i386. bz#1729459. * .cargo/config.in, Cargo.lock, Cargo.toml, third_party/rust/cc/.cargo-checksum.json, third_party/rust/cc/Cargo.toml, third_party/rust/cc/src/lib.rs, third_party/rust/cc/src/windows_registry.rs: Update cc crate to b2f6b146b75299c444e05bbde50d03705c7c4b6e, aka 1.0.71 + GCC-11 fix for armhf. bz#1739040. firefox-esr (91.3.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2021-49, also known as: CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507, MOZ-2021-0008, CVE-2021-38508, CVE-2021-38509, MOZ-2021-0007. (MOZ-* pending CVE assignment) firefox-esr (91.2.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2021-45, also known as: CVE-2021-38496, CVE-2021-38497, CVE-2021-38498, CVE-2021-32810, CVE-2021-38500, CVE-2021-38501. firefox-esr (91.1.0esr-1) experimental; urgency=medium . * New upstream release. * Fixes for mfsa2021-40, also known as CVE-2021-38495. firefox-esr (91.0.1esr-1) experimental; urgency=medium . * New upstream release. * Fixes for mfsa2021-37, also known as CVE-2021-29991. . * debian/import-tar.py, debian/repack.py: Fixed for python 3.9. firefox-esr (91.0esr-1) experimental; urgency=medium . * New upstream release. firefox-esr (78.15.0esr-1~deb11u1) bullseye-security; urgency=medium . * New upstream release. * Fixes for mfsa2021-44, also known as CVE-2021-38496, CVE-2021-38500. firefox-esr (78.15.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2021-44, also known as CVE-2021-38496, CVE-2021-38500. firefox-esr (78.14.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2021-39, also known as CVE-2021-38493. . * debian/import-tar.py, debian/repack.py: Fixed for python 3.9. firefox-esr (78.14.0esr-1~deb11u1) bullseye-security; urgency=medium . * New upstream release. * Fixes for mfsa2021-39, also known as CVE-2021-38493. . * debian/import-tar.py, debian/repack.py: Fixed for python 3.9. firejail (0.9.58.2-2+deb10u3) buster-security; urgency=medium . * Fix local root exploit reachable via --join logic. (CVE-2022-31214) (Closes: #1012510) flac (1.3.2-3+deb10u2) buster; urgency=medium . * Non-maintainer upload by the LTS Team. * CVE-2021-0561 (Closes: #1006339) Add patch to exit at EOS in verify mode. foxtrotgps (1.2.1-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Add upstream fix for FTBFS with new imagemagick. (Closes: #991056) freeradius (3.0.17+dfsg-1.1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * CVE-2019-13456: side-channel leak where 1 in 2048 handshakes fail * CVE-2019-17185: DoS due to multithreaded BN_CTX access * Add upstream fix for a crash bug. (Closes: #992036) freetype (2.9.1-3+deb10u3) buster; urgency=medium . * Add upstream patches to fix multiple vulnerabilities. Closes: #1010183. - CVE-2022-27404: heap buffer overflow via invalid integer decrement in sfnt_init_face(). - CVE-2022-27405: segmentation violation via ft_open_face_internal() when attempting to read the value of FT_LONG face_index. - CVE-2022-27406: segmentation violation via FT_Request_Size() when attempting to read the value of an unguarded face size handle. fribidi (1.0.5-3.1+deb10u2) buster; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2022-25308 stack-buffer-overflow issue in main() * CVE-2022-25309 heap-buffer-overflow issue in fribidi_cap_rtl_to_unicode() * CVE-2022-25310 SEGV issue in fribidi_remove_bidi_marks() (Closes: #1008793) ftgl (2.4.0-2.1~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster. . ftgl (2.4.0-2.1) unstable; urgency=medium . * Non-maintainer upload . [ William Grant ] * Don't try to convert PNG to EPS for latex, as our imagemagick has EPS disabled for security reasons and it seems to work without them. (Closes: #991053) gif2apng (1.9+srconly-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. * CVE-2021-45909, Closes: #1002668: heap based buffer overflow in the DecodeLZW * CVE-2021-45910, Closes: #1002667: heap-based buffer overflow within the main function * CVE-2021-45911, Closes: #1002687: heap based buffer overflow in processing of delays in the main function gnucash (1:3.4-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Add upstream fix for test-gnc-timezone with recent tzdata. (Closes: #978208). gnupg2 (2.2.12-1+deb10u2) buster-security; urgency=high . [ Roger Shimizu ] * d/control: Update Build-Depends: libgpg-error-dev (>= 1.35) . [ Daniel Kahn Gillmor ] * fix broken status line (Closes: #1014157) gnutls28 (3.6.7-4+deb10u8) buster; urgency=medium . * Non-maintainer upload. * Backport 48_testcompat-openssl-improve-testing-against-secured-O.patch to pass testsuite with openssl 1.1.1e. golang-github-docker-go-connections (0.3.0-3+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Add patch to skip tests which use expired certificate. (Closes: #986306) golang-github-pkg-term (0.0~git20181116.27bbf2e-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Fix building on newer 4.19 kernels. (Closes: #1002231) golang-github-russellhaering-goxmldsig (0.0~git20170911.b7efc62-1+deb10u1) buster; urgency=medium . * CVE-2020-7711 null pointer dereference caused by crafted XML signatures (Closes: #968928 * according to ratt, nothing else has to be built grub-efi-amd64-signed (1+2.06+3~deb10u1) buster; urgency=medium . * Update to grub2 2.06-3~deb10u1 grub-efi-amd64-signed (1+2.06+2) unstable; urgency=medium . * Update to grub2 2.06-2 grub-efi-amd64-signed (1+2.04+20) unstable; urgency=medium . * Update to grub2 2.04-20 grub-efi-amd64-signed (1+2.04+19) unstable; urgency=medium . * Update to grub2 2.04-19 grub-efi-amd64-signed (1+2.04+18) unstable; urgency=medium . * Update to grub2 2.04-18 grub-efi-amd64-signed (1+2.04+17) unstable; urgency=medium . * Update to grub2 2.04-17 grub-efi-amd64-signed (1+2.04+16) unstable; urgency=medium . * Update to grub2 2.04-16 grub-efi-amd64-signed (1+2.04+15) unstable; urgency=medium . * Update to grub2 2.04-15 grub-efi-amd64-signed (1+2.04+14) unstable; urgency=medium . * Update to grub2 2.04-14 grub-efi-amd64-signed (1+2.04+12) unstable; urgency=medium . * Update to grub2 2.04-12 grub-efi-amd64-signed (1+2.04+11) unstable; urgency=medium . * Update to grub2 2.04-11 grub-efi-amd64-signed (1+2.04+10) unstable; urgency=medium . * Update to grub2 2.04-10 grub-efi-amd64-signed (1+2.04+9) unstable; urgency=high . * Update to grub2 2.04-9 grub-efi-amd64-signed (1+2.04+8) unstable; urgency=medium . * Update to grub2 2.04-8 grub-efi-amd64-signed (1+2.04+7) unstable; urgency=medium . * Update to grub2 2.04-7 grub-efi-amd64-signed (1+2.04+6) unstable; urgency=medium . * Update to grub2 2.04-6 grub-efi-amd64-signed (1+2.04+5) unstable; urgency=medium . * Update to grub2 2.04-5 grub-efi-amd64-signed (1+2.04+4) unstable; urgency=medium . * Update to grub2 2.04-4 grub-efi-amd64-signed (1+2.04+3) unstable; urgency=medium . * Update to grub2 2.04-3 grub-efi-amd64-signed (1+2.04+2) unstable; urgency=medium . * Update to grub2 2.04-2 grub-efi-amd64-signed (1+2.04+1) unstable; urgency=medium . * Update to grub2 2.04-1 grub-efi-amd64-signed (1+2.04~rc1+3) experimental; urgency=medium . * Update to grub2 2.04~rc1-3 grub-efi-amd64-signed (1+2.04~rc1+2) experimental; urgency=medium . * Update to grub2 2.04~rc1-2 grub-efi-amd64-signed (1+2.04~rc1+1) experimental; urgency=medium . * Update to grub2 2.04~rc1-1 grub-efi-arm64-signed (1+2.06+3~deb10u1) buster; urgency=medium . * Update to grub2 2.06-3~deb10u1 grub-efi-arm64-signed (1+2.06+2) unstable; urgency=medium . * Update to grub2 2.06-2 grub-efi-arm64-signed (1+2.04+20) unstable; urgency=medium . * Update to grub2 2.04-20 grub-efi-arm64-signed (1+2.04+19) unstable; urgency=medium . * Update to grub2 2.04-19 grub-efi-arm64-signed (1+2.04+18) unstable; urgency=medium . * Update to grub2 2.04-18 grub-efi-arm64-signed (1+2.04+17) unstable; urgency=medium . * Update to grub2 2.04-17 grub-efi-arm64-signed (1+2.04+16) unstable; urgency=medium . * Update to grub2 2.04-16 grub-efi-arm64-signed (1+2.04+15) unstable; urgency=medium . * Update to grub2 2.04-15 grub-efi-arm64-signed (1+2.04+14) unstable; urgency=medium . * Update to grub2 2.04-14 grub-efi-arm64-signed (1+2.04+12) unstable; urgency=medium . * Update to grub2 2.04-12 grub-efi-arm64-signed (1+2.04+11) unstable; urgency=medium . * Update to grub2 2.04-11 grub-efi-arm64-signed (1+2.04+10) unstable; urgency=medium . * Update to grub2 2.04-10 grub-efi-arm64-signed (1+2.04+9) unstable; urgency=high . * Update to grub2 2.04-9 grub-efi-arm64-signed (1+2.04+8) unstable; urgency=medium . * Update to grub2 2.04-8 grub-efi-arm64-signed (1+2.04+7) unstable; urgency=medium . * Update to grub2 2.04-7 grub-efi-arm64-signed (1+2.04+6) unstable; urgency=medium . * Update to grub2 2.04-6 grub-efi-arm64-signed (1+2.04+5) unstable; urgency=medium . * Update to grub2 2.04-5 grub-efi-arm64-signed (1+2.04+4) unstable; urgency=medium . * Update to grub2 2.04-4 grub-efi-arm64-signed (1+2.04+3) unstable; urgency=medium . * Update to grub2 2.04-3 grub-efi-arm64-signed (1+2.04+2) unstable; urgency=medium . * Update to grub2 2.04-2 grub-efi-arm64-signed (1+2.04+1) unstable; urgency=medium . * Update to grub2 2.04-1 grub-efi-arm64-signed (1+2.04~rc1+3) experimental; urgency=medium . * Update to grub2 2.04~rc1-3 grub-efi-arm64-signed (1+2.04~rc1+2) experimental; urgency=medium . * Update to grub2 2.04~rc1-2 grub-efi-arm64-signed (1+2.04~rc1+1) experimental; urgency=medium . * Update to grub2 2.04~rc1-1 grub-efi-ia32-signed (1+2.06+3~deb10u1) buster; urgency=medium . * Update to grub2 2.06-3~deb10u1 grub-efi-ia32-signed (1+2.06+2) unstable; urgency=medium . * Update to grub2 2.06-2 grub-efi-ia32-signed (1+2.04+20) unstable; urgency=medium . * Update to grub2 2.04-20 grub-efi-ia32-signed (1+2.04+19) unstable; urgency=medium . * Update to grub2 2.04-19 grub-efi-ia32-signed (1+2.04+18) unstable; urgency=medium . * Update to grub2 2.04-18 grub-efi-ia32-signed (1+2.04+17) unstable; urgency=medium . * Update to grub2 2.04-17 grub-efi-ia32-signed (1+2.04+16) unstable; urgency=medium . * Update to grub2 2.04-16 grub-efi-ia32-signed (1+2.04+15) unstable; urgency=medium . * Update to grub2 2.04-15 grub-efi-ia32-signed (1+2.04+14) unstable; urgency=medium . * Update to grub2 2.04-14 grub-efi-ia32-signed (1+2.04+12) unstable; urgency=medium . * Update to grub2 2.04-12 grub-efi-ia32-signed (1+2.04+11) unstable; urgency=medium . * Update to grub2 2.04-11 grub-efi-ia32-signed (1+2.04+10) unstable; urgency=medium . * Update to grub2 2.04-10 grub-efi-ia32-signed (1+2.04+9) unstable; urgency=high . * Update to grub2 2.04-9 grub-efi-ia32-signed (1+2.04+8) unstable; urgency=medium . * Update to grub2 2.04-8 grub-efi-ia32-signed (1+2.04+7) unstable; urgency=medium . * Update to grub2 2.04-7 grub-efi-ia32-signed (1+2.04+6) unstable; urgency=medium . * Update to grub2 2.04-6 grub-efi-ia32-signed (1+2.04+5) unstable; urgency=medium . * Update to grub2 2.04-5 grub-efi-ia32-signed (1+2.04+4) unstable; urgency=medium . * Update to grub2 2.04-4 grub-efi-ia32-signed (1+2.04+3) unstable; urgency=medium . * Update to grub2 2.04-3 grub-efi-ia32-signed (1+2.04+2) unstable; urgency=medium . * Update to grub2 2.04-2 grub-efi-ia32-signed (1+2.04+1) unstable; urgency=medium . * Update to grub2 2.04-1 grub-efi-ia32-signed (1+2.04~rc1+3) experimental; urgency=medium . * Update to grub2 2.04~rc1-3 grub-efi-ia32-signed (1+2.04~rc1+2) experimental; urgency=medium . * Update to grub2 2.04~rc1-2 grub-efi-ia32-signed (1+2.04~rc1+1) experimental; urgency=medium . * Update to grub2 2.04~rc1-1 grub2 (2.06-3~deb10u1) buster; urgency=medium . [ Steve McIntyre ] * Switch to upstream 2.06 release, and rebuild for buster. - Tweak build-deps etc. for the rebuild. * Updated the 2.06-3 changelog to mention closure of CVE-2022-28736 * Re-enable os-prober by default, don't make that change in a stable update. grub2 (2.06-2) unstable; urgency=medium . * Update to minilzo-2.10, fixing build failures on armel, mips64el, mipsel, and ppc64el. grub2 (2.06-1) unstable; urgency=medium . * Use "command -v" in maintainer scripts rather than "which". * New upstream release. - Switch to the upstream shim_lock verifier, dropping several more manual checks for UEFI Secure Boot. * Cherry-pick from upstream: - fs/xfs: Fix unreadable filesystem with v4 superblock - tests/ahci: Change "ide-drive" deprecated QEMU device name to "ide-hd" (closes: #997100) * Remove dir_to_symlink maintainer script code, which was only needed for upgrades from before jessie. grub2 (2.04-20) unstable; urgency=medium . [ Mathieu Trudel-Lapierre ] * tpm: Pass unknown error as non-fatal, but debug print the error we got (closes: #940911, LP: #1848892). grub2 (2.04-19) unstable; urgency=medium . * Resync grub-install backup and restore patches from upstream, fixing problems that left the system unbootable after certain kinds of failure (closes: #983435). grub2 (2.04-18) unstable; urgency=medium . [ Steve McIntyre ] * Enable the shim_lock and tpm modules for i386-efi too. Ensure that tpm is included in our EFI images. * List the modules we include the EFI images - make it easier to debug things. * Add debug to display what's going on with verifiers . [ Colin Watson ] * util/mkimage: Some fixes to PE binaries section size calculation (closes: #987103). grub2 (2.04-17) unstable; urgency=medium . * Pass --sbat when building the d-i netboot image as well. * i386-pc: build verifiers API as module (thanks, Michael Chang; closes: #984488, #985374). grub2 (2.04-16) unstable; urgency=medium . * Fix broken advice in message when the postinst has to bail out (thanks to Daniel Leidert for pointing out the problem). * Backport security patch series from upstream: - verifiers: Move verifiers API to kernel image - kern: Add lockdown support - kern/lockdown: Set a variable if the GRUB is locked down - efi: Lockdown the GRUB when the UEFI Secure Boot is enabled - efi: Use grub_is_lockdown() instead of hardcoding a disabled modules list - CVE-2020-14372: acpi: Don't register the acpi command when locked down - CVE-2020-27779: mmap: Don't register cutmem and badram commands when lockdown is enforced - commands: Restrict commands that can load BIOS or DT blobs when locked down - commands/setpci: Restrict setpci command when locked down - commands/hdparm: Restrict hdparm command when locked down - gdb: Restrict GDB access when locked down - loader/xnu: Don't allow loading extension and packages when locked down - docs: Document the cutmem command - CVE-2020-25632: dl: Only allow unloading modules that are not dependencies - CVE-2020-25647: usb: Avoid possible out-of-bound accesses caused by malicious devices - mmap: Fix memory leak when iterating over mapped memory - net/net: Fix possible dereference to of a NULL pointer - net/tftp: Fix dangling memory pointer - kern/parser: Fix resource leak if argc == 0 - kern/efi: Fix memory leak on failure - kern/efi/mm: Fix possible NULL pointer dereference - gnulib/regexec: Resolve unused variable - gnulib/regcomp: Fix uninitialized token structure - gnulib/argp-help: Fix dereference of a possibly NULL state - gnulib/regexec: Fix possible null-dereference - gnulib/regcomp: Fix uninitialized re_token - io/lzopio: Resolve unnecessary self-assignment errors - zstd: Initialize seq_t structure fully - kern/partition: Check for NULL before dereferencing input string - disk/ldm: Make sure comp data is freed before exiting from make_vg() - disk/ldm: If failed then free vg variable too - disk/ldm: Fix memory leak on uninserted lv references - disk/cryptodisk: Fix potential integer overflow - hfsplus: Check that the volume name length is valid - zfs: Fix possible negative shift operation - zfs: Fix resource leaks while constructing path - zfs: Fix possible integer overflows - zfsinfo: Correct a check for error allocating memory - affs: Fix memory leaks - libgcrypt/mpi: Fix possible unintended sign extension - libgcrypt/mpi: Fix possible NULL dereference - syslinux: Fix memory leak while parsing - normal/completion: Fix leaking of memory when processing a completion - commands/hashsum: Fix a memory leak - video/efi_gop: Remove unnecessary return value of grub_video_gop_fill_mode_info() - video/fb/fbfill: Fix potential integer overflow - video/fb/video_fb: Fix multiple integer overflows - video/fb/video_fb: Fix possible integer overflow - video/readers/jpeg: Test for an invalid next marker reference from a jpeg file - gfxmenu/gui_list: Remove code that coverity is flagging as dead - loader/bsd: Check for NULL arg up-front - loader/xnu: Fix memory leak - loader/xnu: Free driverkey data when an error is detected in grub_xnu_writetree_toheap() - loader/xnu: Check if pointer is NULL before using it - util/grub-install: Fix NULL pointer dereferences - util/grub-editenv: Fix incorrect casting of a signed value - util/glue-efi: Fix incorrect use of a possibly negative value - script/execute: Fix NULL dereference in grub_script_execute_cmdline() - commands/ls: Require device_name is not NULL before printing - script/execute: Avoid crash when using "$#" outside a function scope - CVE-2021-20225: lib/arg: Block repeated short options that require an argument - script/execute: Don't crash on a "for" loop with no items - CVE-2021-20233: commands/menuentry: Fix quoting in setparams_prefix() - kern/misc: Always set *end in grub_strtoull() - video/readers/jpeg: Catch files with unsupported quantization or Huffman tables - video/readers/jpeg: Catch OOB reads/writes in grub_jpeg_decode_du() - video/readers/jpeg: Don't decode data before start of stream - term/gfxterm: Don't set up a font with glyphs that are too big - fs/fshelp: Catch impermissibly large block sizes in read helper - fs/hfsplus: Don't fetch a key beyond the end of the node - fs/hfsplus: Don't use uninitialized data on corrupt filesystems - fs/hfs: Disable under lockdown - fs/sfs: Fix over-read of root object name - fs/jfs: Do not move to leaf level if name length is negative - fs/jfs: Limit the extents that getblk() can consider - fs/jfs: Catch infinite recursion - fs/nilfs2: Reject too-large keys - fs/nilfs2: Don't search children if provided number is too large - fs/nilfs2: Properly bail on errors in grub_nilfs2_btree_node_lookup() - io/gzio: Bail if gzio->tl/td is NULL - io/gzio: Add init_dynamic_block() clean up if unpacking codes fails - io/gzio: Catch missing values in huft_build() and bail - io/gzio: Zero gzio->tl/td in init_dynamic_block() if huft_build() fails - disk/lvm: Don't go beyond the end of the data we read from disk - disk/lvm: Don't blast past the end of the circular metadata buffer - disk/lvm: Bail on missing PV list - disk/lvm: Do not crash if an expected string is not found - disk/lvm: Do not overread metadata - disk/lvm: Sanitize rlocn->offset to prevent wild read - disk/lvm: Do not allow a LV to be it's own segment's node's LV - fs/btrfs: Validate the number of stripes/parities in RAID5/6 - fs/btrfs: Squash some uninitialized reads - kern/parser: Fix a memory leak - kern/parser: Introduce process_char() helper - kern/parser: Introduce terminate_arg() helper - kern/parser: Refactor grub_parser_split_cmdline() cleanup - kern/buffer: Add variable sized heap buffer - CVE-2020-27749: kern/parser: Fix a stack buffer overflow - kern/efi: Add initial stack protector implementation - util/mkimage: Remove unused code to add BSS section - util/mkimage: Use grub_host_to_target32() instead of grub_cpu_to_le32() - util/mkimage: Always use grub_host_to_target32() to initialize PE stack and heap stuff - util/mkimage: Unify more of the PE32 and PE32+ header set-up - util/mkimage: Reorder PE optional header fields set-up - util/mkimage: Improve data_size value calculation - util/mkimage: Refactor section setup to use a helper - util/mkimage: Add an option to import SBAT metadata into a .sbat section - grub-install-common: Add --sbat option - kern/misc: Split parse_printf_args() into format parsing and va_list handling - kern/misc: Add STRING type for internal printf() format handling - kern/misc: Add function to check printf() format against expected format - gfxmenu/gui: Check printf() format in the gui_progress_bar and gui_label - kern/mm: Fix grub_debug_calloc() compilation error * Add SBAT section (thanks, Chris Coulson). grub2 (2.04-15) unstable; urgency=medium . * Demote grub-common → mtools dependency to Suggests, to go with xorriso; explain the situation in the package description (closes: #982313). grub2 (2.04-14) unstable; urgency=medium . [ Raphaël Hertzog ] * Extend grub-efi to also cover arm64/ia64/arm (closes: #981819). . [ Colin Watson ] * Cherry-pick from upstream: - grub-install: Fix inverted test for NLS enabled when copying locales (closes: #979754). * Fix handling of trailing commas in grub-pc/install_devices (closes: #913928). * Make grub-firmware-qemu Recommend/Enhance qemu-system-x86, not qemu (closes: #966243). * Make grub-common depend on mtools on EFI platforms, for grub-mkrescue (closes: #774910). grub2 (2.04-13) unstable; urgency=medium . [ Steve McIntyre ] * Switch to using the efivarfs interface for detecting "system setup" (Closes: #979299) grub2 (2.04-12) unstable; urgency=medium . * Cherry-pick from upstream: - mdraid1x_linux: Fix gcc10 error -Werror=array-bounds - zfs: Fix gcc10 error -Werror=zero-length-bounds * Build with GCC 10 (closes: #978515). grub2 (2.04-11) unstable; urgency=medium . * grub-install: Fix backup restoration on i386. grub2 (2.04-10) unstable; urgency=medium . [ Ian Campbell ] * Remove myself from uploaders. . [ Colin Watson ] * When upgrading grub-pc noninteractively, bail out if grub-install fails. It's better to fail the upgrade than to produce a possibly-unbootable system. * Explicitly check whether the target device exists before running grub-install, since grub-install copies modules to /boot/grub/ before installing the core image, and the new modules might be incompatible with the old core image (closes: #966575). * Cherry-pick from upstream: - tftp: Roll-over block counter to prevent data packets timeouts (LP: #1892290). . [ Dimitri John Ledkov ] * grub-install: Add backup and restore. * Don't call grub-install on fresh install of grub-pc. It's the job of installers to do that after a fresh install. grub2 (2.04-9) unstable; urgency=high . * Backport security patch series from upstream: - CVE-2020-10713: yylex: Make lexer fatal errors actually be fatal - safemath: Add some arithmetic primitives that check for overflow - calloc: Make sure we always have an overflow-checking calloc() available - CVE-2020-14308: calloc: Use calloc() at most places - CVE-2020-14309, CVE-2020-14310, CVE-2020-14311: malloc: Use overflow checking primitives where we do complex allocations - iso9660: Don't leak memory on realloc() failures - font: Do not load more than one NAME section - gfxmenu: Fix double free in load_image() - xnu: Fix double free in grub_xnu_devprop_add_property() - lzma: Make sure we don't dereference past array - term: Fix overflow on user inputs - udf: Fix memory leak - multiboot2: Fix memory leak if grub_create_loader_cmdline() fails - tftp: Do not use priority queue - relocator: Protect grub_relocator_alloc_chunk_addr() input args against integer underflow/overflow - relocator: Protect grub_relocator_alloc_chunk_align() max_addr against integer underflow - script: Remove unused fields from grub_script_function struct - CVE-2020-15706: script: Avoid a use-after-free when redefining a function during execution - relocator: Fix grub_relocator_alloc_chunk_align() top memory allocation - hfsplus: fix two more overflows - lvm: fix two more potential data-dependent alloc overflows - emu: make grub_free(NULL) safe - efi: fix some malformed device path arithmetic errors - Fix a regression caused by "efi: fix some malformed device path arithmetic errors" - update safemath with fallback code for gcc older than 5.1 - efi: Fix use-after-free in halt/reboot path - linux loader: avoid overflow on initrd size calculation * CVE-2020-15707: linux: Fix integer overflows in initrd size handling * Apply overflow checking to allocations in Debian patches: - bootp: Fix integer overflow in parse_dhcp6_option - unix/config: Fix integer overflow in grub_util_load_config - deviceiter: Fix integer overflow in grub_util_iterate_devices grub2 (2.04-8) unstable; urgency=medium . [ Vincent Lefevre ] * Fix typos in /etc/grub.d/05_debian_theme. Closes: #959484 . [ Fabian Greffrath ] * Change font dependency to fonts-dejavu-core. Closes: #912846 . [ Colin Watson ] * Cherry-pick from upstream: - templates/20_linux_xen: Ignore xenpolicy and config files too. - templates/20_linux_xen: Support Xen Security Modules (XSM/FLASK). . [ Ian Jackson ] * 20_linux_xen: Do not load XSM policy in non-XSM options (closes: #961673). grub2 (2.04-7) unstable; urgency=medium . [ Christian Göttsche ] * Create grub default configuration with default SELinux context. . [ Steve McIntyre ] * In the signed packages, change the version dependency on grub-common to be >= and not =. This will allow for installation in unstable to still work in the window while we wait for the template package to do its second trip through the archive. * Tweak the build-dep architecture listing for libefiboot-dev and libefivar-dev. The linux-* wildcards don't work in the way expected, and were missing out (at least) armhf and armel. Closes: #958461 grub2 (2.04-6) unstable; urgency=medium . [ Romain Perier ] * Add f2fs module to signed UEFI images . [ Steve McIntyre ] * Add jfs module to signed UEFI images. Closes: #950959 . [ Colin Watson ] * Drop mkconfig-mid-upgrade.patch; it was only needed for upgrades from GRUB 1.99 (now a long time ago) and can inappropriately hide problems when /etc/grub.d/00_header should have been updated but wasn't (closes: #953201). * Cherry-pick from upstream: - btrfs: Add support for new RAID1C34 profiles (closes: #958236). grub2 (2.04-5) unstable; urgency=medium . * Cherry-pick from upstream: - verifiers: Blocklist fallout cleanup (this was one cause of a build failure on hurd-i386, though may not be the only one). * Only recommend grub-efi-*-signed on the architectures where they exist. grub2 (2.04-4) unstable; urgency=medium . [ Thomas Gaugler ] * Add leading / to prefix of network boot image for d-i. . [ Martin von Wittich ] * upgrade-from-grub-legacy: Set DPKG_MAINTSCRIPT_NAME and DPKG_MAINTSCRIPT_PACKAGE when calling grub-pc.postinst manually (closes: #943387). . [ Colin Watson ] * Use policy-compliant architecture wildcards in libefiboot-dev and libefivar-dev build-dependencies. * Build with GCC 9 (closes: #944166). grub2 (2.04-3) unstable; urgency=medium . * Apply patch from James Clarke to fix BIOS Boot Partition support on sparc64 (closes: #931969). * Fix UEFI installation for Devuan (thanks, Ivan J.; closes: #932966). * Add probe module to signed UEFI images (closes: #936082). grub2 (2.04-2) unstable; urgency=medium . [ James Clarke ] * Only Build-Depend on libefiboot-dev and libefivar-dev on Linux architectures, since they're Linux-only. . [ Colin Watson ] * Use debhelper-compat instead of debian/compat. * debian/apport/source_grub2.py: - Avoid star import. - Fix flake8 errors. * Run gentpl.py with python3. grub2 (2.04-1) unstable; urgency=medium . * New upstream release. * debian/upstream/signing-key.asc: Add signing key of new upstream maintainer (Daniel Kiper). . grub2 (2.04~rc1-3) experimental; urgency=medium . [ Will Thompson ] * Fix --disable-quiet-boot. . [ Steve Langasek ] * If we don't have writable grubenv and we're on EFI, always show the menu (merged from Ubuntu). . [ Steve McIntyre ] * Make all the signed EFI arches have a Recommends: from grub-efi-ARCH-signed to shim-signed, not just amd64. Closes: #931038 * Add myself to Uploaders . [ Colin Watson ] * Squash linuxefi* patches into a single patch. . grub2 (2.04~rc1-2) experimental; urgency=medium . [ Colin Watson ] * debian/build-efi-images: Add tpm on x86_64-efi (thanks, Chris Coulson). . [ Steve McIntyre ] * Add the ntfs module to signed UEFI images. Closes: #923855 * Add the cpuid module to signed UEFI images. Closes: #928628 * Add the play module to signed UEFI images. Closes: #930290 * Add an extra di-specific version of the UEFI netboot image with a different baked-in prefix value. Helps to fix #928750. * Deal with --force-extra-removable with signed shim too. Closes: #930531 . grub2 (2.04~rc1-1) experimental; urgency=medium . * New upstream release candidate. - getroot: Save/restore CWD more reliably on Unix (closes: #918700). * Rename patches to use "-" as a separator rather than "_" (except when referring to a file, function, or command containing a "_"). * Fix format of debian/copyright. grub2 (2.04~rc1-3) experimental; urgency=medium . [ Will Thompson ] * Fix --disable-quiet-boot. . [ Steve Langasek ] * If we don't have writable grubenv and we're on EFI, always show the menu (merged from Ubuntu). . [ Steve McIntyre ] * Make all the signed EFI arches have a Recommends: from grub-efi-ARCH-signed to shim-signed, not just amd64. Closes: #931038 * Add myself to Uploaders . [ Colin Watson ] * Squash linuxefi* patches into a single patch. grub2 (2.04~rc1-2) experimental; urgency=medium . [ Colin Watson ] * debian/build-efi-images: Add tpm on x86_64-efi (thanks, Chris Coulson). . [ Steve McIntyre ] * Add the ntfs module to signed UEFI images. Closes: #923855 * Add the cpuid module to signed UEFI images. Closes: #928628 * Add the play module to signed UEFI images. Closes: #930290 * Add an extra di-specific version of the UEFI netboot image with a different baked-in prefix value. Helps to fix #928750. * Deal with --force-extra-removable with signed shim too. Closes: #930531 grub2 (2.04~rc1-1) experimental; urgency=medium . * New upstream release candidate. - getroot: Save/restore CWD more reliably on Unix (closes: #918700). * Rename patches to use "-" as a separator rather than "_" (except when referring to a file, function, or command containing a "_"). * Fix format of debian/copyright. gsasl (1.8.0-8+deb10u1) buster-security; urgency=medium . * CVE-2022-2469 gzip (1.9-3+deb10u1) buster-security; urgency=high . * zgrep: fix arbitrary-file-write vulnerability addressing CVE-2022-1271 (closes: #1009168) * debian/rules: set execute mode bit on test scripts htmldoc (1.9.3-1+deb10u4) buster; urgency=medium . * Non-maintainer upload. * CVE-2022-24191 Infinite loop in the gif_read_lzw function can lead to a pointer arbitrarily pointing to heap memory and resulting in a buffer overflow. * CVE-2022-27114 Integer Overflow bugs in image.cxx, malloc function may return a heap block smaller than the expected size, and it will cause a buffer overflow/Address boundary error in the jpeg_read_scanlines function. * CVE-2022-28085 A heap buffer overflow in the function pdf_write_names in ps-pdf.cxx may lead to arbitrary code execution and Denial of Service (DoS). intel-microcode (3.20220510.1~deb10u1) buster-security; urgency=medium . * Backport to Debian buster (no relevant changes) * Update upstream changelog with INTEL-00615 information * Mitigates INTEL-00615: CVE-2022-21151, CVE-2022-21166, CVE-2022-21127, CVE-2022-21125, CVE-2022-21123 . intel-microcode (3.20220510.1) unstable; urgency=medium . * New upstream microcode datafile 20220510 * Fixes INTEL-SA-000617, CVE-2022-21151: Processor optimization removal or modification of security-critical code may allow an authenticated user to potentially enable information disclosure via local access (closes: #1010947) * Fixes several errata (functional issues) on Xeon Scalable, Atom C3000, Atom E3900 * New Microcodes: sig 0x00090672, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 sig 0x00090675, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 sig 0x000906a3, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992 sig 0x000906a4, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992 sig 0x000b06f2, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 sig 0x000b06f5, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 * Updated Microcodes: sig 0x00030679, pf_mask 0x0f, 2019-07-10, rev 0x090d, size 52224 sig 0x000406e3, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 106496 sig 0x00050653, pf_mask 0x97, 2021-11-13, rev 0x100015d, size 34816 sig 0x00050654, pf_mask 0xb7, 2021-11-13, rev 0x2006d05, size 43008 sig 0x00050656, pf_mask 0xbf, 2021-12-10, rev 0x4003302, size 37888 sig 0x00050657, pf_mask 0xbf, 2021-12-10, rev 0x5003302, size 37888 sig 0x0005065b, pf_mask 0xbf, 2021-11-19, rev 0x7002501, size 29696 sig 0x000506c9, pf_mask 0x03, 2021-11-16, rev 0x0048, size 17408 sig 0x000506e3, pf_mask 0x36, 2021-11-12, rev 0x00f0, size 109568 sig 0x000506f1, pf_mask 0x01, 2021-12-02, rev 0x0038, size 11264 sig 0x000606a6, pf_mask 0x87, 2022-03-30, rev 0xd000363, size 294912 sig 0x000706a1, pf_mask 0x01, 2021-11-22, rev 0x003a, size 75776 sig 0x000706a8, pf_mask 0x01, 2021-11-22, rev 0x001e, size 75776 sig 0x000706e5, pf_mask 0x80, 2022-03-09, rev 0x00b0, size 112640 sig 0x000806a1, pf_mask 0x10, 2022-03-26, rev 0x0031, size 34816 sig 0x000806c1, pf_mask 0x80, 2022-02-01, rev 0x00a4, size 109568 sig 0x000806c2, pf_mask 0xc2, 2021-12-07, rev 0x0026, size 97280 sig 0x000806d1, pf_mask 0xc2, 2021-12-07, rev 0x003e, size 102400 sig 0x000806e9, pf_mask 0x10, 2021-11-12, rev 0x00f0, size 105472 sig 0x000806e9, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472 sig 0x000806ea, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472 sig 0x000806eb, pf_mask 0xd0, 2021-11-15, rev 0x00f0, size 105472 sig 0x000806ec, pf_mask 0x94, 2021-11-17, rev 0x00f0, size 105472 sig 0x00090661, pf_mask 0x01, 2022-02-03, rev 0x0016, size 20480 sig 0x000906c0, pf_mask 0x01, 2022-02-19, rev 0x24000023, size 20480 sig 0x000906e9, pf_mask 0x2a, 2021-11-12, rev 0x00f0, size 108544 sig 0x000906ea, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448 sig 0x000906eb, pf_mask 0x02, 2021-11-12, rev 0x00f0, size 105472 sig 0x000906ec, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448 sig 0x000906ed, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 104448 sig 0x000a0652, pf_mask 0x20, 2021-11-16, rev 0x00f0, size 96256 sig 0x000a0653, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 97280 sig 0x000a0655, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 96256 sig 0x000a0660, pf_mask 0x80, 2021-11-15, rev 0x00f0, size 96256 sig 0x000a0661, pf_mask 0x80, 2021-11-16, rev 0x00f0, size 96256 sig 0x000a0671, pf_mask 0x02, 2022-03-09, rev 0x0053, size 103424 * source: update symlinks to reflect id of the latest release, 20220510 . intel-microcode (3.20220419.1) unstable; urgency=medium . * New upstream microcode datafile 20220419 * Fixes errata APLI-11 in Atom E3900 series processors * Updated Microcodes: sig 0x000506ca, pf_mask 0x03, 2021-11-16, rev 0x0028, size 16384 * source: update symlinks to reflect id of the latest release, 20220419 intel-microcode (3.20220207.1) unstable; urgency=medium . * upstream changelog: new upstream datafile 20220207 * Mitigates (*only* when loaded from UEFI firmware through the FIT) CVE-2021-0146, INTEL-SA-00528: VT-d privilege escalation through debug port, on Pentium, Celeron and Atom processors with signatures 0x506c9, 0x506ca, 0x506f1, 0x706a1, 0x706a8 https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/57#issuecomment-1036363145 * Mitigates CVE-2021-0127, INTEL-SA-00532: an unexpected code breakpoint may cause a system hang, on many processors. * Mitigates CVE-2021-0145, INTEL-SA-00561: information disclosure due to improper sanitization of shared resources (fast-store forward predictor), on many processors. * Mitigates CVE-2021-33120, INTEL-SA-00589: out-of-bounds read on some Atom Processors may allow information disclosure or denial of service via network access. * Fixes critical errata (functional issues) on many processors * Adds a MSR switch to enable RAPL filtering (default off, once enabled it can only be disabled by poweroff or reboot). Useful to protect SGX and other threads from side-channel info leak. Improves the mitigation for CVE-2020-8694, CVE-2020-8695, INTEL-SA-00389 on many processors. * Disables TSX in more processor models. * Fixes issue with WBINDV on multi-socket (server) systems which could cause resets and unpredictable system behavior. * Adds a MSR switch to 10th and 11th-gen (Ice Lake, Tiger Lake, Rocket Lake) processors, to control a fix for (hopefully rare) unpredictable processor behavior when HyperThreading is enabled. This MSR switch is enabled by default on *server* processors. On other processors, it needs to be explicitly enabled by an updated UEFI/BIOS (with added configuration logic). An updated operating system kernel might also be able to enable it. When enabled, this fix can impact performance. * Updated Microcodes: sig 0x000306f2, pf_mask 0x6f, 2021-08-11, rev 0x0049, size 38912 sig 0x000306f4, pf_mask 0x80, 2021-05-24, rev 0x001a, size 23552 sig 0x000406e3, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 105472 sig 0x00050653, pf_mask 0x97, 2021-05-26, rev 0x100015c, size 34816 sig 0x00050654, pf_mask 0xb7, 2021-06-16, rev 0x2006c0a, size 43008 sig 0x00050656, pf_mask 0xbf, 2021-08-13, rev 0x400320a, size 35840 sig 0x00050657, pf_mask 0xbf, 2021-08-13, rev 0x500320a, size 36864 sig 0x0005065b, pf_mask 0xbf, 2021-06-04, rev 0x7002402, size 28672 sig 0x00050663, pf_mask 0x10, 2021-06-12, rev 0x700001c, size 28672 sig 0x00050664, pf_mask 0x10, 2021-06-12, rev 0xf00001a, size 27648 sig 0x00050665, pf_mask 0x10, 2021-09-18, rev 0xe000014, size 23552 sig 0x000506c9, pf_mask 0x03, 2021-05-10, rev 0x0046, size 17408 sig 0x000506ca, pf_mask 0x03, 2021-05-10, rev 0x0024, size 16384 sig 0x000506e3, pf_mask 0x36, 2021-04-29, rev 0x00ec, size 108544 sig 0x000506f1, pf_mask 0x01, 2021-05-10, rev 0x0036, size 11264 sig 0x000606a6, pf_mask 0x87, 2021-12-03, rev 0xd000331, size 291840 sig 0x000706a1, pf_mask 0x01, 2021-05-10, rev 0x0038, size 74752 sig 0x000706a8, pf_mask 0x01, 2021-05-10, rev 0x001c, size 75776 sig 0x000706e5, pf_mask 0x80, 2021-05-26, rev 0x00a8, size 110592 sig 0x000806a1, pf_mask 0x10, 2021-09-02, rev 0x002d, size 34816 sig 0x000806c1, pf_mask 0x80, 2021-08-06, rev 0x009a, size 109568 sig 0x000806c2, pf_mask 0xc2, 2021-07-16, rev 0x0022, size 96256 sig 0x000806d1, pf_mask 0xc2, 2021-07-16, rev 0x003c, size 101376 sig 0x000806e9, pf_mask 0x10, 2021-04-28, rev 0x00ec, size 104448 sig 0x000806e9, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 104448 sig 0x000806ea, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 103424 sig 0x000806eb, pf_mask 0xd0, 2021-04-28, rev 0x00ec, size 104448 sig 0x000806ec, pf_mask 0x94, 2021-04-28, rev 0x00ec, size 104448 sig 0x00090661, pf_mask 0x01, 2021-09-21, rev 0x0015, size 20480 sig 0x000906c0, pf_mask 0x01, 2021-08-09, rev 0x2400001f, size 20480 sig 0x000906e9, pf_mask 0x2a, 2021-04-29, rev 0x00ec, size 106496 sig 0x000906ea, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 102400 sig 0x000906eb, pf_mask 0x02, 2021-04-28, rev 0x00ec, size 104448 sig 0x000906ec, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424 sig 0x000906ed, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424 sig 0x000a0652, pf_mask 0x20, 2021-04-28, rev 0x00ec, size 93184 sig 0x000a0653, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 94208 sig 0x000a0655, pf_mask 0x22, 2021-04-28, rev 0x00ee, size 94208 sig 0x000a0660, pf_mask 0x80, 2021-04-28, rev 0x00ea, size 94208 sig 0x000a0661, pf_mask 0x80, 2021-04-29, rev 0x00ec, size 93184 sig 0x000a0671, pf_mask 0x02, 2021-08-29, rev 0x0050, size 102400 * Removed Microcodes: sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 * update .gitignore and debian/.gitignore. Add some missing items from .gitignore and debian/.gitignore. * ucode-blacklist: do not late-load 0x406e3 and 0x506e3. When the BIOS microcode is older than revision 0x7f (and perhaps in some other cases as well), the latest microcode updates for 0x406e3 and 0x506e3 must be applied using the early update method. Otherwise, the system might hang. Also: there must not be any other intermediate microcode update attempts [other than the one done by the BIOS itself], either. It must go from the BIOS microcode update directly to the latest microcode update. * source: update symlinks to reflect id of the latest release, 20220207 intel-microcode (3.20220207.1~deb11u1) bullseye; urgency=medium . * Backport for Debian stable (no changes) * Release manager: this is the same package already in bullseye-backports, testing and unstable. It fixes several security issues, adds MSRs that can be enabled by updated kernels for enhanced security mitigaton, and also fixes several critical "functional issues" (i.e. processor errata). There were no reports to date of regressions introduced by this microcode drelease. . intel-microcode (3.20220207.1) unstable; urgency=medium . * upstream changelog: new upstream datafile 20220207 * Mitigates (*only* when loaded from UEFI firmware through the FIT) CVE-2021-0146, INTEL-SA-00528: VT-d privilege escalation through debug port, on Pentium, Celeron and Atom processors with signatures 0x506c9, 0x506ca, 0x506f1, 0x706a1, 0x706a8 https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/57#issuecomment-1036363145 * Mitigates CVE-2021-0127, INTEL-SA-00532: an unexpected code breakpoint may cause a system hang, on many processors. * Mitigates CVE-2021-0145, INTEL-SA-00561: information disclosure due to improper sanitization of shared resources (fast-store forward predictor), on many processors. * Mitigates CVE-2021-33120, INTEL-SA-00589: out-of-bounds read on some Atom Processors may allow information disclosure or denial of service via network access. * Fixes critical errata (functional issues) on many processors * Adds a MSR switch to enable RAPL filtering (default off, once enabled it can only be disabled by poweroff or reboot). Useful to protect SGX and other threads from side-channel info leak. Improves the mitigation for CVE-2020-8694, CVE-2020-8695, INTEL-SA-00389 on many processors. * Disables TSX in more processor models. * Fixes issue with WBINDV on multi-socket (server) systems which could cause resets and unpredictable system behavior. * Adds a MSR switch to 10th and 11th-gen (Ice Lake, Tiger Lake, Rocket Lake) processors, to control a fix for (hopefully rare) unpredictable processor behavior when HyperThreading is enabled. This MSR switch is enabled by default on *server* processors. On other processors, it needs to be explicitly enabled by an updated UEFI/BIOS (with added configuration logic). An updated operating system kernel might also be able to enable it. When enabled, this fix can impact performance. * Updated Microcodes: sig 0x000306f2, pf_mask 0x6f, 2021-08-11, rev 0x0049, size 38912 sig 0x000306f4, pf_mask 0x80, 2021-05-24, rev 0x001a, size 23552 sig 0x000406e3, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 105472 sig 0x00050653, pf_mask 0x97, 2021-05-26, rev 0x100015c, size 34816 sig 0x00050654, pf_mask 0xb7, 2021-06-16, rev 0x2006c0a, size 43008 sig 0x00050656, pf_mask 0xbf, 2021-08-13, rev 0x400320a, size 35840 sig 0x00050657, pf_mask 0xbf, 2021-08-13, rev 0x500320a, size 36864 sig 0x0005065b, pf_mask 0xbf, 2021-06-04, rev 0x7002402, size 28672 sig 0x00050663, pf_mask 0x10, 2021-06-12, rev 0x700001c, size 28672 sig 0x00050664, pf_mask 0x10, 2021-06-12, rev 0xf00001a, size 27648 sig 0x00050665, pf_mask 0x10, 2021-09-18, rev 0xe000014, size 23552 sig 0x000506c9, pf_mask 0x03, 2021-05-10, rev 0x0046, size 17408 sig 0x000506ca, pf_mask 0x03, 2021-05-10, rev 0x0024, size 16384 sig 0x000506e3, pf_mask 0x36, 2021-04-29, rev 0x00ec, size 108544 sig 0x000506f1, pf_mask 0x01, 2021-05-10, rev 0x0036, size 11264 sig 0x000606a6, pf_mask 0x87, 2021-12-03, rev 0xd000331, size 291840 sig 0x000706a1, pf_mask 0x01, 2021-05-10, rev 0x0038, size 74752 sig 0x000706a8, pf_mask 0x01, 2021-05-10, rev 0x001c, size 75776 sig 0x000706e5, pf_mask 0x80, 2021-05-26, rev 0x00a8, size 110592 sig 0x000806a1, pf_mask 0x10, 2021-09-02, rev 0x002d, size 34816 sig 0x000806c1, pf_mask 0x80, 2021-08-06, rev 0x009a, size 109568 sig 0x000806c2, pf_mask 0xc2, 2021-07-16, rev 0x0022, size 96256 sig 0x000806d1, pf_mask 0xc2, 2021-07-16, rev 0x003c, size 101376 sig 0x000806e9, pf_mask 0x10, 2021-04-28, rev 0x00ec, size 104448 sig 0x000806e9, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 104448 sig 0x000806ea, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 103424 sig 0x000806eb, pf_mask 0xd0, 2021-04-28, rev 0x00ec, size 104448 sig 0x000806ec, pf_mask 0x94, 2021-04-28, rev 0x00ec, size 104448 sig 0x00090661, pf_mask 0x01, 2021-09-21, rev 0x0015, size 20480 sig 0x000906c0, pf_mask 0x01, 2021-08-09, rev 0x2400001f, size 20480 sig 0x000906e9, pf_mask 0x2a, 2021-04-29, rev 0x00ec, size 106496 sig 0x000906ea, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 102400 sig 0x000906eb, pf_mask 0x02, 2021-04-28, rev 0x00ec, size 104448 sig 0x000906ec, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424 sig 0x000906ed, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424 sig 0x000a0652, pf_mask 0x20, 2021-04-28, rev 0x00ec, size 93184 sig 0x000a0653, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 94208 sig 0x000a0655, pf_mask 0x22, 2021-04-28, rev 0x00ee, size 94208 sig 0x000a0660, pf_mask 0x80, 2021-04-28, rev 0x00ea, size 94208 sig 0x000a0661, pf_mask 0x80, 2021-04-29, rev 0x00ec, size 93184 sig 0x000a0671, pf_mask 0x02, 2021-08-29, rev 0x0050, size 102400 * Removed Microcodes: sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 * update .gitignore and debian/.gitignore. Add some missing items from .gitignore and debian/.gitignore. * ucode-blacklist: do not late-load 0x406e3 and 0x506e3. When the BIOS microcode is older than revision 0x7f (and perhaps in some other cases as well), the latest microcode updates for 0x406e3 and 0x506e3 must be applied using the early update method. Otherwise, the system might hang. Also: there must not be any other intermediate microcode update attempts [other than the one done by the BIOS itself], either. It must go from the BIOS microcode update directly to the latest microcode update. * source: update symlinks to reflect id of the latest release, 20220207 iptables-netflow (2.3-5+deb10u1) buster; urgency=high . * Fix DKMS build failure regression caused by Linux upstream changes in the 4.19.191 kernel by cherry-picking ipt_NETFLOW upstream commits adfc6318 (initial fix for kernel 5.9) and 352cdb28 (removing the special casing for older kernels). (Closes: #990123) isync (1.3.0-2.2~deb10u2) buster; urgency=medium . * Non-maintainer upload. * Fix CVE-2021-3657: A flaw was found in mbsync. Due to inadequate handling of extremely large (>=2GiB) IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for remote code execution. kannel (1.4.5-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. . [ Robie Basak ] * Disable PostScript documentation generation to fix the build now that ImageMagick PostScript conversion is no longer permitted. (Closes: #991058) krb5 (1.17-3+deb10u4) buster; urgency=medium . * Use SHA256 as Pkinit CMS Digest, Closes: #1017995 libapache2-mod-auth-openidc (2.3.10.2-1+deb10u1) buster; urgency=medium . * Add patch for CVE-2019-14857 (Closes: #942165) libdatetime-timezone-perl (1:2.23-1+2022b) buster; urgency=medium . * Update to Olson database version 2022b. This update includes contemporary changes for Chile and Iran. libhttp-cookiejar-perl (0.008-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Add patch to fix FTBFS after 09 Jun 2021. (Closes: #991649) libnet-freedb-perl (0.10-2~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster. . libnet-freedb-perl (0.10-2) unstable; urgency=medium . * Add a patch to change the default host from the defunct freedb.freedb.org to gnudb.gnudb.org. Thanks to Adrian Bunk for the bug report. (Closes: #991089) libnet-ssleay-perl (1.85-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport upstream fix for test failures with OpenSSL 1.1.1n. (Closes: #1008055) libpgjava (42.2.5-2+deb10u1) buster-security; urgency=high . * Team upload. * Fix CVE-2022-26520: An attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. * Fix CVE-2022-21724: The JDBC driver did not verify if certain classes implemented the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary classes. * CVE-2020-13692: Fix XXE vulnerability in PgSQLXML by disabling external access and doctypes. (Closes: #962828) librecad (2.1.3-1.2+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2021-21898: A code execution vulnerability exists in the dwgCompressor::decompress18() functionality of LibreCad libdxfrw. A specially-crafted .dwg file can lead to an out-of-bounds write. * CVE-2021-21899: A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw. A specially-crafted .dwg file can lead to a heap buffer overflow. * CVE-2021-21900: A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw. A specially-crafted .dxf file can lead to a use-after-free vulnerability. * CVE-2021-45341: Buffer overflow vulnerabilities in CDataMoji of the jwwlib component of LibreCAD allows an attacker to achieve Remote Code Execution using a crafted JWW document. * CVE-2021-45342: Buffer overflow vulnerabilities in CDataList of the jwwlib component of LibreCAD allows an attacker to achieve Remote Code Execution using a crafted JWW document. * CVE-2021-45343: a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document. librose-db-object-perl (1:0.815-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Add upstream fix for test failure after 6/6/2020. (Closes: #962482) librsvg (2.44.10-2.1+deb10u3) buster; urgency=medium . * nalgebra-borrow-mutable-immutable.patch: - Update checksum for cg.rs. * cssparser-dont-assign-to-borrowed-variable.patch: - Fix another build failure with rustc 1.41. librsvg (2.44.10-2.1+deb10u2) buster; urgency=medium . * nalgebra-borrow-mutable-immutable.patch: fix build with rustc 1.41. * Don-t-drop-nodes-recursively-to-avoid-stack-over.patch: fix stack exhaustion due to recursion when freeing nodes, which caused FTBFS on ppc64el and s390x with the newly introduced tests for CVE-2019-20446. librsvg (2.44.10-2.1+deb10u1) buster; urgency=medium . * CVE-2019-20446: DoS via billion laughs attack. libvirt-php (0.5.4-3+deb10u1) buster; urgency=medium . * Add gbp.conf for debian/buster * Add patch to fix segmentation fault in libvirt_node_get_cpu_stats (Closes: #982804) libxml2 (2.9.4+dfsg1-7+deb10u4) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix integer overflow in xmlBufferResize * Fix integer overflows in xmlBuf and xmlBuffer (CVE-2022-29824) (Closes: #1010526) linux (4.19.249-2) buster-security; urgency=medium . * swiotlb: skip swiotlb_bounce when orig_addr is zero (regression in 4.19.249) linux (4.19.249-1) buster-security; urgency=high . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.236 - Revert "xfrm: state and policy should fail if XFRMA_IF_ID 0" - xfrm: Check if_id in xfrm_migrate - xfrm: Fix xfrm migrate issues when address family changes - [x86] atm: firestream: check the return value of ioremap() in fs_init() - nl80211: Update bss channel on channel switch for P2P_CLIENT - tcp: make tcp_read_sock() more robust - sfc: extend the locking on mcdi->seqno - sched/topology: Make sched_init_numa() use a set for the deduplicating sort - sched/topology: Fix sched_domain_topology_level alloc in sched_init_numa() - cpuset: Fix unsafe lock order between cpuset lock and cpuslock - mm: fix dereference a null pointer in migrate[_huge]_page_move_mapping() - fs: sysfs_emit: Remove PAGE_SIZE alignment check - [arm64] Preparation for mitigating Spectre-BHB: + Add part number for Arm Cortex-A77 + Add Neoverse-N2, Cortex-A710 CPU part definition + Add Cortex-X2 CPU part definition + entry.S: Add ventry overflow sanity checks - [arm64] Mitigate Spectre v2-type Branch History Buffer attacks (CVE-2022-23960): + entry: Make the trampoline cleanup optional + entry: Free up another register on kpti's tramp_exit path + entry: Move the trampoline data page before the text page + entry: Allow tramp_alias to access symbols after the 4K boundary + entry: Don't assume tramp_vectors is the start of the vectors + entry: Move trampoline macros out of ifdef'd section + entry: Make the kpti trampoline's kpti sequence optional + entry: Allow the trampoline text to occupy multiple pages + entry: Add non-kpti __bp_harden_el1_vectors for mitigations + entry: Add vectors that have the bhb mitigation sequences + entry: Add macro for reading symbol addresses from the trampoline + Add percpu vectors for EL1 + proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2 + KVM: arm64: Add templates for BHB mitigation sequences + Mitigate spectre style branch history side channels + KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated + add ID_AA64ISAR2_EL1 sys register + Use the clearbhb instruction in mitigations - [arm64] crypto: qcom-rng - ensure buffer for generate is completely filled - ocfs2: fix crash when initialize filecheck kobj fails - efi: fix return value of __setup handlers - net/packet: fix slab-out-of-bounds access in packet_recvmsg() - atm: eni: Add check for dma_map_single - [x86] hv_netvsc: Add check for kvmalloc_array - [arm64,armhf] drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings - net: handle ARPHRD_PIMREG in dev_is_mac_header_xmit() - [arm64,armhf] net: dsa: Add missing of_node_put() in dsa_port_parse_of - usb: gadget: rndis: prevent integer overflow in rndis_set_response() - usb: gadget: Fix use-after-free bug by not setting udc->dev.driver - Input: aiptek - properly check endpoint type - perf symbols: Fix symbol size calculation condition https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.237 - nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION (CVE-2022-26490) - net: ipv6: fix skb_over_panic in __ip6_append_data - esp: Fix possible buffer overflow in ESP transformation (CVE-2022-27666) - [x86] thermal: int340x: fix memory leak in int3400_notify() - llc: fix netdevice reference leaks in llc_ui_bind() (CVE-2022-28356) - ALSA: oss: Fix PCM OSS buffer allocation overflow - ALSA: pcm: Add stream lock during PCM reset ioctl operations - ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB - ALSA: cmipci: Restore aux vol on suspend/resume - ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec - [arm64] drivers: net: xgene: Fix regression in CRC stripping - netfilter: nf_tables: initialize registers in nft_do_chain() (CVE-2022-1016) - [x86] ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board - [x86] ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3 - [x86] ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU - [x86] crypto: qat - disable registration of algorithms - mac80211: fix potential double free on mesh join - llc: only change llc->dev when bind() succeeds https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.238 - USB: serial: pl2303: add IBM device IDs - USB: serial: simple: add Nokia phone driver - netdevice: add the case if dev is NULL - xfrm: fix tunnel model fragmentation behavior - virtio_console: break out of buf poll on remove - ethernet: sun: Free the coherent when failing in probing - spi: Fix invalid sgs value - spi: Fix erroneous sgs value with min_t() - af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register (CVE-2022-1353) - fuse: fix pipe buffer lifetime for direct_io (CVE-2022-1011) - tpm: fix reference counting for struct tpm_chip - block: Add a helper to validate the block size - virtio-blk: Use blk_validate_block_size() to validate block size - USB: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c - xhci: make xhci_handshake timeout for xhci_reset() adjustable - iio: inkern: apply consumer scale on IIO_VAL_INT cases - iio: inkern: apply consumer scale when no channel scale is available - iio: inkern: make a best effort on offset calculation - ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE (CVE-2022-30594) - Documentation: add link to stable release candidate tree - Documentation: update stable tree link - SUNRPC: avoid race between mod_timer() and del_timer_sync() - NFSD: prevent underflow in nfssvc_decode_writeargs() - NFSD: prevent integer overflow on 32 bit systems - f2fs: fix to unlock page correctly in error path of is_alive() - [armhf] pinctrl: samsung: drop pin banks references on error paths - can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path (CVE-2022-28390) - jffs2: fix use-after-free in jffs2_clear_xattr_subsystem - jffs2: fix memory leak in jffs2_do_mount_fs - jffs2: fix memory leak in jffs2_scan_medium - mm/pages_alloc.c: don't create ZONE_MOVABLE beyond the end of a node - mm: invalidate hwpoison page cache page in fault path - mempolicy: mbind_range() set_policy() after vma_merge() - scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands - qed: display VF trust config - qed: validate and restrict untrusted VFs vlan promisc mode - Revert "Input: clear BTN_RIGHT/MIDDLE on buttonpads" - [i386] ALSA: cs4236: fix an incorrect NULL check on list iterator - ALSA: hda/realtek: Fix audio regression on Mi Notebook Pro 2020 - mm,hwpoison: unmap poisoned page before invalidation - drbd: fix potential silent data corruption - [powerpc*] kvm: Fix kvm_use_magic_page - ACPI: properties: Consistently return -ENOENT if there are no more references - drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() (CVE-2022-1198) - block: don't merge across cgroup boundaries if blkcg is enabled - drm/edid: check basic audio support on CEA extension block - [armhf] dts: exynos: add missing HDMI supplies on SMDK5250 - [armhf] dts: exynos: add missing HDMI supplies on SMDK5420 - carl9170: fix missing bit-wise or operator for tx_params - [x86] thermal: int340x: Increase bitmap size - brcmfmac: firmware: Allocate space for default boardrev in nvram - brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio - PCI: pciehp: Clear cmd_busy bit in polling mode - [arm64] regulator: qcom_smd: fix for_each_child.cocci warnings - crypto: authenc - Fix sleep in atomic context in decrypt_tail - [arm64,armhf] spi: tegra114: Add missing IRQ check in tegra_spi_probe - [arm64] spi: pxa2xx-pci: Balance reference count for PCI DMA device - hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING - block: don't delete queue kobject before its children - PM: hibernate: fix __setup handler error handling - PM: suspend: fix return value of __setup handler - clocksource/drivers/timer-of: Check return value of of_iomap in timer_of_base_init() - ACPI: APEI: fix return value of __setup handlers - [x86] crypto: ccp - ccp_dmaengine_unregister release dma channels - [x86] clocksource: acpi_pm: fix return value of __setup handler - sched/debug: Remove mpol_get/put and task_lock/unlock from sched_show_numa - perf/core: Fix address filter parser for multiple filters - [x86] perf/x86/intel/pt: Fix address filter config for 32-bit kernel - video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() - video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() - media: em28xx: initialize refcount before kref_get - media: usb: go7007: s2250-board: fix leak in probe() - [x86] ASoC: rt5663: check the return value of devm_kzalloc() in rt5663_parse_dp() - printk: fix return value of printk.devkmsg __setup handler - [armhf] memory: emif: Add check for setup_interrupts - [armhf] memory: emif: check the pointer temp in get_device_details() - ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction - media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED - [arm*] ASoC: dmaengine: do not use a NULL prepare_slave_config() callback - [armhf] ASoC: imx-es8328: Fix error return code in imx_es8328_probe() - ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern - Bluetooth: hci_serdev: call init_rwsem() before p->open() - drm/edid: Don't clear formats if using deep color - drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes() - ath9k_htc: fix uninit value bugs - [powerpc*] KVM: PPC: Fix vmx/vsx mixup in mmio emulation - [x86] ray_cs: Check ioremap return value - HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports - iwlwifi: Fix -EIO error code that is never returned - scsi: pm8001: Fix command initialization in pm80XX_send_read_log() - scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req() - scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config() - scsi: pm8001: Fix abort all task initialization - TOMOYO: fix __setup handlers return values - [arm64,armhf] drm/tegra: Fix reference leak in tegra_dsi_ganged_probe - [x86] power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong false return - [powerpc*] Makefile: Don't pass -mcpu=powerpc64 when building 32-bit - [x86] KVM: x86: Fix emulation in writing cr8 - [x86] KVM: x86/emulator: Defer not-present segment check in __load_segment_descriptor() - [x86] hv_balloon: rate-limit "Unhandled message" warning - PCI: Reduce warnings on possible RW1C corruption - [armhf] mfd: mc13xxx: Add check for mc13xxx_irq_request - vxcan: enable local echo for sent CAN frames - USB: storage: ums-realtek: fix error code in rts51x_read_mem() - af_netlink: Fix shift out of bounds in group mask calculation - tcp: ensure PMTU updates are processed during fastopen - [x86] mxser: fix xmit_buf leak in activate when LSR == 0xff - [x86] serial: 8250_mid: Balance reference count for PCI DMA device - serial: 8250: Fix race condition in RTS-after-send handling - [arm64] clk: qcom: clk-rcg2: Update the frac table for pixel clock - [armhf] clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver - NFS: remove unneeded check in decode_devicenotify_args() - [arm64,armhf] pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe - [s390x] tty: hvc: fix return value of __setup handler - jfs: fix divide error in dbNextAG - netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options - xen: fix is_xen_pmu() - net: phy: broadcom: Fix brcm_fet_config_init() - NFSv4/pNFS: Fix another issue with a list iterator pointing to the head - selinux: use correct type for context length - loop: use sysfs_emit() in the sysfs xxx show() - Fix incorrect type in assignment of ipv6 port for audit - bfq: fix use-after-free in bfq_dispatch_request - ACPICA: Avoid walking the ACPI Namespace if it is not there - Revert "Revert "block, bfq: honor already-setup queue merges"" - ACPI/APEI: Limit printable size of BERT table data - PM: core: keep irq flags in device_pm_check_callbacks() - [arm64] spi: tegra20: Use of_device_get_match_data() - ext4: don't BUG if someone dirty pages without asking ext4 first - video: fbdev: cirrusfb: check pixclock to avoid divide by zero - video: fbdev: udlfb: replace snprintf in show functions with sysfs_emit - ASoC: soc-core: skip zero num_dai component in searching dai name - media: cx88-mpeg: clear interrupt status register before streaming video - media: Revert "media: em28xx: add missing em28xx_close_extension" - media: hdpvr: initialize dev->worker at hdpvr_register_videodev - mmc: host: Return an error when ->enable_sdio_irq() ops is missing - [powerpc*] lib/sstep: Fix 'sthcx' instruction - scsi: qla2xxx: Fix stuck session in gpdb - scsi: qla2xxx: Fix warning for missing error code - scsi: qla2xxx: Check for firmware dump already collected - scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair() - scsi: qla2xxx: Fix incorrect reporting of task management failure - scsi: qla2xxx: Fix hang due to session stuck - scsi: qla2xxx: Reduce false trigger to login - scsi: qla2xxx: Use correct feature type field during RFF_ID processing - KVM: Prevent module exit until all VMs are freed - [x86] KVM: x86: fix sending PV IPI - ubifs: rename_whiteout: Fix double free for whiteout_ui->data - ubifs: Fix deadlock in concurrent rename whiteout and inode writeback - ubifs: Add missing iput if do_tmpfile() failed in rename whiteout - ubifs: setflags: Make dirtied_ino_d 8 bytes aligned - ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock() - ubifs: rename_whiteout: correct old_dir size computing - can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path (CVE-2022-28389) - can: mcba_usb: properly check endpoint type - gfs2: Make sure FITRIM minlen is rounded up to fs block size - pinctrl: pinconf-generic: Print arguments for bias-pull-* - ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl - [amd64,arm64] ACPI: CPPC: Avoid out of bounds access when parsing _CPC data - mm/mmap: return 1 from stack_guard_gap __setup() handler - mm/memcontrol: return 1 from cgroup.memory __setup() handler - mm/usercopy: return 1 from hardened_usercopy __setup() handler - bpf: Fix comment for helper bpf_current_task_under_cgroup() - [x86] ASoC: topology: Allow TLV control to be either read or write - openvswitch: Fixed nd target mask field in the flow dump. - [x86] KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't activated (CVE-2022-2153) - ubifs: Rectify space amount budget for mkdir/tmpfile operations - [x86] KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs - drm: Add orientation quirk for GPD Win Max - ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 - drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj - ptp: replace snprintf with sysfs_emit - scsi: mvsas: Replace snprintf() with sysfs_emit() - scsi: bfa: Replace snprintf() with sysfs_emit() - [arm64,armhf] power: supply: axp20x_battery: properly report current when discharging - [powerpc*] Set crashkernel offset to mid of RMA region - [arm64] PCI: aardvark: Fix support for MSI interrupts - [arm64] iommu/arm-smmu-v3: fix event handling soft lockup - usb: ehci: add pci device support for Aspeed platforms - PCI: pciehp: Add Qualcomm quirk for Command Completed erratum - ipv4: Invalidate neighbour for broadcast address upon address addition - dm ioctl: prevent potential spectre v1 gadget - scsi: pm8001: Fix pm8001_mpi_task_abort_resp() - scsi: aha152x: Fix aha152x_setup() __setup handler return value - net/smc: correct settings of RMB window update limit - macvtap: advertise link netns via netlink - bnxt_en: Eliminate unintended link toggle during FW reset - [mips*] fix fortify panic when copying asm exception handlers - scsi: libfc: Fix use after free in fc_exch_abts_resp() - [armhf] usb: dwc3: omap: fix "unbalanced disables for smps10_out1" on omap5evm - Bluetooth: Fix use after free in hci_send_acl - init/main.c: return 1 from handled __setup() functions - minix: fix bug when opening a file with O_DIRECT - w1: w1_therm: fixes w1_seq for ds28ea00 sensors - NFSv4: Protect the state recovery thread against direct reclaim - xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32 - clk: Enforce that disjoints limits are invalid - SUNRPC/call_alloc: async tasks mustn't block waiting for memory - NFS: swap IO handling is slightly different for O_DIRECT IO - NFS: swap-out must always use STABLE writes. - [armhf] serial: samsung_tty: do not unlock port->lock for uart_write_wakeup() - virtio_console: eliminate anonymous module_init & module_exit - jfs: prevent NULL deref in diFree - net: add missing SOF_TIMESTAMPING_OPT_ID support - mm: fix race between MADV_FREE reclaim and blkdev direct IO read - [arm64] KVM: arm64: Check arm64_get_bp_hardening_data() didn't return NULL - drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire() - [x86] Drivers: hv: vmbus: Fix potential crash on module unload - [arm64,armhf] net: stmmac: Fix unset max_speed difference between DT and non-DT platforms - [armhf] drm/imx: Fix memory leak in imx_pd_connector_get_modes - net: openvswitch: don't send internal clone attribute to the userspace. - rxrpc: fix a race in rxrpc_exit_net() - qede: confirm skb is allocated before using - drbd: Fix five use after free bugs in get_initial_state - [arm64] Revert "mmc: sdhci-xenon: fix annoying 1.8V regulator warning" - mmmremap.c: avoid pointless invalidate_range_start/end on mremap(old_size=0) - mm/mempolicy: fix mpol_new leak in shared_policy_replace - [x86] pm: Save the MSR validity status at context setup - [x86] speculation: Restore speculation related MSRs during S3 resume - btrfs: fix qgroup reserve overflow the qgroup limit - [arm64] patch_text: Fixup last cpu should be master - [arm64] perf: qcom_l2_pmu: fix an incorrect NULL check on list iterator - [arm64,armhf] irqchip/gic-v3: Fix GICR_CTLR.RWP polling - mm: don't skip swap entry even if zap_details specified - [arm64] module: remove (NOLOAD) from linker script - mm/sparsemem: fix 'mem_section' will never be NULL gcc 12 warning - cgroup: Use open-time credentials for process migraton perm checks (CVE-2021-4197) - cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv (CVE-2021-4197) - cgroup: Use open-time cgroup namespace for process migration perm checks (CVE-2021-4197) - xfrm: policy: match with both mark and mask on user interfaces - drm/amdgpu: Check if fd really is an amdgpu fd. https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.239 - net/sched: flower: fix parsing of ethertype following VLAN header - veth: Ensure eth header is in skb's linear part - gpiolib: acpi: use correct format characters - [armhf] net: ethernet: stmmac: fix altr_tse_pcs function when using a fixed-link - sctp: Initialize daddr on peeled off socket - cifs: potential buffer overflow in handling symlinks - drm/amd: Add USBC connector ID - [amd64] drm/amdkfd: Check for potential null return of kmalloc_array() - [x86] Drivers: hv: vmbus: Prevent load re-ordering when reading ring buffer - scsi: target: tcmu: Fix possible page UAF - [powerpc*] scsi: ibmvscsis: Increase INITIAL_SRP_LIMIT to 1024 - ata: libata-core: Disable READ LOG DMA EXT for Samsung 840 EVOs - [armhf] gpu: ipu-v3: Fix dev_dbg frequency output - [arm64] alternatives: mark patch_alternative() as `noinstr` - drm/amd/display: Fix allocate_mst_payload assert on resume - scsi: mvsas: Add PCI ID of RocketRaid 2640 - drivers: net: slip: fix NPD bug in sl_tx_timeout() - mm, page_alloc: fix build_zonerefs_node() - ALSA: hda/realtek: Add quirk for Clevo PD50PNT - ALSA: pcm: Test for "silence" field in struct "pcm_format_data" - ipv6: fix panic when forwarding a pkt with no in6 dev - smp: Fix offline cpu check in flush_smp_call_function_queue() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.240 - etherdevice: Adjust ether_addr* prototypes to silence -Wstringop-overead - mm: page_alloc: fix building error on -Werror=array-compare - tracing: Dump stacktrace trigger to the corresponding instance - can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path (CVE-2022-28388) - dm integrity: fix memory corruption when tag_size is less than digest size - gfs2: assign rgrp glock before compute_bitstructs - ALSA: usb-audio: Clear MIDI port active flag after draining - tcp: fix race condition when creating child sockets from syncookies - tcp: Fix potential use-after-free due to double kfree() - [armhf] dmaengine: imx-sdma: Fix error checking in sdma_event_remap - rxrpc: Restore removed timer deletion - net/packet: fix packet_sock xmit return value checking - net/sched: cls_u32: fix possible leak in u32_init_knode() - netlink: reset network and mac headers in netlink_dump() - [x86] platform/x86: samsung-laptop: Fix an unsigned comparison which can never be negative - ALSA: usb-audio: Fix undefined behavior due to shift overflowing the constant - vxlan: fix error return code in vxlan_fdb_append - cifs: Check the IOCB_DIRECT flag, not O_DIRECT - mt76: Fix undefined behavior due to shift overflowing the constant - brcmfmac: sdio: Fix undefined behavior due to shift overflowing the constant - [arm64] drm/msm/mdp5: check the return of kzalloc() - [arm64] net: macb: Restart tx only if queue pointer is lagging - stat: fix inconsistency between struct stat and struct compat_stat - ata: pata_marvell: Check the 'bmdma_addr' beforing reading - [arm64,armhf] drm/panel/raspberrypi-touchscreen: Avoid NULL deref if not initialised - [arm64,armhf] drm/panel/raspberrypi-touchscreen: Initialise the bridge in prepare - [powerpc*] perf: Fix power9 event alternatives - openvswitch: fix OOB access in reserve_sfa_size() - ASoC: soc-dapm: fix two incorrect uses of list iterator - e1000e: Fix possible overflow in LTR decoding - [arm*] arm_pmu: Validate single/group leader events - ext4: fix symlink file size not match to file content - ext4: limit length to bitmap_maxbytes - blocksize in punch_hole - ext4: fix overhead calculation to account for the reserved gdt blocks - ext4: force overhead calculation if the s_overhead_cluster makes no sense - block/compat_ioctl: fix range check in BLKGETSIZE - ax25: add refcount in ax25_dev to avoid UAF bugs (CVE-2022-1204) - ax25: fix reference count leaks of ax25_dev (CVE-2022-1204) - ax25: fix UAF bugs of net_device caused by rebinding operation (CVE-2022-1204) - ax25: Fix refcount leaks caused by ax25_cb_del() - ax25: fix UAF bug in ax25_send_control() (CVE-2022-1204) - ax25: fix NPD bug in ax25_disconnect (CVE-2022-1199) - ax25: Fix NULL pointer dereferences in ax25 timers (CVE-2022-1205) - ax25: Fix UAF bugs in ax25 timers (CVE-2022-1205) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.241 - floppy: disable FDRAWCMD by default (CVE-2022-33981) - hamradio: defer 6pack kfree after unregister_netdev (CVE-2022-1195) - hamradio: remove needs_free_netdev to avoid UAF (CVE-2022-1195) - net/sched: cls_u32: fix netns refcount changes in u32_change() (CVE-2022-29581) - [powerpc*] 64/interrupt: Temporarily save PPR on stack to fix register corruption due to SLB miss - [powerpc*] 64s: Unmerge EX_LR and EX_DAR - [armhf] Revert "net: ethernet: stmmac: fix altr_tse_pcs function when using a fixed-link" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.242 - USB: quirks: add a Realtek card reader - USB: quirks: add STRING quirk for VCOM device - USB: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS - USB: serial: cp210x: add PIDs for Kamstrup USB Meter Reader - USB: serial: option: add support for Cinterion MV32-WA/MV32-WB - USB: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions - xhci: stop polling roothubs after shutdown - iio: dac: ad5446: Fix read_raw not returning set value - [x86] iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on() - usb: misc: fix improper handling of refcount in uss720_probe() - usb: gadget: uvc: Fix crash when encoding data for usb request - usb: gadget: configfs: clear deactivation flag in configfs_composite_unbind() - [arm64,armhf] usb: dwc3: core: Fix tx/rx threshold settings - [arm64,armhf] usb: dwc3: gadget: Return proper request status - [armhf] serial: imx: fix overrun interrupts in DMA mode - serial: 8250: Also set sticky MCR bits in console restoration - serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device - hex2bin: make the function hex_to_bin constant-time - hex2bin: fix access beyond string end - USB: Fix xhci event ring dequeue pointer ERDP update issue - [armhf] phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe - [armhf] phy: samsung: exynos5250-sata: fix missing device put in probe error paths - [armhf] ARM: OMAP2+: Fix refcount leak in omap_gic_of_init - [armhf] dts: logicpd-som-lv: Fix wrong pinmuxing on OMAP35 - ipvs: correctly print the memory size of ip_vs_conn_tab - tcp: md5: incorrect tcp_header_len for incoming connections - sctp: check asoc strreset_chunk in sctp_generate_reconf_event - [arm64] net: hns3: add validity check for message data length - ip_gre: Make o_seqno start from 0 in native mode - tcp: fix potential xmit stalls caused by TCP_NOTSENT_LOWAT - [arm64,armhf] bus: sunxi-rsb: Fix the return value of sunxi_rsb_device_create() - [arm64,armhf] clk: sunxi: sun9i-mmc: check return value after calling platform_get_resource() - bnx2x: fix napi API usage sequence - ip6_gre: Avoid updating tunnel->tun_hlen in __gre6_xmit() - [amd64] x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 - cifs: destage any unwritten data to the server before calling copychunk_write - [x86] drivers: net: hippi: Fix deadlock in rr_close() - [x86] cpu: Load microcode during restore_processor_state() - tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2 - tty: n_gsm: fix malformed counter for out of frame data - netfilter: nft_socket: only do sk lookups when indev is available - tty: n_gsm: fix insufficient txframe size - tty: n_gsm: fix missing explicit ldisc flush - tty: n_gsm: fix wrong command retry handling - tty: n_gsm: fix wrong command frame length field encoding - tty: n_gsm: fix incorrect UA handling - drm/vgem: Close use-after-free race in vgem_gem_create (CVE-2022-1419) - [mips*] Fix CP0 counter erratum detection for R4k CPUs - ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes - gpiolib: of: fix bounds check for 'gpio-reserved-ranges' - Revert "SUNRPC: attempt AF_LOCAL connect on setup" - firewire: fix potential uaf in outbound_phy_packet_callback() - firewire: remove check of list iterator against head past the loop body - firewire: core: extend card->lock in fw_core_handle_bus_reset - genirq: Synchronize interrupt thread startup - nfc: replace improper check device_is_registered() in netlink related functions (CVE-2022-1974) - NFC: netlink: fix sleep in atomic bug when firmware download timeout (CVE-2022-1975) - hwmon: (adt7470) Fix warning on module removal - [arm*] ASoC: dmaengine: Restore NULL prepare_slave_config() callback - [arm64,armhf] net: stmmac: dwmac-sun8i: add missing of_node_put() in sun8i_dwmac_register_mdio_mux() - [arm64,armhf] smsc911x: allow using IRQ0 - btrfs: always log symlinks in full mode - net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter() - [x86] kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has architectural PMU - mm: fix unexpected zeroed page mapping with zram swap - tcp: make sure treq->af_specific is initialized - dm: fix mempool NULL pointer race when completing IO - dm: interlock pending dm_io and dm_wait_for_bios_completion - [arm64] PCI: aardvark: Clear all MSIs at setup - [arm64] PCI: aardvark: Fix reading MSI interrupt number - mmc: rtsx: add 74 Clocks in power on flow https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.243 - block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code' explicit - nfp: bpf: silence bitwise vs. logical OR warning - Bluetooth: Fix the creation of hdev->name - ALSA: pcm: Fix races among concurrent hw_params and hw_free calls (CVE-2022-1048) - ALSA: pcm: Fix races among concurrent read/write and buffer changes (CVE-2022-1048) - ALSA: pcm: Fix races among concurrent prepare and hw_params/hw_free calls (CVE-2022-1048) - ALSA: pcm: Fix races among concurrent prealloc proc writes (CVE-2022-1048) - ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock - mm: hugetlb: fix missing cache flush in copy_huge_page_from_user() - mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and __mcopy_atomic() - VFS: Fix memory leak caused by concurrently mounting fs with subtype https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.244 - batman-adv: Don't skb_split skbuffs with frag_list - hwmon: (tmp401) Add OF device ID table - net: Fix features skip in for_each_netdev_feature() - ipv4: drop dst in multicast routing path - netlink: do not reset transport header in netlink_recvmsg() - mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection - [s390x] ctcm: fix variable dereferenced before check - [s390x] ctcm: fix potential memory leak - [s390x] lcs: fix variable dereferenced before check - net/sched: act_pedit: really ensure the skb is writable - net/smc: non blocking recvmsg() return -EAGAIN when no data and signal_pending - net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe() - gfs2: Fix filesystem block deallocation for short writes - hwmon: (f71882fg) Fix negative temperature - ASoC: max98090: Reject invalid values in custom control put() - ASoC: max98090: Generate notifications on changes for custom control - ASoC: ops: Validate input values in snd_soc_put_volsw_range() - tcp: resalt the secret every 10 seconds (CVE-2022-1012) - usb: cdc-wdm: fix reading stuck on device close - USB: serial: pl2303: add device id for HP LM930 Display - USB: serial: qcserial: add support for Sierra Wireless EM7590 - USB: serial: option: add Fibocom L610 modem - USB: serial: option: add Fibocom MA510 modem - cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp() - [x86] drm/vmwgfx: Initialize drm_mode_fb_cmd2 - ping: fix address binding wrt vrf https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.245 - floppy: use a statically allocated error counter (CVE-2022-1652) - Input: add bounds checking to input_set_capability() - drbd: remove usage of list iterator variable after loop - nilfs2: fix lockdep warnings in page operations for btree nodes - nilfs2: fix lockdep warnings during disk space reclamation - [i386] ALSA: wavefront: Proper check of get_user() error - perf: Fix sys_perf_event_open() race against self (CVE-2022-1729) - Fix double fget() in vhost_net_set_backend() - PCI/PM: Avoid putting Elo i2 PCIe Ports in D3cold - [arm64] crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ - drm/dp/mst: fix a possible memory leak in fetch_monitor_name() - mmc: core: Cleanup BKOPS support - mmc: core: Specify timeouts for BKOPS and CACHE_FLUSH for eMMC - mmc: block: Use generic_cmd6_time when modifying INAND_CMD38_ARG_EXT_CSD - mmc: core: Default to generic_cmd6_time as timeout in __mmc_switch() - [arm64] net: macb: Increment rx bd head after allocating skb and buffer - net/sched: act_pedit: sanitize shift argument before usage - [x86] net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() - [x86] net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() - net/qla3xxx: Fix a test in ql_reset_work() - net/mlx5e: Properly block LRO when XDP is enabled - [armhf] 9196/1: spectre-bhb: enable for Cortex-A15 - [armel,armhf] 9197/1: spectre-bhb: fix loop8 sequence for Thumb2 - igb: skip phy status check where unavailable - net: bridge: Clear offload_fwd_mark when passing frame up bridge interface. - [arm*] gpio: mvebu/pwm: Refuse requests with inverted polarity - scsi: qla2xxx: Fix missed DMA unmap for aborted commands - mac80211: fix rx reordering with non explicit / psmp ack policy - ethernet: tulip: fix missing pci_disable_device() on error in tulip_init_one() - [amd64] net: atlantic: verify hw_head_ lies within TX buffer ring - swiotlb: fix info leak with DMA_FROM_DEVICE (CVE-2022-0854) - Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE"" (CVE-2022-0854) - afs: Fix afs_getattr() to refetch file status if callback break occurred https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.246 - [x86] pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests (Closes: #1006346) - staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan() - tcp: change source port randomizarion at connect() time - secure_seq: use the 64 bits of the siphash for port offset calculation (CVE-2022-1012) - ACPI: sysfs: Make sparse happy about address space in use - ACPI: sysfs: Fix BERT error region memory mapping - net: af_key: check encryption module availability consistency - [x86] i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging - [arm64] drivers: i2c: thunderx: Allow driver to work with ACPI defined TWSI controllers - assoc_array: Fix BUG_ON during garbage collect - cfg80211: set custom regdomain after wiphy registration - [x86] drm/i915: Fix -Wstringop-overflow warning in call to intel_read_wm_latency() - block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern (CVE-2022-0494) - exec: Force single empty string when argv is empty - netfilter: conntrack: re-fetch conntrack after insertion - zsmalloc: fix races between asynchronous zspage free and page migration - dm integrity: fix error code in dm_integrity_ctr() - dm crypt: make printing of the key constant-time - dm stats: add cond_resched when looping over entries - dm verity: set DM_TARGET_IMMUTABLE feature flag - HID: multitouch: Add support for Google Whiskers Touchpad - tpm: Fix buffer access in tpm2_get_tpm_pt() - NFSD: Fix possible sleep during nfsd4_release_lockowner() - bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.247 - ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS - USB: serial: option: add Quectel BG95 modem - USB: new quirk for Dell Gen 2 devices - ptrace: Reimplement PTRACE_KILL by always sending SIGKILL - btrfs: add "0x" prefix for unsupported optional features - btrfs: repair super block num_devices automatically - drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes - mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue - b43legacy: Fix assigning negative value to unsigned variable - b43: Fix assigning negative value to unsigned variable - ipw2x00: Fix potential NULL dereference in libipw_xmit() - ipv6: fix locking issues with loops over idev->addr_list - fbcon: Consistently protect deferred_takeover with console_lock() - ACPICA: Avoid cache flush inside virtual machines - ALSA: jack: Access input_dev under mutex - drm/amd/pm: fix double free in si_parse_power_table() - ath9k: fix QCA9561 PA bias level - [arm64] media: venus: hfi: avoid null dereference in deinit - media: pci: cx23885: Fix the error handling in cx23885_initdev() - md/bitmap: don't set sb values if can't pass sanity check - scsi: megaraid: Fix error check return value of register_chrdev() - drm/plane: Move range check for format_count earlier - drm/amd/pm: fix the compile warning - ipv6: Don't send rs packets to the interface of ARPHRD_TUNNEL - ASoC: dapm: Don't fold register value changes into notifications - ipmi:ssif: Check for NULL msg when handling events and messages - rtlwifi: Use pr_warn instead of WARN_ONCE - media: cec-adap.c: fix is_configuring state - nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags - ASoC: rt5645: Fix errorenous cleanup order - net: phy: micrel: Allow probing without .driver_data - rxrpc: Return an error to sendmsg if call failed - [arm64] PM / devfreq: rk3399_dmc: Disable edev on remove() - fs: jfs: fix possible NULL pointer dereference in dbFree() - fat: add ratelimit to fat*_ent_bread() - [armhf] dts: exynos: add atmel,24c128 fallback to Samsung EEPROM - PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() - tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate - [powerpc*] xics: fix refcount leak in icp_opal_init() - [amd64] RDMA/hfi1: Prevent panic when SDMA is disabled - drm: fix EDID struct for old ARM OABI format - ath9k: fix ar9003_get_eepmisc - drm/edid: fix invalid EDID extension block filtering - [arm64] drm/bridge: adv7511: clean up CEC adapter when probe fails - [x86] delay: Fix the wrong asm constraint in delay_loop() - [arm*] drm/vc4: txp: Don't set TXP_VSTART_AT_EOF - [arm*] drm/vc4: txp: Force alpha to be 0xff if it's disabled - nl80211: show SSID for P2P_GO interfaces - [armhf] spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout - NFC: NULL out the dev->rfkill to prevent UAF - efi: Add missing prototype for efi_capsule_setup_info - HID: hid-led: fix maximum brightness for Dream Cheeky - HID: elan: Fix potential double free in elan_input_configured - ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix - inotify: show inotify mask flags in proc fdinfo - fsnotify: fix wrong lockdep annotations - scsi: ufs: core: Exclude UECxx from SFR dump list - [x86] pm: Fix false positive kmemleak report in msr_build_context() - [x86] speculation: Add missing prototype for unpriv_ebpf_notify() - [arm64] drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume - [arm64] drm/msm/dsi: fix error checks and return values for DSI xmit functions - [arm64] drm/msm/hdmi: check return value after calling platform_get_resource_byname() - [arm64,armhf] drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() - [x86] Fix return value of __setup handlers - [x86] mm: Cleanup the control_va_addr_alignment() __setup handler - [arm64] drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected - [arm64] drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected - [arm64] drm/msm: return an error pointer in msm_gem_prime_get_sg_table() - media: uvcvideo: Fix missing check to determine if element is found in list - [x86] perf/amd/ibs: Use interrupt regs ip for stack unwinding - [armhf] regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt - scripts/faddr2line: Fix overlapping text section failures - media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init - Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout - sctp: read sk->sk_bound_dev_if once in sctp_rcv() - ext4: reject the 'commit' option on ext2 filesystems - [arm64] drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() - rxrpc: Fix listen() setting the bar too high for the prealloc rings - rxrpc: Don't try to resend the request if we're receiving the reply - [armel,armhf] dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT - [armel,armhf] dts: bcm2835-rpi-b: Fix GPIO line names - [arm*] crypto: marvell/cesa - ECB does not IV - [arm64] pinctrl: mvebu: Fix irq_of_parse_and_map() return value - drivers/base/node.c: fix compaction sysfs file leak - dax: fix cache flush on PMD-mapped pages - [powerpc*] idle: Fix return value of __setup() handler - proc: fix dentry/inode overinstantiating under /proc/${pid}/net - tty: fix deadlock caused by calling printk() under tty_port->lock - [amd64] RDMA/hfi1: Prevent use of lock before it is initialized - f2fs: fix dereference of stale list iterator after loop body - NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout - [arm64,armhf] video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup - [amd64] iommu/amd: Increase timeout waiting for GA log enablement - f2fs: fix deadloop in foreground GC - wifi: mac80211: fix use-after-free in chanctx code - iwlwifi: mvm: fix assert 1F04 upon reconfig - fs-writeback: writeback_sb_inodes:Recalculate 'wrote' according skipped pages - netfilter: nf_tables: disallow non-stateful expression in sets earlier (CVE-2022-32250) - ext4: fix use-after-free in ext4_rename_dir_prepare - ext4: fix bug_on in ext4_writepages - ext4: verify dir block before splitting it (CVE-2022-1184) - ext4: avoid cycles in directory h-tree (CVE-2022-1184) - tracing: Fix potential double free in create_var_ref() - PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299 - [arm64] PCI: qcom: Fix runtime PM imbalance on probe errors - [arm64] PCI: qcom: Fix unbalanced PHY init on probe errors - dlm: fix plock invalid read - dlm: fix missing lkb refcount handling - ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock - scsi: dc395x: Fix a missing check on list iterator - drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. - drm/nouveau/clk: Fix an incorrect NULL check on list iterator - [arm64,armhf] drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX - md: fix an incorrect NULL check in does_sb_need_changing - md: fix an incorrect NULL check in md_reload_sb - [amd64] RDMA/hfi1: Fix potential integer multiplication overflow errors - [armhf] irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x - mac80211: upgrade passive scan to active scan on DFS channels after beacon rx - hugetlb: fix huge_pmd_unshare address update - rtl818x: Prevent using not initialized queues - ASoC: rt5514: Fix event generation for "DSP Voice Wake Up" control - carl9170: tx: fix an incorrect use of list iterator - [x86] gma500: fix an incorrect NULL check on list iterator - [arm64] phy: qcom-qmp: fix struct clk leak on probe errors - blk-iolatency: Fix inflight count imbalances and IO hangs on offline - [arm64] phy: qcom-qmp: fix reset-controller leak on probe errors - RDMA/rxe: Generate a completion for unsupported/invalid opcode - md: bcache: check the return value of kzalloc() in detached_dev_do_request() - usb: usbip: fix a refcount leak in stub_probe() - usb: usbip: add missing device lock on tweak configuration cmd - USB: storage: karma: fix rio_karma_init return - [armhf] usb: musb: Fix missing of_node_put() in omap2430_probe - [arm64] usb: dwc3: pci: Fix pm_runtime_get_sync() error checking - [arm64,armhf] soc: rockchip: Fix refcount leak in rockchip_grf_init - [arm64,armhf] serial: meson: acquire port->lock in startup() - [x86] serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485 - firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle - [armhf] bus: ti-sysc: Fix warnings for unbind for serial - [s390x] crypto: fix scatterwalk_unmap() callers in AES-GCM - [arm64,armhf] net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register - jffs2: fix memory leak in jffs2_do_fill_super - ubi: ubi_create_volume: Fix use-after-free when volume creation failed - nfp: only report pause frame configuration for physical device - net/mlx5e: Update netdev features after changing XDP state - tcp: tcp_rtx_synack() can be called from process context - afs: Fix infinite loop found by xfstest generic/676 - tipc: check attribute length for bearer name - [mips*] cpc: Fix refcount leak in mips_cpc_default_phys_base - tracing: Fix sleeping function called from invalid context on RT kernel - tracing: Avoid adding tracer option before update_tracer_options - NFSv4: Don't hold the layoutget locks across multiple RPC calls - xprtrdma: treat all calls not a bcall when bc_serv is NULL - [mips*/octeon] ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe - af_unix: Fix a data-race in unix_dgram_peer_wake_me(). - [arm64] bpf, arm64: Clear prog->jited_len along prog->jited - net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure - SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer() - net: mdio: unexport __init-annotated mdio_bus_init() - net: xfrm: unexport __init-annotated xfrm4_protocol_init() - net: ipv6: unexport __init-annotated seg6_hmac_init() - net/mlx5: Rearm the FW tracer after each tracer event - ip_gre: test csum_start instead of transport header - [x86] tty: synclink_gt: Fix null-pointer-dereference in slgt_clean() - [x86] drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop() - [x86] drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop() - [mips*] USB: host: isp116x: check return value after calling platform_get_resource() - USB: hcd-pci: Fully suspend across freeze/thaw cycle - [arm*] usb: dwc2: gadget: don't reset gadget's driver->bus - misc: rtsx: set NULL intfdata when probe fails - extcon: Modify extcon device to be created after driver data is set - [arm*] clocksource/drivers/sp804: Avoid error on multiple instances - staging: rtl8712: fix uninit-value in r871xu_drv_init() - [arm64] serial: msm_serial: disable interrupts in __msm_console_write() - kernfs: Separate kernfs_pr_cont_buf and rename_lock. - md: protect md_unregister_thread from reentrancy - ceph: allow ceph.dir.rctime xattr to be updatable - drm/radeon: fix a possible null pointer dereference - nbd: call genl_unregister_family() first in nbd_cleanup() - nbd: fix race between nbd_alloc_config() and module removal - nbd: fix io hung while disconnecting device - nodemask: Fix return values to be unsigned - [amd64] vringh: Fix loop descriptors check in the indirect cases - ALSA: hda/conexant - Fix loopback issue with CX20632 - cifs: return errors during session setup during reconnects - ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files - mmc: block: Fix CQE recovery reset success - ixgbe: fix bcast packets Rx on VF after promisc removal - ixgbe: fix unexpected VLAN Rx in promisc mode on VF - Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag - [powerpc*] 32: Fix overread/overwrite of thread_struct via ptrace (CVE-2022-32981) - md/raid0: Ignore RAID0 layout if the second zone has only one device - mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write - mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N - tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.248 - [x86] cpu: Add Elkhart Lake to Intel family - cpu/speculation: Add prototype for cpu_show_srbds() - [x86] cpu: Add Jasper Lake to Intel family - [x86] cpu: Add Lakefield, Alder Lake and Rocket Lake models to the to Intel CPU family - [x86] cpu: Add another Alder Lake CPU to the Intel family - [x86] Mitigate Processor MMIO Stale Data vulnerabilities (CVE-2022-21123, CVE-2022-21125, CVE-2022-21166): + Documentation: Add documentation for Processor MMIO Stale Data + x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug + x86/speculation: Add a common function for MD_CLEAR mitigation update + x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data + x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations + x86/speculation/mmio: Enable CPU Fill buffer clearing on idle + x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data + x86/speculation/srbds: Update SRBDS mitigation selection + x86/speculation/mmio: Reuse SRBDS mitigation for SBDS + KVM: x86/speculation: Disable Fill buffer clear within guests + x86/speculation/mmio: Print SMT warning https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.249 - 9p: missing chunk of "fs/9p: Don't update file type when updating file attributes" - crypto: blake2s - generic C library implementation and selftest - lib/crypto: blake2s: move hmac construction into wireguard - lib/crypto: sha1: re-roll loops to reduce code size - random: Backport from 5.19, fixing several weaknesses and peformance issues, including: + fdt: add support for rng-seed + random: add GRND_INSECURE to return best-effort non-cryptographic bytes + random: ignore GRND_RANDOM in getentropy(2) + random: make /dev/random be almost like /dev/urandom + random: use BLAKE2s instead of SHA1 in extraction + random: avoid superfluous call to RDRAND in CRNG extraction + random: continually use hwgenerator randomness + random: use computational hash for entropy extraction + random: use RDSEED instead of RDRAND in entropy extraction + random: do not xor RDRAND when writing into /dev/random + random: absorb fast pool into input pool after fast load + random: use hash function for crng_slow_load() + random: zero buffer after reading entropy from userspace + random: defer fast pool mixing to worker + random: do crng pre-init loading in worker rather than irq + random: don't let 644 read-only sysctls be written to + random: use SipHash as interrupt entropy accumulator + random: reseed more often immediately after booting + random: check for signal and try earlier when generating entropy + random: treat bootloader trust toggle the same way as cpu trust toggle + random: do not allow user to keep crng key around on stack + random: check for signal_pending() outside of need_resched() check + random: check for signals every PAGE_SIZE chunk of /dev/[u]random + init: call time_init() before rand_initialize() + [ppc64el,s390x] define get_cycles macro for arch-override + timekeeping: Add raw clock fallback for random_get_entropy() + [armel,armhf,mips*] use fallback for random_get_entropy() instead of just c0 random + [x86] tsc: Use fallback for random_get_entropy() instead of zero + random: do not use batches when !crng_ready() + random: do not pretend to handle premature next security model + random: do not use input pool from hard IRQs + random: avoid initializing twice in credit race + random: wire up fops->splice_{read,write}_iter() + random: credit cpu and bootloader seeds by default - crypto: drbg - add FIPS 140-2 CTRNG for noise source - crypto: drbg - always seeded with SP800-90B compliant noise source - crypto: drbg - prepare for more fine-grained tracking of seeding state - crypto: drbg - track whether DRBG was seeded with !rng_is_initialized() - crypto: drbg - move dynamic ->reseed_threshold adjustments to __drbg_seed() - crypto: drbg - always try to free Jitter RNG instance - crypto: drbg - make reseeding from get_random_bytes() synchronous - ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() - [armhf] ASoC: es8328: Fix event generation for deemphasis control - [x86] scsi: vmw_pvscsi: Expand vcpuHint to 16 bits - scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology - scsi: ipr: Fix missing/incorrect resource cleanup in error case - scsi: pmcraid: Fix missing resource cleanup in error case - virtio-mmio: fix missing put_device() when vm_cmdline_parent registration failed - ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg - pNFS: Don't keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE - i40e: Fix adding ADQ filter to TC0 - i40e: Fix call trace in setup_tx_descriptors - [arm64] ftrace: fix branch range checks - [arm64,armhf] irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions - [x86] comedi: vmk80xx: fix expression for tx buffer size - USB: serial: option: add support for Cinterion MV31 with new baseline - USB: serial: io_ti: add Agilent E5805A support - [arm*] usb: dwc2: Fix memory leak in dwc2_hcd_init - serial: 8250: Store to lsr_save_flags after lsr read - ext4: fix bug_on ext4_mb_use_inode_pa - ext4: make variable "count" signed - ext4: add reserved GDT blocks check - virtio-pci: Remove wrong address verification in vp_del_vqs() - net: openvswitch: fix misuse of the cached connection on tuple changes - net: openvswitch: fix leak of nested actions - [s390x] mm: use non-quiescing sske for KVM switch to keyed guest - usb: gadget: u_ether: fix regression in setting fixed MAC address (regression in 4.19.223) - xprtrdma: fix incorrect header size calculations - tcp: Improve source port randomisation (CVE-2022-1012, CVE-2022-32296): + tcp: add some entropy in __inet_hash_connect() + tcp: use different parts of the port_offset for index and offset + tcp: add small random increments to the source port + tcp: dynamically allocate the perturb table used by source ports + tcp: increase source port perturb table to 2^16 + tcp: drop the hash_32() part from the index calculation . [ Salvatore Bonaccorso ] * Bump ABI to 21 * [rt] Update to 4.19.237-rt107 * Refresh "powerpc: Fix -mcpu= options for SPE-only compiler" * [rt] Refresh "buffer_head: Replace bh_uptodate_lock for -rt" * [rt] Update to 4.19.240-rt108 * [rt] Update to 4.19.245-rt109 * [rt] Update to 4.19.246-rt110: - genirq: Add lost hunk to irq_forced_thread_fn(). (regression in 4.19.184-rt75) . [ Ben Hutchings ] * [rt] Drop "random: Make it work on rt", since the upstream version is now RT-aware * random: Enable RANDOM_TRUST_BOOTLOADER. This can be reverted using the kernel parameter: random.trust_bootloader=off * [armhf] Enable KERNEL_MODE_NEON (Closes: #922204) * [armel,armhf] crypto: Enable optimised implementations (see #922204): - Enable ARM_CRYPTO - Enable CRYPTO_SHA1_ARM, CRYPTO_SHA256_ARM, CRYPTO_SHA512_ARM, CRYPTO_AES_ARM as modules - [armhf] Enable SHA1_ARM_NEON, CRYPTO_SHA1_ARM_CE, CRYPTO_SHA2_ARM_CE, CRYPTO_AES_ARM_BS, CRYPTO_AES_ARM_CE, CRYPTO_GHASH_ARM_CE, CRYPTO_CRCT10DIF_ARM_CE, CRYPTO_CRC32_ARM_CE, CRYPTO_CHACHA20_NEON as modules . [ Diederik de Haas ] * net_sched: let qdisc_put() accept NULL pointer (Closes: #1013299) linux-latest (105+deb10u16) buster-security; urgency=medium . * Update to 4.19.0-21 linux-signed-amd64 (4.19.249+2) buster-security; urgency=medium . * Sign kernel from linux 4.19.249-2 . * swiotlb: skip swiotlb_bounce when orig_addr is zero (regression in 4.19.249) linux-signed-arm64 (4.19.249+2) buster-security; urgency=medium . * Sign kernel from linux 4.19.249-2 . * swiotlb: skip swiotlb_bounce when orig_addr is zero (regression in 4.19.249) linux-signed-i386 (4.19.249+2) buster-security; urgency=medium . * Sign kernel from linux 4.19.249-2 . * swiotlb: skip swiotlb_bounce when orig_addr is zero (regression in 4.19.249) llvm-toolchain-13 (1:13.0.1-6~deb10u4) buster; urgency=medium . * Disable libunwind on mips. llvm-toolchain-13 (1:13.0.1-6~deb10u3) buster; urgency=medium . * Disable lldb on mips. llvm-toolchain-13 (1:13.0.1-6~deb10u2) buster; urgency=medium . * Don't build-dep on llvm-spirv, it's not available in buster and having an alternative doesn't work on the buildds. * Add support for mips in various places. llvm-toolchain-13 (1:13.0.1-6~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport to buster. * Don't install libclang grpc proto libs, they are not built in buster. llvm-toolchain-13 (1:13.0.1-5) unstable; urgency=medium . [ John Paul Adrian Glaubitz ] * Enable GRPC build dependency only on supported targets * Exclude lib{Monitoring,RemoteIndex}*Proto.a on m68k and sparc64 . [ Gianfranco Costamagna ] * fix grpc architectures, avoiding to install them where not available * Break/Replaces the Ubuntu library that moved GRPC binaries into the wrong location * newline/tab fix in rules * fix GRPC installation in port architectures * Add patches from Upstream/Ubuntu to: - Backport upstream patches to allow building EFI images for Ubuntu Core for arm64 (LP: #1960300) llvm-toolchain-13 (1:13.0.1-4) unstable; urgency=medium . * Backport D115098 for Rust 1.59 (Closes: #1010150) llvm-toolchain-13 (1:13.0.1-3) unstable; urgency=medium . * Fix a typo in an header (closes: #1005195) . * Also install usr/lib/llvm-@LLVM_VERSION@/lib/libRemoteIndexProto.a usr/lib/llvm-@LLVM_VERSION@/lib/libRemoteIndexServiceProto.a usr/lib/llvm-@LLVM_VERSION@/lib/libMonitoringServiceProto.a in libclang-X.Y-dev (Closes: #1005666) llvm-toolchain-13 (1:13.0.1-2) unstable; urgency=medium . * mlir: use the cmake option to avoid installing object files MLIR_INSTALL_AGGREGATE_OBJECTS Closes upstream #53134 * Build clangd with GRPC support Thanks to Sam McCall for the patch llvm-toolchain-13 (1:13.0.1-1) unstable; urgency=medium . * New stable release llvm-toolchain-13 (1:13.0.1~+rc3-1~exp1) experimental; urgency=medium . [ Samuel Thibault ] * Explicitly link against -latomic on all ports, not only the Linux ones. * Stop hardcoding -DCMAKE_SYSTEM_NAME=Linux as cmake parameter, as it breaks stage2 builds on non-Linux architectures . [ Pino Toscano ] * debian/rules: Disable 64bit runtime build on hurd-i386 (Closes: #1003081). . [ Sylvestre Ledru ] * New rc * Lower the debhelper dep to 10 for debian stretch * Rename ocaml-nox => ocaml-base (Closes: #1002609) * Remove Build-Conflicts: ocaml llvm-toolchain-13 (1:13.0.1~+rc2-1~exp1) experimental; urgency=medium . [ Samuel Thibault ] * Explicitly link against -latomic on all ports, not only the Linux ones. * Stop hardcoding -DCMAKE_SYSTEM_NAME=Linux as cmake parameter, as it breaks stage2 builds on non-Linux architectures . [ Pino Toscano ] * debian/rules: Disable 64bit runtime build on hurd-i386 (Closes: #1003081). . [ Sylvestre Ledru ] * New snapshot release llvm-toolchain-13 (1:13.0.1~+rc1-1~exp4) experimental; urgency=medium . * Fix the cmake file with the mlir introducing llvm-toolchain-13 (1:13.0.1~+rc1-1~exp3) experimental; urgency=medium . * Build and ship MLIR as 3 new packages (libmlir-13-dev, libmlir-13 and mlir-13-toolso * Install bfd plugins in /usr/lib/bfd-plugins/LLVMgold-@LLVM_VERSION@.so llvm-toolchain-13 (1:13.0.1~+rc1-1~exp2) experimental; urgency=medium . * Bring back the dependency clang => llvm-13-linker-tools * Unbreak llvm-toolchain-13 on buster. -fuse-ld=gold wasn't passed to compiler-rt. it was using bfd. And binutils shipping in buster has a bug preventing this to work: https://github.com/llvm/llvm-project/issues/42339 * Remove AVR from LLVM_EXPERIMENTAL_TARGETS_TO_BUILD. stable since 11 https://releases.llvm.org/11.0.0/docs/ReleaseNotes.html#changes-to-the-avr-target * Use the version suffix when calling wasm-ld => wasm-ld-13 https://bugzilla.mozilla.org/show_bug.cgi?id=1747145 * Fix run-clang-tidy symlink. it moved from /usr/lib/llvm-13/share/clang/run-clang-tidy to /usr/lib/llvm-13/bin/run-clang-tidy (Closes: #1001748) * Install LLVMgold in usr/lib/bfd-plugins to help various tools to understand the format (Closes: #919020) llvm-toolchain-13 (1:13.0.1~+rc1-1~exp1) experimental; urgency=medium . * New testing release * Use parallel + -4 for the xz tarballs compression to make it faster * Add manpages for git-clang-format & run-clang-tidy * Add back -DLLVM_VERSION_SUFFIX=. Useless for 13 but necessary for snapshot Otherwise, it adds "git" to the libs llvm-toolchain-13 (1:13.0.0-9) unstable; urgency=medium . * Upload to unstable (all green on exp) * Fix an autopkgtest test (Closes: #997902) llvm-toolchain-13 (1:13.0.0-9~exp2) experimental; urgency=medium . * patch compiler-rt build to add option to disable scudo standalone allocator as it is not always supported by all debian baseline arch profiles * add COMPILER_RT_BUILD_SCUDO_STANDALONE=OFF to armel build in debian/rules since the baseline armv5t arch profile is not supported llvm-toolchain-13 (1:13.0.0-9~exp1) experimental; urgency=medium . * Merge migration to 2stage runtimes build 12 => 13 * Adjust openmp runtime quilt patches from branch 12 for changes in upstream (llvmorg-13.0.0) sources llvm-toolchain-13 (1:13.0.0-8) unstable; urgency=medium . * Disable lldb on mipsel and mips64el as it isn't supported See https://reviews.llvm.org/D102872 (Closes: #997011) llvm-toolchain-13 (1:13.0.0-7) unstable; urgency=medium . * Remove omp-device-info from LLVMExports.cmake (Closes: #996551) For real this time * Fix the link issue (hopefully on all archs) (Closes: #995827) customs LDFLAGS were not passed to the stage2 * Trim trailing whitespace. * Update watch file format version to 4. * Update to compat 11. oldstable has 12 bionic has 11 llvm-toolchain-13 (1:13.0.0-6) unstable; urgency=medium . * Remove omp-device-info from LLVMExports.cmake (Closes: #996551) * Fix a atomic issue. Thanks to YunQiang Su for the patch Partial fix for #995827 * Bring back the llvm manpages (Closes: #995684) Were generated at the wrong place llvm-toolchain-13 (1:13.0.0-5) unstable; urgency=medium . * Restrict the dependency on libunwind-13-dev from Package: libc++-13-dev on amd64 arm64 armhf i386 mips64el ppc64el ppc64 riscv64 (Closes: #996462) llvm-toolchain-13 (1:13.0.0-4) unstable; urgency=medium . * Instead of using llvm-* to install binaries in llvm-X.Y list all the binaries one by one. It will prevent "llvm-omp-device-info" to be installed in llvm-X.Y which caused an explicit dependency on libomp which caused llvm-X.Y to be NOT coinstallable anymore * Move llvm-omp-device-info-X.Y from llvm-X to libompX-dev Fixes upstream #52162 llvm-toolchain-13 (1:13.0.0-3) unstable; urgency=medium . * libc++-13-dev should depends on libunwind-13-dev (Closes: #995810) * Disable a tsan and two lldb tests on i386 llvm-toolchain-13 (1:13.0.0-2) unstable; urgency=medium . * Fix the libclang detection in cmake (Closes: #994827) * Adjust the testsuite after various changes (rpass, libclang, polly lib, etc) llvm-toolchain-13 (1:13.0.0-1) unstable; urgency=medium . * New upstream release llvm-toolchain-13 (1:13.0.0~+rc4-1) unstable; urgency=medium . * New testing release * Ship clang-repl See https://reviews.llvm.org/D106813 * Replace make by ninja for the build process It is now more tested than make by upstream And it is supposed to be faster Removed openmp/bootstrap-with-openmp-version-export-missing.diff as it seems that the ninja move fixed it llvm-toolchain-13 (1:13.0.0~+rc3-1) unstable; urgency=medium . * New testing release * Remove debian/patches/disable-no-omit-leaf.diff as it is fixed upstream llvm-toolchain-13 (1:13.0.0~+rc2-3) unstable; urgency=medium . * compiler-rt scudo, don't add the option -mno-omit-leaf-frame-pointer when building on armel & armhf llvm-toolchain-13 (1:13.0.0~+rc2-2) unstable; urgency=medium . * Build with -DCMAKE_POSITION_INDEPENDENT_CODE=ON to libc++ and libc++abi * The changes from 12.0.1-7 . [ John Paul Adrian Glaubitz ] * Disable libunwind-X.Y{-dev} packages on sparc and sparc64 llvm-toolchain-13 (1:13.0.0~+rc2-1) unstable; urgency=medium . [ John Paul Adrian Glaubitz ] * Disable libunwind on m68k, sparc64 and x32 . [ Gianfranco Costamagna ] * integration-test-suite-test: fix build by using 13 as default version . [ Sylvestre Ledru ] * New testing release llvm-toolchain-13 (1:13.0.0~+rc1-2) unstable; urgency=medium . * clang-soname-extract-version.diff: improve the upstream declaration * Fix the libclang links llvm-toolchain-13 (1:13.0.0~+rc1-1~exp1) unstable; urgency=medium . * New snapshot release llvm-toolchain-13 (1:13~++20210731010128+6eaf46beb462-1~exp1) experimental; urgency=medium . * Branching of snapshot into 13 * Adjust libclang: - upstream decided to make it stable starting from 13, with the soname - for now, I am not planning to rename libclang1-13 to libclang13 as it will cause too much churn for a small gain as we will keep libllvm (while losing the capability to have different versions in parallel installed) lrzip (0.631+git180528-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Security updates: Two issues that allow remote attackers to cause a denial of service via a crafted lrz file: - CVE-2018-5786: Resolve a potential infinite loop and application hang in the get_fileinfo function. - CVE-2021-27345: Resolve a null pointer dereference. * CVE-2021-27347: Resolve a use after free. - CVE-2020-25467: Resolve a null pointer dereference. - CVE-2022-26291: Resolve a multiple concurrency use-after-free. A memory corruption issue: - CVE-2022-28044: Resolve a potential heap corruption. mat2 (0.8.0-3+deb10u1) buster-security; urgency=medium . * CVE-2022-35410 minidlna (1.2.1+dfsg-2+deb10u3) buster; urgency=medium . * Non-maintainer upload. * CVE-2022-26505 Validate HTTP requests to protect against DNS rebinding, thus forbid a remote web server to exfiltrate media files. (Closes: #1006798) mokutil (0.6.0-2~deb10u1) buster; urgency=medium . * Rebuild new upstream for buster, to allow for SBAT management + Move to new upstream version 0.6.0. + Drop old patches, no longer needed. + Switch to Arch: any to allow for more architectures. Closes: #987613, #991933. + Clean up old tweaks in debian/rules, no longer needed. + Add build-dep on libkeyutils-dev, new dependency. mokutil (0.6.0-1) unstable; urgency=medium . * Move to new upstream version 0.6.0. + Drop old patches, no longer needed. * Switch to Arch: any to allow for more architectures. Closes: #987613, #991933. * Clean up old tweaks in debian/rules, no longer needed. * Add build-dep on libkeyutils-dev, new dependency. * Bump Standards-Version to 4.6.1, no changes needed. mokutil (0.4.0-1) unstable; urgency=medium . * Take mokutil under the wing of efi-team. Thanks to Simon for his work previously, added him as an uploader * Import the upstream source * Move to new upstream version 0.4.0. Closes: #925223 + Includes manpage fixes. Closes: #930759 * Fix compiler warnings about potential unaligned pointers * Update packaging: + Raise debhelper-compat to 13 + Raise Standards-Version to 4.5.1 + Remove now-redundant build-dep on dh-autoreconf mutt (1.10.1-2.1+deb10u6) buster; urgency=medium . * Non-maintainer upload. * Fix uudecode buffer overflow (CVE-2022-1328) (Closes: #1009734) needrestart (3.4-5+deb10u1) buster-security; urgency=high . * Add patch 08-anchor-interp-re to fix not anchored regular expressions. This fixes CVE-2022-30688. node-ejs (2.5.7-1+deb10u1) buster; urgency=medium . * Team upload * Sanitize options and new objects (Closes: #1010359, CVE-2022-29078) node-end-of-stream (1.4.1-1+deb10u1) buster; urgency=medium . * Team upload * Workaround test bug (Closes: #987530) node-minimist (1.2.0-1+deb10u2) buster; urgency=medium . * Fix prototype pollution (Closes: CVE-2021-44906) node-node-forge (0.8.1~dfsg-1+deb10u1) buster; urgency=medium . * Team upload * Fix signature verification (Closes: CVE-2022-24771, CVE-2022-24772, CVE-2022-24773) node-require-from-string (2.0.1-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Fix test for nodejs >= 10.16 (Closes: #988103) ntfs-3g (1:2017.3.23AR.3-3+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix multiple issues (Closes: #1011770) - Used a default usn when the former one cannot be retrieved (CVE-2022-30788) - Made sure there is no null character in an attribute name (CVE-2022-30786) - Avoided allocating and reading an attribute beyond its full size (CVE-2022-30784) - Made sure the client log data does not overflow from restart page (CVE-2022-30789) - Made sure there is no null character in an attribute name (bis) (CVE-2022-30786) - Fixed possible out-of-buffer condition in ntfsck (CVE-2021-46790) - Fixed operation on little endian data (CVE-2022-30788) - Returned an error code when the --help or --version options are used (CVE-2022-30783) - Hardened the checking of directory offset requested by a readdir (CVE-2022-30785, CVE-2022-30787) nvidia-graphics-drivers (418.226.00-3) buster; urgency=medium . * The Tesla 418 driver series has been declared as End-of-Life by NVIDIA. No further updates fixing security issues, critical bugs, or adding support for new Xorg or Linux releases will be issued. https://docs.nvidia.com/datacenter/tesla/drivers/ . * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore (470.57.02-3). * bug-script: Show the nvidia and glx alternatives (470.82.00-1). * nvidia-alternative: libnvidia-cfg.so.1 on its own is not sufficient to activate a nvidia alternative (470.82.00-1). (Closes: #996595) * Fix bashisms in upstream scripts (470.82.00-1). * libegl1-mesa is a transitional package since buster (470.82.00-1). * nvidia-kernel-support: Provide /etc/modprobe.d/nvidia-options.conf as a template taking into account the module renaming. This is a slave alternative of the nvidia alternative (470.86-1). (Closes: #999670) * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt kernels, not supported upstream (510.54-1). * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1). * Update lintian overrides. * Bump Standards-Version to 4.6.1. No changes needed. * Upload to buster. . nvidia-graphics-drivers (418.226.00-2) UNRELEASED; urgency=medium . * Backport stdarg.h and stddef.h changes from 495.44 to fix kernel module build for Linux 5.16. * Backport pde_data changes from 470.103.01 to fix kernel module build for Linux 5.17. . nvidia-graphics-drivers (418.226.00-1) UNRELEASED; urgency=medium . * New upstream Tesla release 418.226.00 (2021-10-26). . nvidia-graphics-drivers (418.211.00-2) UNRELEASED; urgency=medium . * Backport drm_device_has_pdev and set_current_state changes from 470.63.01 to fix kernel module build for Linux 5.14. nvidia-graphics-drivers-legacy-390xx (390.154-1~deb10u1) buster; urgency=medium . * Rebuild for buster. . nvidia-graphics-drivers-legacy-390xx (390.154-1) unstable; urgency=medium . * New upstream legacy branch release 390.154 (2022-08-02). * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016616) https://nvidia.custhelp.com/app/answers/detail/a_id/5383 * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Refresh patches. * Minor packaging sync and cleanup (470.129.06-6). * Drop references to kernel-package and make-kpkg, gone since stretch (470.141.03-1). * Overhaul build-module-packages.sh (470.141.03-1). * Add module-assistant based autopkgtest for the *-source package (470.141.03-1). * Simplify changelog management for the *-source package (470.141.03-1). * Copy the Source stanza from d/control to the module control file (470.141.03-1). * Update lintian overrides. . nvidia-graphics-drivers-legacy-390xx (390.151-2) unstable; urgency=medium . * Backport pci/dma changes from 470.129.06 to fix kernel module build for Linux 5.18. (Closes: #1012700, #1012618) * Update lintian overrides. nvidia-graphics-drivers-legacy-390xx (390.151-2) unstable; urgency=medium . * Backport pci/dma changes from 470.129.06 to fix kernel module build for Linux 5.18. (Closes: #1012700, #1012618) * Switch to B-D: dh-dkms. * Update lintian overrides. nvidia-graphics-drivers-legacy-390xx (390.151-1) unstable; urgency=medium . * New upstream legacy branch release 390.151 (2022-05-16). * Fixed CVE-2022-28181, CVE-2022-28185. (Closes: #1011142, #1004849) https://nvidia.custhelp.com/app/answers/detail/a_id/5353 - Fixed a bug which prevented kernel modules linked from precompiled kernel interface object files from being loaded on recent Linux kernels. This affected custom packages which were prepared with nvidia-installer's --add-this-kernel option, for example. - Fixed a driver installation failure on Linux kernel 5.17 release candidates, where the NVIDIA kernel module failed to build with error "implicit declaration of function 'PDE'". . [ Andreas Beckmann ] * Refresh patches. * Work around architecture misdetection when building the kernel modules in an armhf environment on an arm64 host. (Closes: #1010230) * Bump Standards-Version to 4.6.1. No changes needed. nvidia-graphics-drivers-legacy-390xx (390.151-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-graphics-drivers-legacy-390xx (390.151-1) unstable; urgency=medium . * New upstream legacy branch release 390.151 (2022-05-16). * Fixed CVE-2022-28181, CVE-2022-28185. (Closes: #1011142, #1004849) https://nvidia.custhelp.com/app/answers/detail/a_id/5353 - Fixed a bug which prevented kernel modules linked from precompiled kernel interface object files from being loaded on recent Linux kernels. This affected custom packages which were prepared with nvidia-installer's --add-this-kernel option, for example. - Fixed a driver installation failure on Linux kernel 5.17 release candidates, where the NVIDIA kernel module failed to build with error "implicit declaration of function 'PDE'". . [ Andreas Beckmann ] * Refresh patches. * Work around architecture misdetection when building the kernel modules in an armhf environment on an arm64 host. (Closes: #1010230) * Bump Standards-Version to 4.6.1. No changes needed. . nvidia-graphics-drivers-legacy-390xx (390.147-4) unstable; urgency=medium . * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt kernels, not supported upstream (510.54-1). * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1). . nvidia-graphics-drivers-legacy-390xx (390.147-3) unstable; urgency=medium . * Fix incomplete backport of pde_data changes from 470.103.01. (Closes: #1005909) . nvidia-graphics-drivers-legacy-390xx (390.147-2) unstable; urgency=medium . * Add xorg-video-abi-25 (Xorg Xserver 21) as alternative dependency. (Closes: #1005804) * Backport pde_data changes from 470.103.01 to fix kernel module build for Linux 5.17. . nvidia-graphics-drivers-legacy-390xx (390.147-1) unstable; urgency=medium . * New upstream legacy branch release 390.147 (2021-12-16). - Worked around a bug in Meson builds of libglvnd 1.3.0 that caused the nvidia_icd.json file to be installed in the wrong location. * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Refresh patches. * bug-script: Show the nvidia and glx alternatives (470.82.00-1). * nvidia-legacy-390xx-alternative: libnvidia-cfg.so.1 on its own is not sufficient to activate a nvidia alternative (470.82.00-1). (Closes: #996595) * Fix bashisms in upstream scripts (470.82.00-1). * libegl1-mesa is a transitional package since buster (470.82.00-1). * nvidia-legacy-390xx-kernel-support: Provide /etc/modprobe.d/nvidia-options.conf as a template taking into account the module renaming. This is a slave alternative of the nvidia alternative (470.86-1). (Closes: #999670) * Update lintian overrides. . nvidia-graphics-drivers-legacy-390xx (390.144-2) unstable; urgency=medium . * Backport drm_device_has_pdev and set_current_state changes from 470.63.01 to fix kernel module build for Linux 5.14. (Closes: #994814) * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore (470.57.02-3). (Closes: #992057) * Bump Standards-Version to 4.6.0. No changes needed. . nvidia-graphics-drivers-legacy-390xx (390.144-1~deb10u1) buster; urgency=medium . * Rebuild for buster. nvidia-graphics-drivers-legacy-390xx (390.151-1~deb10u1) buster; urgency=medium . * Rebuild for buster. . nvidia-graphics-drivers-legacy-390xx (390.151-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-graphics-drivers-legacy-390xx (390.151-1) unstable; urgency=medium . * New upstream legacy branch release 390.151 (2022-05-16). * Fixed CVE-2022-28181, CVE-2022-28185. (Closes: #1011142, #1004849) https://nvidia.custhelp.com/app/answers/detail/a_id/5353 - Fixed a bug which prevented kernel modules linked from precompiled kernel interface object files from being loaded on recent Linux kernels. This affected custom packages which were prepared with nvidia-installer's --add-this-kernel option, for example. - Fixed a driver installation failure on Linux kernel 5.17 release candidates, where the NVIDIA kernel module failed to build with error "implicit declaration of function 'PDE'". . [ Andreas Beckmann ] * Refresh patches. * Work around architecture misdetection when building the kernel modules in an armhf environment on an arm64 host. (Closes: #1010230) * Bump Standards-Version to 4.6.1. No changes needed. . nvidia-graphics-drivers-legacy-390xx (390.147-4) unstable; urgency=medium . * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt kernels, not supported upstream (510.54-1). * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1). . nvidia-graphics-drivers-legacy-390xx (390.147-3) unstable; urgency=medium . * Fix incomplete backport of pde_data changes from 470.103.01. (Closes: #1005909) . nvidia-graphics-drivers-legacy-390xx (390.147-2) unstable; urgency=medium . * Add xorg-video-abi-25 (Xorg Xserver 21) as alternative dependency. (Closes: #1005804) * Backport pde_data changes from 470.103.01 to fix kernel module build for Linux 5.17. . nvidia-graphics-drivers-legacy-390xx (390.147-1) unstable; urgency=medium . * New upstream legacy branch release 390.147 (2021-12-16). - Worked around a bug in Meson builds of libglvnd 1.3.0 that caused the nvidia_icd.json file to be installed in the wrong location. * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Refresh patches. * bug-script: Show the nvidia and glx alternatives (470.82.00-1). * nvidia-legacy-390xx-alternative: libnvidia-cfg.so.1 on its own is not sufficient to activate a nvidia alternative (470.82.00-1). (Closes: #996595) * Fix bashisms in upstream scripts (470.82.00-1). * libegl1-mesa is a transitional package since buster (470.82.00-1). * nvidia-legacy-390xx-kernel-support: Provide /etc/modprobe.d/nvidia-options.conf as a template taking into account the module renaming. This is a slave alternative of the nvidia alternative (470.86-1). (Closes: #999670) * Update lintian overrides. . nvidia-graphics-drivers-legacy-390xx (390.144-2) unstable; urgency=medium . * Backport drm_device_has_pdev and set_current_state changes from 470.63.01 to fix kernel module build for Linux 5.14. (Closes: #994814) * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore (470.57.02-3). (Closes: #992057) * Bump Standards-Version to 4.6.0. No changes needed. nvidia-graphics-drivers-legacy-390xx (390.147-4) unstable; urgency=medium . * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt kernels, not supported upstream (510.54-1). * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1). nvidia-graphics-drivers-legacy-390xx (390.147-3) unstable; urgency=medium . * Fix incomplete backport of pde_data changes from 510.39.01. nvidia-graphics-drivers-legacy-390xx (390.147-2) unstable; urgency=medium . * Add xorg-video-abi-25 (Xorg Xserver 21) as alternative dependency. (Closes: #1005804) * Backport pde_data changes from 510.39.01 to fix kernel module build for Linux 5.17. nvidia-graphics-drivers-legacy-390xx (390.147-1) unstable; urgency=medium . * New upstream legacy branch release 390.147 (2021-12-16). - Worked around a bug in Meson builds of libglvnd 1.3.0 that caused the nvidia_icd.json file to be installed in the wrong location. * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Refresh patches. * bug-script: Show the nvidia and glx alternatives (470.82.00-1). * nvidia-legacy-390xx-alternative: libnvidia-cfg.so.1 on its own is not sufficient to activate a nvidia alternative (470.82.00-1). * Fix bashisms in upstream scripts (470.82.00-1). * libegl1-mesa is a transitional package since buster (470.82.00-1). * nvidia-kernel-support: Provide /etc/modprobe.d/nvidia-options.conf as a template taking into account the module renaming. This is a slave alternative of the nvidia alternative (470.86-1). (Closes: #999670) * Update lintian overrides. nvidia-graphics-drivers-legacy-390xx (390.147-1~bpo11+1) bullseye-backports; urgency=medium . * Rebuild for bullseye-backports. . nvidia-graphics-drivers-legacy-390xx (390.147-1) unstable; urgency=medium . * New upstream legacy branch release 390.147 (2021-12-16). - Worked around a bug in Meson builds of libglvnd 1.3.0 that caused the nvidia_icd.json file to be installed in the wrong location. * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Refresh patches. * bug-script: Show the nvidia and glx alternatives (470.82.00-1). * nvidia-legacy-390xx-alternative: libnvidia-cfg.so.1 on its own is not sufficient to activate a nvidia alternative (470.82.00-1). (Closes: #996595) * Fix bashisms in upstream scripts (470.82.00-1). * libegl1-mesa is a transitional package since buster (470.82.00-1). * nvidia-kernel-support: Provide /etc/modprobe.d/nvidia-options.conf as a template taking into account the module renaming. This is a slave alternative of the nvidia alternative (470.86-1). (Closes: #999670) * Update lintian overrides. . nvidia-graphics-drivers-legacy-390xx (390.144-2) unstable; urgency=medium . * Backport drm_device_has_pdev and set_current_state changes from 470.63.01 to fix kernel module build for Linux 5.14. (Closes: #994814) * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore (470.57.02-3). (Closes: #992057) * Bump Standards-Version to 4.6.0. No changes needed. . nvidia-graphics-drivers-legacy-390xx (390.144-1~deb10u1) buster; urgency=medium . * Rebuild for buster. nvidia-graphics-drivers-legacy-390xx (390.144-2) unstable; urgency=medium . * Backport drm_device_has_pdev and set_current_state changes from 470.63.01 to fix kernel module build for Linux 5.14. * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore (470.57.02-3). (Closes: #992057) * Bump Standards-Version to 4.6.0. No changes needed. nvidia-graphics-drivers-legacy-390xx (390.144-1) unstable; urgency=medium . * New upstream legacy branch release 390.144 (2021-07-20). * Fixed CVE-2021-1093, CVE-2021-1094, CVE-2021-1095. (Closes: #991353) https://nvidia.custhelp.com/app/answers/detail/a_id/5211 - Worked around a bug in Meson builds of libglvnd 1.3.0 that caused the nvidia_icd.json file to be installed in the wrong location. . [ Andreas Beckmann ] * Refresh patches. * nvidia-legacy-390xx-driver-libs: Add Recommends: libnvidia-encode1 (470.42.01-1). (Closes: #989885) * debian/gen-control.pl: Support substitutions in the Vcs-Git field (470.57.02-1). * Compute and substitute the Git branch instead of hardcoding it (470.57.02-1). octavia (3.0.0-3+deb10u1) buster; urgency=medium . * Fix octavia-agent binary in init/service file, fix the startup. * Add Fix-osutils.py-to-detect-Debian.patch. * CVE-2019-17134: Client certificates aren't checked properly in the Amphora. Applied upstream patch (Closes: #941897): - Add CVE-2019-17134_Fix_urgent_amphora_two-way_auth_security_bug.patch. * Add Fix_template_that_generates_vrrp_check_script.patch. * Add in the agent, so it's not needed to configure in the image: - /var/lib/octavia/haproxy-default-user-group.conf - /etc/modules-load.d/octavia-agent.conf - /var/lib/octavia/ping-wrapper.sh - /etc/sysctl.d/octavia-agent-sysctl.conf * Add a bunch of runtime dependencies in octavia-agent, so that we don't need to add it when building the image. openjdk-11 (11.0.16+8-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster openjdk-11 (11.0.15+10-1) unstable; urgency=high . * OpenJDK 11.0.15+10 build (release). * Security fixes - JDK-8269938: Enhance XML processing passes redux. - JDK-8270504, CVE-2022-21426: Better XPath expression handling. - JDK-8272255: Completely handle MIDI files. - JDK-8272261: Improve JFR recording file processing. - JDK-8272594: Better record of recordings. - JDK-8274221: More definite BER encodings. - JDK-8275082, JDK-8278008, CVE-2022-21476: Update XML Security for Java to 2.3.0. - JDK-8275151, CVE-2022-21443: Improved Object Identification. - JDK-8277227: Better identification of OIDs. - JDK-8277672, CVE-2022-21434: Better invocation handler handling. - JDK-8278356: Improve file creation. - JDK-8278449: Improve keychain support. - JDK-8278798: Improve supported intrinsic. - JDK-8278805: Enhance BMP image loading. - JDK-8278972, CVE-2022-21496: Improve URL supports. - JDK-8281388: Change wrapping of EncryptedPrivateKeyInfo. * Refresh patches. openjdk-11 (11.0.15+10-1~deb11u1) bullseye-security; urgency=medium . * Rebuild for bullseye openjdk-11 (11.0.15+10-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster openjdk-11 (11.0.14.1+1-1) unstable; urgency=medium . * OpenJDK 11.0.14.1+1 build (release). - Fix JDK-8218546. LP: #1966338. openjdk-11 (11.0.14+9-1) unstable; urgency=high . * OpenJDK 11.0.14+9 build (release). openjdk-11 (11.0.14+9-1~deb11u1) bullseye-security; urgency=medium . * Rebuild for bullseye openldap (2.4.47+dfsg-3+deb10u7) buster-security; urgency=high . * Fix SQL injection in back-sql (ITS#9815) (CVE-2022-29155) openssl (1.1.1n-0+deb10u3) buster-security; urgency=medium . * CVE-2022-2068 (The c_rehash script allows command injection). * Update expired certs. openssl (1.1.1n-0+deb10u2) buster-security; urgency=medium . * CVE-2022-1292 (The c_rehash script allows command injection). openvswitch (2.10.7+ds1-0+deb10u1) buster-security; urgency=medium . * New upstream point release: - Addresses CVE-2020-35498: denial of service attacks, in which crafted network packets could cause the packet lookup to ignore network header fields from layers 3 and 4. The crafted network packet is an ordinary IPv4 or IPv6 packet with Ethernet padding length above 255 bytes. This causes the packet sanity check to abort parsing header fields after layer 2 (Closes: #982493). openvswitch (2.10.6+ds1-0+deb10u1) buster-security; urgency=high . * New upstream point release: - Addresses CVE-2020-27827: denial of service attacks using crafted LLDP packets. (Closes: #980132). - Addresses CVE-2015-8011: Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries. * Refreshed patches. openvswitch (2.10.0+2018.08.28+git.8ca7c82b7d+ds1-13) unstable; urgency=medium . * Some fixups in debian/ifupdown.sh to allow setting-up the MTU. * Document how to do Bond + Bridge + VLAN + MTU. * Correct dependency on python3-six instead of python-six (Closes: #931104). orca (3.30.1-2) buster; urgency=high . * debian/patches/git-webkitgtk1: Fix screen reading of webkitgtk 2.36 which changed its toolkit name * debian/patches/git-webkitgtk2: Fix screen reading of webkitgtk 2.36 which doesn't implement Collection any more. pacemaker (2.0.1-5+deb10u2) buster; urgency=medium . [ Andreas Beckmann ] * [b55ccb2] pacemaker-resource-agents: Bump Breaks+Replaces: pacemaker to (<< 2) A new upstream release introduced as security update 1.1.24-0+deb9u1 in stretch added the new file /usr/lib/ocf/resource.d/pacemaker/ifspeed to pacemaker, while it resides in pacemaker-resource-agents in buster. (Closes: #985173) * [ff20fc2] libpe-status28/libpengine27: Add Breaks against libpe-status10 and libpengine10 (>= 1.1.24) The version in stretch-security shipped libraries with SOVERSION 16 instead of 10. (See: #981088) pglogical (2.2.1-4+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Add upstream hack to fix FTBFS with the export of AcquireDeletionLock. (Closes: #962423) php-guzzlehttp-psr7 (1.4.2-0.1+deb10u1) buster; urgency=medium . * Track Buster * Backport fixes for improper header parsing [CVE-2022-24775] (Closes: #1008236) postfix (3.4.23-0+deb10u1) buster; urgency=medium . [Scott Kitterman] . * Refresh patches * Update d/p/70_postfix-check.diff to exclude makedefs.out from synlink check. Closes: #926331 * Do not override user set default_transport in postinst. Closes: #988538 * Add information about keeping resolv.conf up to date in the chroot with the resolvconf package. Closes: #964762 . [Sergio Gelato] . * Correct if-up.d to not error out if postfix can't send mail yet. Closes: #959864 . [Paride Legovini] . * d/postfix.postinst: tolerate search domain with a leading dot. Closes: #991950 . [Wietse Venema] . * 3.4.15 - Bugfix (introduced: Postfix 3.0): minor memory leaks in the Postfix TLS library, found during tests. File: tls/tls_misc.c. . - Bugfix (introduced: Postfix 3.0): 4kbyte per session memory leak in the Postfix TLS library, found during tests. File: tls/tls_misc.c. . - Workaround for distros that override Postfix protocol settings in a system-wide OpenSSL configuration file, causing interoperability problems after an OS update. File: tls/tls_client.c, tls/tls_server.c. . * 3.4.16 - Bugfix (introduced: Postfix 3.4.15): part of a memory leak fix was backported to the wrong place. File: tls/tls_misc.c. . - The Postfix 3.4.15 workaround did not explictly override the system-wide OpenSSL configuration of allowed TLS protocol versions, for sessions where the remote SMTP client sends SNI. It's better to be safe than sorry. File: tls/tls_server.c. . * 3.4.17 - Bugfix (introduced: Postfix 3.4, already fixed in Postfix 3.6): tlsproxy(8) was using the wrong DANE macro for connections with DANE trust anchors or with non-DANE trust anchors (WTF: Thorsten Habich found this bug in the use case that has nothing to do with DANE). This resulted in a global certificate verify function pointer race, between TLS handshakes that use TLS trust achors and handshakes that use PKI. No memory was corrupted in the course of all this. Viktor Dukhovni. File: tlsproxy/tlsproxy.c. . - Cleanup: the posttls-finger '-X' option reported a false conflict with '-r'. File: posttls-finger/posttls-finger.c. . * 3.4.18 - Bugfix (introduced: Postfix 2.0): smtp_sasl_mechanism_filter ignored table lookup errors, treating them as 'not found'. Found during Postfix 3.6 development. File: smtp/smtp_sasl_proto.c. . - Bugfix (introduced: Postfix 2.3): when deleting a recipient with a milter, delete the recipient from the duplicate filter, so that the recipient can be added back. Backported from Postfix 3.6. Files: global/been_here.[hc], cleanup/cleanup_milter.c. . - Bugfix (introduced: before Postfix alpha): the code that looks for Delivered-To: headers ignored headers longer than $line_length_limit. Backported from Postfix 3.6. File: global/delivered_hdr.c. . - Bugfix (introduced: Postfix 2.8): save a copy of the postscreen_dnsbl_reply_map lookup result. This has no effect when the recommended texthash: look table is used, but it may avoid stale data with other lookup tables. File: postscreen/postscreen_dnsbl.c. . - Bugfix (introduced: Postfix 2.2): after processing an XCCLIENT command, the smtps service was waiting for a TLS handshake. Found by Aki Tuomi. File: smtpd/smtpd.c. . - Bugfix (introduced: Postfix 2.3): static maps did not free their casefolding buffer. File: util/dict_static.c. . * 3.4.19 - Feature: when a Postfix program makes a DNS query that requests DNSSEC validation (usually for Postfix DANE support) but the DNS response is not DNSSEC validated, Postfix will send a DNS query configured with the "dnssec_probe" parameter to determine if DNSSEC support is available, and logs a warning if it is not. By default, the probe has type "ns" and domain name ".". The probe is sent once per process lifetime. Files: dns/dns.h, dns/dns_lookup.c, dns/dns_sec.c, test_dns_lookup.c, global/mail_params.[hc], mantools/postlink. . - The default "smtp_tls_dane_insecure_mx_policy = dane" was causing unnecessary dnssec_probe activity. The default is now "dane" when smtp_tls_security_level is "dane", otherwise it is "may". File: global/mail_params.h. . * 3.4.20 - Missing null pointer checks (introduced: Postfix 3.4) after an internal I/O error during the smtp(8) to tlsproxy(8) handshake. Found by Coverity, reported by Jaroslav Skarvada. Based on fix by Viktor Dukhovni. File: tls/tls_proxy_client_scan.c. . - Null pointer bug (introduced: Postfix 3.0) and memory leak (introduced: Postfix 3.4) after an inline: table syntax error in main.cf or master.cf. Found by Coverity, reported by Jaroslav Skarvada. Based on fix by Viktor Dukhovni. File: util/dict_inline.c. . - Incomplete null pointer check (introduced: Postfix 2.10) after truncated HaProxy version 1 handshake message. Found by Coverity, reported by Jaroslav Skarvada. Fix by Viktor Dukhovni. File: global/haproxy_srvr.c. . - Missing null pointer check (introduced: Postfix alpha) after null argv[0] value. File: global/mail_task.c. . * 3.4.21 - Bugfix (introduced: Postfix 2.11): the command "postmap lmdb:/file/name" handled duplicate keys ungracefully, discarding entries stored up to and including the duplicate key, and causing a double free() call with lmdb versions 0.9.17 and later. Reported by Adi Prasaja; double free() root cause analysis by Howard Chu. File: util/slmdb.c. . - Typo (introduced: Postfix 3.4): silent_discard should be silent-discard. File: proto/BDAT_README.html. . - Support for Postfix 3.6 compatibility_level syntax, to avoid fatal runtime errors when rolling back from Postfix 3.6 to an earlier supported version, or when sharing Postfix 3.6 configuration files with an earlier supported Postfix version. File: global/mail_params.c. . * 3.4.22 - Bugfix (introduced: Postfix 3.4): the texthash: map implementation did not support "postmap -F" behavior. Reported by Christopher Gurnee, who also found the missing code in the postmap source. File: util/dict_thash.c. . - Bugfix (introduced: 1999, Postfix 2.11) latent false "Result too large" (ERANGE) errors because an strtol() call had no 'errno = 0' statement before the call. Back-ported from Postfix 3.6. Files: postscreen/postscreen_tests.c, util/mac_expand.c. . - Bugfix (introduced: Postfix 3.3): "null pointer read" error in the cleanup daemon when "header_from_format = standard" (the default as of Postfix 3.3) and email was submitted with /usr/sbin/sendmail without From: header, and an all-space full name was specified in 1) the password file, 2) with "sendmail -F", or 3) with the NAME environment variable. Found by Renaud Metrich. File: cleanup/cleanup_message.c. (Closes: #968057) . - Bugfix (introduced: 1999): the Postfix SMTP server was sending all session transcripts to the error_notice_recipient, instead of sending transcripts of bounced mail to the bounce_notice_recipient. File: smtpd/smtpd_chat.c. . - Bugfix (introduced: Postfix 2.4): false "too many reverse jump" warnings in the showq daemon. The loop detection code was comparing memory addresses instead of queue file names. It now properly compares strings. Reported by Mehmet Avcioglu. File: global/record.c. . * 3.4.23 - Bitrot: OpenSSL 3.x requires const. File: tls/tls_misc.c. . - Bugfix (bug introduced: Postfix 2.10): postconf -x produced incorrect output, because different functions were implicitly sharing a buffer for intermediate results. Reported by raf, root cause analysis by Viktor Dukhovni. File: postconf/postconf_builtin.c. . - Bugfix (problem introduced: Postfix 2.11): check_ccert_access worked as expected, but produced a spurious warning when Postfix was built without SASL support. Fix by Brad Barden. File: smtpd/smtpd_check.c. . - Bugfix (introduced: Postfix 2.4): queue file corruption after a Milter (for example, MIMEDefang) made a request to replace the message body with a copy of that message body plus additional text (for example, a SpamAssassin report). . The most likely impacts were a) the queue manager reporting a fatal error resulting in email delivery delays, or b) the queue manager reporting the corruption and moving the message to the corrupt queue for damaged messages. . However, a determined adversary could craft an email message that would trigger the bug, and insert a content filter destination or a redirect email address into its queue file. Postfix would then deliver the message headers there, in most cases without delivering the message body. With enough experimentation, an attacker could make Postfix deliver both the message headers and body. . The details of a successful attack depend on the Milter implementation, and on the Postfix and Milter configuration details; these can be determined remotely through experimentation. Failed experiments may be detected when the queue manager terminates with a fatal error, or when the queue manager moves damaged files to the "corrupt" queue as evidence. . Technical details: when Postfix executes a "replace body" Milter request it will reuse queue file storage that was used by the existing email message body. If the new body is larger, Postfix will append body content to the end of the queue file. The corruption happened when a Milter (for example, MIMEDefang) made a request to replace the body of a message with a new body that contained a copy of the original body plus some new text, and the original body contained a line longer than $line_length_limit bytes (for example, an image encoded in base64 without hard or soft line breaks). In queue files, Postfix stores a long text line as multiple records with up to $line_length_limit bytes each. Unfortunately, Postfix's "replace body" support did not account for the additional queue file space needed to store the second etc. record headers. And thus, the last record(s) of a long text line could overwrite one or more queue file records immediately after the space that was previously occupied by the original message body. . Problem report by Benoît Panizzon. . * Fix duplicate bounce_notice_recipient entries in postconf output. Closes: #999694 . [Andreas Hasenack] . * Fix autopkgtest so it works and uses python3 postgresql-11 (11.16-0+deb10u1) buster-security; urgency=medium . * New upstream release. . * Confine additional operations within security restricted operation sandboxes (Sergey Shinderuk, Noah Misch) . Autovacuum, CLUSTER, CREATE INDEX, REINDEX, REFRESH MATERIALIZED VIEW, and pg_amcheck activated the security restricted operation protection mechanism too late, or even not at all in some code paths. A user having permission to create non-temporary objects within a database could define an object that would execute arbitrary SQL code with superuser permissions the next time that autovacuum processed the object, or that some superuser ran one of the affected commands against it. . The PostgreSQL Project thanks Alexander Lakhin for reporting this problem. (CVE-2022-1552) postgresql-common (200+deb10u5) buster; urgency=medium . * pg_virtualenv: Write temporary password file before chowning the file. (Closes: #933569) * t/135_pg_virtualenv.t: Import test from master. postsrsd (1.5-2+deb10u2) buster; urgency=medium . * Fix CVE-2021-35525: potential DoS when Postfix sends certain long data fields such as multiple concatenated email addresses. Fix backported from upstream commit 077be98d8c8. (Closes: #990439) procmail (3.22-26+deb10u1) buster; urgency=medium . * Fix NULL pointer dereference. Closes: #769938. Reported by Jakub Wilk using American Fuzzy Lop. Patch from Stephen R. van den Berg. publicsuffix (20220811.1734-0+deb10u1) buster; urgency=medium . * new upstream publicsuffix data publicsuffix (20220614.1839-1) unstable; urgency=medium . * new upstream version publicsuffix (20211207.1025-1) unstable; urgency=medium . * new upstream version publicsuffix (20211207.1025-0+deb11u1) bullseye; urgency=medium . * new upstream publicsuffix data publicsuffix (20211109.1735-1) unstable; urgency=medium . * new upstream version publicsuffix (20211109.1735-0+deb11u1) bullseye; urgency=medium . * new upstream publicsuffix data python-bottle (0.12.15-2+deb10u2) buster-security; urgency=medium . * CVE-2022-31799 python-keystoneauth1 (3.10.0-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Add upstream fix to make tests pass in 2020. (Closes: #950041) python-scrapy (1.5.1-1+deb10u1) buster; urgency=medium . * Team upload. * Security fix for CVE-2021-41125: Don't send authentication data with all requests. Provide a http_auth_domain spider attribute to control which domains are allowed to receive the configured HTTP authentication credentials. * Security fix CVE-2022-0577: Don't expose cookies cross-domain when redirected. (Closes: #1008234) python-udatetime (0.0.16-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport upstream patch to fix failing test (Closes: #953539) * Patch udatetime to properly link against libm library. Thanks to Aurelien Jarno for the patch (Closes: #954305) qtbase-opensource-src (5.11.3+dfsg1-1+deb10u5) buster; urgency=medium . * Backport two upstream commits to fix setTabOrder for compound widgets (closes: #1001082). * Backport upstream patch to add an expansion limit for XML entities (CVE-2015-9541, closes: #951066). request-tracker4 (4.4.3-2+deb10u2) buster-security; urgency=medium . * Apply upstream patch which fixes several security vulnerabilities. - A cross-site scripting (XSS) issue when displaying attachment content with fraudulent content types. This vulnerability is assigned CVE-2022-25802. - Not performing full rights checks on access to file or image type custom fields, possibly allowing access to these custom fields by users without rights to access to the associated objects (like the ticket it is associated with). rsyslog (8.1901.0-1+deb10u2) buster-security; urgency=medium . * Fix potential heap buffer overflow in TCP syslog server (receiver) components when octet-counted framing is used (CVE-2022-24903, Closes: #1010619) ruby-activeldap (5.2.2-2+deb10u1) buster; urgency=medium . * Add missing dependency on ruby-builder (closes: #982522). ruby-hiredis (0.6.1-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Skip more EAGAIN related tests. (Closes: #988023) ruby-http-parser.rb (0.6.0-4+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Relax "post identity body world" test to fix FTBFS with the CVE-2019-15605 fix in http-parser. (Closes: #977750) ruby-riddle (2.3.1-2~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster. (Closes: #988028) . ruby-riddle (2.3.1-2) unstable; urgency=medium . * Team upload. . [ Utkarsh Gupta ] * Add salsa-ci.yml . [ Lucas Kanashiro ] * d/start_mysqld_and_run.sh: allow LOAD DATA LOCAL INFILE * Add patch to make mysql2 client allow local_infile * Declare compliance with Debian Policy 4.4.1 rust-cbindgen (0.23.0-1~deb10u2) buster; urgency=medium . * Use override_ target instead of execute_after_, the latter is not supported in buster's debhelper. This fixes files with too old timestamps. Closes: #1015146. rust-cbindgen (0.23.0-1~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport to bullseye. * Bump rustc-mozilla build-deps to 1.59. rust-cbindgen (0.21.0-1) unstable; urgency=medium . * Package cbindgen 0.21.0 from crates.io using debcargo 2.5.0 rust-cbindgen (0.20.0-1) unstable; urgency=medium . * Package cbindgen 0.20.0 from crates.io using debcargo 2.4.4-alpha.0 rust-cbindgen (0.20.0-1~deb11u1) bullseye; urgency=medium . * Non-maintainer upload. * Backport to bullseye. rustc-mozilla (1.59.0+dfsg1-1~deb10u3) buster; urgency=medium . * Include mips(el) stage0 binaries. rustc-mozilla (1.59.0+dfsg1-1~deb10u2) buster; urgency=medium . * Inline atomics on arm64. * Increase allowed test failures on i386. rustc-mozilla (1.59.0+dfsg1-1~deb10u1) buster; urgency=medium . * Backport to buster. * Lower debhelper compat to 12. Stop using env variables in debhelper install files. * Disable windows target. rustc-mozilla (1.51.0+dfsg1-1~deb11u1) bullseye; urgency=medium . * Non-maintainer upload. * Backport to bullseye. * stage0 build. + Use arm-unknown-linux-gnueabi target for armel. * Reduce debugging symbols on i386 to avoid FTBFS due to OOM. sctk (2.4.10-20151007-1312Z+dfsg2-3.1~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster. . sctk (2.4.10-20151007-1312Z+dfsg2-3.1) unstable; urgency=medium . * Non-maintainer upload. * Apply patch by Michael Hudson-Doyle to use pdftoppm instead of convert to convert pdf to jpg as the latter fails with the changed security policy of ImageMagick. (Closes: #962439) smarty3 (3.1.33+20180830.1.3a78a21f+selfpack1-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload. * Fix the following CVE: - CVE-2021-21408: template authors could run restricted static php methods - CVE-2021-29454: template authors could run arbitrary PHP code by crafting a malicious math string - CVE-2022-29221: template authors could inject php code by choosing a malicious {block} name or {include} file name - CVE-2021-26119: Sandbox Escape because $smarty.template_object can be accessed in sandbox mode - CVE-2021-26120: code injection via an unexpected function name snapd (2.37.4-1+deb10u1) buster-security; urgency=medium . * SECURITY UPDATE: local privilege escalation - d/p/cve202144730: Add validations of the location of the snap-confine binary within snapd. - d/p/cve202144730: Fix race condition in snap-confine when preparing a private mount namespace for a snap. - CVE-2021-44730 - CVE-2021-44731 spip (3.2.4-1+deb10u9) buster-security; urgency=medium . * Backport security fixes from 3.2.16 - Remote code execution - XSS alowing priviledge escalation spip (3.2.4-1+deb10u8) buster-security; urgency=high . * Backport security fix from 3.2.15 - Sanitizing and other XSS protections squid (4.6-1+deb10u7) buster-security; urgency=medium . * Add patch to fix a Denial of Service in Gopher Processing. Fixes: CVE-2021-46784. * Add patch to fix Out-Of-Bounds memory access in WCCPv2. Fixes: CVE-2021-28116. subversion (1.10.4-1+deb10u3) buster-security; urgency=high . * Security Fixes: - CVE-2021-28544: Don't show unreadable copyfrom paths in 'svn log -v' - CVE-2022-24070: Fix issue #4880 "Use-after-free of object-pools when used as httpd module" thunderbird (1:91.12.0-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security thunderbird (1:91.11.0-1) unstable; urgency=medium . * [05a947d] New upstream version 91.11.0 Fixed CVE issues in upstream version 91.11 (MFSA 2022-26: CVE-2022-34479: A popup window could be resized in a way to overlay the address bar with web content CVE-2022-34470: Use-after-free in nsSHistory CVE-2022-34468: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI CVE-2022-2226: An email with a mismatching OpenPGP signature date was accepted as valid CVE-2022-34481: Potential integer overflow in ReplaceElementsAt CVE-2022-31744: CSP bypass enabling stylesheet injection CVE-2022-34472: Unavailable PAC file resulted in OCSP requests being blocked CVE-2022-2200: Undesired attributes could be set as part of prototype pollution CVE-2022-34484: Memory safety bugs fixed in Thunderbird 91.11 and Thunderbird 102 (Closes: #1014004) * [4c4944d] Rebuild patch queue from patch-queue branch Added patch: fixes/Bug-1773070-Rename-remove-some-eventState-s-variables.-r-.patch thunderbird (1:91.11.0-1~deb11u1) bullseye-security; urgency=medium . * Rebuild for bullseye-security * [f23e5c8] Revert "Rebuild patch queue from patch-queue branch" The {old-,}stable release doesn't have an "to new" version of cbindgen, so we don't need this added patch. thunderbird (1:91.11.0-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security thunderbird (1:91.10.0-1) unstable; urgency=medium . * [969960a] New upstream version 91.10.0 Fixed CVE issues in upstream version 91.9.1 (MFSA 2022-19): CVE-2022-1802: Prototype pollution in Top-Level Await implementation CVE-2022-1529: Untrusted input used in JavaScript object indexing, leading to prototype pollution . Fixed CVE issues in upstream version 91.10 (MFSA 2022-22): CVE-2022-31736: Cross-Origin resource's length leaked CVE-2022-31737: Heap buffer overflow in WebGL CVE-2022-31738: Browser window spoof using fullscreen mode CVE-2022-31739: Attacker-influenced path traversal when saving downloaded files CVE-2022-31740: Register allocation problem in WASM on arm64 CVE-2022-31741: Uninitialized variable leads to invalid memory read CVE-2022-1834: Braille space character caused incorrect sender email to be shown for a digitally signed email CVE-2022-31742: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information CVE-2022-31747: Memory safety bugs fixed in Thunderbird 91.10 * [4b55e16] d/control: Increase Standards-Version to 4.6.0 No further changes needed. thunderbird (1:91.10.0-1~deb11u1) bullseye-security; urgency=medium . * Rebuild for bullseye-security thunderbird (1:91.10.0-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security thunderbird (1:91.9.0-1) unstable; urgency=medium . * [88b99d1] New upstream version 91.9.0 Fixed CVE issues in upstream version 91.9 (MFSA 2022-18): CVE-2022-1520: Incorrect security status shown after viewing an attached email CVE-2022-29914: Fullscreen notification bypass using popups CVE-2022-29909: Bypassing permission prompt in nested browsing contexts CVE-2022-29916: Leaking browser history with CSS variables CVE-2022-29911: iframe sandbox bypass CVE-2022-29912: Reader mode bypassed SameSite cookies CVE-2022-29913: Speech Synthesis feature not properly disabled CVE-2022-29917: Memory safety bugs fixed in Thunderbird 91.9 thunderbird (1:91.9.0-1~deb11u1) bullseye-security; urgency=medium . * Rebuild for bullseye-security (Closes: #1009321) thunderbird (1:91.9.0-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security (Closes: #1009321) thunderbird (1:91.8.1-1) unstable; urgency=medium . * [b57406c] New upstream version 91.8.1 (Closes: #1009321) thunderbird (1:91.8.0-1) unstable; urgency=medium . * [06619c5] New upstream version 91.8.0 Fixed CVE issues in upstream version 91.8 (MFSA 2022-15): CVE-2022-1097: Use-after-free in NSSToken objects CVE-2022-28281: Out of bounds write due to unexpected WebAuthN Extensions CVE-2022-1197: OpenPGP revocation information was ignored CVE-2022-1196: Use-after-free after VR Process destruction CVE-2022-28282: Use-after-free in DocumentL10n::TranslateDocument CVE-2022-28285: Incorrect AliasSet used in JIT Codegen CVE-2022-28286: iframe contents could be rendered outside the border CVE-2022-24713: Denial of Service via complex regular expressions CVE-2022-28289: Memory safety bugs fixed in Thunderbird 91.8 thunderbird (1:91.8.0-1~deb11u1) bullseye-security; urgency=medium . * Rebuild for bullseye-security thunderbird (1:91.8.0-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security thunderbird (1:91.7.0-2) unstable; urgency=medium . * [c348b62] Rebuild patch-queue from patch queue branch Added patch: fixes/Bug-1494436-Unset-MOZ_APP_LAUNCHER-for-external-MIME-hand.patch (Closes: #948691) Thanks go out to Simon McVittie for preparing this patch! thunderbird (1:91.7.0-2~deb11u1) bullseye-security; urgency=medium . * Rebuild for bullseye-security thunderbird (1:91.7.0-2~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security thunderbird (1:91.7.0-1) unstable; urgency=medium . * [952f6d0] New upstream version 91.7.0 Fixed CVE issues in upstream version 91.7 (MFSA 2022-12): CVE-2022-26383: Browser window spoof using fullscreen mode CVE-2022-26384: iframe allow-scripts sandbox bypass CVE-2022-26387: Time-of-check time-of-use bug when verifying add-on signatures CVE-2022-26381: Use-after-free in text reflows CVE-2022-26386: Temporary files downloaded to /tmp and accessible by other local users thunderbird (1:91.6.2-1) unstable; urgency=medium . * [2f95b97] New upstream version 91.6.2 Fixed CVE issues in upstream version 91.6.2 (MFSA 2022-09): CVE-2022-26485: Use-after-free in XSLT parameter processing CVE-2022-26486: Use-after-free in WebGPU IPC Framework thunderbird (1:91.6.2-1~deb11u1) bullseye-security; urgency=medium . * Rebuild for bullseye-security thunderbird (1:91.6.2-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security thunderbird (1:91.6.1-1) unstable; urgency=medium . * [3edb855] New upstream version 91.6.1 Fixed CVE issues in upstream version 91.6.1 (MFSA 2022-07): CVE-2022-0566: Crafted email could trigger an out-of-bounds write thunderbird (1:91.6.1-1~deb11u1) bullseye-security; urgency=medium . * Rebuild for bullseye-security thunderbird (1:91.6.1-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security thunderbird (1:91.6.0-1) unstable; urgency=medium . * [884ccb6] New upstream version 91.6.0 Fixed CVE issues in upstream version 91.6 (MFSA 2022-06): CVE-2022-22754: Extensions could have bypassed permission confirmation during update CVE-2022-22756: Drag and dropping an image could have resulted in the dropped object being an executable CVE-2022-22759: Sandboxed iframes could have executed script if the parent appended elements CVE-2022-22760: Cross-Origin responses could be distinguished between script and non-script content-types CVE-2022-22761: frame-ancestors Content Security Policy directive was not enforced for framed extension pages CVE-2022-22763: Script Execution during invalid object state CVE-2022-22764: Memory safety bugs fixed in Thunderbird 91.6 (Closes: #1004951) thunderbird (1:91.6.0-1~deb11u1) bullseye-security; urgency=medium . * Rebuild for bullseye-security thunderbird (1:91.6.0-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security thunderbird (1:91.5.1-1) unstable; urgency=medium . * [130bab2] New upstream version 91.5.1 thunderbird (1:91.5.0-2) unstable; urgency=medium . * [fd07163] autopkgtest: Run check-global-config-path.py only on Intel thunderbird (1:91.5.0-2~deb11u1) bullseye-security; urgency=medium . * Rebuild for bullseye-security * [3fb049d] d/thunderbird.NEWS: Information about solved issue thunderbird (1:91.5.0-2~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security * [5204a6c] d/thunderbird.NEWS: Adjust version to buster thunderbird (1:91.5.0-1) unstable; urgency=medium . [ Carsten Schoenert ] * [8d4e5f8] New upstream version 91.5.0 Fixed CVE issues in upstream version 91.5 (MFSA 2022-03): CVE-2022-22743: Browser window spoof using fullscreen mode CVE-2022-22742: Out-of-bounds memory access when inserting text in edit mode CVE-2022-22741: Browser window spoof using fullscreen mode CVE-2022-22740: Use-after-free of ChannelEventQueue::mOwner CVE-2022-22738: Heap-buffer-overflow in blendGaussianBlur CVE-2022-22737: Race condition when playing audio files CVE-2021-4140: Iframe sandbox bypass with XSLT CVE-2022-22748: Spoofed origin on external protocol launch dialog CVE-2022-22745: Leaking cross-origin URLs through securitypolicyviolation event CVE-2022-22744: The 'Copy as curl' feature in DevTools did not fully escape website-controlled data, potentially leading to command injection CVE-2022-22747: Crash when handling empty pkcs7 sequence CVE-2022-22739: Missing throttling on external protocol launch dialog CVE-2022-22751: Memory safety bugs fixed in Thunderbird 91.5 * [a86c0b4] Rebuild patch queue from patch-queue branch Modified patch: debian-hacks/Add-another-preferences-directory-for-applications-p.patch Reworking the patch so LoadDirIntoArray is working again that is adding an additional syspref folder for global settings to use. (Closes: #997841, #1003280) * [442988b] autopkgtest: Adding check for accessing syspref folder . [ Jochen Sprickerhof ] * [5b5d508] d/thunderbird-wrapper.sh: Use 'command -v' (Closes:#1002570 ) thunderbird (1:91.4.1-1) unstable; urgency=medium . * [c5b36d3] New upstream version 91.4.1 Fixed CVE issues in upstream version 91.4.1 (MFSA 2021-55): CVE-2021-4126: OpenPGP signature status doesn't consider additional message content CVE-2021-44538: Matrix chat library libolm bundled with Thunderbird vulnerable to a buffer overflow * [b66bebb] d/changelog: Update some MOZ-* entries with assigned CVEs thunderbird (1:91.4.1-1~deb11u1) bullseye-security; urgency=medium . * Rebuild for bullseye-security * [303eebe] d/thunderbird.NEWS: Inform about broken system locale detection thunderbird (1:91.4.1-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security * [fa7c995] d/thunderbird.NEWS: Adjust version to buster thunderbird (1:91.4.0-1) unstable; urgency=medium . * [7752be0] d/source.filter: Small updates to filtering list * [0899850] New upstream version 91.4.0 Fixed CVE issues in upstream version 91.4 (MFSA 2021-54): CVE-2021-43536: URL leakage when navigating while executing asynchronous function CVE-2021-43537: Heap buffer overflow when using structured clone CVE-2021-43538: Missing fullscreen and pointer lock notification when requesting both CVE-2021-43539: GC rooting failure when calling wasm instance methods CVE-2021-43541: External protocol handler parameters were unescaped CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of an external protocol handler CVE-2021-43543: Bypass of CSP sandbox directive when embedding CVE-2021-43545: Denial of Service when using the Location API in a loop CVE-2021-43546: Cursor spoofing could overlay user interface when native cursor is zoomed CVE-2021-43528: JavaScript unexpectedly enabled for the composition area MOZ-2021-0009: Memory safety bugs fixed in Thunderbird 91.4.0 * [afd7750] d/t.lintian-overrides: Update entries due renamed tags Some Lintan tags were renamed, thus requires am adjustment of the existing overrides. * [30a387c] d/s/lintian-overrides: Adjust most of the existing entries Same as before but for the source package. thunderbird (1:91.3.2-1) unstable; urgency=medium . * [7fd56f0] New upstream version 91.3.2 * [4fccecb] Rebuild patch queue from patch-queue branch Added patch: debian-hacks/Fix-Floating-Point-Normalization-breakage-on-32bit-Linux.patch thunderbird (1:91.3.0-1) unstable; urgency=medium . * [1d3e0b1] Revert "Rebuild patch queue from patch-queue branch" The patch for fixing the broken build on i386 breaks other architectures, so reverting for now. * [66755b4] New upstream version 91.3.0 Fixed CVE issues in upstream version 91.3 (MFSA 2021-50): CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets CVE-2021-38504: Use-after-free in file picker dialog CVE-2021-38506: Thunderbird could be coaxed into going into fullscreen mode without notification or warning CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports MOZ-2021-0008: Use-after-free in HTTP2 Session object (no CVE assigned yet) CVE-2021-38508: Permission Prompt could be overlaid, resulting in user confusion and potential spoofing CVE-2021-38509: Javascript alert box could have been spoofed onto an arbitrary domain MOZ-2021-0007: Memory safety bugs fixed in Thunderbird ESR 91.3 (no CVE assigned yet) thunderbird (1:91.2.1-1) unstable; urgency=medium . [ Carsten Schoenert ] * [bcb5677] d/gbp.conf: Adjust to upstream-91.x * [12a433a] New upstream version 91.2.1 * [f935b52] Rebuild patch queue from patch-queue branch Added patch: debian-hacks/Fix-Floating-Point-Normalization-breakage-on-32bit-Linux.patch * [3faba71] Disable usage of system icu package The system packages of libicu-dev are to old for Thunderbird, we need to use the internel pre-shipped ICU sources. thunderbird (1:91.2.0-1) experimental; urgency=medium . * [3c88844] New upstream version 91.2.0 Fixed CVE issues in upstream version 91.2 (MFSA 2021-47): CVE-2021-38502: Downgrade attack on SMTP STARTTLS connections CVE-2021-38496: Use-after-free in MessageTask CVE-2021-38497: Validation message could have been overlaid on another origin CVE-2021-38498: Use-after-free of nsLanguageAtomService object CVE-2021-32810: Data race in crossbeam-deque CVE-2021-38500: Memory safety bugs fixed in Thunderbird 91.2 CVE-2021-38501: Memory safety bugs fixed in Thunderbird 91.2 (Closes: #973042) thunderbird (1:91.1.1-1) experimental; urgency=medium . * [73e3b75] New upstream version 91.1.1 * [3413d35] Rebuild patch queue from patch-queue branch Removed patch: fixes/Bug-1727113-Never-require-that-addons-are-signed-for-Thun.patch thunderbird (1:91.1.0-1) experimental; urgency=medium . * [0b1d9f9] New upstream version 91.1.0 Fixed CVE issues in upstream version 91.1 (MFSA 2021-41): CVE-2021-38495: Memory safety bugs fixed in Thunderbird 91.1 * [4313e64] Rebuild patch queue from patch-queue branch Added patch: fixes/Bug-1727113-Never-require-that-addons-are-signed-for-Thun.patch (Closes: #993594) Modified patch: porting-armhf/Bug-1526653-Include-struct-definitions-for-user_vfp-and-u.patch * [234c566] d/rules: Don't run dh_autoreconf (Closes: #993494) * [bce15d7] thunderbird: Set package x11-utils as fallback Install x11-utils only if kdialog or zenity aren't present on the system. thunderbird (1:91.0.2-1) experimental; urgency=medium . * [a5efefd] New upstream version 91.0.2 Fixed CVE issues in upstream version 91.0.1 (MFSA 2021-37): CVE-2021-29991: Header Splitting possible with HTTP/3 Responses * [b21a07b] d/control: increase Standards-Version to 4.6.0 No further changes needed. thunderbird (1:91.0-1) experimental; urgency=medium . * [3be73b6] d/source.filter: some updates to filtering list * [5c87a00] New upstream version 91.0 Fixed CVE issues in upstream version 91.0 (MFSA 2021-36): CVE-2021-29986: Race condition when resolving DNS names could have led to memory corruption CVE-2021-29981: Live range splitting could have led to conflicting assignments in the JIT CVE-2021-29988: Memory corruption as a result of incorrect style treatment CVE-2021-29984: Incorrect instruction reordering during JIT optimization CVE-2021-29980: Uninitialized memory in a canvas object could have led to memory corruption CVE-2021-29987: Users could have been tricked into accepting unwanted permissions on Linux CVE-2021-29985: Use-after-free media channels CVE-2021-29982: Single bit data leak due to incorrect JIT optimization and type confusion CVE-2021-29989: Memory safety bugs fixed in Thunderbird 91 (Closes: #640927 , #944208, #958433, #952853, #971722, #982670) * [0157fe4] d/control: Add new package thunderbird-l10n-af Upstream ships localizations for Africaans. * [f23e9e0] d/control: Add new package thunderbird-l10n-en-ca Upstream ships localizations for English (Canada). * [8b3cee9] d/control: Add new package thunderbird-l10n-lv Upstream ships localizations for Latvian. * [cad58ea] d/control: Add new package thunderbird-l10n-pa-in Upstream ships localizations for Punjabi (Gurmukhi). * [aecc2da] d/control: Add new package thunderbird-l10n-th Upstream ships localizations for Thai. * [9707e8a] Moving over to debhelper-compat Switch over to recent debhelper-compat 13. * [2934049] d/rules: Customize dh_missing call Due debhelper-compat dh_missing needs some aditional tweaking as we need to ignore some files which are built and installed into the tempory install folder but not installed into the package(s). * [7df72c6] d/rules: Don't use dwz Running and using dwz is bringing no gain and produces issues to, can be ignored for now. * [1709f28] d/control: Remove non existing packages from Breaks xul-ext-firetray and xul-ext-quotecolors are gone from the supported releases. * [f160918] d/control: Adding Rules-Requires-Root: no No specific root access required so far while package build. thunderbird (1:91.0~b5-1) experimental; urgency=medium . * [8a9083f] d/control: Adjust VCS links to branch debian/experimental * [acf4b3c] d/source.filter: some updates to filtering list * [84d1b87] New upstream version 91.0~b5 thunderbird (1:91.0~b3-1) experimental; urgency=medium . * [90a153b] New upstream version 91.0~b3 * [ada2cf0] d/control: Remove transitional package lightning * [3e5087f] d/control: Remove obsolete lightning-l10-* packages * [6eac520] d/control: Remove Suggests on libgtk2.0-0 fur thunderbird (Closes: #967771) thunderbird (1:91.0~b1-1) experimental; urgency=medium . * [78f0ddb] d/source.filter: some updates to filtering list * [3d29fcf] New upstream version 91.0~b1 (Closes: #990631) * [daa7fab] d/control: Increase some Build-Depends * [f4bfd22] d/control: Remove libgtk2.0-dev from Build-Depends * [ad4e281] d/s/lintian-overrides: Adding one more file to ignore thunderbird (1:90.0~b2-1) experimental; urgency=medium . [ Carsten Schoenert ] * [3cc0d66] d/source.filter: some updates to filtering list * [3c76a94] New upstream version 90.0~b2 * [46718fe] rebuild patch queue from patch-queue branch removed patches: fixes/reduce-the-rust-debuginfo-level-on-selected-architectures.patch debian-hacks/Work-around-Debian-bug-844357.patch * [156d3c9] d/thunderbird.1: Correct debugger option * [ca7daca] /u/l/thunderbird: Correct escape sequencing for gdb calling (Closes: #976979) * [f310330] d/thunderbird-wrapper.sh: Use '${}' syntax for variables * [0ef3788] d/thunderbird.install: Remove gtk2 cruft * [17b0510] d/copyright: Update due removed content * [feca305] d/s/lintian-override: Remove two no longer existing entries . [ Kevin Locke ] * [dbe3c3e] d/thunderbird-wrapper.sh: Make gdb call more fail safe (Closes:#942799) thunderbird (1:89.0~b2-1) experimental; urgency=medium . * [74911c7] New upstream version 89.0~b2 * [b4fef2a] rebuild patch queue from patch-queue branch modified patches: debian-hacks/Don-t-register-plugins-if-the-MOZILLA_DISABLE_PLUGIN.patch porting-armhf/Don-t-use-LLVM-internal-assembler-on-armhf.patch porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch removed patches: debian-hacks/Don-t-register-plugins-if-the-MOZILLA_DISABLE_PLUGIN.patch * [ea6a29e] d/control: Increase B-D for cbindgen and libnss3-dev thunderbird (1:88.0~b2-1) experimental; urgency=medium . [ Carsten Schoenert ] * [7af1a0b] New upstream version 88.0~b2 * [30d1d48] rebuild patch queue from patch-queue branch modified patch: debian-hacks/Add-another-preferences-directory-for-applications-p.patch porting-armhf/Don-t-use-LLVM-internal-assembler-on-armhf.patch removed patches (included upstream): porting-arm/Reduce-memory-usage-while-linking-on-arm-el-hf-platforms.patch porting-s390x/Explicitly-instantiate-TIntermTraverser-traverse-TIntermN.patch renamed patch: fixes/Load-dependent-libraries-with-their-real-path-to-avo.patch -> fixes/Load-dependent-libraries-with-their-real-path.patch * [f45da92] d/control: Increase B-D for libnss3-dev . [ Colomban Wendling ] * [bbf78cb] d/thunderbird.desktop: Switch StartupWMClass (Closes: #985366) . [ Carsten Schoenert ] * [a2cc9e0] d/control: Adding nasm to Build-Depends * [41fad62] d/copyright: update due removed content thunderbird (1:86.0~b3-1) experimental; urgency=medium . [ Carsten Schoenert ] * [002f597,fe0515b] d/source.filter: updating the filtering list * [dfafc89,35d050f] d/copyright: updates due upstream changes Add Apache2 notice for third_party/python/coverage * [24c009c] lintian: adding override for false positive in SVG file * [d316a1c] New upstream version 86.0~b3 * [20dc687] rebuild patch queue from patch-queue branch modified patch: debian/patches/porting-kfreebsd-hurd/adding-missed-HURD-adoptions.patch * [21b86f0] d/copyright: update due removed content * [7fc9755] d/s/lintian-override: path for TeXZilla.js has changed * [33c5d5a] d/s/lintian-override: remove JS file * [825a440] d/control: Increase B-D for cbindgen . [ Pino Toscano ] * [35c3c3b] thunderbird: Stop shipping /u/s/p/thunderbird.png symlink thunderbird (1:85.0~b3-1) experimental; urgency=medium . * [b142ac6] New upstream version 85.0~b3 * [0d2221a] d/control: Increase various B-D versions * [e4eb52e] rebuild patch queue from patch-queue branch added patch: debian-hacks/Decrease-Cargo-minimal-version-to-1.46.0.patch updated patches: debian-hacks/Use-remoting-name-for-call-to-gdk_set_program_class.patch fixes/reduce-the-rust-debuginfo-level-on-selected-architectures.patch thunderbird (1:84.0~b3-1) experimental; urgency=medium . * [fad5103] calendar-google-provider*: removing left over cruft * [b095d8e] thunderbird.NEWS: Add hint about integration of OpenPGP support * [0f6bdf3] Revert "d/tb.lintian-overrides: ignore warning about none versioned breaks" * [f10f80c] d/copyright: update content * [9c3fb20] d/source.filter: some updates to filtering list * [c9b8274] New upstream version 84.0~b3 * [adf3835] rebuild patch queue from patch-queue branch removed patches: fixes/Add-missing-bindings-for-mips-in-the-authenticator-crate.patch fixes/fix-function-nsMsgComposeAndSend-to-respect-Replo.patch porting-armel/Bug-1463035-Remove-MOZ_SIGNAL_TRAMPOLINE.-r-darchons.patch porting-mips/Bug-1642265-MIPS64-Add-branchTestSymbol-and-fallibleUnbox.patch porting-s390x/Use-more-recent-embedded-version-of-sqlite3.patch porting-m68k/Add-m68k-support-to-Thunderbird.patch porting-sh4/Add-sh4-support-to-Thunderbird.patch * [3ff9c9d] thunderbird-l10n-all: add thunderbird-l10n-cy (Closes: #974127) * [393490c] d/control: remove l10n package for Sinhala * [1f4e966] d/control: increase Standards-Version to 4.5.1 No further changes needed. * [288afdd] d/rules: use python3 explicitly while calling mach Using the Python 3 interpreter is needed otherwise the Mozilla magic tries to use a non existing virtualenv environment. * [a509bdf] d/watch: update to version 4 No further changes needed. * [fc6b358] d/copyright: update some more content Updating the copyright information due upstream modifications. * [3bd5713] d/s/lintian-overrides: Adding more file to ignore thunderbird (1:78.14.0-1) unstable; urgency=medium . * [6dc6817] d/changelog: Correct TB version for referenced MFSA * [38f01f4] d/rules: Don't run dh_autoreconf (Closes: #993494) * [09c4cde] New upstream version 78.14.0 Fixed CVE issues in upstream version 78.14.0 (MFSA 2021-42): CVE-2021-38493: Memory safety bugs fixed in Thunderbird 78.14 and Thunderbird 91.1 thunderbird (1:78.14.0-1~deb11u1) bullseye-security; urgency=medium . * Rebuild for bullseye-security tiff (4.1.0+git191117-2~deb10u4) buster-security; urgency=high . [ Thorsten Alteholz <debian@alteholz.de> ] * CVE-2022-22844 out-of-bounds read in _TIFFmemcpy in certain situations involving a custom tag and 0x0200 as the second word of the DE field. * CVE-2022-0562 Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory(). This could result in a Denial of Service via crafted TIFF files. * CVE-2022-0561 Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing(). This could result in a Denial of Service via crafted TIFF files. . [ Laszlo Boszormenyi (GCS) <gcs@debian.org> ] * Backport security fix for CVE-2022-0865, crash when reading a file with multiple IFD in memory-mapped mode and when bit reversal is needed. * Backport security fix for CVE-2022-0908, null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag(). * Backport security fix for CVE-2022-0907, unchecked return value to null pointer dereference in tiffcrop. * Backport security fix for CVE-2022-0909, divide by zero error in tiffcrop. * Backport security fix for CVE-2022-0891, heap buffer overflow in ExtractImageSection function in tiffcrop. * Backport security fix for CVE-2022-0924, heap buffer overflow in tiffcp. trafficserver (8.0.2+ds-1+deb10u6) buster-security; urgency=high . * Multiple CVE fixes for 8.0.x + CVE-2021-37147: Improper input validation vulnerability + CVE-2021-37148: Improper input validation vulnerability + CVE-2021-37149: Improper Input Validation vulnerability + CVE-2021-38161: Improper Authentication vulnerability in TLS origin verification + CVE-2021-44040: Improper Input Validation vulnerability in request line parsing + CVE-2021-44759: Improper Authentication vulnerability in TLS origin validation twisted (18.9.0-3+deb10u1) buster; urgency=medium . * Team upload. * SECURITY UPDATE: incorrect URI and HTTP method validation - debian/patches/CVE-2019-12387.patch: prevent CRLF injections in src/twisted/web/_newclient.py, src/twisted/web/client.py, src/twisted/web/test/injectionhelpers.py, src/twisted/web/test/test_agent.py, src/twisted/web/test/test_webclient.py. - CVE-2019-12387 - Thanks Marc Deslauriers at Canonical for backporting the patches. * SECURITY UPDATE: incorrect cert validation in XMPP support - debian/patches/CVE-2019-12855-*.patch: upstream patches to implement certificate checking. - CVE-2019-12855 - Thanks Marc Deslauriers at Canonical for backporting the patches. * SECURITY UPDATE: HTTP/2 denial of service issues - debian/patches/CVE-2019-951x.patch: buffer outbound control frames and timeout invalid clients in src/twisted/web/_http2.py, src/twisted/web/error.py, src/twisted/web/http.py, src/twisted/web/test/test_http.py, src/twisted/web/test/test_http2.py. - CVE-2019-9511 - CVE-2019-9514 - CVE-2019-9515 - Thanks Marc Deslauriers at Canonical for backporting the patches. * SECURITY UPDATE: request smuggling attacks - debian/patches/CVE-2020-1010x-pre1.patch: refactor to reduce duplication in src/twisted/web/test/test_http.py. - debian/patches/CVE-2020-1010x.patch: fix several request smuggling attacks in src/twisted/web/http.py, src/twisted/web/test/test_http.py. - CVE-2020-10108 - CVE-2020-10109 - Thanks Marc Deslauriers at Canonical for backporting the patches. * SECURITY UPDATE: Information disclosure results in leaking of HTTP cookie and authorization headers when following cross origin redirects - debian/patches/CVE-2022-21712-*.patch: Ensure sensitive HTTP headers are removed when forming requests, in src/twisted/web/client.py, src/twisted/web/test/test_agent.py and src/twisted/web/iweb.py. - CVE-2022-21712 - Thanks Ray Veldkamp at Canonical for backporting the patches. * SECURITY UPDATE: Parsing of SSH version identifier field during an SSH handshake can result in a denial of service when excessively large packets are received - debian/patches/CVE-2022-21716-*.patch: Ensure that length of received handshake buffer is checked, prior to processing version string in src/twisted/conch/ssh/transport.py and src/twisted/conch/test/test_transport.py - CVE-2022-21716 - Thanks Ray Veldkamp at Canonical for backporting the patches. * CVE-2022-24801: Correct several defects in HTTP request parsing that could permit HTTP request smuggling: disallow signed Content-Length headers, forbid illegal characters in chunked extensions, forbid 0x prefix to chunk lengths, and only strip space and horizontal tab from header values. - debian/patches/CVE-2022-24801-*.patch * Patch: remove spurious test for illegal whitespace in xmlns, to allow tests to pass, again. tzdata (2021a-0+deb10u6) buster; urgency=medium . * Cherry-pick patches from upstream: - Iran plans to stop observing DST permanently, after it falls back on 2022-09-21. - Chile's 2022 DST start is delayed from September 4 to September 11. tzdata (2021a-0+deb10u5) buster; urgency=medium . * Cherry-pick patches from upstream: - 07-no-leap-second-2022-06-30.patch: update leap-seconds.list, new expiration date on 28 December 2022. Closes: #1012191. tzdata (2021a-0+deb10u4) buster; urgency=medium . * Cherry-pick patches from tzdata-2022a: - 06-palestine-dst2.patch: Palestine will spring forward on 2022-03-27, not -03-26. ublock-origin (1.42.0+dfsg-1~deb10u1) buster; urgency=medium . * Backport to Buster. * Correct the mistake in debian/changelog and produce a valid changelog file. (Closes: #996249) ublock-origin (1.40.2+dfsg-1) unstable; urgency=medium . * New upstream version 1.40.2+dfsg. ublock-origin (1.39.0+dfsg-2) unstable; urgency=medium . * Fix debian/watch to detect new upstream releases. ublock-origin (1.39.0+dfsg-1) unstable; urgency=medium . * New upstream version 1.39.0+dfsg. * Skip the tests. ublock-origin (1.37.0+dfsg-1) unstable; urgency=medium . * New upstream version 1.37.0+dfsg. - Fix CVE-2021-36773: uBlock supported an arbitrary depth of parameter nesting for strict blocking, which allows crafted web sites to cause a denial of service (unbounded recursion that can trigger memory consumption and a loss of all blocking functionality). Thanks to Marcus Frings for the report. (Closes: #991386) * Declare compliance with Debian Policy 4.6.0. ublock-origin (1.37.0+dfsg-1~deb11u1) bullseye; urgency=medium . * Backport to Debian 11 "Bullseye". unrar-nonfree (1:5.6.6-1+deb10u1) buster; urgency=high . * Fix CVE-2022-30333 (Closes: #1010837) vlc (3.0.17.4-0+deb10u1) buster-security; urgency=medium . * New upstream version 3.0.17.4 - Fix remote code execution through crafted playlist (VideoLAN-SB-VLC-3013) - Fix an infinite loop in MP4 - Fix crashes with VP9 streams vlc (3.0.17.3-1) unstable; urgency=medium . * New upstream version 3.0.17.3 * debian/ - Revert "Disable srt until the package is fixed" (Closes: #983109) Thanks to Florian Ernst - Move srt output plugin to vlc-plugin-access-extra vlc (3.0.17-1) unstable; urgency=medium . * New upstream version 3.0.17 - Fix build with ffmpeg 5.0 (Closes: #1004584) * debian/control: - Switch to libidn-dev - Bump BD on libopenmpt-modplug-dev - Bump Standards-Version * debian/copyright: - Add missing text to BSD-2-clause - Update copyright for 3.0.17 * debian/patches: Refresh patches * debian/rules: Set VLC_COMPILE_BY and VLC_COMPILE_HOST (Closes: #990246) * debian/: Update lintian override vlc (3.0.16-1) unstable; urgency=medium . * Upload to unstable * New upstream release vlc (3.0.15-1) experimental; urgency=medium . [ Mateusz Åukasik ] * New upstream release * Remove patches included upstream. vlc (3.0.12-3) unstable; urgency=medium . * debian/patches: Apply upstream patches to prevent process freeze on exit (Closes: #916595) (LP: #1819543) vlc (3.0.12-2) unstable; urgency=medium . * debian/: Disable live555 plugin due to ä981439 vlc (3.0.12-1) unstable; urgency=medium . * New upstream release - mkv: Fix heap-based buffer overflow (CVE-2020-26664) (Closes: #979676) * debian/control: - Switch to libshout-dev - Bump Standards-Version * debian/patches: Refresh patches * debian/vlc-plugins-base.install: Install RIST access plugins waitress (1.2.0~b2-2+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Security updates to fix request smuggling bugs, when combined with another http proxy that interprets requests differently. This can lead to a potential for HTTP request smuggling/splitting whereby Waitress may see two requests while the front-end server only sees a single HTTP message. This can result in cache poisoning or unexpected information disclosure. The specific issues resolved are: - CVE-2019-16785: Only recognise CRLF as a line-terminator, not a plain LF. Before this change waitress could see two requests where the front-end proxy only saw one. - CVE-2019-16786: Waitress would parse the Transfer-Encoding header and only look for a single string value, if that value was not "chunked" it would fall through and use the Content-Length header instead. This could allow for Waitress to treat a single request as multiple requests in the case of HTTP pipelining. - CVE-2019-16789: Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. - CVE-2019-16792: If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby treating the body of the request as a new request in HTTP pipelining. - CVE-2022-24761: There are two classes of vulnerability that may lead to request smuggling that are addressed by this advisory: + The use of Python's int() to parse strings into integers, leading to +10 to be parsed as 10, or 0x01 to be parsed as 1, where as the standard specifies that the string should contain only digits or hex digits. + Waitress does not support chunk extensions, however it was discarding them without validating that they did not contain illegal characters. (Closes: #1008013) webkit2gtk (2.36.4-1~deb10u1) buster-security; urgency=high . * Rebuild for buster-security. * debian/patches/force-single-process.patch: - Force the single-process mode in Evolution and Geary * debian/control: - Remove all 4.1 API packages (soup3 build). - Remove Breaks for Evolution < 3.34.1. - Remove build dependencies on ccache, libwpebackend-fdo-1.0-dev, libmanette-0.2-dev, liblcms2-dev and libsoup-3.0-dev. - Switch build dependency from libenchant-2-dev to libenchant-dev. - Switch build dependencies on libgl-dev and libgles-dev with libgl1-mesa-dev and libgles2-mesa-dev. * Downgrade xdg-desktop-portal-gtk from a recommendation to a suggestion (See #989307) * debian/rules: - Build with -DENABLE_GAMEPAD=OFF -DUSE_LCMS=OFF. * Set the debhelper compatibility level back to 10. This fixes a dh_dwz error ".debug_info section not present" - Add debian/compat file. - Update build dependency on debhelper. webkit2gtk (2.36.3-1) unstable; urgency=high . * New upstream release. * Use ccache to speed-up the compilation since the majority of the files are identical in both the soup2 and soup3 builds. - debian/control: Add build dependency on ccache. - debian/rules: Set CCACHE_NOHASHDIR and CCACHE_BASEDIR so ccache actually works with different build directories. - debian/rules: Set CCACHE_DIR inside the source directory, otherwise ccache would try to write to the home directory, which is forbidden by the Debian policy. webkit2gtk (2.36.3-1~deb11u1) bullseye-security; urgency=high . * Rebuild for bullseye-security. - This fixes CVE-2022-26700, CVE-2022-26709, CVE-2022-26716, CVE-2022-26717, CVE-2022-26719, CVE-2022-30293 and CVE-2022-30294. * gcc 10 segfaults when building webkit in some architectures (see #1008098) so use clang instead. The exceptions are i386 and mipsel, where gcc works fine but clang is the buggy one (see #1010329). - debian/rules: Tell CMake to use clang. - debian/control: Build depend on clang. * Build libsoup2 packages only. - debian/rules: Set ENABLE_SOUP3=NO. - debian/control: Remove build dependency on libsoup3 and ccache and remove the entries for all 4.1 API packages (soup3 build). webkit2gtk (2.36.3-1~deb10u1) buster-security; urgency=high . * Rebuild for buster-security. - This fixes CVE-2022-26700, CVE-2022-26709, CVE-2022-26716, CVE-2022-26717, CVE-2022-26719, CVE-2022-30293 and CVE-2022-30294. * debian/patches/force-single-process.patch: - Force the single-process mode in Evolution and Geary * debian/control: - Remove all 4.1 API packages (soup3 build). - Remove Breaks for Evolution < 3.34.1. - Remove build dependencies on ccache, libwpebackend-fdo-1.0-dev, libmanette-0.2-dev, liblcms2-dev and libsoup-3.0-dev. - Switch build dependency from libenchant-2-dev to libenchant-dev. - Switch build dependencies on libgl-dev and libgles-dev with libgl1-mesa-dev and libgles2-mesa-dev. * Downgrade xdg-desktop-portal-gtk from a recommendation to a suggestion (See #989307) * debian/rules: - Build with -DENABLE_GAMEPAD=OFF -DUSE_LCMS=OFF. * Set the debhelper compatibility level back to 10. This fixes a dh_dwz error ".debug_info section not present" - Add debian/compat file. - Update build dependency on debhelper. webkit2gtk (2.36.2-1) unstable; urgency=high . [ Alberto Garcia ] * New upstream release. . [ Adrian Bunk ] * debian/rules: lower memory requirements on sh4. webkit2gtk (2.36.1-1) unstable; urgency=medium . [ Alberto Garcia ] * New upstream release. . [ Jeremy Bicha ] * Reduce the number of parallel build jobs on Ubuntu's amd64 webkit2gtk (2.36.0-3) unstable; urgency=medium . * debian/rules: - Build with -Os, -g0 and ggc-min-expand=10 in mips / mipsel in order to lower the memory requirements and revert the changes from 2.36.0-2 (thanks, Adrian Bunk). webkit2gtk (2.36.0-3~deb11u1) bullseye-security; urgency=high . * Rebuild for bullseye-security. - This fixes CVE-2022-22624, CVE-2022-22628 and CVE-2022-22629. * gcc 10 segfaults when building webkit (see #1008098) so use clang instead. - debian/rules: Tell CMake to use clang. - debian/control: Build depend on clang. * Build libsoup2 packages only. - debian/rules: Set ENABLE_SOUP3=NO. - debian/control: Remove build dependency on libsoup3 and remove the entries for all 4.1 API packages (soup3 build). webkit2gtk (2.36.0-3~deb10u1) buster-security; urgency=high . * Rebuild for buster-security. - This fixes CVE-2022-22624, CVE-2022-22628 and CVE-2022-22629. * debian/patches/force-single-process.patch: - Force the single-process mode in Evolution and Geary * debian/patches/support-ruby2.5.patch: - Support building with Ruby 2.5. * debian/control: - Remove all 4.1 API packages (soup3 build). - Remove Breaks for Evolution < 3.34.1. - Remove build dependencies on libwpebackend-fdo-1.0-dev, libmanette-0.2-dev, liblcms2-dev and libsoup-3.0-dev. - Switch build dependency from libenchant-2-dev to libenchant-dev. - Switch build dependencies on libgl-dev and libgles-dev with libgl1-mesa-dev and libgles2-mesa-dev. * Downgrade xdg-desktop-portal-gtk from a recommendation to a suggestion (See #989307) * debian/rules: - Build with -DENABLE_GAMEPAD=OFF -DUSE_LCMS=OFF. * Set the debhelper compatibility level back to 10. This fixes a dh_dwz error ".debug_info section not present" - Add debian/compat file. - Update build dependency on debhelper. webkit2gtk (2.36.0-2) unstable; urgency=medium . * debian/rules: - Disable unified builds in Debian/mipsel and reduce the number of parallel jobs in order to prevent running out of memory. * debian/control: - Clarify in package descriptions that 4.0 and 4.1 packages use different versions of libsoup and that the documentation package is equally valid for both. webkit2gtk (2.36.0-1) unstable; urgency=medium . * New upstream release. * Refresh all patches. * debian/rules: + Build with CMAKE_BUILD_WITH_INSTALL_RPATH=ON, otherwise builds are not reproducible if they happen in different directories. * Bring all changes from the 2.35 (experimental) branch. * debian/control: + Make libjavascriptcoregtk-4.0-dev depend on libglib2.0-dev. * debian/source/lintian-overrides: + Update source-is-missing overrides. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. * debian/copyright: + Update copyright information of all files. * debian/gbp.conf: + Update upstream branch name. * debian/rules: + USE_SYSTEMD was renamed to ENABLE_JOURNALD_LOG. * debian/control: + Remove all Conflicts: lines, they are obsolete. + Make libjavascriptcoregtk-4.0-dev depend on libglib2.0-dev. + Simplify descriptions and remove references to the WebKit2 API layer. * Build the 4.1 API version of the packages. These use libsoup 3 instead of libsoup 2 but are otherwise identical to the 4.0 API packages. + debian/control: - Add build dependency on libsoup-3.0-dev. - Add entries for the new packages. The 4.1 versions of the WebDriver, JSC command-line interpreter and documentation are currently not being generated. + debian/rules: - Add commands to build both sets of packages. + debian/libwebkit2gtk-4.0-37.install: - Update path of locale files to select only the exact API version. + debian/not-installed: - Don't install the 4.1 build of the JSC command-line interpreter. webkit2gtk (2.35.90-1) experimental; urgency=medium . * New upstream development release. * Refresh all patches. * debian/source/lintian-overrides: + Update source-is-missing overrides. * debian/rules: + USE_SYSTEMD was renamed to ENABLE_JOURNALD_LOG. * debian/control: + Remove all Conflicts: lines, they are obsolete. + Make libjavascriptcoregtk-4.0-dev depend on libglib2.0-dev. + Simplify descriptions and remove references to the WebKit2 API layer. * Build the 4.1 API version of the packages. These use libsoup 3 instead of libsoup 2 but are otherwise identical to the 4.0 API packages. + debian/control: - Add build dependency on libsoup-3.0-dev and libsysprof-4-dev (the latter should be pulled by libsoup). - Add entries for the new packages. The 4.1 versions of the WebDriver, JSC command-line interpreter and documentation are currently not being generated. + debian/rules: - Add commands to build both sets of packages. + debian/libwebkit2gtk-4.0-37.install: - Update path of locale files to select only the exact API version. + debian/not-installed: - Don't install the 4.1 build of the JSC command-line interpreter. webkit2gtk (2.35.3-1) experimental; urgency=medium . * New upstream development release. * Refresh all patches. webkit2gtk (2.35.2-1) experimental; urgency=medium . * New upstream development release. * debian/copyright: + Update copyright information of all files. * Set the debhelper compatibility level to 12: + Get rid of debian/compat. + Add build dependency on debhelper-compat. * debian/rules: + Stop using --builddirectory=build, .gir files no longer seem to contain references to the build directory (see the 2.27.90-1 entry for more details). + Explicitly disable lto since when it's on the build is failing, that doesn't impact Debian by default but is an issue on Ubuntu. (See #1000598) + Don't recommend xdg-desktop-portal-gtk on Ubuntu i386, it's a partial architecture and the binary doesn't exist (See #1000599). * Refresh all patches. * debian/source/lintian-overrides: + Update source-is-missing overrides. webkit2gtk (2.35.1-1) experimental; urgency=medium . * New upstream development release. * debian/watch, debian/gbp.conf: + Update for 2.35.x packages in experimental. * Refresh all patches. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. webkit2gtk (2.34.6-1) unstable; urgency=high . [ Alberto Garcia ] * New upstream release. + Fixes CVE-2022-22620. . [ Jeremy Bicha ] * debian/rules: + Reduce the number of parallel build jobs on Ubuntu's arm64. webkit2gtk (2.34.6-1~deb11u1) bullseye-security; urgency=high . * Rebuild for bullseye-security. wireshark (2.6.20-0+deb10u4) buster; urgency=medium . * Non-maintainer upload. * Fix the following CVE: * CVE-2021-4181: Crash in the Sysdig Event dissector. * CVE-2021-4184: Infinite loop in the BitTorrent DHT dissector. * CVE-2021-4185: Infinite loop in the RTMPT dissector. * CVE-2021-22191: Improper URL handling in Wireshark. * CVE-2022-0581: Crash in the CMS protocol dissector. * CVE-2022-0582: Unaligned access in the CSN.1 protocol dissector. * CVE-2022-0583: Crash in the PVFS protocol dissector. * CVE-2022-0585: Large loops in multiple protocol dissectors. * CVE-2022-0586: Infinite loop in RTMPT protocol dissector. xz-utils (5.2.4-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * xzgrep: Fix escaping of malicious filenames (ZDI-CAN-16587) (CVE-2022-1271) (Closes: #1009167) zlib (1:1.2.11.dfsg-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix a bug that can crash deflate on some input when using Z_FIXED (CVE-2018-25032) (Closes: #1008265) ======================================== Sat, 26 Mar 2022 - Debian 10.12 released ======================================== ========================================================================= [Date: Sat, 26 Mar 2022 10:53:33 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: linux-headers-4.19.0-17-all-amd64 | 4.19.194-3 | amd64 linux-headers-4.19.0-17-amd64 | 4.19.194-3 | amd64 linux-headers-4.19.0-17-cloud-amd64 | 4.19.194-3 | amd64 linux-headers-4.19.0-17-rt-amd64 | 4.19.194-3 | amd64 linux-headers-4.19.0-19-all-amd64 | 4.19.232-1 | amd64 linux-headers-4.19.0-19-amd64 | 4.19.232-1 | amd64 linux-headers-4.19.0-19-cloud-amd64 | 4.19.232-1 | amd64 linux-headers-4.19.0-19-rt-amd64 | 4.19.232-1 | amd64 linux-image-4.19.0-17-amd64-dbg | 4.19.194-3 | amd64 linux-image-4.19.0-17-amd64-unsigned | 4.19.194-3 | amd64 linux-image-4.19.0-17-cloud-amd64-dbg | 4.19.194-3 | amd64 linux-image-4.19.0-17-cloud-amd64-unsigned | 4.19.194-3 | amd64 linux-image-4.19.0-17-rt-amd64-dbg | 4.19.194-3 | amd64 linux-image-4.19.0-17-rt-amd64-unsigned | 4.19.194-3 | amd64 linux-image-4.19.0-19-amd64-dbg | 4.19.232-1 | amd64 linux-image-4.19.0-19-amd64-unsigned | 4.19.232-1 | amd64 linux-image-4.19.0-19-cloud-amd64-dbg | 4.19.232-1 | amd64 linux-image-4.19.0-19-cloud-amd64-unsigned | 4.19.232-1 | amd64 linux-image-4.19.0-19-rt-amd64-dbg | 4.19.232-1 | amd64 linux-image-4.19.0-19-rt-amd64-unsigned | 4.19.232-1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 10:53:43 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: affs-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel affs-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel ata-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel ata-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel btrfs-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel btrfs-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel cdrom-core-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel cdrom-core-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel compress-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel compress-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel crc-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel crc-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel crypto-dm-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel crypto-dm-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel crypto-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel crypto-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel event-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel event-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel ext4-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel ext4-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel fat-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel fat-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel fb-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel fb-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel firewire-core-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel firewire-core-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel fuse-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel fuse-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel hfs-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel hfs-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel input-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel input-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel isofs-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel isofs-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel jfs-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel jfs-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel kernel-image-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel kernel-image-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel linux-headers-4.19.0-17-loongson-3 | 4.19.194-3 | mips64el, mipsel linux-headers-4.19.0-19-loongson-3 | 4.19.232-1 | mips64el, mipsel linux-image-4.19.0-17-loongson-3 | 4.19.194-3 | mips64el, mipsel linux-image-4.19.0-17-loongson-3-dbg | 4.19.194-3 | mips64el, mipsel linux-image-4.19.0-19-loongson-3 | 4.19.232-1 | mips64el, mipsel linux-image-4.19.0-19-loongson-3-dbg | 4.19.232-1 | mips64el, mipsel loop-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel loop-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel md-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel md-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel minix-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel minix-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel mtd-core-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel mtd-core-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel multipath-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel multipath-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel nbd-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel nbd-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel nfs-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel nfs-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel nic-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel nic-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel nic-shared-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel nic-shared-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel nic-usb-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel nic-usb-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel nic-wireless-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel nic-wireless-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel pata-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel pata-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel ppp-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel ppp-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel sata-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel sata-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel scsi-core-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel scsi-core-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel scsi-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel scsi-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel scsi-nic-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel scsi-nic-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel sound-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel sound-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel speakup-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel speakup-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel squashfs-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel squashfs-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel udf-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel udf-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel usb-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel usb-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel usb-serial-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel usb-serial-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel usb-storage-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel usb-storage-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel xfs-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel xfs-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel zlib-modules-4.19.0-17-loongson-3-di | 4.19.194-3 | mips64el, mipsel zlib-modules-4.19.0-19-loongson-3-di | 4.19.232-1 | mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 10:53:51 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: linux-headers-4.19.0-17-all-mipsel | 4.19.194-3 | mipsel linux-headers-4.19.0-19-all-mipsel | 4.19.232-1 | mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 10:54:00 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: ata-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el ata-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el btrfs-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el btrfs-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el cdrom-core-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el cdrom-core-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el compress-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el compress-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el crc-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el crc-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el crypto-dm-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el crypto-dm-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el crypto-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el crypto-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el event-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el event-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el ext4-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el ext4-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el fancontrol-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el fancontrol-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el fat-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el fat-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el fb-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el fb-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el firewire-core-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el firewire-core-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el fuse-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el fuse-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el hypervisor-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el hypervisor-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el i2c-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el i2c-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el input-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el input-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el isofs-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el isofs-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el jfs-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el jfs-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el kernel-image-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el kernel-image-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el linux-headers-4.19.0-17-all-ppc64el | 4.19.194-3 | ppc64el linux-headers-4.19.0-17-powerpc64le | 4.19.194-3 | ppc64el linux-headers-4.19.0-19-all-ppc64el | 4.19.232-1 | ppc64el linux-headers-4.19.0-19-powerpc64le | 4.19.232-1 | ppc64el linux-image-4.19.0-17-powerpc64le | 4.19.194-3 | ppc64el linux-image-4.19.0-17-powerpc64le-dbg | 4.19.194-3 | ppc64el linux-image-4.19.0-19-powerpc64le | 4.19.232-1 | ppc64el linux-image-4.19.0-19-powerpc64le-dbg | 4.19.232-1 | ppc64el loop-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el loop-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el md-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el md-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el mouse-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el mouse-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el mtd-core-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el mtd-core-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el multipath-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el multipath-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el nbd-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el nbd-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el nic-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el nic-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el nic-shared-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el nic-shared-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el nic-usb-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el nic-usb-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el nic-wireless-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el nic-wireless-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el ppp-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el ppp-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el sata-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el sata-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el scsi-core-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el scsi-core-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el scsi-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el scsi-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el scsi-nic-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el scsi-nic-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el serial-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el serial-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el squashfs-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el squashfs-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el udf-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el udf-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el uinput-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el uinput-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el usb-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el usb-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el usb-serial-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el usb-serial-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el usb-storage-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el usb-storage-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el xfs-modules-4.19.0-17-powerpc64le-di | 4.19.194-3 | ppc64el xfs-modules-4.19.0-19-powerpc64le-di | 4.19.232-1 | ppc64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 10:54:08 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: btrfs-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x btrfs-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x cdrom-core-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x cdrom-core-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x compress-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x compress-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x crc-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x crc-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x crypto-dm-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x crypto-dm-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x crypto-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x crypto-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x dasd-extra-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x dasd-extra-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x dasd-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x dasd-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x ext4-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x ext4-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x fat-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x fat-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x fuse-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x fuse-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x isofs-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x isofs-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x kernel-image-4.19.0-17-s390x-di | 4.19.194-3 | s390x kernel-image-4.19.0-19-s390x-di | 4.19.232-1 | s390x linux-headers-4.19.0-17-all-s390x | 4.19.194-3 | s390x linux-headers-4.19.0-17-s390x | 4.19.194-3 | s390x linux-headers-4.19.0-19-all-s390x | 4.19.232-1 | s390x linux-headers-4.19.0-19-s390x | 4.19.232-1 | s390x linux-image-4.19.0-17-s390x | 4.19.194-3 | s390x linux-image-4.19.0-17-s390x-dbg | 4.19.194-3 | s390x linux-image-4.19.0-19-s390x | 4.19.232-1 | s390x linux-image-4.19.0-19-s390x-dbg | 4.19.232-1 | s390x loop-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x loop-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x md-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x md-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x mtd-core-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x mtd-core-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x multipath-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x multipath-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x nbd-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x nbd-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x nic-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x nic-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x scsi-core-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x scsi-core-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x scsi-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x scsi-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x udf-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x udf-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x xfs-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x xfs-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x zlib-modules-4.19.0-17-s390x-di | 4.19.194-3 | s390x zlib-modules-4.19.0-19-s390x-di | 4.19.232-1 | s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 10:54:27 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: linux-headers-4.19.0-17-all | 4.19.194-3 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x linux-headers-4.19.0-19-all | 4.19.232-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 10:54:34 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: linux-headers-4.19.0-17-all-arm64 | 4.19.194-3 | arm64 linux-headers-4.19.0-17-arm64 | 4.19.194-3 | arm64 linux-headers-4.19.0-17-rt-arm64 | 4.19.194-3 | arm64 linux-headers-4.19.0-19-all-arm64 | 4.19.232-1 | arm64 linux-headers-4.19.0-19-arm64 | 4.19.232-1 | arm64 linux-headers-4.19.0-19-rt-arm64 | 4.19.232-1 | arm64 linux-image-4.19.0-17-arm64-dbg | 4.19.194-3 | arm64 linux-image-4.19.0-17-arm64-unsigned | 4.19.194-3 | arm64 linux-image-4.19.0-17-rt-arm64-dbg | 4.19.194-3 | arm64 linux-image-4.19.0-17-rt-arm64-unsigned | 4.19.194-3 | arm64 linux-image-4.19.0-19-arm64-dbg | 4.19.232-1 | arm64 linux-image-4.19.0-19-arm64-unsigned | 4.19.232-1 | arm64 linux-image-4.19.0-19-rt-arm64-dbg | 4.19.232-1 | arm64 linux-image-4.19.0-19-rt-arm64-unsigned | 4.19.232-1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 10:54:44 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: btrfs-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel btrfs-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel cdrom-core-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel cdrom-core-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel compress-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel compress-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel crc-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel crc-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel crypto-dm-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel crypto-dm-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel crypto-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel crypto-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel event-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel event-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel ext4-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel ext4-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel fat-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel fat-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel fb-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel fb-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel fuse-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel fuse-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel input-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel input-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel ipv6-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel ipv6-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel isofs-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel isofs-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel jffs2-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel jffs2-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel jfs-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel jfs-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel kernel-image-4.19.0-17-marvell-di | 4.19.194-3 | armel kernel-image-4.19.0-19-marvell-di | 4.19.232-1 | armel leds-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel leds-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel linux-headers-4.19.0-17-all-armel | 4.19.194-3 | armel linux-headers-4.19.0-17-marvell | 4.19.194-3 | armel linux-headers-4.19.0-17-rpi | 4.19.194-3 | armel linux-headers-4.19.0-19-all-armel | 4.19.232-1 | armel linux-headers-4.19.0-19-marvell | 4.19.232-1 | armel linux-headers-4.19.0-19-rpi | 4.19.232-1 | armel linux-image-4.19.0-17-marvell | 4.19.194-3 | armel linux-image-4.19.0-17-marvell-dbg | 4.19.194-3 | armel linux-image-4.19.0-17-rpi | 4.19.194-3 | armel linux-image-4.19.0-17-rpi-dbg | 4.19.194-3 | armel linux-image-4.19.0-19-marvell | 4.19.232-1 | armel linux-image-4.19.0-19-marvell-dbg | 4.19.232-1 | armel linux-image-4.19.0-19-rpi | 4.19.232-1 | armel linux-image-4.19.0-19-rpi-dbg | 4.19.232-1 | armel loop-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel loop-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel md-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel md-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel minix-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel minix-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel mmc-core-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel mmc-core-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel mmc-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel mmc-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel mouse-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel mouse-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel mtd-core-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel mtd-core-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel mtd-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel mtd-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel multipath-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel multipath-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel nbd-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel nbd-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel nic-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel nic-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel nic-shared-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel nic-shared-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel nic-usb-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel nic-usb-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel ppp-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel ppp-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel sata-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel sata-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel scsi-core-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel scsi-core-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel squashfs-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel squashfs-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel udf-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel udf-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel uinput-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel uinput-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel usb-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel usb-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel usb-serial-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel usb-serial-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel usb-storage-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel usb-storage-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel zlib-modules-4.19.0-17-marvell-di | 4.19.194-3 | armel zlib-modules-4.19.0-19-marvell-di | 4.19.232-1 | armel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 10:54:55 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: ata-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf ata-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf btrfs-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf btrfs-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf cdrom-core-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf cdrom-core-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf compress-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf compress-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf crc-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf crc-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf crypto-dm-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf crypto-dm-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf crypto-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf crypto-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf efi-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf efi-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf event-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf event-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf ext4-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf ext4-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf fat-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf fat-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf fb-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf fb-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf fuse-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf fuse-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf i2c-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf i2c-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf input-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf input-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf isofs-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf isofs-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf jfs-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf jfs-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf kernel-image-4.19.0-17-armmp-di | 4.19.194-3 | armhf kernel-image-4.19.0-19-armmp-di | 4.19.232-1 | armhf leds-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf leds-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf linux-headers-4.19.0-17-all-armhf | 4.19.194-3 | armhf linux-headers-4.19.0-17-armmp | 4.19.194-3 | armhf linux-headers-4.19.0-17-armmp-lpae | 4.19.194-3 | armhf linux-headers-4.19.0-17-rt-armmp | 4.19.194-3 | armhf linux-headers-4.19.0-19-all-armhf | 4.19.232-1 | armhf linux-headers-4.19.0-19-armmp | 4.19.232-1 | armhf linux-headers-4.19.0-19-armmp-lpae | 4.19.232-1 | armhf linux-headers-4.19.0-19-rt-armmp | 4.19.232-1 | armhf linux-image-4.19.0-17-armmp | 4.19.194-3 | armhf linux-image-4.19.0-17-armmp-dbg | 4.19.194-3 | armhf linux-image-4.19.0-17-armmp-lpae | 4.19.194-3 | armhf linux-image-4.19.0-17-armmp-lpae-dbg | 4.19.194-3 | armhf linux-image-4.19.0-17-rt-armmp | 4.19.194-3 | armhf linux-image-4.19.0-17-rt-armmp-dbg | 4.19.194-3 | armhf linux-image-4.19.0-19-armmp | 4.19.232-1 | armhf linux-image-4.19.0-19-armmp-dbg | 4.19.232-1 | armhf linux-image-4.19.0-19-armmp-lpae | 4.19.232-1 | armhf linux-image-4.19.0-19-armmp-lpae-dbg | 4.19.232-1 | armhf linux-image-4.19.0-19-rt-armmp | 4.19.232-1 | armhf linux-image-4.19.0-19-rt-armmp-dbg | 4.19.232-1 | armhf loop-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf loop-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf md-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf md-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf mmc-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf mmc-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf mtd-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf mtd-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf multipath-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf multipath-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf nbd-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf nbd-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf nic-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf nic-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf nic-shared-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf nic-shared-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf nic-usb-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf nic-usb-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf nic-wireless-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf nic-wireless-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf pata-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf pata-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf ppp-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf ppp-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf sata-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf sata-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf scsi-core-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf scsi-core-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf scsi-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf scsi-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf scsi-nic-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf scsi-nic-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf squashfs-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf squashfs-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf udf-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf udf-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf uinput-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf uinput-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf usb-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf usb-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf usb-serial-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf usb-serial-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf usb-storage-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf usb-storage-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf zlib-modules-4.19.0-17-armmp-di | 4.19.194-3 | armhf zlib-modules-4.19.0-19-armmp-di | 4.19.232-1 | armhf ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 10:55:04 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: linux-headers-4.19.0-17-686 | 4.19.194-3 | i386 linux-headers-4.19.0-17-686-pae | 4.19.194-3 | i386 linux-headers-4.19.0-17-all-i386 | 4.19.194-3 | i386 linux-headers-4.19.0-17-rt-686-pae | 4.19.194-3 | i386 linux-headers-4.19.0-19-686 | 4.19.232-1 | i386 linux-headers-4.19.0-19-686-pae | 4.19.232-1 | i386 linux-headers-4.19.0-19-all-i386 | 4.19.232-1 | i386 linux-headers-4.19.0-19-rt-686-pae | 4.19.232-1 | i386 linux-image-4.19.0-17-686-dbg | 4.19.194-3 | i386 linux-image-4.19.0-17-686-pae-dbg | 4.19.194-3 | i386 linux-image-4.19.0-17-686-pae-unsigned | 4.19.194-3 | i386 linux-image-4.19.0-17-686-unsigned | 4.19.194-3 | i386 linux-image-4.19.0-17-rt-686-pae-dbg | 4.19.194-3 | i386 linux-image-4.19.0-17-rt-686-pae-unsigned | 4.19.194-3 | i386 linux-image-4.19.0-19-686-dbg | 4.19.232-1 | i386 linux-image-4.19.0-19-686-pae-dbg | 4.19.232-1 | i386 linux-image-4.19.0-19-686-pae-unsigned | 4.19.232-1 | i386 linux-image-4.19.0-19-686-unsigned | 4.19.232-1 | i386 linux-image-4.19.0-19-rt-686-pae-dbg | 4.19.232-1 | i386 linux-image-4.19.0-19-rt-686-pae-unsigned | 4.19.232-1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 10:55:11 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: linux-headers-4.19.0-17-all-mips | 4.19.194-3 | mips linux-headers-4.19.0-19-all-mips | 4.19.232-1 | mips ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 10:55:22 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: affs-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel affs-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel btrfs-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel btrfs-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel cdrom-core-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel cdrom-core-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel compress-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel compress-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel crc-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel crc-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel crypto-dm-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel crypto-dm-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel crypto-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel crypto-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel event-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel event-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel ext4-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel ext4-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel fat-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel fat-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel fuse-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel fuse-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel hfs-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel hfs-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel input-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel input-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel isofs-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel isofs-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel jfs-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel jfs-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel kernel-image-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel kernel-image-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel linux-headers-4.19.0-17-5kc-malta | 4.19.194-3 | mips, mips64el, mipsel linux-headers-4.19.0-17-octeon | 4.19.194-3 | mips, mips64el, mipsel linux-headers-4.19.0-19-5kc-malta | 4.19.232-1 | mips, mips64el, mipsel linux-headers-4.19.0-19-octeon | 4.19.232-1 | mips, mips64el, mipsel linux-image-4.19.0-17-5kc-malta | 4.19.194-3 | mips, mips64el, mipsel linux-image-4.19.0-17-5kc-malta-dbg | 4.19.194-3 | mips, mips64el, mipsel linux-image-4.19.0-17-octeon | 4.19.194-3 | mips, mips64el, mipsel linux-image-4.19.0-17-octeon-dbg | 4.19.194-3 | mips, mips64el, mipsel linux-image-4.19.0-19-5kc-malta | 4.19.232-1 | mips, mips64el, mipsel linux-image-4.19.0-19-5kc-malta-dbg | 4.19.232-1 | mips, mips64el, mipsel linux-image-4.19.0-19-octeon | 4.19.232-1 | mips, mips64el, mipsel linux-image-4.19.0-19-octeon-dbg | 4.19.232-1 | mips, mips64el, mipsel loop-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel loop-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel md-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel md-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel minix-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel minix-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel multipath-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel multipath-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel nbd-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel nbd-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel nic-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel nic-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel nic-shared-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel nic-shared-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel nic-usb-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel nic-usb-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel nic-wireless-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel nic-wireless-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel pata-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel pata-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel ppp-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel ppp-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel rtc-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel rtc-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel sata-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel sata-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel scsi-core-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel scsi-core-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel scsi-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel scsi-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel scsi-nic-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel scsi-nic-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel sound-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel sound-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel squashfs-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel squashfs-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel udf-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel udf-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel usb-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel usb-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel usb-serial-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel usb-serial-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel usb-storage-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel usb-storage-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel xfs-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel xfs-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel zlib-modules-4.19.0-17-octeon-di | 4.19.194-3 | mips, mips64el, mipsel zlib-modules-4.19.0-19-octeon-di | 4.19.232-1 | mips, mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 10:55:32 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: affs-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel affs-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel ata-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel ata-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel btrfs-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel btrfs-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel cdrom-core-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel cdrom-core-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel compress-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel compress-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel crc-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel crc-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel crypto-dm-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel crypto-dm-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel crypto-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel crypto-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel event-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel event-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel ext4-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel ext4-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel fat-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel fat-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel fb-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel fb-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel fuse-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel fuse-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel hfs-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel hfs-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel i2c-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel i2c-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel input-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel input-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel isofs-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel isofs-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel jfs-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel jfs-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel kernel-image-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel kernel-image-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel linux-headers-4.19.0-17-4kc-malta | 4.19.194-3 | mips, mipsel linux-headers-4.19.0-19-4kc-malta | 4.19.232-1 | mips, mipsel linux-image-4.19.0-17-4kc-malta | 4.19.194-3 | mips, mipsel linux-image-4.19.0-17-4kc-malta-dbg | 4.19.194-3 | mips, mipsel linux-image-4.19.0-19-4kc-malta | 4.19.232-1 | mips, mipsel linux-image-4.19.0-19-4kc-malta-dbg | 4.19.232-1 | mips, mipsel loop-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel loop-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel md-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel md-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel minix-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel minix-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel mmc-core-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel mmc-core-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel mmc-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel mmc-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel mouse-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel mouse-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel mtd-core-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel mtd-core-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel multipath-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel multipath-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel nbd-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel nbd-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel nic-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel nic-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel nic-shared-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel nic-shared-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel nic-usb-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel nic-usb-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel nic-wireless-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel nic-wireless-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel pata-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel pata-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel ppp-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel ppp-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel sata-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel sata-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel scsi-core-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel scsi-core-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel scsi-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel scsi-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel scsi-nic-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel scsi-nic-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel sound-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel sound-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel squashfs-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel squashfs-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel udf-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel udf-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel usb-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel usb-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel usb-serial-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel usb-serial-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel usb-storage-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel usb-storage-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel xfs-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel xfs-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel zlib-modules-4.19.0-17-4kc-malta-di | 4.19.194-3 | mips, mipsel zlib-modules-4.19.0-19-4kc-malta-di | 4.19.232-1 | mips, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 10:55:39 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: affs-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el affs-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el ata-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el ata-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el btrfs-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el btrfs-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el cdrom-core-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el cdrom-core-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el compress-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el compress-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el crc-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el crc-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el crypto-dm-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el crypto-dm-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el crypto-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el crypto-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el event-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el event-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el ext4-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el ext4-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el fat-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el fat-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el fb-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el fb-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el fuse-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el fuse-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el hfs-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el hfs-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el i2c-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el i2c-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el input-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el input-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el isofs-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el isofs-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el jfs-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el jfs-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el kernel-image-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el kernel-image-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el linux-headers-4.19.0-17-all-mips64el | 4.19.194-3 | mips64el linux-headers-4.19.0-19-all-mips64el | 4.19.232-1 | mips64el loop-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el loop-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el md-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el md-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el minix-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el minix-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el mmc-core-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el mmc-core-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el mmc-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el mmc-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el mouse-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el mouse-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el mtd-core-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el mtd-core-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el multipath-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el multipath-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el nbd-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el nbd-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el nic-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el nic-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el nic-shared-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el nic-shared-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el nic-usb-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el nic-usb-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el nic-wireless-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el nic-wireless-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el pata-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el pata-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el ppp-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el ppp-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el sata-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el sata-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el scsi-core-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el scsi-core-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el scsi-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el scsi-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el scsi-nic-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el scsi-nic-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el sound-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el sound-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el squashfs-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el squashfs-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el udf-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el udf-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el usb-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el usb-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el usb-serial-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el usb-serial-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el usb-storage-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el usb-storage-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el xfs-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el xfs-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el zlib-modules-4.19.0-17-5kc-malta-di | 4.19.194-3 | mips64el zlib-modules-4.19.0-19-5kc-malta-di | 4.19.232-1 | mips64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 10:55:47 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: acpi-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 acpi-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 ata-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 ata-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 btrfs-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 btrfs-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 cdrom-core-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 cdrom-core-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 compress-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 compress-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 crc-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 crc-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 crypto-dm-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 crypto-dm-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 crypto-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 crypto-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 efi-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 efi-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 event-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 event-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 ext4-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 ext4-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 fat-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 fat-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 fb-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 fb-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 firewire-core-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 firewire-core-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 fuse-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 fuse-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 i2c-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 i2c-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 input-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 input-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 isofs-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 isofs-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 jfs-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 jfs-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 kernel-image-4.19.0-17-amd64-di | 4.19.194-3 | amd64 kernel-image-4.19.0-19-amd64-di | 4.19.232-1 | amd64 linux-image-4.19.0-17-amd64 | 4.19.194-3 | amd64 linux-image-4.19.0-17-cloud-amd64 | 4.19.194-3 | amd64 linux-image-4.19.0-17-rt-amd64 | 4.19.194-3 | amd64 linux-image-4.19.0-19-amd64 | 4.19.232-1 | amd64 linux-image-4.19.0-19-cloud-amd64 | 4.19.232-1 | amd64 linux-image-4.19.0-19-rt-amd64 | 4.19.232-1 | amd64 loop-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 loop-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 md-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 md-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 mmc-core-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 mmc-core-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 mmc-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 mmc-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 mouse-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 mouse-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 mtd-core-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 mtd-core-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 multipath-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 multipath-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 nbd-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 nbd-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 nic-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 nic-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 nic-pcmcia-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 nic-pcmcia-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 nic-shared-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 nic-shared-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 nic-usb-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 nic-usb-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 nic-wireless-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 nic-wireless-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 pata-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 pata-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 pcmcia-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 pcmcia-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 pcmcia-storage-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 pcmcia-storage-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 ppp-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 ppp-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 sata-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 sata-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 scsi-core-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 scsi-core-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 scsi-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 scsi-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 scsi-nic-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 scsi-nic-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 serial-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 serial-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 sound-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 sound-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 speakup-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 speakup-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 squashfs-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 squashfs-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 udf-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 udf-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 uinput-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 uinput-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 usb-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 usb-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 usb-serial-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 usb-serial-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 usb-storage-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 usb-storage-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 xfs-modules-4.19.0-17-amd64-di | 4.19.194-3 | amd64 xfs-modules-4.19.0-19-amd64-di | 4.19.232-1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-amd64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 10:55:55 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: ata-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 ata-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 btrfs-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 btrfs-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 cdrom-core-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 cdrom-core-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 compress-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 compress-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 crc-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 crc-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 crypto-dm-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 crypto-dm-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 crypto-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 crypto-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 efi-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 efi-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 event-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 event-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 ext4-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 ext4-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 fat-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 fat-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 fb-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 fb-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 fuse-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 fuse-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 i2c-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 i2c-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 input-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 input-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 isofs-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 isofs-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 jfs-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 jfs-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 kernel-image-4.19.0-17-arm64-di | 4.19.194-3 | arm64 kernel-image-4.19.0-19-arm64-di | 4.19.232-1 | arm64 leds-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 leds-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 linux-image-4.19.0-17-arm64 | 4.19.194-3 | arm64 linux-image-4.19.0-17-rt-arm64 | 4.19.194-3 | arm64 linux-image-4.19.0-19-arm64 | 4.19.232-1 | arm64 linux-image-4.19.0-19-rt-arm64 | 4.19.232-1 | arm64 loop-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 loop-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 md-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 md-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 mmc-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 mmc-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 mtd-core-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 mtd-core-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 multipath-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 multipath-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 nbd-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 nbd-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 nic-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 nic-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 nic-shared-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 nic-shared-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 nic-usb-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 nic-usb-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 nic-wireless-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 nic-wireless-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 ppp-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 ppp-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 sata-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 sata-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 scsi-core-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 scsi-core-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 scsi-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 scsi-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 scsi-nic-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 scsi-nic-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 squashfs-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 squashfs-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 udf-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 udf-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 uinput-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 uinput-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 usb-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 usb-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 usb-serial-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 usb-serial-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 usb-storage-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 usb-storage-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 xfs-modules-4.19.0-17-arm64-di | 4.19.194-3 | arm64 xfs-modules-4.19.0-19-arm64-di | 4.19.232-1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-arm64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 10:56:03 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: acpi-modules-4.19.0-17-686-di | 4.19.194-3 | i386 acpi-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 acpi-modules-4.19.0-19-686-di | 4.19.232-1 | i386 acpi-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 ata-modules-4.19.0-17-686-di | 4.19.194-3 | i386 ata-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 ata-modules-4.19.0-19-686-di | 4.19.232-1 | i386 ata-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 btrfs-modules-4.19.0-17-686-di | 4.19.194-3 | i386 btrfs-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 btrfs-modules-4.19.0-19-686-di | 4.19.232-1 | i386 btrfs-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 cdrom-core-modules-4.19.0-17-686-di | 4.19.194-3 | i386 cdrom-core-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 cdrom-core-modules-4.19.0-19-686-di | 4.19.232-1 | i386 cdrom-core-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 compress-modules-4.19.0-17-686-di | 4.19.194-3 | i386 compress-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 compress-modules-4.19.0-19-686-di | 4.19.232-1 | i386 compress-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 crc-modules-4.19.0-17-686-di | 4.19.194-3 | i386 crc-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 crc-modules-4.19.0-19-686-di | 4.19.232-1 | i386 crc-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 crypto-dm-modules-4.19.0-17-686-di | 4.19.194-3 | i386 crypto-dm-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 crypto-dm-modules-4.19.0-19-686-di | 4.19.232-1 | i386 crypto-dm-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 crypto-modules-4.19.0-17-686-di | 4.19.194-3 | i386 crypto-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 crypto-modules-4.19.0-19-686-di | 4.19.232-1 | i386 crypto-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 efi-modules-4.19.0-17-686-di | 4.19.194-3 | i386 efi-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 efi-modules-4.19.0-19-686-di | 4.19.232-1 | i386 efi-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 event-modules-4.19.0-17-686-di | 4.19.194-3 | i386 event-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 event-modules-4.19.0-19-686-di | 4.19.232-1 | i386 event-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 ext4-modules-4.19.0-17-686-di | 4.19.194-3 | i386 ext4-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 ext4-modules-4.19.0-19-686-di | 4.19.232-1 | i386 ext4-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 fat-modules-4.19.0-17-686-di | 4.19.194-3 | i386 fat-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 fat-modules-4.19.0-19-686-di | 4.19.232-1 | i386 fat-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 fb-modules-4.19.0-17-686-di | 4.19.194-3 | i386 fb-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 fb-modules-4.19.0-19-686-di | 4.19.232-1 | i386 fb-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 firewire-core-modules-4.19.0-17-686-di | 4.19.194-3 | i386 firewire-core-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 firewire-core-modules-4.19.0-19-686-di | 4.19.232-1 | i386 firewire-core-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 fuse-modules-4.19.0-17-686-di | 4.19.194-3 | i386 fuse-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 fuse-modules-4.19.0-19-686-di | 4.19.232-1 | i386 fuse-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 i2c-modules-4.19.0-17-686-di | 4.19.194-3 | i386 i2c-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 i2c-modules-4.19.0-19-686-di | 4.19.232-1 | i386 i2c-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 input-modules-4.19.0-17-686-di | 4.19.194-3 | i386 input-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 input-modules-4.19.0-19-686-di | 4.19.232-1 | i386 input-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 isofs-modules-4.19.0-17-686-di | 4.19.194-3 | i386 isofs-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 isofs-modules-4.19.0-19-686-di | 4.19.232-1 | i386 isofs-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 jfs-modules-4.19.0-17-686-di | 4.19.194-3 | i386 jfs-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 jfs-modules-4.19.0-19-686-di | 4.19.232-1 | i386 jfs-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 kernel-image-4.19.0-17-686-di | 4.19.194-3 | i386 kernel-image-4.19.0-17-686-pae-di | 4.19.194-3 | i386 kernel-image-4.19.0-19-686-di | 4.19.232-1 | i386 kernel-image-4.19.0-19-686-pae-di | 4.19.232-1 | i386 linux-image-4.19.0-17-686 | 4.19.194-3 | i386 linux-image-4.19.0-17-686-pae | 4.19.194-3 | i386 linux-image-4.19.0-17-rt-686-pae | 4.19.194-3 | i386 linux-image-4.19.0-19-686 | 4.19.232-1 | i386 linux-image-4.19.0-19-686-pae | 4.19.232-1 | i386 linux-image-4.19.0-19-rt-686-pae | 4.19.232-1 | i386 loop-modules-4.19.0-17-686-di | 4.19.194-3 | i386 loop-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 loop-modules-4.19.0-19-686-di | 4.19.232-1 | i386 loop-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 md-modules-4.19.0-17-686-di | 4.19.194-3 | i386 md-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 md-modules-4.19.0-19-686-di | 4.19.232-1 | i386 md-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 mmc-core-modules-4.19.0-17-686-di | 4.19.194-3 | i386 mmc-core-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 mmc-core-modules-4.19.0-19-686-di | 4.19.232-1 | i386 mmc-core-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 mmc-modules-4.19.0-17-686-di | 4.19.194-3 | i386 mmc-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 mmc-modules-4.19.0-19-686-di | 4.19.232-1 | i386 mmc-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 mouse-modules-4.19.0-17-686-di | 4.19.194-3 | i386 mouse-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 mouse-modules-4.19.0-19-686-di | 4.19.232-1 | i386 mouse-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 mtd-core-modules-4.19.0-17-686-di | 4.19.194-3 | i386 mtd-core-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 mtd-core-modules-4.19.0-19-686-di | 4.19.232-1 | i386 mtd-core-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 multipath-modules-4.19.0-17-686-di | 4.19.194-3 | i386 multipath-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 multipath-modules-4.19.0-19-686-di | 4.19.232-1 | i386 multipath-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 nbd-modules-4.19.0-17-686-di | 4.19.194-3 | i386 nbd-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 nbd-modules-4.19.0-19-686-di | 4.19.232-1 | i386 nbd-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 nic-modules-4.19.0-17-686-di | 4.19.194-3 | i386 nic-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 nic-modules-4.19.0-19-686-di | 4.19.232-1 | i386 nic-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 nic-pcmcia-modules-4.19.0-17-686-di | 4.19.194-3 | i386 nic-pcmcia-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 nic-pcmcia-modules-4.19.0-19-686-di | 4.19.232-1 | i386 nic-pcmcia-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 nic-shared-modules-4.19.0-17-686-di | 4.19.194-3 | i386 nic-shared-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 nic-shared-modules-4.19.0-19-686-di | 4.19.232-1 | i386 nic-shared-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 nic-usb-modules-4.19.0-17-686-di | 4.19.194-3 | i386 nic-usb-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 nic-usb-modules-4.19.0-19-686-di | 4.19.232-1 | i386 nic-usb-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 nic-wireless-modules-4.19.0-17-686-di | 4.19.194-3 | i386 nic-wireless-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 nic-wireless-modules-4.19.0-19-686-di | 4.19.232-1 | i386 nic-wireless-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 pata-modules-4.19.0-17-686-di | 4.19.194-3 | i386 pata-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 pata-modules-4.19.0-19-686-di | 4.19.232-1 | i386 pata-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 pcmcia-modules-4.19.0-17-686-di | 4.19.194-3 | i386 pcmcia-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 pcmcia-modules-4.19.0-19-686-di | 4.19.232-1 | i386 pcmcia-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 pcmcia-storage-modules-4.19.0-17-686-di | 4.19.194-3 | i386 pcmcia-storage-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 pcmcia-storage-modules-4.19.0-19-686-di | 4.19.232-1 | i386 pcmcia-storage-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 ppp-modules-4.19.0-17-686-di | 4.19.194-3 | i386 ppp-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 ppp-modules-4.19.0-19-686-di | 4.19.232-1 | i386 ppp-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 sata-modules-4.19.0-17-686-di | 4.19.194-3 | i386 sata-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 sata-modules-4.19.0-19-686-di | 4.19.232-1 | i386 sata-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 scsi-core-modules-4.19.0-17-686-di | 4.19.194-3 | i386 scsi-core-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 scsi-core-modules-4.19.0-19-686-di | 4.19.232-1 | i386 scsi-core-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 scsi-modules-4.19.0-17-686-di | 4.19.194-3 | i386 scsi-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 scsi-modules-4.19.0-19-686-di | 4.19.232-1 | i386 scsi-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 scsi-nic-modules-4.19.0-17-686-di | 4.19.194-3 | i386 scsi-nic-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 scsi-nic-modules-4.19.0-19-686-di | 4.19.232-1 | i386 scsi-nic-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 serial-modules-4.19.0-17-686-di | 4.19.194-3 | i386 serial-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 serial-modules-4.19.0-19-686-di | 4.19.232-1 | i386 serial-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 sound-modules-4.19.0-17-686-di | 4.19.194-3 | i386 sound-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 sound-modules-4.19.0-19-686-di | 4.19.232-1 | i386 sound-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 speakup-modules-4.19.0-17-686-di | 4.19.194-3 | i386 speakup-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 speakup-modules-4.19.0-19-686-di | 4.19.232-1 | i386 speakup-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 squashfs-modules-4.19.0-17-686-di | 4.19.194-3 | i386 squashfs-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 squashfs-modules-4.19.0-19-686-di | 4.19.232-1 | i386 squashfs-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 udf-modules-4.19.0-17-686-di | 4.19.194-3 | i386 udf-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 udf-modules-4.19.0-19-686-di | 4.19.232-1 | i386 udf-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 uinput-modules-4.19.0-17-686-di | 4.19.194-3 | i386 uinput-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 uinput-modules-4.19.0-19-686-di | 4.19.232-1 | i386 uinput-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 usb-modules-4.19.0-17-686-di | 4.19.194-3 | i386 usb-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 usb-modules-4.19.0-19-686-di | 4.19.232-1 | i386 usb-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 usb-serial-modules-4.19.0-17-686-di | 4.19.194-3 | i386 usb-serial-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 usb-serial-modules-4.19.0-19-686-di | 4.19.232-1 | i386 usb-serial-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 usb-storage-modules-4.19.0-17-686-di | 4.19.194-3 | i386 usb-storage-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 usb-storage-modules-4.19.0-19-686-di | 4.19.232-1 | i386 usb-storage-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 xfs-modules-4.19.0-17-686-di | 4.19.194-3 | i386 xfs-modules-4.19.0-17-686-pae-di | 4.19.194-3 | i386 xfs-modules-4.19.0-19-686-di | 4.19.232-1 | i386 xfs-modules-4.19.0-19-686-pae-di | 4.19.232-1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-i386) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 10:56:21 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: linux-headers-4.19.0-17-common | 4.19.194-3 | all linux-headers-4.19.0-17-common-rt | 4.19.194-3 | all linux-headers-4.19.0-19-common | 4.19.232-1 | all linux-headers-4.19.0-19-common-rt | 4.19.232-1 | all linux-support-4.19.0-17 | 4.19.194-3 | all linux-support-4.19.0-19 | 4.19.232-1 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 10:59:53 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: libparse-pidl-perl | 2:4.9.5+dfsg-5+really0.02 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by samba) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 11:00:11 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: liblog4j2-java-doc | 2.11.1-2 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by apache-log4j2 - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 11:00:29 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: libjtharness-java-doc | 5.0-2 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by jtharness - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 11:00:50 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: libwebkit2gtk-4.0-37-gtk2 | 2.32.4-1~deb10u1 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by webkit2gtk - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 10:46:33 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: libminify-maven-plugin-java | 1.7.4-1.1 | all minify-maven-plugin | 1.7.4-1.1 | source Closed bugs: 1006461 ------------------- Reason ------------------- RoM: old and not useful ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Mar 2022 10:46:57 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: angular-maven-plugin | 0.3.4-3 | source libangular-maven-plugin-java | 0.3.4-3 | all Closed bugs: 1006462 ------------------- Reason ------------------- RoM; no longer useful; tied to unsupported AngularJS version ---------------------------------------------- ========================================================================= aide (0.16.1-1+deb10u1) buster-security; urgency=high . * Apply backported patch to fix heap-based buffer overflow in base64 functions (CVE-2021-45417) apache-log4j1.2 (1.2.17-8+deb10u2) buster; urgency=medium . * Team upload. * Fix CVE-2021-4104, CVE-2022-23302, CVE-2022-23305 and CVE-2022-23307. Multiple security vulnerabilities have been discovered in Apache Log4j 1.2 when it is configured to use JMSSink, JDBCAppender and JMSAppender or Apache Chainsaw. Note that a possible attacker requires write access to the Log4j configuration and the aforementioned features are not enabled by default. In order to completely mitigate against these vulnerabilities the related classes have been removed from the resulting jar file. apache-log4j2 (2.17.1-1~deb10u1) buster; urgency=medium . * Team upload. * Backport 2.17.1 to Buster and fix CVE-2021-44832: remote code execution vulnerability but requires permission to modify the logging configuration. apache-log4j2 (2.17.0-1) unstable; urgency=high . * Team upload. * New upstream version 2.17.0. - Fix CVE-2021-45105: Apache Log4j2 did not protect from uncontrolled recursion from self-referential lookups. When the logging configuration uses a non-default Pattern Layout with a Context Lookup (for example, $${ctx:loginId}), attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup, resulting in a denial of service. (Closes: #1001891) Thanks to Salvatore Bonaccorso for the report. apache-log4j2 (2.17.0-1~deb11u1) bullseye-security; urgency=high . * Team upload. * Backport 2.17.0-1 to Bullseye and fix CVE-2021-45105. (Closes: #1001891) apache-log4j2 (2.17.0-1~deb10u1) buster-security; urgency=high . * Team upload. * Backport 2.17.0-1 to Buster and fix CVE-2021-45105. (Closes: #1001891) apache-log4j2 (2.16.0-1) unstable; urgency=high . * Team upload. * New upstream version 2.16.0. - Fix CVE-2021-45046: It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allow attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in a denial of service (DOS) attack. Thanks to Salvatore Bonaccorso for the report. (Closes: #1001729) apache-log4j2 (2.16.0-1~deb11u1) bullseye-security; urgency=high . * Team upload. * Backport version 2.16.0 to Bullseye and fix CVE-2021-45046. (Closes: #1001729) apache-log4j2 (2.16.0-1~deb10u1) buster-security; urgency=high . * Team upload. * Backport version 2.16.0 to Buster and fix CVE-2021-45046. (Closes: #1001729) apache-log4j2 (2.15.0-1) unstable; urgency=high . * Team upload. * New upstream version 2.15.0. - Fix CVE-2021-44228: Chen Zhaojun of Alibaba Cloud Security Team discovered that JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From version 2.15.0, this behavior has been disabled by default. (Closes: #1001478) * Update debian/watch to track the latest releases. * Declare compliance with Debian Policy 4.6.0. apache-log4j2 (2.15.0-1~deb11u1) bullseye-security; urgency=high . * Team upload. * Backport version 2.15.0 to Bullseye and fix CVE-2021-44228. (Closes: #1001478) apache-log4j2 (2.15.0-1~deb10u1) buster-security; urgency=high . * Team upload. * Backport version 2.15.0 to Buster and fix CVE-2021-44228. (Closes: #1001478) * Fix CVE-2020-9488: Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. (Closes: #959450) apache-log4j2 (2.13.3-1) unstable; urgency=medium . * New upstream release - Refreshed the patches - Ignore the new log4j-docker, log4-jpl, log4j-kubernetes and log4j-spring-cloud-config modules * Depend on libgeronimo-jpa-2.0-spec-java instead of libjpa-2.1-spec-java * Removed the -java-doc package (Closes: #835382) * Standards-Version updated to 4.5.1 * Switch to debhelper level 13 * No longer track the release candidates apache-log4j2 (2.11.2-1) unstable; urgency=medium . * Team upload. . [ tony mancill ] * Revert "Drop support for mongodb (Debian: #919095)" . [ Emmanuel Bourg ] * New upstream release - Refreshed the patches - Updated the Maven rules * Sort the entries in the plugin cache (Log4j2Plugins.dat) to make the build reproducible * Standards-Version updated to 4.4.0 apache2 (2.4.38-3+deb10u7) buster-security; urgency=medium . * Fix possible NULL dereference or SSRF in forward proxy configurations (CVE-2021-44224) * lua: improve error handling (Closes: CVE-2021-44790) * mod_proxy_uwsgi: Remove duplicate slashes at the beginning of PATH_INFO (relaxes the behaviour introduced by the CVE-2021-36160 fix) apache2 (2.4.38-3+deb10u6) buster-security; urgency=high . [ Yadd, Moritz Muehlenhoff ] * Initialize the request fields on read failure to avoid NULLs (Closes: CVE-2021-34798) * mod_proxy_uwsgi: Fix PATH_INFO setting for generic worker (Closes: CVE-2021-36160) * Fix ap_escape_quotes with pre-escaped quotes (Closes: CVE-2021-39275) * Sanity checks on the configured UDS path (Closes: CVE-2021-40438) atftp (0.7.git20120829-3.2~deb10u3) buster; urgency=medium . * Fix for CVE-2021-46671 (Closes: #1004974) base-files (10.3+deb10u12) buster; urgency=medium . * Change /etc/debian_version to 10.12, for Debian 10.12 point release. bind9 (1:9.11.5.P4+dfsg-5.1+deb10u7) buster-security; urgency=high . * CVE-2021-25220: The rules for acceptance of records into the cache have been tightened to prevent the possibility of poisoning if forwarders send records outside the configured bailiwick. bind9 (1:9.11.5.P4+dfsg-5.1+deb10u6) buster-security; urgency=high . * CVE-2021-25219: The "lame-ttl" option is now forcibly set to 0. This effectively disables the lame server cache, as it could previously be abused by an attacker to significantly degrade resolver performance. btrbk (0.27.1-1+deb10u2) buster; urgency=high . * Non-maintainer upload by the LTS Team. * regression fix for CVE-2021-38173 (Closes: #996260, #996266) cargo-mozilla (0.47.0-3~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport to buster. * Vendor libgit2 1.0.1, the system one is too old. * Build-dep on rustc-mozilla. * Build-dep on libpcre3-dev, for libgit2. * Fix tests that now have execution time in the output. * Rename to cargo-mozilla to avoid disruption in the rustc/cargo ecosystem, and don't build the doc package. chrony (3.4-4+deb10u2) buster; urgency=medium . * debian/usr.sbin.chronyd: - Allow reading the chronyd configuration file that timemaster(8) generates. Thanks to Michael Lestinsky for the report! (Closes: #1004745) cimg (2.4.5+dfsg-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * CVE-2020-25693: Fix multiple heap buffer overflows. (Closes: #973770) clamav (0.103.5+dfsg-0+deb10u1) buster; urgency=medium . * Import 0.103.5 - CVE-2022-20698 (Fix for invalid pointer read that may cause a crash). - Update symbol file. clamav (0.103.4+dfsg-1) unstable; urgency=medium . * Import 0.103.4 - Update symbol file. * Add clamonacc.8. * Install clamonacc only on Linux. Patch by Laurent Bigonvill (Closes: #992776). * Drop unused libidn11-dev dependency, suggested by Simon Josefsson (Closes: #991976). clamav (0.103.4+dfsg-0+deb11u1) bullseye; urgency=medium . * Import 0.103.4 - Update symbol file. * Add clamonacc.8. * Install clamonacc only on Linux. Patch by Laurent Bigonvill (Closes: #992776). clamav (0.103.4+dfsg-0+deb10u1) buster; urgency=medium . * Import 0.103.4 - Update symbol file. * Add clamonacc.8. * Install clamonacc only on Linux. Patch by Laurent Bigonvill (Closes: #992776). clamav (0.103.3+dfsg-1) unstable; urgency=medium . * Import 0.103.2 - Update symbol file. - Regression: clamdscan segfaults with --fdpass --multipass and ExcludePath (Closes: #988218). * Remove clamav user on purge (Closes: #987861). * Remove freshclam.dat on purge. clamav (0.103.3+dfsg-0+deb11u1) bullseye; urgency=medium . * Import 0.103.3 - Update symbol file. - Regression: clamdscan segfaults with --fdpass --multipass and ExcludePath (Closes: #988218). * Remove clamav user on purge (Closes: #987861). * Remove freshclam.dat on purge. cups (2.2.10-6+deb10u5) buster; urgency=medium . * Non-maintainer upload by the LTS Team. * CVE-2020-10001.patch An input validation issue might allow a malicious application to read restricted memory. cyrus-sasl2 (2.1.27+dfsg-1+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix _sasl_add_string * Escape password for SQL insert/update commands (CVE-2022-24407) debian-edu-config (2.10.65+deb10u8) buster-security; urgency=medium . * etc/apache2/mods-available/debian-edu-userdir.conf: - White-space cleanup (tabs and spaces mixed). - CVE-2021-20001: Disable built-in PHP engine. - Add warning to not re-enable PHP interpretation in user dirs (with reference to our README). * README.public_html_with_PHP-CGI+suExec.md: - Provide documentation on how to enable suExec support in https userdirs (i.e. ~/public_html). * debian/NEWS: + Add file, inform about PHP being disabled in Apache2 user directories. debian-installer (20190702+deb10u12) buster; urgency=medium . * Bump Linux ABI to 4.19.0-20. debian-installer-netboot-images (20190702+deb10u12) buster; urgency=medium . * Update to 20190702+deb10u12, from buster-proposed-updates. detox (1.3.0-4+deb10u1) buster; urgency=medium . * debian/patches/010_fix-largefiles.patch: created to fix 'Value too large for defined data type' on ARM. This issue is related to large files and was fixed by upstream in configure.ac, adding AC_SYS_LARGEFILE. (Closes: #992542) djvulibre (3.5.27.1-10+deb10u1) buster-security; urgency=medium . * Backport upstream commit 970fb11a296b5bbdc5e8425851253d2c5913c45e ("Fix bug#296") to address CVE-2019-15142. * Backport upstream commit b1f4e1b2187d9e5010cd01ceccf20b4a11ce723f ("fix for bug #297") to address CVE-2019-15143. * Backport upstream commit e15d51510048927f172f1bf1f27ede65907d940d ("bug 299 fixed") to address CVE-2019-15144. * Backport upstream commit 9658b01431cd7ff6344d7787f855179e73fe81a7 ("fix bug #298") to address CVE-2019-15145. * Backport upstream commit c8bec6549c10ffaa2f2fbad8bbc629efdf0dd125 ("Fixed bug 309") to address CVE-2019-18804. * Backport upstream commit cd8b5c97b27a5c1dc83046498b6ca49ad20aa9b6 ("Reviewed Fedora patches and adopted some of them (or variants thereof)") to address CVE-2021-3500, CVE-2021-32490, CVE-2021-32491, CVE-2021-32492, CVE-2021-32493. * Backport upstream commit 7b0ef20690e08f1fe124aebbf42f6310e2f40f81 ("Lizards!") to address CVE-2021-3630. evolution-data-server (3.30.5-1+deb10u2) buster; urgency=medium . * Non-maintainer upload. * CVE-2020-16117: Crash on malformed server response with minimal capabilities. expat (2.2.6-2+deb10u4) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * lib: Relax fix to CVE-2022-25236 with regard to RFC 3986 URI characters * tests: Cover relaxed fix to CVE-2022-25236 * lib: Document namespace separator effect right in header <expat.h> * lib|doc: Add a note on namespace URI validation expat (2.2.6-2+deb10u3) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Prevent stack exhaustion in build_model (CVE-2022-25313) * Prevent integer overflow in storeRawNames (CVE-2022-25315) * Prevent integer overflow in copyString (CVE-2022-25314) * lib: Fix (harmless) use of uninitialized memory * lib: Protect against malicious namespace declarations (CVE-2022-25236) (Closes: #1005895) * tests: Cover CVE-2022-25236 * lib: Drop unused macro UTF8_GET_NAMING * lib: Add missing validation of encoding (CVE-2022-25235) (Closes: #1005894) * tests: Cover missing validation of encoding (CVE-2022-25235) * Fix build_model regression. * tests: Protect against nested element declaration model regressions expat (2.2.6-2+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * lib: Detect and prevent troublesome left shifts in function storeAtts (CVE-2021-45960) (Closes: #1002994) * lib: Prevent integer overflow on m_groupSize in function doProlog (CVE-2021-46143) * lib: Prevent integer overflow at multiple places (CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827) (Closes: #1003474) * lib: Detect and prevent integer overflow in XML_GetBuffer (CVE-2022-23852) * lib: Prevent integer overflow in doProlog (CVE-2022-23990) ffmpeg (7:4.1.8-0+deb10u1) buster-security; urgency=high . [ Sebastian Ramacher ] * New upstream release - Fixes various security issues: CVE-2020-21041 CVE-2020-22017 CVE-2020-22019 CVE-2020-22020 CVE-2020-22021 CVE-2020-22022 CVE-2020-22023 CVE-2020-22025 CVE-2020-22026 CVE-2020-22027 CVE-2020-22028 CVE-2020-22029 CVE-2020-22030 CVE-2020-22031 CVE-2020-22032 CVE-2020-22033 CVE-2020-22034 CVE-2020-22035 CVE-2020-22036 CVE-2020-35965 CVE-2021-38114 CVE-2021-38171 * debian/gbp.conf Switch upstream branch to upstream/buster * debian/tests: Update encoders based on changes in 4.1.6 . [ Antoni Villalonga ] * debian/patches: Backport upstream patch to fix MXF generation (Closes: #977541) flac (1.3.2-3+deb10u1) buster; urgency=medium . * Non-maintainer upload. * CVE-2020-0499: Out of bounds read due to a heap buffer overflow. (Closes: #977764) gerbv (2.7.0-1+deb10u1) buster; urgency=medium . * Build for buster * [c33610a] Rebuild patch queue from patch-queue branch Added patch: security/Fix-TALOS-2021-1402.patch Fixing CVE-2021-40391 * [09244b9] d/gbp.conf: Adjust to branch debian/buster ghostscript (9.27~dfsg-2+deb10u5) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Check stack limits after function evaluation (CVE-2021-45944) * Fix op stack management in sampled_data_continue() (CVE-2021-45949) glibc (2.28-10+deb10u1) buster; urgency=medium . [ Aurelien Jarno ] * debian/patches/git-updates.diff: update from upstream stable branch (Closes: #930697): - Add more integrity check to malloc() function. - Fix crash in _IO_wfile_sync. - Fix bad free() in libdl if dlerror() is not used. Closes: #953257. - Fix overflow in glibc.malloc.tcache_count tunable. - Fix old x86 applications crash on exit() under valgrind. - Remove copy_file_range emulation. The kernel interface has at evolved and the glibc emulation doesn't match it anymore, so it's better for it to return -ENOSYS. This only impacts Linux kernels << 4.8. - Avoid lazy binding of symbols that may follow a variant PCS on arm64, to support binaries using AdvSIMD and SVE vector calls. - Fix large mmap64 offset for the N32 ABI on mips/mipsel/mips64el. - Improve string functions performances on arm64. * debian/patches/any/git-libio-stdout-putc.diff: refresh. * debian/debhelper.in/libc.preinst: simplify the version comparison by only comparing the two first parts, now that kernel 2.X are not supported anymore. Closes: #1004861. * debian/debhelper.in/libc.preinst: drop the check for kernel release > 255 now that glibc and preinstall script are fixed. Closes: #987266. gmp (2:6.1.2+dfsg-4+deb10u1) buster; urgency=medium . * [1f4ce6d] Add .gitlab-ci.yml * [df6d314] Avoid bit size overflows. CVE-2021-43618 graphicsmagick (1.4+really1.3.35-1~deb10u2) buster; urgency=high . [ Thorsten Alteholz <debian@alteholz.de> ] * CVE-2020-12672 Fix for a heap-based buffer overflow in ReadMNGImage() in coders/png.c. h2database (1.4.197-4+deb10u1) buster-security; urgency=high . * Team upload. * Security researchers of JFrog Security and Ismail Aydemir discovered two remote code execution vulnerabilities in the H2 Java SQL database engine which can be exploited through various attack vectors, most notably through the H2 Console and by loading custom classes from remote servers through JNDI. The H2 console is a developer tool and not required by any reverse-dependency in Debian. It has been disabled in (old)stable releases. Database developers are advised to use at least version 2.1.210-1, currently available in Debian unstable. htmldoc (1.9.3-1+deb10u3) buster; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2022-0534 A crafted GIF file could lead to a stack out-of-bounds read, which could result in a crash (segmentation fault). * CVE-2021-43579 Converting an HTML document, which links to a crafted BMP file, could lead to a stack-based buffer overflow, which could result in remote code execution. * CVE-2021-40985 A crafted BMP image could lead to a buffer overflow, which could cause a denial of service. http-parser (2.8.1-1+deb10u2) buster; urgency=medium . * Fix ABI breakage introduced by accident in 2.8.1-1+deb10u1. Many thanks to Hilko Bengen. Closes: #996460, #996939, #996997 icu (63.1-6+deb10u3) buster; urgency=medium . * Add pkg-config dependency to icu-devtools. . [ Scott Talbert <swt@techie.net> ] * Backport upstream fix for pkgdata to work without icu-config (closes: #992591). icu (63.1-6+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Use LocalMemory for cmd to prevent use after free (CVE-2020-21913) intel-microcode (3.20220207.1~deb10u1) buster; urgency=medium . * Backport for Debian oldstable (no changes) * Release manager: this is the same package already in bullseye-backports, testing and unstable. It fixes several security issues, adds MSRs that can be enabled by updated kernels for enhanced security mitigaton, and also fixes several critical "functional issues" (i.e. processor errata). There were no reports to date of regressions introduced by this microcode drelease. . intel-microcode (3.20220207.1) unstable; urgency=medium . * upstream changelog: new upstream datafile 20220207 * Mitigates (*only* when loaded from UEFI firmware through the FIT) CVE-2021-0146, INTEL-SA-00528: VT-d privilege escalation through debug port, on Pentium, Celeron and Atom processors with signatures 0x506c9, 0x506ca, 0x506f1, 0x706a1, 0x706a8 https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/57#issuecomment-1036363145 * Mitigates CVE-2021-0127, INTEL-SA-00532: an unexpected code breakpoint may cause a system hang, on many processors. * Mitigates CVE-2021-0145, INTEL-SA-00561: information disclosure due to improper sanitization of shared resources (fast-store forward predictor), on many processors. * Mitigates CVE-2021-33120, INTEL-SA-00589: out-of-bounds read on some Atom Processors may allow information disclosure or denial of service via network access. * Fixes critical errata (functional issues) on many processors * Adds a MSR switch to enable RAPL filtering (default off, once enabled it can only be disabled by poweroff or reboot). Useful to protect SGX and other threads from side-channel info leak. Improves the mitigation for CVE-2020-8694, CVE-2020-8695, INTEL-SA-00389 on many processors. * Disables TSX in more processor models. * Fixes issue with WBINDV on multi-socket (server) systems which could cause resets and unpredictable system behavior. * Adds a MSR switch to 10th and 11th-gen (Ice Lake, Tiger Lake, Rocket Lake) processors, to control a fix for (hopefully rare) unpredictable processor behavior when HyperThreading is enabled. This MSR switch is enabled by default on *server* processors. On other processors, it needs to be explicitly enabled by an updated UEFI/BIOS (with added configuration logic). An updated operating system kernel might also be able to enable it. When enabled, this fix can impact performance. * Updated Microcodes: sig 0x000306f2, pf_mask 0x6f, 2021-08-11, rev 0x0049, size 38912 sig 0x000306f4, pf_mask 0x80, 2021-05-24, rev 0x001a, size 23552 sig 0x000406e3, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 105472 sig 0x00050653, pf_mask 0x97, 2021-05-26, rev 0x100015c, size 34816 sig 0x00050654, pf_mask 0xb7, 2021-06-16, rev 0x2006c0a, size 43008 sig 0x00050656, pf_mask 0xbf, 2021-08-13, rev 0x400320a, size 35840 sig 0x00050657, pf_mask 0xbf, 2021-08-13, rev 0x500320a, size 36864 sig 0x0005065b, pf_mask 0xbf, 2021-06-04, rev 0x7002402, size 28672 sig 0x00050663, pf_mask 0x10, 2021-06-12, rev 0x700001c, size 28672 sig 0x00050664, pf_mask 0x10, 2021-06-12, rev 0xf00001a, size 27648 sig 0x00050665, pf_mask 0x10, 2021-09-18, rev 0xe000014, size 23552 sig 0x000506c9, pf_mask 0x03, 2021-05-10, rev 0x0046, size 17408 sig 0x000506ca, pf_mask 0x03, 2021-05-10, rev 0x0024, size 16384 sig 0x000506e3, pf_mask 0x36, 2021-04-29, rev 0x00ec, size 108544 sig 0x000506f1, pf_mask 0x01, 2021-05-10, rev 0x0036, size 11264 sig 0x000606a6, pf_mask 0x87, 2021-12-03, rev 0xd000331, size 291840 sig 0x000706a1, pf_mask 0x01, 2021-05-10, rev 0x0038, size 74752 sig 0x000706a8, pf_mask 0x01, 2021-05-10, rev 0x001c, size 75776 sig 0x000706e5, pf_mask 0x80, 2021-05-26, rev 0x00a8, size 110592 sig 0x000806a1, pf_mask 0x10, 2021-09-02, rev 0x002d, size 34816 sig 0x000806c1, pf_mask 0x80, 2021-08-06, rev 0x009a, size 109568 sig 0x000806c2, pf_mask 0xc2, 2021-07-16, rev 0x0022, size 96256 sig 0x000806d1, pf_mask 0xc2, 2021-07-16, rev 0x003c, size 101376 sig 0x000806e9, pf_mask 0x10, 2021-04-28, rev 0x00ec, size 104448 sig 0x000806e9, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 104448 sig 0x000806ea, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 103424 sig 0x000806eb, pf_mask 0xd0, 2021-04-28, rev 0x00ec, size 104448 sig 0x000806ec, pf_mask 0x94, 2021-04-28, rev 0x00ec, size 104448 sig 0x00090661, pf_mask 0x01, 2021-09-21, rev 0x0015, size 20480 sig 0x000906c0, pf_mask 0x01, 2021-08-09, rev 0x2400001f, size 20480 sig 0x000906e9, pf_mask 0x2a, 2021-04-29, rev 0x00ec, size 106496 sig 0x000906ea, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 102400 sig 0x000906eb, pf_mask 0x02, 2021-04-28, rev 0x00ec, size 104448 sig 0x000906ec, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424 sig 0x000906ed, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424 sig 0x000a0652, pf_mask 0x20, 2021-04-28, rev 0x00ec, size 93184 sig 0x000a0653, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 94208 sig 0x000a0655, pf_mask 0x22, 2021-04-28, rev 0x00ee, size 94208 sig 0x000a0660, pf_mask 0x80, 2021-04-28, rev 0x00ea, size 94208 sig 0x000a0661, pf_mask 0x80, 2021-04-29, rev 0x00ec, size 93184 sig 0x000a0671, pf_mask 0x02, 2021-08-29, rev 0x0050, size 102400 * Removed Microcodes: sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 * update .gitignore and debian/.gitignore. Add some missing items from .gitignore and debian/.gitignore. * ucode-blacklist: do not late-load 0x406e3 and 0x506e3. When the BIOS microcode is older than revision 0x7f (and perhaps in some other cases as well), the latest microcode updates for 0x406e3 and 0x506e3 must be applied using the early update method. Otherwise, the system might hang. Also: there must not be any other intermediate microcode update attempts [other than the one done by the BIOS itself], either. It must go from the BIOS microcode update directly to the latest microcode update. * source: update symlinks to reflect id of the latest release, 20220207 intel-microcode (3.20220207.1~bpo11+1) bullseye-backports; urgency=medium . * Rebuild for bullseye-backports (no changes required) . intel-microcode (3.20220207.1) unstable; urgency=medium . * upstream changelog: new upstream datafile 20220207 * Mitigates (*only* when loaded from UEFI firmware through the FIT) CVE-2021-0146, INTEL-SA-00528: VT-d privilege escalation through debug port, on Pentium, Celeron and Atom processors with signatures 0x506c9, 0x506ca, 0x506f1, 0x706a1, 0x706a8 https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/57#issuecomment-1036363145 * Mitigates CVE-2021-0127, INTEL-SA-00532: an unexpected code breakpoint may cause a system hang, on many processors. * Mitigates CVE-2021-0145, INTEL-SA-00561: information disclosure due to improper sanitization of shared resources (fast-store forward predictor), on many processors. * Mitigates CVE-2021-33120, INTEL-SA-00589: out-of-bounds read on some Atom Processors may allow information disclosure or denial of service via network access. * Fixes critical errata (functional issues) on many processors * Adds a MSR switch to enable RAPL filtering (default off, once enabled it can only be disabled by poweroff or reboot). Useful to protect SGX and other threads from side-channel info leak. Improves the mitigation for CVE-2020-8694, CVE-2020-8695, INTEL-SA-00389 on many processors. * Disables TSX in more processor models. * Fixes issue with WBINDV on multi-socket (server) systems which could cause resets and unpredictable system behavior. * Adds a MSR switch to 10th and 11th-gen (Ice Lake, Tiger Lake, Rocket Lake) processors, to control a fix for (hopefully rare) unpredictable processor behavior when HyperThreading is enabled. This MSR switch is enabled by default on *server* processors. On other processors, it needs to be explicitly enabled by an updated UEFI/BIOS (with added configuration logic). An updated operating system kernel might also be able to enable it. When enabled, this fix can impact performance. * Updated Microcodes: sig 0x000306f2, pf_mask 0x6f, 2021-08-11, rev 0x0049, size 38912 sig 0x000306f4, pf_mask 0x80, 2021-05-24, rev 0x001a, size 23552 sig 0x000406e3, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 105472 sig 0x00050653, pf_mask 0x97, 2021-05-26, rev 0x100015c, size 34816 sig 0x00050654, pf_mask 0xb7, 2021-06-16, rev 0x2006c0a, size 43008 sig 0x00050656, pf_mask 0xbf, 2021-08-13, rev 0x400320a, size 35840 sig 0x00050657, pf_mask 0xbf, 2021-08-13, rev 0x500320a, size 36864 sig 0x0005065b, pf_mask 0xbf, 2021-06-04, rev 0x7002402, size 28672 sig 0x00050663, pf_mask 0x10, 2021-06-12, rev 0x700001c, size 28672 sig 0x00050664, pf_mask 0x10, 2021-06-12, rev 0xf00001a, size 27648 sig 0x00050665, pf_mask 0x10, 2021-09-18, rev 0xe000014, size 23552 sig 0x000506c9, pf_mask 0x03, 2021-05-10, rev 0x0046, size 17408 sig 0x000506ca, pf_mask 0x03, 2021-05-10, rev 0x0024, size 16384 sig 0x000506e3, pf_mask 0x36, 2021-04-29, rev 0x00ec, size 108544 sig 0x000506f1, pf_mask 0x01, 2021-05-10, rev 0x0036, size 11264 sig 0x000606a6, pf_mask 0x87, 2021-12-03, rev 0xd000331, size 291840 sig 0x000706a1, pf_mask 0x01, 2021-05-10, rev 0x0038, size 74752 sig 0x000706a8, pf_mask 0x01, 2021-05-10, rev 0x001c, size 75776 sig 0x000706e5, pf_mask 0x80, 2021-05-26, rev 0x00a8, size 110592 sig 0x000806a1, pf_mask 0x10, 2021-09-02, rev 0x002d, size 34816 sig 0x000806c1, pf_mask 0x80, 2021-08-06, rev 0x009a, size 109568 sig 0x000806c2, pf_mask 0xc2, 2021-07-16, rev 0x0022, size 96256 sig 0x000806d1, pf_mask 0xc2, 2021-07-16, rev 0x003c, size 101376 sig 0x000806e9, pf_mask 0x10, 2021-04-28, rev 0x00ec, size 104448 sig 0x000806e9, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 104448 sig 0x000806ea, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 103424 sig 0x000806eb, pf_mask 0xd0, 2021-04-28, rev 0x00ec, size 104448 sig 0x000806ec, pf_mask 0x94, 2021-04-28, rev 0x00ec, size 104448 sig 0x00090661, pf_mask 0x01, 2021-09-21, rev 0x0015, size 20480 sig 0x000906c0, pf_mask 0x01, 2021-08-09, rev 0x2400001f, size 20480 sig 0x000906e9, pf_mask 0x2a, 2021-04-29, rev 0x00ec, size 106496 sig 0x000906ea, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 102400 sig 0x000906eb, pf_mask 0x02, 2021-04-28, rev 0x00ec, size 104448 sig 0x000906ec, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424 sig 0x000906ed, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424 sig 0x000a0652, pf_mask 0x20, 2021-04-28, rev 0x00ec, size 93184 sig 0x000a0653, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 94208 sig 0x000a0655, pf_mask 0x22, 2021-04-28, rev 0x00ee, size 94208 sig 0x000a0660, pf_mask 0x80, 2021-04-28, rev 0x00ea, size 94208 sig 0x000a0661, pf_mask 0x80, 2021-04-29, rev 0x00ec, size 93184 sig 0x000a0671, pf_mask 0x02, 2021-08-29, rev 0x0050, size 102400 * Removed Microcodes: sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 * update .gitignore and debian/.gitignore. Add some missing items from .gitignore and debian/.gitignore. * ucode-blacklist: do not late-load 0x406e3 and 0x506e3. When the BIOS microcode is older than revision 0x7f (and perhaps in some other cases as well), the latest microcode updates for 0x406e3 and 0x506e3 must be applied using the early update method. Otherwise, the system might hang. Also: there must not be any other intermediate microcode update attempts [other than the one done by the BIOS itself], either. It must go from the BIOS microcode update directly to the latest microcode update. * source: update symlinks to reflect id of the latest release, 20220207 intel-microcode (3.20210608.2) unstable; urgency=high . * Correct INTEL-SA-00442 CVE id to CVE-2020-24489 in changelog and debian/changelog (3.20210608.1). ipython (5.8.0-1+deb10u1) buster-security; urgency=high . * Fixes CVE-2022-21699 (execution of config files from the current directory, which might allow cross-user attacks if ipython is run from a directory multiple users can write). Closes: #1004122 jbig2dec (0.16-1+deb10u1) buster; urgency=high . * Team upload (printing and LTS) * CVE-2020-12268 avoid overflow with extreme values of x,y,w,h in function jbig2_image_compose() jtharness (6.0-b15-1~deb10u1) buster; urgency=medium . * Rebuild for buster, needed for latest OpenJDK 11.x release - Switch to debhelper 12 jtharness (6.0-b13-1) unstable; urgency=medium . * Team upload. * New upstream release jtharness (6.0-b10-1) unstable; urgency=medium . * Team upload. * New upstream release - Refreshed the patches * Depend on libservlet-api-java instead of libservlet3.1-java * Removed the -doc package * Standards-Version updated to 4.5.0 * Switch to debhelper level 11 * Use salsa.debian.org Vcs-* URLs * Track and download the new releases from GitHub jtreg (5.1-b01-2~deb10u1) buster; urgency=medium . * Rebuild for buster, needed for latest OpenJDK 11.x release - Switch to debhelper 12 jtreg (5.1-b01-1) unstable; urgency=medium . * Team upload. * New upstream release - Refreshed the patches * Switch to debhelper level 12 jtreg (5.0-b01-2.1) unstable; urgency=medium . * Non-maintainer upload. * Provide jar symlinks in /usr/share/jtreg/share/java as well. Allows openjdk configuration --with-jtreg=/usr/share/jtreg with the same patchset for all release. * Provide additional jar symlinks for jh.jar and hamcrest-core.jar. jtreg (5.0-b01-2) unstable; urgency=medium . * Team upload. * Install jtreg under /usr/share/jtreg and use it as the default JT_HOME path jtreg (5.0-b01-1) unstable; urgency=medium . * Team upload. * New upstream release - Refreshed the patches - Depend on libjtharness-java (>= 6.0) * Standards-Version updated to 4.5.0 jtreg (4.2-b16-1) unstable; urgency=medium . * Team upload. * New upstream release - Refreshed the patches * Track the new releases from GitHub * Standards-Version updated to 4.4.1 lemonldap-ng (2.0.2+ds-7+deb10u7) buster; urgency=medium . * Add gsfonts in recommended dependencies (Closes: #982534) * Fix auth process in password-testing plugins (Closes: CVE-2021-20874) leptonlib (1.76.0-1+deb10u1) buster; urgency=medium . * Non-maintainer upload by the LTS Team. (Closes: #985089) * CVE-2020-36277 denial of service (application crash) via an incorrect left shift in pixConvert2To8 in pixconv.c * CVE-2020-36278 heap-based buffer over-read in findNextBorderPixel in ccbord.c * CVE-2020-36279 heap-based buffer over-read in rasteropGeneralLow, related to adaptmap_reg.c and adaptmap.c * CVE-2020-36280 heap-based buffer over-read in pixReadFromTiffStream, related to tiffio.c. * CVE-2020-36281 heap-based buffer over-read in pixFewColorsOctcubeQuantMixed in colorquant1.c libdatetime-timezone-perl (1:2.23-1+2022a) buster; urgency=medium . * Update to Olson database version 2022a. This update includes contemporary changes for Palestine. . libdatetime-timezone-perl (1:2.23-1+2021e) buster; urgency=medium . * Update to Olson database version 2021e. This update includes contemporary changes for Palestine. . libdatetime-timezone-perl (1:2.23-1+2021d) buster; urgency=medium . * Update to Olson database version 2021d. This update includes fixes for the zone links for Atlantic/Jan_Mayen and America/Virgin (2021c), and contemporary changes for Fiji (2021d). libdatetime-timezone-perl (1:2.23-1+2021e) buster; urgency=medium . * Update to Olson database version 2021e. This update includes contemporary changes for Palestine. . libdatetime-timezone-perl (1:2.23-1+2021d) buster; urgency=medium . * Update to Olson database version 2021d. This update includes fixes for the zone links for Atlantic/Jan_Mayen and America/Virgin (2021c), and contemporary changes for Fiji (2021d). libdatetime-timezone-perl (1:2.23-1+2021d) buster; urgency=medium . * Update to Olson database version 2021d. This update includes fixes for the zone links for Atlantic/Jan_Mayen and America/Virgin (2021c), and contemporary changes for Fiji (2021d). libencode-perl (3.00-1+deb10u1) buster; urgency=medium . * Fix memory leak. Add patch rt_139622_memory-leak.patch, taken from upstream releases 3.13, 3.14, 3.15 to fix a memory leak in Encode.xs. Cf. https://rt.cpan.org/Ticket/Display.html?id=139622 (Closes: #995804) libetpan (1.9.3-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. * CVE-2020-15953: STARTTLS response injection that affects IMAP, SMTP, and POP3. (Closes: #966647) libextractor (1:1.8-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. * CVE-2019-15531: Invalid read for malformed DVI files. (Closes: #935553) libjackson-json-java (1.9.13-2~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster. - Revert the debhelper compat bump. . libjackson-json-java (1.9.13-2) unstable; urgency=medium . * Team upload. * Add upstream fixes. - Serializing types for deeply nested Maps. - Set Secure Processing flag on DocumentBuilderFactory. - Set setExpandEntityReferences(false). (Fixes: CVE-2019-10172) - WriteRawValue surrogate pair fix. - Fix deserialization. - All known security fixes. (Fixes: CVE-2017-15095 and CVE-2017-7525) * Update Standards-Version to 4.5.0 * Use debhelper-compat. - Update compat level to 13. libmodbus (3.1.4-2+deb10u1) buster; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2019-14462 + CVE-2019-14463 out of bound reads for MODBUS_FC_WRITE_MULTIPLE_REGISTERS and MODBUS_FC_WRITE_MULTIPLE_COILS * add unit test for CVEs above libpcap (1.8.1-6+deb10u1) buster; urgency=medium . * Non-maintainer upload. * CVE-2019-15165: Improper PHB header length validation. (Closes: #941697) libphp-adodb (5.20.14-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Prevent auth bypass with PostgreSQL connections (CVE-2021-3850) (Closes: #1004376) libsdl1.2 (1.2.15+dfsg2-6~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster. . libsdl1.2 (1.2.15+dfsg2-6) unstable; urgency=medium . * Team upload. . [ Debian Janitor ] * Trim trailing whitespace. * Re-export upstream signing key without extra signatures. . [ Maximilian Engelhardt ] * SDL_x11events.c: properly handle input focus events (Closes: #980253) . libsdl1.2 (1.2.15+dfsg2-5) unstable; urgency=medium . [ Abhijith PA ] * Fix CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575 CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636 CVE-2019-7637, CVE-2019-7638 (Closes: #924609) . [ Felix Geyer ] * Fix CVE-2019-13616 libsdl1.2 (1.2.15+dfsg2-5) unstable; urgency=medium . [ Abhijith PA ] * Fix CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575 CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636 CVE-2019-7637, CVE-2019-7638 (Closes: #924609) . [ Felix Geyer ] * Fix CVE-2019-13616 libxml-security-java (2.0.10-2+deb10u1) buster-security; urgency=high . * Team upload. * Fix CVE-2021-40690: Apache Santuario - XML Security for Java is vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element. libxml2 (2.9.4+dfsg1-7+deb10u3) buster; urgency=medium . * Non-maintainer upload. * Use-after-free of ID and IDREF attributes (CVE-2022-23308) (Closes: #1006489) libxstream-java (1.4.11.1-1+deb10u3) buster-security; urgency=high . * Team upload. * Enable the security whitelist by default to prevent RCE vulnerabilities. XStream no longer uses a blacklist because it cannot be secured for general purpose. lighttpd (1.4.53-4+deb10u2) buster-security; urgency=medium . [ Glenn Strauss ] * Fix CVE-2022-22707 32-bit lighttpd mod_extforward crash. linux (4.19.235-1) buster; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.233 - mac80211_hwsim: report NOACK frames in tx_status - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work - [arm*] i2c: bcm2835: Avoid clock stretching timeouts - [x86] ASoC: rt5682: do not block workqueue if card is unbound - Input: clear BTN_RIGHT/MIDDLE on buttonpads - cifs: fix double free race when mount fails in cifs_get_root() - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 - usb: gadget: don't release an existing dev->buf (CVE-2022-24958) - usb: gadget: clear related members when goto fail (CVE-2022-24958) - ata: pata_hpt37x: fix PCI clock detection - [x86] ALSA: intel_hdmi: Fix reference to PCM buffer address - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min - xfrm: fix MTU regression - netfilter: fix use-after-free in __nf_register_net_hook() - xfrm: fix the if_id check in changelink - xfrm: enforce validity of offload input flags - netfilter: nf_queue: don't assume sk is full socket - netfilter: nf_queue: fix possible use-after-free - batman-adv: Request iflink once in batadv-on-batadv check - batman-adv: Request iflink once in batadv_get_real_netdevice - batman-adv: Don't expect inter-netns unique iflink indices - net: dcb: flush lingering app table entries for unregistered devices - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server - block: Fix fsync always failed if once failed - PCI: pciehp: Fix infinite loop in IRQ handler upon power fault - xen/netfront: destroy queues before real_num_tx_queues is zeroed - mac80211: fix forwarded mesh frames AC & queue selection - [arm64,armhf] net: stmmac: fix return value of __setup handler - net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe() - efivars: Respect "block" flag in efivar_entry_set_safe() - can: gs_usb: change active_channels's type from atomic_t to u8 - [armel,armhf] 9182/1: mmu: fix returns from early_param() and __setup() functions - net: chelsio: cxgb3: check the return value of pci_find_capability() - nl80211: Handle nla_memdup failures in handle_nan_filter - Input: elan_i2c - move regulator_[en|dis]able() out of elan_[en|dis]able_power() - Input: elan_i2c - fix regulator enable count imbalance after suspend/resume - HID: add mapping for KEY_ALL_APPLICATIONS - memfd: fix F_SEAL_WRITE after shmem huge page allocated - tracing/histogram: Fix sorting on old "cpu" value - btrfs: add missing run of delayed items after unlink during log replay - net: dcb: disable softirqs in dcbnl_flush_dev() - hamradio: fix macro redefine warning https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.234 - [arm*] Provide a wrapper for SMCCC 1.1 calls - [arm64,armhf] smccc/psci: add arm_smccc_1_1_get_conduit() - [armhf] report Spectre v2 status through sysfs - [armel,armhf] early traps initialisation - [armel,armhf] use LOADADDR() to get load address of sections - [armel,armhf] Spectre-BHB workaround - [armel,armhf] include unprivileged BPF status in Spectre V2 reporting - [armel,armhf] fix build error when BPF_SYSCALL is disabled - [armel,armhf] fix co-processor register typo - [armel,armhf] Do not use NOCROSSREFS directive with ld.lld - [armhf] fix build warning in proc-v7-bugs.c - xen/xenbus: don't let xenbus_grant_ring() remove grants in error case (CVE-2022-23040, XSA-396) - xen/grant-table: add gnttab_try_end_foreign_access() (CVE-2022-23036, CVE-2022-23038, XSA-396) - xen/blkfront: don't use gnttab_query_foreign_access() for mapped status (CVE-2022-23036, XSA-396) - xen/netfront: don't use gnttab_query_foreign_access() for mapped status (CVE-2022-23037, XSA-396) - xen/scsifront: don't use gnttab_query_foreign_access() for mapped status (CVE-2022-23038, XSA-396) - xen/gntalloc: don't use gnttab_query_foreign_access() (CVE-2022-23039, XSA-396) - xen: remove gnttab_query_foreign_access() - xen/9p: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396) - xen/pvcalls: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396) - xen/gnttab: fix gnttab_end_foreign_access() without page specified (CVE-2022-23041, XSA-396) - xen/netfront: react properly to failing gnttab_end_foreign_access_ref() (CVE-2022-23042, XSA-396) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.235 - net: qlogic: check the return value of dma_alloc_coherent() in qed_vf_hw_prepare() - qed: return status of qed_iov_get_link - ax25: Fix NULL pointer dereference in ax25_kill_by_device - net/mlx5: Fix size field in bufferx_reg struct - NFC: port100: fix use-after-free in port100_send_complete - net: phy: DP83822: clear MISR2 register to disable interrupts - sctp: fix kernel-infoleak for SCTP sockets - net-sysfs: add check for netdevice being present to speed_show - Revert "xen-netback: remove 'hotplug-status' once it has served its purpose" - Revert "xen-netback: Check for hotplug-status existence before watching" - tracing: Ensure trace buffer is at least 4096 bytes large - [arm64] net: macb: Fix lost RX packet wakeup race in NAPI receive - virtio: unexport virtio_finalize_features - virtio: acknowledge all features before access - [armel,armhf] fix Thumb2 regression with Spectre BHB - ext4: add check to prevent attempting to resize an fs with sparse_super2 - btrfs: unlock newly allocated extent buffer after error (CVE-2021-4149) . [ Salvatore Bonaccorso ] * [rt] Add new signing key for Daniel Wagner * [rt] Update to 4.19.233-rt105 * Bump ABI to 20 * sctp: fix the processing for INIT chunk (CVE-2021-3772) * sctp: fix the processing for INIT_ACK chunk (CVE-2021-3772) linux (4.19.232-1) buster-security; urgency=high . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.209 - ocfs2: drop acl cache for directories too - [arm*] usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA - [armhf] usb: musb: tusb6010: uninitialized data in tusb_fifo_write_unaligned() - cifs: fix incorrect check for null pointer in header_assemble - [x86] xen/x86: fix PV trap handling on secondary processors - USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter - USB: cdc-acm: fix minor-number release - Re-enable UAS for LaCie Rugged USB3-FW with fk quirk - USB: serial: mos7840: remove duplicated 0xac24 device ID - USB: serial: option: add Telit LN920 compositions - USB: serial: option: remove duplicate USB device ID - USB: serial: option: add device id for Foxconn T99W265 - [arm64] serial: mvebu-uart: fix driver's tx_empty callback - net: hso: fix muxed tty registration - bnxt_en: Fix TX timeout when TX ring size is set to the smallest - net/smc: add missing error check in smc_clc_prfx_set() - net/mlx4_en: Don't allow aRFS for encapsulated packets - scsi: iscsi: Adjust iface sysfs attr detection - [x86] tty: synclink_gt, drop unneeded forward declarations - [x86] tty: synclink_gt: rename a conflicting function name - thermal/core: Potential buffer overflow in thermal_build_list_of_policies() - [arm64,armhf] irqchip/gic-v3-its: Fix potential VPE leak on error - md: fix a lock order reversal in md_alloc - blktrace: Fix uaf in blk_trace access after removing by sysfs - [arm64,armhf] net: stmmac: allow CSR clock of 300MHz - xen/balloon: use a kernel thread instead a workqueue - nvme-multipath: fix ANA state updates when a namespace is not present - qnx4: avoid stringop-overread errors - [arm64] Mark __stack_chk_guard as __ro_after_init - net: 6pack: Fix tx timeout and slot time - [arm64] PCI: aardvark: Fix checking for PIO status - tcp: address problems caused by EDT misshaps - tcp: always set retrans_stamp on recovery - tcp: create a helper to model exponential backoff - tcp: adjust rto_base in retransmits_timed_out() - xen/balloon: fix balloon kthread freezing - tty: Fix out-of-bound vmalloc access in imageblit - cpufreq: schedutil: Use kobject release() method to free sugov_tunables - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory - mac80211: fix use-after-free in CCMP/GCMP RX - [x86] kvmclock: Move this_cpu_pvti into kvmclock.h - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20 - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb - hwmon: (tmp421) Replace S_<PERMS> with octal values - hwmon: (tmp421) report /PVLD condition as fault - hwmon: (tmp421) fix rounding for negative values - e100: fix length calculation in e100_get_regs_len - e100: fix buffer overrun in e100_get_regs - Revert "block, bfq: honor already-setup queue merges" - scsi: csiostor: Add module softdep on cxgb4 - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses (CVE-2021-4203) - elf: don't use MAP_FIXED_NOREPLACE for elf interpreter mappings - ext4: fix potential infinite loop in ext4_dx_readdir() - net: udp: annotate data race around udp_sk(sk)->corkflag - [armel,armhf] 9077/1: PLT: Move struct plt_entries definition to header - [armel,armhf] 9078/1: Add warn suppress parameter to arm_gen_branch_link() - [armel,armhf] 9079/1: ftrace: Add MODULE_PLTS support - [armel,armhf] 9098/1: ftrace: MODULE_PLT: Fix build problem without DYNAMIC_FTRACE - [x86] crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() (CVE-2021-3744, CVE-2021-3764) - HID: betop: fix slab-out-of-bounds Write in betop_probe - netfilter: ipset: Fix oversized kvmalloc() calls - HID: usbhid: free raw_report buffers in usbhid_stop - cred: allow get_cred() and put_cred() to be given NULL. https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.210 - net: mdio: introduce a shutdown method to mdio device drivers - xen-netback: correct success/error reporting for the SKB-with-fraglist case - scsi: sd: Free scsi_disk device via put_device() - [arm*] usb: dwc2: check return value after calling platform_get_resource() - scsi: ses: Retry failed Send/Receive Diagnostic commands - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD. - lib/timerqueue: Rely on rbtree semantics for next timer (CVE-2021-20317) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.211 - USB: cdc-acm: fix racy tty buffer accesses - USB: cdc-acm: fix break reporting - xen/privcmd: fix error handling in mmap-resource processing - ovl: fix missing negative dentry check in ovl_rename() (CVE-2021-20321) - nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero - xen/balloon: fix cancelled balloon action - [armhf] dts: omap3430-sdp: Fix NAND device node - [mips,mipsel] bpf, mips: Validate conditional branch offsets (CVE-2021-38300) - [armel,armhf] bpf, arm: Fix register clobbering in div/mod implementation - bpf: Fix integer overflow in prealloc_elems_and_freelist() (CVE-2021-41864) - phy: mdio: fix memory leak - net_sched: fix NULL deref in fifo_set_limit() - [i386] ptp_pch: Load module automatically if ID matches - [armhf] imx6: disable the GIC CPU interface before calling stby-poweroff sequence - net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size() - [arm64,armhf] net: sfp: Fix typo in state machine debug string - netlink: annotate data races around nlk->bound - drm/nouveau/debugfs: fix file release memory leak - rtnetlink: fix if_nlmsg_stats_size() under estimation - i40e: fix endless loop under rtnl - i40e: Fix freeing of uninitialized misc IRQ vector - i2c: acpi: fix resource leak in reconfiguration device addition https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.212 - [armhf] net: phy: bcm7xxx: Fixed indirect MMD operations - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS - netfilter: ip6_tables: zero-initialize fragment offset - mac80211: Drop frames from invalid MAC address in ad-hoc mode - net: prevent user from passing illegal stab size - mac80211: check return value of rhashtable_init - scsi: ses: Fix unsigned comparison with less than zero - scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported" - [x86] perf/x86: Reset destroy callback on event init failure - sched: Always inline is_percpu_thread() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.213 - ALSA: seq: Fix a potential UAF by wrong private_free call order - ALSA: hda/realtek: Complete partial device name to avoid ambiguity - ALSA: hda/realtek: Add quirk for Clevo X170KM-G - ALSA: hda/realtek - ALC236 headset MIC recording issue - [s390x] fix strrchr() implementation - btrfs: deal with errors when replaying dir entry during log replay - btrfs: deal with errors when adding inode reference during log replay - btrfs: check for error when looking up inode during dir entry replay - [x86] mei: me: add Ice Lake-N device id. - xhci: guard accesses to ep_state in xhci_endpoint_reset() - xhci: Fix command ring pointer corruption while aborting a command - xhci: Enable trust tx length quirk for Fresco FL11 USB controller - cb710: avoid NULL pointer subtraction - [arm64,x86] efi/cper: use stack buffer for error record decoding - efi: Change down_interruptible() in virt_efi_reset_system() to down_trylock() - [armhf] usb: musb: dsps: Fix the probe error path - Input: xpad - add support for another USB ID of Nacon GC-100 - USB: serial: qcserial: add EM9191 QDL support - USB: serial: option: add Quectel EC200S-CN module support - USB: serial: option: add Telit LE910Cx composition 0x1204 - USB: serial: option: add prod. id for Quectel EG91 - virtio: write back F_VERSION_1 before validate - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells - sctp: account stream padding length for reconf chunk (CVE-2022-0322) - ethernet: s2io: fix setting mac address during resume - nfc: fix error handling of nfc_proto_register() - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa() - NFC: digital: fix possible memory leak in digital_in_send_sdd_req() - [i386] pata_legacy: fix a couple uninitialized variable bugs - [arm64] drm/msm: Fix null pointer dereference on pointer edp - [arm64] drm/msm/dsi: Fix an error code in msm_dsi_modeset_init() - [arm64] drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling - [arm64] acpi/arm64: fix next_platform_timer() section mismatch error - mqprio: Correct stats in mqprio_dump_class_stats(). - qed: Fix missing error code in qed_slowpath_start() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.214 - NFSD: Keep existing listeners on portlist error - netfilter: ipvs: make global sysctl readonly in non-init netns - [arm64] net: hns3: add limit ets dwrr bandwidth cannot be 0 - [arm64] net: hns3: disable sriov before unload hclge layer - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state notification - can: peak_pci: peak_pci_remove(): fix UAF - ocfs2: fix data corruption after conversion from inline format - ocfs2: mount fails with buffer overflow in strlen - vfs: check fd has read access in kernel_read_file_from_fd() (CVE-2022-0644) - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset - ALSA: hda/realtek: Add quirk for Clevo PC50HS - ASoC: DAPM: Fix missing kctl change notifications - mm, slub: fix mismatch between reconstructed freelist depth and cnt - nfc: nci: fix the UAF of rf_conn_info object (CVE-2021-3760) - isdn: cpai: check ctr->cnr to avoid array index out of bound (CVE-2021-43389) - btrfs: deal with errors when checking if a dir entry exists during log replay - [arm64,armhf] net: stmmac: add support for dwmac 3.40a - isdn: mISDN: Fix sleeping function called from invalid context - ALSA: hda: avoid write to STATESTS if controller is in reset - scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma() - net: mdiobus: Fix memory leak in __mdiobus_register - tracing: Have all levels of checks prevent recursion https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.215 - [armel,armhf] 9139/1: kprobes: fix arch_init_kprobes() prototype - [powerpc*] bpf: Fix BPF_MOD when imm == 1 - [arm64] Avoid premature usercopy failure - usbnet: sanity check for maxpacket - usbnet: fix error return code in usbnet_probe() - ata: sata_mv: Fix the error handling of mv_chip_id() - nfc: port100: fix using -ERRNO as command type mask - Revert "net: mdiobus: Fix memory leak in __mdiobus_register" - ipv4: use siphash instead of Jenkins in fnhe_hashfun() (CVE-2021-20322) - ipv6: use siphash in rt6_exception_hash() (CVE-2021-20322) - ipv6: make exception cache less predictible (CVE-2021-20322) - mmc: vub300: fix control-message timeouts - mmc: cqhci: clear HALT state after CQE enable - [armhf] mmc: dw_mmc: exynos: fix the finding clock sample value - mmc: sdhci: Map more voltage level to SDHCI_POWER_330 - [armhf] mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset standard tuning circuit - net: lan78xx: fix division by zero in send path - RDMA/mlx5: Set user priority for DCT - [arm64] dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node - regmap: Fix possible double-free in regcache_rbtree_exit() - net: batman-adv: fix error handling - net: Prevent infinite while loop in skb_tx_hash() - net: ethernet: microchip: lan743x: Fix driver crash when lan743x_pm_resume fails - net: ethernet: microchip: lan743x: Fix dma allocation failure by using dma_set_mask_and_coherent - sctp: use init_tag from inithdr for ABORT chunk (CVE-2021-3772) - sctp: fix the processing for COOKIE_ECHO chunk (CVE-2021-3772) - sctp: add vtag check in sctp_sf_violation (CVE-2021-3772) - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa (CVE-2021-3772) - sctp: add vtag check in sctp_sf_ootb (CVE-2021-3772) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.216 - scsi: core: Put LLD module refcnt after SCSI device is released - media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() (CVE-2021-42739) - IB/qib: Use struct_size() helper - IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields - sfc: Fix reading non-legacy supported link modes - arch: pgtable: define MAX_POSSIBLE_PHYSMEM_BITS where needed - [armel,armhf] 9120/1: Revert "amba: make use of -1 IRQs warn" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.217 - [x86] Revert "x86/kvm: fix vcpu-id indexed array sizes" - usb: ehci: handshake CMD_RUN instead of STS_HALT - [arm64,armhf] usb: musb: Balance list entry in musb_gadget_queue - usb-storage: Add compatibility quirk flags for iODD 2531/2541 - printk/console: Allow to disable console output by using console="" or console=null - isofs: Fix out of bound access for corrupted isofs image - [x86] comedi: dt9812: fix DMA buffers on stack - [x86] comedi: ni_usb6501: fix NULL-deref in command paths - [x86] comedi: vmk80xx: fix transfer-buffer overflows - [x86] comedi: vmk80xx: fix bulk-buffer overflow - [x86] comedi: vmk80xx: fix bulk and interrupt message timeouts - staging: r8712u: fix control-message timeout - [x86] staging: rtl8192u: fix control-message timeouts - rsi: fix control-message timeout https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.218 - xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good delay - binder: use euid from cred instead of using task - binder: use cred instead of task for selinux checks - Input: elantench - fix misreporting trackpoint coordinates (Closes: #989285) - libata: fix read log timeout value - ocfs2: fix data corruption on truncate - [arm64,armhf] mmc: dw_mmc: Dont wait for DRTO on Write RSP error - tpm: Check for integer overflow in tpm2_map_response_body() - [x86] media: ite-cir: IR receiver stop working after receive overflow - media: ir-kbd-i2c: improve responsiveness of hauppauge zilog receivers (Closes: #994050) - ALSA: hda/realtek: Add quirk for Clevo PC70HS - ALSA: ua101: fix division by zero at probe - ALSA: 6fire: fix control and bulk message timeouts - ALSA: line6: fix control and interrupt message timeouts - ALSA: usb-audio: Add registration quirk for JBL Quantum 400 - ALSA: synth: missing check for possible NULL after the call to kstrdup - ALSA: timer: Fix use-after-free problem - ALSA: timer: Unconditionally unlink slave instances, too - [x86] irq: Ensure PI wakeup handler is unregistered before module unload - [arm64] cavium: Return negative value when pci_alloc_irq_vectors() fails - scsi: qla2xxx: Fix unmap of already freed sgl - [arm64] cavium: Fix return values of the probe function - sfc: Don't use netif_info before net_device setup - [x86] hyperv/vmbus: include linux/bitops.h - drm: panel-orientation-quirks: Add quirk for Aya Neo 2021 - bpf: Prevent increasing bpf_jit_limit above max - xen/netfront: stop tx queues during live migration - [armhf] spi: spl022: fix Microwire full duplex mode - [armhf] watchdog: Fix OMAP watchdog early handling - [x86] vmxnet3: do not stop tx queues after netif_device_detach() - btrfs: clear MISSING device status bit in btrfs_close_one_device - btrfs: fix lost error handling when replaying directory deletes - btrfs: call btrfs_check_rw_degradable only if there is a missing device - [armhf] regulator: s5m8767: do not use reset value as DVS voltage if GPIO DVS is disabled - [armhf] regulator: dt-bindings: samsung,s5m8767: correct s5m8767,pmic-buck-default-dvs-idx property - EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell - [x86] mwifiex: fix division by zero in fw download path - ath6kl: fix division by zero in send path - ath6kl: fix control-message timeout - ath10k: fix control-message timeout - ath10k: fix division by zero in send path - PCI: Mark Atheros QCA6174 to avoid bus reset - rtl8187: fix control-message timeouts - [arm64] wcn36xx: Fix HT40 capability for 2Ghz band - mwifiex: Read a PCI register after writing the TX ring write pointer - libata: fix checking of DMA state - [arm64] wcn36xx: handle connection loss indication - rsi: fix occasional initialisation failure with BT coex - rsi: fix key enabled check causing unwanted encryption for vap_id > 0 - rsi: fix rate mask set leading to P2P failure - rsi: Fix module dev_oper_mode parameter description - RDMA/qedr: Fix NULL deref for query_qp on the GSI QP - signal: Remove the bogus sigkill_pending in ptrace_stop - [mips*] signal/mips: Update (_save|_restore)_fp_context to fail with -EFAULT - [x86] power: supply: max17042_battery: Prevent int underflow in set_soc_threshold - [x86] power: supply: max17042_battery: use VFSOC for capacity when no rsns - serial: core: Fix initializing and restoring termios speed - ALSA: mixer: oss: Fix racy access to slots - ALSA: mixer: fix deadlock in snd_mixer_oss_set_volume - xen/balloon: add late_initcall_sync() for initial ballooning done - [arm64] PCI: aardvark: Do not clear status bits of masked interrupts - [arm64] PCI: aardvark: Do not unmask unused interrupts - [arm64] PCI: aardvark: Fix return value of MSI domain .alloc() method - [arm64] PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG - quota: check block number when reading the block in quota file - quota: correct error number in free_dqentry() - pinctrl: core: fix possible memory leak in pinctrl_enable() - iio: dac: ad5446: Fix ad5622_write() return value - USB: serial: keyspan: fix memleak on probe errors - USB: iowarrior: fix control-message timeouts - drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200 2-in-1 - Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() (CVE-2021-3640) - Bluetooth: fix use-after-free error in lock_sock_nested() (CVE-2021-3752) - [x86] platform/x86: wmi: do not fail if disabling fails - locking/lockdep: Avoid RCU-induced noinstr fail - net: sched: update default qdisc visibility after Tx queue cnt changes - [x86] Increase exception stack sizes - mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type - mwifiex: Properly initialize private structure on interface type changes - media: netup_unidvb: handle interrupt properly according to the firmware - media: uvcvideo: Set capability in s_param - media: uvcvideo: Return -EIO for control errors - media: mceusb: return without resubmitting URB in case of -EPROTO error. - ACPICA: Avoid evaluating methods too early during system resume - media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte() - tracefs: Have tracefs directories not set OTH permission bits by default - ath: dfs_pattern_detector: Fix possible null-pointer dereference in channel_detector_create() - [x86] ACPI: battery: Accept charges over the design capacity as full - memstick: r592: Fix a UAF bug when removing the driver - lib/xz: Avoid overlapping memcpy() with invalid input with in-place decompression - lib/xz: Validate the value before assigning it to an enum variable - workqueue: make sysfs of unbound kworker cpumask more clever - mwl8k: Fix use-after-free in mwl8k_fw_state_machine() - PM: hibernate: Get block device exclusively in swsusp_check() - iwlwifi: mvm: disable RX-diversity in powersave - gre/sit: Don't generate link-local addr if addr_gen_mode is IN6_ADDR_GEN_MODE_NONE - [x86] hyperv: Protect set_hv_tscchange_cb() against getting preempted - task_stack: Fix end_of_stack() for architectures with upwards-growing stack - Bluetooth: fix init and cleanup of sco_conn.timeout_work - cgroup: Make rebind_subsystems() disable v2 controllers all at once - drm/amdgpu: fix warning for overflow check - media: em28xx: add missing em28xx_close_extension - media: dvb-usb: fix ununit-value in az6027_rc_query - media: si470x: Avoid card name truncation - media: cx23885: Fix snd_card_free call on null card pointer - cpuidle: Fix kobject memory leaks in error paths - media: em28xx: Don't use ops->suspend if it is NULL - ath9k: Fix potential interrupt storm on queue reset - [x86] crypto: qat - detect PFVF collision after ACK - [x86] crypto: qat - disregard spurious PFVF interrupts - b43legacy: fix a lower bounds test - b43: fix a lower bounds test - [armhf] mmc: sdhci-omap: Fix NULL pointer exception if regulator is not configured - memstick: jmb38x_ms: use appropriate free function in jmb38x_ms_alloc_host() - hwmon: Fix possible memleak in __hwmon_device_register() - ath10k: fix max antenna gain unit - [arm64] drm/msm: uninitialized variable in msm_gem_import() - net: stream: don't purge sk_error_queue in sk_stream_kill_queues() - [x86] platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning - rsi: stop thread firstly in rsi_91x_init() error handling - mwifiex: Send DELBA requests according to spec - phy: micrel: ksz8041nl: do not use power down mode - nvme-rdma: fix error code in nvme_rdma_setup_ctrl - PM: hibernate: fix sparse warnings - [arm64] drm/msm: Fix potential NULL dereference in DPU SSPP - [s390x] gmap: don't unconditionally call pte_unmap_unlock() in __gmap_zap() - tcp: don't free a FIN sk_buff in tcp_remove_empty_skb() - [s390x] KVM: s390: Fix handle_sske page fault handling - libertas_tf: Fix possible memory leak in probe and disconnect - libertas: Fix possible memory leak in probe and disconnect - [arm64] wcn36xx: add proper DMA memory barriers in rx path - [amd64,arm64] net: amd-xgbe: Toggle PLL settings during rate change - [arm64,armhf] net: phylink: avoid mvneta warning when setting pause parameters - crypto: pcrypt - Delay write to padata->info - RDMA/rxe: Fix wrong port_cap_flags - scsi: dc395: Fix error case unwinding - JFS: fix memleak in jfs_mount - ALSA: hda: Reduce udelay() at SKL+ position reporting - [arm64,armhf] soc/tegra: Fix an error handling path in tegra_powergate_power_up() - serial: 8250_dw: Drop wrong use of ACPI_PTR() - scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn() - RDMA/mlx4: Return missed an error if device doesn't support steering - [arm64] phy: qcom-qusb2: Fix a memory leak on probe - [arm64] serial: xilinx_uartps: Fix race condition causing stuck TX - [mips*] cm: Convert to bitfield API to fix out-of-bounds access - apparmor: fix error check - rpmsg: Fix rpmsg_create_ept return when RPMSG config is not defined - pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds - drm/plane-helper: fix uninitialized variable reference - [arm64] PCI: aardvark: Don't spam about PIO Response Status - NFS: Fix deadlocks in nfs_scan_commit_list() - fs: orangefs: fix error return code of orangefs_revalidate_lookup() - [arm64] mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare() - netfilter: nfnetlink_queue: fix OOB when mac header was cleared - dmaengine: dmaengine_desc_callback_valid(): Check for `callback_result` - [x86] watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT - scsi: qla2xxx: Fix gnl list corruption - scsi: qla2xxx: Turn off target reset during issue_lip - xen-pciback: Fix return in pm_ctrl_init() - [armhf] net: davinci_emac: Fix interrupt pacing disable - bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed - mm/zsmalloc.c: close race window between zs_pool_dec_isolated() and zs_unregister_migration() - zram: off by one in read_block_state() - llc: fix out-of-bound array index in llc_sk_dev_hash() - nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails - [arm64] pgtable: make __pte_to_phys/__phys_to_pte_val inline functions - vsock: prevent unnecessary refcnt inc for nonblocking connect - cxgb4: fix eeprom len when diagnostics not implemented - [arm64,armhf] USB: chipidea: fix interrupt deadlock - [armel,armhf] 9155/1: fix early early_iounmap() - f2fs: should use GFP_NOFS for directory inodes - 9p/net: fix missing error check in p9_check_errors - [powerpc*] lib: Add helper to check if offset is within conditional branch range - [powerpc*] bpf: Validate branch ranges - [powerpc*] bpf: Fix BPF_SUB when imm == 0x80000000 - [powerpc*] security: Add a helper to query stf_barrier type - [powerpc*] bpf: Emit stf barrier instruction sequences for BPF_NOSPEC - mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks - mm, oom: do not trigger out_of_memory from the #PF - [armhf] backlight: gpio-backlight: Correct initial power state handling - video: backlight: Drop maximum brightness override for brightness zero - [s390x] cio: check the subchannel validity for dev_busid - [s390x] tape: fix timer initialization in tape_std_assign() - PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros - fuse: truncate pagecache on atomic_o_trunc - [x86] cpu: Fix migration safety with X86_BUG_NULL_SEL - ext4: fix lazy initialization next schedule time computation in more granular unit - PCI/MSI: Destroy sysfs before freeing entries - PCI/MSI: Deal with devices lying about their MSI mask capability - PCI: Add MSI masking quirk for Nvidia ION AHCI - [arm64] zynqmp: Do not duplicate flash partition label property - [arm64] zynqmp: Fix serial compatible string - scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() - [armhf] usb: musb: tusb6010: check return value after calling platform_get_resource() - [x86] usb: typec: tipd: Remove WARN_ON in tps6598x_block_read - [x86] ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect - scsi: advansys: Fix kernel pointer leak - firmware_loader: fix pre-allocated buf built-in firmware use - tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc - scsi: target: Fix ordered tag handling - scsi: target: Fix alua_tg_pt_gps_count tracking - [i386] ALSA: gus: fix null pointer dereference on pointer block - f2fs: fix up f2fs_lookup tracepoints - sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain() - drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame - iavf: check for null in iavf_fix_features - iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset - [x86] platform/x86: hp_accel: Fix an error handling path in 'lis3lv02d_probe()' - net: virtio_net_hdr_to_skb: count transport header in UFO - i40e: Fix correct max_pkt_size on VF RX queue - i40e: Fix NULL ptr dereference on VSI filter sync - i40e: Fix changing previously set num_queue_pairs for PFs - i40e: Fix display error code in dmesg - NFC: reorganize the functions in nci_request - [x86] perf/x86/intel/uncore: Fix filter_tid mask for CHA events on Skylake Server - [x86] perf/x86/intel/uncore: Fix IIO event constraints for Skylake Server - tun: fix bonding active backup with arp monitoring - ipc: WARN if trying to remove ipc object which is absent - [x86] hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails - udf: Fix crash after seekdir - btrfs: fix memory ordering between normal and ordered work functions - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type - drm/udl: fix control-message timeout - drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga and dvi connectors - perf/core: Avoid put_page() when GUP fails - batman-adv: mcast: fix duplicate mcast packets in BLA backbone from LAN - batman-adv: Consider fragmentation for needed_headroom - batman-adv: Reserve needed_*room for fragments - batman-adv: Don't always reallocate the fragmentation skb head - RDMA/netlink: Add __maybe_unused to static inline in C file - ASoC: DAPM: Cover regression by kctl change notification fix - [arm64,armhf] soc/tegra: pmc: Fix imbalanced clock disabling in error code path https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.219 - USB: serial: option: add Telit LE910S1 0x9200 composition - USB: serial: option: add Fibocom FM101-GL variants - [arm*] usb: dwc2: hcd_queue: Fix use of floating point literal - usb: hub: Fix usb enumeration issue due to address0 race - usb: hub: Fix locking issues with address0_mutex - [arm*] binder: fix test regression due to sender_euid change - ALSA: ctxfi: Fix out-of-range access - media: cec: copy sequence field for the reply - HID: wacom: Use "Confidence" flag to prevent reporting invalid contacts - [x86] staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() - fuse: fix page stealing - xen: don't continue xenstore initialization in case of errors - xen: detect uninitialized xenbus in xenbus_init - tracing: Fix pid filtering when triggers are attached - proc/vmcore: fix clearing user buffer by properly using clear_user() - [arm64] PCI: aardvark: Fix a leaked reference by adding missing of_node_put() - [arm64] PCI: aardvark: Wait for endpoint to be ready before training link - [arm64] PCI: aardvark: Train link immediately after enabling training - [arm64] PCI: aardvark: Improve link training - [arm64] PCI: aardvark: Issue PERST via GPIO - [arm64] PCI: aardvark: Replace custom macros by standard linux/pci_regs.h macros - [arm64] PCI: aardvark: Indicate error in 'val' when config read fails - [arm64] PCI: aardvark: Don't touch PCIe registers if no card connected - [arm64] PCI: aardvark: Fix compilation on s390 - [arm64] PCI: aardvark: Move PCIe reset card code to advk_pcie_train_link() - [arm64] PCI: aardvark: Update comment about disabling link training - [arm64] PCI: aardvark: Configure PCIe resources from 'ranges' DT property - [arm64] PCI: aardvark: Fix PCIe Max Payload Size setting - [arm64] PCI: aardvark: Fix link training - [arm64] PCI: aardvark: Fix checking for link up via LTSSM state - [arm64] pinctrl: armada-37xx: Correct mpp definitions - [arm64] pinctrl: armada-37xx: add missing pin: PCIe1 Wakeup - [arm64] pinctrl: armada-37xx: Correct PWM pins definitions - [arm64] dts: marvell: armada-37xx: Set pcie_reset_pin to gpio function - netfilter: ipvs: Fix reuse connection if RS weight is 0 - [x86] ASoC: topology: Add missing rwsem around snd_ctl_remove() calls - net: ieee802154: handle iftypes as u32 - NFSv42: Don't fail clone() unless the OP_CLONE operation failed - [armhf] socfpga: Fix crash with CONFIG_FORTIRY_SOURCE - scsi: mpt3sas: Fix kernel panic during drive powercycle test - [arm*] drm/vc4: fix error code in vc4_create_object() - ipv6: fix typos in __ip6_finish_output() - net/smc: Ensure the active closing peer first closes clcsock - PM: hibernate: use correct mode for swsusp_close() - tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited flows - net/smc: Don't call clcsock shutdown twice when smc shutdown - [arm64] net: hns3: fix VF RSS failed problem after PF enable multi-TCs - vhost/vsock: fix incorrect used length reported to the guest - tracing: Check pid filtering when creating events - [s390x] mm: validate VMA in PGSTE manipulation functions - hugetlbfs: flush TLBs correctly after huge_pmd_unshare (CVE-2021-4002) - NFC: add NCI_UNREG flag to eliminate the race - fuse: release pipe buf after last use - xen: sync include/xen/interface/io/ring.h with Xen's newest version - xen/blkfront: read response from backend only once - xen/blkfront: don't take local copy of a request from the ring page - xen/blkfront: don't trust the backend response data blindly - xen/netfront: read response from backend only once - xen/netfront: don't read data from request on the ring page - xen/netfront: disentangle tx_skb_freelist - xen/netfront: don't trust the backend response data blindly - tty: hvc: replace BUG_ON() with negative return value https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.220 - shm: extend forced shm destroy to support objects from several IPC nses - NFSv42: Fix pagecache invalidation after COPY/CLONE - gfs2: Fix length of holes reported at end-of-file - [amd64] atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait (CVE-2021-43975) - net: return correct error code - [x86] platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3 deep - [s390x] setup: avoid using memblock_enforce_memory_limit - btrfs: check-integrity: fix a warning on write caching disabled disk - thermal: core: Reset previous low and high trip during thermal zone init - scsi: iscsi: Unblock session then wake up error handler - ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile - [arm64] ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() - vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit - kprobes: Limit max data_size of the kretprobe instances - ipmi: Move remove_work to dedicated workqueue - fs: add fget_many() and fput_many() - fget: check that the fd still exists after getting a ref to it (CVE-2021-4083) - net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() - net: mpls: Fix notifications when deleting a device - siphash: use _unaligned version by default - net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources() - rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() - net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no IRQ is available - net: annotate data-races on txq->xmit_lock_owner - net/rds: correct socket tunable error in rds_tcp_tune() - net/smc: Keep smc_close_final rc during active close - [arm64] drm/msm: Do hw_init() before capturing GPU state - vgacon: Propagate console boot parameters before calling `vc_resize' - xhci: Fix commad ring abort, write all 64 bits to CRCR register. - USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub - [x86] usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect - [amd64] mm: Map all kernel memory into trampoline_pgd - [arm64] tty: serial: msm_serial: Deactivate RX DMA for polling support - [arm64] serial: pl011: Add ACPI SBSA UART match id - serial: core: fix transmit-buffer reset and memleak - ipmi: msghandler: Make symbol 'remove_work_wq' static https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.221 - HID: add hid_is_usb() function to make it simpler for USB detection - HID: wacom: fix problems when device is not a valid USB device - HID: check for valid USB device for many HID drivers - can: kvaser_usb: get CAN clock frequency from device - [x86] can: sja1000: fix use after free in ems_pcmcia_add_card() - net: core: netlink: add helper refcount dec and lock function - net: sched: rename qdisc_destroy() to qdisc_put() - net: sched: extend Qdisc with rcu - net: sched: add helper function to take reference to Qdisc - net: sched: use Qdisc rcu API instead of relying on rtnl lock - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done - bpf: Fix the off-by-two error in range markings - ice: ignore dropped packets during init - bonding: make tx_rebalance_counter an atomic - nfp: Fix memory leak in nfp_cpp_area_cache_add() - seg6: fix the iif in the IPv6 socket control block - udp: using datalen to cap max gso segments - [amd64] IB/hfi1: Correct guard on eager buffer deallocation - mm: bdi: initialize bdi_min_ratio when bdi is unregistered - ALSA: ctl: Fix copy of updated id with element read/write - ALSA: pcm: oss: Fix negative period/buffer sizes - ALSA: pcm: oss: Limit the period size to 16MB - ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*() - tracefs: Have new files inherit the ownership of their parent - [arm64] clk: qcom: regmap-mux: fix parent clock lookup - [i386] can: pch_can: pch_can_rx_normal: fix use after free - libata: add horkage for ASMedia 1092 - wait: add wake_up_pollfree() - binder: use wake_up_pollfree() - signalfd: use wake_up_pollfree() - aio: keep poll requests on waitqueue until completed - aio: fix use-after-free due to missing POLLFREE handling - tracefs: Set all files to the same group ownership as the mount option - block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2) - qede: validate non LSO skb length - i40e: Fix pre-set max number of queues for VF - net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero - [armhf] net: fec: only clear interrupt of handling queue in fec_enet_rx_queue() - net, neigh: clear whole pneigh_entry at alloc time - net/qla3xxx: fix an error code in ql_adapter_up() - USB: gadget: detect too-big endpoint 0 requests (CVE-2021-39685) - USB: gadget: zero allocate endpoint 0 buffers (CVE-2021-39685) - usb: core: config: fix validation of wMaxPacketValue entries - xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime suspending - usb: core: config: using bit mask instead of individual bits - xhci: avoid race between disable slot command and host runtime suspend - iio: trigger: Fix reference counting - [armhf] iio: mma8452: Fix trigger reference couting - [arm64,armhf] iio: adc: axp20x_adc: fix charging current reporting on AXP22x - [x86] iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove - [armhf] irqchip/armada-370-xp: Fix return value of armada_370_xp_msi_alloc() - [armhf] irqchip/armada-370-xp: Fix support for Multi-MSI interrupts - [arm64,armhf] irqchip/irq-gic-v3-its.c: Force synchronisation when issuing INVALL - net_sched: fix a crash in tc_new_tfilter() - net: sched: make function qdisc_free_cb() static https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.222 - stable: clamp SUBLEVEL in 4.19 - nfc: fix segfault in nfc_genl_dump_devices_done - [arm64] drm/msm/dsi: set default num_data_lanes - net/mlx4_en: Update reported link modes for 1/10G - [arm64,armhf] i2c: rk3x: Handle a spurious start completion interrupt flag - net: netlink: af_netlink: Prevent empty skb by adding a check on len. - tracing: Fix a kmemleak false positive in tracing_map - [x86] hwmon: (dell-smm) Fix warning on /proc/i8k creation error - mac80211: send ADDBA requests using the tid/queue of the aggregation session - dm btree remove: fix use after free in rebalance_children() - audit: improve robustness of the audit queue handling - nfsd: fix use-after-free due to delegation race (Closes: #988044) - [x86] sme: Explicitly map new EFI memmap table as encrypted - mac80211: track only QoS data frames for admission control - [armhf] socfpga: dts: fix qspi node compatible - sch_cake: do not call cake_destroy() from cake_init() - rds: memory leak in __rds_conn_create() (CVE-2021-45480) - [arm64,armhf] soc/tegra: fuse: Fix bitwise vs. logical OR warning - igb: Fix removal of unicast MAC filters of VFs - igbvf: fix double free in `igbvf_probe` - ixgbe: set X550 MDIO speed before talking to PHY - netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc (CVE-2021-4135) - net/packet: rx_owner_map depends on pg_vec (CVE-2021-22600) - sit: do not call ipip6_dev_free() from sit_init_net() - USB: gadget: bRequestType is a bitfield, not a enum - USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04) - PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error - PCI/MSI: Mask MSI-X vectors only on success - USB: serial: cp210x: fix CP2105 GPIO registration - USB: serial: option: add Telit FN990 compositions - timekeeping: Really make sure wall_to_monotonic isn't positive - libata: if T_LENGTH is zero, dma direction should be DMA_NONE - drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE - mac80211: validate extended element ID is present - [armel] 8805/2: remove unneeded naked function usage - mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO - Input: touchscreen - avoid bitwise vs logical OR warning - media: mxl111sf: change mutex_init() location - fuse: annotate lock in fuse_reverse_inval_entry() - ovl: fix warning in ovl_create_real() - scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() - xen/blkfront: harden blkfront against event channel storms (CVE-2021-28711) - xen/netfront: harden netfront against event channel storms (CVE-2021-28712) - xen/console: harden hvc_xen against event channel storms (CVE-2021-28713) - xen/netback: fix rx queue stall detection (CVE-2021-28714) - xen/netback: don't queue unlimited number of packages (CVE-2021-28715) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.223 - net: usb: lan78xx: add Allied Telesis AT29M2-AF - block, bfq: improve asymmetric scenarios detection - block, bfq: fix asymmetric scenarios detection - block, bfq: fix decrement of num_active_groups - block, bfq: fix queue removal from weights tree - block, bfq: fix use after free in bfq_bfqq_expire - HID: holtek: fix mouse probing - [arm64] dts: allwinner: orangepi-zero-plus: fix PHY mode - [arm64] spi: change clk_disable_unprepare to clk_unprepare - IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() - netfilter: fix regression in looped (broad|multi)cast's MAC handling - qlcnic: potential dereference null pointer of rx_queue->page_ring - net: accept UFOv6 packages in virtio_net_hdr_to_skb - net: skip virtio_net_hdr_set_proto if protocol already set - ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module - bonding: fix ad_actor_system option setting to default - [amd64] fjes: Check for error irq - [armhf] drivers: net: smc911x: Check for error irq - sfc: falcon: Check null pointer of rx_queue->page_ring - hwmon: (lm90) Fix usage of CONFIG2 register in detect function - ALSA: jack: Check the return value of kstrdup() - ALSA: drivers: opl3: Fix incorrect use of vp->state - Input: atmel_mxt_ts - fix double free in mxt_read_info_block - ipmi: bail out if init_srcu_struct fails - ipmi: fix initialization when workqueue allocation fails - [x86] pkey: Fix undefined behaviour with PKRU_WD_BIT - [armel,armhf] 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling - f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() (CVE-2021-45469) - usb: gadget: u_ether: fix race in setting MAC address in setup phase - [x86] KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state - hwmon: (lm90) Do not report 'busy' status bit as alarm - ax25: NPD bug when detaching AX25 device - hamradio: defer ax25 kfree after unregister_netdev - hamradio: improve the incomplete fix to avoid NPD - phonet/pep: refuse to enable an unbound pipe https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.224 - [arm64] tee: handle lookup of shm with reference count 0 (CVE-2021-44733) - Input: i8042 - add deferred probe support - [x86] Input: i8042 - enable deferred probe quirk for ASUS UM325UA - [x86] platform/x86: apple-gmux: use resource_size() with res - selinux: initialize proto variable in selinux_ip_postroute_compat() - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() - udp: using datalen to cap ipv6 udp max gso segments - sctp: use call_rcu to free endpoint - net: usb: pegasus: Do not drop long Ethernet frames - net/mlx5e: Fix wrong features assignment in case of error - i2c: validate user data in compat ioctl - nfc: uapi: use kernel size_t to fix user-space builds - uapi: fix linux/nfc.h userspace compilation errors - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set. - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. - [arm*] binder: fix async_free_space accounting for empty parcels - [x86] scsi: vmw_pvscsi: Set residual data length conditionally - Input: appletouch - initialize work before device registration - Input: spaceball - fix parsing of movement data packets - net: fix use-after-free in tw_timer_handler https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.225 - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf() - tracing: Tag trace_percpu_buffer as a percpu pointer - ieee802154: atusb: fix uninit value in atusb_set_extended_addr - RDMA/core: Don't infoleak GRH fields - mac80211: initialize variable have_higher_than_11mbit - i40e: fix use-after-free in i40e_sync_filters_subtask() - i40e: Fix incorrect netdev's real number of RX/TX queues - ipv6: Check attribute length for RTA_GATEWAY in multipath route - ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route - sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc - xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate (CVE-2021-4155) - rndis_host: support Hytera digital radios - phonet: refcount leak in pep_sock_accep (CVE-2021-45095) - ipv6: Continue processing multipath route even if gateway attribute is invalid - ipv6: Do cleanup if attribute validation fails in multipath route - scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown() - ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate - net: udp: fix alignment problem in udp4_seq_show() - mISDN: change function names to avoid conflicts https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.226 - Bluetooth: bfusb: fix division by zero in send path - USB: core: Fix bug in resuming hub's handling of wakeup requests - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status - can: bcm: switch timer to HRTIMER_MODE_SOFT and remove hrtimer_tasklet - veth: Do not record rx queue hint in veth_xmit - [x86] mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe() - can: gs_usb: fix use of uninitialized variable, detach device on reception of invalid USB data - can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved} - random: fix data race on crng_node_pool - random: fix data race on crng init time - [x86] drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk() - kbuild: Add $(KBUILD_HOSTLDFLAGS) to 'has_libelf' test - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc() - [s390x] KVM: s390: Clarify SIGP orders versus STOP/RESTART - media: uvcvideo: fix division by zero at stream start - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with interrupts enabled - firmware: qemu_fw_cfg: fix sysfs information leak - firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries - firmware: qemu_fw_cfg: fix kobject leak in probe error path - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after reboot from Windows - HID: uhid: Fix worker destroying device without any protection - HID: wacom: Reset expected and received contact counts at the same time - HID: wacom: Ignore the confidence flag when a touch is removed - HID: wacom: Avoid using stale array indicies to read contact count - f2fs: fix to do sanity check in is_alive() - nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed bind() - [armhf] mtd: rawnand: gpmi: Remove explicit default gpmi clock setting for i.MX6 - [x86] gpu: Reserve stolen memory for first integrated Intel GPU - rtc: cmos: take rtc_lock while reading from CMOS - media: flexcop-usb: fix control-message timeouts - media: mceusb: fix control-message timeouts - media: em28xx: fix control-message timeouts - media: cpia2: fix control-message timeouts - media: s2255: fix control-message timeouts - media: dib0700: fix undefined behavior in tuner shutdown - media: redrat3: fix control-message timeouts - media: pvrusb2: fix control-message timeouts - media: stk1160: fix control-message timeouts - [x86] can: softing_cs: softingcs_probe(): fix memleak on registration failure - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller - shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails - [arm*] clk: bcm-2835: Pick the closest clock rate - [arm*] clk: bcm-2835: Remove rounding up the dividers - [arm64] wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND - [arm64] wcn36xx: Release DMA channel descriptor allocations - media: videobuf2: Fix the size printk format - media: em28xx: fix memory leak in em28xx_init_dev - Bluetooth: stop proccessing malicious adv data - [arm64] tee: fix put order in teedev_close_context() - media: dmxdev: fix UAF when dvb_register_device() fails - [arm64] crypto: qce - fix uaf on qce_ahash_register_one - netfilter: bridge: add support for pppoe filtering - drm/amdgpu: Fix a NULL pointer dereference in amdgpu_connector_lcd_native_mode() - drm/radeon/radeon_kms: Fix a NULL pointer dereference in radeon_driver_open_kms() - [arm*] serial: amba-pl011: do not request memory region twice - floppy: Fix hang in watchdog when disk is ejected - media: dib8000: Fix a memleak in dib8000_init() - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach() - media: si2157: Fix "warm" tuner state detection - sched/rt: Try to restart rt period timer when rt runtime exceeded - xfrm: fix a small bug in xfrm_sa_len() - media: dw2102: Fix use after free - media: msi001: fix possible null-ptr-deref in msi001_probe() - [arm64] drm/msm/dpu: fix safe status debugfs file - xfrm: interface with if_id 0 should return error - xfrm: state and policy should fail if XFRMA_IF_ID 0 - usb: ftdi-elan: fix memory leak on device disconnect - [armhf] mmc: meson-mx-sdio: add IRQ check - [x86] mce/inject: Avoid out-of-bounds write when setting flags - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in __nonstatic_find_io_region() - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in nonstatic_find_mem_region() - netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() - ppp: ensure minimum packet size in ppp_write() - Bluetooth: hci_bcm: Check for error irq - [arm64,armhf] spi: spi-meson-spifc: Add missing pm_runtime_disable() in meson_spifc_probe - tpm: add request_locality before write TPM_INT_ENABLE - can: softing: softing_startstop(): fix set but not used variable warning - pcmcia: fix setting of kthread task states - net: mcs7830: handle usb read errors properly - ext4: avoid trim error on fs with small groups - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls - [arm64] RDMA/hns: Validate the pkey index - [powerpc*] prom_init: Fix improper check of prom_getprop() - ALSA: oss: fix compile error when OSS_DEBUG is enabled - [arm64,armhf] iommu/io-pgtable-arm: Fix table descriptor paddr formatting - scsi: ufs: Fix race conditions related to driver data - RDMA/core: Let ib_find_gid() continue search even after empty entry - [x86] ASoC: rt5663: Handle device_property_read_u32_array error codes - [arm*] iommu/iova: Fix race between FQ timeout and teardown - RDMA/cxgb4: Set queue pair state when being queried - Bluetooth: Fix debugfs entry leak in hci_register_dev() - fs: dlm: filter user dlm messages for kernel locks - ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply - drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR - usb: gadget: f_fs: Use stream_open() for endpoint files - HID: apple: Do not reset quirks when the Fn key is not found - media: b2c2: Add missing check in flexcop_pci_isr: - gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use - [armhf] HSI: core: Fix return freed object in hsi_new_client - [x86] mwifiex: Fix skb_over_panic in mwifiex_usb_recv() (CVE-2021-43976) - rsi: Fix out-of-bounds read in rsi_read_pkt() - floppy: Add max size check for user space request - media: saa7146: hexium_orion: Fix a NULL pointer dereference in hexium_attach() - media: m920x: don't use stack on USB reads - iwlwifi: mvm: synchronize with FW after multicast commands - ath10k: Fix tx hanging - net-sysfs: update the queue counts in the unregistration path - [x86] mce: Mark mce_panic() noinstr - [x86] mce: Mark mce_end() noinstr - [x86] mce: Mark mce_read_aux() noinstr - net: bonding: debug: avoid printing debug logs when bond is not notifying peers - bpf: Do not WARN in bpf_warn_invalid_xdp_action() - HID: quirks: Allow inverting the absolute X/Y values - media: igorplugusb: receiver overflow should be reported - media: saa7146: hexium_gemini: Fix a NULL pointer dereference in hexium_attach() - mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO - audit: ensure userspace is penalized the same as the kernel when under pressure - usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0 - ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream - iwlwifi: fix leaks/bad data after failed firmware load - iwlwifi: remove module loading failure message - iwlwifi: mvm: Fix calculation of frame length - jffs2: GC deadlock reading a page that is used in jffs2_write_begin() - ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions - ACPICA: Utilities: Avoid deleting the same object twice in a row - ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R() - ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5 - drm/amdgpu: fixup bad vram size on gmc v8 - [x86] ACPI: battery: Add the ThinkPad "Not Charging" quirk - btrfs: remove BUG_ON() in find_parent_nodes() - btrfs: remove BUG_ON(!eie) in find_parent_nodes - net: mdio: Demote probed message to debug print - mac80211: allow non-standard VHT MCS-10/11 - dm btree: add a defensive bounds check to insert_at() - dm space map common: add bounds check to sm_ll_lookup_bitmap() - net: phy: marvell: configure RGMII delays for 88E1118 - [arm64] regulator: qcom_smd: Align probe function with rpmh-regulator - [arm64,armhf] serial: pl010: Drop CR register reset on set_termios - serial: core: Keep mctrl register state and cached copy in sync - [powerpc*] powernv: add missing of_node_put - [powerpc*] btext: add missing of_node_put - [powerpc*] watchdog: Fix missed watchdog reset due to memory ordering race - [x86] i2c: i801: Don't silently correct invalid transfer size - [powerpc*] smp: Move setup_profiling_timer() under CONFIG_PROFILING - [powerpc*] i2c: mpc: Correct I2C reset procedure - w1: Misuse of get_user()/put_user() reported by sparse - ALSA: seq: Set upper limit of processed events - [powerpc*] handle kdump appropriately with crash_kexec_post_notifiers option - [mips*] OCTEON: add put_device() after of_find_device_by_node() - [x86] i2c: designware-pci: Fix to change data types of hcnt and lcnt parameters - scsi: sr: Don't use GFP_DMA - [arm64] rpmsg: core: Clean up resources on announce_create failure. - ubifs: Error path in ubifs_remount_rw() seems to wrongly free write buffers - serial: Fix incorrect rs485 polarity on uart open - cputime, cpuacct: Include guest time in user time in cpuacct.stat - iwlwifi: mvm: Increase the scan timeout guard to 30 seconds - [s390x] mm: fix 2KB pgtable release race - [armhf] drm/etnaviv: limit submit sizes - ext4: make sure to reset inode lockdep class when quota enabling fails - ext4: make sure quota gets properly shutdown on error - ext4: set csum seed in tmp inode while migrating to extents - ext4: Fix BUG_ON in ext4_bread when write quota data - ext4: don't use the orphan list when migrating an inode - ASoC: dpcm: prevent snd_soc_dpcm use after free - regulator: core: Let boot-on regulators be powered off - drm/radeon: fix error handling in radeon_driver_open_kms - [arm64] RDMA/hns: Modify the mapping attribute of doorbell to device - RDMA/rxe: Fix a typo in opcode name - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress - netns: add schedule point in ops_exit_list() - libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route() - net_sched: restore "mpu xxx" handling - [mips*,s390x] gup: Work around the "COW can break either way" issue (CVE-2020-29374) - fuse: fix bad inode (CVE-2020-36322) - fuse: fix live lock in fuse_iget() (CVE-2021-28950) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.227 - [x86] drm/i915: Flush TLBs before releasing backing store (CVE-2022-0330) - net: bridge: clear bridge's private skb space on xmit - select: Fix indefinitely sleeping task in poll_schedule_timeout() - [x86] drm/vmwgfx: Fix stale file descriptors on failed usercopy (CVE-2022-22942) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.228 - Bluetooth: refactor malicious adv data check - [s390x] hypfs: include z/VM guests with access control group set - [s390x] scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP devices - udf: Restore i_lenAlloc when inode expansion fails (CVE-2022-0617) - udf: Fix NULL ptr deref when converting from inline format (CVE-2022-0617) - [armhf] drm/etnaviv: relax submit size limits - netfilter: nft_payload: do not update layer 4 checksum when mangling fragments - serial: 8250: of: Fix mapped region size when using reg-offset property - tty: n_gsm: fix SW flow control encoding/handling - tty: Add support for Brainboxes UC cards. - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge - [arm64,armhf] usb: common: ulpi: Fix crash in ulpi_match() - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS - USB: core: Fix hang in usb_kill_urb by adding memory barriers - [x86] usb: typec: tcpm: Do not disconnect while receiving VBUS off - [arm64,armhf] net: sfp: ignore disabled SFP node - i40e: Increase delay to 1 s after global EMP reset - i40e: Fix issue when maximum queues is exceeded - i40e: Fix queues reservation for XDP - i40e: fix unsigned stat widths - scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() - ipv6_tunnel: Rate limit warning messages - net: fix information leakage in /proc/net/ptype - ping: fix the sk_bound_dev_if match in ping_lookup - ipv4: avoid using shared IP generator for connected sockets - hwmon: (lm90) Reduce maximum conversion rate for G781 - NFSv4: Handle case where the lookup of a directory fails (CVE-2022-24448) - NFSv4: nfs_atomic_open() can race when looking up a non-regular file - net-procfs: show net devices bound packet types - [arm64] drm/msm: Fix wrong size calculation - [arm64] drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable - ipv6: annotate accesses to fn->fn_sernum - NFS: Ensure the server has an up to date ctime before hardlinking - NFS: Ensure the server has an up to date ctime before renaming - phylib: fix potential use-after-free - yam: fix a memory leak in yam_siocdevprivate() (CVE-2022-24959) - ipv4: raw: lock the socket in raw_bind() - ipv4: tcp: send zero IPID in SYNACK messages - netfilter: nat: remove l4 protocol port rovers - netfilter: nat: limit port clash resolution attempts - tcp: fix possible socket leaks in internal pacing mode - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback - [amd64,arm64] net: amd-xgbe: ensure to reset the tx_timer_active flag - [amd64,arm64] net: amd-xgbe: Fix skb data length underflow - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() - af_packet: fix data-race in packet_setsockopt / packet_setsockopt - audit: improve audit queue handling when "audit=1" on cmdline - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx() - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx() - ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220 quirks - ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer chipset) - ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after reboot from Windows - drm/nouveau: fix off by one in BIOS boundary checking - block: bio-integrity: Advance seed correctly for larger interval sizes - RDMA/mlx4: Don't continue event handler after memory allocation failure - [amd64] iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() - [amd64] iommu/amd: Fix loop timeout issue in iommu_ga_log_enable() - [armhf] spi: meson-spicc: add IRQ check in meson_spicc_probe - net: ieee802154: hwsim: Ensure proper channel selection at probe time - net: ieee802154: Return meaningful error codes from the netlink helpers - net: macsec: Verify that send_sci is on when setting Tx sci explicitly - [arm64,armhf] net: stmmac: ensure PTP time register reads are consistent - [x86] drm/i915/overlay: Prevent divide by zero bugs in scaling - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe - nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client. - rtc: cmos: Evaluate century appropriate - [arm64] EDAC/xgene: Fix deferred probing - ext4: fix error handling in ext4_restore_inline_data() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.229 - cgroup-v1: Require capabilities to set release_agent (CVE-2022-0492) - moxart: fix potential use-after-free on remove path (CVE-2022-0487) - tipc: improve size validations for received domain records (CVE-2022-0435) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.230 - integrity: check the return value of audit_log_start() - net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs - NFS: Fix initialisation of nfs_client cl_flags field - NFSD: Clamp WRITE offsets - NFSD: Fix offset type in I/O trace points - NFSv4 only print the label when its queried - nfs: nfs4clinet: check the return value of kstrdup() - NFSv4.1: Fix uninitialised variable in devicenotify - NFSv4 remove zero number of fs_locations entries error check - NFSv4 expose nfs_parse_server_name function - net: sched: Clarify error message when qdisc kind is unknown - scsi: target: iscsi: Make sure the np under each tpg is unique - [arm*] usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend - [arm64,armhf] net: stmmac: dwmac-sun8i: use return val of readl_poll_timeout() - bpf: Add kconfig knob for disabling unpriv bpf by default - net: bridge: fix stale eth hdr pointer in br_dev_xmit - usb: f_fs: Fix use-after-free for epfile - ixgbevf: Require large buffers for build_skb on 82599VF - bonding: pair enable_port with slave_arr_updates - ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path - net: do not keep the dst cache when uncloning an skb dst and its metadata - net: fix a memleak when uncloning an skb dst and its metadata - veth: fix races around rq->rx_notify_masked - tipc: rate limit warning for received illegal binding update - [amd64,arm64] net: amd-xgbe: disable interrupts during pci removal - vt_ioctl: fix array_index_nospec in vt_setactivate - vt_ioctl: add array_index_nospec to VT_ACTIVATE - n_tty: wake up poll(POLLRDNORM) on receiving data - [arm64,armhf] usb: ulpi: Move of_node_put to ulpi_dev_release - [arm64,armhf] usb: ulpi: Call of_node_put correctly - [arm64,armhf] usb: dwc3: gadget: Prevent core from processing stale TRBs - USB: gadget: validate interface OS descriptor requests (CVE-2022-25258) - usb: gadget: rndis: check size of RNDIS_MSG_SET command (CVE-2022-25375) - USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320 - USB: serial: option: add ZTE MF286D modem - USB: serial: ch341: add support for GW Instek USB2.0-Serial devices - USB: serial: cp210x: add NCR Retail IO box id - USB: serial: cp210x: add CPI Bulk Coin Recycler id - seccomp: Invalidate seccomp mode to catch death failures - [x86] hwmon: (dell-smm) Speed up setting of fan speed - perf: Fix list corruption in perf_cgroup_switch() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.231 - Makefile.extrawarn: Move -Wunaligned-access to W=1 - net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup - btrfs: send: in case of IO error log it - net: ieee802154: at86rf230: Stop leaking skb's - ax25: improve the incomplete fix to avoid UAF and NPD bugs - vfs: make freeze_super abort when sync_filesystem returns error - quota: make dquot_quota_sync return errors from ->sync_fs - nvme: fix a possible use-after-free in controller reset during load - nvme-rdma: fix possible use-after-free in transport error_recovery work - Revert "module, async: async_synchronize_full() on module init iff async is used" - iwlwifi: fix use-after-free - drm/radeon: Fix backlight control on iMac 12,1 - xfrm: Don't accidentally set RTO_ONLINK in decode_session4() - taskstats: Cleanup the use of task->exit_code - mmc: block: fix read single on recovery logic - vsock: remove vsock from connected table when connect is interrupted by a signal - iwlwifi: pcie: fix locking when "HW not ready" - iwlwifi: pcie: gen2: fix locking when "HW not ready" - ping: fix the dif and sdif check in ping_lookup - drop_monitor: fix data-race in dropmon_net_event / trace_napi_poll_hit - bonding: fix data-races around agg_select_timer - libsubcmd: Fix use-after-free for realloc(..., 0) - ALSA: hda: Fix regression on forced probe mask option - ALSA: hda: Fix missing codec probe on Shenker Dock 15 - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw() - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range() - [powerpc*] lib/sstep: fix 'ptesync' build error - ext4: check for out-of-order index extents in ext4_valid_extent_entries() - block/wbt: fix negative inflight counter when remove scsi device - NFS: LOOKUP_DIRECTORY is also ok with symlinks - NFS: Do not report writeback errors in nfs_getattr() - EDAC: Fix calculation of returned address and next offset in edac_align_ptr() - net: sched: limit TC_ACT_REPEAT loops - lib/iov_iter: initialize "flags" in new pipe_buffer - [x86] Drivers: hv: vmbus: Expose monitor data only when monitor pages are used - [x86] Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj - [x86] KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW - [armhf] OMAP2+: hwmod: Add of_node_put() before break - netfilter: conntrack: don't refresh sctp entries in closed state - kconfig: let 'shell' return enough output for deep path names - ata: libata-core: Disable TRIM on M88V29 - tracing: Fix tp_printk option related with tp_printk_stop_on_boot - net: usb: qmi_wwan: Add support for Dell DW5829e - [arm64] net: macb: Align the dma and coherent dma masks https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.232 - cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug - vhost/vsock: don't check owner in vhost_vsock_stop() while releasing - sr9700: sanity check for packet length - USB: zaurus: support another broken Zaurus - ping: remove pr_err from ping_lookup - net: __pskb_pull_tail() & pskb_carve_frag_list() drop_monitor friends - tipc: Fix end of loop tests for list_for_each_entry() - gso: do not skip outer ip header in case of ipip and net_failover - openvswitch: Fix setting ipv6 fields causing hw csum failure - drm/edid: Always set RGB444 - net/mlx5e: Fix wrong return value on ioctl EEPROM query failure - configfs: fix a race in configfs_{,un}register_subsystem() - RDMA/ib_srp: Fix a deadlock - tty: n_gsm: fix proper link termination after failed open - Revert "drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR" - memblock: use kfree() to release kmalloced memblock regions - fget: clarify and improve __fget_files() implementation - tracing: Have traceon and traceoff trigger honor the instance - ata: pata_hpt37x: disable primary channel on HPT371 - Revert "USB: serial: ch341: add new Product ID for CH341A" - usb: gadget: rndis: add spinlock for rndis response list - tracefs: Set the group ownership in apply_options() not parse_options() - USB: serial: option: add support for DW5829e - USB: serial: option: add Telit LE910R1 compositions - [arm64] usb: dwc3: pci: Fix Bay Trail phy GPIO mappings - [arm64,armhf] usb: dwc3: gadget: Let the interrupt handler disable bottom halves. - xhci: re-initialize the HC during resume if HCE was set - xhci: Prevent futile URB re-submissions due to incorrect return value. - tty: n_gsm: fix encoding of control signal octet bit DV . [ Salvatore Bonaccorso ] * Bump ABI to 19 * [rt] Update to 4.19.210-rt90 * [rt] Update to 4.19.211-rt91 * [rt] Update to 4.19.212-rt92 * [rt] Update to 4.19.214-rt93 * [rt] Update to 4.19.215-rt94 - fscache: fix initialisation of cookie hash table raw spinlocks * [rt] Update to 4.19.217-rt95 * Refresh "Export symbols needed by Android drivers" * liblockdep: Stop build liblockdep packages * [rt] Update to 4.19.218-rt96 * [rt] Update to 4.19.219-rt97 * [rt] Refresh "net: move xmit_recursion to per-task variable on -RT" * Refresh "Export symbols needed by Android drivers" * [rt] Update to 4.19.225-rt101 * Refresh "Revert "objtool: Fix CONFIG_STACK_VALIDATION=y warning for out-of-tree modules"" * [rt] Update to 4.19.227-rt102 * [rt] Update to 4.19.230-rt103 * init: Enable BPF_UNPRIV_DEFAULT_OFF (Closes: #990411) * Mitigate Spectre v2-type Branch History Buffer attacks (CVE-2022-0001, CVE-2022-0002) - [x86] speculation: Merge one test in spectre_v2_user_select_mitigation() - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd - [x86] speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE - [x86] speculation: Add eIBRS + Retpoline options - Documentation/hw-vuln: Update spectre doc - [x86] speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting - [x86] speculation: Use generic retpoline by default on AMD - [x86] speculation: Update link to AMD speculation whitepaper - [x86] speculation: Warn about Spectre v2 LFENCE mitigation - [x86] speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT linux-latest (105+deb10u15) buster; urgency=medium . * Update to 4.19.0-20 linux-latest (105+deb10u14) buster-security; urgency=high . * Update to 4.19.0-19 * linux-image: Add NEWS for unprivileged eBPF change linux-signed-amd64 (4.19.235+1) buster; urgency=medium . * Sign kernel from linux 4.19.235-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.233 - mac80211_hwsim: report NOACK frames in tx_status - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work - [arm*] i2c: bcm2835: Avoid clock stretching timeouts - [x86] ASoC: rt5682: do not block workqueue if card is unbound - Input: clear BTN_RIGHT/MIDDLE on buttonpads - cifs: fix double free race when mount fails in cifs_get_root() - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 - usb: gadget: don't release an existing dev->buf (CVE-2022-24958) - usb: gadget: clear related members when goto fail (CVE-2022-24958) - ata: pata_hpt37x: fix PCI clock detection - [x86] ALSA: intel_hdmi: Fix reference to PCM buffer address - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min - xfrm: fix MTU regression - netfilter: fix use-after-free in __nf_register_net_hook() - xfrm: fix the if_id check in changelink - xfrm: enforce validity of offload input flags - netfilter: nf_queue: don't assume sk is full socket - netfilter: nf_queue: fix possible use-after-free - batman-adv: Request iflink once in batadv-on-batadv check - batman-adv: Request iflink once in batadv_get_real_netdevice - batman-adv: Don't expect inter-netns unique iflink indices - net: dcb: flush lingering app table entries for unregistered devices - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server - block: Fix fsync always failed if once failed - PCI: pciehp: Fix infinite loop in IRQ handler upon power fault - xen/netfront: destroy queues before real_num_tx_queues is zeroed - mac80211: fix forwarded mesh frames AC & queue selection - [arm64,armhf] net: stmmac: fix return value of __setup handler - net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe() - efivars: Respect "block" flag in efivar_entry_set_safe() - can: gs_usb: change active_channels's type from atomic_t to u8 - [armel,armhf] 9182/1: mmu: fix returns from early_param() and __setup() functions - net: chelsio: cxgb3: check the return value of pci_find_capability() - nl80211: Handle nla_memdup failures in handle_nan_filter - Input: elan_i2c - move regulator_[en|dis]able() out of elan_[en|dis]able_power() - Input: elan_i2c - fix regulator enable count imbalance after suspend/resume - HID: add mapping for KEY_ALL_APPLICATIONS - memfd: fix F_SEAL_WRITE after shmem huge page allocated - tracing/histogram: Fix sorting on old "cpu" value - btrfs: add missing run of delayed items after unlink during log replay - net: dcb: disable softirqs in dcbnl_flush_dev() - hamradio: fix macro redefine warning https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.234 - [arm*] Provide a wrapper for SMCCC 1.1 calls - [arm64,armhf] smccc/psci: add arm_smccc_1_1_get_conduit() - [armhf] report Spectre v2 status through sysfs - [armel,armhf] early traps initialisation - [armel,armhf] use LOADADDR() to get load address of sections - [armel,armhf] Spectre-BHB workaround - [armel,armhf] include unprivileged BPF status in Spectre V2 reporting - [armel,armhf] fix build error when BPF_SYSCALL is disabled - [armel,armhf] fix co-processor register typo - [armel,armhf] Do not use NOCROSSREFS directive with ld.lld - [armhf] fix build warning in proc-v7-bugs.c - xen/xenbus: don't let xenbus_grant_ring() remove grants in error case (CVE-2022-23040, XSA-396) - xen/grant-table: add gnttab_try_end_foreign_access() (CVE-2022-23036, CVE-2022-23038, XSA-396) - xen/blkfront: don't use gnttab_query_foreign_access() for mapped status (CVE-2022-23036, XSA-396) - xen/netfront: don't use gnttab_query_foreign_access() for mapped status (CVE-2022-23037, XSA-396) - xen/scsifront: don't use gnttab_query_foreign_access() for mapped status (CVE-2022-23038, XSA-396) - xen/gntalloc: don't use gnttab_query_foreign_access() (CVE-2022-23039, XSA-396) - xen: remove gnttab_query_foreign_access() - xen/9p: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396) - xen/pvcalls: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396) - xen/gnttab: fix gnttab_end_foreign_access() without page specified (CVE-2022-23041, XSA-396) - xen/netfront: react properly to failing gnttab_end_foreign_access_ref() (CVE-2022-23042, XSA-396) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.235 - net: qlogic: check the return value of dma_alloc_coherent() in qed_vf_hw_prepare() - qed: return status of qed_iov_get_link - ax25: Fix NULL pointer dereference in ax25_kill_by_device - net/mlx5: Fix size field in bufferx_reg struct - NFC: port100: fix use-after-free in port100_send_complete - net: phy: DP83822: clear MISR2 register to disable interrupts - sctp: fix kernel-infoleak for SCTP sockets - net-sysfs: add check for netdevice being present to speed_show - Revert "xen-netback: remove 'hotplug-status' once it has served its purpose" - Revert "xen-netback: Check for hotplug-status existence before watching" - tracing: Ensure trace buffer is at least 4096 bytes large - [arm64] net: macb: Fix lost RX packet wakeup race in NAPI receive - virtio: unexport virtio_finalize_features - virtio: acknowledge all features before access - [armel,armhf] fix Thumb2 regression with Spectre BHB - ext4: add check to prevent attempting to resize an fs with sparse_super2 - btrfs: unlock newly allocated extent buffer after error (CVE-2021-4149) . [ Salvatore Bonaccorso ] * [rt] Add new signing key for Daniel Wagner * [rt] Update to 4.19.233-rt105 * Bump ABI to 20 * sctp: fix the processing for INIT chunk (CVE-2021-3772) * sctp: fix the processing for INIT_ACK chunk (CVE-2021-3772) linux-signed-amd64 (4.19.232+1) buster-security; urgency=high . * Sign kernel from linux 4.19.232-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.209 - ocfs2: drop acl cache for directories too - [arm*] usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA - [armhf] usb: musb: tusb6010: uninitialized data in tusb_fifo_write_unaligned() - cifs: fix incorrect check for null pointer in header_assemble - [x86] xen/x86: fix PV trap handling on secondary processors - USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter - USB: cdc-acm: fix minor-number release - Re-enable UAS for LaCie Rugged USB3-FW with fk quirk - USB: serial: mos7840: remove duplicated 0xac24 device ID - USB: serial: option: add Telit LN920 compositions - USB: serial: option: remove duplicate USB device ID - USB: serial: option: add device id for Foxconn T99W265 - [arm64] serial: mvebu-uart: fix driver's tx_empty callback - net: hso: fix muxed tty registration - bnxt_en: Fix TX timeout when TX ring size is set to the smallest - net/smc: add missing error check in smc_clc_prfx_set() - net/mlx4_en: Don't allow aRFS for encapsulated packets - scsi: iscsi: Adjust iface sysfs attr detection - [x86] tty: synclink_gt, drop unneeded forward declarations - [x86] tty: synclink_gt: rename a conflicting function name - thermal/core: Potential buffer overflow in thermal_build_list_of_policies() - [arm64,armhf] irqchip/gic-v3-its: Fix potential VPE leak on error - md: fix a lock order reversal in md_alloc - blktrace: Fix uaf in blk_trace access after removing by sysfs - [arm64,armhf] net: stmmac: allow CSR clock of 300MHz - xen/balloon: use a kernel thread instead a workqueue - nvme-multipath: fix ANA state updates when a namespace is not present - qnx4: avoid stringop-overread errors - [arm64] Mark __stack_chk_guard as __ro_after_init - net: 6pack: Fix tx timeout and slot time - [arm64] PCI: aardvark: Fix checking for PIO status - tcp: address problems caused by EDT misshaps - tcp: always set retrans_stamp on recovery - tcp: create a helper to model exponential backoff - tcp: adjust rto_base in retransmits_timed_out() - xen/balloon: fix balloon kthread freezing - tty: Fix out-of-bound vmalloc access in imageblit - cpufreq: schedutil: Use kobject release() method to free sugov_tunables - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory - mac80211: fix use-after-free in CCMP/GCMP RX - [x86] kvmclock: Move this_cpu_pvti into kvmclock.h - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20 - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb - hwmon: (tmp421) Replace S_<PERMS> with octal values - hwmon: (tmp421) report /PVLD condition as fault - hwmon: (tmp421) fix rounding for negative values - e100: fix length calculation in e100_get_regs_len - e100: fix buffer overrun in e100_get_regs - Revert "block, bfq: honor already-setup queue merges" - scsi: csiostor: Add module softdep on cxgb4 - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses (CVE-2021-4203) - elf: don't use MAP_FIXED_NOREPLACE for elf interpreter mappings - ext4: fix potential infinite loop in ext4_dx_readdir() - net: udp: annotate data race around udp_sk(sk)->corkflag - [armel,armhf] 9077/1: PLT: Move struct plt_entries definition to header - [armel,armhf] 9078/1: Add warn suppress parameter to arm_gen_branch_link() - [armel,armhf] 9079/1: ftrace: Add MODULE_PLTS support - [armel,armhf] 9098/1: ftrace: MODULE_PLT: Fix build problem without DYNAMIC_FTRACE - [x86] crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() (CVE-2021-3744, CVE-2021-3764) - HID: betop: fix slab-out-of-bounds Write in betop_probe - netfilter: ipset: Fix oversized kvmalloc() calls - HID: usbhid: free raw_report buffers in usbhid_stop - cred: allow get_cred() and put_cred() to be given NULL. https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.210 - net: mdio: introduce a shutdown method to mdio device drivers - xen-netback: correct success/error reporting for the SKB-with-fraglist case - scsi: sd: Free scsi_disk device via put_device() - [arm*] usb: dwc2: check return value after calling platform_get_resource() - scsi: ses: Retry failed Send/Receive Diagnostic commands - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD. - lib/timerqueue: Rely on rbtree semantics for next timer (CVE-2021-20317) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.211 - USB: cdc-acm: fix racy tty buffer accesses - USB: cdc-acm: fix break reporting - xen/privcmd: fix error handling in mmap-resource processing - ovl: fix missing negative dentry check in ovl_rename() (CVE-2021-20321) - nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero - xen/balloon: fix cancelled balloon action - [armhf] dts: omap3430-sdp: Fix NAND device node - [mips,mipsel] bpf, mips: Validate conditional branch offsets (CVE-2021-38300) - [armel,armhf] bpf, arm: Fix register clobbering in div/mod implementation - bpf: Fix integer overflow in prealloc_elems_and_freelist() (CVE-2021-41864) - phy: mdio: fix memory leak - net_sched: fix NULL deref in fifo_set_limit() - [i386] ptp_pch: Load module automatically if ID matches - [armhf] imx6: disable the GIC CPU interface before calling stby-poweroff sequence - net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size() - [arm64,armhf] net: sfp: Fix typo in state machine debug string - netlink: annotate data races around nlk->bound - drm/nouveau/debugfs: fix file release memory leak - rtnetlink: fix if_nlmsg_stats_size() under estimation - i40e: fix endless loop under rtnl - i40e: Fix freeing of uninitialized misc IRQ vector - i2c: acpi: fix resource leak in reconfiguration device addition https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.212 - [armhf] net: phy: bcm7xxx: Fixed indirect MMD operations - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS - netfilter: ip6_tables: zero-initialize fragment offset - mac80211: Drop frames from invalid MAC address in ad-hoc mode - net: prevent user from passing illegal stab size - mac80211: check return value of rhashtable_init - scsi: ses: Fix unsigned comparison with less than zero - scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported" - [x86] perf/x86: Reset destroy callback on event init failure - sched: Always inline is_percpu_thread() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.213 - ALSA: seq: Fix a potential UAF by wrong private_free call order - ALSA: hda/realtek: Complete partial device name to avoid ambiguity - ALSA: hda/realtek: Add quirk for Clevo X170KM-G - ALSA: hda/realtek - ALC236 headset MIC recording issue - [s390x] fix strrchr() implementation - btrfs: deal with errors when replaying dir entry during log replay - btrfs: deal with errors when adding inode reference during log replay - btrfs: check for error when looking up inode during dir entry replay - [x86] mei: me: add Ice Lake-N device id. - xhci: guard accesses to ep_state in xhci_endpoint_reset() - xhci: Fix command ring pointer corruption while aborting a command - xhci: Enable trust tx length quirk for Fresco FL11 USB controller - cb710: avoid NULL pointer subtraction - [arm64,x86] efi/cper: use stack buffer for error record decoding - efi: Change down_interruptible() in virt_efi_reset_system() to down_trylock() - [armhf] usb: musb: dsps: Fix the probe error path - Input: xpad - add support for another USB ID of Nacon GC-100 - USB: serial: qcserial: add EM9191 QDL support - USB: serial: option: add Quectel EC200S-CN module support - USB: serial: option: add Telit LE910Cx composition 0x1204 - USB: serial: option: add prod. id for Quectel EG91 - virtio: write back F_VERSION_1 before validate - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells - sctp: account stream padding length for reconf chunk (CVE-2022-0322) - ethernet: s2io: fix setting mac address during resume - nfc: fix error handling of nfc_proto_register() - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa() - NFC: digital: fix possible memory leak in digital_in_send_sdd_req() - [i386] pata_legacy: fix a couple uninitialized variable bugs - [arm64] drm/msm: Fix null pointer dereference on pointer edp - [arm64] drm/msm/dsi: Fix an error code in msm_dsi_modeset_init() - [arm64] drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling - [arm64] acpi/arm64: fix next_platform_timer() section mismatch error - mqprio: Correct stats in mqprio_dump_class_stats(). - qed: Fix missing error code in qed_slowpath_start() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.214 - NFSD: Keep existing listeners on portlist error - netfilter: ipvs: make global sysctl readonly in non-init netns - [arm64] net: hns3: add limit ets dwrr bandwidth cannot be 0 - [arm64] net: hns3: disable sriov before unload hclge layer - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state notification - can: peak_pci: peak_pci_remove(): fix UAF - ocfs2: fix data corruption after conversion from inline format - ocfs2: mount fails with buffer overflow in strlen - vfs: check fd has read access in kernel_read_file_from_fd() (CVE-2022-0644) - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset - ALSA: hda/realtek: Add quirk for Clevo PC50HS - ASoC: DAPM: Fix missing kctl change notifications - mm, slub: fix mismatch between reconstructed freelist depth and cnt - nfc: nci: fix the UAF of rf_conn_info object (CVE-2021-3760) - isdn: cpai: check ctr->cnr to avoid array index out of bound (CVE-2021-43389) - btrfs: deal with errors when checking if a dir entry exists during log replay - [arm64,armhf] net: stmmac: add support for dwmac 3.40a - isdn: mISDN: Fix sleeping function called from invalid context - ALSA: hda: avoid write to STATESTS if controller is in reset - scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma() - net: mdiobus: Fix memory leak in __mdiobus_register - tracing: Have all levels of checks prevent recursion https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.215 - [armel,armhf] 9139/1: kprobes: fix arch_init_kprobes() prototype - [powerpc*] bpf: Fix BPF_MOD when imm == 1 - [arm64] Avoid premature usercopy failure - usbnet: sanity check for maxpacket - usbnet: fix error return code in usbnet_probe() - ata: sata_mv: Fix the error handling of mv_chip_id() - nfc: port100: fix using -ERRNO as command type mask - Revert "net: mdiobus: Fix memory leak in __mdiobus_register" - ipv4: use siphash instead of Jenkins in fnhe_hashfun() (CVE-2021-20322) - ipv6: use siphash in rt6_exception_hash() (CVE-2021-20322) - ipv6: make exception cache less predictible (CVE-2021-20322) - mmc: vub300: fix control-message timeouts - mmc: cqhci: clear HALT state after CQE enable - [armhf] mmc: dw_mmc: exynos: fix the finding clock sample value - mmc: sdhci: Map more voltage level to SDHCI_POWER_330 - [armhf] mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset standard tuning circuit - net: lan78xx: fix division by zero in send path - RDMA/mlx5: Set user priority for DCT - [arm64] dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node - regmap: Fix possible double-free in regcache_rbtree_exit() - net: batman-adv: fix error handling - net: Prevent infinite while loop in skb_tx_hash() - net: ethernet: microchip: lan743x: Fix driver crash when lan743x_pm_resume fails - net: ethernet: microchip: lan743x: Fix dma allocation failure by using dma_set_mask_and_coherent - sctp: use init_tag from inithdr for ABORT chunk (CVE-2021-3772) - sctp: fix the processing for COOKIE_ECHO chunk (CVE-2021-3772) - sctp: add vtag check in sctp_sf_violation (CVE-2021-3772) - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa (CVE-2021-3772) - sctp: add vtag check in sctp_sf_ootb (CVE-2021-3772) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.216 - scsi: core: Put LLD module refcnt after SCSI device is released - media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() (CVE-2021-42739) - IB/qib: Use struct_size() helper - IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields - sfc: Fix reading non-legacy supported link modes - arch: pgtable: define MAX_POSSIBLE_PHYSMEM_BITS where needed - [armel,armhf] 9120/1: Revert "amba: make use of -1 IRQs warn" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.217 - [x86] Revert "x86/kvm: fix vcpu-id indexed array sizes" - usb: ehci: handshake CMD_RUN instead of STS_HALT - [arm64,armhf] usb: musb: Balance list entry in musb_gadget_queue - usb-storage: Add compatibility quirk flags for iODD 2531/2541 - printk/console: Allow to disable console output by using console="" or console=null - isofs: Fix out of bound access for corrupted isofs image - [x86] comedi: dt9812: fix DMA buffers on stack - [x86] comedi: ni_usb6501: fix NULL-deref in command paths - [x86] comedi: vmk80xx: fix transfer-buffer overflows - [x86] comedi: vmk80xx: fix bulk-buffer overflow - [x86] comedi: vmk80xx: fix bulk and interrupt message timeouts - staging: r8712u: fix control-message timeout - [x86] staging: rtl8192u: fix control-message timeouts - rsi: fix control-message timeout https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.218 - xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good delay - binder: use euid from cred instead of using task - binder: use cred instead of task for selinux checks - Input: elantench - fix misreporting trackpoint coordinates (Closes: #989285) - libata: fix read log timeout value - ocfs2: fix data corruption on truncate - [arm64,armhf] mmc: dw_mmc: Dont wait for DRTO on Write RSP error - tpm: Check for integer overflow in tpm2_map_response_body() - [x86] media: ite-cir: IR receiver stop working after receive overflow - media: ir-kbd-i2c: improve responsiveness of hauppauge zilog receivers (Closes: #994050) - ALSA: hda/realtek: Add quirk for Clevo PC70HS - ALSA: ua101: fix division by zero at probe - ALSA: 6fire: fix control and bulk message timeouts - ALSA: line6: fix control and interrupt message timeouts - ALSA: usb-audio: Add registration quirk for JBL Quantum 400 - ALSA: synth: missing check for possible NULL after the call to kstrdup - ALSA: timer: Fix use-after-free problem - ALSA: timer: Unconditionally unlink slave instances, too - [x86] irq: Ensure PI wakeup handler is unregistered before module unload - [arm64] cavium: Return negative value when pci_alloc_irq_vectors() fails - scsi: qla2xxx: Fix unmap of already freed sgl - [arm64] cavium: Fix return values of the probe function - sfc: Don't use netif_info before net_device setup - [x86] hyperv/vmbus: include linux/bitops.h - drm: panel-orientation-quirks: Add quirk for Aya Neo 2021 - bpf: Prevent increasing bpf_jit_limit above max - xen/netfront: stop tx queues during live migration - [armhf] spi: spl022: fix Microwire full duplex mode - [armhf] watchdog: Fix OMAP watchdog early handling - [x86] vmxnet3: do not stop tx queues after netif_device_detach() - btrfs: clear MISSING device status bit in btrfs_close_one_device - btrfs: fix lost error handling when replaying directory deletes - btrfs: call btrfs_check_rw_degradable only if there is a missing device - [armhf] regulator: s5m8767: do not use reset value as DVS voltage if GPIO DVS is disabled - [armhf] regulator: dt-bindings: samsung,s5m8767: correct s5m8767,pmic-buck-default-dvs-idx property - EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell - [x86] mwifiex: fix division by zero in fw download path - ath6kl: fix division by zero in send path - ath6kl: fix control-message timeout - ath10k: fix control-message timeout - ath10k: fix division by zero in send path - PCI: Mark Atheros QCA6174 to avoid bus reset - rtl8187: fix control-message timeouts - [arm64] wcn36xx: Fix HT40 capability for 2Ghz band - mwifiex: Read a PCI register after writing the TX ring write pointer - libata: fix checking of DMA state - [arm64] wcn36xx: handle connection loss indication - rsi: fix occasional initialisation failure with BT coex - rsi: fix key enabled check causing unwanted encryption for vap_id > 0 - rsi: fix rate mask set leading to P2P failure - rsi: Fix module dev_oper_mode parameter description - RDMA/qedr: Fix NULL deref for query_qp on the GSI QP - signal: Remove the bogus sigkill_pending in ptrace_stop - [mips*] signal/mips: Update (_save|_restore)_fp_context to fail with -EFAULT - [x86] power: supply: max17042_battery: Prevent int underflow in set_soc_threshold - [x86] power: supply: max17042_battery: use VFSOC for capacity when no rsns - serial: core: Fix initializing and restoring termios speed - ALSA: mixer: oss: Fix racy access to slots - ALSA: mixer: fix deadlock in snd_mixer_oss_set_volume - xen/balloon: add late_initcall_sync() for initial ballooning done - [arm64] PCI: aardvark: Do not clear status bits of masked interrupts - [arm64] PCI: aardvark: Do not unmask unused interrupts - [arm64] PCI: aardvark: Fix return value of MSI domain .alloc() method - [arm64] PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG - quota: check block number when reading the block in quota file - quota: correct error number in free_dqentry() - pinctrl: core: fix possible memory leak in pinctrl_enable() - iio: dac: ad5446: Fix ad5622_write() return value - USB: serial: keyspan: fix memleak on probe errors - USB: iowarrior: fix control-message timeouts - drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200 2-in-1 - Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() (CVE-2021-3640) - Bluetooth: fix use-after-free error in lock_sock_nested() (CVE-2021-3752) - [x86] platform/x86: wmi: do not fail if disabling fails - locking/lockdep: Avoid RCU-induced noinstr fail - net: sched: update default qdisc visibility after Tx queue cnt changes - [x86] Increase exception stack sizes - mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type - mwifiex: Properly initialize private structure on interface type changes - media: netup_unidvb: handle interrupt properly according to the firmware - media: uvcvideo: Set capability in s_param - media: uvcvideo: Return -EIO for control errors - media: mceusb: return without resubmitting URB in case of -EPROTO error. - ACPICA: Avoid evaluating methods too early during system resume - media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte() - tracefs: Have tracefs directories not set OTH permission bits by default - ath: dfs_pattern_detector: Fix possible null-pointer dereference in channel_detector_create() - [x86] ACPI: battery: Accept charges over the design capacity as full - memstick: r592: Fix a UAF bug when removing the driver - lib/xz: Avoid overlapping memcpy() with invalid input with in-place decompression - lib/xz: Validate the value before assigning it to an enum variable - workqueue: make sysfs of unbound kworker cpumask more clever - mwl8k: Fix use-after-free in mwl8k_fw_state_machine() - PM: hibernate: Get block device exclusively in swsusp_check() - iwlwifi: mvm: disable RX-diversity in powersave - gre/sit: Don't generate link-local addr if addr_gen_mode is IN6_ADDR_GEN_MODE_NONE - [x86] hyperv: Protect set_hv_tscchange_cb() against getting preempted - task_stack: Fix end_of_stack() for architectures with upwards-growing stack - Bluetooth: fix init and cleanup of sco_conn.timeout_work - cgroup: Make rebind_subsystems() disable v2 controllers all at once - drm/amdgpu: fix warning for overflow check - media: em28xx: add missing em28xx_close_extension - media: dvb-usb: fix ununit-value in az6027_rc_query - media: si470x: Avoid card name truncation - media: cx23885: Fix snd_card_free call on null card pointer - cpuidle: Fix kobject memory leaks in error paths - media: em28xx: Don't use ops->suspend if it is NULL - ath9k: Fix potential interrupt storm on queue reset - [x86] crypto: qat - detect PFVF collision after ACK - [x86] crypto: qat - disregard spurious PFVF interrupts - b43legacy: fix a lower bounds test - b43: fix a lower bounds test - [armhf] mmc: sdhci-omap: Fix NULL pointer exception if regulator is not configured - memstick: jmb38x_ms: use appropriate free function in jmb38x_ms_alloc_host() - hwmon: Fix possible memleak in __hwmon_device_register() - ath10k: fix max antenna gain unit - [arm64] drm/msm: uninitialized variable in msm_gem_import() - net: stream: don't purge sk_error_queue in sk_stream_kill_queues() - [x86] platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning - rsi: stop thread firstly in rsi_91x_init() error handling - mwifiex: Send DELBA requests according to spec - phy: micrel: ksz8041nl: do not use power down mode - nvme-rdma: fix error code in nvme_rdma_setup_ctrl - PM: hibernate: fix sparse warnings - [arm64] drm/msm: Fix potential NULL dereference in DPU SSPP - [s390x] gmap: don't unconditionally call pte_unmap_unlock() in __gmap_zap() - tcp: don't free a FIN sk_buff in tcp_remove_empty_skb() - [s390x] KVM: s390: Fix handle_sske page fault handling - libertas_tf: Fix possible memory leak in probe and disconnect - libertas: Fix possible memory leak in probe and disconnect - [arm64] wcn36xx: add proper DMA memory barriers in rx path - [amd64,arm64] net: amd-xgbe: Toggle PLL settings during rate change - [arm64,armhf] net: phylink: avoid mvneta warning when setting pause parameters - crypto: pcrypt - Delay write to padata->info - RDMA/rxe: Fix wrong port_cap_flags - scsi: dc395: Fix error case unwinding - JFS: fix memleak in jfs_mount - ALSA: hda: Reduce udelay() at SKL+ position reporting - [arm64,armhf] soc/tegra: Fix an error handling path in tegra_powergate_power_up() - serial: 8250_dw: Drop wrong use of ACPI_PTR() - scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn() - RDMA/mlx4: Return missed an error if device doesn't support steering - [arm64] phy: qcom-qusb2: Fix a memory leak on probe - [arm64] serial: xilinx_uartps: Fix race condition causing stuck TX - [mips*] cm: Convert to bitfield API to fix out-of-bounds access - apparmor: fix error check - rpmsg: Fix rpmsg_create_ept return when RPMSG config is not defined - pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds - drm/plane-helper: fix uninitialized variable reference - [arm64] PCI: aardvark: Don't spam about PIO Response Status - NFS: Fix deadlocks in nfs_scan_commit_list() - fs: orangefs: fix error return code of orangefs_revalidate_lookup() - [arm64] mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare() - netfilter: nfnetlink_queue: fix OOB when mac header was cleared - dmaengine: dmaengine_desc_callback_valid(): Check for `callback_result` - [x86] watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT - scsi: qla2xxx: Fix gnl list corruption - scsi: qla2xxx: Turn off target reset during issue_lip - xen-pciback: Fix return in pm_ctrl_init() - [armhf] net: davinci_emac: Fix interrupt pacing disable - bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed - mm/zsmalloc.c: close race window between zs_pool_dec_isolated() and zs_unregister_migration() - zram: off by one in read_block_state() - llc: fix out-of-bound array index in llc_sk_dev_hash() - nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails - [arm64] pgtable: make __pte_to_phys/__phys_to_pte_val inline functions - vsock: prevent unnecessary refcnt inc for nonblocking connect - cxgb4: fix eeprom len when diagnostics not implemented - [arm64,armhf] USB: chipidea: fix interrupt deadlock - [armel,armhf] 9155/1: fix early early_iounmap() - f2fs: should use GFP_NOFS for directory inodes - 9p/net: fix missing error check in p9_check_errors - [powerpc*] lib: Add helper to check if offset is within conditional branch range - [powerpc*] bpf: Validate branch ranges - [powerpc*] bpf: Fix BPF_SUB when imm == 0x80000000 - [powerpc*] security: Add a helper to query stf_barrier type - [powerpc*] bpf: Emit stf barrier instruction sequences for BPF_NOSPEC - mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks - mm, oom: do not trigger out_of_memory from the #PF - [armhf] backlight: gpio-backlight: Correct initial power state handling - video: backlight: Drop maximum brightness override for brightness zero - [s390x] cio: check the subchannel validity for dev_busid - [s390x] tape: fix timer initialization in tape_std_assign() - PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros - fuse: truncate pagecache on atomic_o_trunc - [x86] cpu: Fix migration safety with X86_BUG_NULL_SEL - ext4: fix lazy initialization next schedule time computation in more granular unit - PCI/MSI: Destroy sysfs before freeing entries - PCI/MSI: Deal with devices lying about their MSI mask capability - PCI: Add MSI masking quirk for Nvidia ION AHCI - [arm64] zynqmp: Do not duplicate flash partition label property - [arm64] zynqmp: Fix serial compatible string - scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() - [armhf] usb: musb: tusb6010: check return value after calling platform_get_resource() - [x86] usb: typec: tipd: Remove WARN_ON in tps6598x_block_read - [x86] ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect - scsi: advansys: Fix kernel pointer leak - firmware_loader: fix pre-allocated buf built-in firmware use - tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc - scsi: target: Fix ordered tag handling - scsi: target: Fix alua_tg_pt_gps_count tracking - [i386] ALSA: gus: fix null pointer dereference on pointer block - f2fs: fix up f2fs_lookup tracepoints - sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain() - drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame - iavf: check for null in iavf_fix_features - iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset - [x86] platform/x86: hp_accel: Fix an error handling path in 'lis3lv02d_probe()' - net: virtio_net_hdr_to_skb: count transport header in UFO - i40e: Fix correct max_pkt_size on VF RX queue - i40e: Fix NULL ptr dereference on VSI filter sync - i40e: Fix changing previously set num_queue_pairs for PFs - i40e: Fix display error code in dmesg - NFC: reorganize the functions in nci_request - [x86] perf/x86/intel/uncore: Fix filter_tid mask for CHA events on Skylake Server - [x86] perf/x86/intel/uncore: Fix IIO event constraints for Skylake Server - tun: fix bonding active backup with arp monitoring - ipc: WARN if trying to remove ipc object which is absent - [x86] hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails - udf: Fix crash after seekdir - btrfs: fix memory ordering between normal and ordered work functions - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type - drm/udl: fix control-message timeout - drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga and dvi connectors - perf/core: Avoid put_page() when GUP fails - batman-adv: mcast: fix duplicate mcast packets in BLA backbone from LAN - batman-adv: Consider fragmentation for needed_headroom - batman-adv: Reserve needed_*room for fragments - batman-adv: Don't always reallocate the fragmentation skb head - RDMA/netlink: Add __maybe_unused to static inline in C file - ASoC: DAPM: Cover regression by kctl change notification fix - [arm64,armhf] soc/tegra: pmc: Fix imbalanced clock disabling in error code path https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.219 - USB: serial: option: add Telit LE910S1 0x9200 composition - USB: serial: option: add Fibocom FM101-GL variants - [arm*] usb: dwc2: hcd_queue: Fix use of floating point literal - usb: hub: Fix usb enumeration issue due to address0 race - usb: hub: Fix locking issues with address0_mutex - [arm*] binder: fix test regression due to sender_euid change - ALSA: ctxfi: Fix out-of-range access - media: cec: copy sequence field for the reply - HID: wacom: Use "Confidence" flag to prevent reporting invalid contacts - [x86] staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() - fuse: fix page stealing - xen: don't continue xenstore initialization in case of errors - xen: detect uninitialized xenbus in xenbus_init - tracing: Fix pid filtering when triggers are attached - proc/vmcore: fix clearing user buffer by properly using clear_user() - [arm64] PCI: aardvark: Fix a leaked reference by adding missing of_node_put() - [arm64] PCI: aardvark: Wait for endpoint to be ready before training link - [arm64] PCI: aardvark: Train link immediately after enabling training - [arm64] PCI: aardvark: Improve link training - [arm64] PCI: aardvark: Issue PERST via GPIO - [arm64] PCI: aardvark: Replace custom macros by standard linux/pci_regs.h macros - [arm64] PCI: aardvark: Indicate error in 'val' when config read fails - [arm64] PCI: aardvark: Don't touch PCIe registers if no card connected - [arm64] PCI: aardvark: Fix compilation on s390 - [arm64] PCI: aardvark: Move PCIe reset card code to advk_pcie_train_link() - [arm64] PCI: aardvark: Update comment about disabling link training - [arm64] PCI: aardvark: Configure PCIe resources from 'ranges' DT property - [arm64] PCI: aardvark: Fix PCIe Max Payload Size setting - [arm64] PCI: aardvark: Fix link training - [arm64] PCI: aardvark: Fix checking for link up via LTSSM state - [arm64] pinctrl: armada-37xx: Correct mpp definitions - [arm64] pinctrl: armada-37xx: add missing pin: PCIe1 Wakeup - [arm64] pinctrl: armada-37xx: Correct PWM pins definitions - [arm64] dts: marvell: armada-37xx: Set pcie_reset_pin to gpio function - netfilter: ipvs: Fix reuse connection if RS weight is 0 - [x86] ASoC: topology: Add missing rwsem around snd_ctl_remove() calls - net: ieee802154: handle iftypes as u32 - NFSv42: Don't fail clone() unless the OP_CLONE operation failed - [armhf] socfpga: Fix crash with CONFIG_FORTIRY_SOURCE - scsi: mpt3sas: Fix kernel panic during drive powercycle test - [arm*] drm/vc4: fix error code in vc4_create_object() - ipv6: fix typos in __ip6_finish_output() - net/smc: Ensure the active closing peer first closes clcsock - PM: hibernate: use correct mode for swsusp_close() - tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited flows - net/smc: Don't call clcsock shutdown twice when smc shutdown - [arm64] net: hns3: fix VF RSS failed problem after PF enable multi-TCs - vhost/vsock: fix incorrect used length reported to the guest - tracing: Check pid filtering when creating events - [s390x] mm: validate VMA in PGSTE manipulation functions - hugetlbfs: flush TLBs correctly after huge_pmd_unshare (CVE-2021-4002) - NFC: add NCI_UNREG flag to eliminate the race - fuse: release pipe buf after last use - xen: sync include/xen/interface/io/ring.h with Xen's newest version - xen/blkfront: read response from backend only once - xen/blkfront: don't take local copy of a request from the ring page - xen/blkfront: don't trust the backend response data blindly - xen/netfront: read response from backend only once - xen/netfront: don't read data from request on the ring page - xen/netfront: disentangle tx_skb_freelist - xen/netfront: don't trust the backend response data blindly - tty: hvc: replace BUG_ON() with negative return value https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.220 - shm: extend forced shm destroy to support objects from several IPC nses - NFSv42: Fix pagecache invalidation after COPY/CLONE - gfs2: Fix length of holes reported at end-of-file - [amd64] atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait (CVE-2021-43975) - net: return correct error code - [x86] platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3 deep - [s390x] setup: avoid using memblock_enforce_memory_limit - btrfs: check-integrity: fix a warning on write caching disabled disk - thermal: core: Reset previous low and high trip during thermal zone init - scsi: iscsi: Unblock session then wake up error handler - ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile - [arm64] ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() - vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit - kprobes: Limit max data_size of the kretprobe instances - ipmi: Move remove_work to dedicated workqueue - fs: add fget_many() and fput_many() - fget: check that the fd still exists after getting a ref to it (CVE-2021-4083) - net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() - net: mpls: Fix notifications when deleting a device - siphash: use _unaligned version by default - net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources() - rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() - net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no IRQ is available - net: annotate data-races on txq->xmit_lock_owner - net/rds: correct socket tunable error in rds_tcp_tune() - net/smc: Keep smc_close_final rc during active close - [arm64] drm/msm: Do hw_init() before capturing GPU state - vgacon: Propagate console boot parameters before calling `vc_resize' - xhci: Fix commad ring abort, write all 64 bits to CRCR register. - USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub - [x86] usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect - [amd64] mm: Map all kernel memory into trampoline_pgd - [arm64] tty: serial: msm_serial: Deactivate RX DMA for polling support - [arm64] serial: pl011: Add ACPI SBSA UART match id - serial: core: fix transmit-buffer reset and memleak - ipmi: msghandler: Make symbol 'remove_work_wq' static https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.221 - HID: add hid_is_usb() function to make it simpler for USB detection - HID: wacom: fix problems when device is not a valid USB device - HID: check for valid USB device for many HID drivers - can: kvaser_usb: get CAN clock frequency from device - [x86] can: sja1000: fix use after free in ems_pcmcia_add_card() - net: core: netlink: add helper refcount dec and lock function - net: sched: rename qdisc_destroy() to qdisc_put() - net: sched: extend Qdisc with rcu - net: sched: add helper function to take reference to Qdisc - net: sched: use Qdisc rcu API instead of relying on rtnl lock - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done - bpf: Fix the off-by-two error in range markings - ice: ignore dropped packets during init - bonding: make tx_rebalance_counter an atomic - nfp: Fix memory leak in nfp_cpp_area_cache_add() - seg6: fix the iif in the IPv6 socket control block - udp: using datalen to cap max gso segments - [amd64] IB/hfi1: Correct guard on eager buffer deallocation - mm: bdi: initialize bdi_min_ratio when bdi is unregistered - ALSA: ctl: Fix copy of updated id with element read/write - ALSA: pcm: oss: Fix negative period/buffer sizes - ALSA: pcm: oss: Limit the period size to 16MB - ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*() - tracefs: Have new files inherit the ownership of their parent - [arm64] clk: qcom: regmap-mux: fix parent clock lookup - [i386] can: pch_can: pch_can_rx_normal: fix use after free - libata: add horkage for ASMedia 1092 - wait: add wake_up_pollfree() - binder: use wake_up_pollfree() - signalfd: use wake_up_pollfree() - aio: keep poll requests on waitqueue until completed - aio: fix use-after-free due to missing POLLFREE handling - tracefs: Set all files to the same group ownership as the mount option - block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2) - qede: validate non LSO skb length - i40e: Fix pre-set max number of queues for VF - net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero - [armhf] net: fec: only clear interrupt of handling queue in fec_enet_rx_queue() - net, neigh: clear whole pneigh_entry at alloc time - net/qla3xxx: fix an error code in ql_adapter_up() - USB: gadget: detect too-big endpoint 0 requests (CVE-2021-39685) - USB: gadget: zero allocate endpoint 0 buffers (CVE-2021-39685) - usb: core: config: fix validation of wMaxPacketValue entries - xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime suspending - usb: core: config: using bit mask instead of individual bits - xhci: avoid race between disable slot command and host runtime suspend - iio: trigger: Fix reference counting - [armhf] iio: mma8452: Fix trigger reference couting - [arm64,armhf] iio: adc: axp20x_adc: fix charging current reporting on AXP22x - [x86] iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove - [armhf] irqchip/armada-370-xp: Fix return value of armada_370_xp_msi_alloc() - [armhf] irqchip/armada-370-xp: Fix support for Multi-MSI interrupts - [arm64,armhf] irqchip/irq-gic-v3-its.c: Force synchronisation when issuing INVALL - net_sched: fix a crash in tc_new_tfilter() - net: sched: make function qdisc_free_cb() static https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.222 - stable: clamp SUBLEVEL in 4.19 - nfc: fix segfault in nfc_genl_dump_devices_done - [arm64] drm/msm/dsi: set default num_data_lanes - net/mlx4_en: Update reported link modes for 1/10G - [arm64,armhf] i2c: rk3x: Handle a spurious start completion interrupt flag - net: netlink: af_netlink: Prevent empty skb by adding a check on len. - tracing: Fix a kmemleak false positive in tracing_map - [x86] hwmon: (dell-smm) Fix warning on /proc/i8k creation error - mac80211: send ADDBA requests using the tid/queue of the aggregation session - dm btree remove: fix use after free in rebalance_children() - audit: improve robustness of the audit queue handling - nfsd: fix use-after-free due to delegation race (Closes: #988044) - [x86] sme: Explicitly map new EFI memmap table as encrypted - mac80211: track only QoS data frames for admission control - [armhf] socfpga: dts: fix qspi node compatible - sch_cake: do not call cake_destroy() from cake_init() - rds: memory leak in __rds_conn_create() (CVE-2021-45480) - [arm64,armhf] soc/tegra: fuse: Fix bitwise vs. logical OR warning - igb: Fix removal of unicast MAC filters of VFs - igbvf: fix double free in `igbvf_probe` - ixgbe: set X550 MDIO speed before talking to PHY - netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc (CVE-2021-4135) - net/packet: rx_owner_map depends on pg_vec (CVE-2021-22600) - sit: do not call ipip6_dev_free() from sit_init_net() - USB: gadget: bRequestType is a bitfield, not a enum - USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04) - PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error - PCI/MSI: Mask MSI-X vectors only on success - USB: serial: cp210x: fix CP2105 GPIO registration - USB: serial: option: add Telit FN990 compositions - timekeeping: Really make sure wall_to_monotonic isn't positive - libata: if T_LENGTH is zero, dma direction should be DMA_NONE - drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE - mac80211: validate extended element ID is present - [armel] 8805/2: remove unneeded naked function usage - mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO - Input: touchscreen - avoid bitwise vs logical OR warning - media: mxl111sf: change mutex_init() location - fuse: annotate lock in fuse_reverse_inval_entry() - ovl: fix warning in ovl_create_real() - scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() - xen/blkfront: harden blkfront against event channel storms (CVE-2021-28711) - xen/netfront: harden netfront against event channel storms (CVE-2021-28712) - xen/console: harden hvc_xen against event channel storms (CVE-2021-28713) - xen/netback: fix rx queue stall detection (CVE-2021-28714) - xen/netback: don't queue unlimited number of packages (CVE-2021-28715) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.223 - net: usb: lan78xx: add Allied Telesis AT29M2-AF - block, bfq: improve asymmetric scenarios detection - block, bfq: fix asymmetric scenarios detection - block, bfq: fix decrement of num_active_groups - block, bfq: fix queue removal from weights tree - block, bfq: fix use after free in bfq_bfqq_expire - HID: holtek: fix mouse probing - [arm64] dts: allwinner: orangepi-zero-plus: fix PHY mode - [arm64] spi: change clk_disable_unprepare to clk_unprepare - IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() - netfilter: fix regression in looped (broad|multi)cast's MAC handling - qlcnic: potential dereference null pointer of rx_queue->page_ring - net: accept UFOv6 packages in virtio_net_hdr_to_skb - net: skip virtio_net_hdr_set_proto if protocol already set - ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module - bonding: fix ad_actor_system option setting to default - [amd64] fjes: Check for error irq - [armhf] drivers: net: smc911x: Check for error irq - sfc: falcon: Check null pointer of rx_queue->page_ring - hwmon: (lm90) Fix usage of CONFIG2 register in detect function - ALSA: jack: Check the return value of kstrdup() - ALSA: drivers: opl3: Fix incorrect use of vp->state - Input: atmel_mxt_ts - fix double free in mxt_read_info_block - ipmi: bail out if init_srcu_struct fails - ipmi: fix initialization when workqueue allocation fails - [x86] pkey: Fix undefined behaviour with PKRU_WD_BIT - [armel,armhf] 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling - f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() (CVE-2021-45469) - usb: gadget: u_ether: fix race in setting MAC address in setup phase - [x86] KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state - hwmon: (lm90) Do not report 'busy' status bit as alarm - ax25: NPD bug when detaching AX25 device - hamradio: defer ax25 kfree after unregister_netdev - hamradio: improve the incomplete fix to avoid NPD - phonet/pep: refuse to enable an unbound pipe https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.224 - [arm64] tee: handle lookup of shm with reference count 0 (CVE-2021-44733) - Input: i8042 - add deferred probe support - [x86] Input: i8042 - enable deferred probe quirk for ASUS UM325UA - [x86] platform/x86: apple-gmux: use resource_size() with res - selinux: initialize proto variable in selinux_ip_postroute_compat() - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() - udp: using datalen to cap ipv6 udp max gso segments - sctp: use call_rcu to free endpoint - net: usb: pegasus: Do not drop long Ethernet frames - net/mlx5e: Fix wrong features assignment in case of error - i2c: validate user data in compat ioctl - nfc: uapi: use kernel size_t to fix user-space builds - uapi: fix linux/nfc.h userspace compilation errors - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set. - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. - [arm*] binder: fix async_free_space accounting for empty parcels - [x86] scsi: vmw_pvscsi: Set residual data length conditionally - Input: appletouch - initialize work before device registration - Input: spaceball - fix parsing of movement data packets - net: fix use-after-free in tw_timer_handler https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.225 - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf() - tracing: Tag trace_percpu_buffer as a percpu pointer - ieee802154: atusb: fix uninit value in atusb_set_extended_addr - RDMA/core: Don't infoleak GRH fields - mac80211: initialize variable have_higher_than_11mbit - i40e: fix use-after-free in i40e_sync_filters_subtask() - i40e: Fix incorrect netdev's real number of RX/TX queues - ipv6: Check attribute length for RTA_GATEWAY in multipath route - ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route - sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc - xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate (CVE-2021-4155) - rndis_host: support Hytera digital radios - phonet: refcount leak in pep_sock_accep (CVE-2021-45095) - ipv6: Continue processing multipath route even if gateway attribute is invalid - ipv6: Do cleanup if attribute validation fails in multipath route - scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown() - ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate - net: udp: fix alignment problem in udp4_seq_show() - mISDN: change function names to avoid conflicts https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.226 - Bluetooth: bfusb: fix division by zero in send path - USB: core: Fix bug in resuming hub's handling of wakeup requests - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status - can: bcm: switch timer to HRTIMER_MODE_SOFT and remove hrtimer_tasklet - veth: Do not record rx queue hint in veth_xmit - [x86] mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe() - can: gs_usb: fix use of uninitialized variable, detach device on reception of invalid USB data - can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved} - random: fix data race on crng_node_pool - random: fix data race on crng init time - [x86] drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk() - kbuild: Add $(KBUILD_HOSTLDFLAGS) to 'has_libelf' test - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc() - [s390x] KVM: s390: Clarify SIGP orders versus STOP/RESTART - media: uvcvideo: fix division by zero at stream start - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with interrupts enabled - firmware: qemu_fw_cfg: fix sysfs information leak - firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries - firmware: qemu_fw_cfg: fix kobject leak in probe error path - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after reboot from Windows - HID: uhid: Fix worker destroying device without any protection - HID: wacom: Reset expected and received contact counts at the same time - HID: wacom: Ignore the confidence flag when a touch is removed - HID: wacom: Avoid using stale array indicies to read contact count - f2fs: fix to do sanity check in is_alive() - nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed bind() - [armhf] mtd: rawnand: gpmi: Remove explicit default gpmi clock setting for i.MX6 - [x86] gpu: Reserve stolen memory for first integrated Intel GPU - rtc: cmos: take rtc_lock while reading from CMOS - media: flexcop-usb: fix control-message timeouts - media: mceusb: fix control-message timeouts - media: em28xx: fix control-message timeouts - media: cpia2: fix control-message timeouts - media: s2255: fix control-message timeouts - media: dib0700: fix undefined behavior in tuner shutdown - media: redrat3: fix control-message timeouts - media: pvrusb2: fix control-message timeouts - media: stk1160: fix control-message timeouts - [x86] can: softing_cs: softingcs_probe(): fix memleak on registration failure - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller - shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails - [arm*] clk: bcm-2835: Pick the closest clock rate - [arm*] clk: bcm-2835: Remove rounding up the dividers - [arm64] wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND - [arm64] wcn36xx: Release DMA channel descriptor allocations - media: videobuf2: Fix the size printk format - media: em28xx: fix memory leak in em28xx_init_dev - Bluetooth: stop proccessing malicious adv data - [arm64] tee: fix put order in teedev_close_context() - media: dmxdev: fix UAF when dvb_register_device() fails - [arm64] crypto: qce - fix uaf on qce_ahash_register_one - netfilter: bridge: add support for pppoe filtering - drm/amdgpu: Fix a NULL pointer dereference in amdgpu_connector_lcd_native_mode() - drm/radeon/radeon_kms: Fix a NULL pointer dereference in radeon_driver_open_kms() - [arm*] serial: amba-pl011: do not request memory region twice - floppy: Fix hang in watchdog when disk is ejected - media: dib8000: Fix a memleak in dib8000_init() - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach() - media: si2157: Fix "warm" tuner state detection - sched/rt: Try to restart rt period timer when rt runtime exceeded - xfrm: fix a small bug in xfrm_sa_len() - media: dw2102: Fix use after free - media: msi001: fix possible null-ptr-deref in msi001_probe() - [arm64] drm/msm/dpu: fix safe status debugfs file - xfrm: interface with if_id 0 should return error - xfrm: state and policy should fail if XFRMA_IF_ID 0 - usb: ftdi-elan: fix memory leak on device disconnect - [armhf] mmc: meson-mx-sdio: add IRQ check - [x86] mce/inject: Avoid out-of-bounds write when setting flags - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in __nonstatic_find_io_region() - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in nonstatic_find_mem_region() - netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() - ppp: ensure minimum packet size in ppp_write() - Bluetooth: hci_bcm: Check for error irq - [arm64,armhf] spi: spi-meson-spifc: Add missing pm_runtime_disable() in meson_spifc_probe - tpm: add request_locality before write TPM_INT_ENABLE - can: softing: softing_startstop(): fix set but not used variable warning - pcmcia: fix setting of kthread task states - net: mcs7830: handle usb read errors properly - ext4: avoid trim error on fs with small groups - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls - [arm64] RDMA/hns: Validate the pkey index - [powerpc*] prom_init: Fix improper check of prom_getprop() - ALSA: oss: fix compile error when OSS_DEBUG is enabled - [arm64,armhf] iommu/io-pgtable-arm: Fix table descriptor paddr formatting - scsi: ufs: Fix race conditions related to driver data - RDMA/core: Let ib_find_gid() continue search even after empty entry - [x86] ASoC: rt5663: Handle device_property_read_u32_array error codes - [arm*] iommu/iova: Fix race between FQ timeout and teardown - RDMA/cxgb4: Set queue pair state when being queried - Bluetooth: Fix debugfs entry leak in hci_register_dev() - fs: dlm: filter user dlm messages for kernel locks - ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply - drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR - usb: gadget: f_fs: Use stream_open() for endpoint files - HID: apple: Do not reset quirks when the Fn key is not found - media: b2c2: Add missing check in flexcop_pci_isr: - gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use - [armhf] HSI: core: Fix return freed object in hsi_new_client - [x86] mwifiex: Fix skb_over_panic in mwifiex_usb_recv() (CVE-2021-43976) - rsi: Fix out-of-bounds read in rsi_read_pkt() - floppy: Add max size check for user space request - media: saa7146: hexium_orion: Fix a NULL pointer dereference in hexium_attach() - media: m920x: don't use stack on USB reads - iwlwifi: mvm: synchronize with FW after multicast commands - ath10k: Fix tx hanging - net-sysfs: update the queue counts in the unregistration path - [x86] mce: Mark mce_panic() noinstr - [x86] mce: Mark mce_end() noinstr - [x86] mce: Mark mce_read_aux() noinstr - net: bonding: debug: avoid printing debug logs when bond is not notifying peers - bpf: Do not WARN in bpf_warn_invalid_xdp_action() - HID: quirks: Allow inverting the absolute X/Y values - media: igorplugusb: receiver overflow should be reported - media: saa7146: hexium_gemini: Fix a NULL pointer dereference in hexium_attach() - mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO - audit: ensure userspace is penalized the same as the kernel when under pressure - usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0 - ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream - iwlwifi: fix leaks/bad data after failed firmware load - iwlwifi: remove module loading failure message - iwlwifi: mvm: Fix calculation of frame length - jffs2: GC deadlock reading a page that is used in jffs2_write_begin() - ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions - ACPICA: Utilities: Avoid deleting the same object twice in a row - ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R() - ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5 - drm/amdgpu: fixup bad vram size on gmc v8 - [x86] ACPI: battery: Add the ThinkPad "Not Charging" quirk - btrfs: remove BUG_ON() in find_parent_nodes() - btrfs: remove BUG_ON(!eie) in find_parent_nodes - net: mdio: Demote probed message to debug print - mac80211: allow non-standard VHT MCS-10/11 - dm btree: add a defensive bounds check to insert_at() - dm space map common: add bounds check to sm_ll_lookup_bitmap() - net: phy: marvell: configure RGMII delays for 88E1118 - [arm64] regulator: qcom_smd: Align probe function with rpmh-regulator - [arm64,armhf] serial: pl010: Drop CR register reset on set_termios - serial: core: Keep mctrl register state and cached copy in sync - [powerpc*] powernv: add missing of_node_put - [powerpc*] btext: add missing of_node_put - [powerpc*] watchdog: Fix missed watchdog reset due to memory ordering race - [x86] i2c: i801: Don't silently correct invalid transfer size - [powerpc*] smp: Move setup_profiling_timer() under CONFIG_PROFILING - [powerpc*] i2c: mpc: Correct I2C reset procedure - w1: Misuse of get_user()/put_user() reported by sparse - ALSA: seq: Set upper limit of processed events - [powerpc*] handle kdump appropriately with crash_kexec_post_notifiers option - [mips*] OCTEON: add put_device() after of_find_device_by_node() - [x86] i2c: designware-pci: Fix to change data types of hcnt and lcnt parameters - scsi: sr: Don't use GFP_DMA - [arm64] rpmsg: core: Clean up resources on announce_create failure. - ubifs: Error path in ubifs_remount_rw() seems to wrongly free write buffers - serial: Fix incorrect rs485 polarity on uart open - cputime, cpuacct: Include guest time in user time in cpuacct.stat - iwlwifi: mvm: Increase the scan timeout guard to 30 seconds - [s390x] mm: fix 2KB pgtable release race - [armhf] drm/etnaviv: limit submit sizes - ext4: make sure to reset inode lockdep class when quota enabling fails - ext4: make sure quota gets properly shutdown on error - ext4: set csum seed in tmp inode while migrating to extents - ext4: Fix BUG_ON in ext4_bread when write quota data - ext4: don't use the orphan list when migrating an inode - ASoC: dpcm: prevent snd_soc_dpcm use after free - regulator: core: Let boot-on regulators be powered off - drm/radeon: fix error handling in radeon_driver_open_kms - [arm64] RDMA/hns: Modify the mapping attribute of doorbell to device - RDMA/rxe: Fix a typo in opcode name - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress - netns: add schedule point in ops_exit_list() - libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route() - net_sched: restore "mpu xxx" handling - [mips*,s390x] gup: Work around the "COW can break either way" issue (CVE-2020-29374) - fuse: fix bad inode (CVE-2020-36322) - fuse: fix live lock in fuse_iget() (CVE-2021-28950) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.227 - [x86] drm/i915: Flush TLBs before releasing backing store (CVE-2022-0330) - net: bridge: clear bridge's private skb space on xmit - select: Fix indefinitely sleeping task in poll_schedule_timeout() - [x86] drm/vmwgfx: Fix stale file descriptors on failed usercopy (CVE-2022-22942) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.228 - Bluetooth: refactor malicious adv data check - [s390x] hypfs: include z/VM guests with access control group set - [s390x] scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP devices - udf: Restore i_lenAlloc when inode expansion fails (CVE-2022-0617) - udf: Fix NULL ptr deref when converting from inline format (CVE-2022-0617) - [armhf] drm/etnaviv: relax submit size limits - netfilter: nft_payload: do not update layer 4 checksum when mangling fragments - serial: 8250: of: Fix mapped region size when using reg-offset property - tty: n_gsm: fix SW flow control encoding/handling - tty: Add support for Brainboxes UC cards. - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge - [arm64,armhf] usb: common: ulpi: Fix crash in ulpi_match() - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS - USB: core: Fix hang in usb_kill_urb by adding memory barriers - [x86] usb: typec: tcpm: Do not disconnect while receiving VBUS off - [arm64,armhf] net: sfp: ignore disabled SFP node - i40e: Increase delay to 1 s after global EMP reset - i40e: Fix issue when maximum queues is exceeded - i40e: Fix queues reservation for XDP - i40e: fix unsigned stat widths - scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() - ipv6_tunnel: Rate limit warning messages - net: fix information leakage in /proc/net/ptype - ping: fix the sk_bound_dev_if match in ping_lookup - ipv4: avoid using shared IP generator for connected sockets - hwmon: (lm90) Reduce maximum conversion rate for G781 - NFSv4: Handle case where the lookup of a directory fails (CVE-2022-24448) - NFSv4: nfs_atomic_open() can race when looking up a non-regular file - net-procfs: show net devices bound packet types - [arm64] drm/msm: Fix wrong size calculation - [arm64] drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable - ipv6: annotate accesses to fn->fn_sernum - NFS: Ensure the server has an up to date ctime before hardlinking - NFS: Ensure the server has an up to date ctime before renaming - phylib: fix potential use-after-free - yam: fix a memory leak in yam_siocdevprivate() (CVE-2022-24959) - ipv4: raw: lock the socket in raw_bind() - ipv4: tcp: send zero IPID in SYNACK messages - netfilter: nat: remove l4 protocol port rovers - netfilter: nat: limit port clash resolution attempts - tcp: fix possible socket leaks in internal pacing mode - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback - [amd64,arm64] net: amd-xgbe: ensure to reset the tx_timer_active flag - [amd64,arm64] net: amd-xgbe: Fix skb data length underflow - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() - af_packet: fix data-race in packet_setsockopt / packet_setsockopt - audit: improve audit queue handling when "audit=1" on cmdline - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx() - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx() - ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220 quirks - ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer chipset) - ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after reboot from Windows - drm/nouveau: fix off by one in BIOS boundary checking - block: bio-integrity: Advance seed correctly for larger interval sizes - RDMA/mlx4: Don't continue event handler after memory allocation failure - [amd64] iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() - [amd64] iommu/amd: Fix loop timeout issue in iommu_ga_log_enable() - [armhf] spi: meson-spicc: add IRQ check in meson_spicc_probe - net: ieee802154: hwsim: Ensure proper channel selection at probe time - net: ieee802154: Return meaningful error codes from the netlink helpers - net: macsec: Verify that send_sci is on when setting Tx sci explicitly - [arm64,armhf] net: stmmac: ensure PTP time register reads are consistent - [x86] drm/i915/overlay: Prevent divide by zero bugs in scaling - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe - nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client. - rtc: cmos: Evaluate century appropriate - [arm64] EDAC/xgene: Fix deferred probing - ext4: fix error handling in ext4_restore_inline_data() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.229 - cgroup-v1: Require capabilities to set release_agent (CVE-2022-0492) - moxart: fix potential use-after-free on remove path (CVE-2022-0487) - tipc: improve size validations for received domain records (CVE-2022-0435) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.230 - integrity: check the return value of audit_log_start() - net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs - NFS: Fix initialisation of nfs_client cl_flags field - NFSD: Clamp WRITE offsets - NFSD: Fix offset type in I/O trace points - NFSv4 only print the label when its queried - nfs: nfs4clinet: check the return value of kstrdup() - NFSv4.1: Fix uninitialised variable in devicenotify - NFSv4 remove zero number of fs_locations entries error check - NFSv4 expose nfs_parse_server_name function - net: sched: Clarify error message when qdisc kind is unknown - scsi: target: iscsi: Make sure the np under each tpg is unique - [arm*] usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend - [arm64,armhf] net: stmmac: dwmac-sun8i: use return val of readl_poll_timeout() - bpf: Add kconfig knob for disabling unpriv bpf by default - net: bridge: fix stale eth hdr pointer in br_dev_xmit - usb: f_fs: Fix use-after-free for epfile - ixgbevf: Require large buffers for build_skb on 82599VF - bonding: pair enable_port with slave_arr_updates - ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path - net: do not keep the dst cache when uncloning an skb dst and its metadata - net: fix a memleak when uncloning an skb dst and its metadata - veth: fix races around rq->rx_notify_masked - tipc: rate limit warning for received illegal binding update - [amd64,arm64] net: amd-xgbe: disable interrupts during pci removal - vt_ioctl: fix array_index_nospec in vt_setactivate - vt_ioctl: add array_index_nospec to VT_ACTIVATE - n_tty: wake up poll(POLLRDNORM) on receiving data - [arm64,armhf] usb: ulpi: Move of_node_put to ulpi_dev_release - [arm64,armhf] usb: ulpi: Call of_node_put correctly - [arm64,armhf] usb: dwc3: gadget: Prevent core from processing stale TRBs - USB: gadget: validate interface OS descriptor requests (CVE-2022-25258) - usb: gadget: rndis: check size of RNDIS_MSG_SET command (CVE-2022-25375) - USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320 - USB: serial: option: add ZTE MF286D modem - USB: serial: ch341: add support for GW Instek USB2.0-Serial devices - USB: serial: cp210x: add NCR Retail IO box id - USB: serial: cp210x: add CPI Bulk Coin Recycler id - seccomp: Invalidate seccomp mode to catch death failures - [x86] hwmon: (dell-smm) Speed up setting of fan speed - perf: Fix list corruption in perf_cgroup_switch() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.231 - Makefile.extrawarn: Move -Wunaligned-access to W=1 - net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup - btrfs: send: in case of IO error log it - net: ieee802154: at86rf230: Stop leaking skb's - ax25: improve the incomplete fix to avoid UAF and NPD bugs - vfs: make freeze_super abort when sync_filesystem returns error - quota: make dquot_quota_sync return errors from ->sync_fs - nvme: fix a possible use-after-free in controller reset during load - nvme-rdma: fix possible use-after-free in transport error_recovery work - Revert "module, async: async_synchronize_full() on module init iff async is used" - iwlwifi: fix use-after-free - drm/radeon: Fix backlight control on iMac 12,1 - xfrm: Don't accidentally set RTO_ONLINK in decode_session4() - taskstats: Cleanup the use of task->exit_code - mmc: block: fix read single on recovery logic - vsock: remove vsock from connected table when connect is interrupted by a signal - iwlwifi: pcie: fix locking when "HW not ready" - iwlwifi: pcie: gen2: fix locking when "HW not ready" - ping: fix the dif and sdif check in ping_lookup - drop_monitor: fix data-race in dropmon_net_event / trace_napi_poll_hit - bonding: fix data-races around agg_select_timer - libsubcmd: Fix use-after-free for realloc(..., 0) - ALSA: hda: Fix regression on forced probe mask option - ALSA: hda: Fix missing codec probe on Shenker Dock 15 - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw() - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range() - [powerpc*] lib/sstep: fix 'ptesync' build error - ext4: check for out-of-order index extents in ext4_valid_extent_entries() - block/wbt: fix negative inflight counter when remove scsi device - NFS: LOOKUP_DIRECTORY is also ok with symlinks - NFS: Do not report writeback errors in nfs_getattr() - EDAC: Fix calculation of returned address and next offset in edac_align_ptr() - net: sched: limit TC_ACT_REPEAT loops - lib/iov_iter: initialize "flags" in new pipe_buffer - [x86] Drivers: hv: vmbus: Expose monitor data only when monitor pages are used - [x86] Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj - [x86] KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW - [armhf] OMAP2+: hwmod: Add of_node_put() before break - netfilter: conntrack: don't refresh sctp entries in closed state - kconfig: let 'shell' return enough output for deep path names - ata: libata-core: Disable TRIM on M88V29 - tracing: Fix tp_printk option related with tp_printk_stop_on_boot - net: usb: qmi_wwan: Add support for Dell DW5829e - [arm64] net: macb: Align the dma and coherent dma masks https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.232 - cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug - vhost/vsock: don't check owner in vhost_vsock_stop() while releasing - sr9700: sanity check for packet length - USB: zaurus: support another broken Zaurus - ping: remove pr_err from ping_lookup - net: __pskb_pull_tail() & pskb_carve_frag_list() drop_monitor friends - tipc: Fix end of loop tests for list_for_each_entry() - gso: do not skip outer ip header in case of ipip and net_failover - openvswitch: Fix setting ipv6 fields causing hw csum failure - drm/edid: Always set RGB444 - net/mlx5e: Fix wrong return value on ioctl EEPROM query failure - configfs: fix a race in configfs_{,un}register_subsystem() - RDMA/ib_srp: Fix a deadlock - tty: n_gsm: fix proper link termination after failed open - Revert "drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR" - memblock: use kfree() to release kmalloced memblock regions - fget: clarify and improve __fget_files() implementation - tracing: Have traceon and traceoff trigger honor the instance - ata: pata_hpt37x: disable primary channel on HPT371 - Revert "USB: serial: ch341: add new Product ID for CH341A" - usb: gadget: rndis: add spinlock for rndis response list - tracefs: Set the group ownership in apply_options() not parse_options() - USB: serial: option: add support for DW5829e - USB: serial: option: add Telit LE910R1 compositions - [arm64] usb: dwc3: pci: Fix Bay Trail phy GPIO mappings - [arm64,armhf] usb: dwc3: gadget: Let the interrupt handler disable bottom halves. - xhci: re-initialize the HC during resume if HCE was set - xhci: Prevent futile URB re-submissions due to incorrect return value. - tty: n_gsm: fix encoding of control signal octet bit DV . [ Salvatore Bonaccorso ] * Bump ABI to 19 * [rt] Update to 4.19.210-rt90 * [rt] Update to 4.19.211-rt91 * [rt] Update to 4.19.212-rt92 * [rt] Update to 4.19.214-rt93 * [rt] Update to 4.19.215-rt94 - fscache: fix initialisation of cookie hash table raw spinlocks * [rt] Update to 4.19.217-rt95 * Refresh "Export symbols needed by Android drivers" * liblockdep: Stop build liblockdep packages * [rt] Update to 4.19.218-rt96 * [rt] Update to 4.19.219-rt97 * [rt] Refresh "net: move xmit_recursion to per-task variable on -RT" * Refresh "Export symbols needed by Android drivers" * [rt] Update to 4.19.225-rt101 * Refresh "Revert "objtool: Fix CONFIG_STACK_VALIDATION=y warning for out-of-tree modules"" * [rt] Update to 4.19.227-rt102 * [rt] Update to 4.19.230-rt103 * init: Enable BPF_UNPRIV_DEFAULT_OFF (Closes: #990411) * Mitigate Spectre v2-type Branch History Buffer attacks (CVE-2022-0001, CVE-2022-0002) - [x86] speculation: Merge one test in spectre_v2_user_select_mitigation() - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd - [x86] speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE - [x86] speculation: Add eIBRS + Retpoline options - Documentation/hw-vuln: Update spectre doc - [x86] speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting - [x86] speculation: Use generic retpoline by default on AMD - [x86] speculation: Update link to AMD speculation whitepaper - [x86] speculation: Warn about Spectre v2 LFENCE mitigation - [x86] speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT linux-signed-arm64 (4.19.235+1) buster; urgency=medium . * Sign kernel from linux 4.19.235-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.233 - mac80211_hwsim: report NOACK frames in tx_status - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work - [arm*] i2c: bcm2835: Avoid clock stretching timeouts - [x86] ASoC: rt5682: do not block workqueue if card is unbound - Input: clear BTN_RIGHT/MIDDLE on buttonpads - cifs: fix double free race when mount fails in cifs_get_root() - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 - usb: gadget: don't release an existing dev->buf (CVE-2022-24958) - usb: gadget: clear related members when goto fail (CVE-2022-24958) - ata: pata_hpt37x: fix PCI clock detection - [x86] ALSA: intel_hdmi: Fix reference to PCM buffer address - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min - xfrm: fix MTU regression - netfilter: fix use-after-free in __nf_register_net_hook() - xfrm: fix the if_id check in changelink - xfrm: enforce validity of offload input flags - netfilter: nf_queue: don't assume sk is full socket - netfilter: nf_queue: fix possible use-after-free - batman-adv: Request iflink once in batadv-on-batadv check - batman-adv: Request iflink once in batadv_get_real_netdevice - batman-adv: Don't expect inter-netns unique iflink indices - net: dcb: flush lingering app table entries for unregistered devices - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server - block: Fix fsync always failed if once failed - PCI: pciehp: Fix infinite loop in IRQ handler upon power fault - xen/netfront: destroy queues before real_num_tx_queues is zeroed - mac80211: fix forwarded mesh frames AC & queue selection - [arm64,armhf] net: stmmac: fix return value of __setup handler - net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe() - efivars: Respect "block" flag in efivar_entry_set_safe() - can: gs_usb: change active_channels's type from atomic_t to u8 - [armel,armhf] 9182/1: mmu: fix returns from early_param() and __setup() functions - net: chelsio: cxgb3: check the return value of pci_find_capability() - nl80211: Handle nla_memdup failures in handle_nan_filter - Input: elan_i2c - move regulator_[en|dis]able() out of elan_[en|dis]able_power() - Input: elan_i2c - fix regulator enable count imbalance after suspend/resume - HID: add mapping for KEY_ALL_APPLICATIONS - memfd: fix F_SEAL_WRITE after shmem huge page allocated - tracing/histogram: Fix sorting on old "cpu" value - btrfs: add missing run of delayed items after unlink during log replay - net: dcb: disable softirqs in dcbnl_flush_dev() - hamradio: fix macro redefine warning https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.234 - [arm*] Provide a wrapper for SMCCC 1.1 calls - [arm64,armhf] smccc/psci: add arm_smccc_1_1_get_conduit() - [armhf] report Spectre v2 status through sysfs - [armel,armhf] early traps initialisation - [armel,armhf] use LOADADDR() to get load address of sections - [armel,armhf] Spectre-BHB workaround - [armel,armhf] include unprivileged BPF status in Spectre V2 reporting - [armel,armhf] fix build error when BPF_SYSCALL is disabled - [armel,armhf] fix co-processor register typo - [armel,armhf] Do not use NOCROSSREFS directive with ld.lld - [armhf] fix build warning in proc-v7-bugs.c - xen/xenbus: don't let xenbus_grant_ring() remove grants in error case (CVE-2022-23040, XSA-396) - xen/grant-table: add gnttab_try_end_foreign_access() (CVE-2022-23036, CVE-2022-23038, XSA-396) - xen/blkfront: don't use gnttab_query_foreign_access() for mapped status (CVE-2022-23036, XSA-396) - xen/netfront: don't use gnttab_query_foreign_access() for mapped status (CVE-2022-23037, XSA-396) - xen/scsifront: don't use gnttab_query_foreign_access() for mapped status (CVE-2022-23038, XSA-396) - xen/gntalloc: don't use gnttab_query_foreign_access() (CVE-2022-23039, XSA-396) - xen: remove gnttab_query_foreign_access() - xen/9p: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396) - xen/pvcalls: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396) - xen/gnttab: fix gnttab_end_foreign_access() without page specified (CVE-2022-23041, XSA-396) - xen/netfront: react properly to failing gnttab_end_foreign_access_ref() (CVE-2022-23042, XSA-396) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.235 - net: qlogic: check the return value of dma_alloc_coherent() in qed_vf_hw_prepare() - qed: return status of qed_iov_get_link - ax25: Fix NULL pointer dereference in ax25_kill_by_device - net/mlx5: Fix size field in bufferx_reg struct - NFC: port100: fix use-after-free in port100_send_complete - net: phy: DP83822: clear MISR2 register to disable interrupts - sctp: fix kernel-infoleak for SCTP sockets - net-sysfs: add check for netdevice being present to speed_show - Revert "xen-netback: remove 'hotplug-status' once it has served its purpose" - Revert "xen-netback: Check for hotplug-status existence before watching" - tracing: Ensure trace buffer is at least 4096 bytes large - [arm64] net: macb: Fix lost RX packet wakeup race in NAPI receive - virtio: unexport virtio_finalize_features - virtio: acknowledge all features before access - [armel,armhf] fix Thumb2 regression with Spectre BHB - ext4: add check to prevent attempting to resize an fs with sparse_super2 - btrfs: unlock newly allocated extent buffer after error (CVE-2021-4149) . [ Salvatore Bonaccorso ] * [rt] Add new signing key for Daniel Wagner * [rt] Update to 4.19.233-rt105 * Bump ABI to 20 * sctp: fix the processing for INIT chunk (CVE-2021-3772) * sctp: fix the processing for INIT_ACK chunk (CVE-2021-3772) linux-signed-arm64 (4.19.232+1) buster-security; urgency=high . * Sign kernel from linux 4.19.232-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.209 - ocfs2: drop acl cache for directories too - [arm*] usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA - [armhf] usb: musb: tusb6010: uninitialized data in tusb_fifo_write_unaligned() - cifs: fix incorrect check for null pointer in header_assemble - [x86] xen/x86: fix PV trap handling on secondary processors - USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter - USB: cdc-acm: fix minor-number release - Re-enable UAS for LaCie Rugged USB3-FW with fk quirk - USB: serial: mos7840: remove duplicated 0xac24 device ID - USB: serial: option: add Telit LN920 compositions - USB: serial: option: remove duplicate USB device ID - USB: serial: option: add device id for Foxconn T99W265 - [arm64] serial: mvebu-uart: fix driver's tx_empty callback - net: hso: fix muxed tty registration - bnxt_en: Fix TX timeout when TX ring size is set to the smallest - net/smc: add missing error check in smc_clc_prfx_set() - net/mlx4_en: Don't allow aRFS for encapsulated packets - scsi: iscsi: Adjust iface sysfs attr detection - [x86] tty: synclink_gt, drop unneeded forward declarations - [x86] tty: synclink_gt: rename a conflicting function name - thermal/core: Potential buffer overflow in thermal_build_list_of_policies() - [arm64,armhf] irqchip/gic-v3-its: Fix potential VPE leak on error - md: fix a lock order reversal in md_alloc - blktrace: Fix uaf in blk_trace access after removing by sysfs - [arm64,armhf] net: stmmac: allow CSR clock of 300MHz - xen/balloon: use a kernel thread instead a workqueue - nvme-multipath: fix ANA state updates when a namespace is not present - qnx4: avoid stringop-overread errors - [arm64] Mark __stack_chk_guard as __ro_after_init - net: 6pack: Fix tx timeout and slot time - [arm64] PCI: aardvark: Fix checking for PIO status - tcp: address problems caused by EDT misshaps - tcp: always set retrans_stamp on recovery - tcp: create a helper to model exponential backoff - tcp: adjust rto_base in retransmits_timed_out() - xen/balloon: fix balloon kthread freezing - tty: Fix out-of-bound vmalloc access in imageblit - cpufreq: schedutil: Use kobject release() method to free sugov_tunables - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory - mac80211: fix use-after-free in CCMP/GCMP RX - [x86] kvmclock: Move this_cpu_pvti into kvmclock.h - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20 - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb - hwmon: (tmp421) Replace S_<PERMS> with octal values - hwmon: (tmp421) report /PVLD condition as fault - hwmon: (tmp421) fix rounding for negative values - e100: fix length calculation in e100_get_regs_len - e100: fix buffer overrun in e100_get_regs - Revert "block, bfq: honor already-setup queue merges" - scsi: csiostor: Add module softdep on cxgb4 - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses (CVE-2021-4203) - elf: don't use MAP_FIXED_NOREPLACE for elf interpreter mappings - ext4: fix potential infinite loop in ext4_dx_readdir() - net: udp: annotate data race around udp_sk(sk)->corkflag - [armel,armhf] 9077/1: PLT: Move struct plt_entries definition to header - [armel,armhf] 9078/1: Add warn suppress parameter to arm_gen_branch_link() - [armel,armhf] 9079/1: ftrace: Add MODULE_PLTS support - [armel,armhf] 9098/1: ftrace: MODULE_PLT: Fix build problem without DYNAMIC_FTRACE - [x86] crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() (CVE-2021-3744, CVE-2021-3764) - HID: betop: fix slab-out-of-bounds Write in betop_probe - netfilter: ipset: Fix oversized kvmalloc() calls - HID: usbhid: free raw_report buffers in usbhid_stop - cred: allow get_cred() and put_cred() to be given NULL. https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.210 - net: mdio: introduce a shutdown method to mdio device drivers - xen-netback: correct success/error reporting for the SKB-with-fraglist case - scsi: sd: Free scsi_disk device via put_device() - [arm*] usb: dwc2: check return value after calling platform_get_resource() - scsi: ses: Retry failed Send/Receive Diagnostic commands - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD. - lib/timerqueue: Rely on rbtree semantics for next timer (CVE-2021-20317) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.211 - USB: cdc-acm: fix racy tty buffer accesses - USB: cdc-acm: fix break reporting - xen/privcmd: fix error handling in mmap-resource processing - ovl: fix missing negative dentry check in ovl_rename() (CVE-2021-20321) - nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero - xen/balloon: fix cancelled balloon action - [armhf] dts: omap3430-sdp: Fix NAND device node - [mips,mipsel] bpf, mips: Validate conditional branch offsets (CVE-2021-38300) - [armel,armhf] bpf, arm: Fix register clobbering in div/mod implementation - bpf: Fix integer overflow in prealloc_elems_and_freelist() (CVE-2021-41864) - phy: mdio: fix memory leak - net_sched: fix NULL deref in fifo_set_limit() - [i386] ptp_pch: Load module automatically if ID matches - [armhf] imx6: disable the GIC CPU interface before calling stby-poweroff sequence - net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size() - [arm64,armhf] net: sfp: Fix typo in state machine debug string - netlink: annotate data races around nlk->bound - drm/nouveau/debugfs: fix file release memory leak - rtnetlink: fix if_nlmsg_stats_size() under estimation - i40e: fix endless loop under rtnl - i40e: Fix freeing of uninitialized misc IRQ vector - i2c: acpi: fix resource leak in reconfiguration device addition https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.212 - [armhf] net: phy: bcm7xxx: Fixed indirect MMD operations - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS - netfilter: ip6_tables: zero-initialize fragment offset - mac80211: Drop frames from invalid MAC address in ad-hoc mode - net: prevent user from passing illegal stab size - mac80211: check return value of rhashtable_init - scsi: ses: Fix unsigned comparison with less than zero - scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported" - [x86] perf/x86: Reset destroy callback on event init failure - sched: Always inline is_percpu_thread() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.213 - ALSA: seq: Fix a potential UAF by wrong private_free call order - ALSA: hda/realtek: Complete partial device name to avoid ambiguity - ALSA: hda/realtek: Add quirk for Clevo X170KM-G - ALSA: hda/realtek - ALC236 headset MIC recording issue - [s390x] fix strrchr() implementation - btrfs: deal with errors when replaying dir entry during log replay - btrfs: deal with errors when adding inode reference during log replay - btrfs: check for error when looking up inode during dir entry replay - [x86] mei: me: add Ice Lake-N device id. - xhci: guard accesses to ep_state in xhci_endpoint_reset() - xhci: Fix command ring pointer corruption while aborting a command - xhci: Enable trust tx length quirk for Fresco FL11 USB controller - cb710: avoid NULL pointer subtraction - [arm64,x86] efi/cper: use stack buffer for error record decoding - efi: Change down_interruptible() in virt_efi_reset_system() to down_trylock() - [armhf] usb: musb: dsps: Fix the probe error path - Input: xpad - add support for another USB ID of Nacon GC-100 - USB: serial: qcserial: add EM9191 QDL support - USB: serial: option: add Quectel EC200S-CN module support - USB: serial: option: add Telit LE910Cx composition 0x1204 - USB: serial: option: add prod. id for Quectel EG91 - virtio: write back F_VERSION_1 before validate - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells - sctp: account stream padding length for reconf chunk (CVE-2022-0322) - ethernet: s2io: fix setting mac address during resume - nfc: fix error handling of nfc_proto_register() - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa() - NFC: digital: fix possible memory leak in digital_in_send_sdd_req() - [i386] pata_legacy: fix a couple uninitialized variable bugs - [arm64] drm/msm: Fix null pointer dereference on pointer edp - [arm64] drm/msm/dsi: Fix an error code in msm_dsi_modeset_init() - [arm64] drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling - [arm64] acpi/arm64: fix next_platform_timer() section mismatch error - mqprio: Correct stats in mqprio_dump_class_stats(). - qed: Fix missing error code in qed_slowpath_start() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.214 - NFSD: Keep existing listeners on portlist error - netfilter: ipvs: make global sysctl readonly in non-init netns - [arm64] net: hns3: add limit ets dwrr bandwidth cannot be 0 - [arm64] net: hns3: disable sriov before unload hclge layer - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state notification - can: peak_pci: peak_pci_remove(): fix UAF - ocfs2: fix data corruption after conversion from inline format - ocfs2: mount fails with buffer overflow in strlen - vfs: check fd has read access in kernel_read_file_from_fd() (CVE-2022-0644) - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset - ALSA: hda/realtek: Add quirk for Clevo PC50HS - ASoC: DAPM: Fix missing kctl change notifications - mm, slub: fix mismatch between reconstructed freelist depth and cnt - nfc: nci: fix the UAF of rf_conn_info object (CVE-2021-3760) - isdn: cpai: check ctr->cnr to avoid array index out of bound (CVE-2021-43389) - btrfs: deal with errors when checking if a dir entry exists during log replay - [arm64,armhf] net: stmmac: add support for dwmac 3.40a - isdn: mISDN: Fix sleeping function called from invalid context - ALSA: hda: avoid write to STATESTS if controller is in reset - scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma() - net: mdiobus: Fix memory leak in __mdiobus_register - tracing: Have all levels of checks prevent recursion https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.215 - [armel,armhf] 9139/1: kprobes: fix arch_init_kprobes() prototype - [powerpc*] bpf: Fix BPF_MOD when imm == 1 - [arm64] Avoid premature usercopy failure - usbnet: sanity check for maxpacket - usbnet: fix error return code in usbnet_probe() - ata: sata_mv: Fix the error handling of mv_chip_id() - nfc: port100: fix using -ERRNO as command type mask - Revert "net: mdiobus: Fix memory leak in __mdiobus_register" - ipv4: use siphash instead of Jenkins in fnhe_hashfun() (CVE-2021-20322) - ipv6: use siphash in rt6_exception_hash() (CVE-2021-20322) - ipv6: make exception cache less predictible (CVE-2021-20322) - mmc: vub300: fix control-message timeouts - mmc: cqhci: clear HALT state after CQE enable - [armhf] mmc: dw_mmc: exynos: fix the finding clock sample value - mmc: sdhci: Map more voltage level to SDHCI_POWER_330 - [armhf] mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset standard tuning circuit - net: lan78xx: fix division by zero in send path - RDMA/mlx5: Set user priority for DCT - [arm64] dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node - regmap: Fix possible double-free in regcache_rbtree_exit() - net: batman-adv: fix error handling - net: Prevent infinite while loop in skb_tx_hash() - net: ethernet: microchip: lan743x: Fix driver crash when lan743x_pm_resume fails - net: ethernet: microchip: lan743x: Fix dma allocation failure by using dma_set_mask_and_coherent - sctp: use init_tag from inithdr for ABORT chunk (CVE-2021-3772) - sctp: fix the processing for COOKIE_ECHO chunk (CVE-2021-3772) - sctp: add vtag check in sctp_sf_violation (CVE-2021-3772) - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa (CVE-2021-3772) - sctp: add vtag check in sctp_sf_ootb (CVE-2021-3772) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.216 - scsi: core: Put LLD module refcnt after SCSI device is released - media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() (CVE-2021-42739) - IB/qib: Use struct_size() helper - IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields - sfc: Fix reading non-legacy supported link modes - arch: pgtable: define MAX_POSSIBLE_PHYSMEM_BITS where needed - [armel,armhf] 9120/1: Revert "amba: make use of -1 IRQs warn" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.217 - [x86] Revert "x86/kvm: fix vcpu-id indexed array sizes" - usb: ehci: handshake CMD_RUN instead of STS_HALT - [arm64,armhf] usb: musb: Balance list entry in musb_gadget_queue - usb-storage: Add compatibility quirk flags for iODD 2531/2541 - printk/console: Allow to disable console output by using console="" or console=null - isofs: Fix out of bound access for corrupted isofs image - [x86] comedi: dt9812: fix DMA buffers on stack - [x86] comedi: ni_usb6501: fix NULL-deref in command paths - [x86] comedi: vmk80xx: fix transfer-buffer overflows - [x86] comedi: vmk80xx: fix bulk-buffer overflow - [x86] comedi: vmk80xx: fix bulk and interrupt message timeouts - staging: r8712u: fix control-message timeout - [x86] staging: rtl8192u: fix control-message timeouts - rsi: fix control-message timeout https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.218 - xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good delay - binder: use euid from cred instead of using task - binder: use cred instead of task for selinux checks - Input: elantench - fix misreporting trackpoint coordinates (Closes: #989285) - libata: fix read log timeout value - ocfs2: fix data corruption on truncate - [arm64,armhf] mmc: dw_mmc: Dont wait for DRTO on Write RSP error - tpm: Check for integer overflow in tpm2_map_response_body() - [x86] media: ite-cir: IR receiver stop working after receive overflow - media: ir-kbd-i2c: improve responsiveness of hauppauge zilog receivers (Closes: #994050) - ALSA: hda/realtek: Add quirk for Clevo PC70HS - ALSA: ua101: fix division by zero at probe - ALSA: 6fire: fix control and bulk message timeouts - ALSA: line6: fix control and interrupt message timeouts - ALSA: usb-audio: Add registration quirk for JBL Quantum 400 - ALSA: synth: missing check for possible NULL after the call to kstrdup - ALSA: timer: Fix use-after-free problem - ALSA: timer: Unconditionally unlink slave instances, too - [x86] irq: Ensure PI wakeup handler is unregistered before module unload - [arm64] cavium: Return negative value when pci_alloc_irq_vectors() fails - scsi: qla2xxx: Fix unmap of already freed sgl - [arm64] cavium: Fix return values of the probe function - sfc: Don't use netif_info before net_device setup - [x86] hyperv/vmbus: include linux/bitops.h - drm: panel-orientation-quirks: Add quirk for Aya Neo 2021 - bpf: Prevent increasing bpf_jit_limit above max - xen/netfront: stop tx queues during live migration - [armhf] spi: spl022: fix Microwire full duplex mode - [armhf] watchdog: Fix OMAP watchdog early handling - [x86] vmxnet3: do not stop tx queues after netif_device_detach() - btrfs: clear MISSING device status bit in btrfs_close_one_device - btrfs: fix lost error handling when replaying directory deletes - btrfs: call btrfs_check_rw_degradable only if there is a missing device - [armhf] regulator: s5m8767: do not use reset value as DVS voltage if GPIO DVS is disabled - [armhf] regulator: dt-bindings: samsung,s5m8767: correct s5m8767,pmic-buck-default-dvs-idx property - EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell - [x86] mwifiex: fix division by zero in fw download path - ath6kl: fix division by zero in send path - ath6kl: fix control-message timeout - ath10k: fix control-message timeout - ath10k: fix division by zero in send path - PCI: Mark Atheros QCA6174 to avoid bus reset - rtl8187: fix control-message timeouts - [arm64] wcn36xx: Fix HT40 capability for 2Ghz band - mwifiex: Read a PCI register after writing the TX ring write pointer - libata: fix checking of DMA state - [arm64] wcn36xx: handle connection loss indication - rsi: fix occasional initialisation failure with BT coex - rsi: fix key enabled check causing unwanted encryption for vap_id > 0 - rsi: fix rate mask set leading to P2P failure - rsi: Fix module dev_oper_mode parameter description - RDMA/qedr: Fix NULL deref for query_qp on the GSI QP - signal: Remove the bogus sigkill_pending in ptrace_stop - [mips*] signal/mips: Update (_save|_restore)_fp_context to fail with -EFAULT - [x86] power: supply: max17042_battery: Prevent int underflow in set_soc_threshold - [x86] power: supply: max17042_battery: use VFSOC for capacity when no rsns - serial: core: Fix initializing and restoring termios speed - ALSA: mixer: oss: Fix racy access to slots - ALSA: mixer: fix deadlock in snd_mixer_oss_set_volume - xen/balloon: add late_initcall_sync() for initial ballooning done - [arm64] PCI: aardvark: Do not clear status bits of masked interrupts - [arm64] PCI: aardvark: Do not unmask unused interrupts - [arm64] PCI: aardvark: Fix return value of MSI domain .alloc() method - [arm64] PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG - quota: check block number when reading the block in quota file - quota: correct error number in free_dqentry() - pinctrl: core: fix possible memory leak in pinctrl_enable() - iio: dac: ad5446: Fix ad5622_write() return value - USB: serial: keyspan: fix memleak on probe errors - USB: iowarrior: fix control-message timeouts - drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200 2-in-1 - Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() (CVE-2021-3640) - Bluetooth: fix use-after-free error in lock_sock_nested() (CVE-2021-3752) - [x86] platform/x86: wmi: do not fail if disabling fails - locking/lockdep: Avoid RCU-induced noinstr fail - net: sched: update default qdisc visibility after Tx queue cnt changes - [x86] Increase exception stack sizes - mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type - mwifiex: Properly initialize private structure on interface type changes - media: netup_unidvb: handle interrupt properly according to the firmware - media: uvcvideo: Set capability in s_param - media: uvcvideo: Return -EIO for control errors - media: mceusb: return without resubmitting URB in case of -EPROTO error. - ACPICA: Avoid evaluating methods too early during system resume - media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte() - tracefs: Have tracefs directories not set OTH permission bits by default - ath: dfs_pattern_detector: Fix possible null-pointer dereference in channel_detector_create() - [x86] ACPI: battery: Accept charges over the design capacity as full - memstick: r592: Fix a UAF bug when removing the driver - lib/xz: Avoid overlapping memcpy() with invalid input with in-place decompression - lib/xz: Validate the value before assigning it to an enum variable - workqueue: make sysfs of unbound kworker cpumask more clever - mwl8k: Fix use-after-free in mwl8k_fw_state_machine() - PM: hibernate: Get block device exclusively in swsusp_check() - iwlwifi: mvm: disable RX-diversity in powersave - gre/sit: Don't generate link-local addr if addr_gen_mode is IN6_ADDR_GEN_MODE_NONE - [x86] hyperv: Protect set_hv_tscchange_cb() against getting preempted - task_stack: Fix end_of_stack() for architectures with upwards-growing stack - Bluetooth: fix init and cleanup of sco_conn.timeout_work - cgroup: Make rebind_subsystems() disable v2 controllers all at once - drm/amdgpu: fix warning for overflow check - media: em28xx: add missing em28xx_close_extension - media: dvb-usb: fix ununit-value in az6027_rc_query - media: si470x: Avoid card name truncation - media: cx23885: Fix snd_card_free call on null card pointer - cpuidle: Fix kobject memory leaks in error paths - media: em28xx: Don't use ops->suspend if it is NULL - ath9k: Fix potential interrupt storm on queue reset - [x86] crypto: qat - detect PFVF collision after ACK - [x86] crypto: qat - disregard spurious PFVF interrupts - b43legacy: fix a lower bounds test - b43: fix a lower bounds test - [armhf] mmc: sdhci-omap: Fix NULL pointer exception if regulator is not configured - memstick: jmb38x_ms: use appropriate free function in jmb38x_ms_alloc_host() - hwmon: Fix possible memleak in __hwmon_device_register() - ath10k: fix max antenna gain unit - [arm64] drm/msm: uninitialized variable in msm_gem_import() - net: stream: don't purge sk_error_queue in sk_stream_kill_queues() - [x86] platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning - rsi: stop thread firstly in rsi_91x_init() error handling - mwifiex: Send DELBA requests according to spec - phy: micrel: ksz8041nl: do not use power down mode - nvme-rdma: fix error code in nvme_rdma_setup_ctrl - PM: hibernate: fix sparse warnings - [arm64] drm/msm: Fix potential NULL dereference in DPU SSPP - [s390x] gmap: don't unconditionally call pte_unmap_unlock() in __gmap_zap() - tcp: don't free a FIN sk_buff in tcp_remove_empty_skb() - [s390x] KVM: s390: Fix handle_sske page fault handling - libertas_tf: Fix possible memory leak in probe and disconnect - libertas: Fix possible memory leak in probe and disconnect - [arm64] wcn36xx: add proper DMA memory barriers in rx path - [amd64,arm64] net: amd-xgbe: Toggle PLL settings during rate change - [arm64,armhf] net: phylink: avoid mvneta warning when setting pause parameters - crypto: pcrypt - Delay write to padata->info - RDMA/rxe: Fix wrong port_cap_flags - scsi: dc395: Fix error case unwinding - JFS: fix memleak in jfs_mount - ALSA: hda: Reduce udelay() at SKL+ position reporting - [arm64,armhf] soc/tegra: Fix an error handling path in tegra_powergate_power_up() - serial: 8250_dw: Drop wrong use of ACPI_PTR() - scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn() - RDMA/mlx4: Return missed an error if device doesn't support steering - [arm64] phy: qcom-qusb2: Fix a memory leak on probe - [arm64] serial: xilinx_uartps: Fix race condition causing stuck TX - [mips*] cm: Convert to bitfield API to fix out-of-bounds access - apparmor: fix error check - rpmsg: Fix rpmsg_create_ept return when RPMSG config is not defined - pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds - drm/plane-helper: fix uninitialized variable reference - [arm64] PCI: aardvark: Don't spam about PIO Response Status - NFS: Fix deadlocks in nfs_scan_commit_list() - fs: orangefs: fix error return code of orangefs_revalidate_lookup() - [arm64] mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare() - netfilter: nfnetlink_queue: fix OOB when mac header was cleared - dmaengine: dmaengine_desc_callback_valid(): Check for `callback_result` - [x86] watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT - scsi: qla2xxx: Fix gnl list corruption - scsi: qla2xxx: Turn off target reset during issue_lip - xen-pciback: Fix return in pm_ctrl_init() - [armhf] net: davinci_emac: Fix interrupt pacing disable - bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed - mm/zsmalloc.c: close race window between zs_pool_dec_isolated() and zs_unregister_migration() - zram: off by one in read_block_state() - llc: fix out-of-bound array index in llc_sk_dev_hash() - nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails - [arm64] pgtable: make __pte_to_phys/__phys_to_pte_val inline functions - vsock: prevent unnecessary refcnt inc for nonblocking connect - cxgb4: fix eeprom len when diagnostics not implemented - [arm64,armhf] USB: chipidea: fix interrupt deadlock - [armel,armhf] 9155/1: fix early early_iounmap() - f2fs: should use GFP_NOFS for directory inodes - 9p/net: fix missing error check in p9_check_errors - [powerpc*] lib: Add helper to check if offset is within conditional branch range - [powerpc*] bpf: Validate branch ranges - [powerpc*] bpf: Fix BPF_SUB when imm == 0x80000000 - [powerpc*] security: Add a helper to query stf_barrier type - [powerpc*] bpf: Emit stf barrier instruction sequences for BPF_NOSPEC - mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks - mm, oom: do not trigger out_of_memory from the #PF - [armhf] backlight: gpio-backlight: Correct initial power state handling - video: backlight: Drop maximum brightness override for brightness zero - [s390x] cio: check the subchannel validity for dev_busid - [s390x] tape: fix timer initialization in tape_std_assign() - PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros - fuse: truncate pagecache on atomic_o_trunc - [x86] cpu: Fix migration safety with X86_BUG_NULL_SEL - ext4: fix lazy initialization next schedule time computation in more granular unit - PCI/MSI: Destroy sysfs before freeing entries - PCI/MSI: Deal with devices lying about their MSI mask capability - PCI: Add MSI masking quirk for Nvidia ION AHCI - [arm64] zynqmp: Do not duplicate flash partition label property - [arm64] zynqmp: Fix serial compatible string - scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() - [armhf] usb: musb: tusb6010: check return value after calling platform_get_resource() - [x86] usb: typec: tipd: Remove WARN_ON in tps6598x_block_read - [x86] ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect - scsi: advansys: Fix kernel pointer leak - firmware_loader: fix pre-allocated buf built-in firmware use - tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc - scsi: target: Fix ordered tag handling - scsi: target: Fix alua_tg_pt_gps_count tracking - [i386] ALSA: gus: fix null pointer dereference on pointer block - f2fs: fix up f2fs_lookup tracepoints - sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain() - drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame - iavf: check for null in iavf_fix_features - iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset - [x86] platform/x86: hp_accel: Fix an error handling path in 'lis3lv02d_probe()' - net: virtio_net_hdr_to_skb: count transport header in UFO - i40e: Fix correct max_pkt_size on VF RX queue - i40e: Fix NULL ptr dereference on VSI filter sync - i40e: Fix changing previously set num_queue_pairs for PFs - i40e: Fix display error code in dmesg - NFC: reorganize the functions in nci_request - [x86] perf/x86/intel/uncore: Fix filter_tid mask for CHA events on Skylake Server - [x86] perf/x86/intel/uncore: Fix IIO event constraints for Skylake Server - tun: fix bonding active backup with arp monitoring - ipc: WARN if trying to remove ipc object which is absent - [x86] hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails - udf: Fix crash after seekdir - btrfs: fix memory ordering between normal and ordered work functions - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type - drm/udl: fix control-message timeout - drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga and dvi connectors - perf/core: Avoid put_page() when GUP fails - batman-adv: mcast: fix duplicate mcast packets in BLA backbone from LAN - batman-adv: Consider fragmentation for needed_headroom - batman-adv: Reserve needed_*room for fragments - batman-adv: Don't always reallocate the fragmentation skb head - RDMA/netlink: Add __maybe_unused to static inline in C file - ASoC: DAPM: Cover regression by kctl change notification fix - [arm64,armhf] soc/tegra: pmc: Fix imbalanced clock disabling in error code path https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.219 - USB: serial: option: add Telit LE910S1 0x9200 composition - USB: serial: option: add Fibocom FM101-GL variants - [arm*] usb: dwc2: hcd_queue: Fix use of floating point literal - usb: hub: Fix usb enumeration issue due to address0 race - usb: hub: Fix locking issues with address0_mutex - [arm*] binder: fix test regression due to sender_euid change - ALSA: ctxfi: Fix out-of-range access - media: cec: copy sequence field for the reply - HID: wacom: Use "Confidence" flag to prevent reporting invalid contacts - [x86] staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() - fuse: fix page stealing - xen: don't continue xenstore initialization in case of errors - xen: detect uninitialized xenbus in xenbus_init - tracing: Fix pid filtering when triggers are attached - proc/vmcore: fix clearing user buffer by properly using clear_user() - [arm64] PCI: aardvark: Fix a leaked reference by adding missing of_node_put() - [arm64] PCI: aardvark: Wait for endpoint to be ready before training link - [arm64] PCI: aardvark: Train link immediately after enabling training - [arm64] PCI: aardvark: Improve link training - [arm64] PCI: aardvark: Issue PERST via GPIO - [arm64] PCI: aardvark: Replace custom macros by standard linux/pci_regs.h macros - [arm64] PCI: aardvark: Indicate error in 'val' when config read fails - [arm64] PCI: aardvark: Don't touch PCIe registers if no card connected - [arm64] PCI: aardvark: Fix compilation on s390 - [arm64] PCI: aardvark: Move PCIe reset card code to advk_pcie_train_link() - [arm64] PCI: aardvark: Update comment about disabling link training - [arm64] PCI: aardvark: Configure PCIe resources from 'ranges' DT property - [arm64] PCI: aardvark: Fix PCIe Max Payload Size setting - [arm64] PCI: aardvark: Fix link training - [arm64] PCI: aardvark: Fix checking for link up via LTSSM state - [arm64] pinctrl: armada-37xx: Correct mpp definitions - [arm64] pinctrl: armada-37xx: add missing pin: PCIe1 Wakeup - [arm64] pinctrl: armada-37xx: Correct PWM pins definitions - [arm64] dts: marvell: armada-37xx: Set pcie_reset_pin to gpio function - netfilter: ipvs: Fix reuse connection if RS weight is 0 - [x86] ASoC: topology: Add missing rwsem around snd_ctl_remove() calls - net: ieee802154: handle iftypes as u32 - NFSv42: Don't fail clone() unless the OP_CLONE operation failed - [armhf] socfpga: Fix crash with CONFIG_FORTIRY_SOURCE - scsi: mpt3sas: Fix kernel panic during drive powercycle test - [arm*] drm/vc4: fix error code in vc4_create_object() - ipv6: fix typos in __ip6_finish_output() - net/smc: Ensure the active closing peer first closes clcsock - PM: hibernate: use correct mode for swsusp_close() - tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited flows - net/smc: Don't call clcsock shutdown twice when smc shutdown - [arm64] net: hns3: fix VF RSS failed problem after PF enable multi-TCs - vhost/vsock: fix incorrect used length reported to the guest - tracing: Check pid filtering when creating events - [s390x] mm: validate VMA in PGSTE manipulation functions - hugetlbfs: flush TLBs correctly after huge_pmd_unshare (CVE-2021-4002) - NFC: add NCI_UNREG flag to eliminate the race - fuse: release pipe buf after last use - xen: sync include/xen/interface/io/ring.h with Xen's newest version - xen/blkfront: read response from backend only once - xen/blkfront: don't take local copy of a request from the ring page - xen/blkfront: don't trust the backend response data blindly - xen/netfront: read response from backend only once - xen/netfront: don't read data from request on the ring page - xen/netfront: disentangle tx_skb_freelist - xen/netfront: don't trust the backend response data blindly - tty: hvc: replace BUG_ON() with negative return value https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.220 - shm: extend forced shm destroy to support objects from several IPC nses - NFSv42: Fix pagecache invalidation after COPY/CLONE - gfs2: Fix length of holes reported at end-of-file - [amd64] atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait (CVE-2021-43975) - net: return correct error code - [x86] platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3 deep - [s390x] setup: avoid using memblock_enforce_memory_limit - btrfs: check-integrity: fix a warning on write caching disabled disk - thermal: core: Reset previous low and high trip during thermal zone init - scsi: iscsi: Unblock session then wake up error handler - ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile - [arm64] ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() - vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit - kprobes: Limit max data_size of the kretprobe instances - ipmi: Move remove_work to dedicated workqueue - fs: add fget_many() and fput_many() - fget: check that the fd still exists after getting a ref to it (CVE-2021-4083) - net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() - net: mpls: Fix notifications when deleting a device - siphash: use _unaligned version by default - net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources() - rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() - net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no IRQ is available - net: annotate data-races on txq->xmit_lock_owner - net/rds: correct socket tunable error in rds_tcp_tune() - net/smc: Keep smc_close_final rc during active close - [arm64] drm/msm: Do hw_init() before capturing GPU state - vgacon: Propagate console boot parameters before calling `vc_resize' - xhci: Fix commad ring abort, write all 64 bits to CRCR register. - USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub - [x86] usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect - [amd64] mm: Map all kernel memory into trampoline_pgd - [arm64] tty: serial: msm_serial: Deactivate RX DMA for polling support - [arm64] serial: pl011: Add ACPI SBSA UART match id - serial: core: fix transmit-buffer reset and memleak - ipmi: msghandler: Make symbol 'remove_work_wq' static https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.221 - HID: add hid_is_usb() function to make it simpler for USB detection - HID: wacom: fix problems when device is not a valid USB device - HID: check for valid USB device for many HID drivers - can: kvaser_usb: get CAN clock frequency from device - [x86] can: sja1000: fix use after free in ems_pcmcia_add_card() - net: core: netlink: add helper refcount dec and lock function - net: sched: rename qdisc_destroy() to qdisc_put() - net: sched: extend Qdisc with rcu - net: sched: add helper function to take reference to Qdisc - net: sched: use Qdisc rcu API instead of relying on rtnl lock - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done - bpf: Fix the off-by-two error in range markings - ice: ignore dropped packets during init - bonding: make tx_rebalance_counter an atomic - nfp: Fix memory leak in nfp_cpp_area_cache_add() - seg6: fix the iif in the IPv6 socket control block - udp: using datalen to cap max gso segments - [amd64] IB/hfi1: Correct guard on eager buffer deallocation - mm: bdi: initialize bdi_min_ratio when bdi is unregistered - ALSA: ctl: Fix copy of updated id with element read/write - ALSA: pcm: oss: Fix negative period/buffer sizes - ALSA: pcm: oss: Limit the period size to 16MB - ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*() - tracefs: Have new files inherit the ownership of their parent - [arm64] clk: qcom: regmap-mux: fix parent clock lookup - [i386] can: pch_can: pch_can_rx_normal: fix use after free - libata: add horkage for ASMedia 1092 - wait: add wake_up_pollfree() - binder: use wake_up_pollfree() - signalfd: use wake_up_pollfree() - aio: keep poll requests on waitqueue until completed - aio: fix use-after-free due to missing POLLFREE handling - tracefs: Set all files to the same group ownership as the mount option - block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2) - qede: validate non LSO skb length - i40e: Fix pre-set max number of queues for VF - net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero - [armhf] net: fec: only clear interrupt of handling queue in fec_enet_rx_queue() - net, neigh: clear whole pneigh_entry at alloc time - net/qla3xxx: fix an error code in ql_adapter_up() - USB: gadget: detect too-big endpoint 0 requests (CVE-2021-39685) - USB: gadget: zero allocate endpoint 0 buffers (CVE-2021-39685) - usb: core: config: fix validation of wMaxPacketValue entries - xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime suspending - usb: core: config: using bit mask instead of individual bits - xhci: avoid race between disable slot command and host runtime suspend - iio: trigger: Fix reference counting - [armhf] iio: mma8452: Fix trigger reference couting - [arm64,armhf] iio: adc: axp20x_adc: fix charging current reporting on AXP22x - [x86] iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove - [armhf] irqchip/armada-370-xp: Fix return value of armada_370_xp_msi_alloc() - [armhf] irqchip/armada-370-xp: Fix support for Multi-MSI interrupts - [arm64,armhf] irqchip/irq-gic-v3-its.c: Force synchronisation when issuing INVALL - net_sched: fix a crash in tc_new_tfilter() - net: sched: make function qdisc_free_cb() static https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.222 - stable: clamp SUBLEVEL in 4.19 - nfc: fix segfault in nfc_genl_dump_devices_done - [arm64] drm/msm/dsi: set default num_data_lanes - net/mlx4_en: Update reported link modes for 1/10G - [arm64,armhf] i2c: rk3x: Handle a spurious start completion interrupt flag - net: netlink: af_netlink: Prevent empty skb by adding a check on len. - tracing: Fix a kmemleak false positive in tracing_map - [x86] hwmon: (dell-smm) Fix warning on /proc/i8k creation error - mac80211: send ADDBA requests using the tid/queue of the aggregation session - dm btree remove: fix use after free in rebalance_children() - audit: improve robustness of the audit queue handling - nfsd: fix use-after-free due to delegation race (Closes: #988044) - [x86] sme: Explicitly map new EFI memmap table as encrypted - mac80211: track only QoS data frames for admission control - [armhf] socfpga: dts: fix qspi node compatible - sch_cake: do not call cake_destroy() from cake_init() - rds: memory leak in __rds_conn_create() (CVE-2021-45480) - [arm64,armhf] soc/tegra: fuse: Fix bitwise vs. logical OR warning - igb: Fix removal of unicast MAC filters of VFs - igbvf: fix double free in `igbvf_probe` - ixgbe: set X550 MDIO speed before talking to PHY - netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc (CVE-2021-4135) - net/packet: rx_owner_map depends on pg_vec (CVE-2021-22600) - sit: do not call ipip6_dev_free() from sit_init_net() - USB: gadget: bRequestType is a bitfield, not a enum - USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04) - PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error - PCI/MSI: Mask MSI-X vectors only on success - USB: serial: cp210x: fix CP2105 GPIO registration - USB: serial: option: add Telit FN990 compositions - timekeeping: Really make sure wall_to_monotonic isn't positive - libata: if T_LENGTH is zero, dma direction should be DMA_NONE - drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE - mac80211: validate extended element ID is present - [armel] 8805/2: remove unneeded naked function usage - mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO - Input: touchscreen - avoid bitwise vs logical OR warning - media: mxl111sf: change mutex_init() location - fuse: annotate lock in fuse_reverse_inval_entry() - ovl: fix warning in ovl_create_real() - scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() - xen/blkfront: harden blkfront against event channel storms (CVE-2021-28711) - xen/netfront: harden netfront against event channel storms (CVE-2021-28712) - xen/console: harden hvc_xen against event channel storms (CVE-2021-28713) - xen/netback: fix rx queue stall detection (CVE-2021-28714) - xen/netback: don't queue unlimited number of packages (CVE-2021-28715) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.223 - net: usb: lan78xx: add Allied Telesis AT29M2-AF - block, bfq: improve asymmetric scenarios detection - block, bfq: fix asymmetric scenarios detection - block, bfq: fix decrement of num_active_groups - block, bfq: fix queue removal from weights tree - block, bfq: fix use after free in bfq_bfqq_expire - HID: holtek: fix mouse probing - [arm64] dts: allwinner: orangepi-zero-plus: fix PHY mode - [arm64] spi: change clk_disable_unprepare to clk_unprepare - IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() - netfilter: fix regression in looped (broad|multi)cast's MAC handling - qlcnic: potential dereference null pointer of rx_queue->page_ring - net: accept UFOv6 packages in virtio_net_hdr_to_skb - net: skip virtio_net_hdr_set_proto if protocol already set - ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module - bonding: fix ad_actor_system option setting to default - [amd64] fjes: Check for error irq - [armhf] drivers: net: smc911x: Check for error irq - sfc: falcon: Check null pointer of rx_queue->page_ring - hwmon: (lm90) Fix usage of CONFIG2 register in detect function - ALSA: jack: Check the return value of kstrdup() - ALSA: drivers: opl3: Fix incorrect use of vp->state - Input: atmel_mxt_ts - fix double free in mxt_read_info_block - ipmi: bail out if init_srcu_struct fails - ipmi: fix initialization when workqueue allocation fails - [x86] pkey: Fix undefined behaviour with PKRU_WD_BIT - [armel,armhf] 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling - f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() (CVE-2021-45469) - usb: gadget: u_ether: fix race in setting MAC address in setup phase - [x86] KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state - hwmon: (lm90) Do not report 'busy' status bit as alarm - ax25: NPD bug when detaching AX25 device - hamradio: defer ax25 kfree after unregister_netdev - hamradio: improve the incomplete fix to avoid NPD - phonet/pep: refuse to enable an unbound pipe https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.224 - [arm64] tee: handle lookup of shm with reference count 0 (CVE-2021-44733) - Input: i8042 - add deferred probe support - [x86] Input: i8042 - enable deferred probe quirk for ASUS UM325UA - [x86] platform/x86: apple-gmux: use resource_size() with res - selinux: initialize proto variable in selinux_ip_postroute_compat() - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() - udp: using datalen to cap ipv6 udp max gso segments - sctp: use call_rcu to free endpoint - net: usb: pegasus: Do not drop long Ethernet frames - net/mlx5e: Fix wrong features assignment in case of error - i2c: validate user data in compat ioctl - nfc: uapi: use kernel size_t to fix user-space builds - uapi: fix linux/nfc.h userspace compilation errors - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set. - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. - [arm*] binder: fix async_free_space accounting for empty parcels - [x86] scsi: vmw_pvscsi: Set residual data length conditionally - Input: appletouch - initialize work before device registration - Input: spaceball - fix parsing of movement data packets - net: fix use-after-free in tw_timer_handler https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.225 - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf() - tracing: Tag trace_percpu_buffer as a percpu pointer - ieee802154: atusb: fix uninit value in atusb_set_extended_addr - RDMA/core: Don't infoleak GRH fields - mac80211: initialize variable have_higher_than_11mbit - i40e: fix use-after-free in i40e_sync_filters_subtask() - i40e: Fix incorrect netdev's real number of RX/TX queues - ipv6: Check attribute length for RTA_GATEWAY in multipath route - ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route - sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc - xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate (CVE-2021-4155) - rndis_host: support Hytera digital radios - phonet: refcount leak in pep_sock_accep (CVE-2021-45095) - ipv6: Continue processing multipath route even if gateway attribute is invalid - ipv6: Do cleanup if attribute validation fails in multipath route - scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown() - ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate - net: udp: fix alignment problem in udp4_seq_show() - mISDN: change function names to avoid conflicts https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.226 - Bluetooth: bfusb: fix division by zero in send path - USB: core: Fix bug in resuming hub's handling of wakeup requests - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status - can: bcm: switch timer to HRTIMER_MODE_SOFT and remove hrtimer_tasklet - veth: Do not record rx queue hint in veth_xmit - [x86] mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe() - can: gs_usb: fix use of uninitialized variable, detach device on reception of invalid USB data - can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved} - random: fix data race on crng_node_pool - random: fix data race on crng init time - [x86] drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk() - kbuild: Add $(KBUILD_HOSTLDFLAGS) to 'has_libelf' test - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc() - [s390x] KVM: s390: Clarify SIGP orders versus STOP/RESTART - media: uvcvideo: fix division by zero at stream start - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with interrupts enabled - firmware: qemu_fw_cfg: fix sysfs information leak - firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries - firmware: qemu_fw_cfg: fix kobject leak in probe error path - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after reboot from Windows - HID: uhid: Fix worker destroying device without any protection - HID: wacom: Reset expected and received contact counts at the same time - HID: wacom: Ignore the confidence flag when a touch is removed - HID: wacom: Avoid using stale array indicies to read contact count - f2fs: fix to do sanity check in is_alive() - nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed bind() - [armhf] mtd: rawnand: gpmi: Remove explicit default gpmi clock setting for i.MX6 - [x86] gpu: Reserve stolen memory for first integrated Intel GPU - rtc: cmos: take rtc_lock while reading from CMOS - media: flexcop-usb: fix control-message timeouts - media: mceusb: fix control-message timeouts - media: em28xx: fix control-message timeouts - media: cpia2: fix control-message timeouts - media: s2255: fix control-message timeouts - media: dib0700: fix undefined behavior in tuner shutdown - media: redrat3: fix control-message timeouts - media: pvrusb2: fix control-message timeouts - media: stk1160: fix control-message timeouts - [x86] can: softing_cs: softingcs_probe(): fix memleak on registration failure - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller - shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails - [arm*] clk: bcm-2835: Pick the closest clock rate - [arm*] clk: bcm-2835: Remove rounding up the dividers - [arm64] wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND - [arm64] wcn36xx: Release DMA channel descriptor allocations - media: videobuf2: Fix the size printk format - media: em28xx: fix memory leak in em28xx_init_dev - Bluetooth: stop proccessing malicious adv data - [arm64] tee: fix put order in teedev_close_context() - media: dmxdev: fix UAF when dvb_register_device() fails - [arm64] crypto: qce - fix uaf on qce_ahash_register_one - netfilter: bridge: add support for pppoe filtering - drm/amdgpu: Fix a NULL pointer dereference in amdgpu_connector_lcd_native_mode() - drm/radeon/radeon_kms: Fix a NULL pointer dereference in radeon_driver_open_kms() - [arm*] serial: amba-pl011: do not request memory region twice - floppy: Fix hang in watchdog when disk is ejected - media: dib8000: Fix a memleak in dib8000_init() - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach() - media: si2157: Fix "warm" tuner state detection - sched/rt: Try to restart rt period timer when rt runtime exceeded - xfrm: fix a small bug in xfrm_sa_len() - media: dw2102: Fix use after free - media: msi001: fix possible null-ptr-deref in msi001_probe() - [arm64] drm/msm/dpu: fix safe status debugfs file - xfrm: interface with if_id 0 should return error - xfrm: state and policy should fail if XFRMA_IF_ID 0 - usb: ftdi-elan: fix memory leak on device disconnect - [armhf] mmc: meson-mx-sdio: add IRQ check - [x86] mce/inject: Avoid out-of-bounds write when setting flags - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in __nonstatic_find_io_region() - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in nonstatic_find_mem_region() - netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() - ppp: ensure minimum packet size in ppp_write() - Bluetooth: hci_bcm: Check for error irq - [arm64,armhf] spi: spi-meson-spifc: Add missing pm_runtime_disable() in meson_spifc_probe - tpm: add request_locality before write TPM_INT_ENABLE - can: softing: softing_startstop(): fix set but not used variable warning - pcmcia: fix setting of kthread task states - net: mcs7830: handle usb read errors properly - ext4: avoid trim error on fs with small groups - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls - [arm64] RDMA/hns: Validate the pkey index - [powerpc*] prom_init: Fix improper check of prom_getprop() - ALSA: oss: fix compile error when OSS_DEBUG is enabled - [arm64,armhf] iommu/io-pgtable-arm: Fix table descriptor paddr formatting - scsi: ufs: Fix race conditions related to driver data - RDMA/core: Let ib_find_gid() continue search even after empty entry - [x86] ASoC: rt5663: Handle device_property_read_u32_array error codes - [arm*] iommu/iova: Fix race between FQ timeout and teardown - RDMA/cxgb4: Set queue pair state when being queried - Bluetooth: Fix debugfs entry leak in hci_register_dev() - fs: dlm: filter user dlm messages for kernel locks - ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply - drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR - usb: gadget: f_fs: Use stream_open() for endpoint files - HID: apple: Do not reset quirks when the Fn key is not found - media: b2c2: Add missing check in flexcop_pci_isr: - gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use - [armhf] HSI: core: Fix return freed object in hsi_new_client - [x86] mwifiex: Fix skb_over_panic in mwifiex_usb_recv() (CVE-2021-43976) - rsi: Fix out-of-bounds read in rsi_read_pkt() - floppy: Add max size check for user space request - media: saa7146: hexium_orion: Fix a NULL pointer dereference in hexium_attach() - media: m920x: don't use stack on USB reads - iwlwifi: mvm: synchronize with FW after multicast commands - ath10k: Fix tx hanging - net-sysfs: update the queue counts in the unregistration path - [x86] mce: Mark mce_panic() noinstr - [x86] mce: Mark mce_end() noinstr - [x86] mce: Mark mce_read_aux() noinstr - net: bonding: debug: avoid printing debug logs when bond is not notifying peers - bpf: Do not WARN in bpf_warn_invalid_xdp_action() - HID: quirks: Allow inverting the absolute X/Y values - media: igorplugusb: receiver overflow should be reported - media: saa7146: hexium_gemini: Fix a NULL pointer dereference in hexium_attach() - mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO - audit: ensure userspace is penalized the same as the kernel when under pressure - usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0 - ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream - iwlwifi: fix leaks/bad data after failed firmware load - iwlwifi: remove module loading failure message - iwlwifi: mvm: Fix calculation of frame length - jffs2: GC deadlock reading a page that is used in jffs2_write_begin() - ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions - ACPICA: Utilities: Avoid deleting the same object twice in a row - ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R() - ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5 - drm/amdgpu: fixup bad vram size on gmc v8 - [x86] ACPI: battery: Add the ThinkPad "Not Charging" quirk - btrfs: remove BUG_ON() in find_parent_nodes() - btrfs: remove BUG_ON(!eie) in find_parent_nodes - net: mdio: Demote probed message to debug print - mac80211: allow non-standard VHT MCS-10/11 - dm btree: add a defensive bounds check to insert_at() - dm space map common: add bounds check to sm_ll_lookup_bitmap() - net: phy: marvell: configure RGMII delays for 88E1118 - [arm64] regulator: qcom_smd: Align probe function with rpmh-regulator - [arm64,armhf] serial: pl010: Drop CR register reset on set_termios - serial: core: Keep mctrl register state and cached copy in sync - [powerpc*] powernv: add missing of_node_put - [powerpc*] btext: add missing of_node_put - [powerpc*] watchdog: Fix missed watchdog reset due to memory ordering race - [x86] i2c: i801: Don't silently correct invalid transfer size - [powerpc*] smp: Move setup_profiling_timer() under CONFIG_PROFILING - [powerpc*] i2c: mpc: Correct I2C reset procedure - w1: Misuse of get_user()/put_user() reported by sparse - ALSA: seq: Set upper limit of processed events - [powerpc*] handle kdump appropriately with crash_kexec_post_notifiers option - [mips*] OCTEON: add put_device() after of_find_device_by_node() - [x86] i2c: designware-pci: Fix to change data types of hcnt and lcnt parameters - scsi: sr: Don't use GFP_DMA - [arm64] rpmsg: core: Clean up resources on announce_create failure. - ubifs: Error path in ubifs_remount_rw() seems to wrongly free write buffers - serial: Fix incorrect rs485 polarity on uart open - cputime, cpuacct: Include guest time in user time in cpuacct.stat - iwlwifi: mvm: Increase the scan timeout guard to 30 seconds - [s390x] mm: fix 2KB pgtable release race - [armhf] drm/etnaviv: limit submit sizes - ext4: make sure to reset inode lockdep class when quota enabling fails - ext4: make sure quota gets properly shutdown on error - ext4: set csum seed in tmp inode while migrating to extents - ext4: Fix BUG_ON in ext4_bread when write quota data - ext4: don't use the orphan list when migrating an inode - ASoC: dpcm: prevent snd_soc_dpcm use after free - regulator: core: Let boot-on regulators be powered off - drm/radeon: fix error handling in radeon_driver_open_kms - [arm64] RDMA/hns: Modify the mapping attribute of doorbell to device - RDMA/rxe: Fix a typo in opcode name - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress - netns: add schedule point in ops_exit_list() - libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route() - net_sched: restore "mpu xxx" handling - [mips*,s390x] gup: Work around the "COW can break either way" issue (CVE-2020-29374) - fuse: fix bad inode (CVE-2020-36322) - fuse: fix live lock in fuse_iget() (CVE-2021-28950) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.227 - [x86] drm/i915: Flush TLBs before releasing backing store (CVE-2022-0330) - net: bridge: clear bridge's private skb space on xmit - select: Fix indefinitely sleeping task in poll_schedule_timeout() - [x86] drm/vmwgfx: Fix stale file descriptors on failed usercopy (CVE-2022-22942) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.228 - Bluetooth: refactor malicious adv data check - [s390x] hypfs: include z/VM guests with access control group set - [s390x] scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP devices - udf: Restore i_lenAlloc when inode expansion fails (CVE-2022-0617) - udf: Fix NULL ptr deref when converting from inline format (CVE-2022-0617) - [armhf] drm/etnaviv: relax submit size limits - netfilter: nft_payload: do not update layer 4 checksum when mangling fragments - serial: 8250: of: Fix mapped region size when using reg-offset property - tty: n_gsm: fix SW flow control encoding/handling - tty: Add support for Brainboxes UC cards. - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge - [arm64,armhf] usb: common: ulpi: Fix crash in ulpi_match() - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS - USB: core: Fix hang in usb_kill_urb by adding memory barriers - [x86] usb: typec: tcpm: Do not disconnect while receiving VBUS off - [arm64,armhf] net: sfp: ignore disabled SFP node - i40e: Increase delay to 1 s after global EMP reset - i40e: Fix issue when maximum queues is exceeded - i40e: Fix queues reservation for XDP - i40e: fix unsigned stat widths - scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() - ipv6_tunnel: Rate limit warning messages - net: fix information leakage in /proc/net/ptype - ping: fix the sk_bound_dev_if match in ping_lookup - ipv4: avoid using shared IP generator for connected sockets - hwmon: (lm90) Reduce maximum conversion rate for G781 - NFSv4: Handle case where the lookup of a directory fails (CVE-2022-24448) - NFSv4: nfs_atomic_open() can race when looking up a non-regular file - net-procfs: show net devices bound packet types - [arm64] drm/msm: Fix wrong size calculation - [arm64] drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable - ipv6: annotate accesses to fn->fn_sernum - NFS: Ensure the server has an up to date ctime before hardlinking - NFS: Ensure the server has an up to date ctime before renaming - phylib: fix potential use-after-free - yam: fix a memory leak in yam_siocdevprivate() (CVE-2022-24959) - ipv4: raw: lock the socket in raw_bind() - ipv4: tcp: send zero IPID in SYNACK messages - netfilter: nat: remove l4 protocol port rovers - netfilter: nat: limit port clash resolution attempts - tcp: fix possible socket leaks in internal pacing mode - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback - [amd64,arm64] net: amd-xgbe: ensure to reset the tx_timer_active flag - [amd64,arm64] net: amd-xgbe: Fix skb data length underflow - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() - af_packet: fix data-race in packet_setsockopt / packet_setsockopt - audit: improve audit queue handling when "audit=1" on cmdline - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx() - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx() - ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220 quirks - ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer chipset) - ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after reboot from Windows - drm/nouveau: fix off by one in BIOS boundary checking - block: bio-integrity: Advance seed correctly for larger interval sizes - RDMA/mlx4: Don't continue event handler after memory allocation failure - [amd64] iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() - [amd64] iommu/amd: Fix loop timeout issue in iommu_ga_log_enable() - [armhf] spi: meson-spicc: add IRQ check in meson_spicc_probe - net: ieee802154: hwsim: Ensure proper channel selection at probe time - net: ieee802154: Return meaningful error codes from the netlink helpers - net: macsec: Verify that send_sci is on when setting Tx sci explicitly - [arm64,armhf] net: stmmac: ensure PTP time register reads are consistent - [x86] drm/i915/overlay: Prevent divide by zero bugs in scaling - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe - nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client. - rtc: cmos: Evaluate century appropriate - [arm64] EDAC/xgene: Fix deferred probing - ext4: fix error handling in ext4_restore_inline_data() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.229 - cgroup-v1: Require capabilities to set release_agent (CVE-2022-0492) - moxart: fix potential use-after-free on remove path (CVE-2022-0487) - tipc: improve size validations for received domain records (CVE-2022-0435) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.230 - integrity: check the return value of audit_log_start() - net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs - NFS: Fix initialisation of nfs_client cl_flags field - NFSD: Clamp WRITE offsets - NFSD: Fix offset type in I/O trace points - NFSv4 only print the label when its queried - nfs: nfs4clinet: check the return value of kstrdup() - NFSv4.1: Fix uninitialised variable in devicenotify - NFSv4 remove zero number of fs_locations entries error check - NFSv4 expose nfs_parse_server_name function - net: sched: Clarify error message when qdisc kind is unknown - scsi: target: iscsi: Make sure the np under each tpg is unique - [arm*] usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend - [arm64,armhf] net: stmmac: dwmac-sun8i: use return val of readl_poll_timeout() - bpf: Add kconfig knob for disabling unpriv bpf by default - net: bridge: fix stale eth hdr pointer in br_dev_xmit - usb: f_fs: Fix use-after-free for epfile - ixgbevf: Require large buffers for build_skb on 82599VF - bonding: pair enable_port with slave_arr_updates - ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path - net: do not keep the dst cache when uncloning an skb dst and its metadata - net: fix a memleak when uncloning an skb dst and its metadata - veth: fix races around rq->rx_notify_masked - tipc: rate limit warning for received illegal binding update - [amd64,arm64] net: amd-xgbe: disable interrupts during pci removal - vt_ioctl: fix array_index_nospec in vt_setactivate - vt_ioctl: add array_index_nospec to VT_ACTIVATE - n_tty: wake up poll(POLLRDNORM) on receiving data - [arm64,armhf] usb: ulpi: Move of_node_put to ulpi_dev_release - [arm64,armhf] usb: ulpi: Call of_node_put correctly - [arm64,armhf] usb: dwc3: gadget: Prevent core from processing stale TRBs - USB: gadget: validate interface OS descriptor requests (CVE-2022-25258) - usb: gadget: rndis: check size of RNDIS_MSG_SET command (CVE-2022-25375) - USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320 - USB: serial: option: add ZTE MF286D modem - USB: serial: ch341: add support for GW Instek USB2.0-Serial devices - USB: serial: cp210x: add NCR Retail IO box id - USB: serial: cp210x: add CPI Bulk Coin Recycler id - seccomp: Invalidate seccomp mode to catch death failures - [x86] hwmon: (dell-smm) Speed up setting of fan speed - perf: Fix list corruption in perf_cgroup_switch() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.231 - Makefile.extrawarn: Move -Wunaligned-access to W=1 - net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup - btrfs: send: in case of IO error log it - net: ieee802154: at86rf230: Stop leaking skb's - ax25: improve the incomplete fix to avoid UAF and NPD bugs - vfs: make freeze_super abort when sync_filesystem returns error - quota: make dquot_quota_sync return errors from ->sync_fs - nvme: fix a possible use-after-free in controller reset during load - nvme-rdma: fix possible use-after-free in transport error_recovery work - Revert "module, async: async_synchronize_full() on module init iff async is used" - iwlwifi: fix use-after-free - drm/radeon: Fix backlight control on iMac 12,1 - xfrm: Don't accidentally set RTO_ONLINK in decode_session4() - taskstats: Cleanup the use of task->exit_code - mmc: block: fix read single on recovery logic - vsock: remove vsock from connected table when connect is interrupted by a signal - iwlwifi: pcie: fix locking when "HW not ready" - iwlwifi: pcie: gen2: fix locking when "HW not ready" - ping: fix the dif and sdif check in ping_lookup - drop_monitor: fix data-race in dropmon_net_event / trace_napi_poll_hit - bonding: fix data-races around agg_select_timer - libsubcmd: Fix use-after-free for realloc(..., 0) - ALSA: hda: Fix regression on forced probe mask option - ALSA: hda: Fix missing codec probe on Shenker Dock 15 - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw() - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range() - [powerpc*] lib/sstep: fix 'ptesync' build error - ext4: check for out-of-order index extents in ext4_valid_extent_entries() - block/wbt: fix negative inflight counter when remove scsi device - NFS: LOOKUP_DIRECTORY is also ok with symlinks - NFS: Do not report writeback errors in nfs_getattr() - EDAC: Fix calculation of returned address and next offset in edac_align_ptr() - net: sched: limit TC_ACT_REPEAT loops - lib/iov_iter: initialize "flags" in new pipe_buffer - [x86] Drivers: hv: vmbus: Expose monitor data only when monitor pages are used - [x86] Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj - [x86] KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW - [armhf] OMAP2+: hwmod: Add of_node_put() before break - netfilter: conntrack: don't refresh sctp entries in closed state - kconfig: let 'shell' return enough output for deep path names - ata: libata-core: Disable TRIM on M88V29 - tracing: Fix tp_printk option related with tp_printk_stop_on_boot - net: usb: qmi_wwan: Add support for Dell DW5829e - [arm64] net: macb: Align the dma and coherent dma masks https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.232 - cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug - vhost/vsock: don't check owner in vhost_vsock_stop() while releasing - sr9700: sanity check for packet length - USB: zaurus: support another broken Zaurus - ping: remove pr_err from ping_lookup - net: __pskb_pull_tail() & pskb_carve_frag_list() drop_monitor friends - tipc: Fix end of loop tests for list_for_each_entry() - gso: do not skip outer ip header in case of ipip and net_failover - openvswitch: Fix setting ipv6 fields causing hw csum failure - drm/edid: Always set RGB444 - net/mlx5e: Fix wrong return value on ioctl EEPROM query failure - configfs: fix a race in configfs_{,un}register_subsystem() - RDMA/ib_srp: Fix a deadlock - tty: n_gsm: fix proper link termination after failed open - Revert "drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR" - memblock: use kfree() to release kmalloced memblock regions - fget: clarify and improve __fget_files() implementation - tracing: Have traceon and traceoff trigger honor the instance - ata: pata_hpt37x: disable primary channel on HPT371 - Revert "USB: serial: ch341: add new Product ID for CH341A" - usb: gadget: rndis: add spinlock for rndis response list - tracefs: Set the group ownership in apply_options() not parse_options() - USB: serial: option: add support for DW5829e - USB: serial: option: add Telit LE910R1 compositions - [arm64] usb: dwc3: pci: Fix Bay Trail phy GPIO mappings - [arm64,armhf] usb: dwc3: gadget: Let the interrupt handler disable bottom halves. - xhci: re-initialize the HC during resume if HCE was set - xhci: Prevent futile URB re-submissions due to incorrect return value. - tty: n_gsm: fix encoding of control signal octet bit DV . [ Salvatore Bonaccorso ] * Bump ABI to 19 * [rt] Update to 4.19.210-rt90 * [rt] Update to 4.19.211-rt91 * [rt] Update to 4.19.212-rt92 * [rt] Update to 4.19.214-rt93 * [rt] Update to 4.19.215-rt94 - fscache: fix initialisation of cookie hash table raw spinlocks * [rt] Update to 4.19.217-rt95 * Refresh "Export symbols needed by Android drivers" * liblockdep: Stop build liblockdep packages * [rt] Update to 4.19.218-rt96 * [rt] Update to 4.19.219-rt97 * [rt] Refresh "net: move xmit_recursion to per-task variable on -RT" * Refresh "Export symbols needed by Android drivers" * [rt] Update to 4.19.225-rt101 * Refresh "Revert "objtool: Fix CONFIG_STACK_VALIDATION=y warning for out-of-tree modules"" * [rt] Update to 4.19.227-rt102 * [rt] Update to 4.19.230-rt103 * init: Enable BPF_UNPRIV_DEFAULT_OFF (Closes: #990411) * Mitigate Spectre v2-type Branch History Buffer attacks (CVE-2022-0001, CVE-2022-0002) - [x86] speculation: Merge one test in spectre_v2_user_select_mitigation() - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd - [x86] speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE - [x86] speculation: Add eIBRS + Retpoline options - Documentation/hw-vuln: Update spectre doc - [x86] speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting - [x86] speculation: Use generic retpoline by default on AMD - [x86] speculation: Update link to AMD speculation whitepaper - [x86] speculation: Warn about Spectre v2 LFENCE mitigation - [x86] speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT linux-signed-i386 (4.19.235+1) buster; urgency=medium . * Sign kernel from linux 4.19.235-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.233 - mac80211_hwsim: report NOACK frames in tx_status - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work - [arm*] i2c: bcm2835: Avoid clock stretching timeouts - [x86] ASoC: rt5682: do not block workqueue if card is unbound - Input: clear BTN_RIGHT/MIDDLE on buttonpads - cifs: fix double free race when mount fails in cifs_get_root() - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 - usb: gadget: don't release an existing dev->buf (CVE-2022-24958) - usb: gadget: clear related members when goto fail (CVE-2022-24958) - ata: pata_hpt37x: fix PCI clock detection - [x86] ALSA: intel_hdmi: Fix reference to PCM buffer address - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min - xfrm: fix MTU regression - netfilter: fix use-after-free in __nf_register_net_hook() - xfrm: fix the if_id check in changelink - xfrm: enforce validity of offload input flags - netfilter: nf_queue: don't assume sk is full socket - netfilter: nf_queue: fix possible use-after-free - batman-adv: Request iflink once in batadv-on-batadv check - batman-adv: Request iflink once in batadv_get_real_netdevice - batman-adv: Don't expect inter-netns unique iflink indices - net: dcb: flush lingering app table entries for unregistered devices - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server - block: Fix fsync always failed if once failed - PCI: pciehp: Fix infinite loop in IRQ handler upon power fault - xen/netfront: destroy queues before real_num_tx_queues is zeroed - mac80211: fix forwarded mesh frames AC & queue selection - [arm64,armhf] net: stmmac: fix return value of __setup handler - net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe() - efivars: Respect "block" flag in efivar_entry_set_safe() - can: gs_usb: change active_channels's type from atomic_t to u8 - [armel,armhf] 9182/1: mmu: fix returns from early_param() and __setup() functions - net: chelsio: cxgb3: check the return value of pci_find_capability() - nl80211: Handle nla_memdup failures in handle_nan_filter - Input: elan_i2c - move regulator_[en|dis]able() out of elan_[en|dis]able_power() - Input: elan_i2c - fix regulator enable count imbalance after suspend/resume - HID: add mapping for KEY_ALL_APPLICATIONS - memfd: fix F_SEAL_WRITE after shmem huge page allocated - tracing/histogram: Fix sorting on old "cpu" value - btrfs: add missing run of delayed items after unlink during log replay - net: dcb: disable softirqs in dcbnl_flush_dev() - hamradio: fix macro redefine warning https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.234 - [arm*] Provide a wrapper for SMCCC 1.1 calls - [arm64,armhf] smccc/psci: add arm_smccc_1_1_get_conduit() - [armhf] report Spectre v2 status through sysfs - [armel,armhf] early traps initialisation - [armel,armhf] use LOADADDR() to get load address of sections - [armel,armhf] Spectre-BHB workaround - [armel,armhf] include unprivileged BPF status in Spectre V2 reporting - [armel,armhf] fix build error when BPF_SYSCALL is disabled - [armel,armhf] fix co-processor register typo - [armel,armhf] Do not use NOCROSSREFS directive with ld.lld - [armhf] fix build warning in proc-v7-bugs.c - xen/xenbus: don't let xenbus_grant_ring() remove grants in error case (CVE-2022-23040, XSA-396) - xen/grant-table: add gnttab_try_end_foreign_access() (CVE-2022-23036, CVE-2022-23038, XSA-396) - xen/blkfront: don't use gnttab_query_foreign_access() for mapped status (CVE-2022-23036, XSA-396) - xen/netfront: don't use gnttab_query_foreign_access() for mapped status (CVE-2022-23037, XSA-396) - xen/scsifront: don't use gnttab_query_foreign_access() for mapped status (CVE-2022-23038, XSA-396) - xen/gntalloc: don't use gnttab_query_foreign_access() (CVE-2022-23039, XSA-396) - xen: remove gnttab_query_foreign_access() - xen/9p: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396) - xen/pvcalls: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396) - xen/gnttab: fix gnttab_end_foreign_access() without page specified (CVE-2022-23041, XSA-396) - xen/netfront: react properly to failing gnttab_end_foreign_access_ref() (CVE-2022-23042, XSA-396) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.235 - net: qlogic: check the return value of dma_alloc_coherent() in qed_vf_hw_prepare() - qed: return status of qed_iov_get_link - ax25: Fix NULL pointer dereference in ax25_kill_by_device - net/mlx5: Fix size field in bufferx_reg struct - NFC: port100: fix use-after-free in port100_send_complete - net: phy: DP83822: clear MISR2 register to disable interrupts - sctp: fix kernel-infoleak for SCTP sockets - net-sysfs: add check for netdevice being present to speed_show - Revert "xen-netback: remove 'hotplug-status' once it has served its purpose" - Revert "xen-netback: Check for hotplug-status existence before watching" - tracing: Ensure trace buffer is at least 4096 bytes large - [arm64] net: macb: Fix lost RX packet wakeup race in NAPI receive - virtio: unexport virtio_finalize_features - virtio: acknowledge all features before access - [armel,armhf] fix Thumb2 regression with Spectre BHB - ext4: add check to prevent attempting to resize an fs with sparse_super2 - btrfs: unlock newly allocated extent buffer after error (CVE-2021-4149) . [ Salvatore Bonaccorso ] * [rt] Add new signing key for Daniel Wagner * [rt] Update to 4.19.233-rt105 * Bump ABI to 20 * sctp: fix the processing for INIT chunk (CVE-2021-3772) * sctp: fix the processing for INIT_ACK chunk (CVE-2021-3772) linux-signed-i386 (4.19.232+1) buster-security; urgency=high . * Sign kernel from linux 4.19.232-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.209 - ocfs2: drop acl cache for directories too - [arm*] usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA - [armhf] usb: musb: tusb6010: uninitialized data in tusb_fifo_write_unaligned() - cifs: fix incorrect check for null pointer in header_assemble - [x86] xen/x86: fix PV trap handling on secondary processors - USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter - USB: cdc-acm: fix minor-number release - Re-enable UAS for LaCie Rugged USB3-FW with fk quirk - USB: serial: mos7840: remove duplicated 0xac24 device ID - USB: serial: option: add Telit LN920 compositions - USB: serial: option: remove duplicate USB device ID - USB: serial: option: add device id for Foxconn T99W265 - [arm64] serial: mvebu-uart: fix driver's tx_empty callback - net: hso: fix muxed tty registration - bnxt_en: Fix TX timeout when TX ring size is set to the smallest - net/smc: add missing error check in smc_clc_prfx_set() - net/mlx4_en: Don't allow aRFS for encapsulated packets - scsi: iscsi: Adjust iface sysfs attr detection - [x86] tty: synclink_gt, drop unneeded forward declarations - [x86] tty: synclink_gt: rename a conflicting function name - thermal/core: Potential buffer overflow in thermal_build_list_of_policies() - [arm64,armhf] irqchip/gic-v3-its: Fix potential VPE leak on error - md: fix a lock order reversal in md_alloc - blktrace: Fix uaf in blk_trace access after removing by sysfs - [arm64,armhf] net: stmmac: allow CSR clock of 300MHz - xen/balloon: use a kernel thread instead a workqueue - nvme-multipath: fix ANA state updates when a namespace is not present - qnx4: avoid stringop-overread errors - [arm64] Mark __stack_chk_guard as __ro_after_init - net: 6pack: Fix tx timeout and slot time - [arm64] PCI: aardvark: Fix checking for PIO status - tcp: address problems caused by EDT misshaps - tcp: always set retrans_stamp on recovery - tcp: create a helper to model exponential backoff - tcp: adjust rto_base in retransmits_timed_out() - xen/balloon: fix balloon kthread freezing - tty: Fix out-of-bound vmalloc access in imageblit - cpufreq: schedutil: Use kobject release() method to free sugov_tunables - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory - mac80211: fix use-after-free in CCMP/GCMP RX - [x86] kvmclock: Move this_cpu_pvti into kvmclock.h - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20 - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb - hwmon: (tmp421) Replace S_<PERMS> with octal values - hwmon: (tmp421) report /PVLD condition as fault - hwmon: (tmp421) fix rounding for negative values - e100: fix length calculation in e100_get_regs_len - e100: fix buffer overrun in e100_get_regs - Revert "block, bfq: honor already-setup queue merges" - scsi: csiostor: Add module softdep on cxgb4 - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses (CVE-2021-4203) - elf: don't use MAP_FIXED_NOREPLACE for elf interpreter mappings - ext4: fix potential infinite loop in ext4_dx_readdir() - net: udp: annotate data race around udp_sk(sk)->corkflag - [armel,armhf] 9077/1: PLT: Move struct plt_entries definition to header - [armel,armhf] 9078/1: Add warn suppress parameter to arm_gen_branch_link() - [armel,armhf] 9079/1: ftrace: Add MODULE_PLTS support - [armel,armhf] 9098/1: ftrace: MODULE_PLT: Fix build problem without DYNAMIC_FTRACE - [x86] crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() (CVE-2021-3744, CVE-2021-3764) - HID: betop: fix slab-out-of-bounds Write in betop_probe - netfilter: ipset: Fix oversized kvmalloc() calls - HID: usbhid: free raw_report buffers in usbhid_stop - cred: allow get_cred() and put_cred() to be given NULL. https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.210 - net: mdio: introduce a shutdown method to mdio device drivers - xen-netback: correct success/error reporting for the SKB-with-fraglist case - scsi: sd: Free scsi_disk device via put_device() - [arm*] usb: dwc2: check return value after calling platform_get_resource() - scsi: ses: Retry failed Send/Receive Diagnostic commands - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD. - lib/timerqueue: Rely on rbtree semantics for next timer (CVE-2021-20317) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.211 - USB: cdc-acm: fix racy tty buffer accesses - USB: cdc-acm: fix break reporting - xen/privcmd: fix error handling in mmap-resource processing - ovl: fix missing negative dentry check in ovl_rename() (CVE-2021-20321) - nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero - xen/balloon: fix cancelled balloon action - [armhf] dts: omap3430-sdp: Fix NAND device node - [mips,mipsel] bpf, mips: Validate conditional branch offsets (CVE-2021-38300) - [armel,armhf] bpf, arm: Fix register clobbering in div/mod implementation - bpf: Fix integer overflow in prealloc_elems_and_freelist() (CVE-2021-41864) - phy: mdio: fix memory leak - net_sched: fix NULL deref in fifo_set_limit() - [i386] ptp_pch: Load module automatically if ID matches - [armhf] imx6: disable the GIC CPU interface before calling stby-poweroff sequence - net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size() - [arm64,armhf] net: sfp: Fix typo in state machine debug string - netlink: annotate data races around nlk->bound - drm/nouveau/debugfs: fix file release memory leak - rtnetlink: fix if_nlmsg_stats_size() under estimation - i40e: fix endless loop under rtnl - i40e: Fix freeing of uninitialized misc IRQ vector - i2c: acpi: fix resource leak in reconfiguration device addition https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.212 - [armhf] net: phy: bcm7xxx: Fixed indirect MMD operations - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS - netfilter: ip6_tables: zero-initialize fragment offset - mac80211: Drop frames from invalid MAC address in ad-hoc mode - net: prevent user from passing illegal stab size - mac80211: check return value of rhashtable_init - scsi: ses: Fix unsigned comparison with less than zero - scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported" - [x86] perf/x86: Reset destroy callback on event init failure - sched: Always inline is_percpu_thread() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.213 - ALSA: seq: Fix a potential UAF by wrong private_free call order - ALSA: hda/realtek: Complete partial device name to avoid ambiguity - ALSA: hda/realtek: Add quirk for Clevo X170KM-G - ALSA: hda/realtek - ALC236 headset MIC recording issue - [s390x] fix strrchr() implementation - btrfs: deal with errors when replaying dir entry during log replay - btrfs: deal with errors when adding inode reference during log replay - btrfs: check for error when looking up inode during dir entry replay - [x86] mei: me: add Ice Lake-N device id. - xhci: guard accesses to ep_state in xhci_endpoint_reset() - xhci: Fix command ring pointer corruption while aborting a command - xhci: Enable trust tx length quirk for Fresco FL11 USB controller - cb710: avoid NULL pointer subtraction - [arm64,x86] efi/cper: use stack buffer for error record decoding - efi: Change down_interruptible() in virt_efi_reset_system() to down_trylock() - [armhf] usb: musb: dsps: Fix the probe error path - Input: xpad - add support for another USB ID of Nacon GC-100 - USB: serial: qcserial: add EM9191 QDL support - USB: serial: option: add Quectel EC200S-CN module support - USB: serial: option: add Telit LE910Cx composition 0x1204 - USB: serial: option: add prod. id for Quectel EG91 - virtio: write back F_VERSION_1 before validate - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells - sctp: account stream padding length for reconf chunk (CVE-2022-0322) - ethernet: s2io: fix setting mac address during resume - nfc: fix error handling of nfc_proto_register() - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa() - NFC: digital: fix possible memory leak in digital_in_send_sdd_req() - [i386] pata_legacy: fix a couple uninitialized variable bugs - [arm64] drm/msm: Fix null pointer dereference on pointer edp - [arm64] drm/msm/dsi: Fix an error code in msm_dsi_modeset_init() - [arm64] drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling - [arm64] acpi/arm64: fix next_platform_timer() section mismatch error - mqprio: Correct stats in mqprio_dump_class_stats(). - qed: Fix missing error code in qed_slowpath_start() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.214 - NFSD: Keep existing listeners on portlist error - netfilter: ipvs: make global sysctl readonly in non-init netns - [arm64] net: hns3: add limit ets dwrr bandwidth cannot be 0 - [arm64] net: hns3: disable sriov before unload hclge layer - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state notification - can: peak_pci: peak_pci_remove(): fix UAF - ocfs2: fix data corruption after conversion from inline format - ocfs2: mount fails with buffer overflow in strlen - vfs: check fd has read access in kernel_read_file_from_fd() (CVE-2022-0644) - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset - ALSA: hda/realtek: Add quirk for Clevo PC50HS - ASoC: DAPM: Fix missing kctl change notifications - mm, slub: fix mismatch between reconstructed freelist depth and cnt - nfc: nci: fix the UAF of rf_conn_info object (CVE-2021-3760) - isdn: cpai: check ctr->cnr to avoid array index out of bound (CVE-2021-43389) - btrfs: deal with errors when checking if a dir entry exists during log replay - [arm64,armhf] net: stmmac: add support for dwmac 3.40a - isdn: mISDN: Fix sleeping function called from invalid context - ALSA: hda: avoid write to STATESTS if controller is in reset - scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma() - net: mdiobus: Fix memory leak in __mdiobus_register - tracing: Have all levels of checks prevent recursion https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.215 - [armel,armhf] 9139/1: kprobes: fix arch_init_kprobes() prototype - [powerpc*] bpf: Fix BPF_MOD when imm == 1 - [arm64] Avoid premature usercopy failure - usbnet: sanity check for maxpacket - usbnet: fix error return code in usbnet_probe() - ata: sata_mv: Fix the error handling of mv_chip_id() - nfc: port100: fix using -ERRNO as command type mask - Revert "net: mdiobus: Fix memory leak in __mdiobus_register" - ipv4: use siphash instead of Jenkins in fnhe_hashfun() (CVE-2021-20322) - ipv6: use siphash in rt6_exception_hash() (CVE-2021-20322) - ipv6: make exception cache less predictible (CVE-2021-20322) - mmc: vub300: fix control-message timeouts - mmc: cqhci: clear HALT state after CQE enable - [armhf] mmc: dw_mmc: exynos: fix the finding clock sample value - mmc: sdhci: Map more voltage level to SDHCI_POWER_330 - [armhf] mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset standard tuning circuit - net: lan78xx: fix division by zero in send path - RDMA/mlx5: Set user priority for DCT - [arm64] dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node - regmap: Fix possible double-free in regcache_rbtree_exit() - net: batman-adv: fix error handling - net: Prevent infinite while loop in skb_tx_hash() - net: ethernet: microchip: lan743x: Fix driver crash when lan743x_pm_resume fails - net: ethernet: microchip: lan743x: Fix dma allocation failure by using dma_set_mask_and_coherent - sctp: use init_tag from inithdr for ABORT chunk (CVE-2021-3772) - sctp: fix the processing for COOKIE_ECHO chunk (CVE-2021-3772) - sctp: add vtag check in sctp_sf_violation (CVE-2021-3772) - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa (CVE-2021-3772) - sctp: add vtag check in sctp_sf_ootb (CVE-2021-3772) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.216 - scsi: core: Put LLD module refcnt after SCSI device is released - media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() (CVE-2021-42739) - IB/qib: Use struct_size() helper - IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields - sfc: Fix reading non-legacy supported link modes - arch: pgtable: define MAX_POSSIBLE_PHYSMEM_BITS where needed - [armel,armhf] 9120/1: Revert "amba: make use of -1 IRQs warn" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.217 - [x86] Revert "x86/kvm: fix vcpu-id indexed array sizes" - usb: ehci: handshake CMD_RUN instead of STS_HALT - [arm64,armhf] usb: musb: Balance list entry in musb_gadget_queue - usb-storage: Add compatibility quirk flags for iODD 2531/2541 - printk/console: Allow to disable console output by using console="" or console=null - isofs: Fix out of bound access for corrupted isofs image - [x86] comedi: dt9812: fix DMA buffers on stack - [x86] comedi: ni_usb6501: fix NULL-deref in command paths - [x86] comedi: vmk80xx: fix transfer-buffer overflows - [x86] comedi: vmk80xx: fix bulk-buffer overflow - [x86] comedi: vmk80xx: fix bulk and interrupt message timeouts - staging: r8712u: fix control-message timeout - [x86] staging: rtl8192u: fix control-message timeouts - rsi: fix control-message timeout https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.218 - xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good delay - binder: use euid from cred instead of using task - binder: use cred instead of task for selinux checks - Input: elantench - fix misreporting trackpoint coordinates (Closes: #989285) - libata: fix read log timeout value - ocfs2: fix data corruption on truncate - [arm64,armhf] mmc: dw_mmc: Dont wait for DRTO on Write RSP error - tpm: Check for integer overflow in tpm2_map_response_body() - [x86] media: ite-cir: IR receiver stop working after receive overflow - media: ir-kbd-i2c: improve responsiveness of hauppauge zilog receivers (Closes: #994050) - ALSA: hda/realtek: Add quirk for Clevo PC70HS - ALSA: ua101: fix division by zero at probe - ALSA: 6fire: fix control and bulk message timeouts - ALSA: line6: fix control and interrupt message timeouts - ALSA: usb-audio: Add registration quirk for JBL Quantum 400 - ALSA: synth: missing check for possible NULL after the call to kstrdup - ALSA: timer: Fix use-after-free problem - ALSA: timer: Unconditionally unlink slave instances, too - [x86] irq: Ensure PI wakeup handler is unregistered before module unload - [arm64] cavium: Return negative value when pci_alloc_irq_vectors() fails - scsi: qla2xxx: Fix unmap of already freed sgl - [arm64] cavium: Fix return values of the probe function - sfc: Don't use netif_info before net_device setup - [x86] hyperv/vmbus: include linux/bitops.h - drm: panel-orientation-quirks: Add quirk for Aya Neo 2021 - bpf: Prevent increasing bpf_jit_limit above max - xen/netfront: stop tx queues during live migration - [armhf] spi: spl022: fix Microwire full duplex mode - [armhf] watchdog: Fix OMAP watchdog early handling - [x86] vmxnet3: do not stop tx queues after netif_device_detach() - btrfs: clear MISSING device status bit in btrfs_close_one_device - btrfs: fix lost error handling when replaying directory deletes - btrfs: call btrfs_check_rw_degradable only if there is a missing device - [armhf] regulator: s5m8767: do not use reset value as DVS voltage if GPIO DVS is disabled - [armhf] regulator: dt-bindings: samsung,s5m8767: correct s5m8767,pmic-buck-default-dvs-idx property - EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell - [x86] mwifiex: fix division by zero in fw download path - ath6kl: fix division by zero in send path - ath6kl: fix control-message timeout - ath10k: fix control-message timeout - ath10k: fix division by zero in send path - PCI: Mark Atheros QCA6174 to avoid bus reset - rtl8187: fix control-message timeouts - [arm64] wcn36xx: Fix HT40 capability for 2Ghz band - mwifiex: Read a PCI register after writing the TX ring write pointer - libata: fix checking of DMA state - [arm64] wcn36xx: handle connection loss indication - rsi: fix occasional initialisation failure with BT coex - rsi: fix key enabled check causing unwanted encryption for vap_id > 0 - rsi: fix rate mask set leading to P2P failure - rsi: Fix module dev_oper_mode parameter description - RDMA/qedr: Fix NULL deref for query_qp on the GSI QP - signal: Remove the bogus sigkill_pending in ptrace_stop - [mips*] signal/mips: Update (_save|_restore)_fp_context to fail with -EFAULT - [x86] power: supply: max17042_battery: Prevent int underflow in set_soc_threshold - [x86] power: supply: max17042_battery: use VFSOC for capacity when no rsns - serial: core: Fix initializing and restoring termios speed - ALSA: mixer: oss: Fix racy access to slots - ALSA: mixer: fix deadlock in snd_mixer_oss_set_volume - xen/balloon: add late_initcall_sync() for initial ballooning done - [arm64] PCI: aardvark: Do not clear status bits of masked interrupts - [arm64] PCI: aardvark: Do not unmask unused interrupts - [arm64] PCI: aardvark: Fix return value of MSI domain .alloc() method - [arm64] PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG - quota: check block number when reading the block in quota file - quota: correct error number in free_dqentry() - pinctrl: core: fix possible memory leak in pinctrl_enable() - iio: dac: ad5446: Fix ad5622_write() return value - USB: serial: keyspan: fix memleak on probe errors - USB: iowarrior: fix control-message timeouts - drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200 2-in-1 - Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() (CVE-2021-3640) - Bluetooth: fix use-after-free error in lock_sock_nested() (CVE-2021-3752) - [x86] platform/x86: wmi: do not fail if disabling fails - locking/lockdep: Avoid RCU-induced noinstr fail - net: sched: update default qdisc visibility after Tx queue cnt changes - [x86] Increase exception stack sizes - mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type - mwifiex: Properly initialize private structure on interface type changes - media: netup_unidvb: handle interrupt properly according to the firmware - media: uvcvideo: Set capability in s_param - media: uvcvideo: Return -EIO for control errors - media: mceusb: return without resubmitting URB in case of -EPROTO error. - ACPICA: Avoid evaluating methods too early during system resume - media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte() - tracefs: Have tracefs directories not set OTH permission bits by default - ath: dfs_pattern_detector: Fix possible null-pointer dereference in channel_detector_create() - [x86] ACPI: battery: Accept charges over the design capacity as full - memstick: r592: Fix a UAF bug when removing the driver - lib/xz: Avoid overlapping memcpy() with invalid input with in-place decompression - lib/xz: Validate the value before assigning it to an enum variable - workqueue: make sysfs of unbound kworker cpumask more clever - mwl8k: Fix use-after-free in mwl8k_fw_state_machine() - PM: hibernate: Get block device exclusively in swsusp_check() - iwlwifi: mvm: disable RX-diversity in powersave - gre/sit: Don't generate link-local addr if addr_gen_mode is IN6_ADDR_GEN_MODE_NONE - [x86] hyperv: Protect set_hv_tscchange_cb() against getting preempted - task_stack: Fix end_of_stack() for architectures with upwards-growing stack - Bluetooth: fix init and cleanup of sco_conn.timeout_work - cgroup: Make rebind_subsystems() disable v2 controllers all at once - drm/amdgpu: fix warning for overflow check - media: em28xx: add missing em28xx_close_extension - media: dvb-usb: fix ununit-value in az6027_rc_query - media: si470x: Avoid card name truncation - media: cx23885: Fix snd_card_free call on null card pointer - cpuidle: Fix kobject memory leaks in error paths - media: em28xx: Don't use ops->suspend if it is NULL - ath9k: Fix potential interrupt storm on queue reset - [x86] crypto: qat - detect PFVF collision after ACK - [x86] crypto: qat - disregard spurious PFVF interrupts - b43legacy: fix a lower bounds test - b43: fix a lower bounds test - [armhf] mmc: sdhci-omap: Fix NULL pointer exception if regulator is not configured - memstick: jmb38x_ms: use appropriate free function in jmb38x_ms_alloc_host() - hwmon: Fix possible memleak in __hwmon_device_register() - ath10k: fix max antenna gain unit - [arm64] drm/msm: uninitialized variable in msm_gem_import() - net: stream: don't purge sk_error_queue in sk_stream_kill_queues() - [x86] platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning - rsi: stop thread firstly in rsi_91x_init() error handling - mwifiex: Send DELBA requests according to spec - phy: micrel: ksz8041nl: do not use power down mode - nvme-rdma: fix error code in nvme_rdma_setup_ctrl - PM: hibernate: fix sparse warnings - [arm64] drm/msm: Fix potential NULL dereference in DPU SSPP - [s390x] gmap: don't unconditionally call pte_unmap_unlock() in __gmap_zap() - tcp: don't free a FIN sk_buff in tcp_remove_empty_skb() - [s390x] KVM: s390: Fix handle_sske page fault handling - libertas_tf: Fix possible memory leak in probe and disconnect - libertas: Fix possible memory leak in probe and disconnect - [arm64] wcn36xx: add proper DMA memory barriers in rx path - [amd64,arm64] net: amd-xgbe: Toggle PLL settings during rate change - [arm64,armhf] net: phylink: avoid mvneta warning when setting pause parameters - crypto: pcrypt - Delay write to padata->info - RDMA/rxe: Fix wrong port_cap_flags - scsi: dc395: Fix error case unwinding - JFS: fix memleak in jfs_mount - ALSA: hda: Reduce udelay() at SKL+ position reporting - [arm64,armhf] soc/tegra: Fix an error handling path in tegra_powergate_power_up() - serial: 8250_dw: Drop wrong use of ACPI_PTR() - scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn() - RDMA/mlx4: Return missed an error if device doesn't support steering - [arm64] phy: qcom-qusb2: Fix a memory leak on probe - [arm64] serial: xilinx_uartps: Fix race condition causing stuck TX - [mips*] cm: Convert to bitfield API to fix out-of-bounds access - apparmor: fix error check - rpmsg: Fix rpmsg_create_ept return when RPMSG config is not defined - pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds - drm/plane-helper: fix uninitialized variable reference - [arm64] PCI: aardvark: Don't spam about PIO Response Status - NFS: Fix deadlocks in nfs_scan_commit_list() - fs: orangefs: fix error return code of orangefs_revalidate_lookup() - [arm64] mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare() - netfilter: nfnetlink_queue: fix OOB when mac header was cleared - dmaengine: dmaengine_desc_callback_valid(): Check for `callback_result` - [x86] watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT - scsi: qla2xxx: Fix gnl list corruption - scsi: qla2xxx: Turn off target reset during issue_lip - xen-pciback: Fix return in pm_ctrl_init() - [armhf] net: davinci_emac: Fix interrupt pacing disable - bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed - mm/zsmalloc.c: close race window between zs_pool_dec_isolated() and zs_unregister_migration() - zram: off by one in read_block_state() - llc: fix out-of-bound array index in llc_sk_dev_hash() - nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails - [arm64] pgtable: make __pte_to_phys/__phys_to_pte_val inline functions - vsock: prevent unnecessary refcnt inc for nonblocking connect - cxgb4: fix eeprom len when diagnostics not implemented - [arm64,armhf] USB: chipidea: fix interrupt deadlock - [armel,armhf] 9155/1: fix early early_iounmap() - f2fs: should use GFP_NOFS for directory inodes - 9p/net: fix missing error check in p9_check_errors - [powerpc*] lib: Add helper to check if offset is within conditional branch range - [powerpc*] bpf: Validate branch ranges - [powerpc*] bpf: Fix BPF_SUB when imm == 0x80000000 - [powerpc*] security: Add a helper to query stf_barrier type - [powerpc*] bpf: Emit stf barrier instruction sequences for BPF_NOSPEC - mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks - mm, oom: do not trigger out_of_memory from the #PF - [armhf] backlight: gpio-backlight: Correct initial power state handling - video: backlight: Drop maximum brightness override for brightness zero - [s390x] cio: check the subchannel validity for dev_busid - [s390x] tape: fix timer initialization in tape_std_assign() - PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros - fuse: truncate pagecache on atomic_o_trunc - [x86] cpu: Fix migration safety with X86_BUG_NULL_SEL - ext4: fix lazy initialization next schedule time computation in more granular unit - PCI/MSI: Destroy sysfs before freeing entries - PCI/MSI: Deal with devices lying about their MSI mask capability - PCI: Add MSI masking quirk for Nvidia ION AHCI - [arm64] zynqmp: Do not duplicate flash partition label property - [arm64] zynqmp: Fix serial compatible string - scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() - [armhf] usb: musb: tusb6010: check return value after calling platform_get_resource() - [x86] usb: typec: tipd: Remove WARN_ON in tps6598x_block_read - [x86] ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect - scsi: advansys: Fix kernel pointer leak - firmware_loader: fix pre-allocated buf built-in firmware use - tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc - scsi: target: Fix ordered tag handling - scsi: target: Fix alua_tg_pt_gps_count tracking - [i386] ALSA: gus: fix null pointer dereference on pointer block - f2fs: fix up f2fs_lookup tracepoints - sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain() - drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame - iavf: check for null in iavf_fix_features - iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset - [x86] platform/x86: hp_accel: Fix an error handling path in 'lis3lv02d_probe()' - net: virtio_net_hdr_to_skb: count transport header in UFO - i40e: Fix correct max_pkt_size on VF RX queue - i40e: Fix NULL ptr dereference on VSI filter sync - i40e: Fix changing previously set num_queue_pairs for PFs - i40e: Fix display error code in dmesg - NFC: reorganize the functions in nci_request - [x86] perf/x86/intel/uncore: Fix filter_tid mask for CHA events on Skylake Server - [x86] perf/x86/intel/uncore: Fix IIO event constraints for Skylake Server - tun: fix bonding active backup with arp monitoring - ipc: WARN if trying to remove ipc object which is absent - [x86] hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails - udf: Fix crash after seekdir - btrfs: fix memory ordering between normal and ordered work functions - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type - drm/udl: fix control-message timeout - drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga and dvi connectors - perf/core: Avoid put_page() when GUP fails - batman-adv: mcast: fix duplicate mcast packets in BLA backbone from LAN - batman-adv: Consider fragmentation for needed_headroom - batman-adv: Reserve needed_*room for fragments - batman-adv: Don't always reallocate the fragmentation skb head - RDMA/netlink: Add __maybe_unused to static inline in C file - ASoC: DAPM: Cover regression by kctl change notification fix - [arm64,armhf] soc/tegra: pmc: Fix imbalanced clock disabling in error code path https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.219 - USB: serial: option: add Telit LE910S1 0x9200 composition - USB: serial: option: add Fibocom FM101-GL variants - [arm*] usb: dwc2: hcd_queue: Fix use of floating point literal - usb: hub: Fix usb enumeration issue due to address0 race - usb: hub: Fix locking issues with address0_mutex - [arm*] binder: fix test regression due to sender_euid change - ALSA: ctxfi: Fix out-of-range access - media: cec: copy sequence field for the reply - HID: wacom: Use "Confidence" flag to prevent reporting invalid contacts - [x86] staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() - fuse: fix page stealing - xen: don't continue xenstore initialization in case of errors - xen: detect uninitialized xenbus in xenbus_init - tracing: Fix pid filtering when triggers are attached - proc/vmcore: fix clearing user buffer by properly using clear_user() - [arm64] PCI: aardvark: Fix a leaked reference by adding missing of_node_put() - [arm64] PCI: aardvark: Wait for endpoint to be ready before training link - [arm64] PCI: aardvark: Train link immediately after enabling training - [arm64] PCI: aardvark: Improve link training - [arm64] PCI: aardvark: Issue PERST via GPIO - [arm64] PCI: aardvark: Replace custom macros by standard linux/pci_regs.h macros - [arm64] PCI: aardvark: Indicate error in 'val' when config read fails - [arm64] PCI: aardvark: Don't touch PCIe registers if no card connected - [arm64] PCI: aardvark: Fix compilation on s390 - [arm64] PCI: aardvark: Move PCIe reset card code to advk_pcie_train_link() - [arm64] PCI: aardvark: Update comment about disabling link training - [arm64] PCI: aardvark: Configure PCIe resources from 'ranges' DT property - [arm64] PCI: aardvark: Fix PCIe Max Payload Size setting - [arm64] PCI: aardvark: Fix link training - [arm64] PCI: aardvark: Fix checking for link up via LTSSM state - [arm64] pinctrl: armada-37xx: Correct mpp definitions - [arm64] pinctrl: armada-37xx: add missing pin: PCIe1 Wakeup - [arm64] pinctrl: armada-37xx: Correct PWM pins definitions - [arm64] dts: marvell: armada-37xx: Set pcie_reset_pin to gpio function - netfilter: ipvs: Fix reuse connection if RS weight is 0 - [x86] ASoC: topology: Add missing rwsem around snd_ctl_remove() calls - net: ieee802154: handle iftypes as u32 - NFSv42: Don't fail clone() unless the OP_CLONE operation failed - [armhf] socfpga: Fix crash with CONFIG_FORTIRY_SOURCE - scsi: mpt3sas: Fix kernel panic during drive powercycle test - [arm*] drm/vc4: fix error code in vc4_create_object() - ipv6: fix typos in __ip6_finish_output() - net/smc: Ensure the active closing peer first closes clcsock - PM: hibernate: use correct mode for swsusp_close() - tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited flows - net/smc: Don't call clcsock shutdown twice when smc shutdown - [arm64] net: hns3: fix VF RSS failed problem after PF enable multi-TCs - vhost/vsock: fix incorrect used length reported to the guest - tracing: Check pid filtering when creating events - [s390x] mm: validate VMA in PGSTE manipulation functions - hugetlbfs: flush TLBs correctly after huge_pmd_unshare (CVE-2021-4002) - NFC: add NCI_UNREG flag to eliminate the race - fuse: release pipe buf after last use - xen: sync include/xen/interface/io/ring.h with Xen's newest version - xen/blkfront: read response from backend only once - xen/blkfront: don't take local copy of a request from the ring page - xen/blkfront: don't trust the backend response data blindly - xen/netfront: read response from backend only once - xen/netfront: don't read data from request on the ring page - xen/netfront: disentangle tx_skb_freelist - xen/netfront: don't trust the backend response data blindly - tty: hvc: replace BUG_ON() with negative return value https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.220 - shm: extend forced shm destroy to support objects from several IPC nses - NFSv42: Fix pagecache invalidation after COPY/CLONE - gfs2: Fix length of holes reported at end-of-file - [amd64] atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait (CVE-2021-43975) - net: return correct error code - [x86] platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3 deep - [s390x] setup: avoid using memblock_enforce_memory_limit - btrfs: check-integrity: fix a warning on write caching disabled disk - thermal: core: Reset previous low and high trip during thermal zone init - scsi: iscsi: Unblock session then wake up error handler - ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile - [arm64] ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() - vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit - kprobes: Limit max data_size of the kretprobe instances - ipmi: Move remove_work to dedicated workqueue - fs: add fget_many() and fput_many() - fget: check that the fd still exists after getting a ref to it (CVE-2021-4083) - net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() - net: mpls: Fix notifications when deleting a device - siphash: use _unaligned version by default - net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources() - rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() - net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no IRQ is available - net: annotate data-races on txq->xmit_lock_owner - net/rds: correct socket tunable error in rds_tcp_tune() - net/smc: Keep smc_close_final rc during active close - [arm64] drm/msm: Do hw_init() before capturing GPU state - vgacon: Propagate console boot parameters before calling `vc_resize' - xhci: Fix commad ring abort, write all 64 bits to CRCR register. - USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub - [x86] usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect - [amd64] mm: Map all kernel memory into trampoline_pgd - [arm64] tty: serial: msm_serial: Deactivate RX DMA for polling support - [arm64] serial: pl011: Add ACPI SBSA UART match id - serial: core: fix transmit-buffer reset and memleak - ipmi: msghandler: Make symbol 'remove_work_wq' static https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.221 - HID: add hid_is_usb() function to make it simpler for USB detection - HID: wacom: fix problems when device is not a valid USB device - HID: check for valid USB device for many HID drivers - can: kvaser_usb: get CAN clock frequency from device - [x86] can: sja1000: fix use after free in ems_pcmcia_add_card() - net: core: netlink: add helper refcount dec and lock function - net: sched: rename qdisc_destroy() to qdisc_put() - net: sched: extend Qdisc with rcu - net: sched: add helper function to take reference to Qdisc - net: sched: use Qdisc rcu API instead of relying on rtnl lock - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done - bpf: Fix the off-by-two error in range markings - ice: ignore dropped packets during init - bonding: make tx_rebalance_counter an atomic - nfp: Fix memory leak in nfp_cpp_area_cache_add() - seg6: fix the iif in the IPv6 socket control block - udp: using datalen to cap max gso segments - [amd64] IB/hfi1: Correct guard on eager buffer deallocation - mm: bdi: initialize bdi_min_ratio when bdi is unregistered - ALSA: ctl: Fix copy of updated id with element read/write - ALSA: pcm: oss: Fix negative period/buffer sizes - ALSA: pcm: oss: Limit the period size to 16MB - ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*() - tracefs: Have new files inherit the ownership of their parent - [arm64] clk: qcom: regmap-mux: fix parent clock lookup - [i386] can: pch_can: pch_can_rx_normal: fix use after free - libata: add horkage for ASMedia 1092 - wait: add wake_up_pollfree() - binder: use wake_up_pollfree() - signalfd: use wake_up_pollfree() - aio: keep poll requests on waitqueue until completed - aio: fix use-after-free due to missing POLLFREE handling - tracefs: Set all files to the same group ownership as the mount option - block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2) - qede: validate non LSO skb length - i40e: Fix pre-set max number of queues for VF - net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero - [armhf] net: fec: only clear interrupt of handling queue in fec_enet_rx_queue() - net, neigh: clear whole pneigh_entry at alloc time - net/qla3xxx: fix an error code in ql_adapter_up() - USB: gadget: detect too-big endpoint 0 requests (CVE-2021-39685) - USB: gadget: zero allocate endpoint 0 buffers (CVE-2021-39685) - usb: core: config: fix validation of wMaxPacketValue entries - xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime suspending - usb: core: config: using bit mask instead of individual bits - xhci: avoid race between disable slot command and host runtime suspend - iio: trigger: Fix reference counting - [armhf] iio: mma8452: Fix trigger reference couting - [arm64,armhf] iio: adc: axp20x_adc: fix charging current reporting on AXP22x - [x86] iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove - [armhf] irqchip/armada-370-xp: Fix return value of armada_370_xp_msi_alloc() - [armhf] irqchip/armada-370-xp: Fix support for Multi-MSI interrupts - [arm64,armhf] irqchip/irq-gic-v3-its.c: Force synchronisation when issuing INVALL - net_sched: fix a crash in tc_new_tfilter() - net: sched: make function qdisc_free_cb() static https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.222 - stable: clamp SUBLEVEL in 4.19 - nfc: fix segfault in nfc_genl_dump_devices_done - [arm64] drm/msm/dsi: set default num_data_lanes - net/mlx4_en: Update reported link modes for 1/10G - [arm64,armhf] i2c: rk3x: Handle a spurious start completion interrupt flag - net: netlink: af_netlink: Prevent empty skb by adding a check on len. - tracing: Fix a kmemleak false positive in tracing_map - [x86] hwmon: (dell-smm) Fix warning on /proc/i8k creation error - mac80211: send ADDBA requests using the tid/queue of the aggregation session - dm btree remove: fix use after free in rebalance_children() - audit: improve robustness of the audit queue handling - nfsd: fix use-after-free due to delegation race (Closes: #988044) - [x86] sme: Explicitly map new EFI memmap table as encrypted - mac80211: track only QoS data frames for admission control - [armhf] socfpga: dts: fix qspi node compatible - sch_cake: do not call cake_destroy() from cake_init() - rds: memory leak in __rds_conn_create() (CVE-2021-45480) - [arm64,armhf] soc/tegra: fuse: Fix bitwise vs. logical OR warning - igb: Fix removal of unicast MAC filters of VFs - igbvf: fix double free in `igbvf_probe` - ixgbe: set X550 MDIO speed before talking to PHY - netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc (CVE-2021-4135) - net/packet: rx_owner_map depends on pg_vec (CVE-2021-22600) - sit: do not call ipip6_dev_free() from sit_init_net() - USB: gadget: bRequestType is a bitfield, not a enum - USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04) - PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error - PCI/MSI: Mask MSI-X vectors only on success - USB: serial: cp210x: fix CP2105 GPIO registration - USB: serial: option: add Telit FN990 compositions - timekeeping: Really make sure wall_to_monotonic isn't positive - libata: if T_LENGTH is zero, dma direction should be DMA_NONE - drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE - mac80211: validate extended element ID is present - [armel] 8805/2: remove unneeded naked function usage - mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO - Input: touchscreen - avoid bitwise vs logical OR warning - media: mxl111sf: change mutex_init() location - fuse: annotate lock in fuse_reverse_inval_entry() - ovl: fix warning in ovl_create_real() - scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() - xen/blkfront: harden blkfront against event channel storms (CVE-2021-28711) - xen/netfront: harden netfront against event channel storms (CVE-2021-28712) - xen/console: harden hvc_xen against event channel storms (CVE-2021-28713) - xen/netback: fix rx queue stall detection (CVE-2021-28714) - xen/netback: don't queue unlimited number of packages (CVE-2021-28715) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.223 - net: usb: lan78xx: add Allied Telesis AT29M2-AF - block, bfq: improve asymmetric scenarios detection - block, bfq: fix asymmetric scenarios detection - block, bfq: fix decrement of num_active_groups - block, bfq: fix queue removal from weights tree - block, bfq: fix use after free in bfq_bfqq_expire - HID: holtek: fix mouse probing - [arm64] dts: allwinner: orangepi-zero-plus: fix PHY mode - [arm64] spi: change clk_disable_unprepare to clk_unprepare - IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() - netfilter: fix regression in looped (broad|multi)cast's MAC handling - qlcnic: potential dereference null pointer of rx_queue->page_ring - net: accept UFOv6 packages in virtio_net_hdr_to_skb - net: skip virtio_net_hdr_set_proto if protocol already set - ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module - bonding: fix ad_actor_system option setting to default - [amd64] fjes: Check for error irq - [armhf] drivers: net: smc911x: Check for error irq - sfc: falcon: Check null pointer of rx_queue->page_ring - hwmon: (lm90) Fix usage of CONFIG2 register in detect function - ALSA: jack: Check the return value of kstrdup() - ALSA: drivers: opl3: Fix incorrect use of vp->state - Input: atmel_mxt_ts - fix double free in mxt_read_info_block - ipmi: bail out if init_srcu_struct fails - ipmi: fix initialization when workqueue allocation fails - [x86] pkey: Fix undefined behaviour with PKRU_WD_BIT - [armel,armhf] 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling - f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() (CVE-2021-45469) - usb: gadget: u_ether: fix race in setting MAC address in setup phase - [x86] KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state - hwmon: (lm90) Do not report 'busy' status bit as alarm - ax25: NPD bug when detaching AX25 device - hamradio: defer ax25 kfree after unregister_netdev - hamradio: improve the incomplete fix to avoid NPD - phonet/pep: refuse to enable an unbound pipe https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.224 - [arm64] tee: handle lookup of shm with reference count 0 (CVE-2021-44733) - Input: i8042 - add deferred probe support - [x86] Input: i8042 - enable deferred probe quirk for ASUS UM325UA - [x86] platform/x86: apple-gmux: use resource_size() with res - selinux: initialize proto variable in selinux_ip_postroute_compat() - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() - udp: using datalen to cap ipv6 udp max gso segments - sctp: use call_rcu to free endpoint - net: usb: pegasus: Do not drop long Ethernet frames - net/mlx5e: Fix wrong features assignment in case of error - i2c: validate user data in compat ioctl - nfc: uapi: use kernel size_t to fix user-space builds - uapi: fix linux/nfc.h userspace compilation errors - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set. - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. - [arm*] binder: fix async_free_space accounting for empty parcels - [x86] scsi: vmw_pvscsi: Set residual data length conditionally - Input: appletouch - initialize work before device registration - Input: spaceball - fix parsing of movement data packets - net: fix use-after-free in tw_timer_handler https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.225 - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf() - tracing: Tag trace_percpu_buffer as a percpu pointer - ieee802154: atusb: fix uninit value in atusb_set_extended_addr - RDMA/core: Don't infoleak GRH fields - mac80211: initialize variable have_higher_than_11mbit - i40e: fix use-after-free in i40e_sync_filters_subtask() - i40e: Fix incorrect netdev's real number of RX/TX queues - ipv6: Check attribute length for RTA_GATEWAY in multipath route - ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route - sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc - xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate (CVE-2021-4155) - rndis_host: support Hytera digital radios - phonet: refcount leak in pep_sock_accep (CVE-2021-45095) - ipv6: Continue processing multipath route even if gateway attribute is invalid - ipv6: Do cleanup if attribute validation fails in multipath route - scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown() - ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate - net: udp: fix alignment problem in udp4_seq_show() - mISDN: change function names to avoid conflicts https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.226 - Bluetooth: bfusb: fix division by zero in send path - USB: core: Fix bug in resuming hub's handling of wakeup requests - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status - can: bcm: switch timer to HRTIMER_MODE_SOFT and remove hrtimer_tasklet - veth: Do not record rx queue hint in veth_xmit - [x86] mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe() - can: gs_usb: fix use of uninitialized variable, detach device on reception of invalid USB data - can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved} - random: fix data race on crng_node_pool - random: fix data race on crng init time - [x86] drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk() - kbuild: Add $(KBUILD_HOSTLDFLAGS) to 'has_libelf' test - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc() - [s390x] KVM: s390: Clarify SIGP orders versus STOP/RESTART - media: uvcvideo: fix division by zero at stream start - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with interrupts enabled - firmware: qemu_fw_cfg: fix sysfs information leak - firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries - firmware: qemu_fw_cfg: fix kobject leak in probe error path - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after reboot from Windows - HID: uhid: Fix worker destroying device without any protection - HID: wacom: Reset expected and received contact counts at the same time - HID: wacom: Ignore the confidence flag when a touch is removed - HID: wacom: Avoid using stale array indicies to read contact count - f2fs: fix to do sanity check in is_alive() - nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed bind() - [armhf] mtd: rawnand: gpmi: Remove explicit default gpmi clock setting for i.MX6 - [x86] gpu: Reserve stolen memory for first integrated Intel GPU - rtc: cmos: take rtc_lock while reading from CMOS - media: flexcop-usb: fix control-message timeouts - media: mceusb: fix control-message timeouts - media: em28xx: fix control-message timeouts - media: cpia2: fix control-message timeouts - media: s2255: fix control-message timeouts - media: dib0700: fix undefined behavior in tuner shutdown - media: redrat3: fix control-message timeouts - media: pvrusb2: fix control-message timeouts - media: stk1160: fix control-message timeouts - [x86] can: softing_cs: softingcs_probe(): fix memleak on registration failure - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller - shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails - [arm*] clk: bcm-2835: Pick the closest clock rate - [arm*] clk: bcm-2835: Remove rounding up the dividers - [arm64] wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND - [arm64] wcn36xx: Release DMA channel descriptor allocations - media: videobuf2: Fix the size printk format - media: em28xx: fix memory leak in em28xx_init_dev - Bluetooth: stop proccessing malicious adv data - [arm64] tee: fix put order in teedev_close_context() - media: dmxdev: fix UAF when dvb_register_device() fails - [arm64] crypto: qce - fix uaf on qce_ahash_register_one - netfilter: bridge: add support for pppoe filtering - drm/amdgpu: Fix a NULL pointer dereference in amdgpu_connector_lcd_native_mode() - drm/radeon/radeon_kms: Fix a NULL pointer dereference in radeon_driver_open_kms() - [arm*] serial: amba-pl011: do not request memory region twice - floppy: Fix hang in watchdog when disk is ejected - media: dib8000: Fix a memleak in dib8000_init() - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach() - media: si2157: Fix "warm" tuner state detection - sched/rt: Try to restart rt period timer when rt runtime exceeded - xfrm: fix a small bug in xfrm_sa_len() - media: dw2102: Fix use after free - media: msi001: fix possible null-ptr-deref in msi001_probe() - [arm64] drm/msm/dpu: fix safe status debugfs file - xfrm: interface with if_id 0 should return error - xfrm: state and policy should fail if XFRMA_IF_ID 0 - usb: ftdi-elan: fix memory leak on device disconnect - [armhf] mmc: meson-mx-sdio: add IRQ check - [x86] mce/inject: Avoid out-of-bounds write when setting flags - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in __nonstatic_find_io_region() - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in nonstatic_find_mem_region() - netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() - ppp: ensure minimum packet size in ppp_write() - Bluetooth: hci_bcm: Check for error irq - [arm64,armhf] spi: spi-meson-spifc: Add missing pm_runtime_disable() in meson_spifc_probe - tpm: add request_locality before write TPM_INT_ENABLE - can: softing: softing_startstop(): fix set but not used variable warning - pcmcia: fix setting of kthread task states - net: mcs7830: handle usb read errors properly - ext4: avoid trim error on fs with small groups - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls - [arm64] RDMA/hns: Validate the pkey index - [powerpc*] prom_init: Fix improper check of prom_getprop() - ALSA: oss: fix compile error when OSS_DEBUG is enabled - [arm64,armhf] iommu/io-pgtable-arm: Fix table descriptor paddr formatting - scsi: ufs: Fix race conditions related to driver data - RDMA/core: Let ib_find_gid() continue search even after empty entry - [x86] ASoC: rt5663: Handle device_property_read_u32_array error codes - [arm*] iommu/iova: Fix race between FQ timeout and teardown - RDMA/cxgb4: Set queue pair state when being queried - Bluetooth: Fix debugfs entry leak in hci_register_dev() - fs: dlm: filter user dlm messages for kernel locks - ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply - drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR - usb: gadget: f_fs: Use stream_open() for endpoint files - HID: apple: Do not reset quirks when the Fn key is not found - media: b2c2: Add missing check in flexcop_pci_isr: - gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use - [armhf] HSI: core: Fix return freed object in hsi_new_client - [x86] mwifiex: Fix skb_over_panic in mwifiex_usb_recv() (CVE-2021-43976) - rsi: Fix out-of-bounds read in rsi_read_pkt() - floppy: Add max size check for user space request - media: saa7146: hexium_orion: Fix a NULL pointer dereference in hexium_attach() - media: m920x: don't use stack on USB reads - iwlwifi: mvm: synchronize with FW after multicast commands - ath10k: Fix tx hanging - net-sysfs: update the queue counts in the unregistration path - [x86] mce: Mark mce_panic() noinstr - [x86] mce: Mark mce_end() noinstr - [x86] mce: Mark mce_read_aux() noinstr - net: bonding: debug: avoid printing debug logs when bond is not notifying peers - bpf: Do not WARN in bpf_warn_invalid_xdp_action() - HID: quirks: Allow inverting the absolute X/Y values - media: igorplugusb: receiver overflow should be reported - media: saa7146: hexium_gemini: Fix a NULL pointer dereference in hexium_attach() - mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO - audit: ensure userspace is penalized the same as the kernel when under pressure - usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0 - ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream - iwlwifi: fix leaks/bad data after failed firmware load - iwlwifi: remove module loading failure message - iwlwifi: mvm: Fix calculation of frame length - jffs2: GC deadlock reading a page that is used in jffs2_write_begin() - ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions - ACPICA: Utilities: Avoid deleting the same object twice in a row - ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R() - ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5 - drm/amdgpu: fixup bad vram size on gmc v8 - [x86] ACPI: battery: Add the ThinkPad "Not Charging" quirk - btrfs: remove BUG_ON() in find_parent_nodes() - btrfs: remove BUG_ON(!eie) in find_parent_nodes - net: mdio: Demote probed message to debug print - mac80211: allow non-standard VHT MCS-10/11 - dm btree: add a defensive bounds check to insert_at() - dm space map common: add bounds check to sm_ll_lookup_bitmap() - net: phy: marvell: configure RGMII delays for 88E1118 - [arm64] regulator: qcom_smd: Align probe function with rpmh-regulator - [arm64,armhf] serial: pl010: Drop CR register reset on set_termios - serial: core: Keep mctrl register state and cached copy in sync - [powerpc*] powernv: add missing of_node_put - [powerpc*] btext: add missing of_node_put - [powerpc*] watchdog: Fix missed watchdog reset due to memory ordering race - [x86] i2c: i801: Don't silently correct invalid transfer size - [powerpc*] smp: Move setup_profiling_timer() under CONFIG_PROFILING - [powerpc*] i2c: mpc: Correct I2C reset procedure - w1: Misuse of get_user()/put_user() reported by sparse - ALSA: seq: Set upper limit of processed events - [powerpc*] handle kdump appropriately with crash_kexec_post_notifiers option - [mips*] OCTEON: add put_device() after of_find_device_by_node() - [x86] i2c: designware-pci: Fix to change data types of hcnt and lcnt parameters - scsi: sr: Don't use GFP_DMA - [arm64] rpmsg: core: Clean up resources on announce_create failure. - ubifs: Error path in ubifs_remount_rw() seems to wrongly free write buffers - serial: Fix incorrect rs485 polarity on uart open - cputime, cpuacct: Include guest time in user time in cpuacct.stat - iwlwifi: mvm: Increase the scan timeout guard to 30 seconds - [s390x] mm: fix 2KB pgtable release race - [armhf] drm/etnaviv: limit submit sizes - ext4: make sure to reset inode lockdep class when quota enabling fails - ext4: make sure quota gets properly shutdown on error - ext4: set csum seed in tmp inode while migrating to extents - ext4: Fix BUG_ON in ext4_bread when write quota data - ext4: don't use the orphan list when migrating an inode - ASoC: dpcm: prevent snd_soc_dpcm use after free - regulator: core: Let boot-on regulators be powered off - drm/radeon: fix error handling in radeon_driver_open_kms - [arm64] RDMA/hns: Modify the mapping attribute of doorbell to device - RDMA/rxe: Fix a typo in opcode name - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress - netns: add schedule point in ops_exit_list() - libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route() - net_sched: restore "mpu xxx" handling - [mips*,s390x] gup: Work around the "COW can break either way" issue (CVE-2020-29374) - fuse: fix bad inode (CVE-2020-36322) - fuse: fix live lock in fuse_iget() (CVE-2021-28950) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.227 - [x86] drm/i915: Flush TLBs before releasing backing store (CVE-2022-0330) - net: bridge: clear bridge's private skb space on xmit - select: Fix indefinitely sleeping task in poll_schedule_timeout() - [x86] drm/vmwgfx: Fix stale file descriptors on failed usercopy (CVE-2022-22942) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.228 - Bluetooth: refactor malicious adv data check - [s390x] hypfs: include z/VM guests with access control group set - [s390x] scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP devices - udf: Restore i_lenAlloc when inode expansion fails (CVE-2022-0617) - udf: Fix NULL ptr deref when converting from inline format (CVE-2022-0617) - [armhf] drm/etnaviv: relax submit size limits - netfilter: nft_payload: do not update layer 4 checksum when mangling fragments - serial: 8250: of: Fix mapped region size when using reg-offset property - tty: n_gsm: fix SW flow control encoding/handling - tty: Add support for Brainboxes UC cards. - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge - [arm64,armhf] usb: common: ulpi: Fix crash in ulpi_match() - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS - USB: core: Fix hang in usb_kill_urb by adding memory barriers - [x86] usb: typec: tcpm: Do not disconnect while receiving VBUS off - [arm64,armhf] net: sfp: ignore disabled SFP node - i40e: Increase delay to 1 s after global EMP reset - i40e: Fix issue when maximum queues is exceeded - i40e: Fix queues reservation for XDP - i40e: fix unsigned stat widths - scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() - ipv6_tunnel: Rate limit warning messages - net: fix information leakage in /proc/net/ptype - ping: fix the sk_bound_dev_if match in ping_lookup - ipv4: avoid using shared IP generator for connected sockets - hwmon: (lm90) Reduce maximum conversion rate for G781 - NFSv4: Handle case where the lookup of a directory fails (CVE-2022-24448) - NFSv4: nfs_atomic_open() can race when looking up a non-regular file - net-procfs: show net devices bound packet types - [arm64] drm/msm: Fix wrong size calculation - [arm64] drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable - ipv6: annotate accesses to fn->fn_sernum - NFS: Ensure the server has an up to date ctime before hardlinking - NFS: Ensure the server has an up to date ctime before renaming - phylib: fix potential use-after-free - yam: fix a memory leak in yam_siocdevprivate() (CVE-2022-24959) - ipv4: raw: lock the socket in raw_bind() - ipv4: tcp: send zero IPID in SYNACK messages - netfilter: nat: remove l4 protocol port rovers - netfilter: nat: limit port clash resolution attempts - tcp: fix possible socket leaks in internal pacing mode - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback - [amd64,arm64] net: amd-xgbe: ensure to reset the tx_timer_active flag - [amd64,arm64] net: amd-xgbe: Fix skb data length underflow - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() - af_packet: fix data-race in packet_setsockopt / packet_setsockopt - audit: improve audit queue handling when "audit=1" on cmdline - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx() - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx() - ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220 quirks - ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer chipset) - ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after reboot from Windows - drm/nouveau: fix off by one in BIOS boundary checking - block: bio-integrity: Advance seed correctly for larger interval sizes - RDMA/mlx4: Don't continue event handler after memory allocation failure - [amd64] iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() - [amd64] iommu/amd: Fix loop timeout issue in iommu_ga_log_enable() - [armhf] spi: meson-spicc: add IRQ check in meson_spicc_probe - net: ieee802154: hwsim: Ensure proper channel selection at probe time - net: ieee802154: Return meaningful error codes from the netlink helpers - net: macsec: Verify that send_sci is on when setting Tx sci explicitly - [arm64,armhf] net: stmmac: ensure PTP time register reads are consistent - [x86] drm/i915/overlay: Prevent divide by zero bugs in scaling - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe - nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client. - rtc: cmos: Evaluate century appropriate - [arm64] EDAC/xgene: Fix deferred probing - ext4: fix error handling in ext4_restore_inline_data() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.229 - cgroup-v1: Require capabilities to set release_agent (CVE-2022-0492) - moxart: fix potential use-after-free on remove path (CVE-2022-0487) - tipc: improve size validations for received domain records (CVE-2022-0435) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.230 - integrity: check the return value of audit_log_start() - net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs - NFS: Fix initialisation of nfs_client cl_flags field - NFSD: Clamp WRITE offsets - NFSD: Fix offset type in I/O trace points - NFSv4 only print the label when its queried - nfs: nfs4clinet: check the return value of kstrdup() - NFSv4.1: Fix uninitialised variable in devicenotify - NFSv4 remove zero number of fs_locations entries error check - NFSv4 expose nfs_parse_server_name function - net: sched: Clarify error message when qdisc kind is unknown - scsi: target: iscsi: Make sure the np under each tpg is unique - [arm*] usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend - [arm64,armhf] net: stmmac: dwmac-sun8i: use return val of readl_poll_timeout() - bpf: Add kconfig knob for disabling unpriv bpf by default - net: bridge: fix stale eth hdr pointer in br_dev_xmit - usb: f_fs: Fix use-after-free for epfile - ixgbevf: Require large buffers for build_skb on 82599VF - bonding: pair enable_port with slave_arr_updates - ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path - net: do not keep the dst cache when uncloning an skb dst and its metadata - net: fix a memleak when uncloning an skb dst and its metadata - veth: fix races around rq->rx_notify_masked - tipc: rate limit warning for received illegal binding update - [amd64,arm64] net: amd-xgbe: disable interrupts during pci removal - vt_ioctl: fix array_index_nospec in vt_setactivate - vt_ioctl: add array_index_nospec to VT_ACTIVATE - n_tty: wake up poll(POLLRDNORM) on receiving data - [arm64,armhf] usb: ulpi: Move of_node_put to ulpi_dev_release - [arm64,armhf] usb: ulpi: Call of_node_put correctly - [arm64,armhf] usb: dwc3: gadget: Prevent core from processing stale TRBs - USB: gadget: validate interface OS descriptor requests (CVE-2022-25258) - usb: gadget: rndis: check size of RNDIS_MSG_SET command (CVE-2022-25375) - USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320 - USB: serial: option: add ZTE MF286D modem - USB: serial: ch341: add support for GW Instek USB2.0-Serial devices - USB: serial: cp210x: add NCR Retail IO box id - USB: serial: cp210x: add CPI Bulk Coin Recycler id - seccomp: Invalidate seccomp mode to catch death failures - [x86] hwmon: (dell-smm) Speed up setting of fan speed - perf: Fix list corruption in perf_cgroup_switch() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.231 - Makefile.extrawarn: Move -Wunaligned-access to W=1 - net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup - btrfs: send: in case of IO error log it - net: ieee802154: at86rf230: Stop leaking skb's - ax25: improve the incomplete fix to avoid UAF and NPD bugs - vfs: make freeze_super abort when sync_filesystem returns error - quota: make dquot_quota_sync return errors from ->sync_fs - nvme: fix a possible use-after-free in controller reset during load - nvme-rdma: fix possible use-after-free in transport error_recovery work - Revert "module, async: async_synchronize_full() on module init iff async is used" - iwlwifi: fix use-after-free - drm/radeon: Fix backlight control on iMac 12,1 - xfrm: Don't accidentally set RTO_ONLINK in decode_session4() - taskstats: Cleanup the use of task->exit_code - mmc: block: fix read single on recovery logic - vsock: remove vsock from connected table when connect is interrupted by a signal - iwlwifi: pcie: fix locking when "HW not ready" - iwlwifi: pcie: gen2: fix locking when "HW not ready" - ping: fix the dif and sdif check in ping_lookup - drop_monitor: fix data-race in dropmon_net_event / trace_napi_poll_hit - bonding: fix data-races around agg_select_timer - libsubcmd: Fix use-after-free for realloc(..., 0) - ALSA: hda: Fix regression on forced probe mask option - ALSA: hda: Fix missing codec probe on Shenker Dock 15 - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw() - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range() - [powerpc*] lib/sstep: fix 'ptesync' build error - ext4: check for out-of-order index extents in ext4_valid_extent_entries() - block/wbt: fix negative inflight counter when remove scsi device - NFS: LOOKUP_DIRECTORY is also ok with symlinks - NFS: Do not report writeback errors in nfs_getattr() - EDAC: Fix calculation of returned address and next offset in edac_align_ptr() - net: sched: limit TC_ACT_REPEAT loops - lib/iov_iter: initialize "flags" in new pipe_buffer - [x86] Drivers: hv: vmbus: Expose monitor data only when monitor pages are used - [x86] Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj - [x86] KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW - [armhf] OMAP2+: hwmod: Add of_node_put() before break - netfilter: conntrack: don't refresh sctp entries in closed state - kconfig: let 'shell' return enough output for deep path names - ata: libata-core: Disable TRIM on M88V29 - tracing: Fix tp_printk option related with tp_printk_stop_on_boot - net: usb: qmi_wwan: Add support for Dell DW5829e - [arm64] net: macb: Align the dma and coherent dma masks https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.232 - cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug - vhost/vsock: don't check owner in vhost_vsock_stop() while releasing - sr9700: sanity check for packet length - USB: zaurus: support another broken Zaurus - ping: remove pr_err from ping_lookup - net: __pskb_pull_tail() & pskb_carve_frag_list() drop_monitor friends - tipc: Fix end of loop tests for list_for_each_entry() - gso: do not skip outer ip header in case of ipip and net_failover - openvswitch: Fix setting ipv6 fields causing hw csum failure - drm/edid: Always set RGB444 - net/mlx5e: Fix wrong return value on ioctl EEPROM query failure - configfs: fix a race in configfs_{,un}register_subsystem() - RDMA/ib_srp: Fix a deadlock - tty: n_gsm: fix proper link termination after failed open - Revert "drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR" - memblock: use kfree() to release kmalloced memblock regions - fget: clarify and improve __fget_files() implementation - tracing: Have traceon and traceoff trigger honor the instance - ata: pata_hpt37x: disable primary channel on HPT371 - Revert "USB: serial: ch341: add new Product ID for CH341A" - usb: gadget: rndis: add spinlock for rndis response list - tracefs: Set the group ownership in apply_options() not parse_options() - USB: serial: option: add support for DW5829e - USB: serial: option: add Telit LE910R1 compositions - [arm64] usb: dwc3: pci: Fix Bay Trail phy GPIO mappings - [arm64,armhf] usb: dwc3: gadget: Let the interrupt handler disable bottom halves. - xhci: re-initialize the HC during resume if HCE was set - xhci: Prevent futile URB re-submissions due to incorrect return value. - tty: n_gsm: fix encoding of control signal octet bit DV . [ Salvatore Bonaccorso ] * Bump ABI to 19 * [rt] Update to 4.19.210-rt90 * [rt] Update to 4.19.211-rt91 * [rt] Update to 4.19.212-rt92 * [rt] Update to 4.19.214-rt93 * [rt] Update to 4.19.215-rt94 - fscache: fix initialisation of cookie hash table raw spinlocks * [rt] Update to 4.19.217-rt95 * Refresh "Export symbols needed by Android drivers" * liblockdep: Stop build liblockdep packages * [rt] Update to 4.19.218-rt96 * [rt] Update to 4.19.219-rt97 * [rt] Refresh "net: move xmit_recursion to per-task variable on -RT" * Refresh "Export symbols needed by Android drivers" * [rt] Update to 4.19.225-rt101 * Refresh "Revert "objtool: Fix CONFIG_STACK_VALIDATION=y warning for out-of-tree modules"" * [rt] Update to 4.19.227-rt102 * [rt] Update to 4.19.230-rt103 * init: Enable BPF_UNPRIV_DEFAULT_OFF (Closes: #990411) * Mitigate Spectre v2-type Branch History Buffer attacks (CVE-2022-0001, CVE-2022-0002) - [x86] speculation: Merge one test in spectre_v2_user_select_mitigation() - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd - [x86] speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE - [x86] speculation: Add eIBRS + Retpoline options - Documentation/hw-vuln: Update spectre doc - [x86] speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting - [x86] speculation: Use generic retpoline by default on AMD - [x86] speculation: Update link to AMD speculation whitepaper - [x86] speculation: Warn about Spectre v2 LFENCE mitigation - [x86] speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT llvm-toolchain-11 (1:11.0.1-2~deb10u1) buster; urgency=medium . * Backport to buster. - Disable tests on (big endian) mips due to timeout (i.e., test runtime exceeds 10h). - Don't install hwasan_symbolize as part of clang-tools package on mips (that particular utility isn't built on mips) llvm-toolchain-11 (1:11.0.1-2~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. llvm-toolchain-11 (1:11.0.1-1) unstable; urgency=medium . [ Sylvestre Ledru ] * New stable release . [ Gianfranco Costamagna ] * Drop old patch, upstream now * Run dh_makeshlibs with -V parameter (Closes: #977814) llvm-toolchain-11 (1:11.0.1~+rc2-1) unstable; urgency=medium . * New snapshot release * Remove 'gnu-assembler-compat.diff' - merged upstream llvm-toolchain-11 (1:11.0.1~+rc1-1) unstable; urgency=medium . [ Alexander Volkov ] * Fix description of libclang-cpp11-dev package. . [ Sylvestre Ledru ] * Upload to unstable to help doko with gcc 11.0.1 will be released before the freeze llvm-toolchain-11 (1:11.0.1~+rc1-1~exp1) experimental; urgency=medium . [ Gianfranco Costamagna ] * gnu-assembler-compat.diff: Add upstream patch D92052 to fix a gcn offload compiler issue with gcc (Closes: #975692) . [ Sylvestre Ledru ] * New snapshot release * Remove fix-clang-format-bug-47589.patch (applied upstream) llvm-toolchain-11 (1:11.0.0-5) unstable; urgency=medium . [ Adrian Bunk ] * Fix the fuzzer build on i386. . [ Sylvestre Ledru ] * Ignore some tests on i386 to get autopkgtest fixed (Closes: #972334) llvm-toolchain-11 (1:11.0.0-4) unstable; urgency=medium . * Cherry-pick some fixes from https://github.com/opencollab/llvm-toolchain-integration-test-suite/ * Only install hwasan_symbolize when found * Don't use gold on ppc64el. It fails to build in that case (Closes: #972317) . [ John Paul Adrian Glaubitz ] * Limit maximum parallel link jobs to 4 on sparc and sparc64 llvm-toolchain-11 (1:11.0.0-3) unstable; urgency=medium . [ Sylvestre Ledru ] * Rebuild to fix the coinstall issues (Closes: #972323) * Replace use of deprecated $ADTTMP with $AUTOPKGTEST_TMP. llvm-toolchain-11 (1:11.0.0-2) unstable; urgency=medium . * Fix a clang-format issue. Fix bug #47589 llvm-toolchain-11 (1:11.0.0-1) unstable; urgency=medium . * New upstream release llvm-toolchain-11 (1:11.0.0~+rc6-1) unstable; urgency=medium . [ Sylvestre Ledru ] * New rc release * remove all artifacts after tests . [ Gianfranco Costamagna ] * qualify-clang.sh: exclude z3 tests when support is not available, not based on libz3-dev installation but on the error returned by clang invocation llvm-toolchain-11 (1:11.0.0~+rc5-1) unstable; urgency=medium . * New rc release llvm-toolchain-11 (1:11.0.0~+rc4-1) unstable; urgency=medium . * New rc release * Fix one more test in autopkgtest llvm-toolchain-11 (1:11.0.0~+rc3-2) unstable; urgency=medium . * Update of the symbol list of libomp5: - GOMP_loop_maybe_nonmonotonic_runtime_next - GOMP_loop_maybe_nonmonotonic_runtime_start - GOMP_loop_nonmonotonic_runtime_next - GOMP_loop_nonmonotonic_runtime_start - GOMP_loop_ull_maybe_nonmonotonic_runtime_next - GOMP_loop_ull_maybe_nonmonotonic_runtime_start - GOMP_loop_ull_nonmonotonic_runtime_next - GOMP_loop_ull_nonmonotonic_runtime_start - GOMP_parallel_loop_maybe_nonmonotonic_runtime - GOMP_parallel_loop_nonmonotonic_runtime - omp_display_env * Bring back LLVM_POLLY_LINK_INTO_TOOLS=ON to workaround the error clang (LLVM option parsing): Unknown command line argument '-polly'. Try: 'clang (LLVM option parsing) --help' Also found in autopkgtest * Bring back LLVM_POLLY_LINK_INTO_TOOLS=ON to workaround the error clang (LLVM option parsing): Unknown command line argument '-polly'. Try: 'clang (LLVM option parsing) --help' Fix autopkgtest * In the autopkgtest tests, update the opt arguments (-q removed and -basicaa renamed to -basic-aa) * Disable test executions on mipsel (timeout) llvm-toolchain-11 (1:11.0.0~+rc3-1) unstable; urgency=medium . * New rc release llvm-toolchain-11 (1:11.0.0~+rc2-5) unstable; urgency=medium . [ John Paul Adrian Glaubitz ] * Link against libatomic on powerpc to fix FTBFS in stage2 * Use dh-exec to exclude lib/libPolly*.a on powerpc and powerpcspe from libclang-common-X.Y-dev.install.in . [ Gianfranco Costamagna ] * autopkgtests: ignore binfmts enable command return value. llvm-toolchain-11 (1:11.0.0~+rc2-4) unstable; urgency=medium . * integration-test-suite-test: change the configuration for 11 llvm-toolchain-11 (1:11.0.0~+rc2-3) unstable; urgency=medium . * Fix testsuite by ignoring binfmts test (can't be enabled on autopkgtests) llvm-toolchain-11 (1:11.0.0~+rc2-2) unstable; urgency=medium . [ Gianfranco Costamagna ] * Disable ocaml support on i386, not reasonable to support it there (specially for Ubuntu) * Enable binfmt support before using it in tests, to fix them . [ Sylvestre Ledru ] * Also link against -latomic on mipsel to fix /usr/[...]/atomic_base.h:426: undefined reference to `__atomic_load_8' for lld to fix the FTBFS llvm-toolchain-11 (1:11.0.0~+rc2-1) unstable; urgency=medium . * New snapshot release llvm-toolchain-11 (1:11.0.0~+rc1-2) unstable; urgency=medium . * Don't install ompt-multiplex.h on armhf, mipsel and mips64el (Closes: #967944) llvm-toolchain-11 (1:11.0.0~+rc1-1) unstable; urgency=medium . * Testing release llvm-toolchain-11 (1:11~++20200715043845+0e377e253c1-1~exp1) experimental; urgency=medium . [ Sylvestre Ledru ] * branching of snapshot into 11 . [ Samuel Thibault ] * debian/patches/hurd/hurd-EIEIO-undef.diff: Remove, upstreamed. * debian/patches/hurd/hurd-cxx-paths.diff: Remove, upstreamed. lxcfs (3.0.3-2+deb10u1) buster; urgency=medium . [ Kellen Renshaw ] * d/p/0001 : Fix a misreport of swap being fully used due to a computation error (Closes: #955499) lxml (4.3.2-1+deb10u4) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Cleaner: Prevent "@import" from re-occurring in the CSS after replacements, e.g. "@@importimport" (CVE-2021-43818) (Closes: #1001885) * Cleaner: Remove SVG image data URLs since they can embed script content (CVE-2021-43818) (Closes: #1001885) mailman (1:2.1.29-1+deb10u5) buster; urgency=medium . * Non-maintainer upload by the Security Team. * CSRF check for user tokens should not be case sensitive (Closes: #1001685) - The fix for CVE-2021-42097 requires that the user submitting a user options form match the user in the CSRF token submitted with the form, but the match is case sensitive and should not be. - There is also a potential NameError exception in logging a mismatch. mailman (1:2.1.29-1+deb10u4) buster; urgency=medium . * Non-maintainer upload by the Security Team. * Fix potential CSRF attack against a list admin from a list member or moderator (CVE-2021-44227) mailman (1:2.1.29-1+deb10u3) buster; urgency=medium . * Non-maintainer upload by the Security Team. * Potential XSS attack via the user options page (CVE-2021-43331) (Closes: #1000367) * A list moderator can crack the list admin password encrypted in a CSRF token (CVE-2021-43332) (Closes: #1000367) mailman (1:2.1.29-1+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fixed options login content injection vulnerability (CVE-2020-12108) * Fixed content injection vulnerability via the private login page (CVE-2020-15011) * Fix remote privilege escalation (CVE-2021-42096, CVE-2021-42097) mariadb-10.3 (1:10.3.34-0+deb10u1) buster; urgency=medium . * New upstream version 10.3.34. Includes security fixes for: - CVE-2021-46661 - CVE-2021-46663 - CVE-2021-46664 - CVE-2021-46665 - CVE-2021-46668 * Previous upstream version 10.3.33 included security fixes for: - CVE-2021-46659 - CVE-2022-24048 - CVE-2022-24050 - CVE-2022-24051 - CVE-2022-24052 * Previous upstream version 10.3.32 included security fixes for: - CVE-2021-35604 - CVE-2021-46662 - CVE-2021-46667 * Drop MIPS and libatomic patches applied now upstream * Upstream issue MDEV-25114 about Galera WSREP invalid state fixed (Closes: #989898) * Salsa-CI: Install latest archive keys to fix Jessie upgrade regression * Upstream version 10.3.33 was skipped as upstream pulled the release within a couple of days of release due to severe regression * Notable upstream functional changes in 10.3.33: - New default minimum value for innodb_buffer_pool_size is 20 MB (from 2 MB) mediawiki (1:1.31.16-1+deb10u2) buster-security; urgency=high . * Backport fix for CVE-2021-44858. This version is not vulnerable to CVE-2021-44857 nor CVE-2021-45038. minetest (0.4.17.1+repack-1+deb10u1) buster-security; urgency=high . * Fix CVE-2022-24300 and CVE-2022-24301: Several vulnerabilities have been discovered in Minetest. These issues may allow attackers to manipulate game mods and grant them an unfair advantage over other players. These flaws could also be abused for a denial of service attack or if user input is passed directly to minetest.deserialize without serializing it first, then a malicious user could run Lua code in the server environment. (Closes: #1004223) modsecurity-apache (2.9.3-1+deb10u1) buster-security; urgency=high . * Team upload * Fixed CVE-2021-42717 nbd (1:3.19-3+deb10u1) buster-security; urgency=medium . * Cherry-pick fixes for CVE-2022-26495 and CVE-2022-26496 from git master; Closes: #1006915. * Fix parsing of nbdtab in nbd-client; Closes: #1003863. neutron (2:13.0.7+git.2021.09.27.bace3d1890-0+deb10u1) buster-security; urgency=medium . * New upstream point release. - CVE-2021-40085: By supplying a specially crafted extra_dhcp_opts value, an authenticated user may add arbitrary configuration to the dnsmasq process in order to crash the service, change parameters for other tenants sharing the same interface, or otherwise alter that daemon's behavior. This vulnerability may also be used to trigger a configuration parsing buffer overflow in versions of dnsmasq prior to 2.81, which could lead to remote code execution. All Neutron deployments are affected. (Closes: #993398) * Add Add_a_healthcheck_URL.patch. * Removed patches applied upstream: - rootwrap-fix-for-neutron-fwaas.patch - CVE-2019-10876_rocky_fix_KeyError_in_OVS_firewall.patch - CVE-2019-9735_When_converting_sg_rules_to_iptables_do_not_emit_d....patch * Refreshed multiple patches. * Add the neccessary debconf stuff to stop modifying config files on upgrades. * Add patch: - revert-call-install_ingress_direct_goto_flows_when_ovs_restarts.patch node-getobject (0.1.0-2+deb10u1) buster; urgency=medium . * Team upload * Fix prototype pollution (Closes: CVE-2020-28282) nss (2:3.42.1-1+deb10u5) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Check for missing signedData field (CVE-2022-22747) nss (2:3.42.1-1+deb10u4) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Ensure DER encoded signatures are within size limits (CVE-2021-43527) openjdk-11 (11.0.14+9-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster openjdk-11 (11.0.13+8-1) unstable; urgency=medium . * OpenJDK 11.0.13+8 build (release). * Security fixes - JDK-8163326, CVE-2021-35550: Update the default enabled cipher suites preference - JDK-8254967, CVE-2021-35565: com.sun.net.HttpsServer spins on TLS session close - JDK-8263314: Enhance XML Dsig modes - JDK-8265167, CVE-2021-35556: Richer Text Editors - JDK-8265574: Improve handling of sheets - JDK-8265580, CVE-2021-35559: Enhanced style for RTF kit - JDK-8265776: Improve Stream handling for SSL - JDK-8266097, CVE-2021-35561: Better hashing support - JDK-8266103: Better specified spec values - JDK-8266109: More Resilient Classloading - JDK-8266115: More Manifest Jar Loading - JDK-8266137, CVE-2021-35564: Improve Keystore integrity - JDK-8266689, CVE-2021-35567: More Constrained Delegation - JDK-8267086: ArrayIndexOutOfBoundsException in java.security.KeyFactory.generatePublic - JDK-8267712: Better LDAP reference processing - JDK-8267729, CVE-2021-35578: Improve TLS client handshaking - JDK-8267735, CVE-2021-35586: Better BMP support - JDK-8268193: Improve requests of certificates - JDK-8268199: Correct certificate requests - JDK-8268205: Enhance DTLS client handshake - JDK-8268506: More Manifest Digests - JDK-8269618, CVE-2021-35603: Better session identification - JDK-8269624: Enhance method selection support - JDK-8270398: Enhance canonicalization - JDK-8270404: Better canonicalization * Remove patches applied upstream. openjdk-11 (11.0.13+8-1~deb11u1) bullseye-security; urgency=medium . * Rebuild for bullseye openjdk-11 (11.0.13+8-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security openjdk-11 (11.0.12+7-2) unstable; urgency=high . * OpenJDK 11.0.12+7 build (release). * Security fixes: - JDK-8256157: Improve bytecode assembly. - JDK-8256491: Better HTTP transport. - JDK-8258432, CVE-2021-2341: Improve file transfers. - JDK-8260453: Improve Font Bounding. - JDK-8260960: Signs of jarsigner signing. - JDK-8260967, CVE-2021-2369: Better jar file validation. - JDK-8262380: Enhance XML processing passes. - JDK-8262403: Enhanced data transfer. - JDK-8262410: Enhanced rules for zones. - JDK-8262477: Enhance String Conclusions. - JDK-8262967: Improve Zip file support. - JDK-8264066, CVE-2021-2388: Enhance compiler validation. - JDK-8264079: Improve abstractions. - JDK-8264460: Improve NTLM support. * Encode the early-access status into the package version. LP: #1934895. opensc (0.19.0-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * CVE-2019-15945: Out-of-bounds access of an ASN.1 Bitstring. (Closes: #939668) * CVE-2019-15946: Out-of-bounds access of an ASN.1 Octet string. (Closes: #939669) * CVE-2019-19479: Incorrect read operation in the Setec driver. (Closes: #947383) * CVE-2019-20792: Double free in the Coolkey driver. * CVE-2020-26570: Heap-based buffer overflow in the Oberthur driver. (Closes: #972037) * CVE-2020-26571: Stack-based buffer overflow in the GPK driver. (Closes: #972036) * CVE-2020-26572: Stack-based buffer overflow in the TCOS driver. (Closes: #972035) openscad (2019.01~RC2-2+deb10u1) buster; urgency=medium . * Fix buffer overflows in STL parser (CVE-2020-28599 and CVE-2020-28600) (Closes: #996020). openssl (1.1.1n-0+deb10u1) buster; urgency=medium . * New upstream version. - Add new symbols. openssl (1.1.1m-1) unstable; urgency=medium . * New upstream version. - Fix builds on kfreebsd (Closes: #993501). * Add arc, patch by Vineet Gupta (Closes: #989442). openssl (1.1.1m-0+deb11u1) bullseye; urgency=medium . * New upstream version. - Fix armv8 pointer authentication (Closes: #989604). openssl (1.1.1l-1) unstable; urgency=medium . * New upstream version. - CVE-2021-3711 (SM2 Decryption Buffer Overflow). - CVE-2021-3712 (Read buffer overruns processing ASN.1 strings). openssl (1.1.1k-1+deb11u2) bullseye-security; urgency=medium . * CVE-2022-0778 (Infinite loop in BN_mod_sqrt() reachable when parsing certificates). * CVE-2021-4160 (Carry propagation bug in the MIPS32 and MIPS64 squaring procedure.) openssl (1.1.1k-1+deb11u1) bullseye-security; urgency=medium . * CVE-2021-3711 (SM2 Decryption Buffer Overflow). * CVE-2021-3712 (Read buffer overruns processing ASN.1 strings). openssl (1.1.1k-1) unstable; urgency=medium . * New upstream version. - CVE-2021-3450 (CA certificate check bypass with X509_V_FLAG_X509_STRICT). - CVE-2021-3449 (NULL pointer deref in signature_algorithms processing). openssl (1.1.1j-1) unstable; urgency=medium . * New upstream version. - CVE-2021-23841 (NULL pointer deref in X509_issuer_and_serial_hash()). - CVE-2021-23840 (Possible overflow of the output length argument in EVP_CipherUpdate(), EVP_EncryptUpdate() and EVP_DecryptUpdate()). openssl (1.1.1i-3) unstable; urgency=medium . * Cherry-pick a patch from upstream to address #13931. * Enable LFS. Thanks to Dan Nicholson for debugging (Closes: #923479). openssl (1.1.1i-2) unstable; urgency=medium . * Apply two patches from upstream to address x509 related regressions. openssl (1.1.1i-1) unstable; urgency=medium . * New upstream version. - CVE-2020-1971 (EDIPARTYNAME NULL pointer de-reference). - Restore rejection of expired trusted (root) certificate (Closes: #976465). openssl (1.1.1h-1) unstable; urgency=medium . * New upstream version * Disable CAPI engine, it is designed for Windows. openssl (1.1.1g-1) unstable; urgency=medium . * New upstream version - CVE-2020-1967 (Segmentation fault in SSL_check_chain). openssl (1.1.1f-1) unstable; urgency=medium . * New upstream version - Revert the change of EOF detection to avoid regressions in applications. (Closes: #955442). openssl (1.1.1e-1) unstable; urgency=medium . * Use dh-compat level 12. * New upstream version - CVE-2019-1551 (Overflow in the x64_64 Montgomery squaring procedure), (Closes: #947949). * Update symbol list. * Update Standards-Version to 4.5.0. No changes required. * Add musl configurations (Closes: #941765). openssl (1.1.1d-2) unstable; urgency=medium . * Reenable AES-CBC-HMAC-SHA ciphers (Closes: #941987). openssl (1.1.1d-1) unstable; urgency=medium . * New upstream version - CVE-2019-1549 (Fixed a fork protection issue). - CVE-2019-1547 (Compute ECC cofactors if not provided during EC_GROUP construction). - CVE-2019-1563 (Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey). * Update symbol list openssl (1.1.1d-0+deb10u8) buster-security; urgency=medium . * Fix armv8 pointer authentication (Closes: #989604). * CVE-2022-0778 (Infinite loop in BN_mod_sqrt() reachable when parsing certificates). * CVE-2021-4160 (Carry propagation bug in the MIPS32 and MIPS64 squaring procedure.) php-illuminate-database (5.7.27-1+deb10u1) buster; urgency=medium . [ Robin Gustafsson ] * Security fix: Query Binding Exploitation (Closes: #980899) Fixes CVE-2021-21263 * Security fix: SQL injection with Microsoft SQL Server (Closes: #987848) . [ Thorsten Glaser ] * Update Maintainer, upload to oldstable as security fixpack php7.3 (7.3.31-1~deb10u1) buster-security; urgency=medium . * New upstream version 7.3.31 + CVE-2021-21706: ZipArchive::extractTo extracts outside of destination. * Backported from 7.4.25 + CVE-2021-21703: PHP-FPM oob R/W in root process leading to privilege escalation. phpliteadmin (1.9.7.1-2+deb10u1) buster; urgency=medium . * Fix CVE-2021-46709, an XSS issue with the num POST parameter pillow (5.4.1-2+deb10u3) buster-security; urgency=medium . * CVE-2022-22815 CVE-2022-22816 CVE-2022-22817 plib (1.8.5-8+deb10u1) buster; urgency=medium . * Prevent integer overflow in ssgLoadTGA() function. CVE-2021-38714 (Closes: #992973) policykit-1 (0.105-25+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) postgresql-11 (11.14-0+deb10u1) buster-security; urgency=medium . * New upstream security release. . + Make the server and libpq reject extraneous data after an SSL or GSS encryption handshake (Tom Lane) . A man-in-the-middle with the ability to inject data into the TCP connection could stuff some cleartext data into the start of a supposedly encryption-protected database session. . This could be abused to send faked SQL commands to the server, although that would only work if the server did not demand any authentication data. (However, a server relying on SSL certificate authentication might well not do so.) (CVE-2021-23214) . This could probably be abused to inject faked responses to the client's first few queries, although other details of libpq's behavior make that harder than it sounds. A different line of attack is to exfiltrate the client's password, or other sensitive data that might be sent early in the session. That has been shown to be possible with a server vulnerable to CVE-2021-23214. (CVE-2021-23222) . The PostgreSQL Project thanks Jacob Champion for reporting these problems. privoxy (3.0.28-2+deb10u2) buster; urgency=medium . * 53_CVE-2021-44540: get_url_spec_param(): Free memory of compiled pattern spec before bailing (CVE-2021-44540). * 56_CVE-2021-44543: cgi_error_no_template(): Encode the template name to prevent XSS (CVE-2021-44543). prosody (0.11.2-1+deb10u4) buster-security; urgency=medium . * CVE-2022-0217 fix memory leak (Closes: #1004173) * fix numbering of patches prosody (0.11.2-1+deb10u3) buster-security; urgency=medium . * fix for https://prosody.im/security/advisory_20220113/ CVE-2022-0217 publicsuffix (20211109.1735-0+deb10u1) buster; urgency=medium . * new upstream publicsuffix data publicsuffix (20210108.1309-1) unstable; urgency=medium . * new upstream version publicsuffix (20201215.0006-1) unstable; urgency=medium . * new upstream version publicsuffix (20200729.1725-1) unstable; urgency=medium . * new upstream version publicsuffix (20200627.1701-1) unstable; urgency=medium . * new upstream version publicsuffix (20200506.1625-1) unstable; urgency=medium . * new upstream version publicsuffix (20200424.0822-1) unstable; urgency=medium . * new upstream version publicsuffix (20200303.0012-1) unstable; urgency=medium . * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository, Repository-Browse. * new upstream version publicsuffix (20200201.2258-1) unstable; urgency=medium . * new upstream version publicsuffix (20191120.1745-1) unstable; urgency=medium . * new upstream version publicsuffix (20190925.1705-1) unstable; urgency=medium . * new upstream version publicsuffix (20190904.1802-1) unstable; urgency=medium . * new upstream version publicsuffix (20190723.1836-1) unstable; urgency=medium . * new upstream version publicsuffix (20190716.1812-1) unstable; urgency=medium . * debhelper: move to version 12 * standards-version: bump to 4.4.0 (no changes needed) * new upstream version publicsuffix (20190529.1825-1) unstable; urgency=medium . * new upstream version python-babel (2.6.0+dfsg.1-1+deb10u1) buster-security; urgency=medium . * CVE-2021-20095 (Closes: #987824) python-virtualenv (15.1.0+ds-2+deb10u1) buster; urgency=medium . * Avoid attempting to install pkg_resources from PyPI. (Closes: #994952) raptor2 (2.0.14-1.1~deb10u2) buster; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2020-25713 Malformed input file can lead to a segfault. redis (5:5.0.14-1+deb10u2) buster-security; urgency=high . * CVE-2022-0543: Prevent a Debian-specific Lua sandbox escape vulnerability. . This vulnerability existed because the Lua library in Debian is provided as a dynamic library. A "package" variable was automatically populated that in turn permitted access to arbitrary Lua functionality. As this extended to, for example, the "execute" function from the "os" module, an attacker with the ability to execute arbitrary Lua code could potentially execute arbitrary shell commands. . Thanks to Reginaldo Silva <https://www.ubercomp.com> for discovering and reporting this issue. (Closes: #1005787) redis (5:5.0.14-1+deb10u1) buster-security; urgency=high . * New upstream security release: . - CVE-2021-32762: Integer to heap buffer overflow issue in redis-cli and redis-sentinel parsing large multi-bulk replies on some older and less common platforms. . - CVE-2021-32687: Integer to heap buffer overflow with intsets, when set-max-intset-entries is manually configured to a non-default, very large value. . - CVE-2021-32675: Denial Of Service when processing RESP request payloads with a large number of elements on many connections. . - CVE-2021-32672: Random heap reading issue with Lua Debugger. . - CVE-2021-32628: Integer to heap buffer overflow handling ziplist-encoded data types, when configuring a large, non-default value for hash-max-ziplist-entries, hash-max-ziplist-value, zset-max-ziplist-entries or zset-max-ziplist-value. . - CVE-2021-32627: Integer to heap buffer overflow issue with streams, when configuring a non-default, large value for proto-max-bulk-len and client-query-buffer-limit. . - CVE-2021-32626: Specially crafted Lua scripts may result with Heap buffer overflow. . - CVE-2021-41099: Integer to heap buffer overflow handling certain string commands and network payloads, when proto-max-bulk-len is manually configured to a non-default, very large value. * Refresh patches. redis (5:5.0.7-7) unstable; urgency=medium . * Add a sleep to ensure that the redis server has started before running the autopkgtests. redis (5:5.0.7-7~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. * Don't use liblzf in buster-backports as it has not been backported (yet?). . redis (5:5.0.7-7) unstable; urgency=medium . * Add a sleep to ensure that the redis server has started before running the autopkgtests. . redis (5:5.0.7-6) unstable; urgency=medium . * No change sourceful upload to permit migration to testing. . redis (5:5.0.7-5) unstable; urgency=medium . * Ensure that the redis daemon is running prior to running the autopkgtests. . redis (5:5.0.7-4) unstable; urgency=medium . * Use the newly-package liblzf-dev package over the local version. (Closes: #958321) * Don't duplicate long description of the redis-server package in the metapackage. . redis (5:5.0.7-3~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. * Update debian/gbp.conf. . redis (5:5.0.7-3) unstable; urgency=medium . * Fix FTBFS with GCC 10. (Closes: #957751) * Refresh all patches. . redis (5:5.0.7-2) unstable; urgency=medium . [ Christian Göttsche ] * Update systemd service to reflect new names, etc. * Create directories in postinst with correct SELinux context. . [ Chris Lamb ] * Bump Standards-Version to 4.5.0. . [ David Prévot ] * Update long description to remove duplicate information. redis (5:5.0.7-6) unstable; urgency=medium . * No change sourceful upload to permit migration to testing. redis (5:5.0.7-5) unstable; urgency=medium . * Ensure that the redis daemon is running prior to running the autopkgtests. redis (5:5.0.7-4) unstable; urgency=medium . * Use the newly-package liblzf-dev package over the local version. (Closes: #958321) * Don't duplicate long description of the redis-server package in the metapackage. redis (5:5.0.7-3) unstable; urgency=medium . * Fix FTBFS with GCC 10. (Closes: #957751) * Refresh all patches. redis (5:5.0.7-2) unstable; urgency=medium . [ Christian Göttsche ] * Update systemd service to reflect new names, etc. * Create directories in postinst with correct SELinux context. . [ Chris Lamb ] * Bump Standards-Version to 4.5.0. . [ David Prévot ] * Update long description to remove duplicate information. redis (5:5.0.7-1) unstable; urgency=medium . * New upstream bugfix release. <https://groups.google.com/forum/#!topic/redis-db/LYBeXlUKU6c> * Bump Standards-Version to 4.4.1. * Run wrap-and-sort -sa. redis (5:5.0.7-1~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. . redis (5:5.0.7-1) unstable; urgency=medium . * New upstream bugfix release. <https://groups.google.com/forum/#!topic/redis-db/LYBeXlUKU6c> * Bump Standards-Version to 4.4.1. * Run wrap-and-sort -sa. redis (5:5.0.6-1) unstable; urgency=medium . * New upstream release. <https://groups.google.com/forum/#!topic/redis-db/qTRdgyEbyYU> * Specify "Rules-Requires-Root: no">. redis (5:5.0.6-1~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. . redis (5:5.0.6-1) unstable; urgency=medium . * New upstream release. <https://groups.google.com/forum/#!topic/redis-db/qTRdgyEbyYU> * Specify "Rules-Requires-Root: no">. redis (5:5.0.5-2) unstable; urgency=medium . * Sourceful upload to unstable to ensure testing migration. * Bump Standards-Version to 4.4.0. * Don't build release tags in gitlab-ci.yml. redis (5:5.0.5-2~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. * Update debian/gbp.conf. . redis (5:5.0.5-2) unstable; urgency=medium . * Sourceful upload to unstable to ensure testing migration. * Bump Standards-Version to 4.4.0. * Don't build release tags in gitlab-ci.yml. . redis (5:5.0.5-1) unstable; urgency=medium . * New upstream release. <https://groups.google.com/forum/#!topic/redis-db/jSAtf64lIW4> . redis (5:5.0.4-1) unstable; urgency=medium . * New upstream release. <https://groups.google.com/forum/#!topic/redis-db/aXusvS8da8g> redis (5:5.0.5-1) unstable; urgency=medium . * New upstream release. <https://groups.google.com/forum/#!topic/redis-db/jSAtf64lIW4> redis (5:5.0.4-1) unstable; urgency=medium . * New upstream release. <https://groups.google.com/forum/#!topic/redis-db/aXusvS8da8g> ros-ros-comm (1.14.3+ds1-5+deb10u3) buster; urgency=medium . * Add https://github.com/ros/ros_comm/pull/2186 (Fix CVE-2021-37146) roundcube (1.3.17+dfsg.1-1~deb10u2) buster-security; urgency=high . * Backport fix for CVE-2021-46144: Fix cross-site scripting (XSS) via HTML messages with malicious CSS content. (Closes: #1003027) roundcube (1.3.17+dfsg.1-1~deb10u1) buster-security; urgency=high . * New bugfix/security upstream release (closes: #1000156), with fixes for: + CVE-2021-44025: XSS issue in handling attachment filename extension in mimetype mismatch warning; and + CVE-2021-44026: possible SQL injection via some session variables. * Refresh d/patches. * Refresh d/upstream/signing-key.asc. * d/gbp.conf: Rename upstream branch to upstream/release-1.3. rsyslog (8.1901.0-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * CVE-2019-17041: Heap overflow in the AIX message parser. (Closes: #942067) * CVE-2019-17042: Heap overflow in the Cisco log message parser. (Closes: #942065) ruby-httpclient (2.8.3-3+deb10u1) buster; urgency=medium . * Add simple autopkgtest to check a basic SSL connection * Add patch to use the system certificate store (Closes: #995448) * debian/rules: remove embedded CA certificate store * Add dependency on ca-certificates ruby-httpclient (2.8.3-3) unstable; urgency=medium . [ Debian Janitor ] * Trim trailing whitespace. * Use secure copyright file specification URI. * debian/copyright: use spaces rather than tabs to start continuation lines. * Set debhelper-compat version in Build-Depends. * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository, Repository-Browse. * Update standards version to 4.5.0, no changes needed. * Remove MIA uploader Ryan Niebur <ryanryan52@gmail.com>. (Closes: #856376) . [ Utkarsh Gupta ] * Add salsa-ci.yml * Add patch to disable tests related to HTTP_PROXY and other related issues (proxy, et al) because LP builders don't like them! :D (Closes: #861456) ruby-kaminari (1.0.1-4+deb10u1) buster-security; urgency=high . * Non-maintainer upload. * Fix CVE-2020-11082: There is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. (Closes: #961847) ruby2.5 (2.5.5-3+deb10u4) buster-security; urgency=high . * Add patch to use File.open to fix the OS Command Injection vulnerability. (Fixes: CVE-2021-31799) * Add patch to fix StartTLS stripping vulnerability. (Fixes: CVE-2021-32066) * Add patch to ignore IP addresses in PASV responses by default. (Fixes: CVE-2021-31810) * Add length limit option for methods that parses date strings. (Fixes: CVE-2021-41817) * When parsing cookies, only decode the values. (Fixes: CVE-2021-41819) * Add patch to backport rexml upstream bug fixes. (Fixes: CVE-2021-28965) rust-cbindgen (0.20.0-1~deb10u2) buster; urgency=medium . * Non-maintainer upload. * Fix file timestamps from orig tarball by using a supported debhelper target in buster (execute_after_dh_* is not supported in dh 12.1). * debian/copyright: rename license paragraph to please lintian. rust-cbindgen (0.20.0-1~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport to buster. * Vendor dependencies, they are not available in buster. * Only build the cbindgen binary. * Lower dh-cargo build-dep. rust-cbindgen (0.19.0-1) experimental; urgency=medium . * Package cbindgen 0.19.0 from crates.io using debcargo 2.4.4-alpha.0 rust-cbindgen (0.18.0-1) experimental; urgency=medium . * Package cbindgen 0.18.0 from crates.io using debcargo 2.4.4-alpha.0 rust-cbindgen (0.17.0-4) unstable; urgency=medium . * Team upload. * Package cbindgen 0.17.0 from crates.io using debcargo 2.4.4 * Add test dependencies on gcc and g++ rust-cbindgen (0.17.0-3) unstable; urgency=medium . * Team upload. * Package cbindgen 0.17.0 from crates.io using debcargo 2.4.4 * Change build and test dependencies from cython to cython3 * Use cython3 for tests * Use tmpdir for tests rather than crate dir to fix permission denied errors. rust-cbindgen (0.17.0-2) unstable; urgency=medium . * Team upload. * Package cbindgen 0.17.0 from crates.io using debcargo 2.4.4 * Fix very old timestamps (Closes: #982130) * Remove old and broken override of debian/tests/control * Add cython to the autopkgtest dependencies too. * Mark test for no-features case as broken * Mark other testcases as not broken. rust-cbindgen (0.17.0-1) unstable; urgency=medium . * Package cbindgen 0.17.0 from crates.io using debcargo 2.4.4-alpha.0 (Closes: #982022) * Add cython to the build dep for the tests rust-cbindgen (0.15.0-1) unstable; urgency=medium . * Package cbindgen 0.15.0 from crates.io using debcargo 2.4.3 rust-cbindgen (0.14.6-1) unstable; urgency=medium . * Package cbindgen 0.14.6 from crates.io using debcargo 2.4.2 rust-cbindgen (0.14.4-1) unstable; urgency=medium . * Package cbindgen 0.14.4 from crates.io using debcargo 2.4.3 rustc-mozilla (1.51.0+dfsg1-1~deb10u2) buster; urgency=medium . * Non-maintainer upload. * stage0 build. + Use arm-unknown-linux-gnueabi target for armel. (This change was missed in the previous upload and is now implemented correctly.) * Disable build for windows targets (broken on i386) rustc-mozilla (1.51.0+dfsg1-1~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport to buster. * stage0 build. + Use arm-unknown-linux-gnueabi target for armel. * Disable wasm. * Reduce debugging symbols on i386 to avoid FTBFS due to OOM. * Use debhelper compat level 9 * Replace gcc-mingw-w64-x86-64-posix by gcc-mingw-w64-x86-64 s390-dasd (0.0.74~deb10u1) buster; urgency=medium . * Rebuild for buster. s390-dasd (0.0.73) unstable; urgency=medium . * Team upload . [ Updated translations ] * Finnish (fi.po) by Kimmo Kujansuu s390-dasd (0.0.72) unstable; urgency=medium . * Team upload . [ Updated translations ] * Lithuanian (lt.po) by Gediminas Murauskas s390-dasd (0.0.71) unstable; urgency=medium . * Team upload . [ Updated translations ] * Arabic (ar.po) by Fahim Sabah s390-dasd (0.0.70) unstable; urgency=medium . * Team upload . [ Updated translations ] * Lithuanian (lt.po) by Kornelijus TvarijanaviÄius s390-dasd (0.0.69) unstable; urgency=medium . * Team upload . [ Updated translations ] * Greek (el.po) by george k * Hindi (hi.po) by KushagraKarira * Kabyle (kab.po) by Selyan Sliman Amiri * Tamil (ta.po) by Vasudevan Tirumurti s390-dasd (0.0.68) unstable; urgency=medium . * Team upload . [ Philipp Kern ] * Remove myself from uploaders. . [ Updated translations ] * Occitan (oc.po) by Quentin PAGÈS s390-dasd (0.0.67) unstable; urgency=medium . * Team upload . [ Updated translations ] * Basque (eu.po) by Iñaki Larrañaga Murgoitio * Persian (fa.po) by Seyed Hany Hosseini * Norwegian Bokmal (nb.po) by Allan Nordhøy * Serbian (sr.po) by Filipovic Dragan . [ New translations ] * Kabyle (kab.po) by Slimane Selyan Amiri * Occitan (oc.po) by Quentin PAGÈS s390-dasd (0.0.66) unstable; urgency=medium . * Team upload . [ Updated translations ] * Marathi (mr.po) by Prachi Joshi s390-dasd (0.0.65) unstable; urgency=medium . * Team upload . [ Updated translations ] * Croatian (hr.po) by gogogogi * Portuguese (pt.po) by Miguel Figueiredo salt (2018.3.4+dfsg1-6+deb10u3) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix CVE-2020-28243 CVE-2020-28972 CVE-2020-35662 CVE-2021-3148 CVE-2021-3144 CVE-2021-25281 CVE-2021-25282 CVE-2021-25283 CVE-2021-25284 CVE-2021-3197, CVE-2021-31607 and CVE-2021-21996. Multiple security vulnerabilites have been discovered in Salt, a powerful remote execution manager, that allow for local privilege escalation on a minion, server side template injection attacks, insufficient checks for eauth credentials, shell and command injections or incorrect validation of SSL certificates. samba (2:4.9.5+dfsg-5+deb10u3) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Add patches for CVE-2021-44142 (Closes: #1004693) - CVE-2021-44142: libadouble: add defines for icon lengths - CVE-2021-44142: smbd: add Netatalk xattr used by vfs_fruit to the list of private Samba xattrs - CVE-2021-44142: libadouble: harden ad_unpack_xattrs() - vfs_fruit: CVE-2021-44142 tweak buffer size check - CVE-2021-44142: libadouble: harden parsing code samba (2:4.9.5+dfsg-5+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. . [ Salvatore Bonaccorso ] * CVE-2020-25722 Ensure the structural objectclass cannot be changed * CVE-2020-25722 dsdb: Restrict the setting of privileged attributes during LDAP add/modify * s3/auth: use set_current_user_info() in auth3_generate_session_info_pac() * selftest: Fix ktest usermap file * selftest/Samba3: replace (winbindd => "yes", skip_wait => 1) with (winbindd => "offline") * CVE-2020-25719 CVE-2020-25717: selftest: remove "gensec:require_pac" settings * CVE-2020-25717: s3:winbindd: make sure we default to r->out.authoritative = true * CVE-2020-25717: s4:auth/ntlm: make sure auth_check_password() defaults to r->out.authoritative = true * CVE-2020-25717: s4:torture: start with authoritative = 1 * CVE-2020-25717: s4:smb_server: start with authoritative = 1 * CVE-2020-25717: s4:auth_simple: start with authoritative = 1 * CVE-2020-25717: s3:ntlm_auth: start with authoritative = 1 * CVE-2020-25717: s3:torture: start with authoritative = 1 * CVE-2020-25717: s3:rpcclient: start with authoritative = 1 * CVE-2020-25717: s3:auth: start with authoritative = 1 * CVE-2020-25717: auth/ntlmssp: start with authoritative = 1 * CVE-2020-25717: loadparm: Add new parameter "min domain uid" * CVE-2020-25717: s3:auth: let auth3_generate_session_info_pac() forward the low level errors * CVE-2020-25717: s3:auth: Check minimum domain uid * CVE-2020-25717: s3:auth: we should not try to autocreate the guest account * CVE-2020-25717: s3:auth: no longer let check_account() autocreate local users * CVE-2020-25717: s3:auth: remove fallbacks in smb_getpwnam() * CVE-2020-25717: s3:auth: don't let create_local_token depend on !winbind_ping() * CVE-2020-25717: auth/gensec: always require a PAC in domain mode (DC or member) * CVE-2020-25717: s4:auth: remove unused auth_generate_session_info_principal() * CVE-2020-25717: s3:ntlm_auth: fix memory leaks in ntlm_auth_generate_session_info_pac() * CVE-2020-25717: s3:ntlm_auth: let ntlm_auth_generate_session_info_pac() base the name on the PAC LOGON_INFO only * CVE-2020-25717: s3:auth: let auth3_generate_session_info_pac() delegate everything to make_server_info_wbcAuthUserInfo() * CVE-2020-25717: selftest: configure 'ktest' env with winbindd and idmap_autorid * CVE-2020-25717: s3:auth: let auth3_generate_session_info_pac() reject a PAC in standalone mode * CVE-2020-25717: s3:auth: simplify get_user_from_kerberos_info() by removing the unused logon_info argument * CVE-2020-25717: s3:auth: simplify make_session_info_krb5() by removing unused arguments * lib: Add dom_sid_str_buf * CVE-2020-25717: idmap_nss: verify that the name of the sid belongs to the configured domain * CVE-2020-25717: s3:auth: Fallback to a SID/UID based mapping if the named based lookup fails * waf: install: Remove installation of PIDL and manpages. . [ Mathieu Parent ] * Drop libparse-pidl-perl package (Closes: #939419) samba (2:4.9.5+dfsg-5+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * gbp.conf: change debian-branch to buster-security, and merge-mode to merge * CVE-2019-10197: smbd: separate out impersonation debug info into a new function. * CVE-2019-10197: smbd: make sure that change_to_user_internal() always resets current_user.done_chdir. * CVE-2019-10197: smbd: make sure we reset current_user.{need,done}_chdir in become_root() * CVE-2019-10197: selftest: make fsrvp_share its own independent subdirectory. * CVE-2019-10197: test_smbclient_s3.sh: add regression test for the no permission on share root problem. * CVE-2019-10197: smbd: split change_to_user_impersonate() out of change_to_user_internal() sogo (4.0.7-1+deb10u2) buster-security; urgency=high . * [CVE-2021-33054] fixes validation of SAML message signatures (closes: #989479) sphinxsearch (2.2.11-2+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2020-29050 Fix for arbitrary file reads by scattered file snippets spip (3.2.4-1+deb10u7) buster-security; urgency=high . * Backport security fix from 3.2.14 - arbitrary PHP code execution spip (3.2.4-1+deb10u6) buster; urgency=medium . * Document CVE fixed previously * Backport security fixes (XSS) from 3.2.13 spip (3.2.4-1+deb10u5) buster-security; urgency=high . * Backport security fixes from 3.2.12 - SQL injections, remote code execution, XSS squashfs-tools (1:4.3-12+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * unsquashfs: use squashfs_closedir() to delete directory * unsquashfs: dynamically allocate name * unsquashfs: use linked list to store directory names * Unsquashfs: additional write outside destination directory exploit fix (CVE-2021-41072) (Closes: #994262) * Unsquashfs: Add makefile entry for unsquash-12.o strongswan (5.7.2-1+deb10u2) buster-security; urgency=medium . * gbp.conf: revert upstream branch name change for now * eap-authenticator: Enforce failure if MSK generation fails - Fix incorrect handling of Early EAP-Success Messages (CVE-2021-45079) strongswan (5.7.2-1+deb10u1) buster-security; urgency=medium . * Reject RSASSA-PSS params with negative salt length - fix remote denial of service (CVE-2021-41990) * Prevent crash due to integer overflow / sign change - fix remote denial of service (CVE-2021-41991) * d/gbp.conf: track buster-security branches tiff (4.1.0+git191117-2~deb10u3) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * TIFFTAG_PREDICTOR is not supported for WebP (CVE-2020-19143) tomcat9 (9.0.31-1~deb10u6) buster-security; urgency=high . * Team upload. * CVE-2021-30640: Fix NullPointerException. If no userRoleAttribute is specified in the user's Realm configuration its default value will be null. This will cause a NPE in the methods doFilterEscaping and doAttributeValueEscaping. This is upstream bug https://bz.apache.org/bugzilla/show_bug.cgi?id=65308 * Fix CVE-2021-41079: Apache Tomcat did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service. tryton-proteus (5.0.1-3+deb10u1) buster-security; urgency=high . * This release contains fixes for XML parsing vulnerabilities: https://discuss.tryton.org/t/security-release-for-issue11219-and-issue11244/5059 https://bugs.tryton.org/issue11219 (CVE-2022-26661) https://bugs.tryton.org/issue11244 (CVE-2022-26662) tryton-server (5.0.4-2+deb10u1) buster-security; urgency=high . * This release contains fixes for XML parsing vulnerabilities: https://discuss.tryton.org/t/security-release-for-issue11219-and-issue11244/5059 https://bugs.tryton.org/issue11219 (CVE-2022-26661) https://bugs.tryton.org/issue11244 (CVE-2022-26662) tzdata (2021a-0+deb10u3) buster; urgency=medium . * Cherry-pick patches from tzdata-2021d and tzdata-2021e: - 04-fiji-dst.patch: Fiji suspends DST for the 2021/2022 season. - 05-palestine-dst.patch: Palestine will fall back 2021-10-29 (not 2021-10-30) at 01:00. uriparser (0.9.1-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * UriNormalize.c: Fix .hostText copying in uriMakeOwnerEngine (CVE-2021-46141) * UriParse.c: Adjust uriFreeUriMembers* to fixed uriMakeOwner* behavior (CVE-2021-46141) * UriNormalize.c: Fix handling of empty segments in uriPreventLeakage (CVE-2021-46142) usbview (2.0-21-g6fe2f4f-2+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix authorization for inactive or arbitrary other users (CVE-2022-23220) * Pass on the command line parameters to GTK only if not invoked via pkexec varnish (6.1.1-1+deb10u3) buster-security; urgency=medium . * Apply upstream patch to fix: VSV00008 Varnish HTTP/1 Request Smuggling Vulnerability (CVE-2022-23959). (Closes: #1004433) varnish (6.1.1-1+deb10u2) buster-security; urgency=medium . * Apply upstream patch from the 6.0.x TLS branch to fix VSV00007: Varnish HTTP/2 Request Smuggling Attack (CVE-2021-36740). (Closes: #991040) vim (2:8.1.0875-5+deb10u2) buster; urgency=medium . * Revert unintentional inclusion of v8.2.3489, which is only relevant to Vim 8.2.3110 and later. vim (2:8.1.0875-5+deb10u1) buster; urgency=medium . * Change gbp.conf and salsa config to use buster * Backport 8.1.0881 and 8.1.0883 to fix CVE-2019-20807 + 8.1.0881: can execute shell commands in rvim through interfaces + 8.1.0883: missing some changes for Ex commands * Backport patches 8.1.0936, 8.2.3402, and 8.2.3403 to fix CVE-2021-3770 (Closes: #994076) + 8.1.0936: may leak memory when using 'vartabstop' + 8.2.3402: invalid memory access when using :retab with large value + 8.2.3403: memory leak for :retab with invalid argument * Backport v8.2.3409 to fix CVE-2021-3778 (Closes: #994498) + 8.2.3409: reading beyond end of line with invalid utf-8 character * Backport v8.2.3428 to fix CVE-2021-3796 (Closes: #994497) + 8.2.3428: using freed memory when replacing * Backport v8.2.3489 to fix CVE-2021-3875 (Closes: #996593) + 8.2.3489: ml_get error after search with range wavpack (5.1.0-6+deb10u1) buster; urgency=medium . * debian/patches: Cherry-pick upstream patches to fix use of uninitialized values. (CVE-2019-1010317, CVE-2019-1010319) (Closes: #932060, #932061) * debian/gbp.conf: Switch to buster branch webkit2gtk (2.34.6-1~deb10u1) buster-security; urgency=high . * Rebuild for buster-security. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev, libmanette-0.2-dev and liblcms2-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. + Switch build dependencies on libgl-dev and libgles-dev with libgl1-mesa-dev and libgles2-mesa-dev. * Downgrade xdg-desktop-portal-gtk from a recommendation to a suggestion (See #989307) * debian/rules: + Build with -DENABLE_GAMEPAD=OFF -DUSE_LCMS=OFF. * Set the debhelper compatibility level back to 10. This fixes a dh_dwz error ".debug_info section not present" - Add debian/compat file. - Update build dependency on debhelper. webkit2gtk (2.34.5-1) unstable; urgency=high . * New upstream release. + Fixes CVE-2022-22589, CVE-2022-22590 and CVE-2022-22592. webkit2gtk (2.34.4-1) unstable; urgency=high . * New upstream release. * Set the debhelper compatibility level to 12: - Get rid of debian/compat. - Add build dependency on debhelper-compat. * debian/rules: - Stop using --builddirectory=build, .gir files no longer seem to contain references to the build directory (see the 2.27.90-1 entry for more details). * debian/copyright: + Update copyright years. webkit2gtk (2.34.4-1~deb11u1) bullseye-security; urgency=high . * Rebuild for bullseye-security. - Fixes CVE-2021-30934, CVE-2021-30936, CVE-2021-30951, CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30984. webkit2gtk (2.34.4-1~deb10u1) buster-security; urgency=high . * Rebuild for buster-security. - Fixes CVE-2021-30934, CVE-2021-30936, CVE-2021-30951, CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30984. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev, libmanette-0.2-dev and liblcms2-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. + Switch build dependencies on libgl-dev and libgles-dev with libgl1-mesa-dev and libgles2-mesa-dev. * Downgrade xdg-desktop-portal-gtk from a recommendation to a suggestion (See #989307) * debian/rules: + Build with -DENABLE_GAMEPAD=OFF -DUSE_LCMS=OFF. * Set the debhelper compatibility level back to 10. This fixes a dh_dwz error ".debug_info section not present" - Add debian/compat file. - Update build dependency on debhelper. webkit2gtk (2.34.3-1) unstable; urgency=high . [ Alberto Garcia ] * New upstream release. * The WebKitGTK security advisory WSA-2021-0007 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2021-30809, CVE-2021-30836 (fixed in 2.32.4). + CVE-2021-30818, CVE-2021-30823, CVE-2021-30884, CVE-2021-30888, CVE-2021-30889, CVE-2021-30897 (fixed in 2.34.0). + CVE-2021-30887, CVE-2021-30890 (fixed in 2.34.3). . [ Sebastien Bacher ] * debian/rules: + Explicitly disable lto since when it's on the build is failing, that doesn't impact Debian by default but is an issue on Ubuntu. (Closes: #1000598) + Don't recommend xdg-desktop-portal-gtk on Ubuntu i386, it's a partial architecture and the binary doesn't exist (Closes: #1000599). webkit2gtk (2.34.3-1~deb11u1) bullseye-security; urgency=high . * Rebuild for bullseye-security. + Fixes CVE-2021-30887, CVE-2021-30890. webkit2gtk (2.34.3-1~deb10u1) buster-security; urgency=high . * Rebuild for buster-security. + Fixes CVE-2021-30887, CVE-2021-30890. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev, libmanette-0.2-dev and liblcms2-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. + Switch build dependencies on libgl-dev and libgles-dev with libgl1-mesa-dev and libgles2-mesa-dev. * Downgrade xdg-desktop-portal-gtk from a recommendation to a suggestion (See #989307) * debian/rules: + Build with -DENABLE_GAMEPAD=OFF -DUSE_LCMS=OFF. webkit2gtk (2.34.2-1) unstable; urgency=medium . * New upstream release. webkit2gtk (2.34.2-1~bpo11+1) bullseye-backports; urgency=medium . * Rebuild for bullseye-backports. webkit2gtk (2.34.1-1) unstable; urgency=high . [ Alberto Garcia ] * New upstream release. * debian/rules: + Build with -O1 in sh3 and sh4 (Closes: #995717). * debian/copyright: + Update copyright information of all files. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. * debian/libwebkit2gtk-4.0-37.lintian-overrides: + Override library-not-linked-against-libc. * debian/source/lintian-overrides: + Update source-is-missing overrides. * debian/control: + Update Standards-Version to 4.6.0.1 (no changes). . [ Sebastien Bacher ] * debian/control, debian/rules: + handle gstreamer1.0-plugins-bad with the same Ubuntu override than libav, it's also in universe (Closes: #995166). webkit2gtk (2.34.1-1~deb11u1) bullseye-security; urgency=high . * Rebuild for bullseye-security. + Fixes CVE-2021-30846, CVE-2021-30851 and CVE-2021-42762. webkit2gtk (2.34.1-1~deb10u1) buster-security; urgency=high . * Rebuild for buster-security. + Fixes CVE-2021-30846, CVE-2021-30851 and CVE-2021-42762. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev, libmanette-0.2-dev and liblcms2-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. + Switch build dependencies on libgl-dev and libgles-dev with libgl1-mesa-dev and libgles2-mesa-dev. * Downgrade xdg-desktop-portal-gtk from a recommendation to a suggestion (See #989307) * debian/rules: + Build with -DENABLE_GAMEPAD=OFF -DUSE_LCMS=OFF. webkit2gtk (2.34.0-1) unstable; urgency=medium . * New upstream release. * Bring all changes from the 2.33 (experimental) branch. * debian/rules: + Build with -DUSE_SOUP2=ON. * debian/control: + Add build dependency on liblcms2-dev (bug #880697). + Remove the dummy libwebkit2gtk-4.0-37-gtk2 package. * debian/copyright: + Update copyright information of all files. * debian/gbp.conf: + Update upstream branch name. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. * debian/source/lintian-overrides: + Update source-is-missing overrides. * Refresh all patches. webkit2gtk (2.34.0-1~bpo11+1) bullseye-backports; urgency=medium . * Rebuild for bullseye-backports. . webkit2gtk (2.34.0-1) unstable; urgency=medium . * New upstream release. * Bring all changes from the 2.33 (experimental) branch. * debian/rules: + Build with -DUSE_SOUP2=ON. * debian/control: + Add build dependency on liblcms2-dev (bug #880697). + Remove the dummy libwebkit2gtk-4.0-37-gtk2 package. * debian/copyright: + Update copyright information of all files. * debian/gbp.conf: + Update upstream branch name. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. * debian/source/lintian-overrides: + Update source-is-missing overrides. * Refresh all patches. webkit2gtk (2.33.91-1) experimental; urgency=medium . * New upstream development release. * debian/source/lintian-overrides: + Update source-is-missing override. webkit2gtk (2.33.90-1) experimental; urgency=medium . * New upstream development release. * Refresh all patches and drop debian/patches/fix-gtkdoc-build. * debian/copyright: + Update copyright information of all files. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. * debian/source/lintian-overrides: + Update source-is-missing override. webkit2gtk (2.33.3-1) experimental; urgency=medium . * New upstream development release. * Refresh all patches. * debian/patches/fix-gtkdoc-build.patch: + Fix gtk-doc build (WebKit bug #229152). * debian/control: + Remove the dummy libwebkit2gtk-4.0-37-gtk2 package. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. * debian/source/lintian-overrides: + Update source-is-missing override. webkit2gtk (2.33.2-1) experimental; urgency=medium . * New upstream development release. * Update fix-ftbfs-m68k.patch and drop fix-mips-page-size.patch. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. * debian/copyright: + Update copyright information of all files. webkit2gtk (2.33.1-1) experimental; urgency=medium . * New upstream development release. * debian/patches/fix-ftbfs-m68k.patch: + Compile BytecodeGenerator.cpp without optimizations on m68k and sh4, otherwise the build fails due to gcc bugs. * debian/watch, debian/gbp.conf: + Update for 2.33.x packages in experimental. * Refresh all patches. * debian/rules: + Build with -DUSE_SOUP2=ON. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. * debian/copyright: + Update copyright information of all files. * debian/control: + Add build dependency on liblcms2-dev (Closes: #880697). * debian/source/lintian-overrides: + Update source-is-missing override. webkit2gtk (2.32.4-1) unstable; urgency=high . * New upstream release. * debian/source/lintian-overrides: + Update source-is-missing overrides. webkit2gtk (2.32.4-1~deb11u1) bullseye-security; urgency=high . * Rebuild for bullseye-security. + Fixes CVE-2021-30858. weechat (2.3-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * CVE-2020-8955: A crafted irc message 324 (channel mode) could result in a crash. (Closes: #951289) * CVE-2020-9759: A crafted irc message 352 (who) could result in a crash. * CVE-2020-9760: A crafted irc message 005 (setting a new mode for a nick) could result in a crash. * CVE-2021-40516: A crafted WebSocket frame could result in a crash in the Relay plugin. (Closes: #993803) wireshark (2.6.20-0+deb10u3) buster; urgency=medium . * Non-maintainer upload. * CVE-2021-22207: Excessive memory consumption in the MS-WSP dissector. (Closes: #987853) * CVE-2021-22235: Crash in the DNP dissector. * CVE-2021-39921: NULL pointer exception in the Modbus dissector. * CVE-2021-39922: Buffer overflow in the C12.22 dissector. * CVE-2021-39923: Large loop in the PNRP dissector. * CVE-2021-39924: Large loop in the Bluetooth DHT dissector. * CVE-2021-39928: NULL pointer exception in the IEEE 802.11 dissector. * CVE-2021-39929: Uncontrolled Recursion in the Bluetooth DHT dissector. wireshark (2.6.20-0+deb10u2) buster-security; urgency=medium . * debian/watch: Get upstream releases from gitlab * debian/rules: Ignore failing tests on architectures where Lua tests are failing * Fix buffer overflow in the Bluetooth SDP dissector (CVE-2021-39925) * debian/gitlab-ci.yml: Test against buster wordpress (5.0.15+dfsg1-0+deb10u1) buster-security; urgency=high . * Upstream security release Closes: #1003243 - CVE-2022-21662 - Stored XSS through authenticated users - CVE-2022-21663 - Authenticated Object Injection in Multisites - CVE-2022-21661 - WordPress: SQL Injection through WP_Query - CVE-2022-21664 - SQL injection due to improper sanitization in WP_Meta_Query wordpress (5.0.14+dfsg1-0+deb10u1) buster-security; urgency=high . * Security release, fixes 1 bug: - CVE-2021-39201 - XSS in editor Closes: #994059 xorg-server (2:1.20.4-1+deb10u4) buster-security; urgency=high . * record: Fix out of bounds access in SwapCreateRegister() [CVE-2021-4011] * xfixes: Fix out of bounds access in *ProcXFixesCreatePointerBarrier() [CVE-2021-4009] * Xext: Fix out of bounds access in SProcScreenSaverSuspend() [CVE-2021-4010] * render: Fix out of bounds access in SProcRenderCompositeGlyphs() [CVE-2021-4008] xterm (344-1+deb10u2) buster; urgency=medium . * Cherry-pick sixel graphics fixes from xterm 370d and 370f. - Check for out-of-bounds condition while drawing sixels, and quit that operation (report by Nick Black (CVE-2022-24130), Closes: #1004689). zsh (5.7.1-1+deb10u1) buster-security; urgency=high . * [5931be85] Cherry-pick zsh 5.8.1 fixes for CVE-2021-45444 for Buster. * [1894b185] Update CVE-2021-45444 patches to fit NEWS, README and ChangeLog of the 5.7.1 upstream release. * [42c0fa26] Install new Etc/CVE-2021-45444-VCS_Info-workaround.patch into zsh-doc. It is not relevant for Debian's package but gives hints about CVE-2021-45444 mitigations on other platforms which aren't updated yet. * [ce21df9c] Update cherry-pick-CVE-2021-45444_2.patch to use a file name without blanks as actually used in the final 5.8.1 release. zziplib (0.13.62-3.2+deb10u1) buster; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2020-18442 Because of mishandling a return value, an attacker might cause a denial of service due to an infinite loop. ======================================== Sat, 09 Oct 2021 - Debian 10.11 released ======================================== ========================================================================= [Date: Sat, 09 Oct 2021 10:11:29 -0000] [ftpmaster: Mark Hymers] Removed the following packages from oldstable: linux-headers-4.19.0-16-all-amd64 | 4.19.181-1 | amd64 linux-headers-4.19.0-16-amd64 | 4.19.181-1 | amd64 linux-headers-4.19.0-16-cloud-amd64 | 4.19.181-1 | amd64 linux-headers-4.19.0-16-rt-amd64 | 4.19.181-1 | amd64 linux-image-4.19.0-16-amd64-dbg | 4.19.181-1 | amd64 linux-image-4.19.0-16-amd64-unsigned | 4.19.181-1 | amd64 linux-image-4.19.0-16-cloud-amd64-dbg | 4.19.181-1 | amd64 linux-image-4.19.0-16-cloud-amd64-unsigned | 4.19.181-1 | amd64 linux-image-4.19.0-16-rt-amd64-dbg | 4.19.181-1 | amd64 linux-image-4.19.0-16-rt-amd64-unsigned | 4.19.181-1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 Oct 2021 10:11:37 -0000] [ftpmaster: Mark Hymers] Removed the following packages from oldstable: linux-headers-4.19.0-16-all-mipsel | 4.19.181-1 | mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 Oct 2021 10:11:46 -0000] [ftpmaster: Mark Hymers] Removed the following packages from oldstable: ata-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el btrfs-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el cdrom-core-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el compress-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el crc-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el crypto-dm-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el crypto-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el event-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el ext4-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el fancontrol-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el fat-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el fb-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el firewire-core-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el fuse-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el hypervisor-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el i2c-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el input-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el isofs-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el jfs-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el kernel-image-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el linux-headers-4.19.0-16-all-ppc64el | 4.19.181-1 | ppc64el linux-headers-4.19.0-16-powerpc64le | 4.19.181-1 | ppc64el linux-image-4.19.0-16-powerpc64le | 4.19.181-1 | ppc64el linux-image-4.19.0-16-powerpc64le-dbg | 4.19.181-1 | ppc64el loop-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el md-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el mouse-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el mtd-core-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el multipath-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el nbd-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el nic-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el nic-shared-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el nic-usb-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el nic-wireless-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el ppp-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el sata-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el scsi-core-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el scsi-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el scsi-nic-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el serial-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el squashfs-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el udf-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el uinput-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el usb-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el usb-serial-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el usb-storage-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el xfs-modules-4.19.0-16-powerpc64le-di | 4.19.181-1 | ppc64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 Oct 2021 10:11:54 -0000] [ftpmaster: Mark Hymers] Removed the following packages from oldstable: btrfs-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x cdrom-core-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x compress-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x crc-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x crypto-dm-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x crypto-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x dasd-extra-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x dasd-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x ext4-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x fat-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x fuse-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x isofs-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x kernel-image-4.19.0-16-s390x-di | 4.19.181-1 | s390x linux-headers-4.19.0-16-all-s390x | 4.19.181-1 | s390x linux-headers-4.19.0-16-s390x | 4.19.181-1 | s390x linux-image-4.19.0-16-s390x | 4.19.181-1 | s390x linux-image-4.19.0-16-s390x-dbg | 4.19.181-1 | s390x loop-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x md-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x mtd-core-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x multipath-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x nbd-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x nic-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x scsi-core-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x scsi-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x udf-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x xfs-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x zlib-modules-4.19.0-16-s390x-di | 4.19.181-1 | s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 Oct 2021 10:12:11 -0000] [ftpmaster: Mark Hymers] Removed the following packages from oldstable: linux-headers-4.19.0-16-all | 4.19.181-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 Oct 2021 10:12:19 -0000] [ftpmaster: Mark Hymers] Removed the following packages from oldstable: linux-headers-4.19.0-16-all-arm64 | 4.19.181-1 | arm64 linux-headers-4.19.0-16-arm64 | 4.19.181-1 | arm64 linux-headers-4.19.0-16-rt-arm64 | 4.19.181-1 | arm64 linux-image-4.19.0-16-arm64-dbg | 4.19.181-1 | arm64 linux-image-4.19.0-16-arm64-unsigned | 4.19.181-1 | arm64 linux-image-4.19.0-16-rt-arm64-dbg | 4.19.181-1 | arm64 linux-image-4.19.0-16-rt-arm64-unsigned | 4.19.181-1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 Oct 2021 10:12:26 -0000] [ftpmaster: Mark Hymers] Removed the following packages from oldstable: btrfs-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel cdrom-core-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel compress-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel crc-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel crypto-dm-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel crypto-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel event-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel ext4-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel fat-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel fb-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel fuse-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel input-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel ipv6-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel isofs-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel jffs2-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel jfs-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel kernel-image-4.19.0-16-marvell-di | 4.19.181-1 | armel leds-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel linux-headers-4.19.0-16-all-armel | 4.19.181-1 | armel linux-headers-4.19.0-16-marvell | 4.19.181-1 | armel linux-headers-4.19.0-16-rpi | 4.19.181-1 | armel linux-image-4.19.0-16-marvell | 4.19.181-1 | armel linux-image-4.19.0-16-marvell-dbg | 4.19.181-1 | armel linux-image-4.19.0-16-rpi | 4.19.181-1 | armel linux-image-4.19.0-16-rpi-dbg | 4.19.181-1 | armel loop-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel md-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel minix-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel mmc-core-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel mmc-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel mouse-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel mtd-core-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel mtd-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel multipath-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel nbd-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel nic-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel nic-shared-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel nic-usb-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel ppp-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel sata-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel scsi-core-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel squashfs-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel udf-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel uinput-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel usb-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel usb-serial-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel usb-storage-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel zlib-modules-4.19.0-16-marvell-di | 4.19.181-1 | armel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 Oct 2021 10:12:33 -0000] [ftpmaster: Mark Hymers] Removed the following packages from oldstable: ata-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf btrfs-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf cdrom-core-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf compress-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf crc-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf crypto-dm-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf crypto-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf efi-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf event-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf ext4-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf fat-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf fb-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf fuse-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf i2c-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf input-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf isofs-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf jfs-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf kernel-image-4.19.0-16-armmp-di | 4.19.181-1 | armhf leds-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf linux-headers-4.19.0-16-all-armhf | 4.19.181-1 | armhf linux-headers-4.19.0-16-armmp | 4.19.181-1 | armhf linux-headers-4.19.0-16-armmp-lpae | 4.19.181-1 | armhf linux-headers-4.19.0-16-rt-armmp | 4.19.181-1 | armhf linux-image-4.19.0-16-armmp | 4.19.181-1 | armhf linux-image-4.19.0-16-armmp-dbg | 4.19.181-1 | armhf linux-image-4.19.0-16-armmp-lpae | 4.19.181-1 | armhf linux-image-4.19.0-16-armmp-lpae-dbg | 4.19.181-1 | armhf linux-image-4.19.0-16-rt-armmp | 4.19.181-1 | armhf linux-image-4.19.0-16-rt-armmp-dbg | 4.19.181-1 | armhf loop-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf md-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf mmc-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf mtd-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf multipath-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf nbd-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf nic-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf nic-shared-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf nic-usb-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf nic-wireless-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf pata-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf ppp-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf sata-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf scsi-core-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf scsi-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf scsi-nic-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf squashfs-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf udf-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf uinput-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf usb-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf usb-serial-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf usb-storage-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf zlib-modules-4.19.0-16-armmp-di | 4.19.181-1 | armhf ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 Oct 2021 10:12:40 -0000] [ftpmaster: Mark Hymers] Removed the following packages from oldstable: linux-headers-4.19.0-16-686 | 4.19.181-1 | i386 linux-headers-4.19.0-16-686-pae | 4.19.181-1 | i386 linux-headers-4.19.0-16-all-i386 | 4.19.181-1 | i386 linux-headers-4.19.0-16-rt-686-pae | 4.19.181-1 | i386 linux-image-4.19.0-16-686-dbg | 4.19.181-1 | i386 linux-image-4.19.0-16-686-pae-dbg | 4.19.181-1 | i386 linux-image-4.19.0-16-686-pae-unsigned | 4.19.181-1 | i386 linux-image-4.19.0-16-686-unsigned | 4.19.181-1 | i386 linux-image-4.19.0-16-rt-686-pae-dbg | 4.19.181-1 | i386 linux-image-4.19.0-16-rt-686-pae-unsigned | 4.19.181-1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 Oct 2021 10:12:47 -0000] [ftpmaster: Mark Hymers] Removed the following packages from oldstable: linux-headers-4.19.0-16-all-mips | 4.19.181-1 | mips ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 Oct 2021 10:12:58 -0000] [ftpmaster: Mark Hymers] Removed the following packages from oldstable: affs-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel btrfs-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel cdrom-core-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel compress-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel crc-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel crypto-dm-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel crypto-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel event-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel ext4-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel fat-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel fuse-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel hfs-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel input-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel isofs-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel jfs-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel kernel-image-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel linux-headers-4.19.0-16-5kc-malta | 4.19.181-1 | mips, mips64el, mipsel linux-headers-4.19.0-16-octeon | 4.19.181-1 | mips, mips64el, mipsel linux-image-4.19.0-16-5kc-malta | 4.19.181-1 | mips, mips64el, mipsel linux-image-4.19.0-16-5kc-malta-dbg | 4.19.181-1 | mips, mips64el, mipsel linux-image-4.19.0-16-octeon | 4.19.181-1 | mips, mips64el, mipsel linux-image-4.19.0-16-octeon-dbg | 4.19.181-1 | mips, mips64el, mipsel loop-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel md-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel minix-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel multipath-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel nbd-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel nic-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel nic-shared-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel nic-usb-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel nic-wireless-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel pata-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel ppp-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel rtc-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel sata-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel scsi-core-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel scsi-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel scsi-nic-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel sound-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel squashfs-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel udf-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel usb-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel usb-serial-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel usb-storage-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel xfs-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel zlib-modules-4.19.0-16-octeon-di | 4.19.181-1 | mips, mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 Oct 2021 10:13:09 -0000] [ftpmaster: Mark Hymers] Removed the following packages from oldstable: affs-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel ata-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel btrfs-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel cdrom-core-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel compress-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel crc-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel crypto-dm-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel crypto-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel event-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel ext4-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel fat-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel fb-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel fuse-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel hfs-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel i2c-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel input-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel isofs-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel jfs-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel kernel-image-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel linux-headers-4.19.0-16-4kc-malta | 4.19.181-1 | mips, mipsel linux-image-4.19.0-16-4kc-malta | 4.19.181-1 | mips, mipsel linux-image-4.19.0-16-4kc-malta-dbg | 4.19.181-1 | mips, mipsel loop-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel md-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel minix-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel mmc-core-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel mmc-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel mouse-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel mtd-core-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel multipath-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel nbd-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel nic-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel nic-shared-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel nic-usb-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel nic-wireless-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel pata-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel ppp-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel sata-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel scsi-core-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel scsi-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel scsi-nic-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel sound-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel squashfs-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel udf-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel usb-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel usb-serial-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel usb-storage-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel xfs-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel zlib-modules-4.19.0-16-4kc-malta-di | 4.19.181-1 | mips, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 Oct 2021 10:13:17 -0000] [ftpmaster: Mark Hymers] Removed the following packages from oldstable: affs-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el ata-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el btrfs-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el cdrom-core-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el compress-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el crc-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el crypto-dm-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el crypto-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el event-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el ext4-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el fat-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el fb-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el fuse-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el hfs-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el i2c-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el input-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el isofs-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el jfs-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el kernel-image-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el linux-headers-4.19.0-16-all-mips64el | 4.19.181-1 | mips64el loop-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el md-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el minix-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el mmc-core-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el mmc-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el mouse-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el mtd-core-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el multipath-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el nbd-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el nic-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el nic-shared-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el nic-usb-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el nic-wireless-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el pata-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el ppp-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el sata-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el scsi-core-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el scsi-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el scsi-nic-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el sound-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el squashfs-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el udf-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el usb-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el usb-serial-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el usb-storage-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el xfs-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el zlib-modules-4.19.0-16-5kc-malta-di | 4.19.181-1 | mips64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 Oct 2021 10:13:24 -0000] [ftpmaster: Mark Hymers] Removed the following packages from oldstable: affs-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel ata-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel btrfs-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel cdrom-core-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel compress-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel crc-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel crypto-dm-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel crypto-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel event-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel ext4-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel fat-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel fb-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel firewire-core-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel fuse-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel hfs-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel input-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel isofs-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel jfs-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel kernel-image-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel linux-headers-4.19.0-16-loongson-3 | 4.19.181-1 | mips64el, mipsel linux-image-4.19.0-16-loongson-3 | 4.19.181-1 | mips64el, mipsel linux-image-4.19.0-16-loongson-3-dbg | 4.19.181-1 | mips64el, mipsel loop-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel md-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel minix-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel mtd-core-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel multipath-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel nbd-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel nfs-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel nic-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel nic-shared-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel nic-usb-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel nic-wireless-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel pata-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel ppp-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel sata-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel scsi-core-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel scsi-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel scsi-nic-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel sound-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel speakup-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel squashfs-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel udf-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel usb-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel usb-serial-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel usb-storage-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel xfs-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel zlib-modules-4.19.0-16-loongson-3-di | 4.19.181-1 | mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 Oct 2021 10:13:31 -0000] [ftpmaster: Mark Hymers] Removed the following packages from oldstable: acpi-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 ata-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 btrfs-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 cdrom-core-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 compress-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 crc-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 crypto-dm-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 crypto-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 efi-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 event-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 ext4-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 fat-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 fb-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 firewire-core-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 fuse-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 i2c-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 input-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 isofs-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 jfs-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 kernel-image-4.19.0-16-amd64-di | 4.19.181-1 | amd64 linux-image-4.19.0-16-amd64 | 4.19.181-1 | amd64 linux-image-4.19.0-16-cloud-amd64 | 4.19.181-1 | amd64 linux-image-4.19.0-16-rt-amd64 | 4.19.181-1 | amd64 loop-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 md-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 mmc-core-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 mmc-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 mouse-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 mtd-core-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 multipath-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 nbd-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 nic-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 nic-pcmcia-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 nic-shared-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 nic-usb-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 nic-wireless-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 pata-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 pcmcia-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 pcmcia-storage-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 ppp-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 sata-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 scsi-core-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 scsi-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 scsi-nic-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 serial-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 sound-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 speakup-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 squashfs-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 udf-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 uinput-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 usb-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 usb-serial-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 usb-storage-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 xfs-modules-4.19.0-16-amd64-di | 4.19.181-1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-amd64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 Oct 2021 10:13:39 -0000] [ftpmaster: Mark Hymers] Removed the following packages from oldstable: ata-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 btrfs-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 cdrom-core-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 compress-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 crc-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 crypto-dm-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 crypto-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 efi-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 event-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 ext4-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 fat-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 fb-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 fuse-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 i2c-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 input-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 isofs-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 jfs-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 kernel-image-4.19.0-16-arm64-di | 4.19.181-1 | arm64 leds-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 linux-image-4.19.0-16-arm64 | 4.19.181-1 | arm64 linux-image-4.19.0-16-rt-arm64 | 4.19.181-1 | arm64 loop-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 md-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 mmc-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 mtd-core-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 multipath-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 nbd-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 nic-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 nic-shared-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 nic-usb-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 nic-wireless-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 ppp-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 sata-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 scsi-core-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 scsi-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 scsi-nic-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 squashfs-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 udf-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 uinput-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 usb-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 usb-serial-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 usb-storage-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 xfs-modules-4.19.0-16-arm64-di | 4.19.181-1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-arm64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 Oct 2021 10:13:47 -0000] [ftpmaster: Mark Hymers] Removed the following packages from oldstable: acpi-modules-4.19.0-16-686-di | 4.19.181-1 | i386 acpi-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 ata-modules-4.19.0-16-686-di | 4.19.181-1 | i386 ata-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 btrfs-modules-4.19.0-16-686-di | 4.19.181-1 | i386 btrfs-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 cdrom-core-modules-4.19.0-16-686-di | 4.19.181-1 | i386 cdrom-core-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 compress-modules-4.19.0-16-686-di | 4.19.181-1 | i386 compress-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 crc-modules-4.19.0-16-686-di | 4.19.181-1 | i386 crc-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 crypto-dm-modules-4.19.0-16-686-di | 4.19.181-1 | i386 crypto-dm-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 crypto-modules-4.19.0-16-686-di | 4.19.181-1 | i386 crypto-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 efi-modules-4.19.0-16-686-di | 4.19.181-1 | i386 efi-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 event-modules-4.19.0-16-686-di | 4.19.181-1 | i386 event-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 ext4-modules-4.19.0-16-686-di | 4.19.181-1 | i386 ext4-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 fat-modules-4.19.0-16-686-di | 4.19.181-1 | i386 fat-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 fb-modules-4.19.0-16-686-di | 4.19.181-1 | i386 fb-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 firewire-core-modules-4.19.0-16-686-di | 4.19.181-1 | i386 firewire-core-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 fuse-modules-4.19.0-16-686-di | 4.19.181-1 | i386 fuse-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 i2c-modules-4.19.0-16-686-di | 4.19.181-1 | i386 i2c-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 input-modules-4.19.0-16-686-di | 4.19.181-1 | i386 input-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 isofs-modules-4.19.0-16-686-di | 4.19.181-1 | i386 isofs-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 jfs-modules-4.19.0-16-686-di | 4.19.181-1 | i386 jfs-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 kernel-image-4.19.0-16-686-di | 4.19.181-1 | i386 kernel-image-4.19.0-16-686-pae-di | 4.19.181-1 | i386 linux-image-4.19.0-16-686 | 4.19.181-1 | i386 linux-image-4.19.0-16-686-pae | 4.19.181-1 | i386 linux-image-4.19.0-16-rt-686-pae | 4.19.181-1 | i386 loop-modules-4.19.0-16-686-di | 4.19.181-1 | i386 loop-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 md-modules-4.19.0-16-686-di | 4.19.181-1 | i386 md-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 mmc-core-modules-4.19.0-16-686-di | 4.19.181-1 | i386 mmc-core-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 mmc-modules-4.19.0-16-686-di | 4.19.181-1 | i386 mmc-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 mouse-modules-4.19.0-16-686-di | 4.19.181-1 | i386 mouse-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 mtd-core-modules-4.19.0-16-686-di | 4.19.181-1 | i386 mtd-core-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 multipath-modules-4.19.0-16-686-di | 4.19.181-1 | i386 multipath-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 nbd-modules-4.19.0-16-686-di | 4.19.181-1 | i386 nbd-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 nic-modules-4.19.0-16-686-di | 4.19.181-1 | i386 nic-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 nic-pcmcia-modules-4.19.0-16-686-di | 4.19.181-1 | i386 nic-pcmcia-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 nic-shared-modules-4.19.0-16-686-di | 4.19.181-1 | i386 nic-shared-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 nic-usb-modules-4.19.0-16-686-di | 4.19.181-1 | i386 nic-usb-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 nic-wireless-modules-4.19.0-16-686-di | 4.19.181-1 | i386 nic-wireless-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 pata-modules-4.19.0-16-686-di | 4.19.181-1 | i386 pata-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 pcmcia-modules-4.19.0-16-686-di | 4.19.181-1 | i386 pcmcia-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 pcmcia-storage-modules-4.19.0-16-686-di | 4.19.181-1 | i386 pcmcia-storage-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 ppp-modules-4.19.0-16-686-di | 4.19.181-1 | i386 ppp-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 sata-modules-4.19.0-16-686-di | 4.19.181-1 | i386 sata-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 scsi-core-modules-4.19.0-16-686-di | 4.19.181-1 | i386 scsi-core-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 scsi-modules-4.19.0-16-686-di | 4.19.181-1 | i386 scsi-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 scsi-nic-modules-4.19.0-16-686-di | 4.19.181-1 | i386 scsi-nic-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 serial-modules-4.19.0-16-686-di | 4.19.181-1 | i386 serial-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 sound-modules-4.19.0-16-686-di | 4.19.181-1 | i386 sound-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 speakup-modules-4.19.0-16-686-di | 4.19.181-1 | i386 speakup-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 squashfs-modules-4.19.0-16-686-di | 4.19.181-1 | i386 squashfs-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 udf-modules-4.19.0-16-686-di | 4.19.181-1 | i386 udf-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 uinput-modules-4.19.0-16-686-di | 4.19.181-1 | i386 uinput-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 usb-modules-4.19.0-16-686-di | 4.19.181-1 | i386 usb-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 usb-serial-modules-4.19.0-16-686-di | 4.19.181-1 | i386 usb-serial-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 usb-storage-modules-4.19.0-16-686-di | 4.19.181-1 | i386 usb-storage-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 xfs-modules-4.19.0-16-686-di | 4.19.181-1 | i386 xfs-modules-4.19.0-16-686-pae-di | 4.19.181-1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-i386) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 Oct 2021 10:14:03 -0000] [ftpmaster: Mark Hymers] Removed the following packages from oldstable: linux-headers-4.19.0-16-common | 4.19.181-1 | all linux-headers-4.19.0-16-common-rt | 4.19.181-1 | all linux-support-4.19.0-16 | 4.19.181-1 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 Oct 2021 10:03:38 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: libprotocol-acme-perl | 1.01-3 | source, all Closed bugs: 990293 ------------------- Reason ------------------- RoQA; only supports obsolete ACME version 1 ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 Oct 2021 10:04:06 -0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: birdtray | 1.5-1 | source, amd64, arm64, armel, armhf, i386, mips64el, ppc64el, s390x Closed bugs: 992193 ------------------- Reason ------------------- RoM; incompatible with newer Thunderbird versions ---------------------------------------------- ========================================================================= ansible (2.7.7+dfsg-1+deb10u1) buster-security; urgency=medium . [ Markus Koschany ] * CVE-2019-10156 * CVE-2019-10206 * CVE-2019-14846 * CVE-2019-14864 * CVE-2019-14904 * CVE-2020-10684 * CVE-2020-10685 * CVE-2020-10729 * CVE-2020-14330 * CVE-2020-14332 * CVE-2020-14365 * CVE-2020-1733 * CVE-2020-1735 * CVE-2020-1739 * CVE-2020-1740 * CVE-2020-1746 * CVE-2020-1753 * CVE-2021-20228 . [ Lee Garrett ] * Add python3-distutils to Depends (Closes: #962332) apache2 (2.4.38-3+deb10u5) buster-security; urgency=medium . * Fix "NULL pointer dereference on specially crafted HTTP/2 request" (Closes: #989562, CVE-2021-31618) * Fix various low security issues (Closes: CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-30641) and fix related test aspell (0.60.7~20110707-6+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2019-17544 It was discovered that Aspell incorrectly handled certain inputs which leads to a stack-based buffer over-read. An attacker could potentially access sensitive information. . [ Agustin Martin Domingo ] * CVE-2019-25051 (Closes: #991307) objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow atftp (0.7.git20120829-3.2~deb10u2) buster; urgency=medium . * Fix for CVE-2021-41054 (Closes: #994895) base-files (10.3+deb10u11) buster; urgency=medium . * Change /etc/debian_version to 10.11, for Debian 10.11 point release. bluez (5.50-1.2~deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * shared/att: Fix possible crash on disconnect (CVE-2020-27153) * shared/gatt-server: Fix not properly checking for secure flags (CVE-2020-26558, CVE-2021-0129) (Closes: #989614) btrbk (0.27.1-1+deb10u1) buster; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2021-38173 fixes a security vulnerability which would have allowed for an arbitrary code execution c-ares (1.14.0-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Missing input validation on hostnames returned by DNS servers (CVE-2021-3672) - ares_expand_name() should escape more characters - ares_expand_name(): fix formatting and handling of root name response clamav (0.103.3+dfsg-0+deb10u1) buster; urgency=medium . * Import 0.103.3 - Update symbol file. - Regression: clamdscan segfaults with --fdpass --multipass and ExcludePath (Closes: #988218). * Remove clamav user on purge (Closes: #987861). * Remove freshclam.dat on purge. clamav (0.103.2+dfsg-2) unstable; urgency=medium . * Remove deprecated option SafeBrowsing from debconf templates. clamav (0.103.2+dfsg-1) unstable; urgency=medium . * Import 0.103.2 - CVE-2021-1252 (Fix for Excel XLM parser infinite loop.) - CVE-2021-1404 (Fix for PDF parser buffer over-read; possible crash.) - CVE-2021-1405 (Fix for mail parser NULL-dereference crash.) - Update symbol file. (Closes: #986622). commons-io (2.6-2+deb10u1) buster; urgency=medium . * Team upload. * Fix CVE-2021-29425: When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value. cyrus-imapd (3.0.8-6+deb10u6) buster; urgency=medium . * Replace string hashing algorithm (Closes: #993433, CVE-2021-33582) debconf (1.5.71+deb10u1) buster; urgency=medium . * Check that whiptail or dialog is actually usable (closes: #985572). debian-installer (20190702+deb10u11) buster; urgency=medium . * Bump Linux ABI to 4.19.0-18. debian-installer-netboot-images (20190702+deb10u11) buster; urgency=medium . * Update to 20190702+deb10u11, from buster-proposed-updates. distcc (3.3.2-10+deb10u1) buster; urgency=medium . * Fix (again) update-distcc-symlinks script for gcc cross compiler and add clang symlinks (Closes: #919704) distro-info-data (0.41+deb10u4) buster; urgency=medium . * Update data to 0.51, without new columns: - Add estimated date for Buster EOL. - Correct the EOL date for Debian Jessie. - Add Debian 13 "Trixie", with a rough date. - Add Ubuntu 21.10, Impish Indri. - Move Ubuntu EoLs off weekends. - Validate that Ubuntu EoLs occur during the week. - Set bullseye's release date, bookworm's creation date, and buster's EoL date based on the updated planned bullseye release date. dwarf-fortress (0.44.12+dfsg1-0+deb10u1) buster; urgency=high . * Remove unnecessary code copies with license violations from source tarball. (Closes: #986119) dwarf-fortress (0.44.12-3) unstable; urgency=medium . * Keep gamelog.txt and errlog.txt in the user run directory * Fix bug that made the help screens inaccessible * Add recommends on libopenal1 * Bump Standards-Version . dwarf-fortress (0.44.12-2) experimental; urgency=medium . * Remove the need for unionfs-fuse * Move configuration files to $XDG_CONFIG_HOME dwarf-fortress (0.44.12-2) experimental; urgency=medium . * Remove the need for unionfs-fuse * Move configuration files to $XDG_CONFIG_HOME espeak-ng (1.49.2+dfsg-8+deb10u1) buster; urgency=medium . * patches/mbrola-fr4: Fix using espeak with mbrola-fr4 when mbrola-fr1 is not installed. exiv2 (0.25-4+deb10u2) buster-security; urgency=medium . * CVE-2021-31291 (Closes: #991705) The fix for CVE-2021-31291 also required to backport a few patches that fix some (harmless) CVEs alongside: - CVE-2019-20421 (Closes: #950183) - CVE-2021-3482 (Closes: #986888) - CVE-2021-29457 (Closes: #987277) - CVE-2021-29473 (Closes: #991705) * CVE-2021-31292 (Closes: #991706) firefox-esr (78.14.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2021-39, also known as CVE-2021-38493. . * debian/import-tar.py, debian/repack.py: Fixed for python 3.9. firefox-esr (78.13.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2021-34, also known as: CVE-2021-29986, CVE-2021-29988, CVE-2021-29984, CVE-2021-29980, CVE-2021-29985, CVE-2021-29989. firefox-esr (78.13.0esr-1~deb11u1) bullseye-security; urgency=medium . * New upstream release. * Fixes for mfsa2021-34, also known as: CVE-2021-29986, CVE-2021-29988, CVE-2021-29984, CVE-2021-29980, CVE-2021-29985, CVE-2021-29989. firefox-esr (78.13.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2021-34, also known as: CVE-2021-29986, CVE-2021-29988, CVE-2021-29984, CVE-2021-29980, CVE-2021-29985, CVE-2021-29989. firefox-esr (78.12.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2021-29, also known as: CVE-2021-29970, CVE-2021-30547, CVE-2021-29976. firefox-esr (78.12.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2021-29, also known as: CVE-2021-29970, CVE-2021-30547, CVE-2021-29976. firefox-esr (78.11.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2021-24, also known as CVE-2021-29967. gcc-mingw-w64 (21.3~deb10u2) buster; urgency=medium . * Fix gcov handling: we need to tell GCC that we have headers, without telling it where, and then we need to correct its default assumption about where they are. Closes: #989862. LP: #1883933, #1920988. grilo (0.3.7-1+deb10u1) buster-security; urgency=high . * fix-tls-cert-validation.patch: - Fix TLS cert validation not being done for any network call (Closes: #992971, CVE-2021-39365). gthumb (3:3.6.2-4+deb10u1) buster; urgency=medium . * Non-maintainer upload by the LTS Team. * CVE-2019-20326 (Closes: #948197) A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file. * additional fix in case orientation swaps width and height hg-git (0.8.12-1+deb10u1) buster; urgency=medium . * Team upload. * Cherry-pick relaxed output check in test suite (Closes: #933100) htslib (1.9-12~deb10u1) buster; urgency=medium . * Rebuild for buster. . htslib (1.9-12) unstable; urgency=medium . * Fix for the autopkgtest on i386 means we can re-enable it! (Closes: #942580) http-parser (2.8.1-1+deb10u1) buster; urgency=medium . * Cherry-pick "Support multi-coding Transfer-Encoding". Closes: #977467 [CVE-2019-15605] intel-microcode (3.20210608.2~deb10u1) buster-security; urgency=high . * SECURITY UPDATE with known possible regressions * Refer to the changelog entry for 3.20210608.1 for the list of security fixes in this release. * Possible regression: CoffeLake processors with signature 0x906ea *and* Intel Wireless LAN on-board - The Intel WiFi firmware might stop working, refer to: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/56 * Possible regression: Skylake R0/D0 (signatures 0x406e3 and 0x506e3), - Motherboards with severely outdated firmware where the UEFI/BIOS microcode revision is less than 0x80 may hang on boot. Refer to: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/31 * Reintroduces all fixes (including several security updates) to Skylake D0/R0 that were temporarily disabled in past releases. Refer to changelog entries since (and including) 3.20200609.1 for the list of security fixes. . intel-microcode (3.20210608.2) unstable; urgency=high . * Correct INTEL-SA-00442 CVE id to CVE-2020-24489 in changelog and debian/changelog (3.20210608.1). . intel-microcode (3.20210608.1) unstable; urgency=high . * New upstream microcode datafile 20210608 (closes: #989615) * Implements mitigations for CVE-2020-24511 CVE-2020-24512 (INTEL-SA-00464), information leakage through shared resources, and timing discrepancy sidechannels * Implements mitigations for CVE-2020-24513 (INTEL-SA-00465), Domain-bypass transient execution vulnerability in some Intel Atom Processors, affects Intel SGX. * Implements mitigations for CVE-2020-24489 (INTEL-SA-00442), Intel VT-d privilege escalation * Fixes critical errata on several processors * New Microcodes: sig 0x00050655, pf_mask 0xb7, 2018-11-16, rev 0x3000010, size 47104 sig 0x000606a5, pf_mask 0x87, 2021-03-08, rev 0xc0002f0, size 283648 sig 0x000606a6, pf_mask 0x87, 2021-04-25, rev 0xd0002a0, size 283648 sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x000806c1, pf_mask 0x80, 2021-03-31, rev 0x0088, size 109568 sig 0x000806c2, pf_mask 0xc2, 2021-04-07, rev 0x0016, size 94208 sig 0x000806d1, pf_mask 0xc2, 2021-04-23, rev 0x002c, size 99328 sig 0x00090661, pf_mask 0x01, 2021-02-04, rev 0x0011, size 19456 sig 0x000906c0, pf_mask 0x01, 2021-03-23, rev 0x001d, size 19456 sig 0x000a0671, pf_mask 0x02, 2021-04-11, rev 0x0040, size 100352 * Updated Microcodes: sig 0x000306f2, pf_mask 0x6f, 2021-01-27, rev 0x0046, size 34816 sig 0x000306f4, pf_mask 0x80, 2021-02-05, rev 0x0019, size 19456 sig 0x000406e3, pf_mask 0xc0, 2021-01-25, rev 0x00ea, size 105472 sig 0x000406f1, pf_mask 0xef, 2021-02-06, rev 0xb00003e, size 31744 sig 0x00050653, pf_mask 0x97, 2021-03-08, rev 0x100015b, size 34816 sig 0x00050654, pf_mask 0xb7, 2021-03-08, rev 0x2006b06, size 36864 sig 0x00050656, pf_mask 0xbf, 2021-03-08, rev 0x4003102, size 30720 sig 0x00050657, pf_mask 0xbf, 2021-03-08, rev 0x5003102, size 30720 sig 0x0005065b, pf_mask 0xbf, 2021-04-23, rev 0x7002302, size 27648 sig 0x00050663, pf_mask 0x10, 2021-02-04, rev 0x700001b, size 24576 sig 0x00050664, pf_mask 0x10, 2021-02-04, rev 0xf000019, size 24576 sig 0x00050665, pf_mask 0x10, 2021-02-04, rev 0xe000012, size 19456 sig 0x000506c9, pf_mask 0x03, 2020-10-23, rev 0x0044, size 17408 sig 0x000506ca, pf_mask 0x03, 2020-10-23, rev 0x0020, size 15360 sig 0x000506e3, pf_mask 0x36, 2021-01-25, rev 0x00ea, size 105472 sig 0x000506f1, pf_mask 0x01, 2020-10-23, rev 0x0034, size 11264 sig 0x000706a1, pf_mask 0x01, 2020-10-23, rev 0x0036, size 74752 sig 0x000706a8, pf_mask 0x01, 2020-10-23, rev 0x001a, size 75776 sig 0x000706e5, pf_mask 0x80, 2020-11-01, rev 0x00a6, size 110592 sig 0x000806a1, pf_mask 0x10, 2020-11-06, rev 0x002a, size 32768 sig 0x000806e9, pf_mask 0x10, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806e9, pf_mask 0xc0, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806ea, pf_mask 0xc0, 2021-01-06, rev 0x00ea, size 103424 sig 0x000806eb, pf_mask 0xd0, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806ec, pf_mask 0x94, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906e9, pf_mask 0x2a, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906ea, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 102400 sig 0x000906eb, pf_mask 0x02, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906ec, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424 sig 0x000906ed, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424 sig 0x000a0652, pf_mask 0x20, 2021-02-07, rev 0x00ea, size 93184 sig 0x000a0653, pf_mask 0x22, 2021-03-08, rev 0x00ea, size 94208 sig 0x000a0655, pf_mask 0x22, 2021-03-08, rev 0x00ec, size 94208 sig 0x000a0660, pf_mask 0x80, 2020-12-08, rev 0x00e8, size 94208 sig 0x000a0661, pf_mask 0x80, 2021-02-07, rev 0x00ea, size 93184 * source: update symlinks to reflect id of the latest release, 20210608 intel-microcode (3.20210608.1) unstable; urgency=high . * New upstream microcode datafile 20210608 (closes: #989615) * Implements mitigations for CVE-2020-24511 CVE-2020-24512 (INTEL-SA-00464), information leakage through shared resources, and timing discrepancy sidechannels * Implements mitigations for CVE-2020-24513 (INTEL-SA-00465), Domain-bypass transient execution vulnerability in some Intel Atom Processors, affects Intel SGX. * Implements mitigations for CVE-2021-24489 (INTEL-SA-00442), Intel VT-d privilege escalation * Fixes critical errata on several processors * New Microcodes: sig 0x00050655, pf_mask 0xb7, 2018-11-16, rev 0x3000010, size 47104 sig 0x000606a5, pf_mask 0x87, 2021-03-08, rev 0xc0002f0, size 283648 sig 0x000606a6, pf_mask 0x87, 2021-04-25, rev 0xd0002a0, size 283648 sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x000806c1, pf_mask 0x80, 2021-03-31, rev 0x0088, size 109568 sig 0x000806c2, pf_mask 0xc2, 2021-04-07, rev 0x0016, size 94208 sig 0x000806d1, pf_mask 0xc2, 2021-04-23, rev 0x002c, size 99328 sig 0x00090661, pf_mask 0x01, 2021-02-04, rev 0x0011, size 19456 sig 0x000906c0, pf_mask 0x01, 2021-03-23, rev 0x001d, size 19456 sig 0x000a0671, pf_mask 0x02, 2021-04-11, rev 0x0040, size 100352 * Updated Microcodes: sig 0x000306f2, pf_mask 0x6f, 2021-01-27, rev 0x0046, size 34816 sig 0x000306f4, pf_mask 0x80, 2021-02-05, rev 0x0019, size 19456 sig 0x000406e3, pf_mask 0xc0, 2021-01-25, rev 0x00ea, size 105472 sig 0x000406f1, pf_mask 0xef, 2021-02-06, rev 0xb00003e, size 31744 sig 0x00050653, pf_mask 0x97, 2021-03-08, rev 0x100015b, size 34816 sig 0x00050654, pf_mask 0xb7, 2021-03-08, rev 0x2006b06, size 36864 sig 0x00050656, pf_mask 0xbf, 2021-03-08, rev 0x4003102, size 30720 sig 0x00050657, pf_mask 0xbf, 2021-03-08, rev 0x5003102, size 30720 sig 0x0005065b, pf_mask 0xbf, 2021-04-23, rev 0x7002302, size 27648 sig 0x00050663, pf_mask 0x10, 2021-02-04, rev 0x700001b, size 24576 sig 0x00050664, pf_mask 0x10, 2021-02-04, rev 0xf000019, size 24576 sig 0x00050665, pf_mask 0x10, 2021-02-04, rev 0xe000012, size 19456 sig 0x000506c9, pf_mask 0x03, 2020-10-23, rev 0x0044, size 17408 sig 0x000506ca, pf_mask 0x03, 2020-10-23, rev 0x0020, size 15360 sig 0x000506e3, pf_mask 0x36, 2021-01-25, rev 0x00ea, size 105472 sig 0x000506f1, pf_mask 0x01, 2020-10-23, rev 0x0034, size 11264 sig 0x000706a1, pf_mask 0x01, 2020-10-23, rev 0x0036, size 74752 sig 0x000706a8, pf_mask 0x01, 2020-10-23, rev 0x001a, size 75776 sig 0x000706e5, pf_mask 0x80, 2020-11-01, rev 0x00a6, size 110592 sig 0x000806a1, pf_mask 0x10, 2020-11-06, rev 0x002a, size 32768 sig 0x000806e9, pf_mask 0x10, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806e9, pf_mask 0xc0, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806ea, pf_mask 0xc0, 2021-01-06, rev 0x00ea, size 103424 sig 0x000806eb, pf_mask 0xd0, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806ec, pf_mask 0x94, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906e9, pf_mask 0x2a, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906ea, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 102400 sig 0x000906eb, pf_mask 0x02, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906ec, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424 sig 0x000906ed, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424 sig 0x000a0652, pf_mask 0x20, 2021-02-07, rev 0x00ea, size 93184 sig 0x000a0653, pf_mask 0x22, 2021-03-08, rev 0x00ea, size 94208 sig 0x000a0655, pf_mask 0x22, 2021-03-08, rev 0x00ec, size 94208 sig 0x000a0660, pf_mask 0x80, 2020-12-08, rev 0x00e8, size 94208 sig 0x000a0661, pf_mask 0x80, 2021-02-07, rev 0x00ea, size 93184 * source: update symlinks to reflect id of the latest release, 20210608 intel-microcode (3.20210216.1) unstable; urgency=medium . * New upstream microcode datafile 20210216 * Mitigates an issue on Skylake Server (H0/M0/U0), Xeon-D 21xx, and Cascade Lake Server (B0/B1) when using an active JTAG agent like In Target Probe (ITP), Direct Connect Interface (DCI) or a Baseboard Management Controller (BMC) to take the CPU JTAG/TAP out of reset and then returning it to reset. * This issue is related to the INTEL-SA-00381 mitigation. * Updated Microcodes: sig 0x00050654, pf_mask 0xb7, 2020-12-31, rev 0x2006a0a, size 36864 sig 0x00050656, pf_mask 0xbf, 2020-12-31, rev 0x4003006, size 53248 sig 0x00050657, pf_mask 0xbf, 2020-12-31, rev 0x5003006, size 53248 * source: update symlinks to reflect id of the latest release, 20210216 irssi (1.2.0-2+deb10u1) buster; urgency=medium . * Import upstream security fix for CVE-2019-13045 (closes: #931264) java-atk-wrapper (0.33.3-22+deb10u1) buster; urgency=medium . * patches/dbus: Also detect at-spi through dbus. jetty9 (9.4.16-0+deb10u1) buster-security; urgency=high . * Team upload. * New upstream version 9.4.16. - Fix CVE-2019-10241: The server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing of directory contents. - Fix CVE-2019-10247: The server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches the requested path. The default server behavior on jetty-distribution and jetty-home will include at the end of the Handler tree a DefaultHandler, which is responsible for reporting this 404 error, it presents the various configured contexts as HTML for users to click through to. This produced HTML includes output that contains the configured fully qualified directory base resource location for each context. * Fix CVE-2020-27216: On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. * Fix CVE-2020-27223: Jetty handles a request containing multiple Accept headers with a large number of “quality†(i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values. * Fix CVE-2020-28165: CPU usage can reach 100% upon receiving a large invalid TLS frame. * Fix CVE-2020-28169: It is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For example a request to `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. * Fix CVE-2021-34428: If an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in. krb5 (1.17-3+deb10u3) buster; urgency=high . * Fix KDC null dereference crash on FAST request with no server field, CVE-2021-37750, Closes: #992607 * Fix memory leak in krb5_gss_inquire_cred, Closes: #991140 krb5 (1.17-3+deb10u2) buster-security; urgency=high . * Import upstream patch for CVE-2021-36222, Closes: #991365 ledgersmb (1.6.9+ds-1+deb10u3) buster-security; urgency=medium . * Fix a regression in the display of some search results ledgersmb (1.6.9+ds-1+deb10u2) buster-security; urgency=medium . * Fix CVE-2021-3731, thanks for Erik Huelsmann ledgersmb (1.6.9+ds-1+deb10u1) buster-security; urgency=medium . * Fix CVE-2021-3693 and CVE-2021-3694, thanks to Erik Huelsmann lemonldap-ng (2.0.2+ds-7+deb10u6) buster-security; urgency=medium . * Fix session cache corruption (Closes: CVE-2021-06-25) * Fix trusted domain wildcard * Fix trusted domain regexp * Don't display TOTP secret to owner, neither in debug logs libdatetime-timezone-perl (1:2.23-1+2021b) buster; urgency=medium . * Update to Olson database version 2021b. This update includes contemporary changes for Jordan and Samoa. libpam-tacplus (1.3.8-2+deb10u1) buster; urgency=medium . * Non-maintainer upload by the LTS team. * CVE-2020-13881: Prevent shared secrets (such as private server keys) from being added in plaintext to the system log. libsndfile (1.0.28-6+deb10u1) buster-security; urgency=medium . * CVE-021-3246 (Closes: #991496) libspf2 (1.2.10-7.1~deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Rebuild for buster-security. . libspf2 (1.2.10-7.1) unstable; urgency=medium . * Non-maintainer upload. * spf_compile.c: Correct size of ds_avail (CVE-2021-20314) * Sanity check for sprintf * Fixed 'reverse' macro modifier libuv1 (1.24.1-1+deb10u1) buster-security; urgency=high . * add patch for CVE-2021-22918 (Closes: #990561) * For buster, this patch also tweaks tests so they can be compiled. (because of a missing macro and "static" declaration) linux (4.19.208-1) buster; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.195 - perf/core: Fix endless multiplex timer - net/nfc/rawsock.c: fix a permission check bug - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Glavey TM800A550L tablet - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Lenovo Miix 3-830 tablet - bonding: init notify_work earlier to avoid uninitialized use - netlink: disable IRQs for netlink_lock_table() - net: mdiobus: get rid of a BUG_ON() - cgroup: disable controllers at parse time - wq: handle VM suspension in stall detection - net/qla3xxx: fix schedule while atomic in ql_sem_spinlock - RDS tcp loopback connection can hang - scsi: bnx2fc: Return failure if io_req is already in ABTS processing - [x86] scsi: vmw_pvscsi: Set correct residual data length - scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal - [arm64] net: macb: ensure the device is available before accessing GEMGXL control registers - nvme-fabrics: decode host pathing error for connect - [mips*] Fix kernel hang under FUNCTION_GRAPH_TRACER and PREEMPT_TRACER - bnx2x: Fix missing error code in bnx2x_iov_init_one() - [powerpc*] i2c: mpc: Make use of i2c_recover_bus() - [powerpc*] i2c: mpc: implement erratum A-004447 workaround - drm: Fix use-after-free read in drm_getunique() - drm: Lock pointer access in drm_master_release() - kvm: avoid speculation-based attacks from out-of-range memslot accesses - [arm64,x86] staging: rtl8723bs: Fix uninitialized variables - btrfs: return value from btrfs_mark_extent_written() in case of error - cgroup1: don't allow '\n' in renaming - USB: f_ncm: ncm_bitrate (speed) is unsigned - usb: f_ncm: only first packet of aggregate needs to start timer - usb: pd: Set PD_T_SINK_WAIT_CAP to 310ms - [arm64,armhf] usb: dwc3: ep0: fix NULL pointer exception - [x86] usb: typec: ucsi: Clear PPM capability data in ucsi_init() error path - usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind - USB: serial: ftdi_sio: add NovaTech OrionMX product ID - USB: serial: omninet: add device id for Zyxel Omni 56K Plus - USB: serial: quatech2: fix control-request directions - USB: serial: cp210x: fix alternate function for CP2102N QFN20 - usb: gadget: eem: fix wrong eem header operation - usb: fix various gadgets null ptr deref on 10gbps cabling. - usb: fix various gadget panics on 10gbps cabling - regulator: core: resolve supply for boot-on/always-on regulators - [arm64] regulator: max77620: Use device_set_of_node_from_dev() - RDMA/mlx4: Do not map the core_clock page to user space unless enabled - perf: Fix data race between pin_count increment/decrement - sched/fair: Make sure to update tg contrib for blocked load - IB/mlx5: Fix initializing CQ fragments buffer - NFS: Fix a potential NULL dereference in nfs_get_client() - NFSv4: Fix deadlock between nfs4_evict_inode() and nfs4_opendata_get_inode() - perf session: Correct buffer copying when peeking events - kvm: fix previous commit for 32-bit builds - NFS: Fix use-after-free in nfs4_init_client() - NFSv4: Fix second deadlock in nfs4_evict_inode() - NFSv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error. - scsi: core: Fix error handling of scsi_host_alloc() - scsi: core: Put .shost_dev in failure path if host state changes to RUNNING - scsi: core: Only put parent device if host state differs from SHOST_CREATED - ftrace: Do not blindly read the ip address in ftrace_bug() - tracing: Correct the length check which causes memory corruption - proc: only require mm_struct for writing https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.196 - net: ieee802154: fix null deref in parse dev addr - HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65 - HID: hid-sensor-hub: Return error for hid_set_field() failure - HID: Add BUS_VIRTUAL to hid_connect logging - HID: usbhid: fix info leak in hid_submit_ctrl - gfs2: Prevent direct-I/O write fallback errors from getting lost - gfs2: Fix use-after-free in gfs2_glock_shrink_scan - scsi: target: core: Fix warning on realtime kernels - ethernet: myri10ge: Fix missing error code in myri10ge_probe() - scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V - net: ipconfig: Don't override command-line hostnames or domains - rtnetlink: Fix missing error code in rtnl_bridge_notify() - net: Return the correct errno code - fib: Return the correct errno code - afs: Fix an IS_ERR() vs NULL check - mm/memory-failure: make sure wait for page writeback in memory_failure - batman-adv: Avoid WARN_ON timing related checks - net: ipv4: fix memory leak in netlbl_cipsov4_add_std - net: rds: fix memory leak in rds_recvmsg - udp: fix race between close() and udp_abort() - rtnetlink: Fix regression in bridge VLAN configuration - net/mlx5e: Block offload of outer header csum for UDP tunnels - netfilter: synproxy: Fix out of bounds when parsing TCP options - sch_cake: Fix out of bounds when parsing TCP options and header - alx: Fix an error handling path in 'alx_probe()' - net: stmmac: dwmac1000: Fix extended MAC address registers definition - net: add documentation to socket.c - net: make get_net_ns return error if NET_NS is disabled - qlcnic: Fix an error handling path in 'qlcnic_probe()' - netxen_nic: Fix an error handling path in 'netxen_nic_probe()' - ptp: ptp_clock: Publish scaled_ppm_to_ppb - ptp: improve max_adj check against unreasonable values - net: cdc_ncm: switch to eth%d interface naming - net: usb: fix possible use-after-free in smsc75xx_bind - [armhf] net: fec_ptp: fix issue caused by refactor the fec_devtype - net: ipv4: fix memory leak in ip_mc_add1_src - net/af_unix: fix a data-race in unix_dgram_sendmsg / unix_release_sock - be2net: Fix an error handling path in 'be_probe()' - net: hamradio: fix memory leak in mkiss_close - net: cdc_eem: fix tx fixup skb leak - icmp: don't send out ICMP messages with a source address of 0.0.0.0 - radeon: use memcpy_to/fromio for UVD fw upload - hwmon: (scpi-hwmon) shows the negative temperature properly - can: mcba_usb: fix memory leak in mcba_usb - usb: core: hub: Disable autosuspend for Cypress CY7C65632 - tracing: Do not stop recording cmdlines when tracing is off - tracing: Do not stop recording comms if the trace file is being read - tracing: Do no increment trace_clock_global() by one - PCI: Mark TI C667X to avoid bus reset - PCI: Mark some NVIDIA GPUs to avoid bus reset - PCI: Add ACS quirk for Broadcom BCM57414 NIC - PCI: Work around Huawei Intelligent NIC VF FLR erratum - [arm64,armhf] dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc - net: bridge: fix vlan tunnel dst null pointer dereference - net: bridge: fix vlan tunnel dst refcnt when egressing - mm/slub: clarify verification reporting - mm/slub.c: include swab.h - [armhf] net: fec_ptp: add clock rate zero check - [arm64,armhf] KVM: arm/arm64: Fix KVM_VGIC_V3_ADDR_TYPE_REDIST read - can: bcm/raw/isotp: use per module netdevice notifier - inet: use bigger hash table for IP ID generation - [arm64,armhf] usb: dwc3: debugfs: Add and remove endpoint dirs dynamically - [arm64,armhf] usb: dwc3: core: fix kernel panic when do reboot - [x86] fpu: Reset state for all signal restore failures - module: limit enabling module.sig_enforce (CVE-2021-35039) - drm/nouveau: wait for moving fence after pinning v2 - drm/radeon: wait for moving fence after pinning - Revert "PCI: PM: Do not read power state in pci_enable_device_flags()" - mac80211: remove warning in ieee80211_get_sband() - cfg80211: call cfg80211_leave_ocb when switching away from OCB - mac80211: drop multicast fragments - net: ethtool: clear heap allocations for ethtool function - ping: Check return value of function 'ping_queue_rcv_skb' - inet: annotate date races around sk->sk_txhash - net/packet: annotate accesses to po->bind - net/packet: annotate accesses to po->ifindex - r8152: Avoid memcpy() over-reading of ETH_SS_STATS - r8169: Avoid memcpy() over-reading of ETH_SS_STATS - net: qed: Fix memcpy() overflow of qed_dcbx_params() - [x86] PCI: Add AMD RS690 quirk to enable 64-bit DMA - nilfs2: fix memory leak in nilfs_sysfs_delete_device_group - i2c: robotfuzz-osif: fix control-request directions https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.197 - mm: add VM_WARN_ON_ONCE_PAGE() macro - mm/rmap: remove unneeded semicolon in page_not_mapped() - mm/rmap: use page_not_mapped in try_to_unmap() - mm/thp: fix __split_huge_pmd_locked() on shmem migration entry - mm/thp: make is_huge_zero_pmd() safe and quicker - mm/thp: try_to_unmap() use TTU_SYNC for safe splitting - mm/thp: fix vma_address() if virtual address below file offset - mm/thp: fix page_address_in_vma() on file THP tails - mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page() - mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split - mm: page_vma_mapped_walk(): use page for pvmw->page - mm: page_vma_mapped_walk(): settle PageHuge on entry - mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd - mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block - mm: page_vma_mapped_walk(): crossing page table boundary - mm: page_vma_mapped_walk(): add a level of indentation - mm: page_vma_mapped_walk(): use goto instead of while (1) - mm: page_vma_mapped_walk(): get vma_address_end() earlier - mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes - mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk() - mm, futex: fix shared futex pgoff on shmem huge page - scsi: sr: Return appropriate error code when disk is ejected - drm/nouveau: fix dma_address check for CPU/GPU sync - ext4: eliminate bogus error in ext4_data_block_valid_rcu() - kthread_worker: split code for canceling the delayed work timer - kthread: prevent deadlock when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync() - xen/events: reset active flag for lateeoi events later - [x86] KVM: SVM: Call SEV Guest Decommission if ASID binding fails - [armhf] OMAP: replace setup_irq() by request_irq() - [armhf] clocksource/drivers/timer-ti-dm: Add clockevent and clocksource support - [armhf] clocksource/drivers/timer-ti-dm: Prepare to handle dra7 timer wrap issue - [armhf] clocksource/drivers/timer-ti-dm: Handle dra7 timer wrap errata i940 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.198 - scsi: core: Retry I/O for Notify (Enable Spinup) Required error - ALSA: usb-audio: fix rate on Ozone Z90 USB headset - ALSA: usb-audio: Fix OOB access at proc output - media: dvb-usb: fix wrong definition - Input: usbtouchscreen - fix control-request directions - net: can: ems_usb: fix use-after-free in ems_usb_disconnect() - usb: gadget: eem: fix echo command packet response issue - USB: cdc-acm: blacklist Heimann USB Appset device - [arm64,armhf] usb: dwc3: Fix debugfs creation flow - [x86] usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() - xhci: solve a double free problem while doing s4 - iov_iter_fault_in_readable() should do nothing in xarray case - Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl (CVE-2021-3612) - [armel,armhf] arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode - btrfs: send: fix invalid path for unlink operations after parent orphanization - btrfs: clear defrag status of a root if starting transaction fails - ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle - ext4: fix kernel infoleak via ext4_extent_header - ext4: return error code when ext4_fill_flex_info() fails - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit - ext4: remove check for zero nr_to_scan in ext4_es_scan() - ext4: fix avefreec in find_group_orlov - ext4: use ext4_grp_locked_error in mb_find_extent - can: gw: synchronize rcu operations before removing gw job entry - can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path - SUNRPC: Fix the batch tasks count wraparound. - SUNRPC: Should wake up the privileged task firstly. - [s390x] cio: dont call css_wait_for_slow_path() inside a lock - [x86] serial_cs: Add Option International GSM-Ready 56K/ISDN modem - [x86] serial_cs: remove wrong GLOBETROTTER.cis entry - ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() - ssb: sdio: Don't overwrite const buffer if block_write fails - rsi: Assign beacon rate settings to the correct rate_info descriptor field - rsi: fix AP mode with WPA failure due to encrypted EAPOL - tracing/histograms: Fix parsing of "sym-offset" modifier - tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing - seq_buf: Make trace_seq_putmem_hex() support data longer than 8 - [powerpc*] stacktrace: Fix spurious "stale" traces in raise_backtrace_ipi() - fuse: check connected before queueing on fpq->io - spi: Make of_register_spi_device also set the fwnode - [i386] spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() - media: cpia2: fix memory leak in cpia2_usb_probe - media: pvrusb2: fix warning in pvr2_i2c_core_done - [x86] crypto: qat - check return code of qat_hal_rd_rel_reg() - [x86] crypto: qat - remove unused macro in FW loader - sched/fair: Fix ascii art by relpacing tabs - media: em28xx: Fix possible memory leak of em28xx struct - media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release - media: bt8xx: Fix a missing check bug in bt878_probe - media: dvd_usb: memory leak in cinergyt2_fe_attach - mmc: via-sdmmc: add a check against NULL pointer dereference - crypto: shash - avoid comparing pointers to exported functions under CFI - media: dvb_net: avoid speculation from net slot - media: siano: fix device register error path - btrfs: fix error handling in __btrfs_update_delayed_inode - btrfs: abort transaction if we fail to update the delayed inode - btrfs: disable build on platforms having page size 256K - [armhf] regulator: da9052: Ensure enough delay time for .set_voltage_time_sel - HID: do not use down_interruptible() when unbinding devices - ACPI: processor idle: Fix up C-state latency if not ordered - [x86] hv_utils: Fix passing zero to 'PTR_ERR' warning - lib: vsprintf: Fix handling of number field widths in vsscanf - ACPI: EC: Make more Asus laptops use ECDT _GPE - block_dump: remove block_dump feature in mark_inode_dirty() - fs: dlm: cancel work sync othercon - random32: Fix implicit truncation warning in prandom_seed_state() - fs: dlm: fix memory leak when fenced - ACPICA: Fix memory leak caused by _CID repair function - ACPI: bus: Call kobject_put() in acpi_init() error path - [x86] platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() - clocksource: Retry clock read if long delays detected - HID: wacom: Correct base usage for capacitive ExpressKey status bits - [armhf] sata_highbank: fix deferred probing - [mips*] pata_octeon_cf: avoid WARN_ON() in ata_host_activate() - [x86] crypto: ccp - Fix a resource leak in an error handling path - media: rc: i2c: Fix an error message - media: gspca/gl860: fix zero-length control requests - media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() - btrfs: clear log tree recovering status if starting transaction fails - [armhf] spi: spi-sun6i: Fix chipselect/clock bug - ACPI: sysfs: Fix a buffer overrun problem with description_show() - blk-wbt: introduce a new disable state to prevent false positive by rwb_enabled() - blk-wbt: make sure throttle is enabled properly - ocfs2: fix snprintf() checking - [arm64,armhf] net: mvpp2: Put fwnode in error case during ->probe() - [i386] net: pch_gbe: Propagate error from devm_gpio_request_one() - [arm64] drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() - RDMA/rxe: Fix failure during driver load - drm: qxl: ensure surf.data is ininitialized - ieee802154: hwsim: Fix possible memory leak in hwsim_subscribe_all_others - [arm64] wcn36xx: Move hal_buf allocation to devm_kmalloc in probe - ssb: Fix error return code in ssb_bus_scan() - brcmfmac: fix setting of station info chains bitmask - brcmfmac: correctly report average RSSI in station info - brcmsmac: mac80211_if: Fix a resource leak in an error handling path - ath10k: Fix an error code in ath10k_add_interface() - RDMA/mlx5: Don't add slave port to unaffiliated list - netfilter: nft_exthdr: check for IPv6 packet before further processing - netfilter: nft_osf: check for TCP packet before further processing - netfilter: nft_tproxy: restrict support to TCP and UDP transport protocols - RDMA/rxe: Fix qp reference counting for atomic ops - pkt_sched: sch_qfq: fix qfq_change_class() error path - vxlan: add missing rcu_read_lock() in neigh_reduce() - net/ipv4: swap flow ports when validating source - ieee802154: hwsim: Fix memory leak in hwsim_add_one - ieee802154: hwsim: avoid possible crash in hwsim_del_edge_nl() - mac80211: remove iwlwifi specific workaround NDPs of null_response - ipv6: exthdrs: do not blindly use init_net - bpf: Do not change gso_size during bpf_skb_change_proto() - i40e: Fix error handling in i40e_vsi_open - i40e: Fix autoneg disabling for non-10GBaseT links - ipv6: fix out-of-bound access in ip6_parse_tlv() - Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid - Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event - writeback: fix obtain a reference to a freeing memcg css - net: lwtunnel: handle MTU calculation in forwading - net: sched: fix warning in tcindex_alloc_perfect_hash - RDMA/mlx5: Don't access NULL-cleared mpi pointer - tty: nozomi: Fix a resource leak in an error handling function - mwifiex: re-fix for unaligned accesses - [arm64] ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() - [x86] char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() - tty: nozomi: Fix the error handling path of 'nozomi_card_init()' - scsi: FlashPoint: Rename si_flags field - serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates - of: Fix truncation of memory sizes on 32-bit platforms - [armhf] mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() - scsi: mpt3sas: Fix error return value in _scsih_expander_add() - configfs: fix memleak in configfs_release_bin_file - [powerpc*] Offline CPU in stop_this_cpu() - [arm64] serial: mvebu-uart: correctly calculate minimal possible baudrate - vfio/pci: Handle concurrent vma faults - mm/huge_memory.c: don't discard hugepage if other processes are mapping it - mmc: block: Disable CMDQ on the ioctl path - mmc: vub3000: fix control-request direction - drm/amd/amdgpu/sriov disable all ip hw status by default - [i386] net: pch_gbe: Use proper accessors to BE data in pch_ptp_match() - hugetlb: clear huge pte during flush function on mips platform - atm: iphase: fix possible use-after-free in ia_module_exit() - mISDN: fix possible use-after-free in HFC_cleanup() - atm: nicstar: Fix possible use-after-free in nicstar_cleanup() - net: Treat __napi_schedule_irqoff() as __napi_schedule() on PREEMPT_RT - reiserfs: add check for invalid 1st journal block - drm/virtio: Fix double free on probe failure - udf: Fix NULL pointer dereference in udf_symlink function - e100: handle eeprom as little endian - [arm64,armhf] clk: tegra: Ensure that PLLU configuration is applied properly - ipv6: use prandom_u32() for ID generation - RDMA/cxgb4: Fix missing error code in create_qp() - dm space maps: don't reset space map allocation cursor when committing - [armhf] pinctrl: mcp23s08: fix race condition in irq handler - ice: set the value of global config lock timeout longer - virtio_net: Remove BUG() to avoid machine dead - [arm64,armhf] net: mvpp2: check return value after calling platform_get_resource() - [amd64] fjes: check return value after calling platform_get_resource() - selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC - xfrm: Fix error reporting in xfrm_state_construct. - [arm64,armhf] wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP - [arm64,armhf] wl1251: Fix possible buffer overflow in wl1251_cmd_scan - net: fix mistake path for netdev_features_strings - rtl8xxxu: Fix device info for RTL8192EU devices - atm: nicstar: use 'dma_free_coherent' instead of 'kfree' - atm: nicstar: register the interrupt handler in the right place - vsock: notify server to shutdown when client has pending signal - RDMA/rxe: Don't overwrite errno from ib_umem_get() - iwlwifi: mvm: don't change band on bound PHY contexts - iwlwifi: pcie: free IML DMA memory allocation - sfc: avoid double pci_remove of VFs - sfc: error code if SRIOV cannot be disabled - wireless: wext-spy: Fix out-of-bounds warning - net: ip: avoid OOM kills with large UDP sends over loopback - RDMA/cma: Fix rdma_resolve_route() memory leak - Bluetooth: Fix the HCI to MGMT status conversion table - Bluetooth: Shutdown controller after workqueues are flushed or cancelled - Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc. - sctp: validate from_addr_param return (CVE-2021-3655) - sctp: add size validation when walking chunks (CVE-2021-3655) - fscrypt: don't ignore minor_hash when hash is 0 - bdi: Do not use freezable workqueue - [arm64] serial: mvebu-uart: clarify the baud rate derivation - [arm64] serial: mvebu-uart: fix calculation of clock divisor - fuse: reject internal errno - [powerpc*] barrier: Avoid collision with clang's __lwsync macro - usb: gadget: f_fs: Fix setting of device and driver data cross-references - drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() - pinctrl/amd: Add device HID for new AMD GPIO controller - [arm64] drm/msm/mdp4: Fix modifier support enabling - mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode - mmc: core: clear flags before allowing to retune - mmc: core: Allow UHS-I voltage switch for SDSC cards if supported - [armhf] ata: ahci_sunxi: Disable DIPM - cpu/hotplug: Cure the cpusets trainwreck - [arm64,armhf] clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround - [arm64,armhf] ASoC: tegra: Set driver_name=tegra for all machine drivers - qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute - ipmi/watchdog: Stop watchdog timer when the current action is 'none' - seq_buf: Fix overflow in seq_buf_putmem_hex() - tracing: Simplify & fix saved_tgids logic - tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT - dm btree remove: assign new_root only when removal succeeds - PCI: Leave Apple Thunderbolt controllers on for s2idle or standby - [arm64] PCI: aardvark: Fix checking for PIO Non-posted Request - media: subdev: disallow ioctl for saa6588/davinci - media: dtv5100: fix control-request directions - media: zr364xx: fix memory leak in zr364xx_start_readpipe - media: gspca/sq905: fix control-request direction - media: gspca/sunplus: fix zero-length control requests - media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K - [armhf] pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq() - jfs: fix GPF in diFree - [x86] KVM: x86: Use guest MAXPHYADDR from CPUID.0x8000_0008 iff TDP is enabled - [x86] KVM: X86: Disable hardware breakpoints unconditionally before kvm_x86->run() - scsi: core: Fix bad pointer dereference when ehandler kthread is invalid - tracing: Do not reference char * as a string in histograms - [arm64] PCI: aardvark: Don't rely on jiffies while holding spinlock - [arm64] PCI: aardvark: Fix kernel panic during PIO transfer - [x86] misc/libmasm/module: Fix two use after free in ibmasm_init_one - Revert "ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro" - w1: ds2438: fixing bug that would always get page0 - scsi: lpfc: Fix "Unexpected timeout" error in direct attach topology - scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the SGLs - scsi: core: Cap scsi_host cmd_per_lun at can_queue - [x86] tty: serial: 8250: serial_cs: Fix a memory leak in error handling path - scsi: scsi_dh_alua: Check for negative result value - fs/jfs: Fix missing error code in lmLogInit() - scsi: iscsi: Add iscsi_cls_conn refcount helpers - scsi: iscsi: Fix conn use after free during resets - scsi: iscsi: Fix shost->max_id use - scsi: qedi: Fix null ref during abort handling - [armhf] mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE - [s390x] sclp_vt220: fix console name to match device (Closes: #961056) - [i386] ALSA: sb: Fix potential double-free of CSP mixer elements - [powerpc*] ps3: Add dma_mask to ps3_dma_region - [arm64] gpio: zynq: Check return value of pm_runtime_get_sync - [arm64,armhf] gpio: pca953x: Add support for the On Semi pca9655 - ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() - ALSA: bebob: add support for ToneWeal FW66 - usb: gadget: f_hid: fix endianness issue with descriptors - [powerpc*] boot: Fixup device-tree on little endian - [arm64,armhf] ALSA: hda: Add IRQ check for platform_get_irq() - [x86] intel_th: Wait until port is in reset before programming it - i2c: core: Disable client irq on reboot/shutdown - lib/decompress_unlz4.c: correctly handle zero-padding around initrds. - [x86] power: supply: max17042: Do not enforce (incorrect) interrupt trigger type - [armel,armhf] power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE - [x86] watchdog: Fix possible use-after-free in wdt_startup() - [x86] watchdog: Fix possible use-after-free by calling del_timer_sync() - [x86] watchdog: iTCO_wdt: Account for rebooting on second timeout - [x86] fpu: Return proper error codes from user access functions - [arm64,armhf] PCI: tegra: Add missing MODULE_DEVICE_TABLE - orangefs: fix orangefs df output. - ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty - NFS: nfs_find_open_context() may only select open files - [arm64,armhf] pwm: tegra: Don't modify HW state in .remove callback - [arm64] ACPI: AMBA: Fix resource name in /proc/iomem - [x86] ACPI: video: Add quirk for the Dell Vostro 3350 - virtio-blk: Fix memory leak among suspend/resume procedure - virtio_net: Fix error handling in virtnet_restore() - virtio_console: Assure used length from device is limited (CVE-2021-38160) - f2fs: add MODULE_SOFTDEP to ensure crc32 is included in the initramfs - PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun - NFSv4: Initialise connection to the server in nfs4_alloc_client() (CVE-2021-38199) - nfs: fix acl memory leak of posix_acl_create() - ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode - [x86] fpu: Limit xstate copy size in xstateregs_set() - virtio_net: move tx vq operation under tx queue lock - [i386] ALSA: isa: Fix error return code in snd_cmi8330_probe() - NFSv4/pNFS: Don't call _nfs4_pnfs_v3_ds_connect multiple times - rtc: fix snprintf() checking in is_rtc_hctosys() - [arm64,armhf] reset: bail if try_module_get() fails - [armhf] dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema - scsi: be2iscsi: Fix an error handling path in beiscsi_dev_probe() - net: bridge: multicast: fix PIM hello router port marking race - scsi: scsi_dh_alua: Fix signedness bug in alua_rtpg() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.199 - [armhf] dts: rockchip: fix pinctrl sleep nodename for rk3036-kylin and rk3288 - [armhf] imx: pm-imx5: Fix references to imx5_cpu_suspend_info - [armhf] dts: rockchip: fix supply properties in io-domains nodes - [arm64,armhf] soc/tegra: fuse: Fix Tegra234-only builds - thermal/core: Correct function name thermal_zone_device_unregister() - [arm64,armhf] rtc: max77686: Do not enforce (incorrect) interrupt trigger type - scsi: aic7xxx: Fix unintentional sign extension issue on left shift of u8 - scsi: libsas: Add LUN number check in .slave_alloc callback - scsi: libfc: Fix array index out of bound exception - sched/fair: Fix CFS bandwidth hrtimer expiry type - mm: slab: fix kmem_cache_create failed when sysfs node not destroyed - dm writecache: return the exact table values that were set - dm writecache: fix writing beyond end of underlying device when shrinking - [arm64,armhf] net: dsa: mv88e6xxx: enable .rmu_disable() on Topaz - net: ipv6: fix return value of ip6_skb_dst_mtu - netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo - net: bridge: sync fdb to new unicast-filtering ports - [arm64] net: qcom/emac: fix UAF in emac_remove - net: ti: fix UAF in tlan_remove_one - net: send SYNACK packet with accepted fwmark - net: validate lwtstate->data before returning from skb_tunnel_info() - dma-buf/sync_file: Don't leak fences on merge failure - tcp: annotate data races around tp->mtu_info - ipv6: tcp: drop silly ICMPv6 packet too big messages - udp: annotate data races around unix_sk(sk)->gso_size - net: ip_tunnel: fix mtu calculation for ETHER tunnel devices - igb: Fix use-after-free error during reset - ixgbe: Fix an error handling path in 'ixgbe_probe()' - igb: Fix an error handling path in 'igb_probe()' - e1000e: Fix an error handling path in 'e1000_probe()' - iavf: Fix an error handling path in 'iavf_probe()' - igb: Check if num of q_vectors is smaller than max before array access - igb: Fix position of assignment to *ring - ipv6: fix 'disable_policy' for fwd packets - nvme-pci: do not call nvme_dev_remove_admin from nvme_remove - liquidio: Fix unintentional sign extension issue on left shift of u16 - net: fix uninit-value in caif_seqpkt_sendmsg - net: decnet: Fix sleeping inside in af_decnet - [powerpc*] KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak - netrom: Decrease sock refcount when sock timers expire - scsi: iscsi: Fix iface sysfs attr detection - scsi: target: Fix protect handling in WRITE SAME(32) - net/tcp_fastopen: fix data races around tfo_active_disable_stamp - net/sched: act_skbmod: Skip non-Ethernet packets - nvme-pci: don't WARN_ON in nvme_reset_work if ctrl.state is not RESETTING - Revert "USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem" - sctp: update active_key for asoc when old key is being replaced - net: sched: cls_api: Fix the the wrong parameter - [arm64,armhf] drm/panel: raspberrypi-touchscreen: Prevent double-free - proc: Avoid mixing integer types in mem_rw() - [s390x] ftrace: fix ftrace_update_ftrace_func implementation - ALSA: usb-audio: Add registration quirk for JBL Quantum headsets - [i386] ALSA: sb: Fix potential ABBA deadlock in CSP driver - xhci: Fix lost USB 2 remote wake - [powerpc*] KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow (CVE-2021-37576) - usb: hub: Disable USB 3 device initiated lpm if exit latency is too high - usb: hub: Fix link power management max exit latency (MEL) calculations - USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS - USB: serial: option: add support for u-blox LARA-R6 family - USB: serial: cp210x: fix comments for GE CS1000 - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick - [arm*] usb: dwc2: gadget: Fix sending zero length packet in DDMA mode. - tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. (CVE-2021-3679) - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() - ixgbe: Fix packet corruption due to missing DMA sync - drm: Return -ENOTTY for non-drm ioctls - KVM: do not assume PTE is writable after follow_pfn - KVM: do not allow mapping valid but non-reference-counted pages (CVE-2021-22543) - KVM: Use kvm_pfn_t for local PFN variable in hva_to_pfn_remapped() - [arm64,armhf] net: dsa: mv88e6xxx: use correct .stats_set_histogram() on Topaz - btrfs: compression: don't try to compress if we don't have enough pages - PCI: Mark AMD Navi14 GPU ATS as broken - xhci: add xhci_get_virt_ep() helper https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.200 - [x86] KVM: determine if an exception has an error code only when injecting it. - net: split out functions related to registering inflight socket files - af_unix: fix garbage collect vs MSG_PEEK - workqueue: fix UAF in pwq_unbound_release_workfn() - net/802/mrp: fix memleak in mrp_request_join() - net/802/garp: fix memleak in garp_request_join() - net: annotate data race around sk_ll_usec - sctp: move 198 addresses from unusable to private scope - hfs: add missing clean-up in hfs_fill_super - hfs: fix high memory mapping in hfs_bnode_read - hfs: add lock nesting notation to hfs_find_init - cifs: fix the out of range assignment to bit fields in parse_server_interfaces https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.201 - virtio_net: Do not pull payload in skb->head - gro: ensure frag0 meets IP header alignment - [x86] asm: Ensure asm/proto.h can be included stand-alone - btrfs: fix rw device counting in __btrfs_free_extra_devids - [x86] kvm: fix vcpu-id indexed array sizes - ocfs2: fix zero out valid data - ocfs2: issue zeroout to EOF blocks - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF - can: mcba_usb_start(): add missing urb->transfer_dma initialization - can: usb_8dev: fix memory leak - can: ems_usb: fix memory leak - can: esd_usb2: fix memory leak - NIU: fix incorrect error return, missed in previous revert - nfc: nfcsim: fix use after free during module unload - cfg80211: Fix possible memory leak in function cfg80211_bss_update - netfilter: conntrack: adjust stop timestamp to real expiry value - netfilter: nft_nat: allow to specify layer 4 protocol NAT only - i40e: Fix logic of disabling queues - i40e: Fix log TC creation failure when max num of queues is exceeded - tipc: fix sleeping in tipc accept routine - mlx4: Fix missing error code in mlx4_load_one() - net: llc: fix skb_over_panic - net/mlx5: Fix flow table chaining - sctp: fix return value check in __sctp_rcv_asconf_lookup - tulip: windbond-840: Fix missing pci_disable_device() in probe and remove - sis900: Fix missing pci_disable_device() in probe and remove - [powerpc*] pseries: Fix regression while building external modules - i40e: Add additional info to PHY type error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.202 - btrfs: mark compressed range uptodate only if all bio succeed - r8152: Fix potential PM refcount imbalance - qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union() - net: Fix zero-copy head len calculation. - bdi: move bdi_dev_name out of line - bdi: use bdi_dev_name() to get device name - bdi: add a ->dev_name field to struct backing_dev_info - Revert "Bluetooth: Shutdown controller after workqueues are flushed or cancelled" - [x86] Revert "watchdog: iTCO_wdt: Account for rebooting on second timeout" - padata: validate cpumask without removed CPU during offline - padata: add separate cpuhp node for CPUHP_PADATA_DEAD https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.203 - Revert "ACPICA: Fix memory leak caused by _CID repair function" - ALSA: seq: Fix racy deletion of subscriber - [armhf] imx: add missing iounmap() - ALSA: usb-audio: fix incorrect clock source setting - scsi: sr: Return correct event when media event code is 3 - media: videobuf2-core: dequeue if start_streaming fails - net: natsemi: Fix missing pci_disable_device() in probe and remove - sctp: move the active_key update after sh_keys is added - nfp: update ethtool reporting of pauseframe control - net: ipv6: fix returned variable type in ip6_skb_dst_mtu - bnx2x: fix an error code in bnx2x_nic_load() - net: pegasus: fix uninit-value in get_interrupt_interval - [armhf] net: fec: fix use-after-free in fec_drv_remove - net: vxge: fix use-after-free in vxge_device_unregister - Bluetooth: defer cleanup of resources in hci_unregister_dev() - USB: usbtmc: Fix RCU stall warning - USB: serial: option: add Telit FD980 composition 0x1056 - USB: serial: ch341: fix character loss at high transfer rates - USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2 - firmware_loader: use -ETIMEDOUT instead of -EAGAIN in fw_load_sysfs_fallback - firmware_loader: fix use-after-free in firmware_fallback_sysfs - ALSA: usb-audio: Add registration quirk for JBL Quantum 600 - usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers - usb: gadget: f_hid: fixed NULL pointer dereference - usb: gadget: f_hid: idle uses the highest byte for duration - tracing/histogram: Rename "cpu" to "common_cpu" - [arm64] optee: Clear stale cache entries during initialization - staging: rtl8723bs: Fix a resource leak in sd_int_dpc - media: rtl28xxu: fix zero-length control request - pipe: increase minimum default pipe size to 2 pages - ext4: fix potential htree corruption when growing large_dir directories - serial: 8250: Mask out floating 16/32-bit bus bits - [mips*] Malta: Do not byte-swap accesses to the CBUS UART - [x86] pcmcia: i82092: fix a null pointer dereference bug - [x86] KVM: accept userspace interrupt only if no event is injected - [x86] KVM: x86/mmu: Fix per-cpu counter corruption on 32-bit builds - [armhf] spi: meson-spicc: fix memory leak in meson_spicc_remove - qmi_wwan: add network device usage statistics for qmimux devices - libata: fix ata_pio_sector for CONFIG_HIGHMEM - reiserfs: add check for root_inode in reiserfs_fill_super - reiserfs: check directory items on read from disk - net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and ql_adapter_reset - [armhf] imx: add mmdc ipg clock operation for mmdc https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.204 - [x86] KVM: SVM: Fix off-by-one indexing when nullifying last used SEV VMCB - bpf: Inherit expanded/patched seen count from old aux data (CVE-2021-33624) - bpf: Do not mark insn as seen under speculative path verification (CVE-2021-33624) - bpf: Fix leakage under speculation on mispredicted branches (CVE-2021-33624) - [x86] KVM: MMU: Use the correct inherited permissions to get shadow page (CVE-2021-38198) - USB:ehci:fix Kunpeng920 ehci hardware problem - ppp: Fix generating ppp unit id when ifname is not specified - ovl: prevent private clone if bind mount is not allowed CVE-2021-3732) - net: xilinx_emaclite: Do not print real IOMEM pointer (CVE-2021-38205) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.205 - [x86] ASoC: intel: atom: Fix reference to PCM buffer address - i2c: dev: zero out array used for i2c reads from userspace - [amd64,arm64] ACPI: NFIT: Fix support for virtual SPA ranges - ieee802154: hwsim: fix GPF in hwsim_set_edge_lqi - ieee802154: hwsim: fix GPF in hwsim_new_edge_nl - ppp: Fix generating ifname when empty IFLA_IFNAME is specified - net: Fix memory leak in ieee802154_raw_deliver - net: igmp: fix data-race in igmp_ifc_timer_expire() - net: bridge: fix memleak in br_add_if() - tcp_bbr: fix u32 wrap bug in round logic if bbr_init() called after 2B packets - net: igmp: increase size of mr_ifc_count - xen/events: Fix race in set_evtchn_to_irq - vsock/virtio: avoid potential deadlock when vsock device remove - [powerpc*] kprobes: Fix kprobe Oops happens in booke - genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP - [x86] msi: Force affinity setup before startup - [x86] ioapic: Force affinity setup before startup - genirq/msi: Ensure deactivation on teardown - PCI/MSI: Enable and mask MSI-X early - PCI/MSI: Do not set invalid bits in MSI mask - PCI/MSI: Correct misleading comments - PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown() - PCI/MSI: Protect msi_desc::masked for multi-MSI - PCI/MSI: Mask all unused MSI-X entries - PCI/MSI: Enforce that MSI-X table entry is masked for update - PCI/MSI: Enforce MSI[X] entry updates to be visible - [amd64] iommu/vt-d: Fix agaw for a supported 48 bit guest address width - mac80211: drop data frames without key on encrypted links - [x86] KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) - [x86] KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) - [x86] fpu: Make init_fpstate correct with optimized XSAVE - ath: Use safer key clearing with key cache entries (CVE-2020-3702) - ath9k: Clear key cache explicitly on disabling hardware (CVE-2020-3702) - ath: Export ath_hw_keysetmac() (CVE-2020-3702) - ath: Modify ath_key_delete() to not need full key entry (CVE-2020-3702) - ath9k: Postpone key cache entry deletion for TXQ frames reference it (CVE-2020-3702) - dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is not yet available - scsi: megaraid_mm: Fix end of loop tests for list_for_each_entry() - scsi: scsi_dh_rdac: Avoid crash during rdac_bus_attach() - scsi: core: Avoid printing an error if target_alloc() returns -ENXIO - net: usb: lan78xx: don't modify phy_device state concurrently - Bluetooth: hidp: use correct wait queue when removing ctrl_wait - [arm64] cpufreq: armada-37xx: forbid cpufreq for 1.2 GHz variant - vhost: Fix the calculation in vhost_overflow() - bnxt: don't lock the tx queue from napi poll - bnxt: disable napi before canceling DIM - net: 6pack: fix slab-out-of-bounds in decode_data - net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32 - [arm64,armhf] net: mdio-mux: Don't ignore memory allocation errors - [arm64,armhf] net: mdio-mux: Handle -EPROBE_DEFER correctly - [arm64,armhf] mmc: dw_mmc: Fix hang on data CRC error - ALSA: hda - fix the 'Capture Switch' value change notifications - btrfs: prevent rename2 from exchanging a subvol with a directory from different parents - PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI - [x86] ASoC: intel: atom: Fix breakage for PCM buffer address setup - locks: print a warning when mount fails due to lack of "mand" support - fs: warn about impending deprecation of mandatory locks - netfilter: nft_exthdr: fix endianness of tcp option cast https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.206 - net: qrtr: fix another OOB Read in qrtr_endpoint_post (CVE-2021-3743) - bpf: Do not use ax register in interpreter on div/mod - bpf: Fix 32 bit src register truncation on div/mod (CVE-2021-3600) - bpf: Fix truncation handling for mod32 dst reg wrt zero (CVE-2021-3444) - netfilter: conntrack: collect all entries in one cycle - once: Fix panic when module unload - can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX and TX error counters - Revert "USB: serial: ch341: fix character loss at high transfer rates" - USB: serial: option: add new VID/PID to support Fibocom FG150 - [arm64,armhf] usb: dwc3: gadget: Fix dwc3_calc_trbs_left() - [arm64,armhf] usb: dwc3: gadget: Stop EP0 transfers during pullup disable - [amd64] IB/hfi1: Fix possible null-pointer dereference in _extend_sdma_tx_descs() - e1000e: Fix the max snoop/no-snoop latency for 10M - ip_gre: add validation for csum_start - [arm64] xgene-v2: Fix a resource leak in the error handling path of 'xge_probe()' - [arm64,armhf] net: marvell: fix MVNETA_TX_IN_PRGRS bit number - [arm64] net: hns3: fix get wrong pfc_en when query PFC configuration - usb: gadget: u_audio: fix race condition on endpoint stop - opp: remove WARN when no valid OPPs remain - virtio: Improve vq->broken access to avoid any compiler optimization - virtio_pci: Support surprise removal of virtio pci device - [amd64] vringh: Use wiov->used to check for read/write desc order - qed: qed ll2 race condition fixes - qed: Fix null-pointer dereference in qed_rdma_create_qp() - drm: Copy drm_wait_vblank to user before returning - drm/nouveau/disp: power down unused DP links during init - net/rds: dma_map_sg is entitled to merge entries - vt_kdsetmode: extend console locking (CVE-2021-3753) - fbmem: add margin check to fb_check_caps() - [x86] KVM: x86/mmu: Treat NX as used (not reserved) for all !TDP shadow MMUs - Revert "floppy: reintroduce O_NDELAY fix" - net: don't unconditionally copy_from_user a struct ifreq for socket ioctls https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.207 - ext4: fix race writing to an inline_data file while its xattrs are changing (CVE-2021-40490) - [armhf] gpu: ipu-v3: Fix i.MX IPU-v3 offset calculations for (semi)planar U/V formats - qed: Fix the VF msix vectors flow - [arm64] net: macb: Add a NULL check on desc_ptp - qede: Fix memset corruption - [x86] perf/x86/intel/pt: Fix mask of num_address_ranges - [x86] perf/x86/amd/ibs: Work around erratum #1197 - [armel,armhf] 8918/2: only build return_address() if needed - ALSA: pcm: fix divide error in snd_pcm_lib_ioctl - clk: fix build warning for orphan_list - media: stkwebcam: fix memory leak in stk_camera_probe - [armhf] imx: add missing clk_disable_unprepare() - [armhf] imx: fix missing 3rd argument in macro imx_mmdc_perf_init - igmp: Add ip_mc_list lock in ip_check_mc_rcu - ipv4/icmp: l3mdev: Perform icmp error route lookup on source device routing table (v2) - SUNRPC/nfs: Fix return value for nfs4_callback_compound() - [powerpc*] module64: Fix comment in R_PPC64_ENTRY handling - [powerpc*] boot: Delete unneeded .globl _zimage_start - mm/page_alloc: speed up the iteration of max_order - Revert "btrfs: compression: don't try to compress if we don't have enough pages" - ALSA: usb-audio: Add registration quirk for JBL Quantum 800 - [x86] reboot: Limit Dell Optiplex 990 quirk to early BIOS versions - PCI: Call Max Payload Size-related fixup quirks early - locking/mutex: Fix HANDOFF condition - regmap: fix the offset of register error log - sched/deadline: Fix reset_on_fork reporting of DL tasks - power: supply: axp288_fuel_gauge: Report register-address on readb / writeb errors - sched/deadline: Fix missing clock update in migrate_task_rq_dl() - hrtimer: Avoid double reprogramming in __hrtimer_start_range_ns() - udf: Check LVID earlier - isofs: joliet: Fix iocharset=utf8 mount option - bcache: add proper error unwinding in bcache_device_init - nvme-rdma: don't update queue count when failing to set io queues - [x86] power: supply: max17042_battery: fix typo in MAx17042_TOFF - [s390x] cio: add dev_busid sysfs entry for each subchannel - libata: fix ata_host_start() - [x86] crypto: qat - do not ignore errors from enable_vf2pf_comms() - [x86] crypto: qat - handle both source of interrupt in VF ISR - [x86] crypto: qat - fix reuse of completion variable - [x86] crypto: qat - fix naming for init/shutdown VF to PF notifications - [x86] crypto: qat - do not export adf_iov_putmsg() - fcntl: fix potential deadlock for &fasync_struct.fa_lock - udf_get_extendedattr() had no boundary checks. - lib/mpi: use kcalloc in mpi_resize - [x86] crypto: qat - use proper type for vf_mask - media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init - media: dvb-usb: fix uninit-value in vp702x_read_mac_addr - media: go7007: remove redundant initialization - Bluetooth: sco: prevent information leak in sco_conn_defer_accept() - tcp: seq_file: Avoid skipping sk during tcp_seek_last_pos - media: em28xx-input: fix refcount bug in em28xx_usb_disconnect - [arm64] media: venus: venc: Fix potential null pointer dereference on pointer fmt - PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently - PCI: PM: Enable PME if it can be signaled from D3cold - Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow - [arm64] drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear necessary LMs - Bluetooth: fix repeated calls to sco_sock_kill - [arm64] drm/msm/dsi: Fix some reference counted resource leaks - [armhf] usb: phy: twl6030: add IRQ checks - Bluetooth: Move shutdown callback before flushing tx and rx queue - mac80211: Fix insufficient headroom issue for AMSDU - Bluetooth: add timeout sanity check to hci_inquiry - [armhf] i2c: s3c2410: fix IRQ check - [arm64,armhf] mmc: dw_mmc: Fix issue with uninitialized dma_slave_config - CIFS: Fix a potencially linear read overflow - [arm*] usb: ehci-orion: Handle errors of clk_prepare_enable() in probe - ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() - bcma: Fix memory leak for internally-handled cores - ipv4: make exception cache less predictible - net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed - ipv4: fix endianness issue in inet_rtm_getroute_build_skb() - netns: protect netns ID lookups with RCU - fscrypt: add fscrypt_symlink_getattr() for computing st_size - ext4: report correct st_size for encrypted symlinks - f2fs: report correct st_size for encrypted symlinks - ubifs: report correct st_size for encrypted symlinks - tty: Fix data race between tiocsti() and flush_to_ldisc() - [x86] KVM: Update vCPU's hv_clock before back to guest when tsc_offset is adjusted - fbmem: don't allow too huge resolutions - [arm64,armhf] backlight: pwm_bl: Improve bootloader/kernel device handover - [armel] clk: kirkwood: Fix a clocking boot regression - btrfs: reset replace target device to allocation state on close - blk-zoned: allow zone management send operations without CAP_SYS_ADMIN - blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN - PCI/MSI: Skip masking MSI-X on Xen PV - [powerpc*] perf/hv-gpci: Fix counter value parsing - xen: fix setting of max_pfn in shared_info - 9p/xen: Fix end of loop tests for list_for_each_entry - bpf/verifier: per-register parent pointers - bpf: correct slot_type marking logic to allow more stack slot sharing - bpf: Support variable offset stack access from helpers - bpf: Reject indirect var_off stack access in raw mode - bpf: Reject indirect var_off stack access in unpriv mode - bpf: Sanity check max value for var_off stack access - bpf: track spill/fill of constants - bpf: Introduce BPF nospec instruction for mitigating Spectre v4 (CVE-2021-34556, CVE-2021-35477) - bpf: Fix leakage due to insufficient speculative store bypass mitigation (CVE-2021-34556, CVE-2021-35477) - bpf: verifier: Allocate idmap scratch in verifier env - bpf: Fix pointer arithmetic mask tightening under state pruning - [arm64] head: avoid over-mapping in map_memory - block: bfq: fix bfq_set_next_ioprio_data() - [x86] power: supply: max17042: handle fails of reading status register - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc() - [x86] VMCI: fix NULL pointer dereference when unmapping queue pair - media: uvc: don't do DMA on stack - media: rc-loopback: return number of emitters rather than error - libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs - PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported - PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure - [arm64] PCI: xilinx-nwl: Enable the clock through CCF - [arm64] PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response - [arm64] PCI: aardvark: Fix masking and unmasking legacy INTx interrupts - HID: input: do not report stylus battery state as "full" - RDMA/iwcm: Release resources if iw_cm module initialization fails - docs: Fix infiniband uverbs minor number - [armhf] pinctrl: samsung: Fix pinctrl bank pin count - [powerpc*] stacktrace: Include linux/delay.h - [arm64,armhf] pinctrl: single: Fix error return code in pcs_parse_bits_in_pinctrl_entry() - scsi: qedi: Fix error codes in qedi_alloc_global_queues() - [x86] platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call - fscache: Fix cookie key hashing - f2fs: fix to account missing .skipped_gc_rwsem - f2fs: fix to unmap pages from userspace process in punch_hole() - [mips*] Malta: fix alignment of the devicetree buffer - userfaultfd: prevent concurrent API initialization - media: dib8000: rewrite the init prbs logic - PCI: Use pci_update_current_state() in pci_enable_device_flags() - tipc: keep the skb in rcv queue until the whole data is read - video: fbdev: kyro: fix a DoS bug by restricting user input - netlink: Deal with ESRCH error in nlmsg_notify() - usb: gadget: u_ether: fix a potential null pointer dereference - usb: gadget: composite: Allow bMaxPower=0 if self-powered - tty: serial: jsm: hold port lock when reporting modem line changes - video: fbdev: kyro: Error out if 'pixclock' equals zero - ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs() - flow_dissector: Fix out-of-bounds warnings - [s390x] jump_label: print real address in a case of a jump label bug - serial: 8250: Define RX trigger levels for OxSemi 950 devices - serial: 8250_pci: make setup_port() parameters explicitly unsigned - Bluetooth: skip invalid hci_sync_conn_complete_evt - bonding: 3ad: fix the concurrency between __bond_release_one() and bond_3ad_state_machine_handler() - [x86] ASoC: Intel: bytcr_rt5640: Move "Platform Clock" routes to the maps for the matching in-/output - media: v4l2-dv-timings.c: fix wrong condition in two for-loops - [armhf] dts: imx53-ppd: Fix ACHC entry - [arm64] dts: qcom: sdm660: use reg value for memory node - [arm64] net: ethernet: stmmac: Do not use unreachable() in ipq806x_gmac_probe() - Bluetooth: schedule SCO timeouts with delayed_work - Bluetooth: avoid circular locks in sco_sock_connect - gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable access in amdgpu_i2c_router_select_ddc_port() - Bluetooth: Fix handling of LE Enhanced Connection Complete - tcp: enable data-less, empty-cookie SYN with TFO_SERVER_COOKIE_NOT_REQD - rpc: fix gss_svc_init cleanup on failure - [x86] staging: rts5208: Fix get_ms_information() heap buffer size - gfs2: Don't call dlm after protocol is unmounted - of: Don't allow __of_attached_node_sysfs() without CONFIG_SYSFS - [arm64] mmc: sdhci-of-arasan: Check return value of non-void funtions - mmc: rtsx_pci: Fix long reads when clock is prescaled - mmc: core: Return correct emmc response in case of ioctl error - cifs: fix wrong release in sess_alloc_buffer() failed path - Revert "USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set" - [armhf] usb: musb: musb_dsps: request_irq() after initializing musb - usbip: give back URBs for unsent unlink requests during cleanup - usbip:vhci_hcd USB port can get stuck in the disabled state - [arm64,armhf] ASoC: rockchip: i2s: Fix regmap_ops hang - [arm64,armhf] ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B - parport: remove non-zero check on count - ath9k: fix OOB read ar9300_eeprom_restore_internal - ath9k: fix sleeping in atomic context - ovl: fix BUG_ON() in may_delete() when called from ovl_cleanup() - [x86] scsi: BusLogic: Fix missing pr_cont() use - scsi: qla2xxx: Sync queue idx with queue_pair_map idx - [powerpc*] cpufreq: powernv: Fix init_chip_info initialization in numa=off - mm/hugetlb: initialize hugetlb_usage in mm_init - memcg: enable accounting for pids in nested pid namespaces - [arm64,armhf] platform/chrome: cros_ec_proto: Send command again when timeout occurs - drm/amdgpu: Fix BUG_ON assert - dm thin metadata: Fix use-after-free in dm_bm_set_read_only - [x86] xen: reset legacy rtc flag for PV domU - bnx2x: Fix enabling network interfaces without VFs - [arm64] sve: Use correct size when reinitialising SVE state - PM: base: power: don't try to use non-existing RTC for storing data - PCI: Add AMD GPU multi-function power dependencies - [x86] mm: Fix kern_addr_valid() to cope with existing but not present entries - tipc: fix an use-after-free issue in tipc_recvmsg - dccp: don't duplicate ccid when cloning dccp sock (CVE-2020-16119) - net/l2tp: Fix reference count leak in l2tp_udp_recv_core - r6040: Restore MDIO clock frequency after MAC reset - tipc: increase timeout in tipc_sk_enqueue() - net/mlx5: Fix potential sleeping in atomic context - events: Reuse value read using READ_ONCE instead of re-reading it - net/af_unix: fix a data-race in unix_dgram_poll - [arm64,armhf] net: dsa: destroy the phylink instance on any error in dsa_slave_phy_setup - tcp: fix tp->undo_retrans accounting in tcp_sacktag_one() - qed: Handle management FW error - [arm64] net: hns3: pad the short tunnel frame before sending to hardware - mm/memory_hotplug: use "unsigned long" for PFN in zone_for_pfn_range() - [s390x] KVM: index kvm->arch.idle_mask by vcpu_idx - dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation - [armhf] mfd: Don't use irq_create_mapping() to resolve a mapping - PCI: Add ACS quirks for Cavium multi-function devices - net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920 - block, bfq: honor already-setup queue merges - ethtool: Fix an error code in cxgb2.c - mfd: axp20x: Update AXP288 volatile ranges - PCI: Fix pci_dev_str_match_path() alloc while atomic bug - [arm64] KVM: Handle PSCI resets before userspace touches vCPU state - mtd: rawnand: cafe: Fix a resource leak in the error handling path of 'cafe_nand_probe()' - [armhf] net: dsa: b53: Fix calculating number of switch ports - netfilter: socket: icmp6: fix use-after-scope - fq_codel: reject silly quantum parameters - qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom - ip_gre: validate csum_start only on pull https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.208 - [s390x] bpf: Fix optimizing out zero-extensions - KVM: remember position in kvm->vcpus array - rcu: Fix missed wakeup of exp_wq waiters - apparmor: remove duplicate macro list_entry_is_head() - tracing/kprobe: Fix kprobe_on_func_entry() modification - sctp: validate chunk size in __rcv_asconf_lookup (CVE-2021-3655) - sctp: add param size validation for SCTP_PARAM_SET_PRIMARY (CVE-2021-3655) - dmaengine: acpi: Avoid comparison GSI with Linux vIRQ - [armhf] thermal/drivers/exynos: Fix an error code in exynos_tmu_probe() - 9p/trans_virtio: Remove sysfs file on probe failure - prctl: allow to setup brk for et_dyn executables - nilfs2: use refcount_dec_and_lock() to fix potential UAF - profiling: fix shift-out-of-bounds bugs - drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION() - ceph: lockdep annotations for try_nonblocking_invalidate - nilfs2: fix memory leak in nilfs_sysfs_create_device_group - nilfs2: fix NULL pointer in nilfs_##name##_attr_release - nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group - nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group - nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group - nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group - [arm64,armhf] pwm: rockchip: Don't modify HW state in .remove() callback - blk-throttle: fix UAF by deleteing timer in blk_throtl_exit() - drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.195-rt82 * [rt] Update to 4.19.196-rt83 * Bump ABI to 18 * [rt] Update to 4.19.197-rt84 * Refresh "fs: Add MODULE_SOFTDEP declarations for hard-coded crypto drivers" * [rt] Update to 4.19.198-rt85 * Refresh "scsi: hisi_sas: Create separate host attributes per HBA" * [rt] Update to 4.19.199-rt86 * [rt] Update to 4.19.206-rt87 * [rt] Update to 4.19.207-rt88 * hso: fix bailout in error case of probe * usb: hso: fix error handling code of hso_create_net_device (CVE-2021-37159) * usb: hso: remove the bailout parameter linux (4.19.194-3) buster-security; urgency=high . * [x86] KVM: SVM: Periodically schedule when unregistering regions on destroy (CVE-2020-36311) * can: bcm: fix infoleak in struct bcm_msg_head (CVE-2021-34693) * can: bcm: delay release of struct bcm_op after synchronize_rcu() (CVE-2021-3609) * seq_file: Disallow extremely large seq buffer allocations (CVE-2021-33909) linux (4.19.194-2) buster; urgency=medium . * proc: Track /proc/$pid/attr/ opener mm_struct (Closes: #990072) linux-latest (105+deb10u13) buster; urgency=medium . * Update to 4.19.0-18 linux-signed-amd64 (4.19.208+1) buster; urgency=medium . * Sign kernel from linux 4.19.208-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.195 - perf/core: Fix endless multiplex timer - net/nfc/rawsock.c: fix a permission check bug - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Glavey TM800A550L tablet - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Lenovo Miix 3-830 tablet - bonding: init notify_work earlier to avoid uninitialized use - netlink: disable IRQs for netlink_lock_table() - net: mdiobus: get rid of a BUG_ON() - cgroup: disable controllers at parse time - wq: handle VM suspension in stall detection - net/qla3xxx: fix schedule while atomic in ql_sem_spinlock - RDS tcp loopback connection can hang - scsi: bnx2fc: Return failure if io_req is already in ABTS processing - [x86] scsi: vmw_pvscsi: Set correct residual data length - scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal - [arm64] net: macb: ensure the device is available before accessing GEMGXL control registers - nvme-fabrics: decode host pathing error for connect - [mips*] Fix kernel hang under FUNCTION_GRAPH_TRACER and PREEMPT_TRACER - bnx2x: Fix missing error code in bnx2x_iov_init_one() - [powerpc*] i2c: mpc: Make use of i2c_recover_bus() - [powerpc*] i2c: mpc: implement erratum A-004447 workaround - drm: Fix use-after-free read in drm_getunique() - drm: Lock pointer access in drm_master_release() - kvm: avoid speculation-based attacks from out-of-range memslot accesses - [arm64,x86] staging: rtl8723bs: Fix uninitialized variables - btrfs: return value from btrfs_mark_extent_written() in case of error - cgroup1: don't allow '\n' in renaming - USB: f_ncm: ncm_bitrate (speed) is unsigned - usb: f_ncm: only first packet of aggregate needs to start timer - usb: pd: Set PD_T_SINK_WAIT_CAP to 310ms - [arm64,armhf] usb: dwc3: ep0: fix NULL pointer exception - [x86] usb: typec: ucsi: Clear PPM capability data in ucsi_init() error path - usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind - USB: serial: ftdi_sio: add NovaTech OrionMX product ID - USB: serial: omninet: add device id for Zyxel Omni 56K Plus - USB: serial: quatech2: fix control-request directions - USB: serial: cp210x: fix alternate function for CP2102N QFN20 - usb: gadget: eem: fix wrong eem header operation - usb: fix various gadgets null ptr deref on 10gbps cabling. - usb: fix various gadget panics on 10gbps cabling - regulator: core: resolve supply for boot-on/always-on regulators - [arm64] regulator: max77620: Use device_set_of_node_from_dev() - RDMA/mlx4: Do not map the core_clock page to user space unless enabled - perf: Fix data race between pin_count increment/decrement - sched/fair: Make sure to update tg contrib for blocked load - IB/mlx5: Fix initializing CQ fragments buffer - NFS: Fix a potential NULL dereference in nfs_get_client() - NFSv4: Fix deadlock between nfs4_evict_inode() and nfs4_opendata_get_inode() - perf session: Correct buffer copying when peeking events - kvm: fix previous commit for 32-bit builds - NFS: Fix use-after-free in nfs4_init_client() - NFSv4: Fix second deadlock in nfs4_evict_inode() - NFSv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error. - scsi: core: Fix error handling of scsi_host_alloc() - scsi: core: Put .shost_dev in failure path if host state changes to RUNNING - scsi: core: Only put parent device if host state differs from SHOST_CREATED - ftrace: Do not blindly read the ip address in ftrace_bug() - tracing: Correct the length check which causes memory corruption - proc: only require mm_struct for writing https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.196 - net: ieee802154: fix null deref in parse dev addr - HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65 - HID: hid-sensor-hub: Return error for hid_set_field() failure - HID: Add BUS_VIRTUAL to hid_connect logging - HID: usbhid: fix info leak in hid_submit_ctrl - gfs2: Prevent direct-I/O write fallback errors from getting lost - gfs2: Fix use-after-free in gfs2_glock_shrink_scan - scsi: target: core: Fix warning on realtime kernels - ethernet: myri10ge: Fix missing error code in myri10ge_probe() - scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V - net: ipconfig: Don't override command-line hostnames or domains - rtnetlink: Fix missing error code in rtnl_bridge_notify() - net: Return the correct errno code - fib: Return the correct errno code - afs: Fix an IS_ERR() vs NULL check - mm/memory-failure: make sure wait for page writeback in memory_failure - batman-adv: Avoid WARN_ON timing related checks - net: ipv4: fix memory leak in netlbl_cipsov4_add_std - net: rds: fix memory leak in rds_recvmsg - udp: fix race between close() and udp_abort() - rtnetlink: Fix regression in bridge VLAN configuration - net/mlx5e: Block offload of outer header csum for UDP tunnels - netfilter: synproxy: Fix out of bounds when parsing TCP options - sch_cake: Fix out of bounds when parsing TCP options and header - alx: Fix an error handling path in 'alx_probe()' - net: stmmac: dwmac1000: Fix extended MAC address registers definition - net: add documentation to socket.c - net: make get_net_ns return error if NET_NS is disabled - qlcnic: Fix an error handling path in 'qlcnic_probe()' - netxen_nic: Fix an error handling path in 'netxen_nic_probe()' - ptp: ptp_clock: Publish scaled_ppm_to_ppb - ptp: improve max_adj check against unreasonable values - net: cdc_ncm: switch to eth%d interface naming - net: usb: fix possible use-after-free in smsc75xx_bind - [armhf] net: fec_ptp: fix issue caused by refactor the fec_devtype - net: ipv4: fix memory leak in ip_mc_add1_src - net/af_unix: fix a data-race in unix_dgram_sendmsg / unix_release_sock - be2net: Fix an error handling path in 'be_probe()' - net: hamradio: fix memory leak in mkiss_close - net: cdc_eem: fix tx fixup skb leak - icmp: don't send out ICMP messages with a source address of 0.0.0.0 - radeon: use memcpy_to/fromio for UVD fw upload - hwmon: (scpi-hwmon) shows the negative temperature properly - can: mcba_usb: fix memory leak in mcba_usb - usb: core: hub: Disable autosuspend for Cypress CY7C65632 - tracing: Do not stop recording cmdlines when tracing is off - tracing: Do not stop recording comms if the trace file is being read - tracing: Do no increment trace_clock_global() by one - PCI: Mark TI C667X to avoid bus reset - PCI: Mark some NVIDIA GPUs to avoid bus reset - PCI: Add ACS quirk for Broadcom BCM57414 NIC - PCI: Work around Huawei Intelligent NIC VF FLR erratum - [arm64,armhf] dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc - net: bridge: fix vlan tunnel dst null pointer dereference - net: bridge: fix vlan tunnel dst refcnt when egressing - mm/slub: clarify verification reporting - mm/slub.c: include swab.h - [armhf] net: fec_ptp: add clock rate zero check - [arm64,armhf] KVM: arm/arm64: Fix KVM_VGIC_V3_ADDR_TYPE_REDIST read - can: bcm/raw/isotp: use per module netdevice notifier - inet: use bigger hash table for IP ID generation - [arm64,armhf] usb: dwc3: debugfs: Add and remove endpoint dirs dynamically - [arm64,armhf] usb: dwc3: core: fix kernel panic when do reboot - [x86] fpu: Reset state for all signal restore failures - module: limit enabling module.sig_enforce (CVE-2021-35039) - drm/nouveau: wait for moving fence after pinning v2 - drm/radeon: wait for moving fence after pinning - Revert "PCI: PM: Do not read power state in pci_enable_device_flags()" - mac80211: remove warning in ieee80211_get_sband() - cfg80211: call cfg80211_leave_ocb when switching away from OCB - mac80211: drop multicast fragments - net: ethtool: clear heap allocations for ethtool function - ping: Check return value of function 'ping_queue_rcv_skb' - inet: annotate date races around sk->sk_txhash - net/packet: annotate accesses to po->bind - net/packet: annotate accesses to po->ifindex - r8152: Avoid memcpy() over-reading of ETH_SS_STATS - r8169: Avoid memcpy() over-reading of ETH_SS_STATS - net: qed: Fix memcpy() overflow of qed_dcbx_params() - [x86] PCI: Add AMD RS690 quirk to enable 64-bit DMA - nilfs2: fix memory leak in nilfs_sysfs_delete_device_group - i2c: robotfuzz-osif: fix control-request directions https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.197 - mm: add VM_WARN_ON_ONCE_PAGE() macro - mm/rmap: remove unneeded semicolon in page_not_mapped() - mm/rmap: use page_not_mapped in try_to_unmap() - mm/thp: fix __split_huge_pmd_locked() on shmem migration entry - mm/thp: make is_huge_zero_pmd() safe and quicker - mm/thp: try_to_unmap() use TTU_SYNC for safe splitting - mm/thp: fix vma_address() if virtual address below file offset - mm/thp: fix page_address_in_vma() on file THP tails - mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page() - mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split - mm: page_vma_mapped_walk(): use page for pvmw->page - mm: page_vma_mapped_walk(): settle PageHuge on entry - mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd - mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block - mm: page_vma_mapped_walk(): crossing page table boundary - mm: page_vma_mapped_walk(): add a level of indentation - mm: page_vma_mapped_walk(): use goto instead of while (1) - mm: page_vma_mapped_walk(): get vma_address_end() earlier - mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes - mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk() - mm, futex: fix shared futex pgoff on shmem huge page - scsi: sr: Return appropriate error code when disk is ejected - drm/nouveau: fix dma_address check for CPU/GPU sync - ext4: eliminate bogus error in ext4_data_block_valid_rcu() - kthread_worker: split code for canceling the delayed work timer - kthread: prevent deadlock when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync() - xen/events: reset active flag for lateeoi events later - [x86] KVM: SVM: Call SEV Guest Decommission if ASID binding fails - [armhf] OMAP: replace setup_irq() by request_irq() - [armhf] clocksource/drivers/timer-ti-dm: Add clockevent and clocksource support - [armhf] clocksource/drivers/timer-ti-dm: Prepare to handle dra7 timer wrap issue - [armhf] clocksource/drivers/timer-ti-dm: Handle dra7 timer wrap errata i940 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.198 - scsi: core: Retry I/O for Notify (Enable Spinup) Required error - ALSA: usb-audio: fix rate on Ozone Z90 USB headset - ALSA: usb-audio: Fix OOB access at proc output - media: dvb-usb: fix wrong definition - Input: usbtouchscreen - fix control-request directions - net: can: ems_usb: fix use-after-free in ems_usb_disconnect() - usb: gadget: eem: fix echo command packet response issue - USB: cdc-acm: blacklist Heimann USB Appset device - [arm64,armhf] usb: dwc3: Fix debugfs creation flow - [x86] usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() - xhci: solve a double free problem while doing s4 - iov_iter_fault_in_readable() should do nothing in xarray case - Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl (CVE-2021-3612) - [armel,armhf] arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode - btrfs: send: fix invalid path for unlink operations after parent orphanization - btrfs: clear defrag status of a root if starting transaction fails - ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle - ext4: fix kernel infoleak via ext4_extent_header - ext4: return error code when ext4_fill_flex_info() fails - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit - ext4: remove check for zero nr_to_scan in ext4_es_scan() - ext4: fix avefreec in find_group_orlov - ext4: use ext4_grp_locked_error in mb_find_extent - can: gw: synchronize rcu operations before removing gw job entry - can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path - SUNRPC: Fix the batch tasks count wraparound. - SUNRPC: Should wake up the privileged task firstly. - [s390x] cio: dont call css_wait_for_slow_path() inside a lock - [x86] serial_cs: Add Option International GSM-Ready 56K/ISDN modem - [x86] serial_cs: remove wrong GLOBETROTTER.cis entry - ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() - ssb: sdio: Don't overwrite const buffer if block_write fails - rsi: Assign beacon rate settings to the correct rate_info descriptor field - rsi: fix AP mode with WPA failure due to encrypted EAPOL - tracing/histograms: Fix parsing of "sym-offset" modifier - tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing - seq_buf: Make trace_seq_putmem_hex() support data longer than 8 - [powerpc*] stacktrace: Fix spurious "stale" traces in raise_backtrace_ipi() - fuse: check connected before queueing on fpq->io - spi: Make of_register_spi_device also set the fwnode - [i386] spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() - media: cpia2: fix memory leak in cpia2_usb_probe - media: pvrusb2: fix warning in pvr2_i2c_core_done - [x86] crypto: qat - check return code of qat_hal_rd_rel_reg() - [x86] crypto: qat - remove unused macro in FW loader - sched/fair: Fix ascii art by relpacing tabs - media: em28xx: Fix possible memory leak of em28xx struct - media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release - media: bt8xx: Fix a missing check bug in bt878_probe - media: dvd_usb: memory leak in cinergyt2_fe_attach - mmc: via-sdmmc: add a check against NULL pointer dereference - crypto: shash - avoid comparing pointers to exported functions under CFI - media: dvb_net: avoid speculation from net slot - media: siano: fix device register error path - btrfs: fix error handling in __btrfs_update_delayed_inode - btrfs: abort transaction if we fail to update the delayed inode - btrfs: disable build on platforms having page size 256K - [armhf] regulator: da9052: Ensure enough delay time for .set_voltage_time_sel - HID: do not use down_interruptible() when unbinding devices - ACPI: processor idle: Fix up C-state latency if not ordered - [x86] hv_utils: Fix passing zero to 'PTR_ERR' warning - lib: vsprintf: Fix handling of number field widths in vsscanf - ACPI: EC: Make more Asus laptops use ECDT _GPE - block_dump: remove block_dump feature in mark_inode_dirty() - fs: dlm: cancel work sync othercon - random32: Fix implicit truncation warning in prandom_seed_state() - fs: dlm: fix memory leak when fenced - ACPICA: Fix memory leak caused by _CID repair function - ACPI: bus: Call kobject_put() in acpi_init() error path - [x86] platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() - clocksource: Retry clock read if long delays detected - HID: wacom: Correct base usage for capacitive ExpressKey status bits - [armhf] sata_highbank: fix deferred probing - [mips*] pata_octeon_cf: avoid WARN_ON() in ata_host_activate() - [x86] crypto: ccp - Fix a resource leak in an error handling path - media: rc: i2c: Fix an error message - media: gspca/gl860: fix zero-length control requests - media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() - btrfs: clear log tree recovering status if starting transaction fails - [armhf] spi: spi-sun6i: Fix chipselect/clock bug - ACPI: sysfs: Fix a buffer overrun problem with description_show() - blk-wbt: introduce a new disable state to prevent false positive by rwb_enabled() - blk-wbt: make sure throttle is enabled properly - ocfs2: fix snprintf() checking - [arm64,armhf] net: mvpp2: Put fwnode in error case during ->probe() - [i386] net: pch_gbe: Propagate error from devm_gpio_request_one() - [arm64] drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() - RDMA/rxe: Fix failure during driver load - drm: qxl: ensure surf.data is ininitialized - ieee802154: hwsim: Fix possible memory leak in hwsim_subscribe_all_others - [arm64] wcn36xx: Move hal_buf allocation to devm_kmalloc in probe - ssb: Fix error return code in ssb_bus_scan() - brcmfmac: fix setting of station info chains bitmask - brcmfmac: correctly report average RSSI in station info - brcmsmac: mac80211_if: Fix a resource leak in an error handling path - ath10k: Fix an error code in ath10k_add_interface() - RDMA/mlx5: Don't add slave port to unaffiliated list - netfilter: nft_exthdr: check for IPv6 packet before further processing - netfilter: nft_osf: check for TCP packet before further processing - netfilter: nft_tproxy: restrict support to TCP and UDP transport protocols - RDMA/rxe: Fix qp reference counting for atomic ops - pkt_sched: sch_qfq: fix qfq_change_class() error path - vxlan: add missing rcu_read_lock() in neigh_reduce() - net/ipv4: swap flow ports when validating source - ieee802154: hwsim: Fix memory leak in hwsim_add_one - ieee802154: hwsim: avoid possible crash in hwsim_del_edge_nl() - mac80211: remove iwlwifi specific workaround NDPs of null_response - ipv6: exthdrs: do not blindly use init_net - bpf: Do not change gso_size during bpf_skb_change_proto() - i40e: Fix error handling in i40e_vsi_open - i40e: Fix autoneg disabling for non-10GBaseT links - ipv6: fix out-of-bound access in ip6_parse_tlv() - Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid - Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event - writeback: fix obtain a reference to a freeing memcg css - net: lwtunnel: handle MTU calculation in forwading - net: sched: fix warning in tcindex_alloc_perfect_hash - RDMA/mlx5: Don't access NULL-cleared mpi pointer - tty: nozomi: Fix a resource leak in an error handling function - mwifiex: re-fix for unaligned accesses - [arm64] ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() - [x86] char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() - tty: nozomi: Fix the error handling path of 'nozomi_card_init()' - scsi: FlashPoint: Rename si_flags field - serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates - of: Fix truncation of memory sizes on 32-bit platforms - [armhf] mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() - scsi: mpt3sas: Fix error return value in _scsih_expander_add() - configfs: fix memleak in configfs_release_bin_file - [powerpc*] Offline CPU in stop_this_cpu() - [arm64] serial: mvebu-uart: correctly calculate minimal possible baudrate - vfio/pci: Handle concurrent vma faults - mm/huge_memory.c: don't discard hugepage if other processes are mapping it - mmc: block: Disable CMDQ on the ioctl path - mmc: vub3000: fix control-request direction - drm/amd/amdgpu/sriov disable all ip hw status by default - [i386] net: pch_gbe: Use proper accessors to BE data in pch_ptp_match() - hugetlb: clear huge pte during flush function on mips platform - atm: iphase: fix possible use-after-free in ia_module_exit() - mISDN: fix possible use-after-free in HFC_cleanup() - atm: nicstar: Fix possible use-after-free in nicstar_cleanup() - net: Treat __napi_schedule_irqoff() as __napi_schedule() on PREEMPT_RT - reiserfs: add check for invalid 1st journal block - drm/virtio: Fix double free on probe failure - udf: Fix NULL pointer dereference in udf_symlink function - e100: handle eeprom as little endian - [arm64,armhf] clk: tegra: Ensure that PLLU configuration is applied properly - ipv6: use prandom_u32() for ID generation - RDMA/cxgb4: Fix missing error code in create_qp() - dm space maps: don't reset space map allocation cursor when committing - [armhf] pinctrl: mcp23s08: fix race condition in irq handler - ice: set the value of global config lock timeout longer - virtio_net: Remove BUG() to avoid machine dead - [arm64,armhf] net: mvpp2: check return value after calling platform_get_resource() - [amd64] fjes: check return value after calling platform_get_resource() - selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC - xfrm: Fix error reporting in xfrm_state_construct. - [arm64,armhf] wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP - [arm64,armhf] wl1251: Fix possible buffer overflow in wl1251_cmd_scan - net: fix mistake path for netdev_features_strings - rtl8xxxu: Fix device info for RTL8192EU devices - atm: nicstar: use 'dma_free_coherent' instead of 'kfree' - atm: nicstar: register the interrupt handler in the right place - vsock: notify server to shutdown when client has pending signal - RDMA/rxe: Don't overwrite errno from ib_umem_get() - iwlwifi: mvm: don't change band on bound PHY contexts - iwlwifi: pcie: free IML DMA memory allocation - sfc: avoid double pci_remove of VFs - sfc: error code if SRIOV cannot be disabled - wireless: wext-spy: Fix out-of-bounds warning - net: ip: avoid OOM kills with large UDP sends over loopback - RDMA/cma: Fix rdma_resolve_route() memory leak - Bluetooth: Fix the HCI to MGMT status conversion table - Bluetooth: Shutdown controller after workqueues are flushed or cancelled - Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc. - sctp: validate from_addr_param return (CVE-2021-3655) - sctp: add size validation when walking chunks (CVE-2021-3655) - fscrypt: don't ignore minor_hash when hash is 0 - bdi: Do not use freezable workqueue - [arm64] serial: mvebu-uart: clarify the baud rate derivation - [arm64] serial: mvebu-uart: fix calculation of clock divisor - fuse: reject internal errno - [powerpc*] barrier: Avoid collision with clang's __lwsync macro - usb: gadget: f_fs: Fix setting of device and driver data cross-references - drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() - pinctrl/amd: Add device HID for new AMD GPIO controller - [arm64] drm/msm/mdp4: Fix modifier support enabling - mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode - mmc: core: clear flags before allowing to retune - mmc: core: Allow UHS-I voltage switch for SDSC cards if supported - [armhf] ata: ahci_sunxi: Disable DIPM - cpu/hotplug: Cure the cpusets trainwreck - [arm64,armhf] clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround - [arm64,armhf] ASoC: tegra: Set driver_name=tegra for all machine drivers - qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute - ipmi/watchdog: Stop watchdog timer when the current action is 'none' - seq_buf: Fix overflow in seq_buf_putmem_hex() - tracing: Simplify & fix saved_tgids logic - tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT - dm btree remove: assign new_root only when removal succeeds - PCI: Leave Apple Thunderbolt controllers on for s2idle or standby - [arm64] PCI: aardvark: Fix checking for PIO Non-posted Request - media: subdev: disallow ioctl for saa6588/davinci - media: dtv5100: fix control-request directions - media: zr364xx: fix memory leak in zr364xx_start_readpipe - media: gspca/sq905: fix control-request direction - media: gspca/sunplus: fix zero-length control requests - media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K - [armhf] pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq() - jfs: fix GPF in diFree - [x86] KVM: x86: Use guest MAXPHYADDR from CPUID.0x8000_0008 iff TDP is enabled - [x86] KVM: X86: Disable hardware breakpoints unconditionally before kvm_x86->run() - scsi: core: Fix bad pointer dereference when ehandler kthread is invalid - tracing: Do not reference char * as a string in histograms - [arm64] PCI: aardvark: Don't rely on jiffies while holding spinlock - [arm64] PCI: aardvark: Fix kernel panic during PIO transfer - [x86] misc/libmasm/module: Fix two use after free in ibmasm_init_one - Revert "ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro" - w1: ds2438: fixing bug that would always get page0 - scsi: lpfc: Fix "Unexpected timeout" error in direct attach topology - scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the SGLs - scsi: core: Cap scsi_host cmd_per_lun at can_queue - [x86] tty: serial: 8250: serial_cs: Fix a memory leak in error handling path - scsi: scsi_dh_alua: Check for negative result value - fs/jfs: Fix missing error code in lmLogInit() - scsi: iscsi: Add iscsi_cls_conn refcount helpers - scsi: iscsi: Fix conn use after free during resets - scsi: iscsi: Fix shost->max_id use - scsi: qedi: Fix null ref during abort handling - [armhf] mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE - [s390x] sclp_vt220: fix console name to match device (Closes: #961056) - [i386] ALSA: sb: Fix potential double-free of CSP mixer elements - [powerpc*] ps3: Add dma_mask to ps3_dma_region - [arm64] gpio: zynq: Check return value of pm_runtime_get_sync - [arm64,armhf] gpio: pca953x: Add support for the On Semi pca9655 - ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() - ALSA: bebob: add support for ToneWeal FW66 - usb: gadget: f_hid: fix endianness issue with descriptors - [powerpc*] boot: Fixup device-tree on little endian - [arm64,armhf] ALSA: hda: Add IRQ check for platform_get_irq() - [x86] intel_th: Wait until port is in reset before programming it - i2c: core: Disable client irq on reboot/shutdown - lib/decompress_unlz4.c: correctly handle zero-padding around initrds. - [x86] power: supply: max17042: Do not enforce (incorrect) interrupt trigger type - [armel,armhf] power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE - [x86] watchdog: Fix possible use-after-free in wdt_startup() - [x86] watchdog: Fix possible use-after-free by calling del_timer_sync() - [x86] watchdog: iTCO_wdt: Account for rebooting on second timeout - [x86] fpu: Return proper error codes from user access functions - [arm64,armhf] PCI: tegra: Add missing MODULE_DEVICE_TABLE - orangefs: fix orangefs df output. - ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty - NFS: nfs_find_open_context() may only select open files - [arm64,armhf] pwm: tegra: Don't modify HW state in .remove callback - [arm64] ACPI: AMBA: Fix resource name in /proc/iomem - [x86] ACPI: video: Add quirk for the Dell Vostro 3350 - virtio-blk: Fix memory leak among suspend/resume procedure - virtio_net: Fix error handling in virtnet_restore() - virtio_console: Assure used length from device is limited (CVE-2021-38160) - f2fs: add MODULE_SOFTDEP to ensure crc32 is included in the initramfs - PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun - NFSv4: Initialise connection to the server in nfs4_alloc_client() (CVE-2021-38199) - nfs: fix acl memory leak of posix_acl_create() - ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode - [x86] fpu: Limit xstate copy size in xstateregs_set() - virtio_net: move tx vq operation under tx queue lock - [i386] ALSA: isa: Fix error return code in snd_cmi8330_probe() - NFSv4/pNFS: Don't call _nfs4_pnfs_v3_ds_connect multiple times - rtc: fix snprintf() checking in is_rtc_hctosys() - [arm64,armhf] reset: bail if try_module_get() fails - [armhf] dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema - scsi: be2iscsi: Fix an error handling path in beiscsi_dev_probe() - net: bridge: multicast: fix PIM hello router port marking race - scsi: scsi_dh_alua: Fix signedness bug in alua_rtpg() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.199 - [armhf] dts: rockchip: fix pinctrl sleep nodename for rk3036-kylin and rk3288 - [armhf] imx: pm-imx5: Fix references to imx5_cpu_suspend_info - [armhf] dts: rockchip: fix supply properties in io-domains nodes - [arm64,armhf] soc/tegra: fuse: Fix Tegra234-only builds - thermal/core: Correct function name thermal_zone_device_unregister() - [arm64,armhf] rtc: max77686: Do not enforce (incorrect) interrupt trigger type - scsi: aic7xxx: Fix unintentional sign extension issue on left shift of u8 - scsi: libsas: Add LUN number check in .slave_alloc callback - scsi: libfc: Fix array index out of bound exception - sched/fair: Fix CFS bandwidth hrtimer expiry type - mm: slab: fix kmem_cache_create failed when sysfs node not destroyed - dm writecache: return the exact table values that were set - dm writecache: fix writing beyond end of underlying device when shrinking - [arm64,armhf] net: dsa: mv88e6xxx: enable .rmu_disable() on Topaz - net: ipv6: fix return value of ip6_skb_dst_mtu - netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo - net: bridge: sync fdb to new unicast-filtering ports - [arm64] net: qcom/emac: fix UAF in emac_remove - net: ti: fix UAF in tlan_remove_one - net: send SYNACK packet with accepted fwmark - net: validate lwtstate->data before returning from skb_tunnel_info() - dma-buf/sync_file: Don't leak fences on merge failure - tcp: annotate data races around tp->mtu_info - ipv6: tcp: drop silly ICMPv6 packet too big messages - udp: annotate data races around unix_sk(sk)->gso_size - net: ip_tunnel: fix mtu calculation for ETHER tunnel devices - igb: Fix use-after-free error during reset - ixgbe: Fix an error handling path in 'ixgbe_probe()' - igb: Fix an error handling path in 'igb_probe()' - e1000e: Fix an error handling path in 'e1000_probe()' - iavf: Fix an error handling path in 'iavf_probe()' - igb: Check if num of q_vectors is smaller than max before array access - igb: Fix position of assignment to *ring - ipv6: fix 'disable_policy' for fwd packets - nvme-pci: do not call nvme_dev_remove_admin from nvme_remove - liquidio: Fix unintentional sign extension issue on left shift of u16 - net: fix uninit-value in caif_seqpkt_sendmsg - net: decnet: Fix sleeping inside in af_decnet - [powerpc*] KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak - netrom: Decrease sock refcount when sock timers expire - scsi: iscsi: Fix iface sysfs attr detection - scsi: target: Fix protect handling in WRITE SAME(32) - net/tcp_fastopen: fix data races around tfo_active_disable_stamp - net/sched: act_skbmod: Skip non-Ethernet packets - nvme-pci: don't WARN_ON in nvme_reset_work if ctrl.state is not RESETTING - Revert "USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem" - sctp: update active_key for asoc when old key is being replaced - net: sched: cls_api: Fix the the wrong parameter - [arm64,armhf] drm/panel: raspberrypi-touchscreen: Prevent double-free - proc: Avoid mixing integer types in mem_rw() - [s390x] ftrace: fix ftrace_update_ftrace_func implementation - ALSA: usb-audio: Add registration quirk for JBL Quantum headsets - [i386] ALSA: sb: Fix potential ABBA deadlock in CSP driver - xhci: Fix lost USB 2 remote wake - [powerpc*] KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow (CVE-2021-37576) - usb: hub: Disable USB 3 device initiated lpm if exit latency is too high - usb: hub: Fix link power management max exit latency (MEL) calculations - USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS - USB: serial: option: add support for u-blox LARA-R6 family - USB: serial: cp210x: fix comments for GE CS1000 - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick - [arm*] usb: dwc2: gadget: Fix sending zero length packet in DDMA mode. - tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. (CVE-2021-3679) - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() - ixgbe: Fix packet corruption due to missing DMA sync - drm: Return -ENOTTY for non-drm ioctls - KVM: do not assume PTE is writable after follow_pfn - KVM: do not allow mapping valid but non-reference-counted pages (CVE-2021-22543) - KVM: Use kvm_pfn_t for local PFN variable in hva_to_pfn_remapped() - [arm64,armhf] net: dsa: mv88e6xxx: use correct .stats_set_histogram() on Topaz - btrfs: compression: don't try to compress if we don't have enough pages - PCI: Mark AMD Navi14 GPU ATS as broken - xhci: add xhci_get_virt_ep() helper https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.200 - [x86] KVM: determine if an exception has an error code only when injecting it. - net: split out functions related to registering inflight socket files - af_unix: fix garbage collect vs MSG_PEEK - workqueue: fix UAF in pwq_unbound_release_workfn() - net/802/mrp: fix memleak in mrp_request_join() - net/802/garp: fix memleak in garp_request_join() - net: annotate data race around sk_ll_usec - sctp: move 198 addresses from unusable to private scope - hfs: add missing clean-up in hfs_fill_super - hfs: fix high memory mapping in hfs_bnode_read - hfs: add lock nesting notation to hfs_find_init - cifs: fix the out of range assignment to bit fields in parse_server_interfaces https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.201 - virtio_net: Do not pull payload in skb->head - gro: ensure frag0 meets IP header alignment - [x86] asm: Ensure asm/proto.h can be included stand-alone - btrfs: fix rw device counting in __btrfs_free_extra_devids - [x86] kvm: fix vcpu-id indexed array sizes - ocfs2: fix zero out valid data - ocfs2: issue zeroout to EOF blocks - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF - can: mcba_usb_start(): add missing urb->transfer_dma initialization - can: usb_8dev: fix memory leak - can: ems_usb: fix memory leak - can: esd_usb2: fix memory leak - NIU: fix incorrect error return, missed in previous revert - nfc: nfcsim: fix use after free during module unload - cfg80211: Fix possible memory leak in function cfg80211_bss_update - netfilter: conntrack: adjust stop timestamp to real expiry value - netfilter: nft_nat: allow to specify layer 4 protocol NAT only - i40e: Fix logic of disabling queues - i40e: Fix log TC creation failure when max num of queues is exceeded - tipc: fix sleeping in tipc accept routine - mlx4: Fix missing error code in mlx4_load_one() - net: llc: fix skb_over_panic - net/mlx5: Fix flow table chaining - sctp: fix return value check in __sctp_rcv_asconf_lookup - tulip: windbond-840: Fix missing pci_disable_device() in probe and remove - sis900: Fix missing pci_disable_device() in probe and remove - [powerpc*] pseries: Fix regression while building external modules - i40e: Add additional info to PHY type error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.202 - btrfs: mark compressed range uptodate only if all bio succeed - r8152: Fix potential PM refcount imbalance - qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union() - net: Fix zero-copy head len calculation. - bdi: move bdi_dev_name out of line - bdi: use bdi_dev_name() to get device name - bdi: add a ->dev_name field to struct backing_dev_info - Revert "Bluetooth: Shutdown controller after workqueues are flushed or cancelled" - [x86] Revert "watchdog: iTCO_wdt: Account for rebooting on second timeout" - padata: validate cpumask without removed CPU during offline - padata: add separate cpuhp node for CPUHP_PADATA_DEAD https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.203 - Revert "ACPICA: Fix memory leak caused by _CID repair function" - ALSA: seq: Fix racy deletion of subscriber - [armhf] imx: add missing iounmap() - ALSA: usb-audio: fix incorrect clock source setting - scsi: sr: Return correct event when media event code is 3 - media: videobuf2-core: dequeue if start_streaming fails - net: natsemi: Fix missing pci_disable_device() in probe and remove - sctp: move the active_key update after sh_keys is added - nfp: update ethtool reporting of pauseframe control - net: ipv6: fix returned variable type in ip6_skb_dst_mtu - bnx2x: fix an error code in bnx2x_nic_load() - net: pegasus: fix uninit-value in get_interrupt_interval - [armhf] net: fec: fix use-after-free in fec_drv_remove - net: vxge: fix use-after-free in vxge_device_unregister - Bluetooth: defer cleanup of resources in hci_unregister_dev() - USB: usbtmc: Fix RCU stall warning - USB: serial: option: add Telit FD980 composition 0x1056 - USB: serial: ch341: fix character loss at high transfer rates - USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2 - firmware_loader: use -ETIMEDOUT instead of -EAGAIN in fw_load_sysfs_fallback - firmware_loader: fix use-after-free in firmware_fallback_sysfs - ALSA: usb-audio: Add registration quirk for JBL Quantum 600 - usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers - usb: gadget: f_hid: fixed NULL pointer dereference - usb: gadget: f_hid: idle uses the highest byte for duration - tracing/histogram: Rename "cpu" to "common_cpu" - [arm64] optee: Clear stale cache entries during initialization - staging: rtl8723bs: Fix a resource leak in sd_int_dpc - media: rtl28xxu: fix zero-length control request - pipe: increase minimum default pipe size to 2 pages - ext4: fix potential htree corruption when growing large_dir directories - serial: 8250: Mask out floating 16/32-bit bus bits - [mips*] Malta: Do not byte-swap accesses to the CBUS UART - [x86] pcmcia: i82092: fix a null pointer dereference bug - [x86] KVM: accept userspace interrupt only if no event is injected - [x86] KVM: x86/mmu: Fix per-cpu counter corruption on 32-bit builds - [armhf] spi: meson-spicc: fix memory leak in meson_spicc_remove - qmi_wwan: add network device usage statistics for qmimux devices - libata: fix ata_pio_sector for CONFIG_HIGHMEM - reiserfs: add check for root_inode in reiserfs_fill_super - reiserfs: check directory items on read from disk - net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and ql_adapter_reset - [armhf] imx: add mmdc ipg clock operation for mmdc https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.204 - [x86] KVM: SVM: Fix off-by-one indexing when nullifying last used SEV VMCB - bpf: Inherit expanded/patched seen count from old aux data (CVE-2021-33624) - bpf: Do not mark insn as seen under speculative path verification (CVE-2021-33624) - bpf: Fix leakage under speculation on mispredicted branches (CVE-2021-33624) - [x86] KVM: MMU: Use the correct inherited permissions to get shadow page (CVE-2021-38198) - USB:ehci:fix Kunpeng920 ehci hardware problem - ppp: Fix generating ppp unit id when ifname is not specified - ovl: prevent private clone if bind mount is not allowed CVE-2021-3732) - net: xilinx_emaclite: Do not print real IOMEM pointer (CVE-2021-38205) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.205 - [x86] ASoC: intel: atom: Fix reference to PCM buffer address - i2c: dev: zero out array used for i2c reads from userspace - [amd64,arm64] ACPI: NFIT: Fix support for virtual SPA ranges - ieee802154: hwsim: fix GPF in hwsim_set_edge_lqi - ieee802154: hwsim: fix GPF in hwsim_new_edge_nl - ppp: Fix generating ifname when empty IFLA_IFNAME is specified - net: Fix memory leak in ieee802154_raw_deliver - net: igmp: fix data-race in igmp_ifc_timer_expire() - net: bridge: fix memleak in br_add_if() - tcp_bbr: fix u32 wrap bug in round logic if bbr_init() called after 2B packets - net: igmp: increase size of mr_ifc_count - xen/events: Fix race in set_evtchn_to_irq - vsock/virtio: avoid potential deadlock when vsock device remove - [powerpc*] kprobes: Fix kprobe Oops happens in booke - genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP - [x86] msi: Force affinity setup before startup - [x86] ioapic: Force affinity setup before startup - genirq/msi: Ensure deactivation on teardown - PCI/MSI: Enable and mask MSI-X early - PCI/MSI: Do not set invalid bits in MSI mask - PCI/MSI: Correct misleading comments - PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown() - PCI/MSI: Protect msi_desc::masked for multi-MSI - PCI/MSI: Mask all unused MSI-X entries - PCI/MSI: Enforce that MSI-X table entry is masked for update - PCI/MSI: Enforce MSI[X] entry updates to be visible - [amd64] iommu/vt-d: Fix agaw for a supported 48 bit guest address width - mac80211: drop data frames without key on encrypted links - [x86] KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) - [x86] KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) - [x86] fpu: Make init_fpstate correct with optimized XSAVE - ath: Use safer key clearing with key cache entries (CVE-2020-3702) - ath9k: Clear key cache explicitly on disabling hardware (CVE-2020-3702) - ath: Export ath_hw_keysetmac() (CVE-2020-3702) - ath: Modify ath_key_delete() to not need full key entry (CVE-2020-3702) - ath9k: Postpone key cache entry deletion for TXQ frames reference it (CVE-2020-3702) - dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is not yet available - scsi: megaraid_mm: Fix end of loop tests for list_for_each_entry() - scsi: scsi_dh_rdac: Avoid crash during rdac_bus_attach() - scsi: core: Avoid printing an error if target_alloc() returns -ENXIO - net: usb: lan78xx: don't modify phy_device state concurrently - Bluetooth: hidp: use correct wait queue when removing ctrl_wait - [arm64] cpufreq: armada-37xx: forbid cpufreq for 1.2 GHz variant - vhost: Fix the calculation in vhost_overflow() - bnxt: don't lock the tx queue from napi poll - bnxt: disable napi before canceling DIM - net: 6pack: fix slab-out-of-bounds in decode_data - net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32 - [arm64,armhf] net: mdio-mux: Don't ignore memory allocation errors - [arm64,armhf] net: mdio-mux: Handle -EPROBE_DEFER correctly - [arm64,armhf] mmc: dw_mmc: Fix hang on data CRC error - ALSA: hda - fix the 'Capture Switch' value change notifications - btrfs: prevent rename2 from exchanging a subvol with a directory from different parents - PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI - [x86] ASoC: intel: atom: Fix breakage for PCM buffer address setup - locks: print a warning when mount fails due to lack of "mand" support - fs: warn about impending deprecation of mandatory locks - netfilter: nft_exthdr: fix endianness of tcp option cast https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.206 - net: qrtr: fix another OOB Read in qrtr_endpoint_post (CVE-2021-3743) - bpf: Do not use ax register in interpreter on div/mod - bpf: Fix 32 bit src register truncation on div/mod (CVE-2021-3600) - bpf: Fix truncation handling for mod32 dst reg wrt zero (CVE-2021-3444) - netfilter: conntrack: collect all entries in one cycle - once: Fix panic when module unload - can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX and TX error counters - Revert "USB: serial: ch341: fix character loss at high transfer rates" - USB: serial: option: add new VID/PID to support Fibocom FG150 - [arm64,armhf] usb: dwc3: gadget: Fix dwc3_calc_trbs_left() - [arm64,armhf] usb: dwc3: gadget: Stop EP0 transfers during pullup disable - [amd64] IB/hfi1: Fix possible null-pointer dereference in _extend_sdma_tx_descs() - e1000e: Fix the max snoop/no-snoop latency for 10M - ip_gre: add validation for csum_start - [arm64] xgene-v2: Fix a resource leak in the error handling path of 'xge_probe()' - [arm64,armhf] net: marvell: fix MVNETA_TX_IN_PRGRS bit number - [arm64] net: hns3: fix get wrong pfc_en when query PFC configuration - usb: gadget: u_audio: fix race condition on endpoint stop - opp: remove WARN when no valid OPPs remain - virtio: Improve vq->broken access to avoid any compiler optimization - virtio_pci: Support surprise removal of virtio pci device - [amd64] vringh: Use wiov->used to check for read/write desc order - qed: qed ll2 race condition fixes - qed: Fix null-pointer dereference in qed_rdma_create_qp() - drm: Copy drm_wait_vblank to user before returning - drm/nouveau/disp: power down unused DP links during init - net/rds: dma_map_sg is entitled to merge entries - vt_kdsetmode: extend console locking (CVE-2021-3753) - fbmem: add margin check to fb_check_caps() - [x86] KVM: x86/mmu: Treat NX as used (not reserved) for all !TDP shadow MMUs - Revert "floppy: reintroduce O_NDELAY fix" - net: don't unconditionally copy_from_user a struct ifreq for socket ioctls https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.207 - ext4: fix race writing to an inline_data file while its xattrs are changing (CVE-2021-40490) - [armhf] gpu: ipu-v3: Fix i.MX IPU-v3 offset calculations for (semi)planar U/V formats - qed: Fix the VF msix vectors flow - [arm64] net: macb: Add a NULL check on desc_ptp - qede: Fix memset corruption - [x86] perf/x86/intel/pt: Fix mask of num_address_ranges - [x86] perf/x86/amd/ibs: Work around erratum #1197 - [armel,armhf] 8918/2: only build return_address() if needed - ALSA: pcm: fix divide error in snd_pcm_lib_ioctl - clk: fix build warning for orphan_list - media: stkwebcam: fix memory leak in stk_camera_probe - [armhf] imx: add missing clk_disable_unprepare() - [armhf] imx: fix missing 3rd argument in macro imx_mmdc_perf_init - igmp: Add ip_mc_list lock in ip_check_mc_rcu - ipv4/icmp: l3mdev: Perform icmp error route lookup on source device routing table (v2) - SUNRPC/nfs: Fix return value for nfs4_callback_compound() - [powerpc*] module64: Fix comment in R_PPC64_ENTRY handling - [powerpc*] boot: Delete unneeded .globl _zimage_start - mm/page_alloc: speed up the iteration of max_order - Revert "btrfs: compression: don't try to compress if we don't have enough pages" - ALSA: usb-audio: Add registration quirk for JBL Quantum 800 - [x86] reboot: Limit Dell Optiplex 990 quirk to early BIOS versions - PCI: Call Max Payload Size-related fixup quirks early - locking/mutex: Fix HANDOFF condition - regmap: fix the offset of register error log - sched/deadline: Fix reset_on_fork reporting of DL tasks - power: supply: axp288_fuel_gauge: Report register-address on readb / writeb errors - sched/deadline: Fix missing clock update in migrate_task_rq_dl() - hrtimer: Avoid double reprogramming in __hrtimer_start_range_ns() - udf: Check LVID earlier - isofs: joliet: Fix iocharset=utf8 mount option - bcache: add proper error unwinding in bcache_device_init - nvme-rdma: don't update queue count when failing to set io queues - [x86] power: supply: max17042_battery: fix typo in MAx17042_TOFF - [s390x] cio: add dev_busid sysfs entry for each subchannel - libata: fix ata_host_start() - [x86] crypto: qat - do not ignore errors from enable_vf2pf_comms() - [x86] crypto: qat - handle both source of interrupt in VF ISR - [x86] crypto: qat - fix reuse of completion variable - [x86] crypto: qat - fix naming for init/shutdown VF to PF notifications - [x86] crypto: qat - do not export adf_iov_putmsg() - fcntl: fix potential deadlock for &fasync_struct.fa_lock - udf_get_extendedattr() had no boundary checks. - lib/mpi: use kcalloc in mpi_resize - [x86] crypto: qat - use proper type for vf_mask - media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init - media: dvb-usb: fix uninit-value in vp702x_read_mac_addr - media: go7007: remove redundant initialization - Bluetooth: sco: prevent information leak in sco_conn_defer_accept() - tcp: seq_file: Avoid skipping sk during tcp_seek_last_pos - media: em28xx-input: fix refcount bug in em28xx_usb_disconnect - [arm64] media: venus: venc: Fix potential null pointer dereference on pointer fmt - PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently - PCI: PM: Enable PME if it can be signaled from D3cold - Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow - [arm64] drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear necessary LMs - Bluetooth: fix repeated calls to sco_sock_kill - [arm64] drm/msm/dsi: Fix some reference counted resource leaks - [armhf] usb: phy: twl6030: add IRQ checks - Bluetooth: Move shutdown callback before flushing tx and rx queue - mac80211: Fix insufficient headroom issue for AMSDU - Bluetooth: add timeout sanity check to hci_inquiry - [armhf] i2c: s3c2410: fix IRQ check - [arm64,armhf] mmc: dw_mmc: Fix issue with uninitialized dma_slave_config - CIFS: Fix a potencially linear read overflow - [arm*] usb: ehci-orion: Handle errors of clk_prepare_enable() in probe - ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() - bcma: Fix memory leak for internally-handled cores - ipv4: make exception cache less predictible - net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed - ipv4: fix endianness issue in inet_rtm_getroute_build_skb() - netns: protect netns ID lookups with RCU - fscrypt: add fscrypt_symlink_getattr() for computing st_size - ext4: report correct st_size for encrypted symlinks - f2fs: report correct st_size for encrypted symlinks - ubifs: report correct st_size for encrypted symlinks - tty: Fix data race between tiocsti() and flush_to_ldisc() - [x86] KVM: Update vCPU's hv_clock before back to guest when tsc_offset is adjusted - fbmem: don't allow too huge resolutions - [arm64,armhf] backlight: pwm_bl: Improve bootloader/kernel device handover - [armel] clk: kirkwood: Fix a clocking boot regression - btrfs: reset replace target device to allocation state on close - blk-zoned: allow zone management send operations without CAP_SYS_ADMIN - blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN - PCI/MSI: Skip masking MSI-X on Xen PV - [powerpc*] perf/hv-gpci: Fix counter value parsing - xen: fix setting of max_pfn in shared_info - 9p/xen: Fix end of loop tests for list_for_each_entry - bpf/verifier: per-register parent pointers - bpf: correct slot_type marking logic to allow more stack slot sharing - bpf: Support variable offset stack access from helpers - bpf: Reject indirect var_off stack access in raw mode - bpf: Reject indirect var_off stack access in unpriv mode - bpf: Sanity check max value for var_off stack access - bpf: track spill/fill of constants - bpf: Introduce BPF nospec instruction for mitigating Spectre v4 (CVE-2021-34556, CVE-2021-35477) - bpf: Fix leakage due to insufficient speculative store bypass mitigation (CVE-2021-34556, CVE-2021-35477) - bpf: verifier: Allocate idmap scratch in verifier env - bpf: Fix pointer arithmetic mask tightening under state pruning - [arm64] head: avoid over-mapping in map_memory - block: bfq: fix bfq_set_next_ioprio_data() - [x86] power: supply: max17042: handle fails of reading status register - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc() - [x86] VMCI: fix NULL pointer dereference when unmapping queue pair - media: uvc: don't do DMA on stack - media: rc-loopback: return number of emitters rather than error - libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs - PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported - PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure - [arm64] PCI: xilinx-nwl: Enable the clock through CCF - [arm64] PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response - [arm64] PCI: aardvark: Fix masking and unmasking legacy INTx interrupts - HID: input: do not report stylus battery state as "full" - RDMA/iwcm: Release resources if iw_cm module initialization fails - docs: Fix infiniband uverbs minor number - [armhf] pinctrl: samsung: Fix pinctrl bank pin count - [powerpc*] stacktrace: Include linux/delay.h - [arm64,armhf] pinctrl: single: Fix error return code in pcs_parse_bits_in_pinctrl_entry() - scsi: qedi: Fix error codes in qedi_alloc_global_queues() - [x86] platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call - fscache: Fix cookie key hashing - f2fs: fix to account missing .skipped_gc_rwsem - f2fs: fix to unmap pages from userspace process in punch_hole() - [mips*] Malta: fix alignment of the devicetree buffer - userfaultfd: prevent concurrent API initialization - media: dib8000: rewrite the init prbs logic - PCI: Use pci_update_current_state() in pci_enable_device_flags() - tipc: keep the skb in rcv queue until the whole data is read - video: fbdev: kyro: fix a DoS bug by restricting user input - netlink: Deal with ESRCH error in nlmsg_notify() - usb: gadget: u_ether: fix a potential null pointer dereference - usb: gadget: composite: Allow bMaxPower=0 if self-powered - tty: serial: jsm: hold port lock when reporting modem line changes - video: fbdev: kyro: Error out if 'pixclock' equals zero - ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs() - flow_dissector: Fix out-of-bounds warnings - [s390x] jump_label: print real address in a case of a jump label bug - serial: 8250: Define RX trigger levels for OxSemi 950 devices - serial: 8250_pci: make setup_port() parameters explicitly unsigned - Bluetooth: skip invalid hci_sync_conn_complete_evt - bonding: 3ad: fix the concurrency between __bond_release_one() and bond_3ad_state_machine_handler() - [x86] ASoC: Intel: bytcr_rt5640: Move "Platform Clock" routes to the maps for the matching in-/output - media: v4l2-dv-timings.c: fix wrong condition in two for-loops - [armhf] dts: imx53-ppd: Fix ACHC entry - [arm64] dts: qcom: sdm660: use reg value for memory node - [arm64] net: ethernet: stmmac: Do not use unreachable() in ipq806x_gmac_probe() - Bluetooth: schedule SCO timeouts with delayed_work - Bluetooth: avoid circular locks in sco_sock_connect - gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable access in amdgpu_i2c_router_select_ddc_port() - Bluetooth: Fix handling of LE Enhanced Connection Complete - tcp: enable data-less, empty-cookie SYN with TFO_SERVER_COOKIE_NOT_REQD - rpc: fix gss_svc_init cleanup on failure - [x86] staging: rts5208: Fix get_ms_information() heap buffer size - gfs2: Don't call dlm after protocol is unmounted - of: Don't allow __of_attached_node_sysfs() without CONFIG_SYSFS - [arm64] mmc: sdhci-of-arasan: Check return value of non-void funtions - mmc: rtsx_pci: Fix long reads when clock is prescaled - mmc: core: Return correct emmc response in case of ioctl error - cifs: fix wrong release in sess_alloc_buffer() failed path - Revert "USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set" - [armhf] usb: musb: musb_dsps: request_irq() after initializing musb - usbip: give back URBs for unsent unlink requests during cleanup - usbip:vhci_hcd USB port can get stuck in the disabled state - [arm64,armhf] ASoC: rockchip: i2s: Fix regmap_ops hang - [arm64,armhf] ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B - parport: remove non-zero check on count - ath9k: fix OOB read ar9300_eeprom_restore_internal - ath9k: fix sleeping in atomic context - ovl: fix BUG_ON() in may_delete() when called from ovl_cleanup() - [x86] scsi: BusLogic: Fix missing pr_cont() use - scsi: qla2xxx: Sync queue idx with queue_pair_map idx - [powerpc*] cpufreq: powernv: Fix init_chip_info initialization in numa=off - mm/hugetlb: initialize hugetlb_usage in mm_init - memcg: enable accounting for pids in nested pid namespaces - [arm64,armhf] platform/chrome: cros_ec_proto: Send command again when timeout occurs - drm/amdgpu: Fix BUG_ON assert - dm thin metadata: Fix use-after-free in dm_bm_set_read_only - [x86] xen: reset legacy rtc flag for PV domU - bnx2x: Fix enabling network interfaces without VFs - [arm64] sve: Use correct size when reinitialising SVE state - PM: base: power: don't try to use non-existing RTC for storing data - PCI: Add AMD GPU multi-function power dependencies - [x86] mm: Fix kern_addr_valid() to cope with existing but not present entries - tipc: fix an use-after-free issue in tipc_recvmsg - dccp: don't duplicate ccid when cloning dccp sock (CVE-2020-16119) - net/l2tp: Fix reference count leak in l2tp_udp_recv_core - r6040: Restore MDIO clock frequency after MAC reset - tipc: increase timeout in tipc_sk_enqueue() - net/mlx5: Fix potential sleeping in atomic context - events: Reuse value read using READ_ONCE instead of re-reading it - net/af_unix: fix a data-race in unix_dgram_poll - [arm64,armhf] net: dsa: destroy the phylink instance on any error in dsa_slave_phy_setup - tcp: fix tp->undo_retrans accounting in tcp_sacktag_one() - qed: Handle management FW error - [arm64] net: hns3: pad the short tunnel frame before sending to hardware - mm/memory_hotplug: use "unsigned long" for PFN in zone_for_pfn_range() - [s390x] KVM: index kvm->arch.idle_mask by vcpu_idx - dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation - [armhf] mfd: Don't use irq_create_mapping() to resolve a mapping - PCI: Add ACS quirks for Cavium multi-function devices - net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920 - block, bfq: honor already-setup queue merges - ethtool: Fix an error code in cxgb2.c - mfd: axp20x: Update AXP288 volatile ranges - PCI: Fix pci_dev_str_match_path() alloc while atomic bug - [arm64] KVM: Handle PSCI resets before userspace touches vCPU state - mtd: rawnand: cafe: Fix a resource leak in the error handling path of 'cafe_nand_probe()' - [armhf] net: dsa: b53: Fix calculating number of switch ports - netfilter: socket: icmp6: fix use-after-scope - fq_codel: reject silly quantum parameters - qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom - ip_gre: validate csum_start only on pull https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.208 - [s390x] bpf: Fix optimizing out zero-extensions - KVM: remember position in kvm->vcpus array - rcu: Fix missed wakeup of exp_wq waiters - apparmor: remove duplicate macro list_entry_is_head() - tracing/kprobe: Fix kprobe_on_func_entry() modification - sctp: validate chunk size in __rcv_asconf_lookup (CVE-2021-3655) - sctp: add param size validation for SCTP_PARAM_SET_PRIMARY (CVE-2021-3655) - dmaengine: acpi: Avoid comparison GSI with Linux vIRQ - [armhf] thermal/drivers/exynos: Fix an error code in exynos_tmu_probe() - 9p/trans_virtio: Remove sysfs file on probe failure - prctl: allow to setup brk for et_dyn executables - nilfs2: use refcount_dec_and_lock() to fix potential UAF - profiling: fix shift-out-of-bounds bugs - drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION() - ceph: lockdep annotations for try_nonblocking_invalidate - nilfs2: fix memory leak in nilfs_sysfs_create_device_group - nilfs2: fix NULL pointer in nilfs_##name##_attr_release - nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group - nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group - nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group - nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group - [arm64,armhf] pwm: rockchip: Don't modify HW state in .remove() callback - blk-throttle: fix UAF by deleteing timer in blk_throtl_exit() - drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.195-rt82 * [rt] Update to 4.19.196-rt83 * Bump ABI to 18 * [rt] Update to 4.19.197-rt84 * Refresh "fs: Add MODULE_SOFTDEP declarations for hard-coded crypto drivers" * [rt] Update to 4.19.198-rt85 * Refresh "scsi: hisi_sas: Create separate host attributes per HBA" * [rt] Update to 4.19.199-rt86 * [rt] Update to 4.19.206-rt87 * [rt] Update to 4.19.207-rt88 * hso: fix bailout in error case of probe * usb: hso: fix error handling code of hso_create_net_device (CVE-2021-37159) * usb: hso: remove the bailout parameter linux-signed-amd64 (4.19.194+3) buster-security; urgency=high . * Sign kernel from linux 4.19.194-3 . * [x86] KVM: SVM: Periodically schedule when unregistering regions on destroy (CVE-2020-36311) * can: bcm: fix infoleak in struct bcm_msg_head (CVE-2021-34693) * can: bcm: delay release of struct bcm_op after synchronize_rcu() (CVE-2021-3609) * seq_file: Disallow extremely large seq buffer allocations (CVE-2021-33909) linux-signed-amd64 (4.19.194+2) buster; urgency=medium . * Sign kernel from linux 4.19.194-2 . * proc: Track /proc/$pid/attr/ opener mm_struct (Closes: #990072) linux-signed-arm64 (4.19.208+1) buster; urgency=medium . * Sign kernel from linux 4.19.208-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.195 - perf/core: Fix endless multiplex timer - net/nfc/rawsock.c: fix a permission check bug - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Glavey TM800A550L tablet - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Lenovo Miix 3-830 tablet - bonding: init notify_work earlier to avoid uninitialized use - netlink: disable IRQs for netlink_lock_table() - net: mdiobus: get rid of a BUG_ON() - cgroup: disable controllers at parse time - wq: handle VM suspension in stall detection - net/qla3xxx: fix schedule while atomic in ql_sem_spinlock - RDS tcp loopback connection can hang - scsi: bnx2fc: Return failure if io_req is already in ABTS processing - [x86] scsi: vmw_pvscsi: Set correct residual data length - scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal - [arm64] net: macb: ensure the device is available before accessing GEMGXL control registers - nvme-fabrics: decode host pathing error for connect - [mips*] Fix kernel hang under FUNCTION_GRAPH_TRACER and PREEMPT_TRACER - bnx2x: Fix missing error code in bnx2x_iov_init_one() - [powerpc*] i2c: mpc: Make use of i2c_recover_bus() - [powerpc*] i2c: mpc: implement erratum A-004447 workaround - drm: Fix use-after-free read in drm_getunique() - drm: Lock pointer access in drm_master_release() - kvm: avoid speculation-based attacks from out-of-range memslot accesses - [arm64,x86] staging: rtl8723bs: Fix uninitialized variables - btrfs: return value from btrfs_mark_extent_written() in case of error - cgroup1: don't allow '\n' in renaming - USB: f_ncm: ncm_bitrate (speed) is unsigned - usb: f_ncm: only first packet of aggregate needs to start timer - usb: pd: Set PD_T_SINK_WAIT_CAP to 310ms - [arm64,armhf] usb: dwc3: ep0: fix NULL pointer exception - [x86] usb: typec: ucsi: Clear PPM capability data in ucsi_init() error path - usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind - USB: serial: ftdi_sio: add NovaTech OrionMX product ID - USB: serial: omninet: add device id for Zyxel Omni 56K Plus - USB: serial: quatech2: fix control-request directions - USB: serial: cp210x: fix alternate function for CP2102N QFN20 - usb: gadget: eem: fix wrong eem header operation - usb: fix various gadgets null ptr deref on 10gbps cabling. - usb: fix various gadget panics on 10gbps cabling - regulator: core: resolve supply for boot-on/always-on regulators - [arm64] regulator: max77620: Use device_set_of_node_from_dev() - RDMA/mlx4: Do not map the core_clock page to user space unless enabled - perf: Fix data race between pin_count increment/decrement - sched/fair: Make sure to update tg contrib for blocked load - IB/mlx5: Fix initializing CQ fragments buffer - NFS: Fix a potential NULL dereference in nfs_get_client() - NFSv4: Fix deadlock between nfs4_evict_inode() and nfs4_opendata_get_inode() - perf session: Correct buffer copying when peeking events - kvm: fix previous commit for 32-bit builds - NFS: Fix use-after-free in nfs4_init_client() - NFSv4: Fix second deadlock in nfs4_evict_inode() - NFSv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error. - scsi: core: Fix error handling of scsi_host_alloc() - scsi: core: Put .shost_dev in failure path if host state changes to RUNNING - scsi: core: Only put parent device if host state differs from SHOST_CREATED - ftrace: Do not blindly read the ip address in ftrace_bug() - tracing: Correct the length check which causes memory corruption - proc: only require mm_struct for writing https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.196 - net: ieee802154: fix null deref in parse dev addr - HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65 - HID: hid-sensor-hub: Return error for hid_set_field() failure - HID: Add BUS_VIRTUAL to hid_connect logging - HID: usbhid: fix info leak in hid_submit_ctrl - gfs2: Prevent direct-I/O write fallback errors from getting lost - gfs2: Fix use-after-free in gfs2_glock_shrink_scan - scsi: target: core: Fix warning on realtime kernels - ethernet: myri10ge: Fix missing error code in myri10ge_probe() - scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V - net: ipconfig: Don't override command-line hostnames or domains - rtnetlink: Fix missing error code in rtnl_bridge_notify() - net: Return the correct errno code - fib: Return the correct errno code - afs: Fix an IS_ERR() vs NULL check - mm/memory-failure: make sure wait for page writeback in memory_failure - batman-adv: Avoid WARN_ON timing related checks - net: ipv4: fix memory leak in netlbl_cipsov4_add_std - net: rds: fix memory leak in rds_recvmsg - udp: fix race between close() and udp_abort() - rtnetlink: Fix regression in bridge VLAN configuration - net/mlx5e: Block offload of outer header csum for UDP tunnels - netfilter: synproxy: Fix out of bounds when parsing TCP options - sch_cake: Fix out of bounds when parsing TCP options and header - alx: Fix an error handling path in 'alx_probe()' - net: stmmac: dwmac1000: Fix extended MAC address registers definition - net: add documentation to socket.c - net: make get_net_ns return error if NET_NS is disabled - qlcnic: Fix an error handling path in 'qlcnic_probe()' - netxen_nic: Fix an error handling path in 'netxen_nic_probe()' - ptp: ptp_clock: Publish scaled_ppm_to_ppb - ptp: improve max_adj check against unreasonable values - net: cdc_ncm: switch to eth%d interface naming - net: usb: fix possible use-after-free in smsc75xx_bind - [armhf] net: fec_ptp: fix issue caused by refactor the fec_devtype - net: ipv4: fix memory leak in ip_mc_add1_src - net/af_unix: fix a data-race in unix_dgram_sendmsg / unix_release_sock - be2net: Fix an error handling path in 'be_probe()' - net: hamradio: fix memory leak in mkiss_close - net: cdc_eem: fix tx fixup skb leak - icmp: don't send out ICMP messages with a source address of 0.0.0.0 - radeon: use memcpy_to/fromio for UVD fw upload - hwmon: (scpi-hwmon) shows the negative temperature properly - can: mcba_usb: fix memory leak in mcba_usb - usb: core: hub: Disable autosuspend for Cypress CY7C65632 - tracing: Do not stop recording cmdlines when tracing is off - tracing: Do not stop recording comms if the trace file is being read - tracing: Do no increment trace_clock_global() by one - PCI: Mark TI C667X to avoid bus reset - PCI: Mark some NVIDIA GPUs to avoid bus reset - PCI: Add ACS quirk for Broadcom BCM57414 NIC - PCI: Work around Huawei Intelligent NIC VF FLR erratum - [arm64,armhf] dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc - net: bridge: fix vlan tunnel dst null pointer dereference - net: bridge: fix vlan tunnel dst refcnt when egressing - mm/slub: clarify verification reporting - mm/slub.c: include swab.h - [armhf] net: fec_ptp: add clock rate zero check - [arm64,armhf] KVM: arm/arm64: Fix KVM_VGIC_V3_ADDR_TYPE_REDIST read - can: bcm/raw/isotp: use per module netdevice notifier - inet: use bigger hash table for IP ID generation - [arm64,armhf] usb: dwc3: debugfs: Add and remove endpoint dirs dynamically - [arm64,armhf] usb: dwc3: core: fix kernel panic when do reboot - [x86] fpu: Reset state for all signal restore failures - module: limit enabling module.sig_enforce (CVE-2021-35039) - drm/nouveau: wait for moving fence after pinning v2 - drm/radeon: wait for moving fence after pinning - Revert "PCI: PM: Do not read power state in pci_enable_device_flags()" - mac80211: remove warning in ieee80211_get_sband() - cfg80211: call cfg80211_leave_ocb when switching away from OCB - mac80211: drop multicast fragments - net: ethtool: clear heap allocations for ethtool function - ping: Check return value of function 'ping_queue_rcv_skb' - inet: annotate date races around sk->sk_txhash - net/packet: annotate accesses to po->bind - net/packet: annotate accesses to po->ifindex - r8152: Avoid memcpy() over-reading of ETH_SS_STATS - r8169: Avoid memcpy() over-reading of ETH_SS_STATS - net: qed: Fix memcpy() overflow of qed_dcbx_params() - [x86] PCI: Add AMD RS690 quirk to enable 64-bit DMA - nilfs2: fix memory leak in nilfs_sysfs_delete_device_group - i2c: robotfuzz-osif: fix control-request directions https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.197 - mm: add VM_WARN_ON_ONCE_PAGE() macro - mm/rmap: remove unneeded semicolon in page_not_mapped() - mm/rmap: use page_not_mapped in try_to_unmap() - mm/thp: fix __split_huge_pmd_locked() on shmem migration entry - mm/thp: make is_huge_zero_pmd() safe and quicker - mm/thp: try_to_unmap() use TTU_SYNC for safe splitting - mm/thp: fix vma_address() if virtual address below file offset - mm/thp: fix page_address_in_vma() on file THP tails - mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page() - mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split - mm: page_vma_mapped_walk(): use page for pvmw->page - mm: page_vma_mapped_walk(): settle PageHuge on entry - mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd - mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block - mm: page_vma_mapped_walk(): crossing page table boundary - mm: page_vma_mapped_walk(): add a level of indentation - mm: page_vma_mapped_walk(): use goto instead of while (1) - mm: page_vma_mapped_walk(): get vma_address_end() earlier - mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes - mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk() - mm, futex: fix shared futex pgoff on shmem huge page - scsi: sr: Return appropriate error code when disk is ejected - drm/nouveau: fix dma_address check for CPU/GPU sync - ext4: eliminate bogus error in ext4_data_block_valid_rcu() - kthread_worker: split code for canceling the delayed work timer - kthread: prevent deadlock when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync() - xen/events: reset active flag for lateeoi events later - [x86] KVM: SVM: Call SEV Guest Decommission if ASID binding fails - [armhf] OMAP: replace setup_irq() by request_irq() - [armhf] clocksource/drivers/timer-ti-dm: Add clockevent and clocksource support - [armhf] clocksource/drivers/timer-ti-dm: Prepare to handle dra7 timer wrap issue - [armhf] clocksource/drivers/timer-ti-dm: Handle dra7 timer wrap errata i940 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.198 - scsi: core: Retry I/O for Notify (Enable Spinup) Required error - ALSA: usb-audio: fix rate on Ozone Z90 USB headset - ALSA: usb-audio: Fix OOB access at proc output - media: dvb-usb: fix wrong definition - Input: usbtouchscreen - fix control-request directions - net: can: ems_usb: fix use-after-free in ems_usb_disconnect() - usb: gadget: eem: fix echo command packet response issue - USB: cdc-acm: blacklist Heimann USB Appset device - [arm64,armhf] usb: dwc3: Fix debugfs creation flow - [x86] usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() - xhci: solve a double free problem while doing s4 - iov_iter_fault_in_readable() should do nothing in xarray case - Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl (CVE-2021-3612) - [armel,armhf] arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode - btrfs: send: fix invalid path for unlink operations after parent orphanization - btrfs: clear defrag status of a root if starting transaction fails - ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle - ext4: fix kernel infoleak via ext4_extent_header - ext4: return error code when ext4_fill_flex_info() fails - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit - ext4: remove check for zero nr_to_scan in ext4_es_scan() - ext4: fix avefreec in find_group_orlov - ext4: use ext4_grp_locked_error in mb_find_extent - can: gw: synchronize rcu operations before removing gw job entry - can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path - SUNRPC: Fix the batch tasks count wraparound. - SUNRPC: Should wake up the privileged task firstly. - [s390x] cio: dont call css_wait_for_slow_path() inside a lock - [x86] serial_cs: Add Option International GSM-Ready 56K/ISDN modem - [x86] serial_cs: remove wrong GLOBETROTTER.cis entry - ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() - ssb: sdio: Don't overwrite const buffer if block_write fails - rsi: Assign beacon rate settings to the correct rate_info descriptor field - rsi: fix AP mode with WPA failure due to encrypted EAPOL - tracing/histograms: Fix parsing of "sym-offset" modifier - tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing - seq_buf: Make trace_seq_putmem_hex() support data longer than 8 - [powerpc*] stacktrace: Fix spurious "stale" traces in raise_backtrace_ipi() - fuse: check connected before queueing on fpq->io - spi: Make of_register_spi_device also set the fwnode - [i386] spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() - media: cpia2: fix memory leak in cpia2_usb_probe - media: pvrusb2: fix warning in pvr2_i2c_core_done - [x86] crypto: qat - check return code of qat_hal_rd_rel_reg() - [x86] crypto: qat - remove unused macro in FW loader - sched/fair: Fix ascii art by relpacing tabs - media: em28xx: Fix possible memory leak of em28xx struct - media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release - media: bt8xx: Fix a missing check bug in bt878_probe - media: dvd_usb: memory leak in cinergyt2_fe_attach - mmc: via-sdmmc: add a check against NULL pointer dereference - crypto: shash - avoid comparing pointers to exported functions under CFI - media: dvb_net: avoid speculation from net slot - media: siano: fix device register error path - btrfs: fix error handling in __btrfs_update_delayed_inode - btrfs: abort transaction if we fail to update the delayed inode - btrfs: disable build on platforms having page size 256K - [armhf] regulator: da9052: Ensure enough delay time for .set_voltage_time_sel - HID: do not use down_interruptible() when unbinding devices - ACPI: processor idle: Fix up C-state latency if not ordered - [x86] hv_utils: Fix passing zero to 'PTR_ERR' warning - lib: vsprintf: Fix handling of number field widths in vsscanf - ACPI: EC: Make more Asus laptops use ECDT _GPE - block_dump: remove block_dump feature in mark_inode_dirty() - fs: dlm: cancel work sync othercon - random32: Fix implicit truncation warning in prandom_seed_state() - fs: dlm: fix memory leak when fenced - ACPICA: Fix memory leak caused by _CID repair function - ACPI: bus: Call kobject_put() in acpi_init() error path - [x86] platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() - clocksource: Retry clock read if long delays detected - HID: wacom: Correct base usage for capacitive ExpressKey status bits - [armhf] sata_highbank: fix deferred probing - [mips*] pata_octeon_cf: avoid WARN_ON() in ata_host_activate() - [x86] crypto: ccp - Fix a resource leak in an error handling path - media: rc: i2c: Fix an error message - media: gspca/gl860: fix zero-length control requests - media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() - btrfs: clear log tree recovering status if starting transaction fails - [armhf] spi: spi-sun6i: Fix chipselect/clock bug - ACPI: sysfs: Fix a buffer overrun problem with description_show() - blk-wbt: introduce a new disable state to prevent false positive by rwb_enabled() - blk-wbt: make sure throttle is enabled properly - ocfs2: fix snprintf() checking - [arm64,armhf] net: mvpp2: Put fwnode in error case during ->probe() - [i386] net: pch_gbe: Propagate error from devm_gpio_request_one() - [arm64] drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() - RDMA/rxe: Fix failure during driver load - drm: qxl: ensure surf.data is ininitialized - ieee802154: hwsim: Fix possible memory leak in hwsim_subscribe_all_others - [arm64] wcn36xx: Move hal_buf allocation to devm_kmalloc in probe - ssb: Fix error return code in ssb_bus_scan() - brcmfmac: fix setting of station info chains bitmask - brcmfmac: correctly report average RSSI in station info - brcmsmac: mac80211_if: Fix a resource leak in an error handling path - ath10k: Fix an error code in ath10k_add_interface() - RDMA/mlx5: Don't add slave port to unaffiliated list - netfilter: nft_exthdr: check for IPv6 packet before further processing - netfilter: nft_osf: check for TCP packet before further processing - netfilter: nft_tproxy: restrict support to TCP and UDP transport protocols - RDMA/rxe: Fix qp reference counting for atomic ops - pkt_sched: sch_qfq: fix qfq_change_class() error path - vxlan: add missing rcu_read_lock() in neigh_reduce() - net/ipv4: swap flow ports when validating source - ieee802154: hwsim: Fix memory leak in hwsim_add_one - ieee802154: hwsim: avoid possible crash in hwsim_del_edge_nl() - mac80211: remove iwlwifi specific workaround NDPs of null_response - ipv6: exthdrs: do not blindly use init_net - bpf: Do not change gso_size during bpf_skb_change_proto() - i40e: Fix error handling in i40e_vsi_open - i40e: Fix autoneg disabling for non-10GBaseT links - ipv6: fix out-of-bound access in ip6_parse_tlv() - Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid - Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event - writeback: fix obtain a reference to a freeing memcg css - net: lwtunnel: handle MTU calculation in forwading - net: sched: fix warning in tcindex_alloc_perfect_hash - RDMA/mlx5: Don't access NULL-cleared mpi pointer - tty: nozomi: Fix a resource leak in an error handling function - mwifiex: re-fix for unaligned accesses - [arm64] ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() - [x86] char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() - tty: nozomi: Fix the error handling path of 'nozomi_card_init()' - scsi: FlashPoint: Rename si_flags field - serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates - of: Fix truncation of memory sizes on 32-bit platforms - [armhf] mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() - scsi: mpt3sas: Fix error return value in _scsih_expander_add() - configfs: fix memleak in configfs_release_bin_file - [powerpc*] Offline CPU in stop_this_cpu() - [arm64] serial: mvebu-uart: correctly calculate minimal possible baudrate - vfio/pci: Handle concurrent vma faults - mm/huge_memory.c: don't discard hugepage if other processes are mapping it - mmc: block: Disable CMDQ on the ioctl path - mmc: vub3000: fix control-request direction - drm/amd/amdgpu/sriov disable all ip hw status by default - [i386] net: pch_gbe: Use proper accessors to BE data in pch_ptp_match() - hugetlb: clear huge pte during flush function on mips platform - atm: iphase: fix possible use-after-free in ia_module_exit() - mISDN: fix possible use-after-free in HFC_cleanup() - atm: nicstar: Fix possible use-after-free in nicstar_cleanup() - net: Treat __napi_schedule_irqoff() as __napi_schedule() on PREEMPT_RT - reiserfs: add check for invalid 1st journal block - drm/virtio: Fix double free on probe failure - udf: Fix NULL pointer dereference in udf_symlink function - e100: handle eeprom as little endian - [arm64,armhf] clk: tegra: Ensure that PLLU configuration is applied properly - ipv6: use prandom_u32() for ID generation - RDMA/cxgb4: Fix missing error code in create_qp() - dm space maps: don't reset space map allocation cursor when committing - [armhf] pinctrl: mcp23s08: fix race condition in irq handler - ice: set the value of global config lock timeout longer - virtio_net: Remove BUG() to avoid machine dead - [arm64,armhf] net: mvpp2: check return value after calling platform_get_resource() - [amd64] fjes: check return value after calling platform_get_resource() - selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC - xfrm: Fix error reporting in xfrm_state_construct. - [arm64,armhf] wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP - [arm64,armhf] wl1251: Fix possible buffer overflow in wl1251_cmd_scan - net: fix mistake path for netdev_features_strings - rtl8xxxu: Fix device info for RTL8192EU devices - atm: nicstar: use 'dma_free_coherent' instead of 'kfree' - atm: nicstar: register the interrupt handler in the right place - vsock: notify server to shutdown when client has pending signal - RDMA/rxe: Don't overwrite errno from ib_umem_get() - iwlwifi: mvm: don't change band on bound PHY contexts - iwlwifi: pcie: free IML DMA memory allocation - sfc: avoid double pci_remove of VFs - sfc: error code if SRIOV cannot be disabled - wireless: wext-spy: Fix out-of-bounds warning - net: ip: avoid OOM kills with large UDP sends over loopback - RDMA/cma: Fix rdma_resolve_route() memory leak - Bluetooth: Fix the HCI to MGMT status conversion table - Bluetooth: Shutdown controller after workqueues are flushed or cancelled - Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc. - sctp: validate from_addr_param return (CVE-2021-3655) - sctp: add size validation when walking chunks (CVE-2021-3655) - fscrypt: don't ignore minor_hash when hash is 0 - bdi: Do not use freezable workqueue - [arm64] serial: mvebu-uart: clarify the baud rate derivation - [arm64] serial: mvebu-uart: fix calculation of clock divisor - fuse: reject internal errno - [powerpc*] barrier: Avoid collision with clang's __lwsync macro - usb: gadget: f_fs: Fix setting of device and driver data cross-references - drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() - pinctrl/amd: Add device HID for new AMD GPIO controller - [arm64] drm/msm/mdp4: Fix modifier support enabling - mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode - mmc: core: clear flags before allowing to retune - mmc: core: Allow UHS-I voltage switch for SDSC cards if supported - [armhf] ata: ahci_sunxi: Disable DIPM - cpu/hotplug: Cure the cpusets trainwreck - [arm64,armhf] clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround - [arm64,armhf] ASoC: tegra: Set driver_name=tegra for all machine drivers - qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute - ipmi/watchdog: Stop watchdog timer when the current action is 'none' - seq_buf: Fix overflow in seq_buf_putmem_hex() - tracing: Simplify & fix saved_tgids logic - tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT - dm btree remove: assign new_root only when removal succeeds - PCI: Leave Apple Thunderbolt controllers on for s2idle or standby - [arm64] PCI: aardvark: Fix checking for PIO Non-posted Request - media: subdev: disallow ioctl for saa6588/davinci - media: dtv5100: fix control-request directions - media: zr364xx: fix memory leak in zr364xx_start_readpipe - media: gspca/sq905: fix control-request direction - media: gspca/sunplus: fix zero-length control requests - media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K - [armhf] pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq() - jfs: fix GPF in diFree - [x86] KVM: x86: Use guest MAXPHYADDR from CPUID.0x8000_0008 iff TDP is enabled - [x86] KVM: X86: Disable hardware breakpoints unconditionally before kvm_x86->run() - scsi: core: Fix bad pointer dereference when ehandler kthread is invalid - tracing: Do not reference char * as a string in histograms - [arm64] PCI: aardvark: Don't rely on jiffies while holding spinlock - [arm64] PCI: aardvark: Fix kernel panic during PIO transfer - [x86] misc/libmasm/module: Fix two use after free in ibmasm_init_one - Revert "ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro" - w1: ds2438: fixing bug that would always get page0 - scsi: lpfc: Fix "Unexpected timeout" error in direct attach topology - scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the SGLs - scsi: core: Cap scsi_host cmd_per_lun at can_queue - [x86] tty: serial: 8250: serial_cs: Fix a memory leak in error handling path - scsi: scsi_dh_alua: Check for negative result value - fs/jfs: Fix missing error code in lmLogInit() - scsi: iscsi: Add iscsi_cls_conn refcount helpers - scsi: iscsi: Fix conn use after free during resets - scsi: iscsi: Fix shost->max_id use - scsi: qedi: Fix null ref during abort handling - [armhf] mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE - [s390x] sclp_vt220: fix console name to match device (Closes: #961056) - [i386] ALSA: sb: Fix potential double-free of CSP mixer elements - [powerpc*] ps3: Add dma_mask to ps3_dma_region - [arm64] gpio: zynq: Check return value of pm_runtime_get_sync - [arm64,armhf] gpio: pca953x: Add support for the On Semi pca9655 - ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() - ALSA: bebob: add support for ToneWeal FW66 - usb: gadget: f_hid: fix endianness issue with descriptors - [powerpc*] boot: Fixup device-tree on little endian - [arm64,armhf] ALSA: hda: Add IRQ check for platform_get_irq() - [x86] intel_th: Wait until port is in reset before programming it - i2c: core: Disable client irq on reboot/shutdown - lib/decompress_unlz4.c: correctly handle zero-padding around initrds. - [x86] power: supply: max17042: Do not enforce (incorrect) interrupt trigger type - [armel,armhf] power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE - [x86] watchdog: Fix possible use-after-free in wdt_startup() - [x86] watchdog: Fix possible use-after-free by calling del_timer_sync() - [x86] watchdog: iTCO_wdt: Account for rebooting on second timeout - [x86] fpu: Return proper error codes from user access functions - [arm64,armhf] PCI: tegra: Add missing MODULE_DEVICE_TABLE - orangefs: fix orangefs df output. - ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty - NFS: nfs_find_open_context() may only select open files - [arm64,armhf] pwm: tegra: Don't modify HW state in .remove callback - [arm64] ACPI: AMBA: Fix resource name in /proc/iomem - [x86] ACPI: video: Add quirk for the Dell Vostro 3350 - virtio-blk: Fix memory leak among suspend/resume procedure - virtio_net: Fix error handling in virtnet_restore() - virtio_console: Assure used length from device is limited (CVE-2021-38160) - f2fs: add MODULE_SOFTDEP to ensure crc32 is included in the initramfs - PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun - NFSv4: Initialise connection to the server in nfs4_alloc_client() (CVE-2021-38199) - nfs: fix acl memory leak of posix_acl_create() - ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode - [x86] fpu: Limit xstate copy size in xstateregs_set() - virtio_net: move tx vq operation under tx queue lock - [i386] ALSA: isa: Fix error return code in snd_cmi8330_probe() - NFSv4/pNFS: Don't call _nfs4_pnfs_v3_ds_connect multiple times - rtc: fix snprintf() checking in is_rtc_hctosys() - [arm64,armhf] reset: bail if try_module_get() fails - [armhf] dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema - scsi: be2iscsi: Fix an error handling path in beiscsi_dev_probe() - net: bridge: multicast: fix PIM hello router port marking race - scsi: scsi_dh_alua: Fix signedness bug in alua_rtpg() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.199 - [armhf] dts: rockchip: fix pinctrl sleep nodename for rk3036-kylin and rk3288 - [armhf] imx: pm-imx5: Fix references to imx5_cpu_suspend_info - [armhf] dts: rockchip: fix supply properties in io-domains nodes - [arm64,armhf] soc/tegra: fuse: Fix Tegra234-only builds - thermal/core: Correct function name thermal_zone_device_unregister() - [arm64,armhf] rtc: max77686: Do not enforce (incorrect) interrupt trigger type - scsi: aic7xxx: Fix unintentional sign extension issue on left shift of u8 - scsi: libsas: Add LUN number check in .slave_alloc callback - scsi: libfc: Fix array index out of bound exception - sched/fair: Fix CFS bandwidth hrtimer expiry type - mm: slab: fix kmem_cache_create failed when sysfs node not destroyed - dm writecache: return the exact table values that were set - dm writecache: fix writing beyond end of underlying device when shrinking - [arm64,armhf] net: dsa: mv88e6xxx: enable .rmu_disable() on Topaz - net: ipv6: fix return value of ip6_skb_dst_mtu - netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo - net: bridge: sync fdb to new unicast-filtering ports - [arm64] net: qcom/emac: fix UAF in emac_remove - net: ti: fix UAF in tlan_remove_one - net: send SYNACK packet with accepted fwmark - net: validate lwtstate->data before returning from skb_tunnel_info() - dma-buf/sync_file: Don't leak fences on merge failure - tcp: annotate data races around tp->mtu_info - ipv6: tcp: drop silly ICMPv6 packet too big messages - udp: annotate data races around unix_sk(sk)->gso_size - net: ip_tunnel: fix mtu calculation for ETHER tunnel devices - igb: Fix use-after-free error during reset - ixgbe: Fix an error handling path in 'ixgbe_probe()' - igb: Fix an error handling path in 'igb_probe()' - e1000e: Fix an error handling path in 'e1000_probe()' - iavf: Fix an error handling path in 'iavf_probe()' - igb: Check if num of q_vectors is smaller than max before array access - igb: Fix position of assignment to *ring - ipv6: fix 'disable_policy' for fwd packets - nvme-pci: do not call nvme_dev_remove_admin from nvme_remove - liquidio: Fix unintentional sign extension issue on left shift of u16 - net: fix uninit-value in caif_seqpkt_sendmsg - net: decnet: Fix sleeping inside in af_decnet - [powerpc*] KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak - netrom: Decrease sock refcount when sock timers expire - scsi: iscsi: Fix iface sysfs attr detection - scsi: target: Fix protect handling in WRITE SAME(32) - net/tcp_fastopen: fix data races around tfo_active_disable_stamp - net/sched: act_skbmod: Skip non-Ethernet packets - nvme-pci: don't WARN_ON in nvme_reset_work if ctrl.state is not RESETTING - Revert "USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem" - sctp: update active_key for asoc when old key is being replaced - net: sched: cls_api: Fix the the wrong parameter - [arm64,armhf] drm/panel: raspberrypi-touchscreen: Prevent double-free - proc: Avoid mixing integer types in mem_rw() - [s390x] ftrace: fix ftrace_update_ftrace_func implementation - ALSA: usb-audio: Add registration quirk for JBL Quantum headsets - [i386] ALSA: sb: Fix potential ABBA deadlock in CSP driver - xhci: Fix lost USB 2 remote wake - [powerpc*] KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow (CVE-2021-37576) - usb: hub: Disable USB 3 device initiated lpm if exit latency is too high - usb: hub: Fix link power management max exit latency (MEL) calculations - USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS - USB: serial: option: add support for u-blox LARA-R6 family - USB: serial: cp210x: fix comments for GE CS1000 - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick - [arm*] usb: dwc2: gadget: Fix sending zero length packet in DDMA mode. - tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. (CVE-2021-3679) - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() - ixgbe: Fix packet corruption due to missing DMA sync - drm: Return -ENOTTY for non-drm ioctls - KVM: do not assume PTE is writable after follow_pfn - KVM: do not allow mapping valid but non-reference-counted pages (CVE-2021-22543) - KVM: Use kvm_pfn_t for local PFN variable in hva_to_pfn_remapped() - [arm64,armhf] net: dsa: mv88e6xxx: use correct .stats_set_histogram() on Topaz - btrfs: compression: don't try to compress if we don't have enough pages - PCI: Mark AMD Navi14 GPU ATS as broken - xhci: add xhci_get_virt_ep() helper https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.200 - [x86] KVM: determine if an exception has an error code only when injecting it. - net: split out functions related to registering inflight socket files - af_unix: fix garbage collect vs MSG_PEEK - workqueue: fix UAF in pwq_unbound_release_workfn() - net/802/mrp: fix memleak in mrp_request_join() - net/802/garp: fix memleak in garp_request_join() - net: annotate data race around sk_ll_usec - sctp: move 198 addresses from unusable to private scope - hfs: add missing clean-up in hfs_fill_super - hfs: fix high memory mapping in hfs_bnode_read - hfs: add lock nesting notation to hfs_find_init - cifs: fix the out of range assignment to bit fields in parse_server_interfaces https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.201 - virtio_net: Do not pull payload in skb->head - gro: ensure frag0 meets IP header alignment - [x86] asm: Ensure asm/proto.h can be included stand-alone - btrfs: fix rw device counting in __btrfs_free_extra_devids - [x86] kvm: fix vcpu-id indexed array sizes - ocfs2: fix zero out valid data - ocfs2: issue zeroout to EOF blocks - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF - can: mcba_usb_start(): add missing urb->transfer_dma initialization - can: usb_8dev: fix memory leak - can: ems_usb: fix memory leak - can: esd_usb2: fix memory leak - NIU: fix incorrect error return, missed in previous revert - nfc: nfcsim: fix use after free during module unload - cfg80211: Fix possible memory leak in function cfg80211_bss_update - netfilter: conntrack: adjust stop timestamp to real expiry value - netfilter: nft_nat: allow to specify layer 4 protocol NAT only - i40e: Fix logic of disabling queues - i40e: Fix log TC creation failure when max num of queues is exceeded - tipc: fix sleeping in tipc accept routine - mlx4: Fix missing error code in mlx4_load_one() - net: llc: fix skb_over_panic - net/mlx5: Fix flow table chaining - sctp: fix return value check in __sctp_rcv_asconf_lookup - tulip: windbond-840: Fix missing pci_disable_device() in probe and remove - sis900: Fix missing pci_disable_device() in probe and remove - [powerpc*] pseries: Fix regression while building external modules - i40e: Add additional info to PHY type error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.202 - btrfs: mark compressed range uptodate only if all bio succeed - r8152: Fix potential PM refcount imbalance - qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union() - net: Fix zero-copy head len calculation. - bdi: move bdi_dev_name out of line - bdi: use bdi_dev_name() to get device name - bdi: add a ->dev_name field to struct backing_dev_info - Revert "Bluetooth: Shutdown controller after workqueues are flushed or cancelled" - [x86] Revert "watchdog: iTCO_wdt: Account for rebooting on second timeout" - padata: validate cpumask without removed CPU during offline - padata: add separate cpuhp node for CPUHP_PADATA_DEAD https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.203 - Revert "ACPICA: Fix memory leak caused by _CID repair function" - ALSA: seq: Fix racy deletion of subscriber - [armhf] imx: add missing iounmap() - ALSA: usb-audio: fix incorrect clock source setting - scsi: sr: Return correct event when media event code is 3 - media: videobuf2-core: dequeue if start_streaming fails - net: natsemi: Fix missing pci_disable_device() in probe and remove - sctp: move the active_key update after sh_keys is added - nfp: update ethtool reporting of pauseframe control - net: ipv6: fix returned variable type in ip6_skb_dst_mtu - bnx2x: fix an error code in bnx2x_nic_load() - net: pegasus: fix uninit-value in get_interrupt_interval - [armhf] net: fec: fix use-after-free in fec_drv_remove - net: vxge: fix use-after-free in vxge_device_unregister - Bluetooth: defer cleanup of resources in hci_unregister_dev() - USB: usbtmc: Fix RCU stall warning - USB: serial: option: add Telit FD980 composition 0x1056 - USB: serial: ch341: fix character loss at high transfer rates - USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2 - firmware_loader: use -ETIMEDOUT instead of -EAGAIN in fw_load_sysfs_fallback - firmware_loader: fix use-after-free in firmware_fallback_sysfs - ALSA: usb-audio: Add registration quirk for JBL Quantum 600 - usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers - usb: gadget: f_hid: fixed NULL pointer dereference - usb: gadget: f_hid: idle uses the highest byte for duration - tracing/histogram: Rename "cpu" to "common_cpu" - [arm64] optee: Clear stale cache entries during initialization - staging: rtl8723bs: Fix a resource leak in sd_int_dpc - media: rtl28xxu: fix zero-length control request - pipe: increase minimum default pipe size to 2 pages - ext4: fix potential htree corruption when growing large_dir directories - serial: 8250: Mask out floating 16/32-bit bus bits - [mips*] Malta: Do not byte-swap accesses to the CBUS UART - [x86] pcmcia: i82092: fix a null pointer dereference bug - [x86] KVM: accept userspace interrupt only if no event is injected - [x86] KVM: x86/mmu: Fix per-cpu counter corruption on 32-bit builds - [armhf] spi: meson-spicc: fix memory leak in meson_spicc_remove - qmi_wwan: add network device usage statistics for qmimux devices - libata: fix ata_pio_sector for CONFIG_HIGHMEM - reiserfs: add check for root_inode in reiserfs_fill_super - reiserfs: check directory items on read from disk - net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and ql_adapter_reset - [armhf] imx: add mmdc ipg clock operation for mmdc https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.204 - [x86] KVM: SVM: Fix off-by-one indexing when nullifying last used SEV VMCB - bpf: Inherit expanded/patched seen count from old aux data (CVE-2021-33624) - bpf: Do not mark insn as seen under speculative path verification (CVE-2021-33624) - bpf: Fix leakage under speculation on mispredicted branches (CVE-2021-33624) - [x86] KVM: MMU: Use the correct inherited permissions to get shadow page (CVE-2021-38198) - USB:ehci:fix Kunpeng920 ehci hardware problem - ppp: Fix generating ppp unit id when ifname is not specified - ovl: prevent private clone if bind mount is not allowed CVE-2021-3732) - net: xilinx_emaclite: Do not print real IOMEM pointer (CVE-2021-38205) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.205 - [x86] ASoC: intel: atom: Fix reference to PCM buffer address - i2c: dev: zero out array used for i2c reads from userspace - [amd64,arm64] ACPI: NFIT: Fix support for virtual SPA ranges - ieee802154: hwsim: fix GPF in hwsim_set_edge_lqi - ieee802154: hwsim: fix GPF in hwsim_new_edge_nl - ppp: Fix generating ifname when empty IFLA_IFNAME is specified - net: Fix memory leak in ieee802154_raw_deliver - net: igmp: fix data-race in igmp_ifc_timer_expire() - net: bridge: fix memleak in br_add_if() - tcp_bbr: fix u32 wrap bug in round logic if bbr_init() called after 2B packets - net: igmp: increase size of mr_ifc_count - xen/events: Fix race in set_evtchn_to_irq - vsock/virtio: avoid potential deadlock when vsock device remove - [powerpc*] kprobes: Fix kprobe Oops happens in booke - genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP - [x86] msi: Force affinity setup before startup - [x86] ioapic: Force affinity setup before startup - genirq/msi: Ensure deactivation on teardown - PCI/MSI: Enable and mask MSI-X early - PCI/MSI: Do not set invalid bits in MSI mask - PCI/MSI: Correct misleading comments - PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown() - PCI/MSI: Protect msi_desc::masked for multi-MSI - PCI/MSI: Mask all unused MSI-X entries - PCI/MSI: Enforce that MSI-X table entry is masked for update - PCI/MSI: Enforce MSI[X] entry updates to be visible - [amd64] iommu/vt-d: Fix agaw for a supported 48 bit guest address width - mac80211: drop data frames without key on encrypted links - [x86] KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) - [x86] KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) - [x86] fpu: Make init_fpstate correct with optimized XSAVE - ath: Use safer key clearing with key cache entries (CVE-2020-3702) - ath9k: Clear key cache explicitly on disabling hardware (CVE-2020-3702) - ath: Export ath_hw_keysetmac() (CVE-2020-3702) - ath: Modify ath_key_delete() to not need full key entry (CVE-2020-3702) - ath9k: Postpone key cache entry deletion for TXQ frames reference it (CVE-2020-3702) - dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is not yet available - scsi: megaraid_mm: Fix end of loop tests for list_for_each_entry() - scsi: scsi_dh_rdac: Avoid crash during rdac_bus_attach() - scsi: core: Avoid printing an error if target_alloc() returns -ENXIO - net: usb: lan78xx: don't modify phy_device state concurrently - Bluetooth: hidp: use correct wait queue when removing ctrl_wait - [arm64] cpufreq: armada-37xx: forbid cpufreq for 1.2 GHz variant - vhost: Fix the calculation in vhost_overflow() - bnxt: don't lock the tx queue from napi poll - bnxt: disable napi before canceling DIM - net: 6pack: fix slab-out-of-bounds in decode_data - net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32 - [arm64,armhf] net: mdio-mux: Don't ignore memory allocation errors - [arm64,armhf] net: mdio-mux: Handle -EPROBE_DEFER correctly - [arm64,armhf] mmc: dw_mmc: Fix hang on data CRC error - ALSA: hda - fix the 'Capture Switch' value change notifications - btrfs: prevent rename2 from exchanging a subvol with a directory from different parents - PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI - [x86] ASoC: intel: atom: Fix breakage for PCM buffer address setup - locks: print a warning when mount fails due to lack of "mand" support - fs: warn about impending deprecation of mandatory locks - netfilter: nft_exthdr: fix endianness of tcp option cast https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.206 - net: qrtr: fix another OOB Read in qrtr_endpoint_post (CVE-2021-3743) - bpf: Do not use ax register in interpreter on div/mod - bpf: Fix 32 bit src register truncation on div/mod (CVE-2021-3600) - bpf: Fix truncation handling for mod32 dst reg wrt zero (CVE-2021-3444) - netfilter: conntrack: collect all entries in one cycle - once: Fix panic when module unload - can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX and TX error counters - Revert "USB: serial: ch341: fix character loss at high transfer rates" - USB: serial: option: add new VID/PID to support Fibocom FG150 - [arm64,armhf] usb: dwc3: gadget: Fix dwc3_calc_trbs_left() - [arm64,armhf] usb: dwc3: gadget: Stop EP0 transfers during pullup disable - [amd64] IB/hfi1: Fix possible null-pointer dereference in _extend_sdma_tx_descs() - e1000e: Fix the max snoop/no-snoop latency for 10M - ip_gre: add validation for csum_start - [arm64] xgene-v2: Fix a resource leak in the error handling path of 'xge_probe()' - [arm64,armhf] net: marvell: fix MVNETA_TX_IN_PRGRS bit number - [arm64] net: hns3: fix get wrong pfc_en when query PFC configuration - usb: gadget: u_audio: fix race condition on endpoint stop - opp: remove WARN when no valid OPPs remain - virtio: Improve vq->broken access to avoid any compiler optimization - virtio_pci: Support surprise removal of virtio pci device - [amd64] vringh: Use wiov->used to check for read/write desc order - qed: qed ll2 race condition fixes - qed: Fix null-pointer dereference in qed_rdma_create_qp() - drm: Copy drm_wait_vblank to user before returning - drm/nouveau/disp: power down unused DP links during init - net/rds: dma_map_sg is entitled to merge entries - vt_kdsetmode: extend console locking (CVE-2021-3753) - fbmem: add margin check to fb_check_caps() - [x86] KVM: x86/mmu: Treat NX as used (not reserved) for all !TDP shadow MMUs - Revert "floppy: reintroduce O_NDELAY fix" - net: don't unconditionally copy_from_user a struct ifreq for socket ioctls https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.207 - ext4: fix race writing to an inline_data file while its xattrs are changing (CVE-2021-40490) - [armhf] gpu: ipu-v3: Fix i.MX IPU-v3 offset calculations for (semi)planar U/V formats - qed: Fix the VF msix vectors flow - [arm64] net: macb: Add a NULL check on desc_ptp - qede: Fix memset corruption - [x86] perf/x86/intel/pt: Fix mask of num_address_ranges - [x86] perf/x86/amd/ibs: Work around erratum #1197 - [armel,armhf] 8918/2: only build return_address() if needed - ALSA: pcm: fix divide error in snd_pcm_lib_ioctl - clk: fix build warning for orphan_list - media: stkwebcam: fix memory leak in stk_camera_probe - [armhf] imx: add missing clk_disable_unprepare() - [armhf] imx: fix missing 3rd argument in macro imx_mmdc_perf_init - igmp: Add ip_mc_list lock in ip_check_mc_rcu - ipv4/icmp: l3mdev: Perform icmp error route lookup on source device routing table (v2) - SUNRPC/nfs: Fix return value for nfs4_callback_compound() - [powerpc*] module64: Fix comment in R_PPC64_ENTRY handling - [powerpc*] boot: Delete unneeded .globl _zimage_start - mm/page_alloc: speed up the iteration of max_order - Revert "btrfs: compression: don't try to compress if we don't have enough pages" - ALSA: usb-audio: Add registration quirk for JBL Quantum 800 - [x86] reboot: Limit Dell Optiplex 990 quirk to early BIOS versions - PCI: Call Max Payload Size-related fixup quirks early - locking/mutex: Fix HANDOFF condition - regmap: fix the offset of register error log - sched/deadline: Fix reset_on_fork reporting of DL tasks - power: supply: axp288_fuel_gauge: Report register-address on readb / writeb errors - sched/deadline: Fix missing clock update in migrate_task_rq_dl() - hrtimer: Avoid double reprogramming in __hrtimer_start_range_ns() - udf: Check LVID earlier - isofs: joliet: Fix iocharset=utf8 mount option - bcache: add proper error unwinding in bcache_device_init - nvme-rdma: don't update queue count when failing to set io queues - [x86] power: supply: max17042_battery: fix typo in MAx17042_TOFF - [s390x] cio: add dev_busid sysfs entry for each subchannel - libata: fix ata_host_start() - [x86] crypto: qat - do not ignore errors from enable_vf2pf_comms() - [x86] crypto: qat - handle both source of interrupt in VF ISR - [x86] crypto: qat - fix reuse of completion variable - [x86] crypto: qat - fix naming for init/shutdown VF to PF notifications - [x86] crypto: qat - do not export adf_iov_putmsg() - fcntl: fix potential deadlock for &fasync_struct.fa_lock - udf_get_extendedattr() had no boundary checks. - lib/mpi: use kcalloc in mpi_resize - [x86] crypto: qat - use proper type for vf_mask - media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init - media: dvb-usb: fix uninit-value in vp702x_read_mac_addr - media: go7007: remove redundant initialization - Bluetooth: sco: prevent information leak in sco_conn_defer_accept() - tcp: seq_file: Avoid skipping sk during tcp_seek_last_pos - media: em28xx-input: fix refcount bug in em28xx_usb_disconnect - [arm64] media: venus: venc: Fix potential null pointer dereference on pointer fmt - PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently - PCI: PM: Enable PME if it can be signaled from D3cold - Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow - [arm64] drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear necessary LMs - Bluetooth: fix repeated calls to sco_sock_kill - [arm64] drm/msm/dsi: Fix some reference counted resource leaks - [armhf] usb: phy: twl6030: add IRQ checks - Bluetooth: Move shutdown callback before flushing tx and rx queue - mac80211: Fix insufficient headroom issue for AMSDU - Bluetooth: add timeout sanity check to hci_inquiry - [armhf] i2c: s3c2410: fix IRQ check - [arm64,armhf] mmc: dw_mmc: Fix issue with uninitialized dma_slave_config - CIFS: Fix a potencially linear read overflow - [arm*] usb: ehci-orion: Handle errors of clk_prepare_enable() in probe - ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() - bcma: Fix memory leak for internally-handled cores - ipv4: make exception cache less predictible - net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed - ipv4: fix endianness issue in inet_rtm_getroute_build_skb() - netns: protect netns ID lookups with RCU - fscrypt: add fscrypt_symlink_getattr() for computing st_size - ext4: report correct st_size for encrypted symlinks - f2fs: report correct st_size for encrypted symlinks - ubifs: report correct st_size for encrypted symlinks - tty: Fix data race between tiocsti() and flush_to_ldisc() - [x86] KVM: Update vCPU's hv_clock before back to guest when tsc_offset is adjusted - fbmem: don't allow too huge resolutions - [arm64,armhf] backlight: pwm_bl: Improve bootloader/kernel device handover - [armel] clk: kirkwood: Fix a clocking boot regression - btrfs: reset replace target device to allocation state on close - blk-zoned: allow zone management send operations without CAP_SYS_ADMIN - blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN - PCI/MSI: Skip masking MSI-X on Xen PV - [powerpc*] perf/hv-gpci: Fix counter value parsing - xen: fix setting of max_pfn in shared_info - 9p/xen: Fix end of loop tests for list_for_each_entry - bpf/verifier: per-register parent pointers - bpf: correct slot_type marking logic to allow more stack slot sharing - bpf: Support variable offset stack access from helpers - bpf: Reject indirect var_off stack access in raw mode - bpf: Reject indirect var_off stack access in unpriv mode - bpf: Sanity check max value for var_off stack access - bpf: track spill/fill of constants - bpf: Introduce BPF nospec instruction for mitigating Spectre v4 (CVE-2021-34556, CVE-2021-35477) - bpf: Fix leakage due to insufficient speculative store bypass mitigation (CVE-2021-34556, CVE-2021-35477) - bpf: verifier: Allocate idmap scratch in verifier env - bpf: Fix pointer arithmetic mask tightening under state pruning - [arm64] head: avoid over-mapping in map_memory - block: bfq: fix bfq_set_next_ioprio_data() - [x86] power: supply: max17042: handle fails of reading status register - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc() - [x86] VMCI: fix NULL pointer dereference when unmapping queue pair - media: uvc: don't do DMA on stack - media: rc-loopback: return number of emitters rather than error - libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs - PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported - PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure - [arm64] PCI: xilinx-nwl: Enable the clock through CCF - [arm64] PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response - [arm64] PCI: aardvark: Fix masking and unmasking legacy INTx interrupts - HID: input: do not report stylus battery state as "full" - RDMA/iwcm: Release resources if iw_cm module initialization fails - docs: Fix infiniband uverbs minor number - [armhf] pinctrl: samsung: Fix pinctrl bank pin count - [powerpc*] stacktrace: Include linux/delay.h - [arm64,armhf] pinctrl: single: Fix error return code in pcs_parse_bits_in_pinctrl_entry() - scsi: qedi: Fix error codes in qedi_alloc_global_queues() - [x86] platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call - fscache: Fix cookie key hashing - f2fs: fix to account missing .skipped_gc_rwsem - f2fs: fix to unmap pages from userspace process in punch_hole() - [mips*] Malta: fix alignment of the devicetree buffer - userfaultfd: prevent concurrent API initialization - media: dib8000: rewrite the init prbs logic - PCI: Use pci_update_current_state() in pci_enable_device_flags() - tipc: keep the skb in rcv queue until the whole data is read - video: fbdev: kyro: fix a DoS bug by restricting user input - netlink: Deal with ESRCH error in nlmsg_notify() - usb: gadget: u_ether: fix a potential null pointer dereference - usb: gadget: composite: Allow bMaxPower=0 if self-powered - tty: serial: jsm: hold port lock when reporting modem line changes - video: fbdev: kyro: Error out if 'pixclock' equals zero - ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs() - flow_dissector: Fix out-of-bounds warnings - [s390x] jump_label: print real address in a case of a jump label bug - serial: 8250: Define RX trigger levels for OxSemi 950 devices - serial: 8250_pci: make setup_port() parameters explicitly unsigned - Bluetooth: skip invalid hci_sync_conn_complete_evt - bonding: 3ad: fix the concurrency between __bond_release_one() and bond_3ad_state_machine_handler() - [x86] ASoC: Intel: bytcr_rt5640: Move "Platform Clock" routes to the maps for the matching in-/output - media: v4l2-dv-timings.c: fix wrong condition in two for-loops - [armhf] dts: imx53-ppd: Fix ACHC entry - [arm64] dts: qcom: sdm660: use reg value for memory node - [arm64] net: ethernet: stmmac: Do not use unreachable() in ipq806x_gmac_probe() - Bluetooth: schedule SCO timeouts with delayed_work - Bluetooth: avoid circular locks in sco_sock_connect - gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable access in amdgpu_i2c_router_select_ddc_port() - Bluetooth: Fix handling of LE Enhanced Connection Complete - tcp: enable data-less, empty-cookie SYN with TFO_SERVER_COOKIE_NOT_REQD - rpc: fix gss_svc_init cleanup on failure - [x86] staging: rts5208: Fix get_ms_information() heap buffer size - gfs2: Don't call dlm after protocol is unmounted - of: Don't allow __of_attached_node_sysfs() without CONFIG_SYSFS - [arm64] mmc: sdhci-of-arasan: Check return value of non-void funtions - mmc: rtsx_pci: Fix long reads when clock is prescaled - mmc: core: Return correct emmc response in case of ioctl error - cifs: fix wrong release in sess_alloc_buffer() failed path - Revert "USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set" - [armhf] usb: musb: musb_dsps: request_irq() after initializing musb - usbip: give back URBs for unsent unlink requests during cleanup - usbip:vhci_hcd USB port can get stuck in the disabled state - [arm64,armhf] ASoC: rockchip: i2s: Fix regmap_ops hang - [arm64,armhf] ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B - parport: remove non-zero check on count - ath9k: fix OOB read ar9300_eeprom_restore_internal - ath9k: fix sleeping in atomic context - ovl: fix BUG_ON() in may_delete() when called from ovl_cleanup() - [x86] scsi: BusLogic: Fix missing pr_cont() use - scsi: qla2xxx: Sync queue idx with queue_pair_map idx - [powerpc*] cpufreq: powernv: Fix init_chip_info initialization in numa=off - mm/hugetlb: initialize hugetlb_usage in mm_init - memcg: enable accounting for pids in nested pid namespaces - [arm64,armhf] platform/chrome: cros_ec_proto: Send command again when timeout occurs - drm/amdgpu: Fix BUG_ON assert - dm thin metadata: Fix use-after-free in dm_bm_set_read_only - [x86] xen: reset legacy rtc flag for PV domU - bnx2x: Fix enabling network interfaces without VFs - [arm64] sve: Use correct size when reinitialising SVE state - PM: base: power: don't try to use non-existing RTC for storing data - PCI: Add AMD GPU multi-function power dependencies - [x86] mm: Fix kern_addr_valid() to cope with existing but not present entries - tipc: fix an use-after-free issue in tipc_recvmsg - dccp: don't duplicate ccid when cloning dccp sock (CVE-2020-16119) - net/l2tp: Fix reference count leak in l2tp_udp_recv_core - r6040: Restore MDIO clock frequency after MAC reset - tipc: increase timeout in tipc_sk_enqueue() - net/mlx5: Fix potential sleeping in atomic context - events: Reuse value read using READ_ONCE instead of re-reading it - net/af_unix: fix a data-race in unix_dgram_poll - [arm64,armhf] net: dsa: destroy the phylink instance on any error in dsa_slave_phy_setup - tcp: fix tp->undo_retrans accounting in tcp_sacktag_one() - qed: Handle management FW error - [arm64] net: hns3: pad the short tunnel frame before sending to hardware - mm/memory_hotplug: use "unsigned long" for PFN in zone_for_pfn_range() - [s390x] KVM: index kvm->arch.idle_mask by vcpu_idx - dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation - [armhf] mfd: Don't use irq_create_mapping() to resolve a mapping - PCI: Add ACS quirks for Cavium multi-function devices - net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920 - block, bfq: honor already-setup queue merges - ethtool: Fix an error code in cxgb2.c - mfd: axp20x: Update AXP288 volatile ranges - PCI: Fix pci_dev_str_match_path() alloc while atomic bug - [arm64] KVM: Handle PSCI resets before userspace touches vCPU state - mtd: rawnand: cafe: Fix a resource leak in the error handling path of 'cafe_nand_probe()' - [armhf] net: dsa: b53: Fix calculating number of switch ports - netfilter: socket: icmp6: fix use-after-scope - fq_codel: reject silly quantum parameters - qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom - ip_gre: validate csum_start only on pull https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.208 - [s390x] bpf: Fix optimizing out zero-extensions - KVM: remember position in kvm->vcpus array - rcu: Fix missed wakeup of exp_wq waiters - apparmor: remove duplicate macro list_entry_is_head() - tracing/kprobe: Fix kprobe_on_func_entry() modification - sctp: validate chunk size in __rcv_asconf_lookup (CVE-2021-3655) - sctp: add param size validation for SCTP_PARAM_SET_PRIMARY (CVE-2021-3655) - dmaengine: acpi: Avoid comparison GSI with Linux vIRQ - [armhf] thermal/drivers/exynos: Fix an error code in exynos_tmu_probe() - 9p/trans_virtio: Remove sysfs file on probe failure - prctl: allow to setup brk for et_dyn executables - nilfs2: use refcount_dec_and_lock() to fix potential UAF - profiling: fix shift-out-of-bounds bugs - drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION() - ceph: lockdep annotations for try_nonblocking_invalidate - nilfs2: fix memory leak in nilfs_sysfs_create_device_group - nilfs2: fix NULL pointer in nilfs_##name##_attr_release - nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group - nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group - nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group - nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group - [arm64,armhf] pwm: rockchip: Don't modify HW state in .remove() callback - blk-throttle: fix UAF by deleteing timer in blk_throtl_exit() - drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.195-rt82 * [rt] Update to 4.19.196-rt83 * Bump ABI to 18 * [rt] Update to 4.19.197-rt84 * Refresh "fs: Add MODULE_SOFTDEP declarations for hard-coded crypto drivers" * [rt] Update to 4.19.198-rt85 * Refresh "scsi: hisi_sas: Create separate host attributes per HBA" * [rt] Update to 4.19.199-rt86 * [rt] Update to 4.19.206-rt87 * [rt] Update to 4.19.207-rt88 * hso: fix bailout in error case of probe * usb: hso: fix error handling code of hso_create_net_device (CVE-2021-37159) * usb: hso: remove the bailout parameter linux-signed-arm64 (4.19.194+3) buster-security; urgency=high . * Sign kernel from linux 4.19.194-3 . * [x86] KVM: SVM: Periodically schedule when unregistering regions on destroy (CVE-2020-36311) * can: bcm: fix infoleak in struct bcm_msg_head (CVE-2021-34693) * can: bcm: delay release of struct bcm_op after synchronize_rcu() (CVE-2021-3609) * seq_file: Disallow extremely large seq buffer allocations (CVE-2021-33909) linux-signed-arm64 (4.19.194+2) buster; urgency=medium . * Sign kernel from linux 4.19.194-2 . * proc: Track /proc/$pid/attr/ opener mm_struct (Closes: #990072) linux-signed-i386 (4.19.208+1) buster; urgency=medium . * Sign kernel from linux 4.19.208-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.195 - perf/core: Fix endless multiplex timer - net/nfc/rawsock.c: fix a permission check bug - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Glavey TM800A550L tablet - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Lenovo Miix 3-830 tablet - bonding: init notify_work earlier to avoid uninitialized use - netlink: disable IRQs for netlink_lock_table() - net: mdiobus: get rid of a BUG_ON() - cgroup: disable controllers at parse time - wq: handle VM suspension in stall detection - net/qla3xxx: fix schedule while atomic in ql_sem_spinlock - RDS tcp loopback connection can hang - scsi: bnx2fc: Return failure if io_req is already in ABTS processing - [x86] scsi: vmw_pvscsi: Set correct residual data length - scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal - [arm64] net: macb: ensure the device is available before accessing GEMGXL control registers - nvme-fabrics: decode host pathing error for connect - [mips*] Fix kernel hang under FUNCTION_GRAPH_TRACER and PREEMPT_TRACER - bnx2x: Fix missing error code in bnx2x_iov_init_one() - [powerpc*] i2c: mpc: Make use of i2c_recover_bus() - [powerpc*] i2c: mpc: implement erratum A-004447 workaround - drm: Fix use-after-free read in drm_getunique() - drm: Lock pointer access in drm_master_release() - kvm: avoid speculation-based attacks from out-of-range memslot accesses - [arm64,x86] staging: rtl8723bs: Fix uninitialized variables - btrfs: return value from btrfs_mark_extent_written() in case of error - cgroup1: don't allow '\n' in renaming - USB: f_ncm: ncm_bitrate (speed) is unsigned - usb: f_ncm: only first packet of aggregate needs to start timer - usb: pd: Set PD_T_SINK_WAIT_CAP to 310ms - [arm64,armhf] usb: dwc3: ep0: fix NULL pointer exception - [x86] usb: typec: ucsi: Clear PPM capability data in ucsi_init() error path - usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind - USB: serial: ftdi_sio: add NovaTech OrionMX product ID - USB: serial: omninet: add device id for Zyxel Omni 56K Plus - USB: serial: quatech2: fix control-request directions - USB: serial: cp210x: fix alternate function for CP2102N QFN20 - usb: gadget: eem: fix wrong eem header operation - usb: fix various gadgets null ptr deref on 10gbps cabling. - usb: fix various gadget panics on 10gbps cabling - regulator: core: resolve supply for boot-on/always-on regulators - [arm64] regulator: max77620: Use device_set_of_node_from_dev() - RDMA/mlx4: Do not map the core_clock page to user space unless enabled - perf: Fix data race between pin_count increment/decrement - sched/fair: Make sure to update tg contrib for blocked load - IB/mlx5: Fix initializing CQ fragments buffer - NFS: Fix a potential NULL dereference in nfs_get_client() - NFSv4: Fix deadlock between nfs4_evict_inode() and nfs4_opendata_get_inode() - perf session: Correct buffer copying when peeking events - kvm: fix previous commit for 32-bit builds - NFS: Fix use-after-free in nfs4_init_client() - NFSv4: Fix second deadlock in nfs4_evict_inode() - NFSv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error. - scsi: core: Fix error handling of scsi_host_alloc() - scsi: core: Put .shost_dev in failure path if host state changes to RUNNING - scsi: core: Only put parent device if host state differs from SHOST_CREATED - ftrace: Do not blindly read the ip address in ftrace_bug() - tracing: Correct the length check which causes memory corruption - proc: only require mm_struct for writing https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.196 - net: ieee802154: fix null deref in parse dev addr - HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65 - HID: hid-sensor-hub: Return error for hid_set_field() failure - HID: Add BUS_VIRTUAL to hid_connect logging - HID: usbhid: fix info leak in hid_submit_ctrl - gfs2: Prevent direct-I/O write fallback errors from getting lost - gfs2: Fix use-after-free in gfs2_glock_shrink_scan - scsi: target: core: Fix warning on realtime kernels - ethernet: myri10ge: Fix missing error code in myri10ge_probe() - scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V - net: ipconfig: Don't override command-line hostnames or domains - rtnetlink: Fix missing error code in rtnl_bridge_notify() - net: Return the correct errno code - fib: Return the correct errno code - afs: Fix an IS_ERR() vs NULL check - mm/memory-failure: make sure wait for page writeback in memory_failure - batman-adv: Avoid WARN_ON timing related checks - net: ipv4: fix memory leak in netlbl_cipsov4_add_std - net: rds: fix memory leak in rds_recvmsg - udp: fix race between close() and udp_abort() - rtnetlink: Fix regression in bridge VLAN configuration - net/mlx5e: Block offload of outer header csum for UDP tunnels - netfilter: synproxy: Fix out of bounds when parsing TCP options - sch_cake: Fix out of bounds when parsing TCP options and header - alx: Fix an error handling path in 'alx_probe()' - net: stmmac: dwmac1000: Fix extended MAC address registers definition - net: add documentation to socket.c - net: make get_net_ns return error if NET_NS is disabled - qlcnic: Fix an error handling path in 'qlcnic_probe()' - netxen_nic: Fix an error handling path in 'netxen_nic_probe()' - ptp: ptp_clock: Publish scaled_ppm_to_ppb - ptp: improve max_adj check against unreasonable values - net: cdc_ncm: switch to eth%d interface naming - net: usb: fix possible use-after-free in smsc75xx_bind - [armhf] net: fec_ptp: fix issue caused by refactor the fec_devtype - net: ipv4: fix memory leak in ip_mc_add1_src - net/af_unix: fix a data-race in unix_dgram_sendmsg / unix_release_sock - be2net: Fix an error handling path in 'be_probe()' - net: hamradio: fix memory leak in mkiss_close - net: cdc_eem: fix tx fixup skb leak - icmp: don't send out ICMP messages with a source address of 0.0.0.0 - radeon: use memcpy_to/fromio for UVD fw upload - hwmon: (scpi-hwmon) shows the negative temperature properly - can: mcba_usb: fix memory leak in mcba_usb - usb: core: hub: Disable autosuspend for Cypress CY7C65632 - tracing: Do not stop recording cmdlines when tracing is off - tracing: Do not stop recording comms if the trace file is being read - tracing: Do no increment trace_clock_global() by one - PCI: Mark TI C667X to avoid bus reset - PCI: Mark some NVIDIA GPUs to avoid bus reset - PCI: Add ACS quirk for Broadcom BCM57414 NIC - PCI: Work around Huawei Intelligent NIC VF FLR erratum - [arm64,armhf] dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc - net: bridge: fix vlan tunnel dst null pointer dereference - net: bridge: fix vlan tunnel dst refcnt when egressing - mm/slub: clarify verification reporting - mm/slub.c: include swab.h - [armhf] net: fec_ptp: add clock rate zero check - [arm64,armhf] KVM: arm/arm64: Fix KVM_VGIC_V3_ADDR_TYPE_REDIST read - can: bcm/raw/isotp: use per module netdevice notifier - inet: use bigger hash table for IP ID generation - [arm64,armhf] usb: dwc3: debugfs: Add and remove endpoint dirs dynamically - [arm64,armhf] usb: dwc3: core: fix kernel panic when do reboot - [x86] fpu: Reset state for all signal restore failures - module: limit enabling module.sig_enforce (CVE-2021-35039) - drm/nouveau: wait for moving fence after pinning v2 - drm/radeon: wait for moving fence after pinning - Revert "PCI: PM: Do not read power state in pci_enable_device_flags()" - mac80211: remove warning in ieee80211_get_sband() - cfg80211: call cfg80211_leave_ocb when switching away from OCB - mac80211: drop multicast fragments - net: ethtool: clear heap allocations for ethtool function - ping: Check return value of function 'ping_queue_rcv_skb' - inet: annotate date races around sk->sk_txhash - net/packet: annotate accesses to po->bind - net/packet: annotate accesses to po->ifindex - r8152: Avoid memcpy() over-reading of ETH_SS_STATS - r8169: Avoid memcpy() over-reading of ETH_SS_STATS - net: qed: Fix memcpy() overflow of qed_dcbx_params() - [x86] PCI: Add AMD RS690 quirk to enable 64-bit DMA - nilfs2: fix memory leak in nilfs_sysfs_delete_device_group - i2c: robotfuzz-osif: fix control-request directions https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.197 - mm: add VM_WARN_ON_ONCE_PAGE() macro - mm/rmap: remove unneeded semicolon in page_not_mapped() - mm/rmap: use page_not_mapped in try_to_unmap() - mm/thp: fix __split_huge_pmd_locked() on shmem migration entry - mm/thp: make is_huge_zero_pmd() safe and quicker - mm/thp: try_to_unmap() use TTU_SYNC for safe splitting - mm/thp: fix vma_address() if virtual address below file offset - mm/thp: fix page_address_in_vma() on file THP tails - mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page() - mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split - mm: page_vma_mapped_walk(): use page for pvmw->page - mm: page_vma_mapped_walk(): settle PageHuge on entry - mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd - mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block - mm: page_vma_mapped_walk(): crossing page table boundary - mm: page_vma_mapped_walk(): add a level of indentation - mm: page_vma_mapped_walk(): use goto instead of while (1) - mm: page_vma_mapped_walk(): get vma_address_end() earlier - mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes - mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk() - mm, futex: fix shared futex pgoff on shmem huge page - scsi: sr: Return appropriate error code when disk is ejected - drm/nouveau: fix dma_address check for CPU/GPU sync - ext4: eliminate bogus error in ext4_data_block_valid_rcu() - kthread_worker: split code for canceling the delayed work timer - kthread: prevent deadlock when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync() - xen/events: reset active flag for lateeoi events later - [x86] KVM: SVM: Call SEV Guest Decommission if ASID binding fails - [armhf] OMAP: replace setup_irq() by request_irq() - [armhf] clocksource/drivers/timer-ti-dm: Add clockevent and clocksource support - [armhf] clocksource/drivers/timer-ti-dm: Prepare to handle dra7 timer wrap issue - [armhf] clocksource/drivers/timer-ti-dm: Handle dra7 timer wrap errata i940 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.198 - scsi: core: Retry I/O for Notify (Enable Spinup) Required error - ALSA: usb-audio: fix rate on Ozone Z90 USB headset - ALSA: usb-audio: Fix OOB access at proc output - media: dvb-usb: fix wrong definition - Input: usbtouchscreen - fix control-request directions - net: can: ems_usb: fix use-after-free in ems_usb_disconnect() - usb: gadget: eem: fix echo command packet response issue - USB: cdc-acm: blacklist Heimann USB Appset device - [arm64,armhf] usb: dwc3: Fix debugfs creation flow - [x86] usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() - xhci: solve a double free problem while doing s4 - iov_iter_fault_in_readable() should do nothing in xarray case - Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl (CVE-2021-3612) - [armel,armhf] arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode - btrfs: send: fix invalid path for unlink operations after parent orphanization - btrfs: clear defrag status of a root if starting transaction fails - ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle - ext4: fix kernel infoleak via ext4_extent_header - ext4: return error code when ext4_fill_flex_info() fails - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit - ext4: remove check for zero nr_to_scan in ext4_es_scan() - ext4: fix avefreec in find_group_orlov - ext4: use ext4_grp_locked_error in mb_find_extent - can: gw: synchronize rcu operations before removing gw job entry - can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path - SUNRPC: Fix the batch tasks count wraparound. - SUNRPC: Should wake up the privileged task firstly. - [s390x] cio: dont call css_wait_for_slow_path() inside a lock - [x86] serial_cs: Add Option International GSM-Ready 56K/ISDN modem - [x86] serial_cs: remove wrong GLOBETROTTER.cis entry - ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() - ssb: sdio: Don't overwrite const buffer if block_write fails - rsi: Assign beacon rate settings to the correct rate_info descriptor field - rsi: fix AP mode with WPA failure due to encrypted EAPOL - tracing/histograms: Fix parsing of "sym-offset" modifier - tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing - seq_buf: Make trace_seq_putmem_hex() support data longer than 8 - [powerpc*] stacktrace: Fix spurious "stale" traces in raise_backtrace_ipi() - fuse: check connected before queueing on fpq->io - spi: Make of_register_spi_device also set the fwnode - [i386] spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() - media: cpia2: fix memory leak in cpia2_usb_probe - media: pvrusb2: fix warning in pvr2_i2c_core_done - [x86] crypto: qat - check return code of qat_hal_rd_rel_reg() - [x86] crypto: qat - remove unused macro in FW loader - sched/fair: Fix ascii art by relpacing tabs - media: em28xx: Fix possible memory leak of em28xx struct - media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release - media: bt8xx: Fix a missing check bug in bt878_probe - media: dvd_usb: memory leak in cinergyt2_fe_attach - mmc: via-sdmmc: add a check against NULL pointer dereference - crypto: shash - avoid comparing pointers to exported functions under CFI - media: dvb_net: avoid speculation from net slot - media: siano: fix device register error path - btrfs: fix error handling in __btrfs_update_delayed_inode - btrfs: abort transaction if we fail to update the delayed inode - btrfs: disable build on platforms having page size 256K - [armhf] regulator: da9052: Ensure enough delay time for .set_voltage_time_sel - HID: do not use down_interruptible() when unbinding devices - ACPI: processor idle: Fix up C-state latency if not ordered - [x86] hv_utils: Fix passing zero to 'PTR_ERR' warning - lib: vsprintf: Fix handling of number field widths in vsscanf - ACPI: EC: Make more Asus laptops use ECDT _GPE - block_dump: remove block_dump feature in mark_inode_dirty() - fs: dlm: cancel work sync othercon - random32: Fix implicit truncation warning in prandom_seed_state() - fs: dlm: fix memory leak when fenced - ACPICA: Fix memory leak caused by _CID repair function - ACPI: bus: Call kobject_put() in acpi_init() error path - [x86] platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() - clocksource: Retry clock read if long delays detected - HID: wacom: Correct base usage for capacitive ExpressKey status bits - [armhf] sata_highbank: fix deferred probing - [mips*] pata_octeon_cf: avoid WARN_ON() in ata_host_activate() - [x86] crypto: ccp - Fix a resource leak in an error handling path - media: rc: i2c: Fix an error message - media: gspca/gl860: fix zero-length control requests - media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() - btrfs: clear log tree recovering status if starting transaction fails - [armhf] spi: spi-sun6i: Fix chipselect/clock bug - ACPI: sysfs: Fix a buffer overrun problem with description_show() - blk-wbt: introduce a new disable state to prevent false positive by rwb_enabled() - blk-wbt: make sure throttle is enabled properly - ocfs2: fix snprintf() checking - [arm64,armhf] net: mvpp2: Put fwnode in error case during ->probe() - [i386] net: pch_gbe: Propagate error from devm_gpio_request_one() - [arm64] drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() - RDMA/rxe: Fix failure during driver load - drm: qxl: ensure surf.data is ininitialized - ieee802154: hwsim: Fix possible memory leak in hwsim_subscribe_all_others - [arm64] wcn36xx: Move hal_buf allocation to devm_kmalloc in probe - ssb: Fix error return code in ssb_bus_scan() - brcmfmac: fix setting of station info chains bitmask - brcmfmac: correctly report average RSSI in station info - brcmsmac: mac80211_if: Fix a resource leak in an error handling path - ath10k: Fix an error code in ath10k_add_interface() - RDMA/mlx5: Don't add slave port to unaffiliated list - netfilter: nft_exthdr: check for IPv6 packet before further processing - netfilter: nft_osf: check for TCP packet before further processing - netfilter: nft_tproxy: restrict support to TCP and UDP transport protocols - RDMA/rxe: Fix qp reference counting for atomic ops - pkt_sched: sch_qfq: fix qfq_change_class() error path - vxlan: add missing rcu_read_lock() in neigh_reduce() - net/ipv4: swap flow ports when validating source - ieee802154: hwsim: Fix memory leak in hwsim_add_one - ieee802154: hwsim: avoid possible crash in hwsim_del_edge_nl() - mac80211: remove iwlwifi specific workaround NDPs of null_response - ipv6: exthdrs: do not blindly use init_net - bpf: Do not change gso_size during bpf_skb_change_proto() - i40e: Fix error handling in i40e_vsi_open - i40e: Fix autoneg disabling for non-10GBaseT links - ipv6: fix out-of-bound access in ip6_parse_tlv() - Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid - Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event - writeback: fix obtain a reference to a freeing memcg css - net: lwtunnel: handle MTU calculation in forwading - net: sched: fix warning in tcindex_alloc_perfect_hash - RDMA/mlx5: Don't access NULL-cleared mpi pointer - tty: nozomi: Fix a resource leak in an error handling function - mwifiex: re-fix for unaligned accesses - [arm64] ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() - [x86] char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() - tty: nozomi: Fix the error handling path of 'nozomi_card_init()' - scsi: FlashPoint: Rename si_flags field - serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates - of: Fix truncation of memory sizes on 32-bit platforms - [armhf] mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() - scsi: mpt3sas: Fix error return value in _scsih_expander_add() - configfs: fix memleak in configfs_release_bin_file - [powerpc*] Offline CPU in stop_this_cpu() - [arm64] serial: mvebu-uart: correctly calculate minimal possible baudrate - vfio/pci: Handle concurrent vma faults - mm/huge_memory.c: don't discard hugepage if other processes are mapping it - mmc: block: Disable CMDQ on the ioctl path - mmc: vub3000: fix control-request direction - drm/amd/amdgpu/sriov disable all ip hw status by default - [i386] net: pch_gbe: Use proper accessors to BE data in pch_ptp_match() - hugetlb: clear huge pte during flush function on mips platform - atm: iphase: fix possible use-after-free in ia_module_exit() - mISDN: fix possible use-after-free in HFC_cleanup() - atm: nicstar: Fix possible use-after-free in nicstar_cleanup() - net: Treat __napi_schedule_irqoff() as __napi_schedule() on PREEMPT_RT - reiserfs: add check for invalid 1st journal block - drm/virtio: Fix double free on probe failure - udf: Fix NULL pointer dereference in udf_symlink function - e100: handle eeprom as little endian - [arm64,armhf] clk: tegra: Ensure that PLLU configuration is applied properly - ipv6: use prandom_u32() for ID generation - RDMA/cxgb4: Fix missing error code in create_qp() - dm space maps: don't reset space map allocation cursor when committing - [armhf] pinctrl: mcp23s08: fix race condition in irq handler - ice: set the value of global config lock timeout longer - virtio_net: Remove BUG() to avoid machine dead - [arm64,armhf] net: mvpp2: check return value after calling platform_get_resource() - [amd64] fjes: check return value after calling platform_get_resource() - selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC - xfrm: Fix error reporting in xfrm_state_construct. - [arm64,armhf] wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP - [arm64,armhf] wl1251: Fix possible buffer overflow in wl1251_cmd_scan - net: fix mistake path for netdev_features_strings - rtl8xxxu: Fix device info for RTL8192EU devices - atm: nicstar: use 'dma_free_coherent' instead of 'kfree' - atm: nicstar: register the interrupt handler in the right place - vsock: notify server to shutdown when client has pending signal - RDMA/rxe: Don't overwrite errno from ib_umem_get() - iwlwifi: mvm: don't change band on bound PHY contexts - iwlwifi: pcie: free IML DMA memory allocation - sfc: avoid double pci_remove of VFs - sfc: error code if SRIOV cannot be disabled - wireless: wext-spy: Fix out-of-bounds warning - net: ip: avoid OOM kills with large UDP sends over loopback - RDMA/cma: Fix rdma_resolve_route() memory leak - Bluetooth: Fix the HCI to MGMT status conversion table - Bluetooth: Shutdown controller after workqueues are flushed or cancelled - Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc. - sctp: validate from_addr_param return (CVE-2021-3655) - sctp: add size validation when walking chunks (CVE-2021-3655) - fscrypt: don't ignore minor_hash when hash is 0 - bdi: Do not use freezable workqueue - [arm64] serial: mvebu-uart: clarify the baud rate derivation - [arm64] serial: mvebu-uart: fix calculation of clock divisor - fuse: reject internal errno - [powerpc*] barrier: Avoid collision with clang's __lwsync macro - usb: gadget: f_fs: Fix setting of device and driver data cross-references - drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() - pinctrl/amd: Add device HID for new AMD GPIO controller - [arm64] drm/msm/mdp4: Fix modifier support enabling - mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode - mmc: core: clear flags before allowing to retune - mmc: core: Allow UHS-I voltage switch for SDSC cards if supported - [armhf] ata: ahci_sunxi: Disable DIPM - cpu/hotplug: Cure the cpusets trainwreck - [arm64,armhf] clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround - [arm64,armhf] ASoC: tegra: Set driver_name=tegra for all machine drivers - qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute - ipmi/watchdog: Stop watchdog timer when the current action is 'none' - seq_buf: Fix overflow in seq_buf_putmem_hex() - tracing: Simplify & fix saved_tgids logic - tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT - dm btree remove: assign new_root only when removal succeeds - PCI: Leave Apple Thunderbolt controllers on for s2idle or standby - [arm64] PCI: aardvark: Fix checking for PIO Non-posted Request - media: subdev: disallow ioctl for saa6588/davinci - media: dtv5100: fix control-request directions - media: zr364xx: fix memory leak in zr364xx_start_readpipe - media: gspca/sq905: fix control-request direction - media: gspca/sunplus: fix zero-length control requests - media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K - [armhf] pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq() - jfs: fix GPF in diFree - [x86] KVM: x86: Use guest MAXPHYADDR from CPUID.0x8000_0008 iff TDP is enabled - [x86] KVM: X86: Disable hardware breakpoints unconditionally before kvm_x86->run() - scsi: core: Fix bad pointer dereference when ehandler kthread is invalid - tracing: Do not reference char * as a string in histograms - [arm64] PCI: aardvark: Don't rely on jiffies while holding spinlock - [arm64] PCI: aardvark: Fix kernel panic during PIO transfer - [x86] misc/libmasm/module: Fix two use after free in ibmasm_init_one - Revert "ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro" - w1: ds2438: fixing bug that would always get page0 - scsi: lpfc: Fix "Unexpected timeout" error in direct attach topology - scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the SGLs - scsi: core: Cap scsi_host cmd_per_lun at can_queue - [x86] tty: serial: 8250: serial_cs: Fix a memory leak in error handling path - scsi: scsi_dh_alua: Check for negative result value - fs/jfs: Fix missing error code in lmLogInit() - scsi: iscsi: Add iscsi_cls_conn refcount helpers - scsi: iscsi: Fix conn use after free during resets - scsi: iscsi: Fix shost->max_id use - scsi: qedi: Fix null ref during abort handling - [armhf] mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE - [s390x] sclp_vt220: fix console name to match device (Closes: #961056) - [i386] ALSA: sb: Fix potential double-free of CSP mixer elements - [powerpc*] ps3: Add dma_mask to ps3_dma_region - [arm64] gpio: zynq: Check return value of pm_runtime_get_sync - [arm64,armhf] gpio: pca953x: Add support for the On Semi pca9655 - ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() - ALSA: bebob: add support for ToneWeal FW66 - usb: gadget: f_hid: fix endianness issue with descriptors - [powerpc*] boot: Fixup device-tree on little endian - [arm64,armhf] ALSA: hda: Add IRQ check for platform_get_irq() - [x86] intel_th: Wait until port is in reset before programming it - i2c: core: Disable client irq on reboot/shutdown - lib/decompress_unlz4.c: correctly handle zero-padding around initrds. - [x86] power: supply: max17042: Do not enforce (incorrect) interrupt trigger type - [armel,armhf] power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE - [x86] watchdog: Fix possible use-after-free in wdt_startup() - [x86] watchdog: Fix possible use-after-free by calling del_timer_sync() - [x86] watchdog: iTCO_wdt: Account for rebooting on second timeout - [x86] fpu: Return proper error codes from user access functions - [arm64,armhf] PCI: tegra: Add missing MODULE_DEVICE_TABLE - orangefs: fix orangefs df output. - ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty - NFS: nfs_find_open_context() may only select open files - [arm64,armhf] pwm: tegra: Don't modify HW state in .remove callback - [arm64] ACPI: AMBA: Fix resource name in /proc/iomem - [x86] ACPI: video: Add quirk for the Dell Vostro 3350 - virtio-blk: Fix memory leak among suspend/resume procedure - virtio_net: Fix error handling in virtnet_restore() - virtio_console: Assure used length from device is limited (CVE-2021-38160) - f2fs: add MODULE_SOFTDEP to ensure crc32 is included in the initramfs - PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun - NFSv4: Initialise connection to the server in nfs4_alloc_client() (CVE-2021-38199) - nfs: fix acl memory leak of posix_acl_create() - ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode - [x86] fpu: Limit xstate copy size in xstateregs_set() - virtio_net: move tx vq operation under tx queue lock - [i386] ALSA: isa: Fix error return code in snd_cmi8330_probe() - NFSv4/pNFS: Don't call _nfs4_pnfs_v3_ds_connect multiple times - rtc: fix snprintf() checking in is_rtc_hctosys() - [arm64,armhf] reset: bail if try_module_get() fails - [armhf] dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema - scsi: be2iscsi: Fix an error handling path in beiscsi_dev_probe() - net: bridge: multicast: fix PIM hello router port marking race - scsi: scsi_dh_alua: Fix signedness bug in alua_rtpg() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.199 - [armhf] dts: rockchip: fix pinctrl sleep nodename for rk3036-kylin and rk3288 - [armhf] imx: pm-imx5: Fix references to imx5_cpu_suspend_info - [armhf] dts: rockchip: fix supply properties in io-domains nodes - [arm64,armhf] soc/tegra: fuse: Fix Tegra234-only builds - thermal/core: Correct function name thermal_zone_device_unregister() - [arm64,armhf] rtc: max77686: Do not enforce (incorrect) interrupt trigger type - scsi: aic7xxx: Fix unintentional sign extension issue on left shift of u8 - scsi: libsas: Add LUN number check in .slave_alloc callback - scsi: libfc: Fix array index out of bound exception - sched/fair: Fix CFS bandwidth hrtimer expiry type - mm: slab: fix kmem_cache_create failed when sysfs node not destroyed - dm writecache: return the exact table values that were set - dm writecache: fix writing beyond end of underlying device when shrinking - [arm64,armhf] net: dsa: mv88e6xxx: enable .rmu_disable() on Topaz - net: ipv6: fix return value of ip6_skb_dst_mtu - netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo - net: bridge: sync fdb to new unicast-filtering ports - [arm64] net: qcom/emac: fix UAF in emac_remove - net: ti: fix UAF in tlan_remove_one - net: send SYNACK packet with accepted fwmark - net: validate lwtstate->data before returning from skb_tunnel_info() - dma-buf/sync_file: Don't leak fences on merge failure - tcp: annotate data races around tp->mtu_info - ipv6: tcp: drop silly ICMPv6 packet too big messages - udp: annotate data races around unix_sk(sk)->gso_size - net: ip_tunnel: fix mtu calculation for ETHER tunnel devices - igb: Fix use-after-free error during reset - ixgbe: Fix an error handling path in 'ixgbe_probe()' - igb: Fix an error handling path in 'igb_probe()' - e1000e: Fix an error handling path in 'e1000_probe()' - iavf: Fix an error handling path in 'iavf_probe()' - igb: Check if num of q_vectors is smaller than max before array access - igb: Fix position of assignment to *ring - ipv6: fix 'disable_policy' for fwd packets - nvme-pci: do not call nvme_dev_remove_admin from nvme_remove - liquidio: Fix unintentional sign extension issue on left shift of u16 - net: fix uninit-value in caif_seqpkt_sendmsg - net: decnet: Fix sleeping inside in af_decnet - [powerpc*] KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak - netrom: Decrease sock refcount when sock timers expire - scsi: iscsi: Fix iface sysfs attr detection - scsi: target: Fix protect handling in WRITE SAME(32) - net/tcp_fastopen: fix data races around tfo_active_disable_stamp - net/sched: act_skbmod: Skip non-Ethernet packets - nvme-pci: don't WARN_ON in nvme_reset_work if ctrl.state is not RESETTING - Revert "USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem" - sctp: update active_key for asoc when old key is being replaced - net: sched: cls_api: Fix the the wrong parameter - [arm64,armhf] drm/panel: raspberrypi-touchscreen: Prevent double-free - proc: Avoid mixing integer types in mem_rw() - [s390x] ftrace: fix ftrace_update_ftrace_func implementation - ALSA: usb-audio: Add registration quirk for JBL Quantum headsets - [i386] ALSA: sb: Fix potential ABBA deadlock in CSP driver - xhci: Fix lost USB 2 remote wake - [powerpc*] KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow (CVE-2021-37576) - usb: hub: Disable USB 3 device initiated lpm if exit latency is too high - usb: hub: Fix link power management max exit latency (MEL) calculations - USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS - USB: serial: option: add support for u-blox LARA-R6 family - USB: serial: cp210x: fix comments for GE CS1000 - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick - [arm*] usb: dwc2: gadget: Fix sending zero length packet in DDMA mode. - tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. (CVE-2021-3679) - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() - ixgbe: Fix packet corruption due to missing DMA sync - drm: Return -ENOTTY for non-drm ioctls - KVM: do not assume PTE is writable after follow_pfn - KVM: do not allow mapping valid but non-reference-counted pages (CVE-2021-22543) - KVM: Use kvm_pfn_t for local PFN variable in hva_to_pfn_remapped() - [arm64,armhf] net: dsa: mv88e6xxx: use correct .stats_set_histogram() on Topaz - btrfs: compression: don't try to compress if we don't have enough pages - PCI: Mark AMD Navi14 GPU ATS as broken - xhci: add xhci_get_virt_ep() helper https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.200 - [x86] KVM: determine if an exception has an error code only when injecting it. - net: split out functions related to registering inflight socket files - af_unix: fix garbage collect vs MSG_PEEK - workqueue: fix UAF in pwq_unbound_release_workfn() - net/802/mrp: fix memleak in mrp_request_join() - net/802/garp: fix memleak in garp_request_join() - net: annotate data race around sk_ll_usec - sctp: move 198 addresses from unusable to private scope - hfs: add missing clean-up in hfs_fill_super - hfs: fix high memory mapping in hfs_bnode_read - hfs: add lock nesting notation to hfs_find_init - cifs: fix the out of range assignment to bit fields in parse_server_interfaces https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.201 - virtio_net: Do not pull payload in skb->head - gro: ensure frag0 meets IP header alignment - [x86] asm: Ensure asm/proto.h can be included stand-alone - btrfs: fix rw device counting in __btrfs_free_extra_devids - [x86] kvm: fix vcpu-id indexed array sizes - ocfs2: fix zero out valid data - ocfs2: issue zeroout to EOF blocks - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF - can: mcba_usb_start(): add missing urb->transfer_dma initialization - can: usb_8dev: fix memory leak - can: ems_usb: fix memory leak - can: esd_usb2: fix memory leak - NIU: fix incorrect error return, missed in previous revert - nfc: nfcsim: fix use after free during module unload - cfg80211: Fix possible memory leak in function cfg80211_bss_update - netfilter: conntrack: adjust stop timestamp to real expiry value - netfilter: nft_nat: allow to specify layer 4 protocol NAT only - i40e: Fix logic of disabling queues - i40e: Fix log TC creation failure when max num of queues is exceeded - tipc: fix sleeping in tipc accept routine - mlx4: Fix missing error code in mlx4_load_one() - net: llc: fix skb_over_panic - net/mlx5: Fix flow table chaining - sctp: fix return value check in __sctp_rcv_asconf_lookup - tulip: windbond-840: Fix missing pci_disable_device() in probe and remove - sis900: Fix missing pci_disable_device() in probe and remove - [powerpc*] pseries: Fix regression while building external modules - i40e: Add additional info to PHY type error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.202 - btrfs: mark compressed range uptodate only if all bio succeed - r8152: Fix potential PM refcount imbalance - qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union() - net: Fix zero-copy head len calculation. - bdi: move bdi_dev_name out of line - bdi: use bdi_dev_name() to get device name - bdi: add a ->dev_name field to struct backing_dev_info - Revert "Bluetooth: Shutdown controller after workqueues are flushed or cancelled" - [x86] Revert "watchdog: iTCO_wdt: Account for rebooting on second timeout" - padata: validate cpumask without removed CPU during offline - padata: add separate cpuhp node for CPUHP_PADATA_DEAD https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.203 - Revert "ACPICA: Fix memory leak caused by _CID repair function" - ALSA: seq: Fix racy deletion of subscriber - [armhf] imx: add missing iounmap() - ALSA: usb-audio: fix incorrect clock source setting - scsi: sr: Return correct event when media event code is 3 - media: videobuf2-core: dequeue if start_streaming fails - net: natsemi: Fix missing pci_disable_device() in probe and remove - sctp: move the active_key update after sh_keys is added - nfp: update ethtool reporting of pauseframe control - net: ipv6: fix returned variable type in ip6_skb_dst_mtu - bnx2x: fix an error code in bnx2x_nic_load() - net: pegasus: fix uninit-value in get_interrupt_interval - [armhf] net: fec: fix use-after-free in fec_drv_remove - net: vxge: fix use-after-free in vxge_device_unregister - Bluetooth: defer cleanup of resources in hci_unregister_dev() - USB: usbtmc: Fix RCU stall warning - USB: serial: option: add Telit FD980 composition 0x1056 - USB: serial: ch341: fix character loss at high transfer rates - USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2 - firmware_loader: use -ETIMEDOUT instead of -EAGAIN in fw_load_sysfs_fallback - firmware_loader: fix use-after-free in firmware_fallback_sysfs - ALSA: usb-audio: Add registration quirk for JBL Quantum 600 - usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers - usb: gadget: f_hid: fixed NULL pointer dereference - usb: gadget: f_hid: idle uses the highest byte for duration - tracing/histogram: Rename "cpu" to "common_cpu" - [arm64] optee: Clear stale cache entries during initialization - staging: rtl8723bs: Fix a resource leak in sd_int_dpc - media: rtl28xxu: fix zero-length control request - pipe: increase minimum default pipe size to 2 pages - ext4: fix potential htree corruption when growing large_dir directories - serial: 8250: Mask out floating 16/32-bit bus bits - [mips*] Malta: Do not byte-swap accesses to the CBUS UART - [x86] pcmcia: i82092: fix a null pointer dereference bug - [x86] KVM: accept userspace interrupt only if no event is injected - [x86] KVM: x86/mmu: Fix per-cpu counter corruption on 32-bit builds - [armhf] spi: meson-spicc: fix memory leak in meson_spicc_remove - qmi_wwan: add network device usage statistics for qmimux devices - libata: fix ata_pio_sector for CONFIG_HIGHMEM - reiserfs: add check for root_inode in reiserfs_fill_super - reiserfs: check directory items on read from disk - net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and ql_adapter_reset - [armhf] imx: add mmdc ipg clock operation for mmdc https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.204 - [x86] KVM: SVM: Fix off-by-one indexing when nullifying last used SEV VMCB - bpf: Inherit expanded/patched seen count from old aux data (CVE-2021-33624) - bpf: Do not mark insn as seen under speculative path verification (CVE-2021-33624) - bpf: Fix leakage under speculation on mispredicted branches (CVE-2021-33624) - [x86] KVM: MMU: Use the correct inherited permissions to get shadow page (CVE-2021-38198) - USB:ehci:fix Kunpeng920 ehci hardware problem - ppp: Fix generating ppp unit id when ifname is not specified - ovl: prevent private clone if bind mount is not allowed CVE-2021-3732) - net: xilinx_emaclite: Do not print real IOMEM pointer (CVE-2021-38205) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.205 - [x86] ASoC: intel: atom: Fix reference to PCM buffer address - i2c: dev: zero out array used for i2c reads from userspace - [amd64,arm64] ACPI: NFIT: Fix support for virtual SPA ranges - ieee802154: hwsim: fix GPF in hwsim_set_edge_lqi - ieee802154: hwsim: fix GPF in hwsim_new_edge_nl - ppp: Fix generating ifname when empty IFLA_IFNAME is specified - net: Fix memory leak in ieee802154_raw_deliver - net: igmp: fix data-race in igmp_ifc_timer_expire() - net: bridge: fix memleak in br_add_if() - tcp_bbr: fix u32 wrap bug in round logic if bbr_init() called after 2B packets - net: igmp: increase size of mr_ifc_count - xen/events: Fix race in set_evtchn_to_irq - vsock/virtio: avoid potential deadlock when vsock device remove - [powerpc*] kprobes: Fix kprobe Oops happens in booke - genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP - [x86] msi: Force affinity setup before startup - [x86] ioapic: Force affinity setup before startup - genirq/msi: Ensure deactivation on teardown - PCI/MSI: Enable and mask MSI-X early - PCI/MSI: Do not set invalid bits in MSI mask - PCI/MSI: Correct misleading comments - PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown() - PCI/MSI: Protect msi_desc::masked for multi-MSI - PCI/MSI: Mask all unused MSI-X entries - PCI/MSI: Enforce that MSI-X table entry is masked for update - PCI/MSI: Enforce MSI[X] entry updates to be visible - [amd64] iommu/vt-d: Fix agaw for a supported 48 bit guest address width - mac80211: drop data frames without key on encrypted links - [x86] KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) - [x86] KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) - [x86] fpu: Make init_fpstate correct with optimized XSAVE - ath: Use safer key clearing with key cache entries (CVE-2020-3702) - ath9k: Clear key cache explicitly on disabling hardware (CVE-2020-3702) - ath: Export ath_hw_keysetmac() (CVE-2020-3702) - ath: Modify ath_key_delete() to not need full key entry (CVE-2020-3702) - ath9k: Postpone key cache entry deletion for TXQ frames reference it (CVE-2020-3702) - dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is not yet available - scsi: megaraid_mm: Fix end of loop tests for list_for_each_entry() - scsi: scsi_dh_rdac: Avoid crash during rdac_bus_attach() - scsi: core: Avoid printing an error if target_alloc() returns -ENXIO - net: usb: lan78xx: don't modify phy_device state concurrently - Bluetooth: hidp: use correct wait queue when removing ctrl_wait - [arm64] cpufreq: armada-37xx: forbid cpufreq for 1.2 GHz variant - vhost: Fix the calculation in vhost_overflow() - bnxt: don't lock the tx queue from napi poll - bnxt: disable napi before canceling DIM - net: 6pack: fix slab-out-of-bounds in decode_data - net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32 - [arm64,armhf] net: mdio-mux: Don't ignore memory allocation errors - [arm64,armhf] net: mdio-mux: Handle -EPROBE_DEFER correctly - [arm64,armhf] mmc: dw_mmc: Fix hang on data CRC error - ALSA: hda - fix the 'Capture Switch' value change notifications - btrfs: prevent rename2 from exchanging a subvol with a directory from different parents - PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI - [x86] ASoC: intel: atom: Fix breakage for PCM buffer address setup - locks: print a warning when mount fails due to lack of "mand" support - fs: warn about impending deprecation of mandatory locks - netfilter: nft_exthdr: fix endianness of tcp option cast https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.206 - net: qrtr: fix another OOB Read in qrtr_endpoint_post (CVE-2021-3743) - bpf: Do not use ax register in interpreter on div/mod - bpf: Fix 32 bit src register truncation on div/mod (CVE-2021-3600) - bpf: Fix truncation handling for mod32 dst reg wrt zero (CVE-2021-3444) - netfilter: conntrack: collect all entries in one cycle - once: Fix panic when module unload - can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX and TX error counters - Revert "USB: serial: ch341: fix character loss at high transfer rates" - USB: serial: option: add new VID/PID to support Fibocom FG150 - [arm64,armhf] usb: dwc3: gadget: Fix dwc3_calc_trbs_left() - [arm64,armhf] usb: dwc3: gadget: Stop EP0 transfers during pullup disable - [amd64] IB/hfi1: Fix possible null-pointer dereference in _extend_sdma_tx_descs() - e1000e: Fix the max snoop/no-snoop latency for 10M - ip_gre: add validation for csum_start - [arm64] xgene-v2: Fix a resource leak in the error handling path of 'xge_probe()' - [arm64,armhf] net: marvell: fix MVNETA_TX_IN_PRGRS bit number - [arm64] net: hns3: fix get wrong pfc_en when query PFC configuration - usb: gadget: u_audio: fix race condition on endpoint stop - opp: remove WARN when no valid OPPs remain - virtio: Improve vq->broken access to avoid any compiler optimization - virtio_pci: Support surprise removal of virtio pci device - [amd64] vringh: Use wiov->used to check for read/write desc order - qed: qed ll2 race condition fixes - qed: Fix null-pointer dereference in qed_rdma_create_qp() - drm: Copy drm_wait_vblank to user before returning - drm/nouveau/disp: power down unused DP links during init - net/rds: dma_map_sg is entitled to merge entries - vt_kdsetmode: extend console locking (CVE-2021-3753) - fbmem: add margin check to fb_check_caps() - [x86] KVM: x86/mmu: Treat NX as used (not reserved) for all !TDP shadow MMUs - Revert "floppy: reintroduce O_NDELAY fix" - net: don't unconditionally copy_from_user a struct ifreq for socket ioctls https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.207 - ext4: fix race writing to an inline_data file while its xattrs are changing (CVE-2021-40490) - [armhf] gpu: ipu-v3: Fix i.MX IPU-v3 offset calculations for (semi)planar U/V formats - qed: Fix the VF msix vectors flow - [arm64] net: macb: Add a NULL check on desc_ptp - qede: Fix memset corruption - [x86] perf/x86/intel/pt: Fix mask of num_address_ranges - [x86] perf/x86/amd/ibs: Work around erratum #1197 - [armel,armhf] 8918/2: only build return_address() if needed - ALSA: pcm: fix divide error in snd_pcm_lib_ioctl - clk: fix build warning for orphan_list - media: stkwebcam: fix memory leak in stk_camera_probe - [armhf] imx: add missing clk_disable_unprepare() - [armhf] imx: fix missing 3rd argument in macro imx_mmdc_perf_init - igmp: Add ip_mc_list lock in ip_check_mc_rcu - ipv4/icmp: l3mdev: Perform icmp error route lookup on source device routing table (v2) - SUNRPC/nfs: Fix return value for nfs4_callback_compound() - [powerpc*] module64: Fix comment in R_PPC64_ENTRY handling - [powerpc*] boot: Delete unneeded .globl _zimage_start - mm/page_alloc: speed up the iteration of max_order - Revert "btrfs: compression: don't try to compress if we don't have enough pages" - ALSA: usb-audio: Add registration quirk for JBL Quantum 800 - [x86] reboot: Limit Dell Optiplex 990 quirk to early BIOS versions - PCI: Call Max Payload Size-related fixup quirks early - locking/mutex: Fix HANDOFF condition - regmap: fix the offset of register error log - sched/deadline: Fix reset_on_fork reporting of DL tasks - power: supply: axp288_fuel_gauge: Report register-address on readb / writeb errors - sched/deadline: Fix missing clock update in migrate_task_rq_dl() - hrtimer: Avoid double reprogramming in __hrtimer_start_range_ns() - udf: Check LVID earlier - isofs: joliet: Fix iocharset=utf8 mount option - bcache: add proper error unwinding in bcache_device_init - nvme-rdma: don't update queue count when failing to set io queues - [x86] power: supply: max17042_battery: fix typo in MAx17042_TOFF - [s390x] cio: add dev_busid sysfs entry for each subchannel - libata: fix ata_host_start() - [x86] crypto: qat - do not ignore errors from enable_vf2pf_comms() - [x86] crypto: qat - handle both source of interrupt in VF ISR - [x86] crypto: qat - fix reuse of completion variable - [x86] crypto: qat - fix naming for init/shutdown VF to PF notifications - [x86] crypto: qat - do not export adf_iov_putmsg() - fcntl: fix potential deadlock for &fasync_struct.fa_lock - udf_get_extendedattr() had no boundary checks. - lib/mpi: use kcalloc in mpi_resize - [x86] crypto: qat - use proper type for vf_mask - media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init - media: dvb-usb: fix uninit-value in vp702x_read_mac_addr - media: go7007: remove redundant initialization - Bluetooth: sco: prevent information leak in sco_conn_defer_accept() - tcp: seq_file: Avoid skipping sk during tcp_seek_last_pos - media: em28xx-input: fix refcount bug in em28xx_usb_disconnect - [arm64] media: venus: venc: Fix potential null pointer dereference on pointer fmt - PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently - PCI: PM: Enable PME if it can be signaled from D3cold - Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow - [arm64] drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear necessary LMs - Bluetooth: fix repeated calls to sco_sock_kill - [arm64] drm/msm/dsi: Fix some reference counted resource leaks - [armhf] usb: phy: twl6030: add IRQ checks - Bluetooth: Move shutdown callback before flushing tx and rx queue - mac80211: Fix insufficient headroom issue for AMSDU - Bluetooth: add timeout sanity check to hci_inquiry - [armhf] i2c: s3c2410: fix IRQ check - [arm64,armhf] mmc: dw_mmc: Fix issue with uninitialized dma_slave_config - CIFS: Fix a potencially linear read overflow - [arm*] usb: ehci-orion: Handle errors of clk_prepare_enable() in probe - ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() - bcma: Fix memory leak for internally-handled cores - ipv4: make exception cache less predictible - net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed - ipv4: fix endianness issue in inet_rtm_getroute_build_skb() - netns: protect netns ID lookups with RCU - fscrypt: add fscrypt_symlink_getattr() for computing st_size - ext4: report correct st_size for encrypted symlinks - f2fs: report correct st_size for encrypted symlinks - ubifs: report correct st_size for encrypted symlinks - tty: Fix data race between tiocsti() and flush_to_ldisc() - [x86] KVM: Update vCPU's hv_clock before back to guest when tsc_offset is adjusted - fbmem: don't allow too huge resolutions - [arm64,armhf] backlight: pwm_bl: Improve bootloader/kernel device handover - [armel] clk: kirkwood: Fix a clocking boot regression - btrfs: reset replace target device to allocation state on close - blk-zoned: allow zone management send operations without CAP_SYS_ADMIN - blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN - PCI/MSI: Skip masking MSI-X on Xen PV - [powerpc*] perf/hv-gpci: Fix counter value parsing - xen: fix setting of max_pfn in shared_info - 9p/xen: Fix end of loop tests for list_for_each_entry - bpf/verifier: per-register parent pointers - bpf: correct slot_type marking logic to allow more stack slot sharing - bpf: Support variable offset stack access from helpers - bpf: Reject indirect var_off stack access in raw mode - bpf: Reject indirect var_off stack access in unpriv mode - bpf: Sanity check max value for var_off stack access - bpf: track spill/fill of constants - bpf: Introduce BPF nospec instruction for mitigating Spectre v4 (CVE-2021-34556, CVE-2021-35477) - bpf: Fix leakage due to insufficient speculative store bypass mitigation (CVE-2021-34556, CVE-2021-35477) - bpf: verifier: Allocate idmap scratch in verifier env - bpf: Fix pointer arithmetic mask tightening under state pruning - [arm64] head: avoid over-mapping in map_memory - block: bfq: fix bfq_set_next_ioprio_data() - [x86] power: supply: max17042: handle fails of reading status register - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc() - [x86] VMCI: fix NULL pointer dereference when unmapping queue pair - media: uvc: don't do DMA on stack - media: rc-loopback: return number of emitters rather than error - libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs - PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported - PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure - [arm64] PCI: xilinx-nwl: Enable the clock through CCF - [arm64] PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response - [arm64] PCI: aardvark: Fix masking and unmasking legacy INTx interrupts - HID: input: do not report stylus battery state as "full" - RDMA/iwcm: Release resources if iw_cm module initialization fails - docs: Fix infiniband uverbs minor number - [armhf] pinctrl: samsung: Fix pinctrl bank pin count - [powerpc*] stacktrace: Include linux/delay.h - [arm64,armhf] pinctrl: single: Fix error return code in pcs_parse_bits_in_pinctrl_entry() - scsi: qedi: Fix error codes in qedi_alloc_global_queues() - [x86] platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call - fscache: Fix cookie key hashing - f2fs: fix to account missing .skipped_gc_rwsem - f2fs: fix to unmap pages from userspace process in punch_hole() - [mips*] Malta: fix alignment of the devicetree buffer - userfaultfd: prevent concurrent API initialization - media: dib8000: rewrite the init prbs logic - PCI: Use pci_update_current_state() in pci_enable_device_flags() - tipc: keep the skb in rcv queue until the whole data is read - video: fbdev: kyro: fix a DoS bug by restricting user input - netlink: Deal with ESRCH error in nlmsg_notify() - usb: gadget: u_ether: fix a potential null pointer dereference - usb: gadget: composite: Allow bMaxPower=0 if self-powered - tty: serial: jsm: hold port lock when reporting modem line changes - video: fbdev: kyro: Error out if 'pixclock' equals zero - ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs() - flow_dissector: Fix out-of-bounds warnings - [s390x] jump_label: print real address in a case of a jump label bug - serial: 8250: Define RX trigger levels for OxSemi 950 devices - serial: 8250_pci: make setup_port() parameters explicitly unsigned - Bluetooth: skip invalid hci_sync_conn_complete_evt - bonding: 3ad: fix the concurrency between __bond_release_one() and bond_3ad_state_machine_handler() - [x86] ASoC: Intel: bytcr_rt5640: Move "Platform Clock" routes to the maps for the matching in-/output - media: v4l2-dv-timings.c: fix wrong condition in two for-loops - [armhf] dts: imx53-ppd: Fix ACHC entry - [arm64] dts: qcom: sdm660: use reg value for memory node - [arm64] net: ethernet: stmmac: Do not use unreachable() in ipq806x_gmac_probe() - Bluetooth: schedule SCO timeouts with delayed_work - Bluetooth: avoid circular locks in sco_sock_connect - gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable access in amdgpu_i2c_router_select_ddc_port() - Bluetooth: Fix handling of LE Enhanced Connection Complete - tcp: enable data-less, empty-cookie SYN with TFO_SERVER_COOKIE_NOT_REQD - rpc: fix gss_svc_init cleanup on failure - [x86] staging: rts5208: Fix get_ms_information() heap buffer size - gfs2: Don't call dlm after protocol is unmounted - of: Don't allow __of_attached_node_sysfs() without CONFIG_SYSFS - [arm64] mmc: sdhci-of-arasan: Check return value of non-void funtions - mmc: rtsx_pci: Fix long reads when clock is prescaled - mmc: core: Return correct emmc response in case of ioctl error - cifs: fix wrong release in sess_alloc_buffer() failed path - Revert "USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set" - [armhf] usb: musb: musb_dsps: request_irq() after initializing musb - usbip: give back URBs for unsent unlink requests during cleanup - usbip:vhci_hcd USB port can get stuck in the disabled state - [arm64,armhf] ASoC: rockchip: i2s: Fix regmap_ops hang - [arm64,armhf] ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B - parport: remove non-zero check on count - ath9k: fix OOB read ar9300_eeprom_restore_internal - ath9k: fix sleeping in atomic context - ovl: fix BUG_ON() in may_delete() when called from ovl_cleanup() - [x86] scsi: BusLogic: Fix missing pr_cont() use - scsi: qla2xxx: Sync queue idx with queue_pair_map idx - [powerpc*] cpufreq: powernv: Fix init_chip_info initialization in numa=off - mm/hugetlb: initialize hugetlb_usage in mm_init - memcg: enable accounting for pids in nested pid namespaces - [arm64,armhf] platform/chrome: cros_ec_proto: Send command again when timeout occurs - drm/amdgpu: Fix BUG_ON assert - dm thin metadata: Fix use-after-free in dm_bm_set_read_only - [x86] xen: reset legacy rtc flag for PV domU - bnx2x: Fix enabling network interfaces without VFs - [arm64] sve: Use correct size when reinitialising SVE state - PM: base: power: don't try to use non-existing RTC for storing data - PCI: Add AMD GPU multi-function power dependencies - [x86] mm: Fix kern_addr_valid() to cope with existing but not present entries - tipc: fix an use-after-free issue in tipc_recvmsg - dccp: don't duplicate ccid when cloning dccp sock (CVE-2020-16119) - net/l2tp: Fix reference count leak in l2tp_udp_recv_core - r6040: Restore MDIO clock frequency after MAC reset - tipc: increase timeout in tipc_sk_enqueue() - net/mlx5: Fix potential sleeping in atomic context - events: Reuse value read using READ_ONCE instead of re-reading it - net/af_unix: fix a data-race in unix_dgram_poll - [arm64,armhf] net: dsa: destroy the phylink instance on any error in dsa_slave_phy_setup - tcp: fix tp->undo_retrans accounting in tcp_sacktag_one() - qed: Handle management FW error - [arm64] net: hns3: pad the short tunnel frame before sending to hardware - mm/memory_hotplug: use "unsigned long" for PFN in zone_for_pfn_range() - [s390x] KVM: index kvm->arch.idle_mask by vcpu_idx - dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation - [armhf] mfd: Don't use irq_create_mapping() to resolve a mapping - PCI: Add ACS quirks for Cavium multi-function devices - net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920 - block, bfq: honor already-setup queue merges - ethtool: Fix an error code in cxgb2.c - mfd: axp20x: Update AXP288 volatile ranges - PCI: Fix pci_dev_str_match_path() alloc while atomic bug - [arm64] KVM: Handle PSCI resets before userspace touches vCPU state - mtd: rawnand: cafe: Fix a resource leak in the error handling path of 'cafe_nand_probe()' - [armhf] net: dsa: b53: Fix calculating number of switch ports - netfilter: socket: icmp6: fix use-after-scope - fq_codel: reject silly quantum parameters - qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom - ip_gre: validate csum_start only on pull https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.208 - [s390x] bpf: Fix optimizing out zero-extensions - KVM: remember position in kvm->vcpus array - rcu: Fix missed wakeup of exp_wq waiters - apparmor: remove duplicate macro list_entry_is_head() - tracing/kprobe: Fix kprobe_on_func_entry() modification - sctp: validate chunk size in __rcv_asconf_lookup (CVE-2021-3655) - sctp: add param size validation for SCTP_PARAM_SET_PRIMARY (CVE-2021-3655) - dmaengine: acpi: Avoid comparison GSI with Linux vIRQ - [armhf] thermal/drivers/exynos: Fix an error code in exynos_tmu_probe() - 9p/trans_virtio: Remove sysfs file on probe failure - prctl: allow to setup brk for et_dyn executables - nilfs2: use refcount_dec_and_lock() to fix potential UAF - profiling: fix shift-out-of-bounds bugs - drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION() - ceph: lockdep annotations for try_nonblocking_invalidate - nilfs2: fix memory leak in nilfs_sysfs_create_device_group - nilfs2: fix NULL pointer in nilfs_##name##_attr_release - nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group - nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group - nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group - nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group - [arm64,armhf] pwm: rockchip: Don't modify HW state in .remove() callback - blk-throttle: fix UAF by deleteing timer in blk_throtl_exit() - drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.195-rt82 * [rt] Update to 4.19.196-rt83 * Bump ABI to 18 * [rt] Update to 4.19.197-rt84 * Refresh "fs: Add MODULE_SOFTDEP declarations for hard-coded crypto drivers" * [rt] Update to 4.19.198-rt85 * Refresh "scsi: hisi_sas: Create separate host attributes per HBA" * [rt] Update to 4.19.199-rt86 * [rt] Update to 4.19.206-rt87 * [rt] Update to 4.19.207-rt88 * hso: fix bailout in error case of probe * usb: hso: fix error handling code of hso_create_net_device (CVE-2021-37159) * usb: hso: remove the bailout parameter linux-signed-i386 (4.19.194+3) buster-security; urgency=high . * Sign kernel from linux 4.19.194-3 . * [x86] KVM: SVM: Periodically schedule when unregistering regions on destroy (CVE-2020-36311) * can: bcm: fix infoleak in struct bcm_msg_head (CVE-2021-34693) * can: bcm: delay release of struct bcm_op after synchronize_rcu() (CVE-2021-3609) * seq_file: Disallow extremely large seq buffer allocations (CVE-2021-33909) linux-signed-i386 (4.19.194+2) buster; urgency=medium . * Sign kernel from linux 4.19.194-2 . * proc: Track /proc/$pid/attr/ opener mm_struct (Closes: #990072) linuxptp (1.9.2-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Validate the messageLength field of incoming messages (CVE-2021-3570) (Closes: #990748) lynx (2.8.9rel.1-3+deb10u1) buster-security; urgency=high . * Apply fix from Lynx 2.9.0dev.9 for CVE-2021-38165 to fix leakage of username and password in the TLS 1.2 SNI Extension if username and password were given in the URL, i.e. as https://user:pass@example.org/ (Closes: #991971) mariadb-10.3 (1:10.3.31-0+deb10u1) buster; urgency=medium . * New upstream version 10.3.31. Includes security fixes for: - CVE-2021-2389 - CVE-2021-2372 * New upstream version 10.3.30. Includes several important bug fixes. (MDEV-25714: Join using derived with aggregation returns incorrect results) (Closes: #990306) * Fix Perl executable path in scripts (stop using 'env') (Closes: #991472) Upstream MariaDB has broken shebangs (#!/usr/bin/env perl) in several scripts, thus rendering them potentially loading the wrong Perl version and rendering the scripts unusable. Fixing the shebang recovers correct behaviour. mediawiki (1:1.31.16-1~deb10u1) buster-security; urgency=medium . * New upstream version 1.31.16, fixing CVE-2021-35197, CVE-2021-41798, CVE-2021-41799, CVE-2021-41800, CVE-2021-41801. modsecurity-crs (3.1.0-1+deb10u2) buster; urgency=medium . * Add upstream patch to fix request body bypass CVE-2021-35368 (Closes: #992000) nettle (3.4.1-1+deb10u1) buster-security; urgency=high . * Fix for CVE-2021-3580 - potential crash on invalid input to the RSA decryption functions (Closes: #989631). * Fix for CVE-2021-20305 - bug in ECDSA signature verification that could lead to a denial of service attack (via an assertion failure) or possibly incorrect results, backported from 3.7.2 by Marc Deslauriers <marc.deslauriers@ubuntu.com> (Closes: #985652). nextcloud-desktop (2.5.1-3+deb10u2) buster-security; urgency=high . * Add backported patch to fix CVE-2021-22895. (Closes: #989846) * Add backported patch to fix CVE-2021-32728. * Update patch for CVE-2021-32728 for v2.5.1. * Add patch to make it possible to accept invalid SSL certificates. node-ansi-regex (3.0.0-1+deb10u1) buster; urgency=medium . * Team upload * Fix ReDoS (Closes: CVE-2021-3807) node-axios (0.17.1+dfsg-2+deb10u1) buster; urgency=medium . * Team upload * Fix reDoS (Closes: CVE-2021-3749) node-jszip (3.1.4+dfsg-1+deb10u1) buster; urgency=medium . * Team upload * Use a null prototype object for this.files (Closes: CVE-2021-23413) node-tar (4.4.6+ds1-3+deb10u1) buster; urgency=medium . * Team upload * Remove paths from dirCache when no longer dirs (Closes: #992110, CVE-2021-32803) * Strip absolute paths more comprehensively (Closes: #992111, CVE-2021-32804) ntfs-3g (1:2017.3.23AR.3-3+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fixed an endianness error in ntfscp * Checked the locations of MFT and MFTMirr at startup * Fix multiple buffer overflows. CVE-2021-33285, CVE-2021-35269, CVE-2021-35268, CVE-2021-33289, CVE-2021-33286, CVE-2021-35266, CVE-2021-33287, CVE-2021-35267, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256, CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261, CVE-2021-39262, CVE-2021-39263. (Closes: #988386) nvidia-cuda-toolkit (9.2.148-7+deb10u1) buster; urgency=medium . * [ppc64el]: Do not overwrite the customized nvcc.profile with the unmodified upstream copy from CUDA 9.2 Patch 1. (Closes: #991592) nvidia-graphics-drivers (418.211.00-1) buster; urgency=medium . * New upstream Tesla release 418.211.00 (2021-07-20). * Fixed CVE-2021-1093, CVE-2021-1094, CVE-2021-1095. (Closes: #991351) https://nvidia.custhelp.com/app/answers/detail/a_id/5211 . [ Andreas Beckmann ] * Refresh patches. * nvidia-driver-libs: Add Recommends: libnvidia-encode1 (470.42.01-1). (Closes: #989885) * debian/gen-control.pl: Support substitutions in the Vcs-Git field (470.57.02-1). * Compute and substitute the Git branch instead of hardcoding it (470.57.02-1). * Upload to buster. nvidia-graphics-drivers-legacy-390xx (390.144-1~deb10u1) buster; urgency=medium . * Rebuild for buster. . nvidia-graphics-drivers-legacy-390xx (390.144-1) unstable; urgency=medium . * New upstream legacy branch release 390.144 (2021-07-20). * Fixed CVE-2021-1093, CVE-2021-1094, CVE-2021-1095. (Closes: #991353) https://nvidia.custhelp.com/app/answers/detail/a_id/5211 - Worked around a bug in Meson builds of libglvnd 1.3.0 that caused the nvidia_icd.json file to be installed in the wrong location. . [ Andreas Beckmann ] * Refresh patches. * nvidia-legacy-390xx-driver-libs: Add Recommends: libnvidia-legacy-390xx-encode1 (460.91.03-1). (Closes: #989885) * debian/gen-control.pl: Support substitutions in the Vcs-Git field (460.91.03-1). * Compute and substitute the Git branch instead of hardcoding it (460.91.03-1). nvidia-graphics-drivers-legacy-390xx (390.144-1~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. . nvidia-graphics-drivers-legacy-390xx (390.144-1) unstable; urgency=medium . * New upstream legacy branch release 390.144 (2021-07-20). * Fixed CVE-2021-1093, CVE-2021-1094, CVE-2021-1095. (Closes: #991353) https://nvidia.custhelp.com/app/answers/detail/a_id/5211 - Worked around a bug in Meson builds of libglvnd 1.3.0 that caused the nvidia_icd.json file to be installed in the wrong location. . [ Andreas Beckmann ] * Refresh patches. * nvidia-legacy-390xx-driver-libs: Add Recommends: libnvidia-legacy-390xx-encode1 (460.91.03-1). (Closes: #989885) * debian/gen-control.pl: Support substitutions in the Vcs-Git field (460.91.03-1). * Compute and substitute the Git branch instead of hardcoding it (460.91.03-1). . nvidia-graphics-drivers-legacy-390xx (390.143-1~deb10u1) buster; urgency=medium . * Rebuild for buster. nvidia-graphics-drivers-legacy-390xx (390.143-1) unstable; urgency=medium . * New upstream legacy branch release 390.143 (2021-04-19). * Fixed CVE-2021-1076. (Closes: #987218) https://nvidia.custhelp.com/app/answers/detail/a_id/5172 - Fixed a bug where vkCreateSwapchain could cause the X Server to crash when an invalid imageFormat was provided. - Fixed a driver installation failure on Linux kernel 5.11 release candidates, where the NVIDIA kernel module failed to build with error "fatal error: asm/kmap_types.h: No such file or directory". openjdk-11 (11.0.12+7-2~deb10u1) buster-security; urgency=medium . * Rebuild for buster openjdk-11 (11.0.12+7-1) unstable; urgency=high . * OpenJDK 11.0.12+7 build (release). * Security fixes: - JDK-8256157: Improve bytecode assembly. - JDK-8256491: Better HTTP transport. - JDK-8258432, CVE-2021-2341: Improve file transfers. - JDK-8260453: Improve Font Bounding. - JDK-8260960: Signs of jarsigner signing. - JDK-8260967, CVE-2021-2369: Better jar file validation. - JDK-8262380: Enhance XML processing passes. - JDK-8262403: Enhanced data transfer. - JDK-8262410: Enhanced rules for zones. - JDK-8262477: Enhance String Conclusions. - JDK-8262967: Improve Zip file support. - JDK-8264066, CVE-2021-2388: Enhance compiler validation. - JDK-8264079: Improve abstractions. - JDK-8264460: Improve NTLM support. * Encode the early-access status into the package version. LP: #1934895. openjdk-11 (11.0.12+6-1) unstable; urgency=medium . * OpenJDK 11.0.12+6 build (early access). openjdk-11 (11.0.12+4-1) unstable; urgency=medium . * OpenJDK 11.0.12+4 build (early access). * Don't apply the m68k-support patch, needs an update. openjdk-11 (11.0.11+9-1) unstable; urgency=high . * OpenJDK 11.0.11+9 build (release). * Security fixes: - JDK-8244473: Contextualize registration for JNDI. - JDK-8244543: Enhanced handling of abstract classes. - JDK-8259633: compiler/graalunit/CoreTest.java fails with NPE after JDK-8244543. - JDK-8250568: Less ambiguous processing (CVE-2021-2161). - JDK-8253799: Make lists of normal filenames. - JDK-8261183: Follow on to Make lists of normal filenames. - JDK-8249906: Enhance opening JARs (CVE-2021-2163). - JDK-8258247: Couple of issues in fix for JDK-8249906. - JDK-8259428: AlgorithmId.getEncodedParams() should return copy. - JDK-8257001: Improve HTTP client support. openjdk-11-jre-dcevm (11.0.12+7-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster openjdk-11-jre-dcevm (11.0.11+9-2) unstable; urgency=medium . * Added an autopkgtest test suite to catch regressions caused by JDK updates openssl (1.1.1d-0+deb10u7) buster-security; urgency=medium . * CVE-2021-3711 (SM2 Decryption Buffer Overflow). * CVE-2021-3712 (Read buffer overruns processing ASN.1 strings). php7.3 (7.3.29-1~deb10u1) buster-security; urgency=medium . * New upstream version 7.3.29 + CVE-2021-21705: SSRF bypass in FILTER_VALIDATE_URL + CVE-2021-21704: Stack buffer overflow in firebird_info_cb + CVE-2021-21704: SIGSEGV in firebird_handle_doer + CVE-2021-21704: SIGSEGV in firebird_stmt_execute + CVE-2021-21704: Crash while parsing blob data in firebird_fetch_blob postgresql-11 (11.13-0+deb10u1) buster; urgency=medium . * New upstream version. . + Fix mis-planning of repeated application of a projection step (Tom Lane) . The planner could create an incorrect plan in cases where two ProjectionPaths were stacked on top of each other. The only known way to trigger that situation involves parallel sort operations, but there may be other instances. The result would be crashes or incorrect query results. Disclosure of server memory contents is also possible. (CVE-2021-3677) . + Disallow SSL renegotiation more completely (Michael Paquier) . SSL renegotiation has been disabled for some time, but the server would still cooperate with a client-initiated renegotiation request. A maliciously crafted renegotiation request could result in a server crash (see OpenSSL issue CVE-2021-3449). Disable the feature altogether on OpenSSL versions that permit doing so, which are 1.1.0h and newer. postorius (1.2.4-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2021-40347: Check a user owns the email they are trying to unsubscribe (Fixes: #993746) proftpd-dfsg (1.3.6-4+deb10u6) buster; urgency=medium . * Add patch for Issue #1119: Cannot disable client-initiated renegotiation for FTPS https://github.com/proftpd/proftpd/issues/1119 * Bug #4332: Fix navigation into symlinked directories by removing interfering code added as part of Bug#4219. (Closes: #971742) * Add patch for issue #866: (Closes: #991394) mod_sftp crashes when using pubkey-auth with DSA keys * Add patch for upstream issue #1284 (Closes: #993173). * Add me to Uploaders. psmisc (23.2-1+deb10u1) buster; urgency=medium . * Team upload. * Fix regression in killall not matching process with names bigger than 15 characters by backporting the upstream patch that restores the check that works on kernels that have TASK_COMM_LEN set to 16. Closes: #912748 python-uflash (1.2.4+dfsg-1+deb10u1) buster; urgency=medium . [ Nick Morrott ] * d/firmware-microbit-micropython-dl.postinst: - Update firmware URL (Closes: #991280) request-tracker4 (4.4.3-2+deb10u1) buster; urgency=medium . * Apply upstream patch which fixes a security vulnerability that involves a login timing side-channel attack. This resolves CVE-2021-38562 (Closes: #995175) ring (20190215.1.f152c98~ds1-1+deb10u1) buster; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2021-21375 (Closes: #986815) The embedded copy of pjproject is affected by this CVE. Due to bad handling of two consecutive crafted answers to an INVITE, the attacker is able to crash the server resulting in a denial of service. sabnzbdplus (2.3.6+dfsg-1+deb10u2) buster; urgency=medium . * Backport upstream security fix to prevent a directory escape in the renamer function via malicious par2 files. (CVE-2021-29488) shim (15.4-7~deb10u1) buster; urgency=high . * Tweak how we call grub-install; don't abort on error. Not ideal behaviour either, but don't break upgrades. Copy the behaviour from the grub packages here. Bug #990966 shim (15.4-6) unstable; urgency=high . * Add arm64 patch to tweak section layout and stop crashing problems. Upstream issue #371. Closes: #990082, #990190 * In insecure mode, don't abort if we can't create the MokListXRT variable. Upstream issue #372. Closes: #989962, #990158 shim (15.4-6~deb10u1) buster; urgency=high . * Add arm64 patch to tweak section layout and stop crashing problems. Upstream issue #371. Closes: #990082, #990190 * In insecure mode, don't abort if we can't create the MokListXRT variable. Upstream issue #372. Closes: #989962, #990158 shim (15.4-5) unstable; urgency=medium . * Add defensive code around calls to db_get. Don't fail if they return errors. shim-helpers-amd64-signed (1+15.4+7~deb10u1) buster; urgency=high . * Update to shim 15.4-7~deb10u1 shim-helpers-amd64-signed (1+15.4+6) unstable; urgency=high . * Update to shim 15.4-6 shim-helpers-amd64-signed (1+15.4+6~deb10u1) buster; urgency=high . * Update to shim 15.4-6~deb10u1 shim-helpers-amd64-signed (1+15.4+5) unstable; urgency=medium . * Update to shim 15.4-5 shim-helpers-arm64-signed (1+15.4+7~deb10u1) buster; urgency=high . * Update to shim 15.4-7~deb10u1 shim-helpers-arm64-signed (1+15.4+6) unstable; urgency=high . * Update to shim 15.4-6 shim-helpers-arm64-signed (1+15.4+6~deb10u1) buster; urgency=high . * Update to shim 15.4-6~deb10u1 shim-helpers-arm64-signed (1+15.4+5) unstable; urgency=medium . * Update to shim 15.4-5 shim-helpers-i386-signed (1+15.4+7~deb10u1) buster; urgency=high . * Update to shim 15.4-7~deb10u1 shim-helpers-i386-signed (1+15.4+6) unstable; urgency=high . * Update to shim 15.4-6 shim-helpers-i386-signed (1+15.4+6~deb10u1) buster; urgency=high . * Update to shim 15.4-6~deb10u1 shim-helpers-i386-signed (1+15.4+5) unstable; urgency=medium . * Update to shim 15.4-5 shim-signed (1.38~1+deb10u1) buster; urgency=medium . * Tweak how we call grub-install; don't abort on error. Not ideal behaviour either, but don't break upgrades. Copy the behaviour from the grub packages here. Bug #990984 * Update build-dep on shim-unsigned to use 15.4-7~deb10u1 shim-signed (1.37) unstable; urgency=medium . * Build against new signed binaries corresponding to 15.4-6 Pulls multiple bugfixes in for the signed version: + Add arm64 patch to tweak section layout and stop crashing problems. Upstream issue #371. (#990082, #990190) + In insecure mode, don't abort if we can't create the MokListXRT variable. Upstream issue #372. (#989962, #990158) * Update build-dep on shim-unsigned to use 15.4-6 shim-signed (1.37~1+deb10u1) buster; urgency=medium . * Buster update: build against new signed binaries corresponding to 15.4-6~deb10u1. Pulls multiple bugfixes in for the signed version: + Add arm64 patch to tweak section layout and stop crashing problems. Upstream issue #371. (#990082, #990190) + In insecure mode, don't abort if we can't create the MokListXRT variable. Upstream issue #372. (#989962, #990158) * Update build-dep on shim-unsigned to use 15.4-6~deb10u1 * Switch arm64 back to using a current unsigned build (undo changes in 1.36~1+deb10u2) shim-signed (1.36) unstable; urgency=medium . * Add defensive code around calls to db_get. Don't fail if they return errors. Closes: #988114 * Update build-dep on shim-unsigned to use 15.4-5 shim-signed (1.36~1+deb10u2) buster; urgency=high . * Workaround for boot-breaking bug on arm64. Despite initial testing suggesting otherwise, even an unsigned arm64 build of 15.4 seems likely to crash at boot on some systems. Copy an old version of the unsigned arm64 shim into place for now. This will not support Secure Boot, but it will at least allow people to boot. shiro (1.3.2-4+deb10u1) buster; urgency=medium . * Update patch for Spring Framework 4.3.x build failure. * Cherry-pick upstream patch with Guice improvements. * CVE-2020-1957: Fix a path-traversal issue where a specially-crafted request could cause an authentication bypass. (Closes: #955018) * CVE-2020-11989: Fix an encoding issue introduced in the handling of the previous CVE-2020-1957 path-traversal issue which could have also caused an authentication bypass. * CVE-2020-13933: Fix an authentication bypass resulting from a specially crafted HTTP request. (Closes: #968753) * CVE-2020-17510: Fix an authentication bypass resulting from a specially crafted HTTP request. squashfs-tools (1:4.3-12+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2021-40153 unsquashfs unvalidated filepaths allow writing outside of destination. systemd (241-7~deb10u8) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * basic/unit-name: do not use strdupa() on a path (CVE-2021-33910) thunderbird (1:78.14.0-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security thunderbird (1:78.13.0-1) unstable; urgency=medium . * [b4498b0] New upstream version 78.13.0 Fixed CVE issues in upstream version 78.12 (MFSA 2021-35): CVE-2021-29986: Race condition when resolving DNS names could have led to memory corruption CVE-2021-29988: Memory corruption as a result of incorrect style treatment CVE-2021-29984: Incorrect instruction reordering during JIT optimization CVE-2021-29980: Uninitialized memory in a canvas object could have led to memory corruption CVE-2021-29985: Use-after-free media channels CVE-2021-29989: Memory safety bugs fixed in Thunderbird 78.13 thunderbird (1:78.13.0-1~deb11u1) bullseye-security; urgency=medium . * [6dc6817] d/changelog: Correct TB version for referenced MFSA * Rebuild for bullseye-security thunderbird (1:78.13.0-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security thunderbird (1:78.12.0-1) unstable; urgency=medium . * [74d3cdb] New upstream version 78.12.0 Fixed CVE issues in upstream version 78.12 (MFSA 2021-30): CVE-2021-29969: IMAP server responses sent by a MITM prior to STARTTLS could be processed CVE-2021-29970: Use-after-free in accessibility features of a document CVE-2021-30547: Out of bounds write in ANGLE CVE-2021-29976: Memory safety bugs fixed in Thunderbird 78.12 thunderbird (1:78.12.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security thunderbird (1:78.11.0-2) unstable; urgency=medium . [ Carsten Schoenert ] * [241e539] d/thunderbird.1: Correct debugger option Remove parts that are no longer valid, especially there is no dedicated shell script any more the user has to start, calling 'thunderbird -g' is enough to start a GDB call. * [66deb37] thunderbird: Use internal NSS source while package built (Closes: #989839, #989843, #989979, #989983, #989922, #990012) * [07fb6ef] d/thunderbird-wrapper.sh: Use '${}' syntax for variables . [ Kevin Locke ] * [d003e26] d/thunderbird-wrapper.sh: Make gdb call more fail safe (Closes: #942799) thunderbird (1:78.11.0-1) unstable; urgency=medium . * [42c4a87] New upstream version 78.11.0 Fixed CVE issues in upstream version 78.11 (MFSA 2021-26): CVE-2021-29967: Memory safety bugs fixed in Thunderbird 78.11 thunderbird (1:78.11.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security thunderbird (1:78.10.2-1) unstable; urgency=medium . * [69552d8] New upstream version 78.10.2 Fixed CVE issues in upstream version 78.10.2 (MFSA 2021-22): CVE-2021-29957: Partial protection of inline OpenPGP message not indicated CVE-2021-29956: Thunderbird stored OpenPGP secret keys without master password protection thunderbird (1:78.10.0-1) unstable; urgency=medium . * [f38d78f] New upstream version 78.10.0 Fixed CVE issues in upstream version 78.10 (MFSA 2021-15): CVE-2021-23994: Out of bound write due to lazy initialization CVE-2021-23995: Use-after-free in Responsive Design Mode CVE-2021-23998: Secure Lock icon could have been spoofed CVE-2021-23961: More internal network hosts could have been probed by a malicious webpage CVE-2021-23999: Blob URLs may have been granted additional privileges CVE-2021-24002: Arbitrary FTP command execution on FTP servers using an encoded URL CVE-2021-29945: Incorrect size computation in WebAssembly JIT could lead to null-reads (This issue only affected x86-32 platforms.) CVE-2021-29946: Port blocking could be bypassed CVE-2021-29948: Race condition when reading from disk while verifying signatures thunderbird (1:78.10.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security thunderbird (1:78.9.0-1) unstable; urgency=medium . [ Colomban Wendling ] * [7d454de] d/thunderbird.desktop: Switch StartupWMClass (Closes: #985366) . [ Carsten Schoenert ] * [23fe9ce] d/source.filter: small update to filtering list * [828b9d7] New upstream version 78.9.0 Fixed CVE issues in upstream version 78.9 (MFSA 2021-12): CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an out-of-bound read CVE-2021-23982: Internal network hosts could have been probed by a malicious webpage CVE-2021-23984: Malicious extensions could have spoofed popup information CVE-2021-23987: Memory safety bugs fixed in Thunderbird 78.9 * [cf4fbde] rebuild patch queue from patch-queue branch Removed patch (included upstream): porting-s390x/Explicitly-instantiate-TIntermTraverser-traverse-TIntermN.patch thunderbird (1:78.9.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security thunderbird (1:78.8.0-1) unstable; urgency=medium . [ Pino Toscano ] * [f2f1f3f] thunderbird: Stop shipping /u/s/p/thunderbird.png symlink . [ Carsten Schoenert ] * [f5707a7] New upstream version 78.8.0 Fixed CVE issues in upstream version 78.8 (MFSA 2021-09): CVE-2021-23969: Content Security Policy violation report could have contained the destination of a redirect CVE-2021-23968: Content Security Policy violation report could have contained the destination of a redirect CVE-2021-23973: MediaError message property could have leaked information about cross-origin resources CVE-2021-23978: Memory safety bugs fixed in Thunderbird 78.8 thunderbird (1:78.8.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security thunderbird (1:78.7.1-1) unstable; urgency=medium . * [406f9d7] New upstream version 78.7.1 thunderbird (1:78.7.0-1) unstable; urgency=medium . * [8751354] New upstream version 78.7.0 Fixed CVE issues in upstream version 78.7 (MFSA 2021-05): CVE-2021-23953: Cross-origin information leakage via redirected PDF requests CVE-2021-23954: Type confusion when using logical assignment operators in JavaScript switch statements CVE-2020-15685: IMAP Response Injection when using STARTTLS CVE-2020-26976: HTTPS pages could have been intercepted by a registered service worker when they should not have been CVE-2021-23960: Use-after-poison for incorrectly redeclared JavaScript variables during GC CVE-2021-23964: Memory safety bugs fixed in Thunderbird 78.7 * [4b0c0a7] rebuild patch queue from patch-queue branch removed patch (included upstream): porting-mips/Bug-1642265-MIPS64-Add-branchTestSymbol-and-fallibleUnbox.patch thunderbird (1:78.7.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security thunderbird (1:78.6.1-1) unstable; urgency=medium . [ Carsten Schoenert ] * [67f6117] Add Apache2 notice for third_party/python/coverage * [38b9ff7] lintian: adding override for false positive in SVG file . [ Carles Pina i Estany ] * [529d53a] d/thunderbird-wrapper.sh: Unset DEBUG/DEBUGGER variables (Closes: #960230) * [6d48708] d/thunderbird-wrapper-helper.sh: Adjust help text . [ Carsten Schoenert ] * [5309e91] d/thunderbird-wrapper*.sh: Prefixing some local variables * [07b4733] New upstream version 78.6.1 Fixed CVE issues in upstream version 78.6.1 (MFSA 2021-02): CVE-2020-16044: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk thunderbird (1:78.6.0-1) unstable; urgency=medium . * [1410f1e] d/watch: update to version 4 * [a8303b7] d/rules: use python3 explicitly while calling mach * [f3f535e] New upstream version 78.6.0 Fixed CVE issues in upstream version 78.6 (MFSA 2020-56): CVE-2020-16042: Operations on a BigInt could have caused uninitialized memory to be exposed CVE-2020-26971: Heap buffer overflow in WebGL CVE-2020-26973: CSS Sanitizer performed incorrect sanitization CVE-2020-26974: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free CVE-2020-26978: Internal network hosts could have been probed by a malicious webpage CVE-2020-35111: The proxy.onRequest API did not catch view-source URLs CVE-2020-35112: Opening an extension-less download may have inadvertently launched an executable instead CVE-2020-35113: Memory safety bugs fixed in Thunderbird 78.6 (Closes: #972072, #973697) * [16a7ab7] /u/l/thunderbird: Correct escape sequencing for gdb calling We need to do a better escaping of values of the '-ex' option otherwise the shell is refusing the concatenated string we want to use as call. (Closes: #976979) tomcat9 (9.0.31-1~deb10u5) buster-security; urgency=high . * Team upload. * Fix CVE-2021-30640: A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. * Fix CVE-2021-33037: Apache Tomcat did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ignored the transfer encoding header if the client declared it would only accept an HTTP/1.0 response; - Tomcat honoured the identify encoding; and - Tomcat did not ensure that, if present, the chunked encoding was the final encoding. (Closes: #991046) tor (0.3.5.16-1) buster-security; urgency=medium . * New upstream version. For a full list see the upstream changelog. It includes: - Resolve an assertion failure caused by a behavior mismatch between our batch-signature verification code and our single-signature verification code. This assertion failure could be triggered remotely, leading to a denial of service attack. We fix this issue by disabling batch verification. Fixes bug 40078; bugfix on 0.2.6.1-alpha. This issue is also tracked as TROVE-2021-007 and CVE-2021-38385. Found by Henry de Valence. tor (0.3.5.15-1) buster-security; urgency=medium . * New upstream version, fixing several (security) issues (closes: #990000). For a full list see the upstream changelog. It includes: - Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell on half-closed streams. Previously, clients failed to validate which hop sent these cells: this would allow a relay on a circuit to end a stream that wasn't actually built with it. Bugfix on 0.3.5.1-alpha. This issue is also tracked as TROVE-2021- 003 and CVE-2021-34548. - Detect more failure conditions from the OpenSSL RNG code. Previously, we would detect errors from a missing RNG implementation, but not failures from the RNG code itself. Fortunately, it appears those failures do not happen in practice when Tor is using OpenSSL's default RNG implementation. Bugfix on 0.2.8.1-alpha. This issue is also tracked as TROVE-2021-004. Reported by Jann Horn at Google's Project Zero. - Resist a hashtable-based CPU denial-of-service attack against relays. Previously we used a naive unkeyed hash function to look up circuits in a circuitmux object. An attacker could exploit this to construct circuits with chosen circuit IDs, to create collisions and make the hash table inefficient. Now we use a SipHash construction here instead. Bugfix on 0.2.4.4-alpha. This issue is also tracked as TROVE-2021-005 and CVE-2021-34549. Reported by Jann Horn from Google's Project Zero. - Fix an out-of-bounds memory access in v3 onion service descriptor parsing. An attacker could exploit this bug by crafting an onion service descriptor that would crash any client that tried to visit it. Bugfix on 0.3.0.1-alpha. This issue is also tracked as TROVE-2021-006 and CVE-2021-34550. Reported by Sergei Glazunov from Google's Project Zero. trafficserver (8.0.2+ds-1+deb10u5) buster-security; urgency=medium . * CVE-2021-35474 CVE-2021-32567 CVE-2021-32566 CVE_2021-32565 CVE-2021-27577 (Closes: #990303) tzdata (2021a-0+deb10u2) buster; urgency=medium . * Cherry-pick patches from tzdata-2021b until the upstream situation gets less confused: - 01-no-leap-second-2021-12-31.patch: No leap second on 2021-12-31 as per IERS Bulletin C 62. - 02-samoa-dst.patch: Samoa no longer observes DST. - 03-jordan-dst.patch: Jordan now starts DST on February's last Thursday. ublock-origin (1.37.0+dfsg-1~deb10u1) buster; urgency=medium . * Backport to Debian 10 "Buster". ublock-origin (1.33.0+dfsg-1) unstable; urgency=medium . * New upstream version 1.33.0+dfsg. ublock-origin (1.32.0+dfsg-1) unstable; urgency=medium . * New upstream version 1.32.0+dfsg. * Declare compliance with Debian Policy 4.5.1. ublock-origin (1.30.0+dfsg-1) unstable; urgency=medium . * New upstream version 1.30.0+dfsg. ulfius (2.5.2-4+deb10u1) buster; urgency=medium . * d/patches: Fix CVE-2021-40540 webkit2gtk (2.32.4-1~deb10u1) buster-security; urgency=high . * Rebuild for buster-security. + Fixes CVE-2021-30858. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev and libmanette-0.2-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. + Switch build dependencies on libgl-dev and libgles-dev with libgl1-mesa-dev and libgles2-mesa-dev. * Downgrade xdg-desktop-portal-gtk from a recommendation to a suggestion (See #989307) * debian/rules: + Build with -DENABLE_GAMEPAD=OFF (as libmanette is missing). webkit2gtk (2.32.3-1) unstable; urgency=high . * New upstream release. * The WebKitGTK security advisory WSA-2021-0004 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2021-30666, CVE-2021-30761 (fixed in 2.26.0). + CVE-2021-30762 (fixed in 2.28.0). + CVE-2021-1817, CVE-2021-1820, CVE-2021-1825, CVE-2021-1826, CVE-2021-30661 (fixed in 2.30.0). + CVE-2021-21806 (fixed in 2.30.6). + CVE-2021-30682 (fixed in 2.32.0). + CVE-2021-30758 (fixed in 2.32.2). + CVE-2021-21775, CVE-2021-21779, CVE-2021-30663, CVE-2021-30665, CVE-2021-30689, CVE-2021-30720, CVE-2021-30734, CVE-2021-30744, CVE-2021-30749, CVE-2021-30795, CVE-2021-30797, CVE-2021-30799 (fixed in 2.32.3). webkit2gtk (2.32.3-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev and libmanette-0.2-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. + Switch build dependencies on libgl-dev and libgles-dev with libgl1-mesa-dev and libgles2-mesa-dev. * Downgrade xdg-desktop-portal-gtk from a recommendation to a suggestion (Closes: #989307) * debian/rules: + Build with -DENABLE_GAMEPAD=OFF (as libmanette is missing). webkit2gtk (2.32.2-1) unstable; urgency=medium . * New upstream release. * debian/patches/fix-ftbfs-m68k.patch: + Update patch. webkit2gtk (2.32.1-2) unstable; urgency=high . * debian/control: + Update the dependencies on GStreamer plugins (Closes: #989332): - WebKitGTK really expects at least the -base and -good sets. - For video playback (e.g YouTube) -bad is also recommended. - The pulseaudio plugin was merged into the -good package so it will be always be available now. Move -alsa to Suggests. webkit2gtk (2.32.1-1) unstable; urgency=medium . * New upstream release. * debian/patches/fix-ftbfs-m68k.patch: + Update patch. * Downgrade dependency on xdg-desktop-portal-gtk to a recommendation. This works around an autopkgtest regression in balsa (see #987686). (Closes: #987428). xen (4.11.4+107-gef32c7afa2-1) buster-security; urgency=high . * Update to new upstream version 4.11.4+107-gef32c7afa2, which also contains security fixes for the following issues: - inappropriate x86 IOMMU timeout detection / handling XSA-373 CVE-2021-28692 - Speculative Code Store Bypass XSA-375 CVE-2021-0089 CVE-2021-26313 - x86: TSX Async Abort protections not restored after S3 XSA-377 CVE-2021-28690 * Note that the following XSA are not listed, because... - XSA-370 does not contain code changes. - XSA-371 and XSA-374 have patches for the Linux kernel. - XSA-372 only applies to Xen 4.12 and newer. xmlgraphics-commons (2.3-1+deb10u1) buster; urgency=medium . * Team upload. * Fix CVE-2020-11988: Apache XmlGraphics Commons is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. (Closes: #984949) yubikey-manager (2.1.0-1+deb10u1) buster; urgency=medium . * Add a dependency on python3-pkg-resources to yubikey-manager. Closes: #986865 * Add myself as an uploader. ======================================== Sat, 19 Jun 2021 - Debian 10.10 released ======================================== ========================================================================= [Date: Sat, 19 Jun 2021 08:52:00 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-14-all-amd64 | 4.19.171-2 | amd64 linux-headers-4.19.0-14-amd64 | 4.19.171-2 | amd64 linux-headers-4.19.0-14-cloud-amd64 | 4.19.171-2 | amd64 linux-headers-4.19.0-14-rt-amd64 | 4.19.171-2 | amd64 linux-image-4.19.0-14-amd64-dbg | 4.19.171-2 | amd64 linux-image-4.19.0-14-amd64-unsigned | 4.19.171-2 | amd64 linux-image-4.19.0-14-cloud-amd64-dbg | 4.19.171-2 | amd64 linux-image-4.19.0-14-cloud-amd64-unsigned | 4.19.171-2 | amd64 linux-image-4.19.0-14-rt-amd64-dbg | 4.19.171-2 | amd64 linux-image-4.19.0-14-rt-amd64-unsigned | 4.19.171-2 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 19 Jun 2021 08:52:10 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-14-all-mipsel | 4.19.171-2 | mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 19 Jun 2021 08:52:18 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el btrfs-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el cdrom-core-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el compress-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el crc-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el crypto-dm-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el crypto-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el event-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el ext4-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el fancontrol-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el fat-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el fb-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el firewire-core-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el fuse-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el hypervisor-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el i2c-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el input-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el isofs-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el jfs-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el kernel-image-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el linux-headers-4.19.0-14-all-ppc64el | 4.19.171-2 | ppc64el linux-headers-4.19.0-14-powerpc64le | 4.19.171-2 | ppc64el linux-image-4.19.0-14-powerpc64le | 4.19.171-2 | ppc64el linux-image-4.19.0-14-powerpc64le-dbg | 4.19.171-2 | ppc64el loop-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el md-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el mouse-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el mtd-core-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el multipath-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el nbd-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el nic-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el nic-shared-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el nic-usb-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el nic-wireless-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el ppp-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el sata-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el scsi-core-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el scsi-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el scsi-nic-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el serial-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el squashfs-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el udf-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el uinput-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el usb-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el usb-serial-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el usb-storage-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el xfs-modules-4.19.0-14-powerpc64le-di | 4.19.171-2 | ppc64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 19 Jun 2021 08:52:27 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: btrfs-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x cdrom-core-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x compress-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x crc-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x crypto-dm-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x crypto-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x dasd-extra-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x dasd-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x ext4-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x fat-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x fuse-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x isofs-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x kernel-image-4.19.0-14-s390x-di | 4.19.171-2 | s390x linux-headers-4.19.0-14-all-s390x | 4.19.171-2 | s390x linux-headers-4.19.0-14-s390x | 4.19.171-2 | s390x linux-image-4.19.0-14-s390x | 4.19.171-2 | s390x linux-image-4.19.0-14-s390x-dbg | 4.19.171-2 | s390x loop-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x md-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x mtd-core-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x multipath-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x nbd-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x nic-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x scsi-core-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x scsi-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x udf-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x xfs-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x zlib-modules-4.19.0-14-s390x-di | 4.19.171-2 | s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 19 Jun 2021 08:52:46 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-14-all | 4.19.171-2 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 19 Jun 2021 08:52:57 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-14-all-arm64 | 4.19.171-2 | arm64 linux-headers-4.19.0-14-arm64 | 4.19.171-2 | arm64 linux-headers-4.19.0-14-rt-arm64 | 4.19.171-2 | arm64 linux-image-4.19.0-14-arm64-dbg | 4.19.171-2 | arm64 linux-image-4.19.0-14-arm64-unsigned | 4.19.171-2 | arm64 linux-image-4.19.0-14-rt-arm64-dbg | 4.19.171-2 | arm64 linux-image-4.19.0-14-rt-arm64-unsigned | 4.19.171-2 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 19 Jun 2021 08:53:07 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: btrfs-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel cdrom-core-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel compress-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel crc-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel crypto-dm-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel crypto-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel event-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel ext4-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel fat-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel fb-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel fuse-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel input-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel ipv6-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel isofs-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel jffs2-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel jfs-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel kernel-image-4.19.0-14-marvell-di | 4.19.171-2 | armel leds-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel linux-headers-4.19.0-14-all-armel | 4.19.171-2 | armel linux-headers-4.19.0-14-marvell | 4.19.171-2 | armel linux-headers-4.19.0-14-rpi | 4.19.171-2 | armel linux-image-4.19.0-14-marvell | 4.19.171-2 | armel linux-image-4.19.0-14-marvell-dbg | 4.19.171-2 | armel linux-image-4.19.0-14-rpi | 4.19.171-2 | armel linux-image-4.19.0-14-rpi-dbg | 4.19.171-2 | armel loop-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel md-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel minix-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel mmc-core-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel mmc-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel mouse-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel mtd-core-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel mtd-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel multipath-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel nbd-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel nic-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel nic-shared-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel nic-usb-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel ppp-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel sata-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel scsi-core-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel squashfs-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel udf-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel uinput-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel usb-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel usb-serial-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel usb-storage-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel zlib-modules-4.19.0-14-marvell-di | 4.19.171-2 | armel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 19 Jun 2021 08:53:17 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf btrfs-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf cdrom-core-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf compress-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf crc-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf crypto-dm-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf crypto-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf efi-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf event-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf ext4-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf fat-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf fb-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf fuse-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf i2c-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf input-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf isofs-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf jfs-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf kernel-image-4.19.0-14-armmp-di | 4.19.171-2 | armhf leds-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf linux-headers-4.19.0-14-all-armhf | 4.19.171-2 | armhf linux-headers-4.19.0-14-armmp | 4.19.171-2 | armhf linux-headers-4.19.0-14-armmp-lpae | 4.19.171-2 | armhf linux-headers-4.19.0-14-rt-armmp | 4.19.171-2 | armhf linux-image-4.19.0-14-armmp | 4.19.171-2 | armhf linux-image-4.19.0-14-armmp-dbg | 4.19.171-2 | armhf linux-image-4.19.0-14-armmp-lpae | 4.19.171-2 | armhf linux-image-4.19.0-14-armmp-lpae-dbg | 4.19.171-2 | armhf linux-image-4.19.0-14-rt-armmp | 4.19.171-2 | armhf linux-image-4.19.0-14-rt-armmp-dbg | 4.19.171-2 | armhf loop-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf md-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf mmc-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf mtd-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf multipath-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf nbd-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf nic-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf nic-shared-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf nic-usb-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf nic-wireless-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf pata-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf ppp-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf sata-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf scsi-core-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf scsi-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf scsi-nic-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf squashfs-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf udf-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf uinput-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf usb-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf usb-serial-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf usb-storage-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf zlib-modules-4.19.0-14-armmp-di | 4.19.171-2 | armhf ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 19 Jun 2021 08:53:25 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-14-686 | 4.19.171-2 | i386 linux-headers-4.19.0-14-686-pae | 4.19.171-2 | i386 linux-headers-4.19.0-14-all-i386 | 4.19.171-2 | i386 linux-headers-4.19.0-14-rt-686-pae | 4.19.171-2 | i386 linux-image-4.19.0-14-686-dbg | 4.19.171-2 | i386 linux-image-4.19.0-14-686-pae-dbg | 4.19.171-2 | i386 linux-image-4.19.0-14-686-pae-unsigned | 4.19.171-2 | i386 linux-image-4.19.0-14-686-unsigned | 4.19.171-2 | i386 linux-image-4.19.0-14-rt-686-pae-dbg | 4.19.171-2 | i386 linux-image-4.19.0-14-rt-686-pae-unsigned | 4.19.171-2 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 19 Jun 2021 08:53:38 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-14-all-mips | 4.19.171-2 | mips ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 19 Jun 2021 08:54:08 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel btrfs-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel cdrom-core-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel compress-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel crc-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel crypto-dm-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel crypto-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel event-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel ext4-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel fat-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel fuse-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel hfs-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel input-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel isofs-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel jfs-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel kernel-image-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel linux-headers-4.19.0-14-5kc-malta | 4.19.171-2 | mips, mips64el, mipsel linux-headers-4.19.0-14-octeon | 4.19.171-2 | mips, mips64el, mipsel linux-image-4.19.0-14-5kc-malta | 4.19.171-2 | mips, mips64el, mipsel linux-image-4.19.0-14-5kc-malta-dbg | 4.19.171-2 | mips, mips64el, mipsel linux-image-4.19.0-14-octeon | 4.19.171-2 | mips, mips64el, mipsel linux-image-4.19.0-14-octeon-dbg | 4.19.171-2 | mips, mips64el, mipsel loop-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel md-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel minix-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel multipath-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel nbd-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel nic-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel nic-shared-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel nic-usb-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel nic-wireless-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel pata-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel ppp-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel rtc-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel sata-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel scsi-core-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel scsi-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel scsi-nic-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel sound-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel squashfs-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel udf-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel usb-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel usb-serial-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel usb-storage-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel xfs-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel zlib-modules-4.19.0-14-octeon-di | 4.19.171-2 | mips, mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 19 Jun 2021 08:54:16 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel ata-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel btrfs-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel cdrom-core-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel compress-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel crc-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel crypto-dm-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel crypto-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel event-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel ext4-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel fat-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel fb-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel fuse-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel hfs-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel i2c-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel input-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel isofs-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel jfs-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel kernel-image-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel linux-headers-4.19.0-14-4kc-malta | 4.19.171-2 | mips, mipsel linux-image-4.19.0-14-4kc-malta | 4.19.171-2 | mips, mipsel linux-image-4.19.0-14-4kc-malta-dbg | 4.19.171-2 | mips, mipsel loop-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel md-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel minix-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel mmc-core-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel mmc-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel mouse-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel mtd-core-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel multipath-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel nbd-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel nic-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel nic-shared-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel nic-usb-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel nic-wireless-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel pata-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel ppp-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel sata-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel scsi-core-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel scsi-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel scsi-nic-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel sound-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel squashfs-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel udf-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel usb-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel usb-serial-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel usb-storage-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel xfs-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel zlib-modules-4.19.0-14-4kc-malta-di | 4.19.171-2 | mips, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 19 Jun 2021 08:54:25 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el ata-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el btrfs-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el cdrom-core-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el compress-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el crc-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el crypto-dm-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el crypto-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el event-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el ext4-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el fat-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el fb-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el fuse-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el hfs-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el i2c-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el input-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el isofs-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el jfs-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el kernel-image-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el linux-headers-4.19.0-14-all-mips64el | 4.19.171-2 | mips64el loop-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el md-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el minix-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el mmc-core-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el mmc-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el mouse-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el mtd-core-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el multipath-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el nbd-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el nic-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el nic-shared-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el nic-usb-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el nic-wireless-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el pata-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el ppp-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el sata-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el scsi-core-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el scsi-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el scsi-nic-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el sound-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el squashfs-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el udf-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el usb-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el usb-serial-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el usb-storage-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el xfs-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el zlib-modules-4.19.0-14-5kc-malta-di | 4.19.171-2 | mips64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 19 Jun 2021 08:54:36 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel ata-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel btrfs-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel cdrom-core-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel compress-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel crc-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel crypto-dm-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel crypto-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel event-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel ext4-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel fat-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel fb-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel firewire-core-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel fuse-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel hfs-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel input-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel isofs-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel jfs-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel kernel-image-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel linux-headers-4.19.0-14-loongson-3 | 4.19.171-2 | mips64el, mipsel linux-image-4.19.0-14-loongson-3 | 4.19.171-2 | mips64el, mipsel linux-image-4.19.0-14-loongson-3-dbg | 4.19.171-2 | mips64el, mipsel loop-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel md-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel minix-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel mtd-core-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel multipath-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel nbd-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel nfs-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel nic-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel nic-shared-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel nic-usb-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel nic-wireless-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel pata-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel ppp-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel sata-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel scsi-core-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel scsi-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel scsi-nic-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel sound-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel speakup-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel squashfs-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel udf-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel usb-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel usb-serial-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel usb-storage-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel xfs-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel zlib-modules-4.19.0-14-loongson-3-di | 4.19.171-2 | mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 19 Jun 2021 08:54:45 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: acpi-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 ata-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 btrfs-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 cdrom-core-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 compress-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 crc-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 crypto-dm-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 crypto-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 efi-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 event-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 ext4-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 fat-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 fb-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 firewire-core-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 fuse-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 i2c-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 input-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 isofs-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 jfs-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 kernel-image-4.19.0-14-amd64-di | 4.19.171-2 | amd64 linux-image-4.19.0-14-amd64 | 4.19.171-2 | amd64 linux-image-4.19.0-14-cloud-amd64 | 4.19.171-2 | amd64 linux-image-4.19.0-14-rt-amd64 | 4.19.171-2 | amd64 loop-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 md-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 mmc-core-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 mmc-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 mouse-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 mtd-core-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 multipath-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 nbd-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 nic-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 nic-pcmcia-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 nic-shared-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 nic-usb-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 nic-wireless-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 pata-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 pcmcia-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 pcmcia-storage-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 ppp-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 sata-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 scsi-core-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 scsi-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 scsi-nic-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 serial-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 sound-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 speakup-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 squashfs-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 udf-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 uinput-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 usb-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 usb-serial-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 usb-storage-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 xfs-modules-4.19.0-14-amd64-di | 4.19.171-2 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-amd64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 19 Jun 2021 08:54:56 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 btrfs-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 cdrom-core-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 compress-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 crc-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 crypto-dm-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 crypto-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 efi-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 event-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 ext4-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 fat-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 fb-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 fuse-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 i2c-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 input-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 isofs-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 jfs-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 kernel-image-4.19.0-14-arm64-di | 4.19.171-2 | arm64 leds-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 linux-image-4.19.0-14-arm64 | 4.19.171-2 | arm64 linux-image-4.19.0-14-rt-arm64 | 4.19.171-2 | arm64 loop-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 md-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 mmc-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 mtd-core-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 multipath-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 nbd-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 nic-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 nic-shared-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 nic-usb-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 nic-wireless-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 ppp-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 sata-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 scsi-core-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 scsi-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 scsi-nic-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 squashfs-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 udf-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 uinput-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 usb-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 usb-serial-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 usb-storage-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 xfs-modules-4.19.0-14-arm64-di | 4.19.171-2 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-arm64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 19 Jun 2021 08:55:06 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: acpi-modules-4.19.0-14-686-di | 4.19.171-2 | i386 acpi-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 ata-modules-4.19.0-14-686-di | 4.19.171-2 | i386 ata-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 btrfs-modules-4.19.0-14-686-di | 4.19.171-2 | i386 btrfs-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 cdrom-core-modules-4.19.0-14-686-di | 4.19.171-2 | i386 cdrom-core-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 compress-modules-4.19.0-14-686-di | 4.19.171-2 | i386 compress-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 crc-modules-4.19.0-14-686-di | 4.19.171-2 | i386 crc-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 crypto-dm-modules-4.19.0-14-686-di | 4.19.171-2 | i386 crypto-dm-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 crypto-modules-4.19.0-14-686-di | 4.19.171-2 | i386 crypto-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 efi-modules-4.19.0-14-686-di | 4.19.171-2 | i386 efi-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 event-modules-4.19.0-14-686-di | 4.19.171-2 | i386 event-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 ext4-modules-4.19.0-14-686-di | 4.19.171-2 | i386 ext4-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 fat-modules-4.19.0-14-686-di | 4.19.171-2 | i386 fat-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 fb-modules-4.19.0-14-686-di | 4.19.171-2 | i386 fb-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 firewire-core-modules-4.19.0-14-686-di | 4.19.171-2 | i386 firewire-core-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 fuse-modules-4.19.0-14-686-di | 4.19.171-2 | i386 fuse-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 i2c-modules-4.19.0-14-686-di | 4.19.171-2 | i386 i2c-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 input-modules-4.19.0-14-686-di | 4.19.171-2 | i386 input-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 isofs-modules-4.19.0-14-686-di | 4.19.171-2 | i386 isofs-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 jfs-modules-4.19.0-14-686-di | 4.19.171-2 | i386 jfs-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 kernel-image-4.19.0-14-686-di | 4.19.171-2 | i386 kernel-image-4.19.0-14-686-pae-di | 4.19.171-2 | i386 linux-image-4.19.0-14-686 | 4.19.171-2 | i386 linux-image-4.19.0-14-686-pae | 4.19.171-2 | i386 linux-image-4.19.0-14-rt-686-pae | 4.19.171-2 | i386 loop-modules-4.19.0-14-686-di | 4.19.171-2 | i386 loop-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 md-modules-4.19.0-14-686-di | 4.19.171-2 | i386 md-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 mmc-core-modules-4.19.0-14-686-di | 4.19.171-2 | i386 mmc-core-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 mmc-modules-4.19.0-14-686-di | 4.19.171-2 | i386 mmc-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 mouse-modules-4.19.0-14-686-di | 4.19.171-2 | i386 mouse-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 mtd-core-modules-4.19.0-14-686-di | 4.19.171-2 | i386 mtd-core-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 multipath-modules-4.19.0-14-686-di | 4.19.171-2 | i386 multipath-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 nbd-modules-4.19.0-14-686-di | 4.19.171-2 | i386 nbd-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 nic-modules-4.19.0-14-686-di | 4.19.171-2 | i386 nic-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 nic-pcmcia-modules-4.19.0-14-686-di | 4.19.171-2 | i386 nic-pcmcia-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 nic-shared-modules-4.19.0-14-686-di | 4.19.171-2 | i386 nic-shared-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 nic-usb-modules-4.19.0-14-686-di | 4.19.171-2 | i386 nic-usb-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 nic-wireless-modules-4.19.0-14-686-di | 4.19.171-2 | i386 nic-wireless-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 pata-modules-4.19.0-14-686-di | 4.19.171-2 | i386 pata-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 pcmcia-modules-4.19.0-14-686-di | 4.19.171-2 | i386 pcmcia-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 pcmcia-storage-modules-4.19.0-14-686-di | 4.19.171-2 | i386 pcmcia-storage-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 ppp-modules-4.19.0-14-686-di | 4.19.171-2 | i386 ppp-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 sata-modules-4.19.0-14-686-di | 4.19.171-2 | i386 sata-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 scsi-core-modules-4.19.0-14-686-di | 4.19.171-2 | i386 scsi-core-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 scsi-modules-4.19.0-14-686-di | 4.19.171-2 | i386 scsi-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 scsi-nic-modules-4.19.0-14-686-di | 4.19.171-2 | i386 scsi-nic-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 serial-modules-4.19.0-14-686-di | 4.19.171-2 | i386 serial-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 sound-modules-4.19.0-14-686-di | 4.19.171-2 | i386 sound-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 speakup-modules-4.19.0-14-686-di | 4.19.171-2 | i386 speakup-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 squashfs-modules-4.19.0-14-686-di | 4.19.171-2 | i386 squashfs-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 udf-modules-4.19.0-14-686-di | 4.19.171-2 | i386 udf-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 uinput-modules-4.19.0-14-686-di | 4.19.171-2 | i386 uinput-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 usb-modules-4.19.0-14-686-di | 4.19.171-2 | i386 usb-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 usb-serial-modules-4.19.0-14-686-di | 4.19.171-2 | i386 usb-serial-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 usb-storage-modules-4.19.0-14-686-di | 4.19.171-2 | i386 usb-storage-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 xfs-modules-4.19.0-14-686-di | 4.19.171-2 | i386 xfs-modules-4.19.0-14-686-pae-di | 4.19.171-2 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-i386) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 19 Jun 2021 08:55:26 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-14-common | 4.19.171-2 | all linux-headers-4.19.0-14-common-rt | 4.19.171-2 | all linux-support-4.19.0-14 | 4.19.171-2 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 19 Jun 2021 08:38:13 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: sogo-connector | 68.0.1-2~deb10u1 | source webext-sogo-connector | 68.0.1-2~deb10u1 | all xul-ext-sogo-connector | 68.0.1-2~deb10u1 | all Closed bugs: 989797 ------------------- Reason ------------------- RoM; incompatible with current Thunderbird versions ---------------------------------------------- ========================================================================= apt (1.8.2.3) buster; urgency=medium . * Default Acquire::AllowReleaseInfoChange::Suite to "true" (Closes: #931566) awstats (7.6+dfsg-2+deb10u1) buster; urgency=medium . * QA upload. * CVE-2020-29600: cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501. Closes: #891469 * CVE-2020-35176: in AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname (omitting the initial /etc), even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501 and CVE-2020-29600. Closes: #977190 base-files (10.3+deb10u10) buster; urgency=medium . * Change /etc/debian_version to 10.10, for Debian 10.10 point release. berusky2 (0.10-7+deb10u1) buster; urgency=medium . [ Phil Wyett ] * Add fix segfault at startup patch. - 944431-avoid-no-return-statement-in-function-returning-non-void.patch Thanks to Bernhard Übelacker <bernhardu@mailbox.org>. (Closes: #944431) bind9 (1:9.11.5.P4+dfsg-5.1+deb10u5) buster-security; urgency=high . * CVE-2021-25214: A malformed incoming IXFR transfer could trigger an assertion failure in ``named``, causing it to quit abnormally. * CVE-2021-25215: ``named`` crashed when a DNAME record placed in the ANSWER section during DNAME chasing turned out to be the final answer to a client query. * CVE-2021-25216: Compile with system provided SPNEGO * Ensure all resources are properly cleaned up when a call to gss_accept_sec_context() fails. bind9 (1:9.11.5.P4+dfsg-5.1+deb10u4) buster-security; urgency=high . * CVE-2021-25214: A malformed incoming IXFR transfer could trigger an assertion failure in ``named``, causing it to quit abnormally. * CVE-2021-25215: ``named`` crashed when a DNAME record placed in the ANSWER section during DNAME chasing turned out to be the final answer to a client query. chromium (89.0.4389.114-1~deb10u1) buster-security; urgency=medium . * New upstream security release. - CVE-2021-21159: Heap buffer overflow in TabStrip. Reported by Khalil Zhani - CVE-2021-21160: Heap buffer overflow in WebAudio. Reported by Marcin 'Icewall' Noga of Cisco Talos - CVE-2021-21161: Heap buffer overflow in TabStrip. Reported by Khalil Zhani - CVE-2021-21162: Use after free in WebRTC. Reported by Anonymous - CVE-2021-21163: Insufficient data validation in Reader Mode. Reported by Alison Huffman - CVE-2021-21165: Object lifecycle issue in audio. Reported by Alison Huffman - CVE-2021-21166: Object lifecycle issue in audio. Reported by Alison Huffman - CVE-2021-21167: Use after free in bookmarks. Reported by Leecraso and Guang Gong - CVE-2021-21168: Insufficient policy enforcement in appcache. Reported by Luan Herrera - CVE-2021-21169: Out of bounds memory access in V8. Reported by Bohan Liu and Moon Liang - CVE-2021-21170: Incorrect security UI in Loader. Reported by David Erceg - CVE-2021-21171: Incorrect security UI in TabStrip and Navigation. Reported by Irvan Kurniawan - CVE-2021-21172: Insufficient policy enforcement in File System API. Reported by Maciej Pulikowski - CVE-2021-21173: Side-channel information leakage in Network Internals. Reported by Tom Van Goethem - CVE-2021-21174: Inappropriate implementation in Referrer. Reported by Ashish Gautam Kamble - CVE-2021-21175: Inappropriate implementation in Site isolation. Reported by Jun Kokatsu - CVE-2021-21176: Inappropriate implementation in full screen mode. Reported by Luan Herrera - CVE-2021-21177: Insufficient policy enforcement in Autofill. Reported by Abdulrahman Alqabandi - CVE-2021-21178: Inappropriate implementation in Compositing. Reported by Japong - CVE-2021-21179: Use after free in Network Internals. Reported by Anonymous - CVE-2021-21180: Use after free in tab search. Reported by Abdulrahman Alqabandi - CVE-2021-21181: Side-channel information leakage in autofill. Reported by Xu Lin, Panagiotis Ilias, Jason Polakis - CVE-2021-21182: Insufficient policy enforcement in navigations. Reported by Luan Herrera - CVE-2021-21183: Inappropriate implementation in performance APIs. Reported by Takashi Yoneuchi - CVE-2021-21184: Inappropriate implementation in performance APIs. Reported by James Hartig - CVE-2021-21185: Insufficient policy enforcement in extensions. Reported by David Erceg - CVE-2021-21186: Insufficient policy enforcement in QR scanning. Reported by dhirajkumarnifty - CVE-2021-21187: Insufficient data validation in URL formatting. Reported by Kirtikumar Anandrao Ramchandani - CVE-2021-21188: Use after free in Blink. Reported by Woojin Oh - CVE-2021-21189: Insufficient policy enforcement in payments. Reported by Khalil Zhani - CVE-2021-21190: Uninitialized Use in PDFium. Reported by Zhou Aiting - CVE-2021-21191: Use after free in WebRTC. Reported by raven - CVE-2021-21192: Heap buffer overflow in tab groups. Reported by Abdulrahman Alqabandi - CVE-2021-21193: Use after free in Blink. Reported by Anonymous - CVE-2021-21194: Use after free in screen capture. Reported by Leecraso and Guang Gong - CVE-2021-21195: Use after free in V8. Reported by Liu and Liang - CVE-2021-21196: Heap buffer overflow in TabStrip. Reported by Khalil Zhani - CVE-2021-21197: Heap buffer overflow in TabStrip. Reported by Abdulrahman Alqabandi - CVE-2021-21198: Out of bounds read in IPC. Reported by Mark Brand - CVE-2021-21199: Use Use after free in Aura. Reported by Weipeng Jiang chromium (89.0.4389.90-1) unstable; urgency=medium . * New upstream security release (closes: #985271). - CVE-2021-21191: Use after free in WebRTC. Reported by raven @raid_akame - CVE-2021-21192: Heap buffer overflow in tab groups. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research - CVE-2021-21193: Use after free in Blink. Reported by Anonymous (closes: #985142) * Fix build with libvpx 1.7.0 and libicu63 (closes: #984926). * Change debian/rules to not leave debian/scripts/mk-origtargz chromium (89.0.4389.82-1) unstable; urgency=medium . * New upstream stable release (closes: #984532). - CVE-2021-21159: Heap buffer overflow in TabStrip. Reported by Khalil Zhani - CVE-2021-21160: Heap buffer overflow in WebAudio. Reported by Marcin 'Icewall' Noga of Cisco Talos - CVE-2021-21161: Heap buffer overflow in TabStrip. Reported by Khalil Zhani - CVE-2021-21162: Use after free in WebRTC. Reported by Anonymous - CVE-2021-21163: Insufficient data validation in Reader Mode. Reported by Alison Huffman, Microsoft Browser Vulnerability Research - CVE-2021-21164: Insufficient data validation in Chrome for iOS. Reported by Muneaki Nishimura nishimunea - CVE-2021-21165: Object lifecycle issue in audio. Reported by Alison Huffman, Microsoft Browser Vulnerability Research - CVE-2021-21166: Object lifecycle issue in audio. Reported by Alison Huffman, Microsoft Browser Vulnerability Research - CVE-2021-21167: Use after free in bookmarks. Reported by Leecraso and Guang Gong of 360 Alpha Lab - CVE-2021-21168: Insufficient policy enforcement in appcache. Reported by Luan Herrera @lbherrera_ - CVE-2021-21169: Out of bounds memory access in V8. Reported by Bohan Liu @P4nda20371774 and Moon Liang of Tencent Security Xuanwu Lab - CVE-2021-21170: Incorrect security UI in Loader. Reported by David Erceg - CVE-2021-21171: Incorrect security UI in TabStrip and Navigation. Reported by Irvan Kurniawan sourc7 - CVE-2021-21172: Insufficient policy enforcement in File System API. Reported by Maciej Pulikowski - CVE-2021-21173: Side-channel information leakage in Network Internals. Reported by Tom Van Goethem from imec-DistriNet, KU Leuven - CVE-2021-21174: Inappropriate implementation in Referrer. Reported by Ashish Gautam Kamble - CVE-2021-21175: Inappropriate implementation in Site isolation. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research - CVE-2021-21176: Inappropriate implementation in full screen mode. Reported by Luan Herrera @lbherrera_ - CVE-2021-21177: Insufficient policy enforcement in Autofill. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research - CVE-2021-21178: Inappropriate implementation in Compositing. Reported by Japong - CVE-2021-21179: Use after free in Network Internals. Reported by Anonymous - CVE-2021-21180: Use after free in tab search. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research - CVE-2020-27844: Heap buffer overflow in OpenJPEG. Reported by Sean Campbell at Tableau - CVE-2021-21181: Side-channel information leakage in autofill. Reported by Xu Lin (University of Illinois at Chicago), Panagiotis Ilia University of Illinois at Chicago, Jason Polakis University of Illinois at Chicago - CVE-2021-21182: Insufficient policy enforcement in navigations. Reported by Luan Herrera @lbherrera_ - CVE-2021-21183: Inappropriate implementation in performance APIs. Reported by Takashi Yoneuchi @y0n3uchy - CVE-2021-21184: Inappropriate implementation in performance APIs. Reported by James Hartig - CVE-2021-21185: Insufficient policy enforcement in extensions. Reported by David Erceg - CVE-2021-21186: Insufficient policy enforcement in QR scanning. Reported by dhirajkumarnifty - CVE-2021-21187: Insufficient data validation in URL formatting. Reported by Kirtikumar Anandrao Ramchandani - CVE-2021-21188: Use after free in Blink. Reported by Woojin Oh @pwn_expoit of STEALIEN - CVE-2021-21189: Insufficient policy enforcement in payments. Reported by Khalil Zhani - CVE-2021-21190: Uninitialized Use in PDFium. Reported by Zhou Aiting @zhouat1 of Qihoo 360 Vulcan Team chromium (88.0.4324.182-1) unstable; urgency=medium . * New upstream security release. - CVE-2021-21149: Stack overflow in Data Transfer. Reported by Ryoya Tsukasaki - CVE-2021-21150: Use after free in Downloads. Reported by Woojin Oh - CVE-2021-21151: Use after free in Payments. Reported by Khalil Zhani - CVE-2021-21152: Heap buffer overflow in Media. Reported by Anonymous - CVE-2021-21153: Stack overflow in GPU Process. Reported by Jan Ruge - CVE-2021-21154: Heap buffer overflow in Tab Strip . Reported by Abdulrahman Alqabandi - CVE-2021-21155: Heap buffer overflow in Tab Strip . Reported by Khalil Zhani - CVE-2021-21156: Heap buffer overflow in V8. Reported by Sergei Glazunov - CVE-2021-21157: Use after free in Web Sockets. Reported by Anonymous clamav (0.103.2+dfsg-0+deb10u1) buster; urgency=medium . [ Sebastian Andrzej Siewior ] * Import 0.103.2 - CVE-2021-1252 (Fix for Excel XLM parser infinite loop.) - CVE-2021-1404 (Fix for PDF parser buffer over-read; possible crash.) - CVE-2021-1405 (Fix for mail parser NULL-dereference crash.) - Fix testsuite in an IPv6 only environment (Closes: #963853). - Update symbol file. - Drop CURL_CA_BUNDLE related patch, changes applied upstream. (Closes: #986622). * Rename NEWS.Debian to NEWS. * Update lintian overrides. * Update apparmor profile for freshclam. Thanks to Michael Borgelt. (Closes: #972974) * Update apparmor profile for clamd. Thanks to Stefano Callegari. (Closes: #973619). * Remove deprecated option SafeBrowsing from debconf templates. . [ Helmut Grohne ] * Honour DEB_BUILD_OPTIONS=nocheck again. (Closes: #960843) clamav (0.103.0+dfsg-3.1) unstable; urgency=medium . * Non-maintainer upload. * debian/patches: Apply upstream patch to fix call of ck_assert_msg (Closes: #980592) clamav (0.103.0+dfsg-3) unstable; urgency=medium . * Update apparmor profile for clamd. Thanks to Stefano Callegari. (Closes: #973619). clamav (0.103.0+dfsg-2) unstable; urgency=medium . * Update apparmor profile for freshclam. Thanks to Michael Borgelt. (Closes: #972974) * Fix testsuite in an IPv6 only environment (Closes: #963853). clamav (0.103.0+dfsg-1) unstable; urgency=medium . * Import 0.103.0 - Drop CURL_CA_BUNDLE related patch, changes applied upstream. - Update symbol file. * Rename NEWS.Debian to NEWS. * Update lintian overrides. clamav (0.102.4+dfsg-1) unstable; urgency=medium . [ Helmut Grohne ] * Honour DEB_BUILD_OPTIONS=nocheck again. (Closes: #960843) . [ Scott Kitterman ] * Add Suggests for unversioned libclamunrar package on clamav-daemon and clamav binaries . [ Sebastian Andrzej Siewior ] * Import 0.102.4 - CVE-2020-3350 (A malicious user trick clamav into moving a different file). - CVE-2020-3327 (A vulnerability in the ARJ archive parsing module). - CVE-2020-3481 (A vulnerability in the EGG archive module). * Update symbol file. clevis (11-2+deb10u2) buster; urgency=medium . * Cherry-pick "Bugfix: set pcr_bank from pcr_bank not pcr_hash field". Closes: #989648 composer (1.8.4-1+deb10u1) buster-security; urgency=high . * Use debian/buster branch * Security: Fixed command injection vulnerability. Fix external process calls to avoid user input being able to pass extra parameters in HgDriver/HgDownloader and hardened other VCS drivers and downloaders (GHSA-h5h8-pc6h-jvvx) [CVE-2021-29472] connman (1.36-2.1~deb10u2) buster; urgency=medium . * Non-maintainer upload. * dnsproxy: Check the length of buffers before memcpy (CVE-2021-33833) (Closes: #989662) crmsh (4.0.0~git20190108.3d56538-3+deb10u1) buster; urgency=medium . * d/patches: include fix for CVE-2020-35459 (Closes: #985376) curl (7.64.0-4+deb10u2) buster-security; urgency=high . * Fix partial password leak over DNS on HTTP redirect as per CVE-2020-8169 (Closes: #965280) https://curl.haxx.se/docs/CVE-2020-8169.html * Fix local file overwrite as per CVE-2020-8177 (Closes: #965281) https://curl.se/docs/CVE-2020-8177.html * Fix use of wrong connect-only connection as per CVE-2020-8231 (Closes: #968831) https://curl.se/docs/CVE-2020-8231.html * Don't trust FTP PASV responses by default as per CVE-2020-8284 (Closes: #977163) * Fix FTP wildcard stack overflow as per CVE-2020-8285 (Closes: #977162) https://curl.se/docs/CVE-2020-8285.html * Make the OCSP verification verify the certificate id as per CVE-2020-8286 (Closes: #977161) https://curl.se/docs/CVE-2020-8286.html * Fix credentials leak with automatic referer as per CVE-2021-22876 https://curl.se/docs/CVE-2021-22876.html * Fix TLS 1.3 session ticket proxy host mixup as per CVE-2021-22890 https://curl.se/docs/CVE-2021-22890.html debian-installer (20190702+deb10u10) buster; urgency=medium . * Bump Linux ABI to 4.19.0-17. debian-installer-netboot-images (20190702+deb10u10) buster; urgency=medium . * Update to 20190702+deb10u10, from buster-proposed-updates. dnspython (1.16.0-1+deb10u1) buster; urgency=medium . * Team upload. * d/patches: Add fix-do-not-compare-with-expiration- if-None.patch from upstream (Closes: #986645) docker.io (18.09.1+dfsg1-7.1+deb10u3) buster-security; urgency=medium . * Backport upstream patches for: - CVE-2020-15157 - CVE-2020-15257 - CVE-2021-21284 - CVE-2021-21285 dput-ng (1.25+deb10u2) buster; urgency=medium . [ Philippe Pepiot ] * Fix a TypeError in http upload exception handling. MR: !9 . [ Mattia Rizzolo ] * Fix crash in the sftp uploader in case of EACCES from the server. Closes: #953357 * Update codenames: + Drop squeeze*, wheezy* and jessie-backports*. + Add bullseye-backports, buster-backports-sloppy. + Add bookworm, bookworm-proposed-updates, bookworm-security. . [ nicoo ] * Make `dcut dm` also accept non-uploading DDs, since they are nowadays treated the same as DMs when concerning upload permissions. Closes: #985618; MR: !16 . [ Dominic Hargreaves ] * In dak-commands files, don't try and construct uploader email from system hostname, instead skip the whole Uploader field, since it's optional anyway. Closes: #984466; MR: !15 eterm (0.9.6-5+deb10u1) buster; urgency=high . * Non-maintainer upload by the LTS team. * Add patch from rxvt-unicode to fix CVE-2021-33477. (Closes: #989041) exactimage (1.0.2-1+deb10u1) buster; urgency=medium . * debian/rules: - Add -fpermissive to fix FTBFS due to missing C++11 "constexp" * debian/patches: - Add adapt-for-nicer-per-file-_C-FLAGS-per-source-input-name.patch, added-fpermissive-where-currently-necessary.patch, if-we-can-not-easily-use-the-input-module-name-for-C-FLAS.patch, Updated-per-file-C-FLAGS-to-likely-final-delimiter.patch, Fix build with C++11 and OpenEXR 2.5.x (Closes: #968829) exim4 (4.92-8+deb10u6) buster-security; urgency=high . * Fix several security vulnerabilities reported by Qualys and add related robustness improvements. (Originally fixed in upstream release 4.94.3 and in upstream GIT branch exim-4.92.3+fixes. (Special thanks to Heiko) + CVE-2020-28025: Heap out-of-bounds read in pdkim_finish_bodyhash() + CVE-2020-28018: Use-after-free in tls-openssl.c + CVE-2020-28023: Out-of-bounds read in smtp_setup_msg() + CVE-2020-28010: Heap out-of-bounds write in main() + CVE-2020-28011: Heap buffer overflow in queue_run() + CVE-2020-28013: Heap buffer overflow in parse_fix_phrase() + CVE-2020-28017: Integer overflow in receive_add_recipient() + CVE-2020-28022: Heap out-of-bounds read and write in extract_option() + CVE-2020-28026: Line truncation and injection in spool_read_header() + CVE-2020-28015 and CVE-2020-28021: New-line injection into spool header file. + CVE-2020-28009: Integer overflow in get_stdinput() + CVE-2020-28024: Heap buffer underflow in smtp_ungetc() + CVE-2020-28012: Missing close-on-exec flag for privileged pipe + CVE-2020-28019: Failure to reset function pointer after BDAT error + CVE-2020-28007: Link attack in Exim's log directory + CVE-2020-28008: Assorted attacks in Exim's spool directory + CVE-2020-28014, CVE-2021-27216: Arbitrary PID file creation, clobbering, and deletion. fig2dev (1:3.2.7a-5+deb10u4) buster; urgency=medium . * 44_CVE-2021-3561: Fix buffer overflow color definitions. This fixes CVE-2021-3561. * Rename gitlab.yml to salsa.yml to activate pipeline again. * 45_polyline2polygon: Convert polygons having too few points to polylines. * 46_arrow-poly: Remove arrows from polygon with single point. * 47_trunc-subsuper: Allow truncated sub/superscripts in text. * 48_arrow-point: Omit arrows without points in svg output. * Rebuild testsuite during build and in autopkgtest. firefox-esr (78.11.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2021-24, also known as CVE-2021-29967. firefox-esr (78.10.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2021-15, also known as: CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23961, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946. firefox-esr (78.10.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2021-15, also known as: CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23961, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946. firefox-esr (78.9.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2021-11, also known as: CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987. firefox-esr (78.9.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2021-11, also known as: CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987. firefox-esr (78.8.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2021-08, also known as: CVE-2021-23969, CVE-2021-23968, CVE-2021-23973, CVE-2021-23978. fluidsynth (1.1.11-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport fix for use-after-free vulnerability. (CVE-2021-28421) (Closes: #987168) freediameter (1.2.1-7+deb10u1) buster; urgency=medium . * Team upload * CVE-2020-6098 (Closes: #985088) Anybody can send a specially crafted Diameter request, which triggers a memory corruption and thus results in a denial-of-service. fwupd (1.2.14-1~deb10u1) buster; urgency=medium . * Switch to newer release from upstream's stable branch * Add extra SBAT patches fwupd (1.2.13-3+deb10u3) buster; urgency=medium . * Fix generation of the vendor SBAT string - updated sbat.patch * Stop using dpkg-dev in fwupd.preinst. Instead, work out the EFIDIR variable at build time and substitute in, Closes: #986779 fwupd-amd64-signed (1.2.14+1~deb10u1) buster; urgency=medium . * Update to fwupd version 1.2.14-1~deb10u1 fwupd-amd64-signed (1.2.13+3+deb10u3) buster; urgency=medium . * Update to fwupd version 1.2.13-3+deb10u3 fwupd-arm64-signed (1.2.14+1~deb10u1) buster; urgency=medium . * Update to fwupd version 1.2.14-1~deb10u1 fwupd-arm64-signed (1.2.13+3+deb10u3) buster; urgency=medium . * Update to fwupd version 1.2.13-3+deb10u3 fwupd-armhf-signed (1.2.14+1~deb10u1) buster; urgency=medium . * Update to fwupd version 1.2.14-1~deb10u1 fwupd-armhf-signed (1.2.13+3+deb10u3) buster; urgency=medium . * Update to fwupd version 1.2.13-3+deb10u3 fwupd-i386-signed (1.2.14+1~deb10u1) buster; urgency=medium . * Update to fwupd version 1.2.14-1~deb10u1 fwupd-i386-signed (1.2.13+3+deb10u3) buster; urgency=medium . * Update to fwupd version 1.2.13-3+deb10u3 fwupdate (12-4+deb10u4) buster; urgency=medium . * Tweak SBAT support again. * Remove the previous linker warning patch, not needed now. fwupdate-amd64-signed (12+4+deb10u4) buster; urgency=medium . * Update to fwupdate version 12-4+deb10u4 fwupdate-arm64-signed (12+4+deb10u4) buster; urgency=medium . * Update to fwupdate version 12-4+deb10u4 fwupdate-armhf-signed (12+4+deb10u4) buster; urgency=medium . * Update to fwupdate version 12-4+deb10u4 fwupdate-i386-signed (12+4+deb10u4) buster; urgency=medium . * Update to fwupdate version 12-4+deb10u4 glib2.0 (2.58.3-2+deb10u3) buster; urgency=medium . * d/patches: Resolve integer overflows, including CVE-2021-27219. These backported patches resolve an integer overflow that is known to be attacker-triggerable for denial of service in polkit (policykit-1), as well as replacing other simple uses of g_memdup() with g_memdup2(). Overflows in most of these places would not be attacker-triggerable, but replacing them is simpler than assessing whether they are attacker-triggerable. The more complicated changes from 2.66.7 have not been backported, to avoid regressions in Debian 10; overflows in those locations are not believed to be attacker-triggerable. (Closes: #982778) * d/patches: Fix integer overflow CVE-2021-27218. This is not known to be exploitable in any particular program, but might be. (Closes: #982779) * d/patches: Fix a symlink attack affecting file-roller, CVE-2021-28153 (Closes: #984969) gnutls28 (3.6.7-4+deb10u7) buster; urgency=medium . * 46_handshake-reject-no_renegotiation-alert-if-handshake.patch pulled from 3.6.15: It was found by oss-fuzz that the server sending a "no_renegotiation" alert in an unexpected timing, followed by an invalid second handshake can cause a TLS 1.3 client to crash via a null-pointer dereference. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure. GNUTLS-SA-2020-09-04 CVE-2020-24659 Closes: #969547 * Pull multiple fixes designated for 3.6.15 bugfix release: + 47_rel3.6.16_01-gnutls_buffer_append_data-remove-duplicated-code.patch + 47_rel3.6.16_02-_gnutls_buffer_resize-add-option-to-use-allocation-s.patch + 47_rel3.6.16_03-key_share-avoid-use-after-free-around-realloc.patch (CVE-2021-20231) and 47_rel3.6.16_04-pre_shared_key-avoid-use-after-free-around-realloc.patch (CVE-2021-20232), both together GNUTLS-SA-2021-03-10. + 47_rel3.6.16_05-_gnutls_buffer_resize-account-for-unused-area-if-AGG.patch + 47_rel3.6.16_06-str-suppress-Wunused-function-if-AGGRESSIVE_REALLOC-.patch golang-1.11 (1.11.6-1+deb10u4) buster-security; urgency=high . * Team upload. . [ Dr. Tobias Quathamer ] * cryptobyte: fix panic due to malformed ASN.1 inputs on 32-bit archs https://github.com/golang/go/issues/36837 CVE-2020-7919 * net/http: Expect 100-continue panics in httputil.ReverseProxy https://github.com/golang/go/issues/34902 CVE-2020-15586 * encoding/binary: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs https://github.com/golang/go/issues/40618 CVE-2020-16845 . [ Shengjing Zhu ] * crypto/elliptic: incorrect operations on the P-224 curve https://github.com/golang/go/issues/43786 CVE-2021-3114 golang-github-docker-docker-credential-helpers (0.6.1-2+deb10u1) buster; urgency=medium . * Add myself to uploaders. * Adjust gbp.conf for buster. * Add upstream patch to fix CVE-2019-1020014 (Closes: #933801). graphviz (2.40.1-6+deb10u1) buster-security; urgency=high . * Fix CVE-2020-18032: out of bounds write on invalid label (closes: #988000). gst-libav1.0 (1.15.0.1+git20180723+db823502-2+deb10u1) buster-security; urgency=high . * debian/patches/0001-avcodecmap-Dont-try-converting-channel-layouts-with-more.patch: + Add upstream patch to fix stack corruption when handling files with more than 64 audio channels. gst-plugins-bad1.0 (1.14.4-1+deb10u2) buster-security; urgency=high . * debian/patches/0001-h2645parser-Catch-overflows-in-AVC-HEVC-NAL-unit-length.patch: + Catch overflows in AVC/HEVC NAL unit length calculations, which would lead to allocating infinite amounts of small memory blocks until OOM and could potentially also lead to memory corruptions. . See https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/2103 gst-plugins-base1.0 (1.14.4-2+deb10u1) buster-security; urgency=high . * debian/patches/0001-tag-id3v2-fix-frame-size-check-and-potential-invalid-reads.patch: + Add upstream patch for fixing invalid reads during ID3v2 tag parsing that can lead to application crashes. gst-plugins-good1.0 (1.14.4-1+deb10u1) buster-security; urgency=high . * debian/patches/0001-matroskademux-Initialize-track-context-out-parameter-to-NULL.patch: + Fix use-after free and stack corruption in Matroska demuxer (CVE-2021-3497) (Closes: #986910). * debian/patches/0002-matroskademux-Fix-extraction-of-multichannel-WavPack.patch: + Fix extraction of multichannel WavPack in Matroska demuxer, which caused heap corruption (CVE-2021-3498) (Closes: #986911). gst-plugins-ugly1.0 (1.14.4-1+deb10u1) buster-security; urgency=high . * debian/patches/0001-rmdemux-Make-sure-we-have-enough-data-available-when-parsing.patch: + Add upstream patch for fixing out of bounds reads in ASF demuxer that can cause application crashes. hivex (1.3.18-1+deb10u1) buster-security; urgency=medium . * Add upstream patch to fix CVE-2021-3504 (Closes: #988024) htmldoc (1.9.3-1+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Add patches from unstable to fix CVEs: CVE-2021-23158, CVE-2021-23165, CVE-2021-23180, CVE-2021-23191, CVE-2021-23206, CVE-2021-26252, CVE-2021-26259, CVE-2021-26948. htmldoc (1.9.3-1+deb10u1) buster; urgency=medium . * QA upload. * Add patch to fix a stack-based buffer overflow in the hd_strlcpy() Fixes: CVE-2019-19630 * Add patch to fix buffer-overflow caused by integer-overflow Closes: #984765 Fixes: CVE-2021-20308 hyperkitty (1.2.2-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * d/p/0005_ensure_private_archives_during_import.patch: Ensure private archives stay private during import (CVE-2021-33038). (Closes: #989183) ipmitool (1.8.18-6+deb10u1) buster; urgency=medium . * Non-maintainer upload. * CVE-2020-5208: buffer overflows and potentially to remote code execution. Applied upstream patches: - CVE-2020-5208_1_Fix_buffer_overflow_vulnerabilities.patch - CVE-2020-5208_2-fru-Fix-buffer-overflow-in-ipmi_spd_print_fru.patch - CVE-2020-5208_3-session-Fix-buffer-overflow-in-ipmi_get_session_info.patch - CVE-2020-5208_4-channel-Fix-buffer-overflow.patch - CVE-2020-5208_5_lanp-Fix-buffer-overflows-in-get_lan_param_select.patch - CVE-2020-5208_6-fru-sdr-Fix-id_string-buffer-overflows.patch (Closes: #950761). ircii (20190117-1+deb10u1) buster; urgency=medium . * QA upload. * Fix CVE-2021-29376: allows remote attackers to cause a denial of service (segmentation fault and client crash, disconnecting the victim from an IRC server) via a crafted CTCP UTC message. Closes: #986214 isc-dhcp (4.4.1-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. * A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient (CVE-2021-25217) (Closes: #989157) isync (1.3.0-2.2~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster . isync (1.3.0-2.2) unstable; urgency=medium . * Non-maintainer upload. * fix handling of unexpected APPENDUID response code (CVE-2021-3578) (Closes: #989564) . isync (1.3.0-2.1) unstable; urgency=medium . * Non-maintainer upload. . [ Ondřej Nový ] * d/watch: Use https protocol . [ Salvatore Bonaccorso ] * reject funny mailbox names from IMAP LIST/LSUB (CVE-2021-20247) (Closes: #983351) isync (1.3.0-2.1) unstable; urgency=medium . * Non-maintainer upload. . [ Ondřej Nový ] * d/watch: Use https protocol . [ Salvatore Bonaccorso ] * reject funny mailbox names from IMAP LIST/LSUB (CVE-2021-20247) (Closes: #983351) jackson-databind (2.9.8-3+deb10u3) buster; urgency=medium . * Non-maintainer upload by the LTS team. * Add patch to fix: - CVE-2020-24616: Block one more gadget type (Anteros-DBCP) - CVE-2020-24750: Block one more gadget type (com.pastdev.httpcomponents) - CVE-2020-25649: setExpandEntityReferences(false) may not prevent external entity expansion in all cases - CVE-2020-35490 and CVE-2020-35491: Block 2 more gadget types (commons-dbcp2) - CVE-2020-35728: Block one more gadget type (org.glassfish.web/javax.servlet.jsp.jstl) - CVE-2020-36179, CVE-2020-36180, CVE-2020-36181, and CVE-2020-36182: Block some more DBCP-related potential gadget classes - CVE-2020-36183: Block one more gadget type (org.docx4j.org.apache:xalan-interpretive) - CVE-2020-36184 and CVE-2020-36185: Block 2 more gadget types (org.apache.tomcat/tomcat-dbcp) - CVE-2020-36186 and CVE-2020-36187: Block 2 more gadget types (tomcat/naming-factory-dbcp) - CVE-2020-36188 and CVE-2020-36189: Block 2 more gadget types (newrelic-agent) - CVE-2021-20190: Block one more gadget type (javax.swing) klibc (2.0.6-1+deb10u1) buster; urgency=medium . [ Ben Hutchings ] * Apply security fixes from 2.0.9 (Closes: #989505): - malloc: Set errno on failure - malloc: Fail if requested size > PTRDIFF_MAX (CVE-2021-31873) - calloc: Fail if multiplication overflows (CVE-2021-31870) - cpio: Fix possible integer overflow on 32-bit systems (CVE-2021-31872) - cpio: Fix possible crash on 64-bit systems (CVE-2021-31871) . [ Thorsten Glaser ] * {set,long}jmp [s390x]: save/restore the correct FPU registers (f8‥f15 not f1/f3/f5/f7) (Closes: #943425) lasso (2.6.0-2+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix signature checking on unsigned response with multiple assertions (CVE-2021-28091) ldb (2:1.5.1+really1.4.6-3+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * lib ldb: Check if ldb_lock_backend_callback called twice (CVE-2020-10730) * ldb_dn: avoid head corruption in ldb_dn_explode (CVE-2020-27840) (Closes: #985936) * ldb/attrib_handlers casefold: stay in bounds (CVE-2021-20277) (Closes: #985935) lib3mf (1.8.1+ds-3+deb10u1) buster-security; urgency=high . * Fix use-after-free (CVE-2021-21772), backporting fix from v2.1.1 (Closes: #985092) libbusiness-us-usps-webtools-perl (1.122-1+deb10u1) buster; urgency=medium . * Update to new US-USPS API (Closes: #988330) libgcrypt20 (1.8.4-5+deb10u1) buster; urgency=medium . * 31_cipher-Fix-ElGamal-encryption-for-other-implementati.patch from upstream LIBGCRYPT-1.8-BRANCH: Fix weak ElGamal encryption with keys *not* generated by GnuPG/libgcrypt. CVE-2021-33560 libgetdata (0.10.0-5+deb10u1) buster; urgency=medium . * Team upload. * Fix CVE-2021-20204. libhibernate3-java (3.6.10.Final-9+deb10u1) buster-security; urgency=high . * Team upload. * Fix CVE-2020-25638: A flaw was found in hibernate-core. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity. libimage-exiftool-perl (11.16-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. . [ gregor herrmann ] * Add patch CVE-2021-22204.patch, taken from upstream release 12.24. The patch fixes CVE-2021-22204: Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image. Thanks to William Bowling for the bug report on Launchpad. (Closes: #987505) (LP: #1925985) libmateweather (1.20.2-1+deb10u1) buster; urgency=medium . [ Pablo Barciela ] * debian/patches: + Add 1001_adapt-to-timezone-namechange-for-America-Nuuk.patch. (Closes #959545). libwebp (0.6.1-2+deb10u1) buster-security; urgency=medium . * CVE-2018-25009 CVE-2018-25010 CVE-2018-25011 CVE-2020-36328 CVE-2018-25013 CVE-2018-25014 CVE-2020-36328 CVE-2020-36329 CVE-2020-36330 CVE-2020-36331 CVE-2020-36332 libx11 (2:1.6.7-1+deb10u2) buster-security; urgency=medium . * Reject string longer than USHRT_MAX before sending them on the wire (CVE-2021-31535) libxml2 (2.9.4+dfsg1-7+deb10u2) buster; urgency=medium . * Non-maintainer upload. * Fix out-of-bounds read with 'xmllint --htmlout' (CVE-2020-24977) (Closes: #969529) * Fix use-after-free with `xmllint --html --push` (CVE-2021-3516) (Closes: #987739) * Validate UTF8 in xmlEncodeEntities (CVE-2021-3517) (Closes: #987738) * Fix user-after-free with `xmllint --xinclude --dropdtd` (CVE-2021-3518) (Closes: #987737) * Propagate error in xmlParseElementChildrenContentDeclPriv (CVE-2021-3537) (Closes: #988123) * Patch for security issue CVE-2021-3541 (Closes: #988603) liferea (1.12.6-1+deb10u1) buster; urgency=medium . * Add patch to work with webkit2gtk >= 2.32: 34d26be00328a68d2f1625c78b54dc168da0648e.patch (Closes: #987448) linux (4.19.194-1) buster; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.182 - [arm64] KVM: nvhe: Save the SPE context early - [armhf] net: dsa: b53: Support setting learning on port https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.183 - ALSA: hda: generic: Fix the micmute led init state - Revert "PM: runtime: Update device status before letting suppliers suspend" - vmlinux.lds.h: Create section for protection against instrumentation - btrfs: fix race when cloning extent buffer during rewind of an old root (CVE-2021-28964) - btrfs: fix slab cache flags for free space tree bitmap - [armhf] ASoC: fsl_ssi: Fix TDM slot setup for I2S mode - nvmet: don't check iosqes,iocqes for discovery controllers - NFSD: Repair misuse of sv_lock in 5.10.16-rt30. - svcrdma: disable timeouts on rdma backchannel - sunrpc: fix refcount leak for rpc auth modules - scsi: lpfc: Fix some error codes in debugfs - nvme-rdma: fix possible hang when failing to set io queues - [powerpc*] Force inlining of cpu_has_feature() to avoid build failure - usb-storage: Add quirk to defeat Kindle's automatic unload - usbip: Fix incorrect double assignment to udc->ud.tcp_rx - USB: replace hardcode maximum usb string length by definition - usb: gadget: configfs: Fix KASAN use-after-free - [arm64] iio:adc:qcom-spmi-vadc: add default scale to LR_MUX2_BAT_ID channel - iio: hid-sensor-prox: Fix scale not correct issue - [powerpc*] PCI: rpadlpar: Fix potential drc_name corruption in store functions (CVE-2021-28972) - [x86] perf/x86/intel: Fix a crash caused by zero PEBS status (CVE-2021-28971) - [x86] ioapic: Ignore IRQ2 again - kernel, fs: Introduce and use set_restart_fn() and arch_set_restart_data() - [x86] Move TS_COMPAT back to asm/thread_info.h - [x86] Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall() - ext4: find old entry again if failed to rename whiteout - ext4: do not try to set xattr into ea_inode if value is empty - ext4: fix potential error in ext4_do_update_inode - genirq: Disable interrupts for force threaded handlers - [x86] apic/of: Fix CPU devicetree-node lookups - cifs: Fix preauth hash corruption https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.184 - [armhf] net: fec: ptp: avoid register access when ipg clock is disabled - [powerpc*] 4xx: Fix build errors from mfdcr() - atm: eni: dont release is never initialized - atm: lanai: dont run lanai_dev_close if not open - Revert "r8152: adjust the settings about MAC clock speed down for RTL8153" - ixgbe: Fix memleak in ixgbe_configure_clsu32 - net: tehuti: fix error return code in bdx_probe() - sun/niu: fix wrong RXMAC_BC_FRM_CNT_COUNT count - gianfar: fix jumbo packets+napi+rx overrun crash (CVE-2021-29264) - gpiolib: acpi: Add missing IRQF_ONESHOT - nfs: fix PNFS_FLEXFILE_LAYOUT Kconfig default - NFS: Correct size calculation for create reply length - [arm64] net: hisilicon: hns: fix error return code of hns_nic_clear_all_rx_fetch() - [x86] atm: uPD98402: fix incorrect allocation - atm: idt77252: fix null-ptr-dereference - u64_stats,lockdep: Fix u64_stats_init() vs lockdep - nfs: we don't support removing system.nfs4_acl - block: Suppress uevent for hidden device when removed - [arm64] netsec: restore phy power state after controller reset - [x86] platform/x86: intel-vbtn: Stop reporting SW_DOCK events - squashfs: fix inode lookup sanity checks - squashfs: fix xattr id and id lookup sanity checks - dm ioctl: fix out of bounds array access when no devices (CVE-2021-31916) - [armhf] bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD - veth: Store queue_mapping independently of XDP prog presence - libbpf: Fix INSTALL flag order - macvlan: macvlan_count_rx() needs to be aware of preemption - [armhf] net: dsa: bcm_sf2: Qualify phydev->dev_flags based on port - e1000e: add rtnl_lock() to e1000_reset_task - e1000e: Fix error handling in e1000_set_d0_lplu_state_82571 - net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template - netfilter: ctnetlink: fix dump of the expect mask attribute - can: peak_usb: add forgotten supported devices - [armhf] can: flexcan: flexcan_chip_freeze(): fix chip freeze for missing bitrate - mac80211: fix rate mask reset - net: cdc-phonet: fix data-interface release on probe failure - [arm64,armhf] net: stmmac: dwmac-sun8i: Provide TX and RX fifo sizes - [arm64] drm/msm: fix shutdown hook in case GPU components failed to bind - net/mlx5e: Fix error path for ethtool set-priv-flag - RDMA/cxgb4: Fix adapter LE hash errors while destroying ipv6 listening server - bpf: Don't do bpf_cgroup_storage_set() for kuprobe/tp programs - Revert "netfilter: x_tables: Switch synchronization to RCU" - netfilter: x_tables: Use correct memory barriers. (CVE-2021-29650) - Revert "netfilter: x_tables: Update remaining dereference to RCU" - ACPI: scan: Rearrange memory allocation in acpi_device_add() - ACPI: scan: Use unique number for instance_no - dm verity: add root hash pkcs#7 signature verification - scsi: qedi: Fix error return code of qedi_alloc_global_queues() - scsi: mpt3sas: Fix error return code of mpt3sas_base_attach() - locking/mutex: Fix non debug version of mutex_lock_io_nested() - can: dev: Move device back to init netns on owning netns delete - net: sched: validate stab values - net: qrtr: fix a kernel-infoleak in qrtr_recvmsg() (CVE-2021-29647) - mac80211: fix double free in ibss_leave - ext4: add reclaim checks to xattr code - can: peak_usb: Revert "can: peak_usb: add forgotten supported devices" - xen-blkback: don't leak persistent grants from xen_blkbk_map() (CVE-2021-28688) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.185 - selinux: vsock: Set SID for socket returned by accept() - tcp: relookup sock for RST+ACK packets handled by obsolete req sock - ipv6: weaken the v4mapped source check - ext4: fix bh ref count on error paths - rpc: fix NULL dereference on kmalloc failure - ASoC: rt5640: Fix dac- and adc- vol-tlv values being off by a factor of 10 - [x86] ASoC: rt5651: Fix dac- and adc- vol-tlv values being off by a factor of 10 - [armhf] ASoC: sgtl5000: set DAP_AVC_CTRL register to correct default value on probe - [x86] ASoC: es8316: Simplify adc_pga_gain_tlv table - vhost: Fix vhost_vq_reset() - scsi: st: Fix a use after free in st_open() - scsi: qla2xxx: Fix broken #endif placement - [x86] staging: comedi: cb_pcidas: fix request_irq() warn - [x86] staging: comedi: cb_pcidas64: fix request_irq() warn - thermal/core: Add NULL pointer check before using cooling device stats - locking/ww_mutex: Simplify use_ww_ctx & ww_ctx handling - ext4: do not iput inode under running transaction in ext4_rename() - brcmfmac: clear EAP/association status bits on linkdown events - ath10k: hold RCU lock when calling ieee80211_find_sta_by_ifaddr() - [amd64] net: ethernet: aquantia: Handle error cleanup of start on open - appletalk: Fix skb allocation size in loopback case - [x86] net: wan/lmc: unregister device when no matching device is found - bpf: Remove MTU check in __bpf_skb_max_len - ALSA: usb-audio: Apply sample rate quirk to Logitech Connect - ALSA: hda/realtek: fix a determine_headset_type issue for a Dell AIO - ALSA: hda/realtek: call alc_update_headset_mode() in hp_automute_hook - PM: runtime: Fix race getting/putting suppliers at probe - PM: runtime: Fix ordering in pm_runtime_get_suppliers() - tracing: Fix stack trace event size - mm: fix race by making init_zero_pfn() early_initcall - drm/amdgpu: fix offset calculation in amdgpu_vm_bo_clear_mappings() - drm/amdgpu: check alignment on CPU page for bo map - reiserfs: update reiserfs_xattrs_initialized() condition - [arm64,armhf] pinctrl: rockchip: fix restore error in resume - extcon: Add stubs for extcon_register_notifier_all() functions - extcon: Fix error handling in extcon_dev_register - firewire: nosy: Fix a use-after-free bug in nosy_ioctl() (CVE-2021-3483) - usbip: vhci_hcd fix shift out-of-bounds in vhci_hub_control() - USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem - [arm64,armhf] usb: musb: Fix suspend with devices connected for a64 - cdc-acm: fix BREAK rx code path adding necessary calls - USB: cdc-acm: untangle a circular dependency between callback and softint - USB: cdc-acm: downgrade message to debug - USB: cdc-acm: fix double free on probe failure - USB: cdc-acm: fix use-after-free after probe failure - [i386] usb: gadget: udc: amd5536udc_pci fix null-ptr-dereference - [arm*] usb: dwc2: Fix HPRT0.PrtSusp bit setting for HiKey 960 board. - [x86] staging: rtl8192e: Fix incorrect source in memcpy() - staging: rtl8192e: Change state information from u16 to u8 - drivers: video: fbcon: fix NULL dereference in fbcon_cursor() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.186 - [armhf] bus: ti-sysc: Fix warning on unbind if reset is not deasserted - [x86] platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2 - mISDN: fix crash in fritzpci - mac80211: choose first enabled channel for monitor - [arm64] drm/msm: Ratelimit invalid-fence message - [x86] platform/x86: thinkpad_acpi: Allow the FnLock LED to change state - scsi: target: pscsi: Clean up after failure in pscsi_map_sg() - cifs: revalidate mapping when we open files for SMB1 POSIX - cifs: Silently ignore unknown oplock break handle - [amd64] bpf, x86: Validate computation of branch displacements for x86-64 (CVE-2021-29154) - [i386] bpf, x86: Validate computation of branch displacements for x86-32 (CVE-2021-29154) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.187 - ALSA: aloop: Fix initialization of controls - [x86] ASoC: intel: atom: Stop advertising non working S24LE support - nfc: fix refcount leak in llcp_sock_bind() (CVE-2020-25670) - nfc: fix refcount leak in llcp_sock_connect() (CVE-2020-25671) - nfc: fix memory leak in llcp_sock_connect() (CVE-2020-25672) - nfc: Avoid endless loops caused by repeated llcp_sock_connect() - xen/evtchn: Change irq_info lock to raw_spinlock_t - net: ipv6: check for validity before dereferencing cfg->fc_nlinfo.nlh - ocfs2: fix deadlock between setattr and dio_end_io_write - fs: direct-io: fix missing sdio->boundary - [armhf] dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin - batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field - ice: Increase control queue timeout - net: hso: fix null-ptr-deref during tty device unregistration - net: ensure mac header is set in virtio_net_hdr_to_skb() - net: sched: sch_teql: fix null-pointer dereference - net-ipv6: bugfix - raw & sctp - switch to ipv6_can_nonlocal_bind() - usbip: add sysfs_lock to synchronize sysfs code paths - usbip: stub-dev synchronize sysfs code paths - usbip: vudc synchronize sysfs code paths - usbip: synchronize event handler with sysfs code paths - i2c: turn recovery error on init to debug - virtio_net: Add XDP meta data support - xfrm: interface: fix ipv4 pmtu check to honor ip header df - net: xfrm: Localize sequence counter per network namespace - i40e: Added Asym_Pause to supported link modes - i40e: Fix kernel oops when i40e driver removes VF's - sch_red: fix off-by-one checks in red_check_params() - cxgb4: avoid collecting SGE_QBASE regs during traffic - net:tipc: Fix a double free in tipc_sk_mcast_rcv - [armhf] ASoC: sunxi: sun4i-codec: fill ASoC card owner - clk: fix invalid usage of list cursor in register - clk: fix invalid usage of list cursor in unregister - workqueue: Move the position of debug_work_activate() in __queue_work() - [s390x] cpcmd: fix inline assembly register clobbering - net/mlx5: Fix placement of log_max_flow_counter - net/mlx5: Fix PBMC register mapping - RDMA/cxgb4: check for ipv6 address properly while destroying listener - [armhf] clk: socfpga: fix iomem pointer cast on 64-bit - net: sched: bump refcount for new action in ACT replace mode - cfg80211: remove WARN_ON() in cfg80211_sme_connect - net: tun: set tun->dev->addr_len during TUNSETLINK processing - drivers: net: fix memory leak in atusb_probe - drivers: net: fix memory leak in peak_usb_create_dev - net: mac802154: Fix general protection fault - net: ieee802154: nl-mac: fix check on panid - net: ieee802154: fix nl802154 del llsec key - net: ieee802154: fix nl802154 del llsec dev - net: ieee802154: fix nl802154 add llsec key - net: ieee802154: fix nl802154 del llsec devkey - net: ieee802154: forbid monitor for set llsec params - net: ieee802154: forbid monitor for del llsec seclevel - net: ieee802154: stop dump llsec params for monitors - Revert "cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath." (Closes: #988352) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.188 - [arm64] KVM: Hide system instruction access to Trace registers - [arm64] KVM: Disable guest access to trace filter controls - [armhf] drm/imx: imx-ldb: fix out of bounds array access warning - gfs2: report "already frozen/thawed" errors - [arm64,armhf] drm/tegra: dc: Don't set PLL clock to 0Hz - block: only update parent bi_status when bio fail - net: phy: broadcom: Only advertise EEE for supported modes - staging: m57621-mmc: delete driver from the tree. (Closes: #986949) - netfilter: x_tables: fix compat match/target pad out-of-bound write - driver core: Fix locking bug in deferred_probe_timeout_work_func() - xen/events: fix setting irq affinity https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.189 - net/sctp: fix race condition in sctp_destroy_sock - gpio: sysfs: Obey valid_mask - neighbour: Disregard DEAD dst in neigh_update - [arm64] drm/msm: Fix a5xx/a6xx timestamps - scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state - net: ieee802154: stop dump llsec keys for monitors - net: ieee802154: stop dump llsec devs for monitors - net: ieee802154: forbid monitor for add llsec dev - net: ieee802154: stop dump llsec devkeys for monitors - net: ieee802154: forbid monitor for add llsec devkey - net: ieee802154: stop dump llsec seclevels for monitors - net: ieee802154: forbid monitor for add llsec seclevel - pcnet32: Use pci_resource_len to validate PCI resource - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices - readdir: make sure to verify directory entry for legacy interfaces too - [arm64] fix inline asm in load_unaligned_zeropad() - [arm64] alternatives: Move length validation in alternative_{insn, endif} - scsi: libsas: Reset num_scatter if libata marks qc as NODATA - netfilter: conntrack: do not print icmpv6 as unknown via /proc - netfilter: nft_limit: avoid possible divide error in nft_limit_init - net: sit: Unregister catch-all devices - net: ip6_tunnel: Unregister catch-all devices - i40e: fix the panic when running bpf in xdpdrv mode - [armel,armhf] 9071/1: uprobes: Don't hook on thumb instructions - net: phy: marvell: fix detection of PHY on Topaz switches - gup: document and work around "COW can break either way" issue (CVE-2020-29374) - [x86] pinctrl: lewisburg: Update number of pins in community - locking/qrwlock: Fix ordering in queued_write_lock_slowpath() - [x86] perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3 - HID: alps: fix error return code in alps_input_configured() - HID: wacom: Assign boolean values to a bool variable - net: geneve: check skb is large enough for IPv4/IPv6 header - [s390x] entry: save the caller of psw_idle - xen-netback: Check for hotplug-status existence before watching - [x86] crash: Fix crash_setup_memmap_entries() out-of-bounds access - net: hso: fix NULL-deref on disconnect regression - USB: CDC-ACM: fix poison/unpoison imbalance https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.190 - [x86] ACPI: tables: x86: Reserve memory occupied by ACPI tables - [x86] ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade() - net: usb: ax88179_178a: initialize local variables before use - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd() - [mips*] Do not include hi and lo in clobber list for R6 - bpf: Fix masking negation logic upon negative dst register (CVE-2021-31829) - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd() - ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX - USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet - USB: Add reset-resume quirk for WD19's Realtek Hub - [x86] platform/x86: thinkpad_acpi: Correct thermal sensor allocation - ovl: allow upperdir inside lowerdir https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.191 - [s390x] disassembler: increase ebpf disasm buffer size - ftrace: Handle commands when closing set_ftrace_filter file - ecryptfs: fix kernel panic with null dev_name - [armhf] spi: spi-ti-qspi: Free DMA resources - scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() - mmc: sdhci-pci: Fix initialization of some SD cards for Intel BYT-based controllers - mmc: block: Update ext_csd.cache_ctrl if it was written - mmc: block: Issue a cache flush only when it's enabled - mmc: core: Do a power cycle when the CMD11 fails - mmc: core: Set read only for SD cards with permanent write protect bit - cifs: Return correct error code from smb2_get_enc_key - btrfs: fix metadata extent leak after failure to create subvolume - [x86] intel_th: pci: Add Rocket Lake CPU support - fbdev: zero-fill colormap in fbcmap.c - staging: wimax/i2400m: fix byte-order issue - crypto: api - check for ERR pointers in crypto_destroy_tfm() - usb: gadget: uvc: add bInterval checking for HS mode - [x86] genirq/matrix: Prevent allocation counter corruption - usb: gadget: f_uac1: validate input parameters - [arm64,armhf] usb: dwc3: gadget: Ignore EP queue requests during bus reset - usb: xhci: Fix port minor revision - PCI: PM: Do not read power state in pci_enable_device_flags() - [arm64] tee: optee: do not check memref size on return from Secure World - [arm*] perf/arm_pmu_platform: Fix error handling - xhci: check control context is valid before dereferencing it. - xhci: fix potential array out of bounds with several interrupters - [x86] intel_th: Consistency and off-by-one fix - [armhf] phy: phy-twl4030-usb: Fix possible use-after-free in twl4030_usb_remove() - btrfs: convert logic BUG_ON()'s in replace_path to ASSERT()'s - scsi: lpfc: Fix incorrect dbde assignment when building target abts wqe - scsi: lpfc: Fix pt2pt connection does not recover after LOGO - scsi: target: pscsi: Fix warning in pscsi_complete_cmd() - [x86] media: ite-cir: check for receive overflow - power: supply: bq27xxx: fix power_avg for newer ICs - media: media/saa7164: fix saa7164_encoder_register() memory leak bugs - media: gspca/sq905.c: fix uninitialized variable - drm/amdgpu : Fix asic reset regression issue introduce by 8f211fe8ac7c4f - scsi: qla2xxx: Always check the return value of qla24xx_get_isp_stats() - scsi: qla2xxx: Fix use after free in bsg - scsi: scsi_dh_alua: Remove check for ASC 24h in alua_rtpg() - media: em28xx: fix memory leak - media: vivid: update EDID - [armhf] clk: socfpga: arria10: Fix memory leak of socfpga_clk on error return - media: dvb-usb: fix memory leak in dvb_usb_adapter_init - media: gscpa/stv06xx: fix memory leak - [arm64] drm/msm/mdp5: Configure PP_SYNC_HEIGHT to double the vtotal - drm/amdgpu: fix NULL pointer dereference - scsi: lpfc: Fix crash when a REG_RPI mailbox fails triggering a LOGO response - scsi: lpfc: Remove unsupported mbox PORT_CAPABILITIES logic - scsi: libfc: Fix a format specifier - [s390x] archrandom: add parameter check for s390_arch_random_generate - [i386] ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer - ALSA: hda/conexant: Re-order CX5066 quirk table entries - [i386] ALSA: sb: Fix two use after free in snd_sb_qsound_build - ALSA: usb-audio: Explicitly set up the clock selector - ALSA: usb-audio: More constifications - ALSA: usb-audio: Add dB range mapping for Sennheiser Communications Headset PC 8 - ALSA: hda/realtek: Add quirk for Intel Clevo PCx0Dx - btrfs: fix race when picking most recent mod log operation for an old root - [arm64] vdso: Discard .note.gnu.property sections in vDSO - ubifs: Only check replay with inode type to judge if inode linked - f2fs: fix to avoid out-of-bounds memory access (CVE-2021-3506) - openvswitch: fix stack OOB read while fragmenting IPv4 packets - [arm64] ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure - NFS: Don't discard pNFS layout segments that are marked for return - NFSv4: Don't discard segments marked for return in _pnfs_return_layout() - jffs2: Fix kasan slab-out-of-bounds problem - [powerpc*] eeh: Fix EEH handling for hugepages in ioremap space. - [x86] intel_th: pci: Add Alder Lake-M support - [arm64,x86] tpm: vtpm_proxy: Avoid reading host log when using a virtual device - md/raid1: properly indicate failure when ending a failed write request - dm raid: fix inconclusive reshape layout on fast raid4/5/6 table reload sequences - security: commoncap: fix -Wstringop-overread warning - jffs2: check the validity of dstlen in jffs2_zlib_compress() - Revert 337f13046ff0 ("futex: Allow FUTEX_CLOCK_REALTIME with FUTEX_WAIT op") - posix-timers: Preserve return value in clock_adjtime32() - [arm64] vdso: remove commas between macro name and arguments - ext4: fix check to prevent false positive report of incorrect used inodes - ext4: do not set SB_ACTIVE in ext4_orphan_cleanup() - ext4: fix error code in ext4_commit_super - media: dvbdev: Fix memory leak in dvb_media_device_free() - usb: gadget: Fix double free of device descriptor pointers - usb: gadget/function/f_fs string table fix for multiple languages - [arm64,armhf] usb: dwc3: gadget: Fix START_TRANSFER link state check - [arm*] usb: dwc2: Fix session request interrupt handler - tty: fix memory leak in vc_deallocate - tracing: Map all PIDs to command lines - tracing: Restructure trace_clock_global() to never block - dm space map common: fix division bug in sm_ll_find_free_block() - dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails - modules: mark ref_module static - modules: mark find_symbol static - modules: mark each_symbol_section static - modules: unexport __module_text_address - modules: unexport __module_address - modules: rename the licence field in struct symsearch to license - modules: return licensing information from find_symbol - modules: inherit TAINT_PROPRIETARY_MODULE - Bluetooth: verify AMP hci_chan before amp_destroy (CVE-2021-33034) - bluetooth: eliminate the potential race condition when removing the HCI controller (CVE-2021-32399) - net/nfc: fix use-after-free llcp_sock_bind/connect (CVE-2021-23134) - FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR - misc: lis3lv02d: Fix false-positive WARN on various HP models - [x86] misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct - [x86] misc: vmw_vmci: explicitly initialize vmci_datagram payload - md/bitmap: wait for external bitmap writes to complete during tear down - md-cluster: fix use-after-free issue when removing rdev - md: split mddev_find - md: factor out a mddev_find_locked helper from mddev_find - md: md_open returns -EBUSY when entering racing area - md: Fix missing unused status line of /proc/mdstat - ipw2x00: potential buffer overflow in libipw_wx_set_encodeext() - cfg80211: scan: drop entry from hidden_list on overflow - drm/radeon: fix copy of uninitialized variable back to userspace - ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries - ALSA: hda/realtek: Re-order ALC882 Sony quirk table entries - ALSA: hda/realtek: Re-order ALC882 Clevo quirk table entries - ALSA: hda/realtek: Re-order ALC269 HP quirk table entries - ALSA: hda/realtek: Re-order ALC269 Dell quirk table entries - ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries - ALSA: hda/realtek: Re-order ALC269 Lenovo quirk table entries - ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill devices - [x86] cpu: Initialize MSR_TSC_AUX if RDTSCP *or* RDPID is supported - [s390x] KVM: split kvm_s390_logical_to_effective - [s390x] KVM: fix guarded storage control register handling - [s390x] KVM: split kvm_s390_real_to_abs - ovl: fix missing revert_creds() on error path - [x86] usb: gadget: pch_udc: Revert d3cb25a12138 completely - [armhf] memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] - [armhf] dts: exynos: correct PMIC interrupt trigger level on SMDK5250 - regmap: set debugfs_name to NULL after it is freed - mtd: Handle possible -EPROBE_DEFER from parse_mtd_partitions() - [x86] microcode: Check for offline CPUs before requesting new microcode - [x86] usb: gadget: pch_udc: Replace cpu_to_le32() by lower_32_bits() - [x86] usb: gadget: pch_udc: Check if driver is present before calling ->setup() - [x86] usb: gadget: pch_udc: Check for DMA mapping error - [x86] crypto: qat - don't release uninitialized resources - [x86] crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init - mtd: require write permissions for locking and badblock ioctls - [arm64] bus: qcom: Put child node before return - [x86] crypto: qat - fix error path in adf_isr_resource_alloc() - [armhf] mtd: rawnand: gpmi: Fix a double free in gpmi_nand_init - [arm64,armhf] irqchip/gic-v3: Fix OF_BAD_ADDR error handling - [x86] staging: rtl8192u: Fix potential infinite loop - spi: Fix use-after-free with devm_spi_alloc_* - [arm64] soc: qcom: mdt_loader: Validate that p_filesz < p_memsz - [arm64] soc: qcom: mdt_loader: Detect truncated read of segments - [amd64,arm64] ACPI: CPPC: Replace cppc_attr with kobj_attribute - [x86] crypto: qat - Fix a double free in adf_create_ring - [arm64] cpufreq: armada-37xx: Fix setting TBG parent for load levels - [arm64] clk: mvebu: armada-37xx-periph: remove .set_parent method for CPU PM clock - [arm64] cpufreq: armada-37xx: Fix the AVS value for load L1 - [arm64] clk: mvebu: armada-37xx-periph: Fix switching CPU freq from 250 Mhz to 1 GHz - [arm64] clk: mvebu: armada-37xx-periph: Fix workaround for switching from L1 to L0 - [arm64] cpufreq: armada-37xx: Fix driver cleanup when registration failed - [arm64] cpufreq: armada-37xx: Fix determining base CPU frequency - USB: cdc-acm: fix unprivileged TIOCCSERIAL - tty: actually undefine superseded ASYNC flags - tty: fix return value for unsupported ioctls - usbip: vudc: fix missing unlock on error in usbip_sockfd_store() - [x86] platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards with critclk_systems DMI table - [x86] Drivers: hv: vmbus: Increase wait time for VMbus unload - [arm*] usb: dwc2: Fix host mode hibernation exit with remote wakeup flow. - [arm*] usb: dwc2: Fix hibernation between host and device modes. - ttyprintk: Add TTY hangup callback. - media: vivid: fix assignment of dev->fbuf_out_flags - media: m88rs6000t: avoid potential out-of-bounds reads on arrays - [x86] kprobes: Fix to check non boostable prefixes correctly - sata_mv: add IRQ checks - ata: libahci_platform: fix IRQ check - nvme: retrigger ANA log update if group descriptor isn't found - [arm64] clk: qcom: a53-pll: Add missing MODULE_DEVICE_TABLE - [powerpc*] scsi: ibmvfc: Fix invalid state machine BUG_ON() - [armhf] HSI: core: fix resource leaks in hsi_add_client_from_dt() - [amd64] x86/events/amd/iommu: Fix sysfs type mismatch - sched/debug: Fix cgroup_path[] serialization - drivers/block/null_blk/main: Fix a double free in null_init. - HID: plantronics: Workaround for double volume key presses - [powerpc*] prom: Mark identical_pvr_fixup as __init - ALSA: core: remove redundant spin_lock pair in snd_card_disconnect - bug: Remove redundant condition check in report_bug - nfc: pn533: prevent potential memory corruption - [arm64] net: hns3: Limiting the scope of vector_ring_chain variable - ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls - [powerpc*] 64s: Fix pte update for kernel memory on radix - [powerpc*] perf: Fix PMU constraint check for EBB events - mac80211: bail out if cipher schemes are invalid - mt7601u: fix always true expression - [amd64] IB/hfi1: Fix error return code in parse_platform_config() - [arm64] net: thunderx: Fix unintentional sign extension issue - RDMA/srpt: Fix error return code in srpt_cm_req_recv() - [mips*] pci-legacy: stop using of_pci_range_to_resource - [powerpc*] pseries: extract host bridge from pci_bus prior to bus removal - rtlwifi: 8821ae: upgrade PHY and RF parameters - mwl8k: Fix a double Free in mwl8k_probe_hw - [x86] vsock/vmci: log once the failed queue pair allocation - RDMA/i40iw: Fix error unwinding when i40iw_hmc_sd_one fails - ALSA: usb: midi: don't return -ENOMEM when usb_urb_ep_type_check fails - [armhf] net: davinci_emac: Fix incorrect masking of tx and rx error channel - ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices - ath10k: Fix ath10k_wmi_tlv_op_pull_peer_stats_info() unlock without lock - bnxt_en: fix ternary sign extension bug in bnxt_show_temp() - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb - [arm64] net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send - net:nfc:digital: Fix a double free in digital_tg_recv_dep_req - mm/sparse: add the missing sparse_buffer_fini() in error branch - mm/memory-failure: unnecessary amount of unmapping - net: Only allow init netns to set default tcp cong to a restricted algo - smp: Fix smp_call_function_single_async prototype - Revert "net/sctp: fix race condition in sctp_destroy_sock" - sctp: delay auto_asconf init until binding the first addr (CVE-2021-23133) - Revert "of/fdt: Make sure no-map does not remove already reserved regions" - Revert "fdt: Properly handle "no-map" field in the memory region" - [arm64,x86] tpm: fix error return code in tpm2_get_cc_attrs_tbl() - fs: dlm: fix debugfs dump - tipc: convert dest node's address to network order - [x86] ASoC: Intel: bytcr_rt5640: Enable jack-detect support on Asus T100TAF - [arm64] net: stmmac: Set FIFO sizes for ipq806x - i2c: bail out early when RDWR parameters are wrong - ALSA: hdsp: don't disable if not enabled - ALSA: hdspm: don't disable if not enabled - ALSA: rme9652: don't disable if not enabled - Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default - Bluetooth: initialize skb_queue_head at l2cap_chan_create() - net: bridge: when suppression is enabled exclude RARP packets - Bluetooth: check for zapped sk before connecting - ip6_vti: proper dev_{hold|put} in ndo_[un]init methods - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Chuwi Hi8 tablet - i2c: Add I2C_AQ_NO_REP_START adapter quirk - mac80211: clear the beacon's CRC after channel switch - [armhf] pinctrl: samsung: use 'int' for register masks in Exynos - cuse: prevent clone - sctp: Fix out-of-bounds warning in sctp_process_asconf_param() - [powerpc*] smp: Set numa node before updating mask - [x86] ASoC: rt286: Generalize support for ALC3263 codec - ethtool: ioctl: Fix out-of-bounds warning in store_link_ksettings_for_user() - [powerpc*] pseries: Stop calling printk in rtas_stop_self() - [x86] wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt - [x86] wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join - [powerpc*] iommu: Annotate nested lock for lockdep - [x86] ASoC: rt286: Make RT286_SET_GPIO_* readable and writable - f2fs: fix a redundant call to f2fs_balance_fs if an error occurs - PCI: Release OF node in pci_scan_device()'s error path - [armel,armhf] 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook - [arm64] rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data() - NFSv4.2: Always flush out writes in nfs42_proc_fallocate() - NFS: Deal correctly with attribute generation counter overflow - pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() - NFSv4.2 fix handling of sr_eof in SEEK's reply - rtc: ds1307: Fix wday settings for rx8130 - [arm64] net: hns3: disable phy loopback setting in hclge_mac_start_phy - sctp: do asoc update earlier in sctp_sf_do_dupcook_a - ethernet:enic: Fix a use after free bug in enic_hard_start_xmit - sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b - netfilter: xt_SECMARK: add new revision to fix structure layout - drm/radeon: Fix off-by-one power_state index heap overwrite - drm/radeon: Avoid power table parsing memory leaks - khugepaged: fix wrong result value for trace_mm_collapse_huge_page_isolate() - mm/hugeltb: handle the error case in hugetlb_fix_reserve_counts() - ksm: fix potential missing rmap_item for stable_node - net: fix nla_strcmp to handle more then one trailing null character - smc: disallow TCP_ULP in smc_setsockopt() - netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check - sched/fair: Fix unfairness caused by missing load decay - [amd64] kernel: kexec_file: fix error return code of kexec_calculate_store_digests() - netfilter: nftables: avoid overflows in nft_hash_buckets() - i40e: Fix use-after-free in i40e_client_subtask() - [powerpc*] 64s: Fix crashes when toggling stf barrier - [powerpc*] 64s: Fix crashes when toggling entry flush barrier - hfsplus: prevent corruption in shrinking truncate - squashfs: fix divide error in calculate_skip() - userfaultfd: release page in error path to avoid BUG_ON - drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors are connected - [arm64,x86] ACPI: scan: Fix a memory leak in an error handling path - blk-mq: Swap two calls in blk_mq_exit_queue() - [armhf] usb: dwc3: omap: improve extcon initialization - [arm64] usb: dwc3: pci: Enable usb2-gadget-lpm-disable for Intel Merrifield - [arm*] usb: dwc2: Fix gadget DMA unmap direction - usb: core: hub: fix race condition about TRSMRCY of resume - [arm64,armhf] usb: dwc3: gadget: Return success always for kick transfer in ep queue - xhci: Do not use GFP_KERNEL in (potentially) atomic context - xhci: Add reset resume quirk for AMD xhci controller. - [x86] iio: tsl2583: Fix division by a zero lux_val - cdc-wdm: untangle a circular dependency between callback and softint - [x86] KVM: Cancel pvclock_gtod_work on module removal - thermal/core/fair share: Lock the thermal zone while looping over instances - kobject_uevent: remove warning in init_uevent_argv() - netfilter: conntrack: Make global sysctls readonly in non-init netns - nvme: do not try to reconfigure APST when the controller is not live - [x86] msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes - usb: sl811-hcd: improve misleading indentation - cxgb4: Fix the -Wmisleading-indentation warning - isdn: capi: fix mismatched prototypes - [arm64] PCI: thunder: Fix compile testing - [armel,armhf] 9066/1: ftrace: pause/unpause function graph tracer in cpu_suspend() - [arm64,x86] ACPI / hotplug / PCI: Fix reference count leak in enable_slot() - [arm64] Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated devices - [armel,armhf] 9075/1: kernel: Fix interrupted SMC calls - ceph: fix fscache invalidation - scsi: target: tcmu: Return from tcmu_handle_completions() if cmd_id not found - [arm64,x86] gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055 - ALSA: hda: generic: change the DAC ctl name for LO+SPK or LO+HP - block: reexpand iov_iter after read/write - [arm64,armhf] net: stmmac: Do not enable RX FIFO overflow interrupts - ip6_gre: proper dev_{hold|put} in ndo_[un]init methods - sit: proper dev_{hold|put} in ndo_[un]init methods - ip6_tunnel: sit: proper dev_{hold|put} in ndo_[un]init methods - ipv6: remove extra dev_hold() for fallback tunnels - iomap: fix sub-page uptodate handling - [arm64] KVM: Initialize VCPU mdcr_el2 before loading it - tweewide: Fix most Shebang lines - scripts: switch explicitly to Python 3 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.192 - RDMA/rxe: Clear all QP fields if creation failed - scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword() - RDMA/mlx5: Recover from fatal event in dual port mode - [x86] platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios - ptrace: make ptrace() fail if the tracee changed its pid unexpectedly - nvmet: seset ns->file when open fails - locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal - cifs: fix memory leak in smb2_copychunk_range - ALSA: dice: fix stream format for TC Electronic Konnekt Live at high sampling transfer frequency - ALSA: line6: Fix racy initialization of LINE6 MIDI - ALSA: dice: fix stream format at middle sampling rate for Alesis iO 26 - ALSA: usb-audio: Validate MS endpoint descriptors - ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro - [i386] Revert "ALSA: sb8: add a check for request_region" - ALSA: hda/realtek: reset eapd coeff to default value for alc287 - ALSA: hda/realtek: Add some CLOVE SSIDs of ALC293 - [arm64] Revert "serial: mvebu-uart: Fix to avoid a potential NULL pointer dereference" - [x86] xen-pciback: reconfigure also from backend watch handler - dm snapshot: fix crash with transient storage and zero chunk size - [x86] Revert "video: hgafb: fix potential NULL pointer dereference" - [arm64,armhf] Revert "net: stmicro: fix a missing check of clk_prepare" - [armhf] Revert "leds: lp5523: fix a missing check of return value of lp55xx_read" - Revert "hwmon: (lm80) fix a missing check of bus read in lm80 probe" - Revert "ecryptfs: replace BUG_ON with error handling code" - Revert "rtlwifi: fix a potential NULL pointer dereference" - Revert "qlcnic: Avoid potential NULL pointer dereference" - Revert "niu: fix missing checks of niu_pci_eeprom_read" - ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read() - [arm64,armhf] net: stmicro: handle clk_prepare() failure during init - net: rtlwifi: properly check for alloc_workqueue() failure - [armhf] leds: lp5523: check return value of lp5xx_read and jump to cleanup code - qlcnic: Add null check after calling netdev_alloc_skb - [x86] video: hgafb: fix potential NULL pointer dereference - vgacon: Record video mode changes with VT_RESIZEX - vt: Fix character height handling with VT_RESIZEX - tty: vt: always invoke vc->vc_sw->con_resize callback - [x86] video: hgafb: correctly handle card detect failure during probe - Bluetooth: SMP: Fail if remote and local public keys are identical (CVE-2020-26558, CVE-2021-0129) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.193 - mm, vmstat: drop zone->lock in /proc/pagetypeinfo - [arm64,armhf] usb: dwc3: gadget: Enable suspend events - NFC: nci: fix memory leak in nci_allocate_device - cifs: set server->cipher_type to AES-128-CCM for SMB3.0 - NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() - [amd64] iommu/vt-d: Fix sysfs leak in alloc_iommu() - proc: Check /proc/$pid/attr/ writes against file opener - net: hso: fix control-request directions - mac80211: assure all fragments are encrypted (CVE-2020-26147) - mac80211: prevent mixed key and fragment cache attacks (CVE-2020-24586, CVE-2020-24587) - mac80211: properly handle A-MSDUs that start with an RFC 1042 header - cfg80211: mitigate A-MSDU aggregation attacks (CVE-2020-24588) - mac80211: drop A-MSDUs on old ciphers (CVE-2020-24588) - mac80211: add fragment cache to sta_info - mac80211: check defrag PN against current frame - mac80211: prevent attacks on TKIP/WEP as well - mac80211: do not accept/forward invalid EAPOL frames (CVE-2020-26139) - mac80211: extend protection against mixed key and fragment cache attacks (CVE-2020-24586, CVE-2020-24587) - ath10k: Validate first subframe of A-MSDU before processing the list - dm snapshot: properly fix a crash when an origin has no snapshots - misc/uss720: fix memory leak in uss720_probe - [x86] thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue - [x86] mei: request autosuspend after sending rx flow control - USB: trancevibrator: fix control-request direction - USB: usbfs: Don't WARN about excessively large memory allocations - serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' - USB: serial: ti_usb_3410_5052: add startech.com device id - USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011 - USB: serial: ftdi_sio: add IDs for IDS GmbH Products - USB: serial: pl2303: add device id for ADLINK ND-6530 GC - [arm64,armhf] usb: dwc3: gadget: Properly track pending and queued SG - net: usb: fix memory leak in smsc75xx_bind - bpf: extend is_branch_taken to registers - bpf: Test_verifier, bpf_get_stack return value add <0 - bpf, test_verifier: switch bpf_get_stack's 0 s> r8 test - bpf: Move off_reg into sanitize_ptr_alu (CVE-2021-29155) - bpf: Ensure off_reg has no mixed signed bounds for all types (CVE-2021-29155) - bpf: Rework ptr_limit into alu_limit and add common error path (CVE-2021-29155) - bpf: Improve verifier error messages for users (CVE-2021-29155) - bpf: Refactor and streamline bounds check into helper (CVE-2021-29155) - bpf: Move sanitize_val_alu out of op switch (CVE-2021-29155) - bpf: Tighten speculative pointer arithmetic mask (CVE-2021-29155) - bpf: Update selftests to reflect new error states - bpf: Fix leakage of uninitialized bpf stack under speculation (CVE-2021-31829) - bpf: Wrap aux data inside bpf_sanitize_info container - bpf: Fix mask direction swap upon off reg sign change - bpf: No need to simulate speculative domain for immediates - [armhf] spi: gpio: Don't leak SPI master in probe error path - Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails - NFS: fix an incorrect limit in filelayout_decode_layout() - NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce() - NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config - [arm64] drm/meson: fix shutdown crash when component not probed - net/mlx4: Fix EEPROM dump support - Revert "net:tipc: Fix a double free in tipc_sk_mcast_rcv" - tipc: skb_linearize the head skb when reassembling msgs - [arm64,armhf] net: dsa: fix a crash if ->get_sset_count() fails - [armhf] i2c: s3c2410: fix possible NULL pointer deref on read message after write - [x86] i2c: i801: Don't generate an interrupt on bus reset - [x86] platform/x86: hp_accel: Avoid invoking _INI to speed up resume - [x86] net: fujitsu: fix potential null-ptr-deref - [x86] char: hpet: add checks after calling ioremap - isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io - [arm64] dmaengine: qcom_hidma: comment platform_driver_register call - libertas: register sysfs groups properly - media: dvb: Add check on sp8870_readreg return - media: gspca: properly check for errors in po1030_probe() - [x86] scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic - btrfs: do not BUG_ON in link_to_fixup_dir - [x86] platform/x86: hp-wireless: add AMD's hardware id to the supported list - SMB3: incorrect file id in requests compounded with open - drm/amd/amdgpu: fix refcount leak - drm/amdgpu: Fix a use-after-free - [arm64,armhf] net: dsa: fix error code getting shifted with 4 in dsa_slave_get_sset_count - [armhf] net: fec: fix the potential memory leak in fec_enet_init() - [arm64] net: mdio: thunder: Fix a double free issue in the .remove function - [mips*] net: mdio: octeon: Fix some double free issues - openvswitch: meter: fix race when getting now_ms. - net: bnx2: Fix error return code in bnx2_init_board() - mld: fix panic in mld_newpack() - bpf: Set mac_len in bpf_skb_change_head - ixgbe: fix large MTU request from VF - scsi: libsas: Use _safe() loop in sas_resume_port() - ipv6: record frag_max_size in atomic fragments in input path - sch_dsmark: fix a NULL deref in qdisc_reset() - hugetlbfs: hugetlb_fault_mutex_hash() cleanup - drivers/net/ethernet: clean up unused assignments - [arm64] net: hns3: check the return of skb_checksum_help() - usb: core: reduce power-on-good delay time of root hub https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.194 - net: usb: cdc_ncm: don't spew notifications (Closes: #989451) - ALSA: usb: update old-style static const declaration - nl80211: validate key indexes for cfg80211_registered_device - efi: Allow EFI_MEMORY_XP and EFI_MEMORY_RO both to be cleared - [arm64,x86] efi: cper: fix snprintf() use in cper_dimm_err_location() - vfio/pci: Fix error return code in vfio_ecap_init() - ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service - HID: pidff: fix error return code in hid_pidff_init() - [arm64,x86] HID: i2c-hid: fix format string mismatch - netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches - ieee802154: fix error return code in ieee802154_add_iface() - ieee802154: fix error return code in ieee802154_llsec_getparams() - ixgbevf: add correct exception tracing for XDP - tipc: add extack messages for bearer/media failure - tipc: fix unique bearer names sanity check - Bluetooth: fix the erroneous flush_work() order (CVE-2021-3564) - Bluetooth: use correct lock to prevent UAF of hdev object (CVE-2021-3573) - HID: multitouch: require Finger field to mark Win8 reports as MT - ALSA: timer: Fix master timer notification - ALSA: hda: Fix for mute key LED for HP Pavilion 15-CK0xx - ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed - [arm*] usb: dwc2: Fix build in periphal-only mode - pid: take a reference when initializing `cad_pid` - ocfs2: fix data corruption by fallocate - nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect (CVE-2021-3587) - [x86] apic: Mark _all_ legacy interrupts when IO/APIC is missing - btrfs: mark ordered extent and inode with error if we fail to finish - btrfs: fix error handling in btrfs_del_csums - btrfs: return errors from btrfs_del_csums in cleanup_ref_head - btrfs: fixup error handling in fixup_inode_link_counts - mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY - bpf: Add BPF_F_ANY_ALIGNMENT. - bnxt_en: Remove the setting of dev_port. - perf/cgroups: Don't rotate events for cgroups unnecessarily - perf/core: Fix corner case in perf_rotate_context() - btrfs: fix unmountable seed device after fstrim - [x86] KVM: SVM: Truncate GPR value for DR and CR accesses in !64-bit mode - [arm64] KVM: Fix debug register indexing - [arm64,x86] ACPI: probe ECDT before loading AML tables regardless of module-level code flag - [arm64,x86] ACPI: EC: Look for ECDT EC after calling acpi_load_tables() - sched/fair: Optimize select_idle_cpu - [x86] xen-pciback: redo VF placement in the virtual topology . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.182-rt74 * [rt] Add new signing key for Clark Williams * [rt] Update to 4.19.184-rt75 * Bump ABI to 17 * [rt] Refresh "workqueue: Use normal rcu" * [rt] Refresh "workqueue: Use local irq lock instead of irq disable" * [rt] Refresh "workqueue: rework" * [rt] Update to 4.19.188-rt77 * [rt] Update to 4.19.190-rt79 * [rt] Refresh "ptrace: fix ptrace vs tasklist_lock race" * [rt] Update to 4.19.193-rt81 * [rt] Refresh "kernel: sched: Provide a pointer to the valid CPU mask" linux-latest (105+deb10u12) buster; urgency=medium . * Update to 4.19.0-17 linux-signed-amd64 (4.19.194+1) buster; urgency=medium . * Sign kernel from linux 4.19.194-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.182 - [arm64] KVM: nvhe: Save the SPE context early - [armhf] net: dsa: b53: Support setting learning on port https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.183 - ALSA: hda: generic: Fix the micmute led init state - Revert "PM: runtime: Update device status before letting suppliers suspend" - vmlinux.lds.h: Create section for protection against instrumentation - btrfs: fix race when cloning extent buffer during rewind of an old root (CVE-2021-28964) - btrfs: fix slab cache flags for free space tree bitmap - [armhf] ASoC: fsl_ssi: Fix TDM slot setup for I2S mode - nvmet: don't check iosqes,iocqes for discovery controllers - NFSD: Repair misuse of sv_lock in 5.10.16-rt30. - svcrdma: disable timeouts on rdma backchannel - sunrpc: fix refcount leak for rpc auth modules - scsi: lpfc: Fix some error codes in debugfs - nvme-rdma: fix possible hang when failing to set io queues - [powerpc*] Force inlining of cpu_has_feature() to avoid build failure - usb-storage: Add quirk to defeat Kindle's automatic unload - usbip: Fix incorrect double assignment to udc->ud.tcp_rx - USB: replace hardcode maximum usb string length by definition - usb: gadget: configfs: Fix KASAN use-after-free - [arm64] iio:adc:qcom-spmi-vadc: add default scale to LR_MUX2_BAT_ID channel - iio: hid-sensor-prox: Fix scale not correct issue - [powerpc*] PCI: rpadlpar: Fix potential drc_name corruption in store functions (CVE-2021-28972) - [x86] perf/x86/intel: Fix a crash caused by zero PEBS status (CVE-2021-28971) - [x86] ioapic: Ignore IRQ2 again - kernel, fs: Introduce and use set_restart_fn() and arch_set_restart_data() - [x86] Move TS_COMPAT back to asm/thread_info.h - [x86] Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall() - ext4: find old entry again if failed to rename whiteout - ext4: do not try to set xattr into ea_inode if value is empty - ext4: fix potential error in ext4_do_update_inode - genirq: Disable interrupts for force threaded handlers - [x86] apic/of: Fix CPU devicetree-node lookups - cifs: Fix preauth hash corruption https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.184 - [armhf] net: fec: ptp: avoid register access when ipg clock is disabled - [powerpc*] 4xx: Fix build errors from mfdcr() - atm: eni: dont release is never initialized - atm: lanai: dont run lanai_dev_close if not open - Revert "r8152: adjust the settings about MAC clock speed down for RTL8153" - ixgbe: Fix memleak in ixgbe_configure_clsu32 - net: tehuti: fix error return code in bdx_probe() - sun/niu: fix wrong RXMAC_BC_FRM_CNT_COUNT count - gianfar: fix jumbo packets+napi+rx overrun crash (CVE-2021-29264) - gpiolib: acpi: Add missing IRQF_ONESHOT - nfs: fix PNFS_FLEXFILE_LAYOUT Kconfig default - NFS: Correct size calculation for create reply length - [arm64] net: hisilicon: hns: fix error return code of hns_nic_clear_all_rx_fetch() - [x86] atm: uPD98402: fix incorrect allocation - atm: idt77252: fix null-ptr-dereference - u64_stats,lockdep: Fix u64_stats_init() vs lockdep - nfs: we don't support removing system.nfs4_acl - block: Suppress uevent for hidden device when removed - [arm64] netsec: restore phy power state after controller reset - [x86] platform/x86: intel-vbtn: Stop reporting SW_DOCK events - squashfs: fix inode lookup sanity checks - squashfs: fix xattr id and id lookup sanity checks - dm ioctl: fix out of bounds array access when no devices (CVE-2021-31916) - [armhf] bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD - veth: Store queue_mapping independently of XDP prog presence - libbpf: Fix INSTALL flag order - macvlan: macvlan_count_rx() needs to be aware of preemption - [armhf] net: dsa: bcm_sf2: Qualify phydev->dev_flags based on port - e1000e: add rtnl_lock() to e1000_reset_task - e1000e: Fix error handling in e1000_set_d0_lplu_state_82571 - net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template - netfilter: ctnetlink: fix dump of the expect mask attribute - can: peak_usb: add forgotten supported devices - [armhf] can: flexcan: flexcan_chip_freeze(): fix chip freeze for missing bitrate - mac80211: fix rate mask reset - net: cdc-phonet: fix data-interface release on probe failure - [arm64,armhf] net: stmmac: dwmac-sun8i: Provide TX and RX fifo sizes - [arm64] drm/msm: fix shutdown hook in case GPU components failed to bind - net/mlx5e: Fix error path for ethtool set-priv-flag - RDMA/cxgb4: Fix adapter LE hash errors while destroying ipv6 listening server - bpf: Don't do bpf_cgroup_storage_set() for kuprobe/tp programs - Revert "netfilter: x_tables: Switch synchronization to RCU" - netfilter: x_tables: Use correct memory barriers. (CVE-2021-29650) - Revert "netfilter: x_tables: Update remaining dereference to RCU" - ACPI: scan: Rearrange memory allocation in acpi_device_add() - ACPI: scan: Use unique number for instance_no - dm verity: add root hash pkcs#7 signature verification - scsi: qedi: Fix error return code of qedi_alloc_global_queues() - scsi: mpt3sas: Fix error return code of mpt3sas_base_attach() - locking/mutex: Fix non debug version of mutex_lock_io_nested() - can: dev: Move device back to init netns on owning netns delete - net: sched: validate stab values - net: qrtr: fix a kernel-infoleak in qrtr_recvmsg() (CVE-2021-29647) - mac80211: fix double free in ibss_leave - ext4: add reclaim checks to xattr code - can: peak_usb: Revert "can: peak_usb: add forgotten supported devices" - xen-blkback: don't leak persistent grants from xen_blkbk_map() (CVE-2021-28688) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.185 - selinux: vsock: Set SID for socket returned by accept() - tcp: relookup sock for RST+ACK packets handled by obsolete req sock - ipv6: weaken the v4mapped source check - ext4: fix bh ref count on error paths - rpc: fix NULL dereference on kmalloc failure - ASoC: rt5640: Fix dac- and adc- vol-tlv values being off by a factor of 10 - [x86] ASoC: rt5651: Fix dac- and adc- vol-tlv values being off by a factor of 10 - [armhf] ASoC: sgtl5000: set DAP_AVC_CTRL register to correct default value on probe - [x86] ASoC: es8316: Simplify adc_pga_gain_tlv table - vhost: Fix vhost_vq_reset() - scsi: st: Fix a use after free in st_open() - scsi: qla2xxx: Fix broken #endif placement - [x86] staging: comedi: cb_pcidas: fix request_irq() warn - [x86] staging: comedi: cb_pcidas64: fix request_irq() warn - thermal/core: Add NULL pointer check before using cooling device stats - locking/ww_mutex: Simplify use_ww_ctx & ww_ctx handling - ext4: do not iput inode under running transaction in ext4_rename() - brcmfmac: clear EAP/association status bits on linkdown events - ath10k: hold RCU lock when calling ieee80211_find_sta_by_ifaddr() - [amd64] net: ethernet: aquantia: Handle error cleanup of start on open - appletalk: Fix skb allocation size in loopback case - [x86] net: wan/lmc: unregister device when no matching device is found - bpf: Remove MTU check in __bpf_skb_max_len - ALSA: usb-audio: Apply sample rate quirk to Logitech Connect - ALSA: hda/realtek: fix a determine_headset_type issue for a Dell AIO - ALSA: hda/realtek: call alc_update_headset_mode() in hp_automute_hook - PM: runtime: Fix race getting/putting suppliers at probe - PM: runtime: Fix ordering in pm_runtime_get_suppliers() - tracing: Fix stack trace event size - mm: fix race by making init_zero_pfn() early_initcall - drm/amdgpu: fix offset calculation in amdgpu_vm_bo_clear_mappings() - drm/amdgpu: check alignment on CPU page for bo map - reiserfs: update reiserfs_xattrs_initialized() condition - [arm64,armhf] pinctrl: rockchip: fix restore error in resume - extcon: Add stubs for extcon_register_notifier_all() functions - extcon: Fix error handling in extcon_dev_register - firewire: nosy: Fix a use-after-free bug in nosy_ioctl() (CVE-2021-3483) - usbip: vhci_hcd fix shift out-of-bounds in vhci_hub_control() - USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem - [arm64,armhf] usb: musb: Fix suspend with devices connected for a64 - cdc-acm: fix BREAK rx code path adding necessary calls - USB: cdc-acm: untangle a circular dependency between callback and softint - USB: cdc-acm: downgrade message to debug - USB: cdc-acm: fix double free on probe failure - USB: cdc-acm: fix use-after-free after probe failure - [i386] usb: gadget: udc: amd5536udc_pci fix null-ptr-dereference - [arm*] usb: dwc2: Fix HPRT0.PrtSusp bit setting for HiKey 960 board. - [x86] staging: rtl8192e: Fix incorrect source in memcpy() - staging: rtl8192e: Change state information from u16 to u8 - drivers: video: fbcon: fix NULL dereference in fbcon_cursor() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.186 - [armhf] bus: ti-sysc: Fix warning on unbind if reset is not deasserted - [x86] platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2 - mISDN: fix crash in fritzpci - mac80211: choose first enabled channel for monitor - [arm64] drm/msm: Ratelimit invalid-fence message - [x86] platform/x86: thinkpad_acpi: Allow the FnLock LED to change state - scsi: target: pscsi: Clean up after failure in pscsi_map_sg() - cifs: revalidate mapping when we open files for SMB1 POSIX - cifs: Silently ignore unknown oplock break handle - [amd64] bpf, x86: Validate computation of branch displacements for x86-64 (CVE-2021-29154) - [i386] bpf, x86: Validate computation of branch displacements for x86-32 (CVE-2021-29154) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.187 - ALSA: aloop: Fix initialization of controls - [x86] ASoC: intel: atom: Stop advertising non working S24LE support - nfc: fix refcount leak in llcp_sock_bind() (CVE-2020-25670) - nfc: fix refcount leak in llcp_sock_connect() (CVE-2020-25671) - nfc: fix memory leak in llcp_sock_connect() (CVE-2020-25672) - nfc: Avoid endless loops caused by repeated llcp_sock_connect() - xen/evtchn: Change irq_info lock to raw_spinlock_t - net: ipv6: check for validity before dereferencing cfg->fc_nlinfo.nlh - ocfs2: fix deadlock between setattr and dio_end_io_write - fs: direct-io: fix missing sdio->boundary - [armhf] dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin - batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field - ice: Increase control queue timeout - net: hso: fix null-ptr-deref during tty device unregistration - net: ensure mac header is set in virtio_net_hdr_to_skb() - net: sched: sch_teql: fix null-pointer dereference - net-ipv6: bugfix - raw & sctp - switch to ipv6_can_nonlocal_bind() - usbip: add sysfs_lock to synchronize sysfs code paths - usbip: stub-dev synchronize sysfs code paths - usbip: vudc synchronize sysfs code paths - usbip: synchronize event handler with sysfs code paths - i2c: turn recovery error on init to debug - virtio_net: Add XDP meta data support - xfrm: interface: fix ipv4 pmtu check to honor ip header df - net: xfrm: Localize sequence counter per network namespace - i40e: Added Asym_Pause to supported link modes - i40e: Fix kernel oops when i40e driver removes VF's - sch_red: fix off-by-one checks in red_check_params() - cxgb4: avoid collecting SGE_QBASE regs during traffic - net:tipc: Fix a double free in tipc_sk_mcast_rcv - [armhf] ASoC: sunxi: sun4i-codec: fill ASoC card owner - clk: fix invalid usage of list cursor in register - clk: fix invalid usage of list cursor in unregister - workqueue: Move the position of debug_work_activate() in __queue_work() - [s390x] cpcmd: fix inline assembly register clobbering - net/mlx5: Fix placement of log_max_flow_counter - net/mlx5: Fix PBMC register mapping - RDMA/cxgb4: check for ipv6 address properly while destroying listener - [armhf] clk: socfpga: fix iomem pointer cast on 64-bit - net: sched: bump refcount for new action in ACT replace mode - cfg80211: remove WARN_ON() in cfg80211_sme_connect - net: tun: set tun->dev->addr_len during TUNSETLINK processing - drivers: net: fix memory leak in atusb_probe - drivers: net: fix memory leak in peak_usb_create_dev - net: mac802154: Fix general protection fault - net: ieee802154: nl-mac: fix check on panid - net: ieee802154: fix nl802154 del llsec key - net: ieee802154: fix nl802154 del llsec dev - net: ieee802154: fix nl802154 add llsec key - net: ieee802154: fix nl802154 del llsec devkey - net: ieee802154: forbid monitor for set llsec params - net: ieee802154: forbid monitor for del llsec seclevel - net: ieee802154: stop dump llsec params for monitors - Revert "cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath." (Closes: #988352) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.188 - [arm64] KVM: Hide system instruction access to Trace registers - [arm64] KVM: Disable guest access to trace filter controls - [armhf] drm/imx: imx-ldb: fix out of bounds array access warning - gfs2: report "already frozen/thawed" errors - [arm64,armhf] drm/tegra: dc: Don't set PLL clock to 0Hz - block: only update parent bi_status when bio fail - net: phy: broadcom: Only advertise EEE for supported modes - staging: m57621-mmc: delete driver from the tree. (Closes: #986949) - netfilter: x_tables: fix compat match/target pad out-of-bound write - driver core: Fix locking bug in deferred_probe_timeout_work_func() - xen/events: fix setting irq affinity https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.189 - net/sctp: fix race condition in sctp_destroy_sock - gpio: sysfs: Obey valid_mask - neighbour: Disregard DEAD dst in neigh_update - [arm64] drm/msm: Fix a5xx/a6xx timestamps - scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state - net: ieee802154: stop dump llsec keys for monitors - net: ieee802154: stop dump llsec devs for monitors - net: ieee802154: forbid monitor for add llsec dev - net: ieee802154: stop dump llsec devkeys for monitors - net: ieee802154: forbid monitor for add llsec devkey - net: ieee802154: stop dump llsec seclevels for monitors - net: ieee802154: forbid monitor for add llsec seclevel - pcnet32: Use pci_resource_len to validate PCI resource - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices - readdir: make sure to verify directory entry for legacy interfaces too - [arm64] fix inline asm in load_unaligned_zeropad() - [arm64] alternatives: Move length validation in alternative_{insn, endif} - scsi: libsas: Reset num_scatter if libata marks qc as NODATA - netfilter: conntrack: do not print icmpv6 as unknown via /proc - netfilter: nft_limit: avoid possible divide error in nft_limit_init - net: sit: Unregister catch-all devices - net: ip6_tunnel: Unregister catch-all devices - i40e: fix the panic when running bpf in xdpdrv mode - [armel,armhf] 9071/1: uprobes: Don't hook on thumb instructions - net: phy: marvell: fix detection of PHY on Topaz switches - gup: document and work around "COW can break either way" issue (CVE-2020-29374) - [x86] pinctrl: lewisburg: Update number of pins in community - locking/qrwlock: Fix ordering in queued_write_lock_slowpath() - [x86] perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3 - HID: alps: fix error return code in alps_input_configured() - HID: wacom: Assign boolean values to a bool variable - net: geneve: check skb is large enough for IPv4/IPv6 header - [s390x] entry: save the caller of psw_idle - xen-netback: Check for hotplug-status existence before watching - [x86] crash: Fix crash_setup_memmap_entries() out-of-bounds access - net: hso: fix NULL-deref on disconnect regression - USB: CDC-ACM: fix poison/unpoison imbalance https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.190 - [x86] ACPI: tables: x86: Reserve memory occupied by ACPI tables - [x86] ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade() - net: usb: ax88179_178a: initialize local variables before use - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd() - [mips*] Do not include hi and lo in clobber list for R6 - bpf: Fix masking negation logic upon negative dst register (CVE-2021-31829) - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd() - ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX - USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet - USB: Add reset-resume quirk for WD19's Realtek Hub - [x86] platform/x86: thinkpad_acpi: Correct thermal sensor allocation - ovl: allow upperdir inside lowerdir https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.191 - [s390x] disassembler: increase ebpf disasm buffer size - ftrace: Handle commands when closing set_ftrace_filter file - ecryptfs: fix kernel panic with null dev_name - [armhf] spi: spi-ti-qspi: Free DMA resources - scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() - mmc: sdhci-pci: Fix initialization of some SD cards for Intel BYT-based controllers - mmc: block: Update ext_csd.cache_ctrl if it was written - mmc: block: Issue a cache flush only when it's enabled - mmc: core: Do a power cycle when the CMD11 fails - mmc: core: Set read only for SD cards with permanent write protect bit - cifs: Return correct error code from smb2_get_enc_key - btrfs: fix metadata extent leak after failure to create subvolume - [x86] intel_th: pci: Add Rocket Lake CPU support - fbdev: zero-fill colormap in fbcmap.c - staging: wimax/i2400m: fix byte-order issue - crypto: api - check for ERR pointers in crypto_destroy_tfm() - usb: gadget: uvc: add bInterval checking for HS mode - [x86] genirq/matrix: Prevent allocation counter corruption - usb: gadget: f_uac1: validate input parameters - [arm64,armhf] usb: dwc3: gadget: Ignore EP queue requests during bus reset - usb: xhci: Fix port minor revision - PCI: PM: Do not read power state in pci_enable_device_flags() - [arm64] tee: optee: do not check memref size on return from Secure World - [arm*] perf/arm_pmu_platform: Fix error handling - xhci: check control context is valid before dereferencing it. - xhci: fix potential array out of bounds with several interrupters - [x86] intel_th: Consistency and off-by-one fix - [armhf] phy: phy-twl4030-usb: Fix possible use-after-free in twl4030_usb_remove() - btrfs: convert logic BUG_ON()'s in replace_path to ASSERT()'s - scsi: lpfc: Fix incorrect dbde assignment when building target abts wqe - scsi: lpfc: Fix pt2pt connection does not recover after LOGO - scsi: target: pscsi: Fix warning in pscsi_complete_cmd() - [x86] media: ite-cir: check for receive overflow - power: supply: bq27xxx: fix power_avg for newer ICs - media: media/saa7164: fix saa7164_encoder_register() memory leak bugs - media: gspca/sq905.c: fix uninitialized variable - drm/amdgpu : Fix asic reset regression issue introduce by 8f211fe8ac7c4f - scsi: qla2xxx: Always check the return value of qla24xx_get_isp_stats() - scsi: qla2xxx: Fix use after free in bsg - scsi: scsi_dh_alua: Remove check for ASC 24h in alua_rtpg() - media: em28xx: fix memory leak - media: vivid: update EDID - [armhf] clk: socfpga: arria10: Fix memory leak of socfpga_clk on error return - media: dvb-usb: fix memory leak in dvb_usb_adapter_init - media: gscpa/stv06xx: fix memory leak - [arm64] drm/msm/mdp5: Configure PP_SYNC_HEIGHT to double the vtotal - drm/amdgpu: fix NULL pointer dereference - scsi: lpfc: Fix crash when a REG_RPI mailbox fails triggering a LOGO response - scsi: lpfc: Remove unsupported mbox PORT_CAPABILITIES logic - scsi: libfc: Fix a format specifier - [s390x] archrandom: add parameter check for s390_arch_random_generate - [i386] ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer - ALSA: hda/conexant: Re-order CX5066 quirk table entries - [i386] ALSA: sb: Fix two use after free in snd_sb_qsound_build - ALSA: usb-audio: Explicitly set up the clock selector - ALSA: usb-audio: More constifications - ALSA: usb-audio: Add dB range mapping for Sennheiser Communications Headset PC 8 - ALSA: hda/realtek: Add quirk for Intel Clevo PCx0Dx - btrfs: fix race when picking most recent mod log operation for an old root - [arm64] vdso: Discard .note.gnu.property sections in vDSO - ubifs: Only check replay with inode type to judge if inode linked - f2fs: fix to avoid out-of-bounds memory access (CVE-2021-3506) - openvswitch: fix stack OOB read while fragmenting IPv4 packets - [arm64] ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure - NFS: Don't discard pNFS layout segments that are marked for return - NFSv4: Don't discard segments marked for return in _pnfs_return_layout() - jffs2: Fix kasan slab-out-of-bounds problem - [powerpc*] eeh: Fix EEH handling for hugepages in ioremap space. - [x86] intel_th: pci: Add Alder Lake-M support - [arm64,x86] tpm: vtpm_proxy: Avoid reading host log when using a virtual device - md/raid1: properly indicate failure when ending a failed write request - dm raid: fix inconclusive reshape layout on fast raid4/5/6 table reload sequences - security: commoncap: fix -Wstringop-overread warning - jffs2: check the validity of dstlen in jffs2_zlib_compress() - Revert 337f13046ff0 ("futex: Allow FUTEX_CLOCK_REALTIME with FUTEX_WAIT op") - posix-timers: Preserve return value in clock_adjtime32() - [arm64] vdso: remove commas between macro name and arguments - ext4: fix check to prevent false positive report of incorrect used inodes - ext4: do not set SB_ACTIVE in ext4_orphan_cleanup() - ext4: fix error code in ext4_commit_super - media: dvbdev: Fix memory leak in dvb_media_device_free() - usb: gadget: Fix double free of device descriptor pointers - usb: gadget/function/f_fs string table fix for multiple languages - [arm64,armhf] usb: dwc3: gadget: Fix START_TRANSFER link state check - [arm*] usb: dwc2: Fix session request interrupt handler - tty: fix memory leak in vc_deallocate - tracing: Map all PIDs to command lines - tracing: Restructure trace_clock_global() to never block - dm space map common: fix division bug in sm_ll_find_free_block() - dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails - modules: mark ref_module static - modules: mark find_symbol static - modules: mark each_symbol_section static - modules: unexport __module_text_address - modules: unexport __module_address - modules: rename the licence field in struct symsearch to license - modules: return licensing information from find_symbol - modules: inherit TAINT_PROPRIETARY_MODULE - Bluetooth: verify AMP hci_chan before amp_destroy (CVE-2021-33034) - bluetooth: eliminate the potential race condition when removing the HCI controller (CVE-2021-32399) - net/nfc: fix use-after-free llcp_sock_bind/connect (CVE-2021-23134) - FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR - misc: lis3lv02d: Fix false-positive WARN on various HP models - [x86] misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct - [x86] misc: vmw_vmci: explicitly initialize vmci_datagram payload - md/bitmap: wait for external bitmap writes to complete during tear down - md-cluster: fix use-after-free issue when removing rdev - md: split mddev_find - md: factor out a mddev_find_locked helper from mddev_find - md: md_open returns -EBUSY when entering racing area - md: Fix missing unused status line of /proc/mdstat - ipw2x00: potential buffer overflow in libipw_wx_set_encodeext() - cfg80211: scan: drop entry from hidden_list on overflow - drm/radeon: fix copy of uninitialized variable back to userspace - ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries - ALSA: hda/realtek: Re-order ALC882 Sony quirk table entries - ALSA: hda/realtek: Re-order ALC882 Clevo quirk table entries - ALSA: hda/realtek: Re-order ALC269 HP quirk table entries - ALSA: hda/realtek: Re-order ALC269 Dell quirk table entries - ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries - ALSA: hda/realtek: Re-order ALC269 Lenovo quirk table entries - ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill devices - [x86] cpu: Initialize MSR_TSC_AUX if RDTSCP *or* RDPID is supported - [s390x] KVM: split kvm_s390_logical_to_effective - [s390x] KVM: fix guarded storage control register handling - [s390x] KVM: split kvm_s390_real_to_abs - ovl: fix missing revert_creds() on error path - [x86] usb: gadget: pch_udc: Revert d3cb25a12138 completely - [armhf] memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] - [armhf] dts: exynos: correct PMIC interrupt trigger level on SMDK5250 - regmap: set debugfs_name to NULL after it is freed - mtd: Handle possible -EPROBE_DEFER from parse_mtd_partitions() - [x86] microcode: Check for offline CPUs before requesting new microcode - [x86] usb: gadget: pch_udc: Replace cpu_to_le32() by lower_32_bits() - [x86] usb: gadget: pch_udc: Check if driver is present before calling ->setup() - [x86] usb: gadget: pch_udc: Check for DMA mapping error - [x86] crypto: qat - don't release uninitialized resources - [x86] crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init - mtd: require write permissions for locking and badblock ioctls - [arm64] bus: qcom: Put child node before return - [x86] crypto: qat - fix error path in adf_isr_resource_alloc() - [armhf] mtd: rawnand: gpmi: Fix a double free in gpmi_nand_init - [arm64,armhf] irqchip/gic-v3: Fix OF_BAD_ADDR error handling - [x86] staging: rtl8192u: Fix potential infinite loop - spi: Fix use-after-free with devm_spi_alloc_* - [arm64] soc: qcom: mdt_loader: Validate that p_filesz < p_memsz - [arm64] soc: qcom: mdt_loader: Detect truncated read of segments - [amd64,arm64] ACPI: CPPC: Replace cppc_attr with kobj_attribute - [x86] crypto: qat - Fix a double free in adf_create_ring - [arm64] cpufreq: armada-37xx: Fix setting TBG parent for load levels - [arm64] clk: mvebu: armada-37xx-periph: remove .set_parent method for CPU PM clock - [arm64] cpufreq: armada-37xx: Fix the AVS value for load L1 - [arm64] clk: mvebu: armada-37xx-periph: Fix switching CPU freq from 250 Mhz to 1 GHz - [arm64] clk: mvebu: armada-37xx-periph: Fix workaround for switching from L1 to L0 - [arm64] cpufreq: armada-37xx: Fix driver cleanup when registration failed - [arm64] cpufreq: armada-37xx: Fix determining base CPU frequency - USB: cdc-acm: fix unprivileged TIOCCSERIAL - tty: actually undefine superseded ASYNC flags - tty: fix return value for unsupported ioctls - usbip: vudc: fix missing unlock on error in usbip_sockfd_store() - [x86] platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards with critclk_systems DMI table - [x86] Drivers: hv: vmbus: Increase wait time for VMbus unload - [arm*] usb: dwc2: Fix host mode hibernation exit with remote wakeup flow. - [arm*] usb: dwc2: Fix hibernation between host and device modes. - ttyprintk: Add TTY hangup callback. - media: vivid: fix assignment of dev->fbuf_out_flags - media: m88rs6000t: avoid potential out-of-bounds reads on arrays - [x86] kprobes: Fix to check non boostable prefixes correctly - sata_mv: add IRQ checks - ata: libahci_platform: fix IRQ check - nvme: retrigger ANA log update if group descriptor isn't found - [arm64] clk: qcom: a53-pll: Add missing MODULE_DEVICE_TABLE - [powerpc*] scsi: ibmvfc: Fix invalid state machine BUG_ON() - [armhf] HSI: core: fix resource leaks in hsi_add_client_from_dt() - [amd64] x86/events/amd/iommu: Fix sysfs type mismatch - sched/debug: Fix cgroup_path[] serialization - drivers/block/null_blk/main: Fix a double free in null_init. - HID: plantronics: Workaround for double volume key presses - [powerpc*] prom: Mark identical_pvr_fixup as __init - ALSA: core: remove redundant spin_lock pair in snd_card_disconnect - bug: Remove redundant condition check in report_bug - nfc: pn533: prevent potential memory corruption - [arm64] net: hns3: Limiting the scope of vector_ring_chain variable - ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls - [powerpc*] 64s: Fix pte update for kernel memory on radix - [powerpc*] perf: Fix PMU constraint check for EBB events - mac80211: bail out if cipher schemes are invalid - mt7601u: fix always true expression - [amd64] IB/hfi1: Fix error return code in parse_platform_config() - [arm64] net: thunderx: Fix unintentional sign extension issue - RDMA/srpt: Fix error return code in srpt_cm_req_recv() - [mips*] pci-legacy: stop using of_pci_range_to_resource - [powerpc*] pseries: extract host bridge from pci_bus prior to bus removal - rtlwifi: 8821ae: upgrade PHY and RF parameters - mwl8k: Fix a double Free in mwl8k_probe_hw - [x86] vsock/vmci: log once the failed queue pair allocation - RDMA/i40iw: Fix error unwinding when i40iw_hmc_sd_one fails - ALSA: usb: midi: don't return -ENOMEM when usb_urb_ep_type_check fails - [armhf] net: davinci_emac: Fix incorrect masking of tx and rx error channel - ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices - ath10k: Fix ath10k_wmi_tlv_op_pull_peer_stats_info() unlock without lock - bnxt_en: fix ternary sign extension bug in bnxt_show_temp() - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb - [arm64] net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send - net:nfc:digital: Fix a double free in digital_tg_recv_dep_req - mm/sparse: add the missing sparse_buffer_fini() in error branch - mm/memory-failure: unnecessary amount of unmapping - net: Only allow init netns to set default tcp cong to a restricted algo - smp: Fix smp_call_function_single_async prototype - Revert "net/sctp: fix race condition in sctp_destroy_sock" - sctp: delay auto_asconf init until binding the first addr (CVE-2021-23133) - Revert "of/fdt: Make sure no-map does not remove already reserved regions" - Revert "fdt: Properly handle "no-map" field in the memory region" - [arm64,x86] tpm: fix error return code in tpm2_get_cc_attrs_tbl() - fs: dlm: fix debugfs dump - tipc: convert dest node's address to network order - [x86] ASoC: Intel: bytcr_rt5640: Enable jack-detect support on Asus T100TAF - [arm64] net: stmmac: Set FIFO sizes for ipq806x - i2c: bail out early when RDWR parameters are wrong - ALSA: hdsp: don't disable if not enabled - ALSA: hdspm: don't disable if not enabled - ALSA: rme9652: don't disable if not enabled - Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default - Bluetooth: initialize skb_queue_head at l2cap_chan_create() - net: bridge: when suppression is enabled exclude RARP packets - Bluetooth: check for zapped sk before connecting - ip6_vti: proper dev_{hold|put} in ndo_[un]init methods - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Chuwi Hi8 tablet - i2c: Add I2C_AQ_NO_REP_START adapter quirk - mac80211: clear the beacon's CRC after channel switch - [armhf] pinctrl: samsung: use 'int' for register masks in Exynos - cuse: prevent clone - sctp: Fix out-of-bounds warning in sctp_process_asconf_param() - [powerpc*] smp: Set numa node before updating mask - [x86] ASoC: rt286: Generalize support for ALC3263 codec - ethtool: ioctl: Fix out-of-bounds warning in store_link_ksettings_for_user() - [powerpc*] pseries: Stop calling printk in rtas_stop_self() - [x86] wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt - [x86] wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join - [powerpc*] iommu: Annotate nested lock for lockdep - [x86] ASoC: rt286: Make RT286_SET_GPIO_* readable and writable - f2fs: fix a redundant call to f2fs_balance_fs if an error occurs - PCI: Release OF node in pci_scan_device()'s error path - [armel,armhf] 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook - [arm64] rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data() - NFSv4.2: Always flush out writes in nfs42_proc_fallocate() - NFS: Deal correctly with attribute generation counter overflow - pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() - NFSv4.2 fix handling of sr_eof in SEEK's reply - rtc: ds1307: Fix wday settings for rx8130 - [arm64] net: hns3: disable phy loopback setting in hclge_mac_start_phy - sctp: do asoc update earlier in sctp_sf_do_dupcook_a - ethernet:enic: Fix a use after free bug in enic_hard_start_xmit - sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b - netfilter: xt_SECMARK: add new revision to fix structure layout - drm/radeon: Fix off-by-one power_state index heap overwrite - drm/radeon: Avoid power table parsing memory leaks - khugepaged: fix wrong result value for trace_mm_collapse_huge_page_isolate() - mm/hugeltb: handle the error case in hugetlb_fix_reserve_counts() - ksm: fix potential missing rmap_item for stable_node - net: fix nla_strcmp to handle more then one trailing null character - smc: disallow TCP_ULP in smc_setsockopt() - netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check - sched/fair: Fix unfairness caused by missing load decay - [amd64] kernel: kexec_file: fix error return code of kexec_calculate_store_digests() - netfilter: nftables: avoid overflows in nft_hash_buckets() - i40e: Fix use-after-free in i40e_client_subtask() - [powerpc*] 64s: Fix crashes when toggling stf barrier - [powerpc*] 64s: Fix crashes when toggling entry flush barrier - hfsplus: prevent corruption in shrinking truncate - squashfs: fix divide error in calculate_skip() - userfaultfd: release page in error path to avoid BUG_ON - drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors are connected - [arm64,x86] ACPI: scan: Fix a memory leak in an error handling path - blk-mq: Swap two calls in blk_mq_exit_queue() - [armhf] usb: dwc3: omap: improve extcon initialization - [arm64] usb: dwc3: pci: Enable usb2-gadget-lpm-disable for Intel Merrifield - [arm*] usb: dwc2: Fix gadget DMA unmap direction - usb: core: hub: fix race condition about TRSMRCY of resume - [arm64,armhf] usb: dwc3: gadget: Return success always for kick transfer in ep queue - xhci: Do not use GFP_KERNEL in (potentially) atomic context - xhci: Add reset resume quirk for AMD xhci controller. - [x86] iio: tsl2583: Fix division by a zero lux_val - cdc-wdm: untangle a circular dependency between callback and softint - [x86] KVM: Cancel pvclock_gtod_work on module removal - thermal/core/fair share: Lock the thermal zone while looping over instances - kobject_uevent: remove warning in init_uevent_argv() - netfilter: conntrack: Make global sysctls readonly in non-init netns - nvme: do not try to reconfigure APST when the controller is not live - [x86] msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes - usb: sl811-hcd: improve misleading indentation - cxgb4: Fix the -Wmisleading-indentation warning - isdn: capi: fix mismatched prototypes - [arm64] PCI: thunder: Fix compile testing - [armel,armhf] 9066/1: ftrace: pause/unpause function graph tracer in cpu_suspend() - [arm64,x86] ACPI / hotplug / PCI: Fix reference count leak in enable_slot() - [arm64] Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated devices - [armel,armhf] 9075/1: kernel: Fix interrupted SMC calls - ceph: fix fscache invalidation - scsi: target: tcmu: Return from tcmu_handle_completions() if cmd_id not found - [arm64,x86] gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055 - ALSA: hda: generic: change the DAC ctl name for LO+SPK or LO+HP - block: reexpand iov_iter after read/write - [arm64,armhf] net: stmmac: Do not enable RX FIFO overflow interrupts - ip6_gre: proper dev_{hold|put} in ndo_[un]init methods - sit: proper dev_{hold|put} in ndo_[un]init methods - ip6_tunnel: sit: proper dev_{hold|put} in ndo_[un]init methods - ipv6: remove extra dev_hold() for fallback tunnels - iomap: fix sub-page uptodate handling - [arm64] KVM: Initialize VCPU mdcr_el2 before loading it - tweewide: Fix most Shebang lines - scripts: switch explicitly to Python 3 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.192 - RDMA/rxe: Clear all QP fields if creation failed - scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword() - RDMA/mlx5: Recover from fatal event in dual port mode - [x86] platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios - ptrace: make ptrace() fail if the tracee changed its pid unexpectedly - nvmet: seset ns->file when open fails - locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal - cifs: fix memory leak in smb2_copychunk_range - ALSA: dice: fix stream format for TC Electronic Konnekt Live at high sampling transfer frequency - ALSA: line6: Fix racy initialization of LINE6 MIDI - ALSA: dice: fix stream format at middle sampling rate for Alesis iO 26 - ALSA: usb-audio: Validate MS endpoint descriptors - ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro - [i386] Revert "ALSA: sb8: add a check for request_region" - ALSA: hda/realtek: reset eapd coeff to default value for alc287 - ALSA: hda/realtek: Add some CLOVE SSIDs of ALC293 - [arm64] Revert "serial: mvebu-uart: Fix to avoid a potential NULL pointer dereference" - [x86] xen-pciback: reconfigure also from backend watch handler - dm snapshot: fix crash with transient storage and zero chunk size - [x86] Revert "video: hgafb: fix potential NULL pointer dereference" - [arm64,armhf] Revert "net: stmicro: fix a missing check of clk_prepare" - [armhf] Revert "leds: lp5523: fix a missing check of return value of lp55xx_read" - Revert "hwmon: (lm80) fix a missing check of bus read in lm80 probe" - Revert "ecryptfs: replace BUG_ON with error handling code" - Revert "rtlwifi: fix a potential NULL pointer dereference" - Revert "qlcnic: Avoid potential NULL pointer dereference" - Revert "niu: fix missing checks of niu_pci_eeprom_read" - ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read() - [arm64,armhf] net: stmicro: handle clk_prepare() failure during init - net: rtlwifi: properly check for alloc_workqueue() failure - [armhf] leds: lp5523: check return value of lp5xx_read and jump to cleanup code - qlcnic: Add null check after calling netdev_alloc_skb - [x86] video: hgafb: fix potential NULL pointer dereference - vgacon: Record video mode changes with VT_RESIZEX - vt: Fix character height handling with VT_RESIZEX - tty: vt: always invoke vc->vc_sw->con_resize callback - [x86] video: hgafb: correctly handle card detect failure during probe - Bluetooth: SMP: Fail if remote and local public keys are identical (CVE-2020-26558, CVE-2021-0129) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.193 - mm, vmstat: drop zone->lock in /proc/pagetypeinfo - [arm64,armhf] usb: dwc3: gadget: Enable suspend events - NFC: nci: fix memory leak in nci_allocate_device - cifs: set server->cipher_type to AES-128-CCM for SMB3.0 - NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() - [amd64] iommu/vt-d: Fix sysfs leak in alloc_iommu() - proc: Check /proc/$pid/attr/ writes against file opener - net: hso: fix control-request directions - mac80211: assure all fragments are encrypted (CVE-2020-26147) - mac80211: prevent mixed key and fragment cache attacks (CVE-2020-24586, CVE-2020-24587) - mac80211: properly handle A-MSDUs that start with an RFC 1042 header - cfg80211: mitigate A-MSDU aggregation attacks (CVE-2020-24588) - mac80211: drop A-MSDUs on old ciphers (CVE-2020-24588) - mac80211: add fragment cache to sta_info - mac80211: check defrag PN against current frame - mac80211: prevent attacks on TKIP/WEP as well - mac80211: do not accept/forward invalid EAPOL frames (CVE-2020-26139) - mac80211: extend protection against mixed key and fragment cache attacks (CVE-2020-24586, CVE-2020-24587) - ath10k: Validate first subframe of A-MSDU before processing the list - dm snapshot: properly fix a crash when an origin has no snapshots - misc/uss720: fix memory leak in uss720_probe - [x86] thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue - [x86] mei: request autosuspend after sending rx flow control - USB: trancevibrator: fix control-request direction - USB: usbfs: Don't WARN about excessively large memory allocations - serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' - USB: serial: ti_usb_3410_5052: add startech.com device id - USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011 - USB: serial: ftdi_sio: add IDs for IDS GmbH Products - USB: serial: pl2303: add device id for ADLINK ND-6530 GC - [arm64,armhf] usb: dwc3: gadget: Properly track pending and queued SG - net: usb: fix memory leak in smsc75xx_bind - bpf: extend is_branch_taken to registers - bpf: Test_verifier, bpf_get_stack return value add <0 - bpf, test_verifier: switch bpf_get_stack's 0 s> r8 test - bpf: Move off_reg into sanitize_ptr_alu (CVE-2021-29155) - bpf: Ensure off_reg has no mixed signed bounds for all types (CVE-2021-29155) - bpf: Rework ptr_limit into alu_limit and add common error path (CVE-2021-29155) - bpf: Improve verifier error messages for users (CVE-2021-29155) - bpf: Refactor and streamline bounds check into helper (CVE-2021-29155) - bpf: Move sanitize_val_alu out of op switch (CVE-2021-29155) - bpf: Tighten speculative pointer arithmetic mask (CVE-2021-29155) - bpf: Update selftests to reflect new error states - bpf: Fix leakage of uninitialized bpf stack under speculation (CVE-2021-31829) - bpf: Wrap aux data inside bpf_sanitize_info container - bpf: Fix mask direction swap upon off reg sign change - bpf: No need to simulate speculative domain for immediates - [armhf] spi: gpio: Don't leak SPI master in probe error path - Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails - NFS: fix an incorrect limit in filelayout_decode_layout() - NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce() - NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config - [arm64] drm/meson: fix shutdown crash when component not probed - net/mlx4: Fix EEPROM dump support - Revert "net:tipc: Fix a double free in tipc_sk_mcast_rcv" - tipc: skb_linearize the head skb when reassembling msgs - [arm64,armhf] net: dsa: fix a crash if ->get_sset_count() fails - [armhf] i2c: s3c2410: fix possible NULL pointer deref on read message after write - [x86] i2c: i801: Don't generate an interrupt on bus reset - [x86] platform/x86: hp_accel: Avoid invoking _INI to speed up resume - [x86] net: fujitsu: fix potential null-ptr-deref - [x86] char: hpet: add checks after calling ioremap - isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io - [arm64] dmaengine: qcom_hidma: comment platform_driver_register call - libertas: register sysfs groups properly - media: dvb: Add check on sp8870_readreg return - media: gspca: properly check for errors in po1030_probe() - [x86] scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic - btrfs: do not BUG_ON in link_to_fixup_dir - [x86] platform/x86: hp-wireless: add AMD's hardware id to the supported list - SMB3: incorrect file id in requests compounded with open - drm/amd/amdgpu: fix refcount leak - drm/amdgpu: Fix a use-after-free - [arm64,armhf] net: dsa: fix error code getting shifted with 4 in dsa_slave_get_sset_count - [armhf] net: fec: fix the potential memory leak in fec_enet_init() - [arm64] net: mdio: thunder: Fix a double free issue in the .remove function - [mips*] net: mdio: octeon: Fix some double free issues - openvswitch: meter: fix race when getting now_ms. - net: bnx2: Fix error return code in bnx2_init_board() - mld: fix panic in mld_newpack() - bpf: Set mac_len in bpf_skb_change_head - ixgbe: fix large MTU request from VF - scsi: libsas: Use _safe() loop in sas_resume_port() - ipv6: record frag_max_size in atomic fragments in input path - sch_dsmark: fix a NULL deref in qdisc_reset() - hugetlbfs: hugetlb_fault_mutex_hash() cleanup - drivers/net/ethernet: clean up unused assignments - [arm64] net: hns3: check the return of skb_checksum_help() - usb: core: reduce power-on-good delay time of root hub https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.194 - net: usb: cdc_ncm: don't spew notifications (Closes: #989451) - ALSA: usb: update old-style static const declaration - nl80211: validate key indexes for cfg80211_registered_device - efi: Allow EFI_MEMORY_XP and EFI_MEMORY_RO both to be cleared - [arm64,x86] efi: cper: fix snprintf() use in cper_dimm_err_location() - vfio/pci: Fix error return code in vfio_ecap_init() - ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service - HID: pidff: fix error return code in hid_pidff_init() - [arm64,x86] HID: i2c-hid: fix format string mismatch - netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches - ieee802154: fix error return code in ieee802154_add_iface() - ieee802154: fix error return code in ieee802154_llsec_getparams() - ixgbevf: add correct exception tracing for XDP - tipc: add extack messages for bearer/media failure - tipc: fix unique bearer names sanity check - Bluetooth: fix the erroneous flush_work() order (CVE-2021-3564) - Bluetooth: use correct lock to prevent UAF of hdev object (CVE-2021-3573) - HID: multitouch: require Finger field to mark Win8 reports as MT - ALSA: timer: Fix master timer notification - ALSA: hda: Fix for mute key LED for HP Pavilion 15-CK0xx - ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed - [arm*] usb: dwc2: Fix build in periphal-only mode - pid: take a reference when initializing `cad_pid` - ocfs2: fix data corruption by fallocate - nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect (CVE-2021-3587) - [x86] apic: Mark _all_ legacy interrupts when IO/APIC is missing - btrfs: mark ordered extent and inode with error if we fail to finish - btrfs: fix error handling in btrfs_del_csums - btrfs: return errors from btrfs_del_csums in cleanup_ref_head - btrfs: fixup error handling in fixup_inode_link_counts - mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY - bpf: Add BPF_F_ANY_ALIGNMENT. - bnxt_en: Remove the setting of dev_port. - perf/cgroups: Don't rotate events for cgroups unnecessarily - perf/core: Fix corner case in perf_rotate_context() - btrfs: fix unmountable seed device after fstrim - [x86] KVM: SVM: Truncate GPR value for DR and CR accesses in !64-bit mode - [arm64] KVM: Fix debug register indexing - [arm64,x86] ACPI: probe ECDT before loading AML tables regardless of module-level code flag - [arm64,x86] ACPI: EC: Look for ECDT EC after calling acpi_load_tables() - sched/fair: Optimize select_idle_cpu - [x86] xen-pciback: redo VF placement in the virtual topology . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.182-rt74 * [rt] Add new signing key for Clark Williams * [rt] Update to 4.19.184-rt75 * Bump ABI to 17 * [rt] Refresh "workqueue: Use normal rcu" * [rt] Refresh "workqueue: Use local irq lock instead of irq disable" * [rt] Refresh "workqueue: rework" * [rt] Update to 4.19.188-rt77 * [rt] Update to 4.19.190-rt79 * [rt] Refresh "ptrace: fix ptrace vs tasklist_lock race" * [rt] Update to 4.19.193-rt81 * [rt] Refresh "kernel: sched: Provide a pointer to the valid CPU mask" linux-signed-arm64 (4.19.194+1) buster; urgency=medium . * Sign kernel from linux 4.19.194-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.182 - [arm64] KVM: nvhe: Save the SPE context early - [armhf] net: dsa: b53: Support setting learning on port https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.183 - ALSA: hda: generic: Fix the micmute led init state - Revert "PM: runtime: Update device status before letting suppliers suspend" - vmlinux.lds.h: Create section for protection against instrumentation - btrfs: fix race when cloning extent buffer during rewind of an old root (CVE-2021-28964) - btrfs: fix slab cache flags for free space tree bitmap - [armhf] ASoC: fsl_ssi: Fix TDM slot setup for I2S mode - nvmet: don't check iosqes,iocqes for discovery controllers - NFSD: Repair misuse of sv_lock in 5.10.16-rt30. - svcrdma: disable timeouts on rdma backchannel - sunrpc: fix refcount leak for rpc auth modules - scsi: lpfc: Fix some error codes in debugfs - nvme-rdma: fix possible hang when failing to set io queues - [powerpc*] Force inlining of cpu_has_feature() to avoid build failure - usb-storage: Add quirk to defeat Kindle's automatic unload - usbip: Fix incorrect double assignment to udc->ud.tcp_rx - USB: replace hardcode maximum usb string length by definition - usb: gadget: configfs: Fix KASAN use-after-free - [arm64] iio:adc:qcom-spmi-vadc: add default scale to LR_MUX2_BAT_ID channel - iio: hid-sensor-prox: Fix scale not correct issue - [powerpc*] PCI: rpadlpar: Fix potential drc_name corruption in store functions (CVE-2021-28972) - [x86] perf/x86/intel: Fix a crash caused by zero PEBS status (CVE-2021-28971) - [x86] ioapic: Ignore IRQ2 again - kernel, fs: Introduce and use set_restart_fn() and arch_set_restart_data() - [x86] Move TS_COMPAT back to asm/thread_info.h - [x86] Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall() - ext4: find old entry again if failed to rename whiteout - ext4: do not try to set xattr into ea_inode if value is empty - ext4: fix potential error in ext4_do_update_inode - genirq: Disable interrupts for force threaded handlers - [x86] apic/of: Fix CPU devicetree-node lookups - cifs: Fix preauth hash corruption https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.184 - [armhf] net: fec: ptp: avoid register access when ipg clock is disabled - [powerpc*] 4xx: Fix build errors from mfdcr() - atm: eni: dont release is never initialized - atm: lanai: dont run lanai_dev_close if not open - Revert "r8152: adjust the settings about MAC clock speed down for RTL8153" - ixgbe: Fix memleak in ixgbe_configure_clsu32 - net: tehuti: fix error return code in bdx_probe() - sun/niu: fix wrong RXMAC_BC_FRM_CNT_COUNT count - gianfar: fix jumbo packets+napi+rx overrun crash (CVE-2021-29264) - gpiolib: acpi: Add missing IRQF_ONESHOT - nfs: fix PNFS_FLEXFILE_LAYOUT Kconfig default - NFS: Correct size calculation for create reply length - [arm64] net: hisilicon: hns: fix error return code of hns_nic_clear_all_rx_fetch() - [x86] atm: uPD98402: fix incorrect allocation - atm: idt77252: fix null-ptr-dereference - u64_stats,lockdep: Fix u64_stats_init() vs lockdep - nfs: we don't support removing system.nfs4_acl - block: Suppress uevent for hidden device when removed - [arm64] netsec: restore phy power state after controller reset - [x86] platform/x86: intel-vbtn: Stop reporting SW_DOCK events - squashfs: fix inode lookup sanity checks - squashfs: fix xattr id and id lookup sanity checks - dm ioctl: fix out of bounds array access when no devices (CVE-2021-31916) - [armhf] bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD - veth: Store queue_mapping independently of XDP prog presence - libbpf: Fix INSTALL flag order - macvlan: macvlan_count_rx() needs to be aware of preemption - [armhf] net: dsa: bcm_sf2: Qualify phydev->dev_flags based on port - e1000e: add rtnl_lock() to e1000_reset_task - e1000e: Fix error handling in e1000_set_d0_lplu_state_82571 - net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template - netfilter: ctnetlink: fix dump of the expect mask attribute - can: peak_usb: add forgotten supported devices - [armhf] can: flexcan: flexcan_chip_freeze(): fix chip freeze for missing bitrate - mac80211: fix rate mask reset - net: cdc-phonet: fix data-interface release on probe failure - [arm64,armhf] net: stmmac: dwmac-sun8i: Provide TX and RX fifo sizes - [arm64] drm/msm: fix shutdown hook in case GPU components failed to bind - net/mlx5e: Fix error path for ethtool set-priv-flag - RDMA/cxgb4: Fix adapter LE hash errors while destroying ipv6 listening server - bpf: Don't do bpf_cgroup_storage_set() for kuprobe/tp programs - Revert "netfilter: x_tables: Switch synchronization to RCU" - netfilter: x_tables: Use correct memory barriers. (CVE-2021-29650) - Revert "netfilter: x_tables: Update remaining dereference to RCU" - ACPI: scan: Rearrange memory allocation in acpi_device_add() - ACPI: scan: Use unique number for instance_no - dm verity: add root hash pkcs#7 signature verification - scsi: qedi: Fix error return code of qedi_alloc_global_queues() - scsi: mpt3sas: Fix error return code of mpt3sas_base_attach() - locking/mutex: Fix non debug version of mutex_lock_io_nested() - can: dev: Move device back to init netns on owning netns delete - net: sched: validate stab values - net: qrtr: fix a kernel-infoleak in qrtr_recvmsg() (CVE-2021-29647) - mac80211: fix double free in ibss_leave - ext4: add reclaim checks to xattr code - can: peak_usb: Revert "can: peak_usb: add forgotten supported devices" - xen-blkback: don't leak persistent grants from xen_blkbk_map() (CVE-2021-28688) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.185 - selinux: vsock: Set SID for socket returned by accept() - tcp: relookup sock for RST+ACK packets handled by obsolete req sock - ipv6: weaken the v4mapped source check - ext4: fix bh ref count on error paths - rpc: fix NULL dereference on kmalloc failure - ASoC: rt5640: Fix dac- and adc- vol-tlv values being off by a factor of 10 - [x86] ASoC: rt5651: Fix dac- and adc- vol-tlv values being off by a factor of 10 - [armhf] ASoC: sgtl5000: set DAP_AVC_CTRL register to correct default value on probe - [x86] ASoC: es8316: Simplify adc_pga_gain_tlv table - vhost: Fix vhost_vq_reset() - scsi: st: Fix a use after free in st_open() - scsi: qla2xxx: Fix broken #endif placement - [x86] staging: comedi: cb_pcidas: fix request_irq() warn - [x86] staging: comedi: cb_pcidas64: fix request_irq() warn - thermal/core: Add NULL pointer check before using cooling device stats - locking/ww_mutex: Simplify use_ww_ctx & ww_ctx handling - ext4: do not iput inode under running transaction in ext4_rename() - brcmfmac: clear EAP/association status bits on linkdown events - ath10k: hold RCU lock when calling ieee80211_find_sta_by_ifaddr() - [amd64] net: ethernet: aquantia: Handle error cleanup of start on open - appletalk: Fix skb allocation size in loopback case - [x86] net: wan/lmc: unregister device when no matching device is found - bpf: Remove MTU check in __bpf_skb_max_len - ALSA: usb-audio: Apply sample rate quirk to Logitech Connect - ALSA: hda/realtek: fix a determine_headset_type issue for a Dell AIO - ALSA: hda/realtek: call alc_update_headset_mode() in hp_automute_hook - PM: runtime: Fix race getting/putting suppliers at probe - PM: runtime: Fix ordering in pm_runtime_get_suppliers() - tracing: Fix stack trace event size - mm: fix race by making init_zero_pfn() early_initcall - drm/amdgpu: fix offset calculation in amdgpu_vm_bo_clear_mappings() - drm/amdgpu: check alignment on CPU page for bo map - reiserfs: update reiserfs_xattrs_initialized() condition - [arm64,armhf] pinctrl: rockchip: fix restore error in resume - extcon: Add stubs for extcon_register_notifier_all() functions - extcon: Fix error handling in extcon_dev_register - firewire: nosy: Fix a use-after-free bug in nosy_ioctl() (CVE-2021-3483) - usbip: vhci_hcd fix shift out-of-bounds in vhci_hub_control() - USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem - [arm64,armhf] usb: musb: Fix suspend with devices connected for a64 - cdc-acm: fix BREAK rx code path adding necessary calls - USB: cdc-acm: untangle a circular dependency between callback and softint - USB: cdc-acm: downgrade message to debug - USB: cdc-acm: fix double free on probe failure - USB: cdc-acm: fix use-after-free after probe failure - [i386] usb: gadget: udc: amd5536udc_pci fix null-ptr-dereference - [arm*] usb: dwc2: Fix HPRT0.PrtSusp bit setting for HiKey 960 board. - [x86] staging: rtl8192e: Fix incorrect source in memcpy() - staging: rtl8192e: Change state information from u16 to u8 - drivers: video: fbcon: fix NULL dereference in fbcon_cursor() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.186 - [armhf] bus: ti-sysc: Fix warning on unbind if reset is not deasserted - [x86] platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2 - mISDN: fix crash in fritzpci - mac80211: choose first enabled channel for monitor - [arm64] drm/msm: Ratelimit invalid-fence message - [x86] platform/x86: thinkpad_acpi: Allow the FnLock LED to change state - scsi: target: pscsi: Clean up after failure in pscsi_map_sg() - cifs: revalidate mapping when we open files for SMB1 POSIX - cifs: Silently ignore unknown oplock break handle - [amd64] bpf, x86: Validate computation of branch displacements for x86-64 (CVE-2021-29154) - [i386] bpf, x86: Validate computation of branch displacements for x86-32 (CVE-2021-29154) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.187 - ALSA: aloop: Fix initialization of controls - [x86] ASoC: intel: atom: Stop advertising non working S24LE support - nfc: fix refcount leak in llcp_sock_bind() (CVE-2020-25670) - nfc: fix refcount leak in llcp_sock_connect() (CVE-2020-25671) - nfc: fix memory leak in llcp_sock_connect() (CVE-2020-25672) - nfc: Avoid endless loops caused by repeated llcp_sock_connect() - xen/evtchn: Change irq_info lock to raw_spinlock_t - net: ipv6: check for validity before dereferencing cfg->fc_nlinfo.nlh - ocfs2: fix deadlock between setattr and dio_end_io_write - fs: direct-io: fix missing sdio->boundary - [armhf] dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin - batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field - ice: Increase control queue timeout - net: hso: fix null-ptr-deref during tty device unregistration - net: ensure mac header is set in virtio_net_hdr_to_skb() - net: sched: sch_teql: fix null-pointer dereference - net-ipv6: bugfix - raw & sctp - switch to ipv6_can_nonlocal_bind() - usbip: add sysfs_lock to synchronize sysfs code paths - usbip: stub-dev synchronize sysfs code paths - usbip: vudc synchronize sysfs code paths - usbip: synchronize event handler with sysfs code paths - i2c: turn recovery error on init to debug - virtio_net: Add XDP meta data support - xfrm: interface: fix ipv4 pmtu check to honor ip header df - net: xfrm: Localize sequence counter per network namespace - i40e: Added Asym_Pause to supported link modes - i40e: Fix kernel oops when i40e driver removes VF's - sch_red: fix off-by-one checks in red_check_params() - cxgb4: avoid collecting SGE_QBASE regs during traffic - net:tipc: Fix a double free in tipc_sk_mcast_rcv - [armhf] ASoC: sunxi: sun4i-codec: fill ASoC card owner - clk: fix invalid usage of list cursor in register - clk: fix invalid usage of list cursor in unregister - workqueue: Move the position of debug_work_activate() in __queue_work() - [s390x] cpcmd: fix inline assembly register clobbering - net/mlx5: Fix placement of log_max_flow_counter - net/mlx5: Fix PBMC register mapping - RDMA/cxgb4: check for ipv6 address properly while destroying listener - [armhf] clk: socfpga: fix iomem pointer cast on 64-bit - net: sched: bump refcount for new action in ACT replace mode - cfg80211: remove WARN_ON() in cfg80211_sme_connect - net: tun: set tun->dev->addr_len during TUNSETLINK processing - drivers: net: fix memory leak in atusb_probe - drivers: net: fix memory leak in peak_usb_create_dev - net: mac802154: Fix general protection fault - net: ieee802154: nl-mac: fix check on panid - net: ieee802154: fix nl802154 del llsec key - net: ieee802154: fix nl802154 del llsec dev - net: ieee802154: fix nl802154 add llsec key - net: ieee802154: fix nl802154 del llsec devkey - net: ieee802154: forbid monitor for set llsec params - net: ieee802154: forbid monitor for del llsec seclevel - net: ieee802154: stop dump llsec params for monitors - Revert "cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath." (Closes: #988352) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.188 - [arm64] KVM: Hide system instruction access to Trace registers - [arm64] KVM: Disable guest access to trace filter controls - [armhf] drm/imx: imx-ldb: fix out of bounds array access warning - gfs2: report "already frozen/thawed" errors - [arm64,armhf] drm/tegra: dc: Don't set PLL clock to 0Hz - block: only update parent bi_status when bio fail - net: phy: broadcom: Only advertise EEE for supported modes - staging: m57621-mmc: delete driver from the tree. (Closes: #986949) - netfilter: x_tables: fix compat match/target pad out-of-bound write - driver core: Fix locking bug in deferred_probe_timeout_work_func() - xen/events: fix setting irq affinity https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.189 - net/sctp: fix race condition in sctp_destroy_sock - gpio: sysfs: Obey valid_mask - neighbour: Disregard DEAD dst in neigh_update - [arm64] drm/msm: Fix a5xx/a6xx timestamps - scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state - net: ieee802154: stop dump llsec keys for monitors - net: ieee802154: stop dump llsec devs for monitors - net: ieee802154: forbid monitor for add llsec dev - net: ieee802154: stop dump llsec devkeys for monitors - net: ieee802154: forbid monitor for add llsec devkey - net: ieee802154: stop dump llsec seclevels for monitors - net: ieee802154: forbid monitor for add llsec seclevel - pcnet32: Use pci_resource_len to validate PCI resource - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices - readdir: make sure to verify directory entry for legacy interfaces too - [arm64] fix inline asm in load_unaligned_zeropad() - [arm64] alternatives: Move length validation in alternative_{insn, endif} - scsi: libsas: Reset num_scatter if libata marks qc as NODATA - netfilter: conntrack: do not print icmpv6 as unknown via /proc - netfilter: nft_limit: avoid possible divide error in nft_limit_init - net: sit: Unregister catch-all devices - net: ip6_tunnel: Unregister catch-all devices - i40e: fix the panic when running bpf in xdpdrv mode - [armel,armhf] 9071/1: uprobes: Don't hook on thumb instructions - net: phy: marvell: fix detection of PHY on Topaz switches - gup: document and work around "COW can break either way" issue (CVE-2020-29374) - [x86] pinctrl: lewisburg: Update number of pins in community - locking/qrwlock: Fix ordering in queued_write_lock_slowpath() - [x86] perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3 - HID: alps: fix error return code in alps_input_configured() - HID: wacom: Assign boolean values to a bool variable - net: geneve: check skb is large enough for IPv4/IPv6 header - [s390x] entry: save the caller of psw_idle - xen-netback: Check for hotplug-status existence before watching - [x86] crash: Fix crash_setup_memmap_entries() out-of-bounds access - net: hso: fix NULL-deref on disconnect regression - USB: CDC-ACM: fix poison/unpoison imbalance https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.190 - [x86] ACPI: tables: x86: Reserve memory occupied by ACPI tables - [x86] ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade() - net: usb: ax88179_178a: initialize local variables before use - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd() - [mips*] Do not include hi and lo in clobber list for R6 - bpf: Fix masking negation logic upon negative dst register (CVE-2021-31829) - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd() - ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX - USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet - USB: Add reset-resume quirk for WD19's Realtek Hub - [x86] platform/x86: thinkpad_acpi: Correct thermal sensor allocation - ovl: allow upperdir inside lowerdir https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.191 - [s390x] disassembler: increase ebpf disasm buffer size - ftrace: Handle commands when closing set_ftrace_filter file - ecryptfs: fix kernel panic with null dev_name - [armhf] spi: spi-ti-qspi: Free DMA resources - scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() - mmc: sdhci-pci: Fix initialization of some SD cards for Intel BYT-based controllers - mmc: block: Update ext_csd.cache_ctrl if it was written - mmc: block: Issue a cache flush only when it's enabled - mmc: core: Do a power cycle when the CMD11 fails - mmc: core: Set read only for SD cards with permanent write protect bit - cifs: Return correct error code from smb2_get_enc_key - btrfs: fix metadata extent leak after failure to create subvolume - [x86] intel_th: pci: Add Rocket Lake CPU support - fbdev: zero-fill colormap in fbcmap.c - staging: wimax/i2400m: fix byte-order issue - crypto: api - check for ERR pointers in crypto_destroy_tfm() - usb: gadget: uvc: add bInterval checking for HS mode - [x86] genirq/matrix: Prevent allocation counter corruption - usb: gadget: f_uac1: validate input parameters - [arm64,armhf] usb: dwc3: gadget: Ignore EP queue requests during bus reset - usb: xhci: Fix port minor revision - PCI: PM: Do not read power state in pci_enable_device_flags() - [arm64] tee: optee: do not check memref size on return from Secure World - [arm*] perf/arm_pmu_platform: Fix error handling - xhci: check control context is valid before dereferencing it. - xhci: fix potential array out of bounds with several interrupters - [x86] intel_th: Consistency and off-by-one fix - [armhf] phy: phy-twl4030-usb: Fix possible use-after-free in twl4030_usb_remove() - btrfs: convert logic BUG_ON()'s in replace_path to ASSERT()'s - scsi: lpfc: Fix incorrect dbde assignment when building target abts wqe - scsi: lpfc: Fix pt2pt connection does not recover after LOGO - scsi: target: pscsi: Fix warning in pscsi_complete_cmd() - [x86] media: ite-cir: check for receive overflow - power: supply: bq27xxx: fix power_avg for newer ICs - media: media/saa7164: fix saa7164_encoder_register() memory leak bugs - media: gspca/sq905.c: fix uninitialized variable - drm/amdgpu : Fix asic reset regression issue introduce by 8f211fe8ac7c4f - scsi: qla2xxx: Always check the return value of qla24xx_get_isp_stats() - scsi: qla2xxx: Fix use after free in bsg - scsi: scsi_dh_alua: Remove check for ASC 24h in alua_rtpg() - media: em28xx: fix memory leak - media: vivid: update EDID - [armhf] clk: socfpga: arria10: Fix memory leak of socfpga_clk on error return - media: dvb-usb: fix memory leak in dvb_usb_adapter_init - media: gscpa/stv06xx: fix memory leak - [arm64] drm/msm/mdp5: Configure PP_SYNC_HEIGHT to double the vtotal - drm/amdgpu: fix NULL pointer dereference - scsi: lpfc: Fix crash when a REG_RPI mailbox fails triggering a LOGO response - scsi: lpfc: Remove unsupported mbox PORT_CAPABILITIES logic - scsi: libfc: Fix a format specifier - [s390x] archrandom: add parameter check for s390_arch_random_generate - [i386] ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer - ALSA: hda/conexant: Re-order CX5066 quirk table entries - [i386] ALSA: sb: Fix two use after free in snd_sb_qsound_build - ALSA: usb-audio: Explicitly set up the clock selector - ALSA: usb-audio: More constifications - ALSA: usb-audio: Add dB range mapping for Sennheiser Communications Headset PC 8 - ALSA: hda/realtek: Add quirk for Intel Clevo PCx0Dx - btrfs: fix race when picking most recent mod log operation for an old root - [arm64] vdso: Discard .note.gnu.property sections in vDSO - ubifs: Only check replay with inode type to judge if inode linked - f2fs: fix to avoid out-of-bounds memory access (CVE-2021-3506) - openvswitch: fix stack OOB read while fragmenting IPv4 packets - [arm64] ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure - NFS: Don't discard pNFS layout segments that are marked for return - NFSv4: Don't discard segments marked for return in _pnfs_return_layout() - jffs2: Fix kasan slab-out-of-bounds problem - [powerpc*] eeh: Fix EEH handling for hugepages in ioremap space. - [x86] intel_th: pci: Add Alder Lake-M support - [arm64,x86] tpm: vtpm_proxy: Avoid reading host log when using a virtual device - md/raid1: properly indicate failure when ending a failed write request - dm raid: fix inconclusive reshape layout on fast raid4/5/6 table reload sequences - security: commoncap: fix -Wstringop-overread warning - jffs2: check the validity of dstlen in jffs2_zlib_compress() - Revert 337f13046ff0 ("futex: Allow FUTEX_CLOCK_REALTIME with FUTEX_WAIT op") - posix-timers: Preserve return value in clock_adjtime32() - [arm64] vdso: remove commas between macro name and arguments - ext4: fix check to prevent false positive report of incorrect used inodes - ext4: do not set SB_ACTIVE in ext4_orphan_cleanup() - ext4: fix error code in ext4_commit_super - media: dvbdev: Fix memory leak in dvb_media_device_free() - usb: gadget: Fix double free of device descriptor pointers - usb: gadget/function/f_fs string table fix for multiple languages - [arm64,armhf] usb: dwc3: gadget: Fix START_TRANSFER link state check - [arm*] usb: dwc2: Fix session request interrupt handler - tty: fix memory leak in vc_deallocate - tracing: Map all PIDs to command lines - tracing: Restructure trace_clock_global() to never block - dm space map common: fix division bug in sm_ll_find_free_block() - dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails - modules: mark ref_module static - modules: mark find_symbol static - modules: mark each_symbol_section static - modules: unexport __module_text_address - modules: unexport __module_address - modules: rename the licence field in struct symsearch to license - modules: return licensing information from find_symbol - modules: inherit TAINT_PROPRIETARY_MODULE - Bluetooth: verify AMP hci_chan before amp_destroy (CVE-2021-33034) - bluetooth: eliminate the potential race condition when removing the HCI controller (CVE-2021-32399) - net/nfc: fix use-after-free llcp_sock_bind/connect (CVE-2021-23134) - FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR - misc: lis3lv02d: Fix false-positive WARN on various HP models - [x86] misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct - [x86] misc: vmw_vmci: explicitly initialize vmci_datagram payload - md/bitmap: wait for external bitmap writes to complete during tear down - md-cluster: fix use-after-free issue when removing rdev - md: split mddev_find - md: factor out a mddev_find_locked helper from mddev_find - md: md_open returns -EBUSY when entering racing area - md: Fix missing unused status line of /proc/mdstat - ipw2x00: potential buffer overflow in libipw_wx_set_encodeext() - cfg80211: scan: drop entry from hidden_list on overflow - drm/radeon: fix copy of uninitialized variable back to userspace - ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries - ALSA: hda/realtek: Re-order ALC882 Sony quirk table entries - ALSA: hda/realtek: Re-order ALC882 Clevo quirk table entries - ALSA: hda/realtek: Re-order ALC269 HP quirk table entries - ALSA: hda/realtek: Re-order ALC269 Dell quirk table entries - ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries - ALSA: hda/realtek: Re-order ALC269 Lenovo quirk table entries - ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill devices - [x86] cpu: Initialize MSR_TSC_AUX if RDTSCP *or* RDPID is supported - [s390x] KVM: split kvm_s390_logical_to_effective - [s390x] KVM: fix guarded storage control register handling - [s390x] KVM: split kvm_s390_real_to_abs - ovl: fix missing revert_creds() on error path - [x86] usb: gadget: pch_udc: Revert d3cb25a12138 completely - [armhf] memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] - [armhf] dts: exynos: correct PMIC interrupt trigger level on SMDK5250 - regmap: set debugfs_name to NULL after it is freed - mtd: Handle possible -EPROBE_DEFER from parse_mtd_partitions() - [x86] microcode: Check for offline CPUs before requesting new microcode - [x86] usb: gadget: pch_udc: Replace cpu_to_le32() by lower_32_bits() - [x86] usb: gadget: pch_udc: Check if driver is present before calling ->setup() - [x86] usb: gadget: pch_udc: Check for DMA mapping error - [x86] crypto: qat - don't release uninitialized resources - [x86] crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init - mtd: require write permissions for locking and badblock ioctls - [arm64] bus: qcom: Put child node before return - [x86] crypto: qat - fix error path in adf_isr_resource_alloc() - [armhf] mtd: rawnand: gpmi: Fix a double free in gpmi_nand_init - [arm64,armhf] irqchip/gic-v3: Fix OF_BAD_ADDR error handling - [x86] staging: rtl8192u: Fix potential infinite loop - spi: Fix use-after-free with devm_spi_alloc_* - [arm64] soc: qcom: mdt_loader: Validate that p_filesz < p_memsz - [arm64] soc: qcom: mdt_loader: Detect truncated read of segments - [amd64,arm64] ACPI: CPPC: Replace cppc_attr with kobj_attribute - [x86] crypto: qat - Fix a double free in adf_create_ring - [arm64] cpufreq: armada-37xx: Fix setting TBG parent for load levels - [arm64] clk: mvebu: armada-37xx-periph: remove .set_parent method for CPU PM clock - [arm64] cpufreq: armada-37xx: Fix the AVS value for load L1 - [arm64] clk: mvebu: armada-37xx-periph: Fix switching CPU freq from 250 Mhz to 1 GHz - [arm64] clk: mvebu: armada-37xx-periph: Fix workaround for switching from L1 to L0 - [arm64] cpufreq: armada-37xx: Fix driver cleanup when registration failed - [arm64] cpufreq: armada-37xx: Fix determining base CPU frequency - USB: cdc-acm: fix unprivileged TIOCCSERIAL - tty: actually undefine superseded ASYNC flags - tty: fix return value for unsupported ioctls - usbip: vudc: fix missing unlock on error in usbip_sockfd_store() - [x86] platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards with critclk_systems DMI table - [x86] Drivers: hv: vmbus: Increase wait time for VMbus unload - [arm*] usb: dwc2: Fix host mode hibernation exit with remote wakeup flow. - [arm*] usb: dwc2: Fix hibernation between host and device modes. - ttyprintk: Add TTY hangup callback. - media: vivid: fix assignment of dev->fbuf_out_flags - media: m88rs6000t: avoid potential out-of-bounds reads on arrays - [x86] kprobes: Fix to check non boostable prefixes correctly - sata_mv: add IRQ checks - ata: libahci_platform: fix IRQ check - nvme: retrigger ANA log update if group descriptor isn't found - [arm64] clk: qcom: a53-pll: Add missing MODULE_DEVICE_TABLE - [powerpc*] scsi: ibmvfc: Fix invalid state machine BUG_ON() - [armhf] HSI: core: fix resource leaks in hsi_add_client_from_dt() - [amd64] x86/events/amd/iommu: Fix sysfs type mismatch - sched/debug: Fix cgroup_path[] serialization - drivers/block/null_blk/main: Fix a double free in null_init. - HID: plantronics: Workaround for double volume key presses - [powerpc*] prom: Mark identical_pvr_fixup as __init - ALSA: core: remove redundant spin_lock pair in snd_card_disconnect - bug: Remove redundant condition check in report_bug - nfc: pn533: prevent potential memory corruption - [arm64] net: hns3: Limiting the scope of vector_ring_chain variable - ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls - [powerpc*] 64s: Fix pte update for kernel memory on radix - [powerpc*] perf: Fix PMU constraint check for EBB events - mac80211: bail out if cipher schemes are invalid - mt7601u: fix always true expression - [amd64] IB/hfi1: Fix error return code in parse_platform_config() - [arm64] net: thunderx: Fix unintentional sign extension issue - RDMA/srpt: Fix error return code in srpt_cm_req_recv() - [mips*] pci-legacy: stop using of_pci_range_to_resource - [powerpc*] pseries: extract host bridge from pci_bus prior to bus removal - rtlwifi: 8821ae: upgrade PHY and RF parameters - mwl8k: Fix a double Free in mwl8k_probe_hw - [x86] vsock/vmci: log once the failed queue pair allocation - RDMA/i40iw: Fix error unwinding when i40iw_hmc_sd_one fails - ALSA: usb: midi: don't return -ENOMEM when usb_urb_ep_type_check fails - [armhf] net: davinci_emac: Fix incorrect masking of tx and rx error channel - ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices - ath10k: Fix ath10k_wmi_tlv_op_pull_peer_stats_info() unlock without lock - bnxt_en: fix ternary sign extension bug in bnxt_show_temp() - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb - [arm64] net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send - net:nfc:digital: Fix a double free in digital_tg_recv_dep_req - mm/sparse: add the missing sparse_buffer_fini() in error branch - mm/memory-failure: unnecessary amount of unmapping - net: Only allow init netns to set default tcp cong to a restricted algo - smp: Fix smp_call_function_single_async prototype - Revert "net/sctp: fix race condition in sctp_destroy_sock" - sctp: delay auto_asconf init until binding the first addr (CVE-2021-23133) - Revert "of/fdt: Make sure no-map does not remove already reserved regions" - Revert "fdt: Properly handle "no-map" field in the memory region" - [arm64,x86] tpm: fix error return code in tpm2_get_cc_attrs_tbl() - fs: dlm: fix debugfs dump - tipc: convert dest node's address to network order - [x86] ASoC: Intel: bytcr_rt5640: Enable jack-detect support on Asus T100TAF - [arm64] net: stmmac: Set FIFO sizes for ipq806x - i2c: bail out early when RDWR parameters are wrong - ALSA: hdsp: don't disable if not enabled - ALSA: hdspm: don't disable if not enabled - ALSA: rme9652: don't disable if not enabled - Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default - Bluetooth: initialize skb_queue_head at l2cap_chan_create() - net: bridge: when suppression is enabled exclude RARP packets - Bluetooth: check for zapped sk before connecting - ip6_vti: proper dev_{hold|put} in ndo_[un]init methods - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Chuwi Hi8 tablet - i2c: Add I2C_AQ_NO_REP_START adapter quirk - mac80211: clear the beacon's CRC after channel switch - [armhf] pinctrl: samsung: use 'int' for register masks in Exynos - cuse: prevent clone - sctp: Fix out-of-bounds warning in sctp_process_asconf_param() - [powerpc*] smp: Set numa node before updating mask - [x86] ASoC: rt286: Generalize support for ALC3263 codec - ethtool: ioctl: Fix out-of-bounds warning in store_link_ksettings_for_user() - [powerpc*] pseries: Stop calling printk in rtas_stop_self() - [x86] wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt - [x86] wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join - [powerpc*] iommu: Annotate nested lock for lockdep - [x86] ASoC: rt286: Make RT286_SET_GPIO_* readable and writable - f2fs: fix a redundant call to f2fs_balance_fs if an error occurs - PCI: Release OF node in pci_scan_device()'s error path - [armel,armhf] 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook - [arm64] rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data() - NFSv4.2: Always flush out writes in nfs42_proc_fallocate() - NFS: Deal correctly with attribute generation counter overflow - pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() - NFSv4.2 fix handling of sr_eof in SEEK's reply - rtc: ds1307: Fix wday settings for rx8130 - [arm64] net: hns3: disable phy loopback setting in hclge_mac_start_phy - sctp: do asoc update earlier in sctp_sf_do_dupcook_a - ethernet:enic: Fix a use after free bug in enic_hard_start_xmit - sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b - netfilter: xt_SECMARK: add new revision to fix structure layout - drm/radeon: Fix off-by-one power_state index heap overwrite - drm/radeon: Avoid power table parsing memory leaks - khugepaged: fix wrong result value for trace_mm_collapse_huge_page_isolate() - mm/hugeltb: handle the error case in hugetlb_fix_reserve_counts() - ksm: fix potential missing rmap_item for stable_node - net: fix nla_strcmp to handle more then one trailing null character - smc: disallow TCP_ULP in smc_setsockopt() - netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check - sched/fair: Fix unfairness caused by missing load decay - [amd64] kernel: kexec_file: fix error return code of kexec_calculate_store_digests() - netfilter: nftables: avoid overflows in nft_hash_buckets() - i40e: Fix use-after-free in i40e_client_subtask() - [powerpc*] 64s: Fix crashes when toggling stf barrier - [powerpc*] 64s: Fix crashes when toggling entry flush barrier - hfsplus: prevent corruption in shrinking truncate - squashfs: fix divide error in calculate_skip() - userfaultfd: release page in error path to avoid BUG_ON - drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors are connected - [arm64,x86] ACPI: scan: Fix a memory leak in an error handling path - blk-mq: Swap two calls in blk_mq_exit_queue() - [armhf] usb: dwc3: omap: improve extcon initialization - [arm64] usb: dwc3: pci: Enable usb2-gadget-lpm-disable for Intel Merrifield - [arm*] usb: dwc2: Fix gadget DMA unmap direction - usb: core: hub: fix race condition about TRSMRCY of resume - [arm64,armhf] usb: dwc3: gadget: Return success always for kick transfer in ep queue - xhci: Do not use GFP_KERNEL in (potentially) atomic context - xhci: Add reset resume quirk for AMD xhci controller. - [x86] iio: tsl2583: Fix division by a zero lux_val - cdc-wdm: untangle a circular dependency between callback and softint - [x86] KVM: Cancel pvclock_gtod_work on module removal - thermal/core/fair share: Lock the thermal zone while looping over instances - kobject_uevent: remove warning in init_uevent_argv() - netfilter: conntrack: Make global sysctls readonly in non-init netns - nvme: do not try to reconfigure APST when the controller is not live - [x86] msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes - usb: sl811-hcd: improve misleading indentation - cxgb4: Fix the -Wmisleading-indentation warning - isdn: capi: fix mismatched prototypes - [arm64] PCI: thunder: Fix compile testing - [armel,armhf] 9066/1: ftrace: pause/unpause function graph tracer in cpu_suspend() - [arm64,x86] ACPI / hotplug / PCI: Fix reference count leak in enable_slot() - [arm64] Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated devices - [armel,armhf] 9075/1: kernel: Fix interrupted SMC calls - ceph: fix fscache invalidation - scsi: target: tcmu: Return from tcmu_handle_completions() if cmd_id not found - [arm64,x86] gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055 - ALSA: hda: generic: change the DAC ctl name for LO+SPK or LO+HP - block: reexpand iov_iter after read/write - [arm64,armhf] net: stmmac: Do not enable RX FIFO overflow interrupts - ip6_gre: proper dev_{hold|put} in ndo_[un]init methods - sit: proper dev_{hold|put} in ndo_[un]init methods - ip6_tunnel: sit: proper dev_{hold|put} in ndo_[un]init methods - ipv6: remove extra dev_hold() for fallback tunnels - iomap: fix sub-page uptodate handling - [arm64] KVM: Initialize VCPU mdcr_el2 before loading it - tweewide: Fix most Shebang lines - scripts: switch explicitly to Python 3 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.192 - RDMA/rxe: Clear all QP fields if creation failed - scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword() - RDMA/mlx5: Recover from fatal event in dual port mode - [x86] platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios - ptrace: make ptrace() fail if the tracee changed its pid unexpectedly - nvmet: seset ns->file when open fails - locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal - cifs: fix memory leak in smb2_copychunk_range - ALSA: dice: fix stream format for TC Electronic Konnekt Live at high sampling transfer frequency - ALSA: line6: Fix racy initialization of LINE6 MIDI - ALSA: dice: fix stream format at middle sampling rate for Alesis iO 26 - ALSA: usb-audio: Validate MS endpoint descriptors - ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro - [i386] Revert "ALSA: sb8: add a check for request_region" - ALSA: hda/realtek: reset eapd coeff to default value for alc287 - ALSA: hda/realtek: Add some CLOVE SSIDs of ALC293 - [arm64] Revert "serial: mvebu-uart: Fix to avoid a potential NULL pointer dereference" - [x86] xen-pciback: reconfigure also from backend watch handler - dm snapshot: fix crash with transient storage and zero chunk size - [x86] Revert "video: hgafb: fix potential NULL pointer dereference" - [arm64,armhf] Revert "net: stmicro: fix a missing check of clk_prepare" - [armhf] Revert "leds: lp5523: fix a missing check of return value of lp55xx_read" - Revert "hwmon: (lm80) fix a missing check of bus read in lm80 probe" - Revert "ecryptfs: replace BUG_ON with error handling code" - Revert "rtlwifi: fix a potential NULL pointer dereference" - Revert "qlcnic: Avoid potential NULL pointer dereference" - Revert "niu: fix missing checks of niu_pci_eeprom_read" - ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read() - [arm64,armhf] net: stmicro: handle clk_prepare() failure during init - net: rtlwifi: properly check for alloc_workqueue() failure - [armhf] leds: lp5523: check return value of lp5xx_read and jump to cleanup code - qlcnic: Add null check after calling netdev_alloc_skb - [x86] video: hgafb: fix potential NULL pointer dereference - vgacon: Record video mode changes with VT_RESIZEX - vt: Fix character height handling with VT_RESIZEX - tty: vt: always invoke vc->vc_sw->con_resize callback - [x86] video: hgafb: correctly handle card detect failure during probe - Bluetooth: SMP: Fail if remote and local public keys are identical (CVE-2020-26558, CVE-2021-0129) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.193 - mm, vmstat: drop zone->lock in /proc/pagetypeinfo - [arm64,armhf] usb: dwc3: gadget: Enable suspend events - NFC: nci: fix memory leak in nci_allocate_device - cifs: set server->cipher_type to AES-128-CCM for SMB3.0 - NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() - [amd64] iommu/vt-d: Fix sysfs leak in alloc_iommu() - proc: Check /proc/$pid/attr/ writes against file opener - net: hso: fix control-request directions - mac80211: assure all fragments are encrypted (CVE-2020-26147) - mac80211: prevent mixed key and fragment cache attacks (CVE-2020-24586, CVE-2020-24587) - mac80211: properly handle A-MSDUs that start with an RFC 1042 header - cfg80211: mitigate A-MSDU aggregation attacks (CVE-2020-24588) - mac80211: drop A-MSDUs on old ciphers (CVE-2020-24588) - mac80211: add fragment cache to sta_info - mac80211: check defrag PN against current frame - mac80211: prevent attacks on TKIP/WEP as well - mac80211: do not accept/forward invalid EAPOL frames (CVE-2020-26139) - mac80211: extend protection against mixed key and fragment cache attacks (CVE-2020-24586, CVE-2020-24587) - ath10k: Validate first subframe of A-MSDU before processing the list - dm snapshot: properly fix a crash when an origin has no snapshots - misc/uss720: fix memory leak in uss720_probe - [x86] thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue - [x86] mei: request autosuspend after sending rx flow control - USB: trancevibrator: fix control-request direction - USB: usbfs: Don't WARN about excessively large memory allocations - serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' - USB: serial: ti_usb_3410_5052: add startech.com device id - USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011 - USB: serial: ftdi_sio: add IDs for IDS GmbH Products - USB: serial: pl2303: add device id for ADLINK ND-6530 GC - [arm64,armhf] usb: dwc3: gadget: Properly track pending and queued SG - net: usb: fix memory leak in smsc75xx_bind - bpf: extend is_branch_taken to registers - bpf: Test_verifier, bpf_get_stack return value add <0 - bpf, test_verifier: switch bpf_get_stack's 0 s> r8 test - bpf: Move off_reg into sanitize_ptr_alu (CVE-2021-29155) - bpf: Ensure off_reg has no mixed signed bounds for all types (CVE-2021-29155) - bpf: Rework ptr_limit into alu_limit and add common error path (CVE-2021-29155) - bpf: Improve verifier error messages for users (CVE-2021-29155) - bpf: Refactor and streamline bounds check into helper (CVE-2021-29155) - bpf: Move sanitize_val_alu out of op switch (CVE-2021-29155) - bpf: Tighten speculative pointer arithmetic mask (CVE-2021-29155) - bpf: Update selftests to reflect new error states - bpf: Fix leakage of uninitialized bpf stack under speculation (CVE-2021-31829) - bpf: Wrap aux data inside bpf_sanitize_info container - bpf: Fix mask direction swap upon off reg sign change - bpf: No need to simulate speculative domain for immediates - [armhf] spi: gpio: Don't leak SPI master in probe error path - Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails - NFS: fix an incorrect limit in filelayout_decode_layout() - NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce() - NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config - [arm64] drm/meson: fix shutdown crash when component not probed - net/mlx4: Fix EEPROM dump support - Revert "net:tipc: Fix a double free in tipc_sk_mcast_rcv" - tipc: skb_linearize the head skb when reassembling msgs - [arm64,armhf] net: dsa: fix a crash if ->get_sset_count() fails - [armhf] i2c: s3c2410: fix possible NULL pointer deref on read message after write - [x86] i2c: i801: Don't generate an interrupt on bus reset - [x86] platform/x86: hp_accel: Avoid invoking _INI to speed up resume - [x86] net: fujitsu: fix potential null-ptr-deref - [x86] char: hpet: add checks after calling ioremap - isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io - [arm64] dmaengine: qcom_hidma: comment platform_driver_register call - libertas: register sysfs groups properly - media: dvb: Add check on sp8870_readreg return - media: gspca: properly check for errors in po1030_probe() - [x86] scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic - btrfs: do not BUG_ON in link_to_fixup_dir - [x86] platform/x86: hp-wireless: add AMD's hardware id to the supported list - SMB3: incorrect file id in requests compounded with open - drm/amd/amdgpu: fix refcount leak - drm/amdgpu: Fix a use-after-free - [arm64,armhf] net: dsa: fix error code getting shifted with 4 in dsa_slave_get_sset_count - [armhf] net: fec: fix the potential memory leak in fec_enet_init() - [arm64] net: mdio: thunder: Fix a double free issue in the .remove function - [mips*] net: mdio: octeon: Fix some double free issues - openvswitch: meter: fix race when getting now_ms. - net: bnx2: Fix error return code in bnx2_init_board() - mld: fix panic in mld_newpack() - bpf: Set mac_len in bpf_skb_change_head - ixgbe: fix large MTU request from VF - scsi: libsas: Use _safe() loop in sas_resume_port() - ipv6: record frag_max_size in atomic fragments in input path - sch_dsmark: fix a NULL deref in qdisc_reset() - hugetlbfs: hugetlb_fault_mutex_hash() cleanup - drivers/net/ethernet: clean up unused assignments - [arm64] net: hns3: check the return of skb_checksum_help() - usb: core: reduce power-on-good delay time of root hub https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.194 - net: usb: cdc_ncm: don't spew notifications (Closes: #989451) - ALSA: usb: update old-style static const declaration - nl80211: validate key indexes for cfg80211_registered_device - efi: Allow EFI_MEMORY_XP and EFI_MEMORY_RO both to be cleared - [arm64,x86] efi: cper: fix snprintf() use in cper_dimm_err_location() - vfio/pci: Fix error return code in vfio_ecap_init() - ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service - HID: pidff: fix error return code in hid_pidff_init() - [arm64,x86] HID: i2c-hid: fix format string mismatch - netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches - ieee802154: fix error return code in ieee802154_add_iface() - ieee802154: fix error return code in ieee802154_llsec_getparams() - ixgbevf: add correct exception tracing for XDP - tipc: add extack messages for bearer/media failure - tipc: fix unique bearer names sanity check - Bluetooth: fix the erroneous flush_work() order (CVE-2021-3564) - Bluetooth: use correct lock to prevent UAF of hdev object (CVE-2021-3573) - HID: multitouch: require Finger field to mark Win8 reports as MT - ALSA: timer: Fix master timer notification - ALSA: hda: Fix for mute key LED for HP Pavilion 15-CK0xx - ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed - [arm*] usb: dwc2: Fix build in periphal-only mode - pid: take a reference when initializing `cad_pid` - ocfs2: fix data corruption by fallocate - nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect (CVE-2021-3587) - [x86] apic: Mark _all_ legacy interrupts when IO/APIC is missing - btrfs: mark ordered extent and inode with error if we fail to finish - btrfs: fix error handling in btrfs_del_csums - btrfs: return errors from btrfs_del_csums in cleanup_ref_head - btrfs: fixup error handling in fixup_inode_link_counts - mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY - bpf: Add BPF_F_ANY_ALIGNMENT. - bnxt_en: Remove the setting of dev_port. - perf/cgroups: Don't rotate events for cgroups unnecessarily - perf/core: Fix corner case in perf_rotate_context() - btrfs: fix unmountable seed device after fstrim - [x86] KVM: SVM: Truncate GPR value for DR and CR accesses in !64-bit mode - [arm64] KVM: Fix debug register indexing - [arm64,x86] ACPI: probe ECDT before loading AML tables regardless of module-level code flag - [arm64,x86] ACPI: EC: Look for ECDT EC after calling acpi_load_tables() - sched/fair: Optimize select_idle_cpu - [x86] xen-pciback: redo VF placement in the virtual topology . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.182-rt74 * [rt] Add new signing key for Clark Williams * [rt] Update to 4.19.184-rt75 * Bump ABI to 17 * [rt] Refresh "workqueue: Use normal rcu" * [rt] Refresh "workqueue: Use local irq lock instead of irq disable" * [rt] Refresh "workqueue: rework" * [rt] Update to 4.19.188-rt77 * [rt] Update to 4.19.190-rt79 * [rt] Refresh "ptrace: fix ptrace vs tasklist_lock race" * [rt] Update to 4.19.193-rt81 * [rt] Refresh "kernel: sched: Provide a pointer to the valid CPU mask" linux-signed-i386 (4.19.194+1) buster; urgency=medium . * Sign kernel from linux 4.19.194-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.182 - [arm64] KVM: nvhe: Save the SPE context early - [armhf] net: dsa: b53: Support setting learning on port https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.183 - ALSA: hda: generic: Fix the micmute led init state - Revert "PM: runtime: Update device status before letting suppliers suspend" - vmlinux.lds.h: Create section for protection against instrumentation - btrfs: fix race when cloning extent buffer during rewind of an old root (CVE-2021-28964) - btrfs: fix slab cache flags for free space tree bitmap - [armhf] ASoC: fsl_ssi: Fix TDM slot setup for I2S mode - nvmet: don't check iosqes,iocqes for discovery controllers - NFSD: Repair misuse of sv_lock in 5.10.16-rt30. - svcrdma: disable timeouts on rdma backchannel - sunrpc: fix refcount leak for rpc auth modules - scsi: lpfc: Fix some error codes in debugfs - nvme-rdma: fix possible hang when failing to set io queues - [powerpc*] Force inlining of cpu_has_feature() to avoid build failure - usb-storage: Add quirk to defeat Kindle's automatic unload - usbip: Fix incorrect double assignment to udc->ud.tcp_rx - USB: replace hardcode maximum usb string length by definition - usb: gadget: configfs: Fix KASAN use-after-free - [arm64] iio:adc:qcom-spmi-vadc: add default scale to LR_MUX2_BAT_ID channel - iio: hid-sensor-prox: Fix scale not correct issue - [powerpc*] PCI: rpadlpar: Fix potential drc_name corruption in store functions (CVE-2021-28972) - [x86] perf/x86/intel: Fix a crash caused by zero PEBS status (CVE-2021-28971) - [x86] ioapic: Ignore IRQ2 again - kernel, fs: Introduce and use set_restart_fn() and arch_set_restart_data() - [x86] Move TS_COMPAT back to asm/thread_info.h - [x86] Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall() - ext4: find old entry again if failed to rename whiteout - ext4: do not try to set xattr into ea_inode if value is empty - ext4: fix potential error in ext4_do_update_inode - genirq: Disable interrupts for force threaded handlers - [x86] apic/of: Fix CPU devicetree-node lookups - cifs: Fix preauth hash corruption https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.184 - [armhf] net: fec: ptp: avoid register access when ipg clock is disabled - [powerpc*] 4xx: Fix build errors from mfdcr() - atm: eni: dont release is never initialized - atm: lanai: dont run lanai_dev_close if not open - Revert "r8152: adjust the settings about MAC clock speed down for RTL8153" - ixgbe: Fix memleak in ixgbe_configure_clsu32 - net: tehuti: fix error return code in bdx_probe() - sun/niu: fix wrong RXMAC_BC_FRM_CNT_COUNT count - gianfar: fix jumbo packets+napi+rx overrun crash (CVE-2021-29264) - gpiolib: acpi: Add missing IRQF_ONESHOT - nfs: fix PNFS_FLEXFILE_LAYOUT Kconfig default - NFS: Correct size calculation for create reply length - [arm64] net: hisilicon: hns: fix error return code of hns_nic_clear_all_rx_fetch() - [x86] atm: uPD98402: fix incorrect allocation - atm: idt77252: fix null-ptr-dereference - u64_stats,lockdep: Fix u64_stats_init() vs lockdep - nfs: we don't support removing system.nfs4_acl - block: Suppress uevent for hidden device when removed - [arm64] netsec: restore phy power state after controller reset - [x86] platform/x86: intel-vbtn: Stop reporting SW_DOCK events - squashfs: fix inode lookup sanity checks - squashfs: fix xattr id and id lookup sanity checks - dm ioctl: fix out of bounds array access when no devices (CVE-2021-31916) - [armhf] bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD - veth: Store queue_mapping independently of XDP prog presence - libbpf: Fix INSTALL flag order - macvlan: macvlan_count_rx() needs to be aware of preemption - [armhf] net: dsa: bcm_sf2: Qualify phydev->dev_flags based on port - e1000e: add rtnl_lock() to e1000_reset_task - e1000e: Fix error handling in e1000_set_d0_lplu_state_82571 - net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template - netfilter: ctnetlink: fix dump of the expect mask attribute - can: peak_usb: add forgotten supported devices - [armhf] can: flexcan: flexcan_chip_freeze(): fix chip freeze for missing bitrate - mac80211: fix rate mask reset - net: cdc-phonet: fix data-interface release on probe failure - [arm64,armhf] net: stmmac: dwmac-sun8i: Provide TX and RX fifo sizes - [arm64] drm/msm: fix shutdown hook in case GPU components failed to bind - net/mlx5e: Fix error path for ethtool set-priv-flag - RDMA/cxgb4: Fix adapter LE hash errors while destroying ipv6 listening server - bpf: Don't do bpf_cgroup_storage_set() for kuprobe/tp programs - Revert "netfilter: x_tables: Switch synchronization to RCU" - netfilter: x_tables: Use correct memory barriers. (CVE-2021-29650) - Revert "netfilter: x_tables: Update remaining dereference to RCU" - ACPI: scan: Rearrange memory allocation in acpi_device_add() - ACPI: scan: Use unique number for instance_no - dm verity: add root hash pkcs#7 signature verification - scsi: qedi: Fix error return code of qedi_alloc_global_queues() - scsi: mpt3sas: Fix error return code of mpt3sas_base_attach() - locking/mutex: Fix non debug version of mutex_lock_io_nested() - can: dev: Move device back to init netns on owning netns delete - net: sched: validate stab values - net: qrtr: fix a kernel-infoleak in qrtr_recvmsg() (CVE-2021-29647) - mac80211: fix double free in ibss_leave - ext4: add reclaim checks to xattr code - can: peak_usb: Revert "can: peak_usb: add forgotten supported devices" - xen-blkback: don't leak persistent grants from xen_blkbk_map() (CVE-2021-28688) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.185 - selinux: vsock: Set SID for socket returned by accept() - tcp: relookup sock for RST+ACK packets handled by obsolete req sock - ipv6: weaken the v4mapped source check - ext4: fix bh ref count on error paths - rpc: fix NULL dereference on kmalloc failure - ASoC: rt5640: Fix dac- and adc- vol-tlv values being off by a factor of 10 - [x86] ASoC: rt5651: Fix dac- and adc- vol-tlv values being off by a factor of 10 - [armhf] ASoC: sgtl5000: set DAP_AVC_CTRL register to correct default value on probe - [x86] ASoC: es8316: Simplify adc_pga_gain_tlv table - vhost: Fix vhost_vq_reset() - scsi: st: Fix a use after free in st_open() - scsi: qla2xxx: Fix broken #endif placement - [x86] staging: comedi: cb_pcidas: fix request_irq() warn - [x86] staging: comedi: cb_pcidas64: fix request_irq() warn - thermal/core: Add NULL pointer check before using cooling device stats - locking/ww_mutex: Simplify use_ww_ctx & ww_ctx handling - ext4: do not iput inode under running transaction in ext4_rename() - brcmfmac: clear EAP/association status bits on linkdown events - ath10k: hold RCU lock when calling ieee80211_find_sta_by_ifaddr() - [amd64] net: ethernet: aquantia: Handle error cleanup of start on open - appletalk: Fix skb allocation size in loopback case - [x86] net: wan/lmc: unregister device when no matching device is found - bpf: Remove MTU check in __bpf_skb_max_len - ALSA: usb-audio: Apply sample rate quirk to Logitech Connect - ALSA: hda/realtek: fix a determine_headset_type issue for a Dell AIO - ALSA: hda/realtek: call alc_update_headset_mode() in hp_automute_hook - PM: runtime: Fix race getting/putting suppliers at probe - PM: runtime: Fix ordering in pm_runtime_get_suppliers() - tracing: Fix stack trace event size - mm: fix race by making init_zero_pfn() early_initcall - drm/amdgpu: fix offset calculation in amdgpu_vm_bo_clear_mappings() - drm/amdgpu: check alignment on CPU page for bo map - reiserfs: update reiserfs_xattrs_initialized() condition - [arm64,armhf] pinctrl: rockchip: fix restore error in resume - extcon: Add stubs for extcon_register_notifier_all() functions - extcon: Fix error handling in extcon_dev_register - firewire: nosy: Fix a use-after-free bug in nosy_ioctl() (CVE-2021-3483) - usbip: vhci_hcd fix shift out-of-bounds in vhci_hub_control() - USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem - [arm64,armhf] usb: musb: Fix suspend with devices connected for a64 - cdc-acm: fix BREAK rx code path adding necessary calls - USB: cdc-acm: untangle a circular dependency between callback and softint - USB: cdc-acm: downgrade message to debug - USB: cdc-acm: fix double free on probe failure - USB: cdc-acm: fix use-after-free after probe failure - [i386] usb: gadget: udc: amd5536udc_pci fix null-ptr-dereference - [arm*] usb: dwc2: Fix HPRT0.PrtSusp bit setting for HiKey 960 board. - [x86] staging: rtl8192e: Fix incorrect source in memcpy() - staging: rtl8192e: Change state information from u16 to u8 - drivers: video: fbcon: fix NULL dereference in fbcon_cursor() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.186 - [armhf] bus: ti-sysc: Fix warning on unbind if reset is not deasserted - [x86] platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2 - mISDN: fix crash in fritzpci - mac80211: choose first enabled channel for monitor - [arm64] drm/msm: Ratelimit invalid-fence message - [x86] platform/x86: thinkpad_acpi: Allow the FnLock LED to change state - scsi: target: pscsi: Clean up after failure in pscsi_map_sg() - cifs: revalidate mapping when we open files for SMB1 POSIX - cifs: Silently ignore unknown oplock break handle - [amd64] bpf, x86: Validate computation of branch displacements for x86-64 (CVE-2021-29154) - [i386] bpf, x86: Validate computation of branch displacements for x86-32 (CVE-2021-29154) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.187 - ALSA: aloop: Fix initialization of controls - [x86] ASoC: intel: atom: Stop advertising non working S24LE support - nfc: fix refcount leak in llcp_sock_bind() (CVE-2020-25670) - nfc: fix refcount leak in llcp_sock_connect() (CVE-2020-25671) - nfc: fix memory leak in llcp_sock_connect() (CVE-2020-25672) - nfc: Avoid endless loops caused by repeated llcp_sock_connect() - xen/evtchn: Change irq_info lock to raw_spinlock_t - net: ipv6: check for validity before dereferencing cfg->fc_nlinfo.nlh - ocfs2: fix deadlock between setattr and dio_end_io_write - fs: direct-io: fix missing sdio->boundary - [armhf] dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin - batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field - ice: Increase control queue timeout - net: hso: fix null-ptr-deref during tty device unregistration - net: ensure mac header is set in virtio_net_hdr_to_skb() - net: sched: sch_teql: fix null-pointer dereference - net-ipv6: bugfix - raw & sctp - switch to ipv6_can_nonlocal_bind() - usbip: add sysfs_lock to synchronize sysfs code paths - usbip: stub-dev synchronize sysfs code paths - usbip: vudc synchronize sysfs code paths - usbip: synchronize event handler with sysfs code paths - i2c: turn recovery error on init to debug - virtio_net: Add XDP meta data support - xfrm: interface: fix ipv4 pmtu check to honor ip header df - net: xfrm: Localize sequence counter per network namespace - i40e: Added Asym_Pause to supported link modes - i40e: Fix kernel oops when i40e driver removes VF's - sch_red: fix off-by-one checks in red_check_params() - cxgb4: avoid collecting SGE_QBASE regs during traffic - net:tipc: Fix a double free in tipc_sk_mcast_rcv - [armhf] ASoC: sunxi: sun4i-codec: fill ASoC card owner - clk: fix invalid usage of list cursor in register - clk: fix invalid usage of list cursor in unregister - workqueue: Move the position of debug_work_activate() in __queue_work() - [s390x] cpcmd: fix inline assembly register clobbering - net/mlx5: Fix placement of log_max_flow_counter - net/mlx5: Fix PBMC register mapping - RDMA/cxgb4: check for ipv6 address properly while destroying listener - [armhf] clk: socfpga: fix iomem pointer cast on 64-bit - net: sched: bump refcount for new action in ACT replace mode - cfg80211: remove WARN_ON() in cfg80211_sme_connect - net: tun: set tun->dev->addr_len during TUNSETLINK processing - drivers: net: fix memory leak in atusb_probe - drivers: net: fix memory leak in peak_usb_create_dev - net: mac802154: Fix general protection fault - net: ieee802154: nl-mac: fix check on panid - net: ieee802154: fix nl802154 del llsec key - net: ieee802154: fix nl802154 del llsec dev - net: ieee802154: fix nl802154 add llsec key - net: ieee802154: fix nl802154 del llsec devkey - net: ieee802154: forbid monitor for set llsec params - net: ieee802154: forbid monitor for del llsec seclevel - net: ieee802154: stop dump llsec params for monitors - Revert "cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath." (Closes: #988352) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.188 - [arm64] KVM: Hide system instruction access to Trace registers - [arm64] KVM: Disable guest access to trace filter controls - [armhf] drm/imx: imx-ldb: fix out of bounds array access warning - gfs2: report "already frozen/thawed" errors - [arm64,armhf] drm/tegra: dc: Don't set PLL clock to 0Hz - block: only update parent bi_status when bio fail - net: phy: broadcom: Only advertise EEE for supported modes - staging: m57621-mmc: delete driver from the tree. (Closes: #986949) - netfilter: x_tables: fix compat match/target pad out-of-bound write - driver core: Fix locking bug in deferred_probe_timeout_work_func() - xen/events: fix setting irq affinity https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.189 - net/sctp: fix race condition in sctp_destroy_sock - gpio: sysfs: Obey valid_mask - neighbour: Disregard DEAD dst in neigh_update - [arm64] drm/msm: Fix a5xx/a6xx timestamps - scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state - net: ieee802154: stop dump llsec keys for monitors - net: ieee802154: stop dump llsec devs for monitors - net: ieee802154: forbid monitor for add llsec dev - net: ieee802154: stop dump llsec devkeys for monitors - net: ieee802154: forbid monitor for add llsec devkey - net: ieee802154: stop dump llsec seclevels for monitors - net: ieee802154: forbid monitor for add llsec seclevel - pcnet32: Use pci_resource_len to validate PCI resource - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices - readdir: make sure to verify directory entry for legacy interfaces too - [arm64] fix inline asm in load_unaligned_zeropad() - [arm64] alternatives: Move length validation in alternative_{insn, endif} - scsi: libsas: Reset num_scatter if libata marks qc as NODATA - netfilter: conntrack: do not print icmpv6 as unknown via /proc - netfilter: nft_limit: avoid possible divide error in nft_limit_init - net: sit: Unregister catch-all devices - net: ip6_tunnel: Unregister catch-all devices - i40e: fix the panic when running bpf in xdpdrv mode - [armel,armhf] 9071/1: uprobes: Don't hook on thumb instructions - net: phy: marvell: fix detection of PHY on Topaz switches - gup: document and work around "COW can break either way" issue (CVE-2020-29374) - [x86] pinctrl: lewisburg: Update number of pins in community - locking/qrwlock: Fix ordering in queued_write_lock_slowpath() - [x86] perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3 - HID: alps: fix error return code in alps_input_configured() - HID: wacom: Assign boolean values to a bool variable - net: geneve: check skb is large enough for IPv4/IPv6 header - [s390x] entry: save the caller of psw_idle - xen-netback: Check for hotplug-status existence before watching - [x86] crash: Fix crash_setup_memmap_entries() out-of-bounds access - net: hso: fix NULL-deref on disconnect regression - USB: CDC-ACM: fix poison/unpoison imbalance https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.190 - [x86] ACPI: tables: x86: Reserve memory occupied by ACPI tables - [x86] ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade() - net: usb: ax88179_178a: initialize local variables before use - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd() - [mips*] Do not include hi and lo in clobber list for R6 - bpf: Fix masking negation logic upon negative dst register (CVE-2021-31829) - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd() - ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX - USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet - USB: Add reset-resume quirk for WD19's Realtek Hub - [x86] platform/x86: thinkpad_acpi: Correct thermal sensor allocation - ovl: allow upperdir inside lowerdir https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.191 - [s390x] disassembler: increase ebpf disasm buffer size - ftrace: Handle commands when closing set_ftrace_filter file - ecryptfs: fix kernel panic with null dev_name - [armhf] spi: spi-ti-qspi: Free DMA resources - scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() - mmc: sdhci-pci: Fix initialization of some SD cards for Intel BYT-based controllers - mmc: block: Update ext_csd.cache_ctrl if it was written - mmc: block: Issue a cache flush only when it's enabled - mmc: core: Do a power cycle when the CMD11 fails - mmc: core: Set read only for SD cards with permanent write protect bit - cifs: Return correct error code from smb2_get_enc_key - btrfs: fix metadata extent leak after failure to create subvolume - [x86] intel_th: pci: Add Rocket Lake CPU support - fbdev: zero-fill colormap in fbcmap.c - staging: wimax/i2400m: fix byte-order issue - crypto: api - check for ERR pointers in crypto_destroy_tfm() - usb: gadget: uvc: add bInterval checking for HS mode - [x86] genirq/matrix: Prevent allocation counter corruption - usb: gadget: f_uac1: validate input parameters - [arm64,armhf] usb: dwc3: gadget: Ignore EP queue requests during bus reset - usb: xhci: Fix port minor revision - PCI: PM: Do not read power state in pci_enable_device_flags() - [arm64] tee: optee: do not check memref size on return from Secure World - [arm*] perf/arm_pmu_platform: Fix error handling - xhci: check control context is valid before dereferencing it. - xhci: fix potential array out of bounds with several interrupters - [x86] intel_th: Consistency and off-by-one fix - [armhf] phy: phy-twl4030-usb: Fix possible use-after-free in twl4030_usb_remove() - btrfs: convert logic BUG_ON()'s in replace_path to ASSERT()'s - scsi: lpfc: Fix incorrect dbde assignment when building target abts wqe - scsi: lpfc: Fix pt2pt connection does not recover after LOGO - scsi: target: pscsi: Fix warning in pscsi_complete_cmd() - [x86] media: ite-cir: check for receive overflow - power: supply: bq27xxx: fix power_avg for newer ICs - media: media/saa7164: fix saa7164_encoder_register() memory leak bugs - media: gspca/sq905.c: fix uninitialized variable - drm/amdgpu : Fix asic reset regression issue introduce by 8f211fe8ac7c4f - scsi: qla2xxx: Always check the return value of qla24xx_get_isp_stats() - scsi: qla2xxx: Fix use after free in bsg - scsi: scsi_dh_alua: Remove check for ASC 24h in alua_rtpg() - media: em28xx: fix memory leak - media: vivid: update EDID - [armhf] clk: socfpga: arria10: Fix memory leak of socfpga_clk on error return - media: dvb-usb: fix memory leak in dvb_usb_adapter_init - media: gscpa/stv06xx: fix memory leak - [arm64] drm/msm/mdp5: Configure PP_SYNC_HEIGHT to double the vtotal - drm/amdgpu: fix NULL pointer dereference - scsi: lpfc: Fix crash when a REG_RPI mailbox fails triggering a LOGO response - scsi: lpfc: Remove unsupported mbox PORT_CAPABILITIES logic - scsi: libfc: Fix a format specifier - [s390x] archrandom: add parameter check for s390_arch_random_generate - [i386] ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer - ALSA: hda/conexant: Re-order CX5066 quirk table entries - [i386] ALSA: sb: Fix two use after free in snd_sb_qsound_build - ALSA: usb-audio: Explicitly set up the clock selector - ALSA: usb-audio: More constifications - ALSA: usb-audio: Add dB range mapping for Sennheiser Communications Headset PC 8 - ALSA: hda/realtek: Add quirk for Intel Clevo PCx0Dx - btrfs: fix race when picking most recent mod log operation for an old root - [arm64] vdso: Discard .note.gnu.property sections in vDSO - ubifs: Only check replay with inode type to judge if inode linked - f2fs: fix to avoid out-of-bounds memory access (CVE-2021-3506) - openvswitch: fix stack OOB read while fragmenting IPv4 packets - [arm64] ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure - NFS: Don't discard pNFS layout segments that are marked for return - NFSv4: Don't discard segments marked for return in _pnfs_return_layout() - jffs2: Fix kasan slab-out-of-bounds problem - [powerpc*] eeh: Fix EEH handling for hugepages in ioremap space. - [x86] intel_th: pci: Add Alder Lake-M support - [arm64,x86] tpm: vtpm_proxy: Avoid reading host log when using a virtual device - md/raid1: properly indicate failure when ending a failed write request - dm raid: fix inconclusive reshape layout on fast raid4/5/6 table reload sequences - security: commoncap: fix -Wstringop-overread warning - jffs2: check the validity of dstlen in jffs2_zlib_compress() - Revert 337f13046ff0 ("futex: Allow FUTEX_CLOCK_REALTIME with FUTEX_WAIT op") - posix-timers: Preserve return value in clock_adjtime32() - [arm64] vdso: remove commas between macro name and arguments - ext4: fix check to prevent false positive report of incorrect used inodes - ext4: do not set SB_ACTIVE in ext4_orphan_cleanup() - ext4: fix error code in ext4_commit_super - media: dvbdev: Fix memory leak in dvb_media_device_free() - usb: gadget: Fix double free of device descriptor pointers - usb: gadget/function/f_fs string table fix for multiple languages - [arm64,armhf] usb: dwc3: gadget: Fix START_TRANSFER link state check - [arm*] usb: dwc2: Fix session request interrupt handler - tty: fix memory leak in vc_deallocate - tracing: Map all PIDs to command lines - tracing: Restructure trace_clock_global() to never block - dm space map common: fix division bug in sm_ll_find_free_block() - dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails - modules: mark ref_module static - modules: mark find_symbol static - modules: mark each_symbol_section static - modules: unexport __module_text_address - modules: unexport __module_address - modules: rename the licence field in struct symsearch to license - modules: return licensing information from find_symbol - modules: inherit TAINT_PROPRIETARY_MODULE - Bluetooth: verify AMP hci_chan before amp_destroy (CVE-2021-33034) - bluetooth: eliminate the potential race condition when removing the HCI controller (CVE-2021-32399) - net/nfc: fix use-after-free llcp_sock_bind/connect (CVE-2021-23134) - FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR - misc: lis3lv02d: Fix false-positive WARN on various HP models - [x86] misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct - [x86] misc: vmw_vmci: explicitly initialize vmci_datagram payload - md/bitmap: wait for external bitmap writes to complete during tear down - md-cluster: fix use-after-free issue when removing rdev - md: split mddev_find - md: factor out a mddev_find_locked helper from mddev_find - md: md_open returns -EBUSY when entering racing area - md: Fix missing unused status line of /proc/mdstat - ipw2x00: potential buffer overflow in libipw_wx_set_encodeext() - cfg80211: scan: drop entry from hidden_list on overflow - drm/radeon: fix copy of uninitialized variable back to userspace - ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries - ALSA: hda/realtek: Re-order ALC882 Sony quirk table entries - ALSA: hda/realtek: Re-order ALC882 Clevo quirk table entries - ALSA: hda/realtek: Re-order ALC269 HP quirk table entries - ALSA: hda/realtek: Re-order ALC269 Dell quirk table entries - ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries - ALSA: hda/realtek: Re-order ALC269 Lenovo quirk table entries - ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill devices - [x86] cpu: Initialize MSR_TSC_AUX if RDTSCP *or* RDPID is supported - [s390x] KVM: split kvm_s390_logical_to_effective - [s390x] KVM: fix guarded storage control register handling - [s390x] KVM: split kvm_s390_real_to_abs - ovl: fix missing revert_creds() on error path - [x86] usb: gadget: pch_udc: Revert d3cb25a12138 completely - [armhf] memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] - [armhf] dts: exynos: correct PMIC interrupt trigger level on SMDK5250 - regmap: set debugfs_name to NULL after it is freed - mtd: Handle possible -EPROBE_DEFER from parse_mtd_partitions() - [x86] microcode: Check for offline CPUs before requesting new microcode - [x86] usb: gadget: pch_udc: Replace cpu_to_le32() by lower_32_bits() - [x86] usb: gadget: pch_udc: Check if driver is present before calling ->setup() - [x86] usb: gadget: pch_udc: Check for DMA mapping error - [x86] crypto: qat - don't release uninitialized resources - [x86] crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init - mtd: require write permissions for locking and badblock ioctls - [arm64] bus: qcom: Put child node before return - [x86] crypto: qat - fix error path in adf_isr_resource_alloc() - [armhf] mtd: rawnand: gpmi: Fix a double free in gpmi_nand_init - [arm64,armhf] irqchip/gic-v3: Fix OF_BAD_ADDR error handling - [x86] staging: rtl8192u: Fix potential infinite loop - spi: Fix use-after-free with devm_spi_alloc_* - [arm64] soc: qcom: mdt_loader: Validate that p_filesz < p_memsz - [arm64] soc: qcom: mdt_loader: Detect truncated read of segments - [amd64,arm64] ACPI: CPPC: Replace cppc_attr with kobj_attribute - [x86] crypto: qat - Fix a double free in adf_create_ring - [arm64] cpufreq: armada-37xx: Fix setting TBG parent for load levels - [arm64] clk: mvebu: armada-37xx-periph: remove .set_parent method for CPU PM clock - [arm64] cpufreq: armada-37xx: Fix the AVS value for load L1 - [arm64] clk: mvebu: armada-37xx-periph: Fix switching CPU freq from 250 Mhz to 1 GHz - [arm64] clk: mvebu: armada-37xx-periph: Fix workaround for switching from L1 to L0 - [arm64] cpufreq: armada-37xx: Fix driver cleanup when registration failed - [arm64] cpufreq: armada-37xx: Fix determining base CPU frequency - USB: cdc-acm: fix unprivileged TIOCCSERIAL - tty: actually undefine superseded ASYNC flags - tty: fix return value for unsupported ioctls - usbip: vudc: fix missing unlock on error in usbip_sockfd_store() - [x86] platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards with critclk_systems DMI table - [x86] Drivers: hv: vmbus: Increase wait time for VMbus unload - [arm*] usb: dwc2: Fix host mode hibernation exit with remote wakeup flow. - [arm*] usb: dwc2: Fix hibernation between host and device modes. - ttyprintk: Add TTY hangup callback. - media: vivid: fix assignment of dev->fbuf_out_flags - media: m88rs6000t: avoid potential out-of-bounds reads on arrays - [x86] kprobes: Fix to check non boostable prefixes correctly - sata_mv: add IRQ checks - ata: libahci_platform: fix IRQ check - nvme: retrigger ANA log update if group descriptor isn't found - [arm64] clk: qcom: a53-pll: Add missing MODULE_DEVICE_TABLE - [powerpc*] scsi: ibmvfc: Fix invalid state machine BUG_ON() - [armhf] HSI: core: fix resource leaks in hsi_add_client_from_dt() - [amd64] x86/events/amd/iommu: Fix sysfs type mismatch - sched/debug: Fix cgroup_path[] serialization - drivers/block/null_blk/main: Fix a double free in null_init. - HID: plantronics: Workaround for double volume key presses - [powerpc*] prom: Mark identical_pvr_fixup as __init - ALSA: core: remove redundant spin_lock pair in snd_card_disconnect - bug: Remove redundant condition check in report_bug - nfc: pn533: prevent potential memory corruption - [arm64] net: hns3: Limiting the scope of vector_ring_chain variable - ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls - [powerpc*] 64s: Fix pte update for kernel memory on radix - [powerpc*] perf: Fix PMU constraint check for EBB events - mac80211: bail out if cipher schemes are invalid - mt7601u: fix always true expression - [amd64] IB/hfi1: Fix error return code in parse_platform_config() - [arm64] net: thunderx: Fix unintentional sign extension issue - RDMA/srpt: Fix error return code in srpt_cm_req_recv() - [mips*] pci-legacy: stop using of_pci_range_to_resource - [powerpc*] pseries: extract host bridge from pci_bus prior to bus removal - rtlwifi: 8821ae: upgrade PHY and RF parameters - mwl8k: Fix a double Free in mwl8k_probe_hw - [x86] vsock/vmci: log once the failed queue pair allocation - RDMA/i40iw: Fix error unwinding when i40iw_hmc_sd_one fails - ALSA: usb: midi: don't return -ENOMEM when usb_urb_ep_type_check fails - [armhf] net: davinci_emac: Fix incorrect masking of tx and rx error channel - ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices - ath10k: Fix ath10k_wmi_tlv_op_pull_peer_stats_info() unlock without lock - bnxt_en: fix ternary sign extension bug in bnxt_show_temp() - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb - [arm64] net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send - net:nfc:digital: Fix a double free in digital_tg_recv_dep_req - mm/sparse: add the missing sparse_buffer_fini() in error branch - mm/memory-failure: unnecessary amount of unmapping - net: Only allow init netns to set default tcp cong to a restricted algo - smp: Fix smp_call_function_single_async prototype - Revert "net/sctp: fix race condition in sctp_destroy_sock" - sctp: delay auto_asconf init until binding the first addr (CVE-2021-23133) - Revert "of/fdt: Make sure no-map does not remove already reserved regions" - Revert "fdt: Properly handle "no-map" field in the memory region" - [arm64,x86] tpm: fix error return code in tpm2_get_cc_attrs_tbl() - fs: dlm: fix debugfs dump - tipc: convert dest node's address to network order - [x86] ASoC: Intel: bytcr_rt5640: Enable jack-detect support on Asus T100TAF - [arm64] net: stmmac: Set FIFO sizes for ipq806x - i2c: bail out early when RDWR parameters are wrong - ALSA: hdsp: don't disable if not enabled - ALSA: hdspm: don't disable if not enabled - ALSA: rme9652: don't disable if not enabled - Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default - Bluetooth: initialize skb_queue_head at l2cap_chan_create() - net: bridge: when suppression is enabled exclude RARP packets - Bluetooth: check for zapped sk before connecting - ip6_vti: proper dev_{hold|put} in ndo_[un]init methods - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Chuwi Hi8 tablet - i2c: Add I2C_AQ_NO_REP_START adapter quirk - mac80211: clear the beacon's CRC after channel switch - [armhf] pinctrl: samsung: use 'int' for register masks in Exynos - cuse: prevent clone - sctp: Fix out-of-bounds warning in sctp_process_asconf_param() - [powerpc*] smp: Set numa node before updating mask - [x86] ASoC: rt286: Generalize support for ALC3263 codec - ethtool: ioctl: Fix out-of-bounds warning in store_link_ksettings_for_user() - [powerpc*] pseries: Stop calling printk in rtas_stop_self() - [x86] wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt - [x86] wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join - [powerpc*] iommu: Annotate nested lock for lockdep - [x86] ASoC: rt286: Make RT286_SET_GPIO_* readable and writable - f2fs: fix a redundant call to f2fs_balance_fs if an error occurs - PCI: Release OF node in pci_scan_device()'s error path - [armel,armhf] 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook - [arm64] rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data() - NFSv4.2: Always flush out writes in nfs42_proc_fallocate() - NFS: Deal correctly with attribute generation counter overflow - pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() - NFSv4.2 fix handling of sr_eof in SEEK's reply - rtc: ds1307: Fix wday settings for rx8130 - [arm64] net: hns3: disable phy loopback setting in hclge_mac_start_phy - sctp: do asoc update earlier in sctp_sf_do_dupcook_a - ethernet:enic: Fix a use after free bug in enic_hard_start_xmit - sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b - netfilter: xt_SECMARK: add new revision to fix structure layout - drm/radeon: Fix off-by-one power_state index heap overwrite - drm/radeon: Avoid power table parsing memory leaks - khugepaged: fix wrong result value for trace_mm_collapse_huge_page_isolate() - mm/hugeltb: handle the error case in hugetlb_fix_reserve_counts() - ksm: fix potential missing rmap_item for stable_node - net: fix nla_strcmp to handle more then one trailing null character - smc: disallow TCP_ULP in smc_setsockopt() - netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check - sched/fair: Fix unfairness caused by missing load decay - [amd64] kernel: kexec_file: fix error return code of kexec_calculate_store_digests() - netfilter: nftables: avoid overflows in nft_hash_buckets() - i40e: Fix use-after-free in i40e_client_subtask() - [powerpc*] 64s: Fix crashes when toggling stf barrier - [powerpc*] 64s: Fix crashes when toggling entry flush barrier - hfsplus: prevent corruption in shrinking truncate - squashfs: fix divide error in calculate_skip() - userfaultfd: release page in error path to avoid BUG_ON - drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors are connected - [arm64,x86] ACPI: scan: Fix a memory leak in an error handling path - blk-mq: Swap two calls in blk_mq_exit_queue() - [armhf] usb: dwc3: omap: improve extcon initialization - [arm64] usb: dwc3: pci: Enable usb2-gadget-lpm-disable for Intel Merrifield - [arm*] usb: dwc2: Fix gadget DMA unmap direction - usb: core: hub: fix race condition about TRSMRCY of resume - [arm64,armhf] usb: dwc3: gadget: Return success always for kick transfer in ep queue - xhci: Do not use GFP_KERNEL in (potentially) atomic context - xhci: Add reset resume quirk for AMD xhci controller. - [x86] iio: tsl2583: Fix division by a zero lux_val - cdc-wdm: untangle a circular dependency between callback and softint - [x86] KVM: Cancel pvclock_gtod_work on module removal - thermal/core/fair share: Lock the thermal zone while looping over instances - kobject_uevent: remove warning in init_uevent_argv() - netfilter: conntrack: Make global sysctls readonly in non-init netns - nvme: do not try to reconfigure APST when the controller is not live - [x86] msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes - usb: sl811-hcd: improve misleading indentation - cxgb4: Fix the -Wmisleading-indentation warning - isdn: capi: fix mismatched prototypes - [arm64] PCI: thunder: Fix compile testing - [armel,armhf] 9066/1: ftrace: pause/unpause function graph tracer in cpu_suspend() - [arm64,x86] ACPI / hotplug / PCI: Fix reference count leak in enable_slot() - [arm64] Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated devices - [armel,armhf] 9075/1: kernel: Fix interrupted SMC calls - ceph: fix fscache invalidation - scsi: target: tcmu: Return from tcmu_handle_completions() if cmd_id not found - [arm64,x86] gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055 - ALSA: hda: generic: change the DAC ctl name for LO+SPK or LO+HP - block: reexpand iov_iter after read/write - [arm64,armhf] net: stmmac: Do not enable RX FIFO overflow interrupts - ip6_gre: proper dev_{hold|put} in ndo_[un]init methods - sit: proper dev_{hold|put} in ndo_[un]init methods - ip6_tunnel: sit: proper dev_{hold|put} in ndo_[un]init methods - ipv6: remove extra dev_hold() for fallback tunnels - iomap: fix sub-page uptodate handling - [arm64] KVM: Initialize VCPU mdcr_el2 before loading it - tweewide: Fix most Shebang lines - scripts: switch explicitly to Python 3 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.192 - RDMA/rxe: Clear all QP fields if creation failed - scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword() - RDMA/mlx5: Recover from fatal event in dual port mode - [x86] platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios - ptrace: make ptrace() fail if the tracee changed its pid unexpectedly - nvmet: seset ns->file when open fails - locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal - cifs: fix memory leak in smb2_copychunk_range - ALSA: dice: fix stream format for TC Electronic Konnekt Live at high sampling transfer frequency - ALSA: line6: Fix racy initialization of LINE6 MIDI - ALSA: dice: fix stream format at middle sampling rate for Alesis iO 26 - ALSA: usb-audio: Validate MS endpoint descriptors - ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro - [i386] Revert "ALSA: sb8: add a check for request_region" - ALSA: hda/realtek: reset eapd coeff to default value for alc287 - ALSA: hda/realtek: Add some CLOVE SSIDs of ALC293 - [arm64] Revert "serial: mvebu-uart: Fix to avoid a potential NULL pointer dereference" - [x86] xen-pciback: reconfigure also from backend watch handler - dm snapshot: fix crash with transient storage and zero chunk size - [x86] Revert "video: hgafb: fix potential NULL pointer dereference" - [arm64,armhf] Revert "net: stmicro: fix a missing check of clk_prepare" - [armhf] Revert "leds: lp5523: fix a missing check of return value of lp55xx_read" - Revert "hwmon: (lm80) fix a missing check of bus read in lm80 probe" - Revert "ecryptfs: replace BUG_ON with error handling code" - Revert "rtlwifi: fix a potential NULL pointer dereference" - Revert "qlcnic: Avoid potential NULL pointer dereference" - Revert "niu: fix missing checks of niu_pci_eeprom_read" - ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read() - [arm64,armhf] net: stmicro: handle clk_prepare() failure during init - net: rtlwifi: properly check for alloc_workqueue() failure - [armhf] leds: lp5523: check return value of lp5xx_read and jump to cleanup code - qlcnic: Add null check after calling netdev_alloc_skb - [x86] video: hgafb: fix potential NULL pointer dereference - vgacon: Record video mode changes with VT_RESIZEX - vt: Fix character height handling with VT_RESIZEX - tty: vt: always invoke vc->vc_sw->con_resize callback - [x86] video: hgafb: correctly handle card detect failure during probe - Bluetooth: SMP: Fail if remote and local public keys are identical (CVE-2020-26558, CVE-2021-0129) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.193 - mm, vmstat: drop zone->lock in /proc/pagetypeinfo - [arm64,armhf] usb: dwc3: gadget: Enable suspend events - NFC: nci: fix memory leak in nci_allocate_device - cifs: set server->cipher_type to AES-128-CCM for SMB3.0 - NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() - [amd64] iommu/vt-d: Fix sysfs leak in alloc_iommu() - proc: Check /proc/$pid/attr/ writes against file opener - net: hso: fix control-request directions - mac80211: assure all fragments are encrypted (CVE-2020-26147) - mac80211: prevent mixed key and fragment cache attacks (CVE-2020-24586, CVE-2020-24587) - mac80211: properly handle A-MSDUs that start with an RFC 1042 header - cfg80211: mitigate A-MSDU aggregation attacks (CVE-2020-24588) - mac80211: drop A-MSDUs on old ciphers (CVE-2020-24588) - mac80211: add fragment cache to sta_info - mac80211: check defrag PN against current frame - mac80211: prevent attacks on TKIP/WEP as well - mac80211: do not accept/forward invalid EAPOL frames (CVE-2020-26139) - mac80211: extend protection against mixed key and fragment cache attacks (CVE-2020-24586, CVE-2020-24587) - ath10k: Validate first subframe of A-MSDU before processing the list - dm snapshot: properly fix a crash when an origin has no snapshots - misc/uss720: fix memory leak in uss720_probe - [x86] thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue - [x86] mei: request autosuspend after sending rx flow control - USB: trancevibrator: fix control-request direction - USB: usbfs: Don't WARN about excessively large memory allocations - serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' - USB: serial: ti_usb_3410_5052: add startech.com device id - USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011 - USB: serial: ftdi_sio: add IDs for IDS GmbH Products - USB: serial: pl2303: add device id for ADLINK ND-6530 GC - [arm64,armhf] usb: dwc3: gadget: Properly track pending and queued SG - net: usb: fix memory leak in smsc75xx_bind - bpf: extend is_branch_taken to registers - bpf: Test_verifier, bpf_get_stack return value add <0 - bpf, test_verifier: switch bpf_get_stack's 0 s> r8 test - bpf: Move off_reg into sanitize_ptr_alu (CVE-2021-29155) - bpf: Ensure off_reg has no mixed signed bounds for all types (CVE-2021-29155) - bpf: Rework ptr_limit into alu_limit and add common error path (CVE-2021-29155) - bpf: Improve verifier error messages for users (CVE-2021-29155) - bpf: Refactor and streamline bounds check into helper (CVE-2021-29155) - bpf: Move sanitize_val_alu out of op switch (CVE-2021-29155) - bpf: Tighten speculative pointer arithmetic mask (CVE-2021-29155) - bpf: Update selftests to reflect new error states - bpf: Fix leakage of uninitialized bpf stack under speculation (CVE-2021-31829) - bpf: Wrap aux data inside bpf_sanitize_info container - bpf: Fix mask direction swap upon off reg sign change - bpf: No need to simulate speculative domain for immediates - [armhf] spi: gpio: Don't leak SPI master in probe error path - Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails - NFS: fix an incorrect limit in filelayout_decode_layout() - NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce() - NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config - [arm64] drm/meson: fix shutdown crash when component not probed - net/mlx4: Fix EEPROM dump support - Revert "net:tipc: Fix a double free in tipc_sk_mcast_rcv" - tipc: skb_linearize the head skb when reassembling msgs - [arm64,armhf] net: dsa: fix a crash if ->get_sset_count() fails - [armhf] i2c: s3c2410: fix possible NULL pointer deref on read message after write - [x86] i2c: i801: Don't generate an interrupt on bus reset - [x86] platform/x86: hp_accel: Avoid invoking _INI to speed up resume - [x86] net: fujitsu: fix potential null-ptr-deref - [x86] char: hpet: add checks after calling ioremap - isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io - [arm64] dmaengine: qcom_hidma: comment platform_driver_register call - libertas: register sysfs groups properly - media: dvb: Add check on sp8870_readreg return - media: gspca: properly check for errors in po1030_probe() - [x86] scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic - btrfs: do not BUG_ON in link_to_fixup_dir - [x86] platform/x86: hp-wireless: add AMD's hardware id to the supported list - SMB3: incorrect file id in requests compounded with open - drm/amd/amdgpu: fix refcount leak - drm/amdgpu: Fix a use-after-free - [arm64,armhf] net: dsa: fix error code getting shifted with 4 in dsa_slave_get_sset_count - [armhf] net: fec: fix the potential memory leak in fec_enet_init() - [arm64] net: mdio: thunder: Fix a double free issue in the .remove function - [mips*] net: mdio: octeon: Fix some double free issues - openvswitch: meter: fix race when getting now_ms. - net: bnx2: Fix error return code in bnx2_init_board() - mld: fix panic in mld_newpack() - bpf: Set mac_len in bpf_skb_change_head - ixgbe: fix large MTU request from VF - scsi: libsas: Use _safe() loop in sas_resume_port() - ipv6: record frag_max_size in atomic fragments in input path - sch_dsmark: fix a NULL deref in qdisc_reset() - hugetlbfs: hugetlb_fault_mutex_hash() cleanup - drivers/net/ethernet: clean up unused assignments - [arm64] net: hns3: check the return of skb_checksum_help() - usb: core: reduce power-on-good delay time of root hub https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.194 - net: usb: cdc_ncm: don't spew notifications (Closes: #989451) - ALSA: usb: update old-style static const declaration - nl80211: validate key indexes for cfg80211_registered_device - efi: Allow EFI_MEMORY_XP and EFI_MEMORY_RO both to be cleared - [arm64,x86] efi: cper: fix snprintf() use in cper_dimm_err_location() - vfio/pci: Fix error return code in vfio_ecap_init() - ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service - HID: pidff: fix error return code in hid_pidff_init() - [arm64,x86] HID: i2c-hid: fix format string mismatch - netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches - ieee802154: fix error return code in ieee802154_add_iface() - ieee802154: fix error return code in ieee802154_llsec_getparams() - ixgbevf: add correct exception tracing for XDP - tipc: add extack messages for bearer/media failure - tipc: fix unique bearer names sanity check - Bluetooth: fix the erroneous flush_work() order (CVE-2021-3564) - Bluetooth: use correct lock to prevent UAF of hdev object (CVE-2021-3573) - HID: multitouch: require Finger field to mark Win8 reports as MT - ALSA: timer: Fix master timer notification - ALSA: hda: Fix for mute key LED for HP Pavilion 15-CK0xx - ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed - [arm*] usb: dwc2: Fix build in periphal-only mode - pid: take a reference when initializing `cad_pid` - ocfs2: fix data corruption by fallocate - nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect (CVE-2021-3587) - [x86] apic: Mark _all_ legacy interrupts when IO/APIC is missing - btrfs: mark ordered extent and inode with error if we fail to finish - btrfs: fix error handling in btrfs_del_csums - btrfs: return errors from btrfs_del_csums in cleanup_ref_head - btrfs: fixup error handling in fixup_inode_link_counts - mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY - bpf: Add BPF_F_ANY_ALIGNMENT. - bnxt_en: Remove the setting of dev_port. - perf/cgroups: Don't rotate events for cgroups unnecessarily - perf/core: Fix corner case in perf_rotate_context() - btrfs: fix unmountable seed device after fstrim - [x86] KVM: SVM: Truncate GPR value for DR and CR accesses in !64-bit mode - [arm64] KVM: Fix debug register indexing - [arm64,x86] ACPI: probe ECDT before loading AML tables regardless of module-level code flag - [arm64,x86] ACPI: EC: Look for ECDT EC after calling acpi_load_tables() - sched/fair: Optimize select_idle_cpu - [x86] xen-pciback: redo VF placement in the virtual topology . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.182-rt74 * [rt] Add new signing key for Clark Williams * [rt] Update to 4.19.184-rt75 * Bump ABI to 17 * [rt] Refresh "workqueue: Use normal rcu" * [rt] Refresh "workqueue: Use local irq lock instead of irq disable" * [rt] Refresh "workqueue: rework" * [rt] Update to 4.19.188-rt77 * [rt] Update to 4.19.190-rt79 * [rt] Refresh "ptrace: fix ptrace vs tasklist_lock race" * [rt] Update to 4.19.193-rt81 * [rt] Refresh "kernel: sched: Provide a pointer to the valid CPU mask" lxml (4.3.2-1+deb10u3) buster-security; urgency=medium . * Non-maintainer upload by the LTS Team. * CVE-2021-28957 (Closes: #985643) Due to missing input sanitization, XSS is possible for the HTML5 formatcion attribute. lz4 (1.8.3-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix potential memory corruption with negative memmove() size (CVE-2021-3520) (Closes: #987856) mariadb-10.3 (1:10.3.29-0+deb10u1) buster; urgency=medium . [ Otto Kekäläinen ] * SECURITY UPDATE: New upstream version 10.3.29. Includes fixes for the following security vulnerabilities: - CVE-2021-2154 - CVE-2021-2166 * Previous release 10.3.28 included fixes for: - CVE-2021-27928 * Remove patch regarding a test now removed by upstream (MDEV-22653). * Remove obsolete sql file removed by upstream (MDEV-24586). * Update symbols to include new one from MariaDB Client 3.1.13 * Innotop: Add support for MariaDB 10.3 (Closes: #941986) * Upstream release includes fix for MDEV-24194: "Invalid syntax errors on syntax WHERE `field` IS NULL = 0" (Closes: #977383) . [ Daniel Black ] * Add caching_sha2_password.so (Closes: #962597) mariadb-10.3 (1:10.3.27-1~exp1) experimental; urgency=medium . [ Otto Kekäläinen ] * New upstream version 10.3.27. Includes fixes to serious regressions in MariaDB 10.3.26 that corrupted data or made server unable to start. * Includes new upstream 10.3.26 which included fixes for the following security vulnerabilities: - CVE-2020-28912 - CVE-2020-14812 - CVE-2020-14789 - CVE-2020-14776 - CVE-2020-14765 * Upstream 10.3.26 included: - Fix mytop shebang (Closes: #972780, Closes: #970681) * Includes new upstream 10.3.25 which included fixes for the following security vulnerabilities (Closes: #972746): - CVE-2020-15180 * Fix debci: Skip main.failed_auth_unixsocket on armhf and i386 * Remove transitional package libmariadbclient-dev * Stop shipping any -dev packages in mariadb-10.3 to avoid extra issues * Stop shipping mariadb-test* packages so piuparts can pass * Add Conflicts/Replaces against mariadb-10.5 so 10.3 can enter Debian Sid . [ Michael Krieger ] * Innotop: Add support for MariaDB 10.3 (Closes: #941986) mediawiki (1:1.31.14-1~deb10u1) buster-security; urgency=medium . * New upstream version 1.31.14, fixing CVE-2021-30152, CVE-2021-30154, CVE-2021-30155, CVE-2021-30157, CVE-2021-30158, CVE-2021-30159. This version is not affected by CVE-2021-30153. * The pygments lexers vulnerable to CVE-2021-20270, CVE-2021-27291 were disabled to mitigate the exploit. mqtt-client (1.14-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Fix CVE-2019-0222: unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive. (Closes: #988109) * Update Vcs-* URL in d/control. mumble (1.3.0~git20190125.440b173+dfsg-2+deb10u1) buster; urgency=medium . * debian/patches: - Add 67-only-http-https-URLs-in-Connect.diff to fix CVE-2021-27229 "Mumble before 1.3.4 allows remote code execution if a victim navigates to a crafted URL on a server list and clicks on the Open Webpage text." This patch only allows "http"/"https" URLs in ConnectDialog (Closes: #982904) Thanks to Salvatore Bonaccorso <carnil@debian.org> for reporting the bug and giving links to the fix. mupdf (1.14.0+ds1-4+deb10u3) buster; urgency=high . * Non-maintainer upload. * Avoid a use-after-free in fz_drop_band_writer (CVE-2020-16600) (Closes: #989526) * Fix double free of object during linearization (CVE-2021-3407) (Closes: #983684) netty (1:4.1.33-1+deb10u2) buster-security; urgency=high . * Team upload. * Fix the following security vulnerabilites: - CVE-2019-20444: HttpObjectDecoder.java allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold." - CVE-2019-20445: HttpObjectDecoder.java allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header. - CVE-2020-7238: Netty allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. - CVE-2020-11612: The ZlibDecoders allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single decoder. - CVE-2021-21290: In Netty there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the temporary directory is shared between all user. As such, writing to this directory using APIs that do not explicitly set the file/directory permissions can lead to information disclosure. - CVE-2021-21295: In Netty there is a vulnerability that enables request smuggling. If a Content-Length header is present in the original HTTP/2 request, the field is not validated by `Http2MultiplexHandler` as it is propagated up. This is fine as long as the request is not proxied through as HTTP/1.1. If the request comes in as an HTTP/2 stream, gets converted into the HTTP/1.1 domain objects (`HttpRequest`, `HttpContent`, etc.) via `Http2StreamFrameToHttpObjectCodec `and then sent up to the child channel's pipeline and proxied through a remote peer as HTTP/1.1 this may result in request smuggling. - CVE-2021-21409: In Netty there is a vulnerability that enables request smuggling. The content-length header is not correctly validated if the request only uses a single Http2HeaderFrame with the endStream set to to true. This could lead to request smuggling if the request is proxied to a remote peer and translated to HTTP/1.1. nginx (1.14.2-2+deb10u4) buster-security; urgency=medium . * CVE-2021-23017 (Closes: #989095) nmap (7.70+dfsg1-6+deb10u2) buster; urgency=medium . * d/p/update-mac-prefixes: New patch to update file from upstream's 7.91 release (closes: #953986) node-glob-parent (3.1.0-1+deb10u1) buster; urgency=medium . * Team upload * Fix ReDoS (Closes: CVE-2020-28469) node-handlebars (3:4.1.0-1+deb10u3) buster; urgency=medium . * Team upload * Fix arbitrary code execution (Closes: CVE-2019-20920) * Fix remote code execution (Closes: CVE-2021-23369) node-hosted-git-info (2.7.1-1+deb10u1) buster; urgency=medium . * Team upload * Fix ReDoS risk (Closes: CVE-2021-23362) node-redis (2.8.0-1+deb10u1) buster; urgency=medium . * Fix potential ReDoS (Closes: CVE-2021-29469) node-ws (1.1.0+ds1.e6ddaae4-5+deb10u1) buster; urgency=medium . * Team upload * Fix ReDoS vulnerability (Closes: CVE-2021-32640) nvidia-graphics-drivers (418.197.02-1) buster; urgency=medium . * New upstream Tesla release 418.197.02 (2021-04-19). * Fixed CVE-2021-1076. (Closes: #987216) https://nvidia.custhelp.com/app/answers/detail/a_id/5172 . [ Andreas Beckmann ] * nvidia-alternative: Add libnvidia-ml.so slave alternative if libnvidia-ml-dev is installed (460.56-2). (Closes: #984881) * Upload to buster. nvidia-graphics-drivers-legacy-390xx (390.143-1~deb10u1) buster; urgency=medium . * Rebuild for buster. . nvidia-graphics-drivers-legacy-390xx (390.143-1) unstable; urgency=medium . * New upstream legacy branch release 390.143 (2021-04-19). * Fixed CVE-2021-1076. (Closes: #987218) https://nvidia.custhelp.com/app/answers/detail/a_id/5172 - Fixed a bug where vkCreateSwapchain could cause the X Server to crash when an invalid imageFormat was provided. - Fixed a driver installation failure on Linux kernel 5.11 release candidates, where the NVIDIA kernel module failed to build with error "fatal error: asm/kmap_types.h: No such file or directory". . nvidia-graphics-drivers-legacy-390xx (390.141-3) unstable; urgency=medium . * nvidia-legacy-390xx-alternative: Add libnvidia-ml.so slave alternative if libnvidia-ml-dev is installed (460.56-2). (Closes: #984881) nvidia-graphics-drivers-legacy-390xx (390.143-1~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. . nvidia-graphics-drivers-legacy-390xx (390.143-1) unstable; urgency=medium . * New upstream legacy branch release 390.143 (2021-04-19). * Fixed CVE-2021-1076. (Closes: #987218) https://nvidia.custhelp.com/app/answers/detail/a_id/5172 - Fixed a bug where vkCreateSwapchain could cause the X Server to crash when an invalid imageFormat was provided. - Fixed a driver installation failure on Linux kernel 5.11 release candidates, where the NVIDIA kernel module failed to build with error "fatal error: asm/kmap_types.h: No such file or directory". . nvidia-graphics-drivers-legacy-390xx (390.141-3) unstable; urgency=medium . * nvidia-legacy-390xx-alternative: Add libnvidia-ml.so slave alternative if libnvidia-ml-dev is installed (460.56-2). (Closes: #984881) . nvidia-graphics-drivers-legacy-390xx (390.141-2~deb10u1) buster; urgency=medium . * Rebuild for buster. nvidia-graphics-drivers-legacy-390xx (390.141-3) unstable; urgency=medium . * nvidia-legacy-390xx-alternative: Add libnvidia-ml.so slave alternative if libnvidia-ml-dev is installed (460.56-2). (Closes: #984881) nvidia-graphics-drivers-legacy-390xx (390.141-2) unstable; urgency=medium . * Really re-enable building the nvidia-uvm module. opendmarc (1.3.2-6+deb10u2) buster; urgency=medium . * Non-maintainer upload by the LTS team. * In opendmarc_xml_parse(), ensure NULL-termination of the buffer passed. (Fixes: CVE-2020-12460) (Closes: #966464) openjdk-11 (11.0.11+9-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster openjdk-11 (11.0.11+9-1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. openjdk-11 (11.0.11+8-1) unstable; urgency=medium . * OpenJDK 11.0.11+8 build (early access). * Set DEB_BUILD_MAINT_OPTIONS = optimize=-lto, not yet ready. Looks like 16 and 17 are buildable with lto. * Remove dangling jfr alternative on upgrades if no jdk is installed (Andreas Beckmann). Closes: #985060. * Use mktemp instead of tempfile in maintainer scripts (Andreas Beckmann). * Backport fix for JDK-8262085, hovering Metal HTML Tooltips in different windows cause IllegalArgExc on Linux. Closes: #967049. openjdk-11 (11.0.11+7-1) unstable; urgency=medium . * OpenJDK 11.0.11+7 build (early access). * Simplify compiler selection for backports. * Don't use the triplet-prefixed binutils tools for backports. openjdk-11 (11.0.11+4-1) unstable; urgency=medium . * OpenJDK 11.0.11+4 build (early access). * reproducible-build-jmod.diff: Fall back to the unpatched behavior for backports. * Only build with system harfbuzz for recent releases. * Configure --with-copyright-year. Closes: #956154. openjdk-11 (11.0.11+3-3) experimental; urgency=medium . * Fix the build logic, jaotc and jhsdb tools not available on all archs. * Ship the jfc files used by jfr. * Move libawt_xawt.so, libjawt.so into the jre package. Closes: #908058. openjdk-11 (11.0.11+3-2) experimental; urgency=medium . * OpenJDK 11.0.11+3 build (early access). * Use debugedit to generate unique build-id's and remove the openjdk-N-dbg file conflicts. Closes: #919671. * Remove KFreeBSD build support and patches, not updated since OpenJDK 8. * Backport JDK-8222825. Closes: #960153. * Build with Rules-Requires-Root: no. * Move the jfr binary from -jre-headless to -jdk-headless. Development tool. openjdk-11 (11.0.11+3-1) experimental; urgency=medium . * OpenJDK 11.0.11+3 build (early access). * Use debugedit to generate unique build-id's and remove the openjdk-N-dbg file conflicts. Closes: #919671. * Remove KFreeBSD build support and patches, not updated since OpenJDK 8. * Backport JDK-8222825. Closes: #960153. * Build with Rules-Requires-Root: no. openjdk-11 (11.0.10+9-1) unstable; urgency=high . * OpenJDK 11.0.10+9 build (release). * Security fixes: - JDK-8247619: Improve Direct Buffering of Characters. * Other changes: See https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2021-January/004689.html * Update copyright years. openjdk-11 (11.0.10+8-1) unstable; urgency=medium . * OpenJDK 11.0.10+8 build (early access). * Build with system harfbuzz. * Refresh patches. * Don't run the autopkg tests. There's no value running all the internal tests as an autopkg test, when these are already run during the build. * Update VCS attributes. * Bump standards version. openjdk-11 (11.0.9.1+1-1) unstable; urgency=medium . * OpenJDK 11.0.9.1+1 build (release). * Configure --with-jvm-features=shenandoahgc for hotspot builds. LP: #1902029. openjdk-11-jre-dcevm (11.0.11+9-2~deb10u2) buster-security; urgency=medium . * Rebuild for buster openjdk-11-jre-dcevm (11.0.11+9-2~deb10u1) buster-security; urgency=medium . * Rebuild for buster openjdk-11-jre-dcevm (11.0.11+9-1) unstable; urgency=medium . * New upstream release (Closes: #984725) openjdk-11-jre-dcevm (11.0.10+1-1) unstable; urgency=medium . * New upstream release openjdk-11-jre-dcevm (11.0.9+1-2) unstable; urgency=medium . * Team upload. * Build with default g++ (Closes: #978516) * Bump Standards-Version to 4.5.1 openjdk-11-jre-dcevm (11.0.9+1-1) unstable; urgency=medium . * Team upload. * New upstream version 11.0.9+1 (Closes: #972788) * Update to debhelper compat level 13 * Set "Rules-Requires-Root: no" in debian/control openjdk-11-jre-dcevm (11.0.7+1-1) unstable; urgency=medium . * Team upload. * New upstream release (Closes: #942876) - Refreshed the patch * Switch to debhelper level 12 openjdk-11-jre-dcevm (11.0.5+5-1) unstable; urgency=medium . * Team upload. * New upstream release - Refreshed the patch - New build dependency on libxrandr-dev * Standards-Version updated to 4.5.0 * Build with g++-9 instead of g++-8 (Closes: #944182) openjpeg2 (2.3.0-2+deb10u2) buster-security; urgency=medium . * CVE-2020-27814 * CVE-2020-27823 * CVE-2020-27841 * CVE-2020-27842 * CVE-2020-27843 (Closes: #983663) * CVE-2020-27845 * CVE-2020-27824 * CVE-2020-15389 (Closes: #965220) * CVE-2020-8112 (Closes: #950184) * CVE-2020-6851 (Closes: #950000) openssl (1.1.1d-0+deb10u6) buster-security; urgency=medium . * CVE-2021-3449 (NULL pointer deref in signature_algorithms processing). openvpn (2.4.7-1+deb10u1) buster; urgency=medium . * Cherry-Pick upstream patches for CVE-2020-11810 and CVE-2020-15078 (Closes: #987380) * Cherry-Pick upstream fix to increase TCP socket backlog (Closes: #968942) php-horde-text-filter (2.3.5-3+deb10u2) buster; urgency=medium . [ Mike Gabriel ] * debian/control: + Drop Debian QA Group from Uploaders: field, add myself instead. . [ Sylvain Beucler ] * CVE-2021-26929: An XSS issue was discovered in Horde Groupware Webmail Edition (where the Horde_Text_Filter library is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke use of \x00\x00\x00 and \x01\x01\x01 interferes with XSS defenses. (Closes: #982769). php-pear (1:1.10.6+submodules+notgz-1.1+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * directory traversal due to inadequate checking of symbolic links (CVE-2020-36193) (Closes: #980428) - Disallow symlinks to out-of-path filenames - Add testcase for relative and in-path symlink - Fix out-of-path check for virtual relative symlink - PHP compat fix plinth (19.1+deb10u2) buster; urgency=medium . [ Kirill Schmidt ] * first_boot: Use session to verify first boot welcome step postgresql-11 (11.12-0+deb10u1) buster-security; urgency=medium . * New upstream version. . + Prevent integer overflows in array subscripting calculations (Tom Lane) . The array code previously did not complain about cases where an array's lower bound plus length overflows an integer. This resulted in later entries in the array becoming inaccessible (since their subscripts could not be written as integers), but more importantly it confused subsequent assignment operations. This could lead to memory overwrites, with ensuing crashes or unwanted data modifications. (CVE-2021-32027) . + Fix mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists (Tom Lane) . If the UPDATE list contains any multi-column sub-selects (which give rise to junk columns in addition to the results proper), the UPDATE path would end up storing tuples that include the values of the extra junk columns. That's fairly harmless in the short run, but if new columns are added to the table then the values would become accessible, possibly leading to malfunctions if they don't match the datatypes of the added columns. . In addition, in versions supporting cross-partition updates, a cross-partition update triggered by such a case had the reverse problem: the junk columns were removed from the target list, typically causing an immediate crash due to malfunction of the multi-column sub-select mechanism. (CVE-2021-32028) . + Fix possibly-incorrect computation of UPDATE ... RETURNING outputs for joined cross-partition updates (Amit Langote, Etsuro Fujita) . If an UPDATE for a partitioned table caused a row to be moved to another partition with a physically different row type (for example, one with a different set of dropped columns), computation of RETURNING results for that row could produce errors or wrong answers. No error is observed unless the UPDATE involves other tables being joined to the target table. (CVE-2021-32029) prosody (0.11.2-1+deb10u2) buster-security; urgency=high . * fix websocket error due to missing backport for CVE-2021-32918 (Closes: #988756) prosody (0.11.2-1+deb10u1) buster-security; urgency=high . * fixes for https://prosody.im/security/advisory_20210512.txt pygments (2.3.1+dfsg-1+deb10u2) buster-security; urgency=medium . * CVE-2021-27291 (Closes: #985574) python-bleach (3.1.2-0+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * sanitizer: escape HTML comments (CVE-2021-23980) (Closes: #986251) * tests: add tests for more eject tags for GHSA-vv2x-vrpj-qqpq rails (2:5.2.2.1+dfsg-1+deb10u3) buster-security; urgency=high . * Add patch to prevent string polymorphic route arguments. (Fixes: CVE-2021-22885) (Closes: #988214) * Add patch to prevent slow regex when parsing host auth header. (Fixes: CVE-2021-22904) (Closes: #988214) * Add patch to fix possible DoS vector in PostgreSQL money type. (Fixes: CVE-2021-22880) ruby-kramdown (1.17.0-1+deb10u2) buster-security; urgency=high . * Team upload. * Add upstream patch to fix arbitrary code execution vulnerability [CVE-2021-28834] (Closes: #985569) ruby-rack-cors (1.0.2-1+deb10u1) buster-security; urgency=high . * Unescape and resolve paths before resource checks. (Fixes: CVE-2019-18978) (Closes: #944849) ruby-websocket-extensions (0.1.2-1+deb10u1) buster; urgency=medium . * CVE-2020-7663: Prevent a denial of service attack that is exploitable by an exponential-time regular expression backtracking vulnerability. (Closes: #964274) rust-rustyline (3.0.0-2+deb10u3) buster; urgency=medium . * Team upload. * Apply another upstream patch so that the code builds with both rustc 1.34 and rustc 1.41 rust-rustyline (3.0.0-2+deb10u2) buster; urgency=medium . * Team upload. * Reset timestamp on .cargo-vcs-info.json to avoid 1970 timestamp which triggers a ftpmaster autoreject. (Closes: 989636) rust-rustyline (3.0.0-2+deb10u1) buster; urgency=medium . * Team upload. * Apply upstream patch to fix build with newer rustc. (Closes: 988025) rxvt-unicode (9.22-6+deb10u1) buster; urgency=medium . * Disable ESC G Q escape sequence, 20_disable_escape_sequence.diff (Closes: #988763, CVE-2021-33477) * Set git branch to debian/buster sabnzbdplus (2.3.6+dfsg-1+deb10u1) buster; urgency=medium . * Backport upstream security fixes to prevent code execution from the program's web interface through crafted settings. (CVE-2020-13124) scrollz (2.2.3-1+deb10u1) buster; urgency=high . * Applied patch to ctcp.c to fix CVE-2021-29376 from https://github.com/ScrollZ/ScrollZ/pull/26 (Closes: #986215) * Applied minor patch from upstream to the above fix * Rebuild for buster shibboleth-sp (3.0.4+dfsg1-1+deb10u2) buster-security; urgency=high . * [2dd45b3] New patch: SSPCPP-927 - Check for missing DataSealer during cookie recovery. Fix a denial of service vulnerability: Session recovery feature contains a null pointer dereference The cookie-based session recovery feature added in V3.0 contains a flaw that is exploitable on systems *not* using the feature if a specially crafted cookie is supplied. This manifests as a crash in the shibd daemon. Because it is very simple to trigger this condition remotely, it results in a potential denial of service condition exploitable by a remote, unauthenticated attacker. Thanks to Scott Cantor (Closes: #987608) shim (15.4-5~deb10u1) buster; urgency=medium . * Add defensive code around calls to db_get. Don't fail if they return errors. shim (15.4-4) unstable; urgency=medium . * Fix up those maintainer scripts - if we're not running on an EFI system then exit cleanly. shim (15.4-3) unstable; urgency=medium . * Add maintainer scripts to the template packages to manage installing and removing fbXXX.efi and mmXXX.efi when we install/remove the shim-helpers-$arch-signed packages. Closes: #966845 shim (15.4-3~deb10u1) buster; urgency=medium . * Add maintainer scripts to the template packages to manage installing and removing fbXXX.efi and mmXXX.efi when we install/remove the shim-helpers-$arch-signed packages. Closes: #966845 shim (15.4-2) unstable; urgency=medium . * Add two further patches from upstream: + fix import_one_mok_state() after split + Don't call QueryVariableInfo() on EFI 1.10 machines (e.g. older Intel Mac machines) shim (15.4-2~deb10u1) buster; urgency=medium . * Add two further patches from upstream: + fix import_one_mok_state() after split + Don't call QueryVariableInfo() on EFI 1.10 machines (e.g. older Intel Mac machines) shim (15.4-1) unstable; urgency=medium . * New upstream release fixing more bugs: SBAT and arm64 support * Print sha256 checksums of the EFI binaries when the build is done * Add two patches from upstream: + fix i386 binary relocations + allocate MOK config table as BootServicesData shim (15.4-1~deb10u1) buster; urgency=medium . * New upstream release fixing more bugs: SBAT and arm64 support * Print sha256 checksums of the EFI binaries when the build is done * Add two patches from upstream: + fix i386 binary relocations + allocate MOK config table as BootServicesData shim (15.3-3) unstable; urgency=medium . * Update the timestamp for the 15.3-2 upload. * Only include the upstream version in the Debian SBAT metadata, so we don't break reproducibility on every minor packaging change. shim (15.3-2) unstable; urgency=medium . * Add missing build-dep on xxd for build-time unit tests shim (15.3-1) unstable; urgency=medium . [ Steve McIntyre ] * Switch to much-newer release with many fixes + Particularly pulling in SBAT changes for better revocation support + Remove all our old patches, no longer needed: - avoid_null_vsprint.patch - check_null_sn_ln.patch - fixup_git.patch - uname.patch - use_compare_mem_gcc9.patch + Now includes a vendor copy of gnu-efi with quite a few extra fixes needed. + Update copyright file to cover these changes * Switch to using gcc-10 rather than gcc-9. Closes: #978521 * Add dbx entries for all our existing grub binaries + They're insecure, let's break the chainloading hole. * Add Debian SBAT data + Add a Debian SBAT template, and rules to use it + Adds a build-dep on dos2unix shim (15.3-1~deb10u3) buster; urgency=medium . * Only include the upstream version in the Debian SBAT metadata, so we don't break reproducibility on every minor packaging change. shim (15.3-1~deb10u2) buster; urgency=medium . * Add missing build-dep on xxd for build-time unit tests shim (15.3-1~deb10u1) buster; urgency=medium . * Rebuild the new upstream version for buster * Switch to gcc-8 for building * Switch to much-newer release with many fixes + Particularly pulling in SBAT changes for better revocation support + Remove all our old patches, no longer needed: - avoid_null_vsprint.patch - check_null_sn_ln.patch - fixup_git.patch - uname.patch - use_compare_mem_gcc9.patch + Now includes a vendor copy of gnu-efi with quite a few extra fixes needed. + Update copyright file to cover these changes * Add dbx entries for all our existing grub binaries + They're insecure, let's break the chainloading hole. * Add Debian SBAT data + Add a Debian SBAT template, and rules to use it + Adds a build-dep on dos2unix shim (15+1533136590.3beb971-10) unstable; urgency=medium . [ Debian Janitor ] * Trim trailing whitespace. * Use secure copyright file specification URI. * debian/copyright: use spaces rather than tabs to start continuation lines. * Bump debhelper from old 11 to 12. * Set debhelper-compat version in Build-Depends. * Set upstream metadata fields: Bug-Database, Bug-Submit. * Update standards version to 4.4.1, no changes needed. . [ Steve McIntyre ] * Trivial changes to generating the inbuilt dbx if we're using it. * Upload to pick up rotated Debian signing keys shim (15+1533136590.3beb971-9) unstable; urgency=medium . [ Steve McIntyre ] . * In the -helpers-ARCH-signed packages, change the version dependency on shim-unsigned to be >= and not =. This will allow for installation to still work in the window while we wait for the template package to do its second trip through the archive. Closes: #955356 shim (15+1533136590.3beb971-8) unstable; urgency=medium . [ Steve McIntyre ] * Use --padding when calling pesign to generate hashes for the dbx list, as recommended by Peter Jones. No actual changes needed in our list of hashes at this point - they work out the same either way. * Switch to using gcc-9 for builds, tweaking a patch from upstream to fix a FTBFS. Closes: #925816 * Update debhelper compat level to 11 for shim and the signing-template shim-helpers-amd64-signed (1+15.4+5~deb10u1) buster; urgency=medium . * Update to shim 15.4-5~deb10u1 shim-helpers-amd64-signed (1+15.4+2) unstable; urgency=medium . * Update to shim 15.4-2 shim-helpers-amd64-signed (1+15.4+2~deb10u1) buster; urgency=medium . * Update to shim 15.4-2~deb10u1 shim-helpers-amd64-signed (1+15+1533136590.3beb971+10) unstable; urgency=medium . * Update to shim 15+1533136590.3beb971-10 shim-helpers-amd64-signed (1+15+1533136590.3beb971+9) unstable; urgency=medium . * Update to shim 15+1533136590.3beb971-9 shim-helpers-arm64-signed (1+15.4+5~deb10u1) buster; urgency=medium . * Update to shim 15.4-5~deb10u1 shim-helpers-arm64-signed (1+15.4+2) unstable; urgency=medium . * Update to shim 15.4-2 shim-helpers-arm64-signed (1+15.4+2~deb10u1) buster; urgency=medium . * Update to shim 15.4-2~deb10u1 shim-helpers-arm64-signed (1+15+1533136590.3beb971+10) unstable; urgency=medium . * Update to shim 15+1533136590.3beb971-10 shim-helpers-arm64-signed (1+15+1533136590.3beb971+9) unstable; urgency=medium . * Update to shim 15+1533136590.3beb971-9 shim-helpers-i386-signed (1+15.4+5~deb10u1) buster; urgency=medium . * Update to shim 15.4-5~deb10u1 shim-helpers-i386-signed (1+15.4+2) unstable; urgency=medium . * Update to shim 15.4-2 shim-helpers-i386-signed (1+15.4+2~deb10u1) buster; urgency=medium . * Update to shim 15.4-2~deb10u1 shim-helpers-i386-signed (1+15+1533136590.3beb971+10) unstable; urgency=medium . * Update to shim 15+1533136590.3beb971-10 shim-helpers-i386-signed (1+15+1533136590.3beb971+9) unstable; urgency=medium . * Update to shim 15+1533136590.3beb971-9 shim-signed (1.36~1+deb10u1) buster; urgency=medium . * Add explicit dependency from shim-signed to shim-signed-common. Also check if we have update-secureboot-policy available before we try to call it. * If we're not running on an EFI system then exit cleanly in postinst and postrm. We have nothing to do here * Fix the old doc links for shim-signed. * Add defensive code around calls to db_get. Don't fail if they return errors. * Update build-dep on shim-unsigned to use 15.4-5~deb10u1 shim-signed (1.35) unstable; urgency=medium . * Add explicit dependency from shim-signed to shim-signed-common. Also check if we have update-secureboot-policy available before we try to call it. Closes: #988047, #988056 * If we're not running on an EFI system then exit cleanly in postinst and postrm. We have nothing to do here. Closes: #988059 * Fix the old doc links for shim-signed. Closes: #988057 * Update build-dep on shim-unsigned shim-signed (1.34) unstable; urgency=medium . * Build against new signed binaries corresponding to 15.4-2 Closes: #971129, #987991 * ***WARNING***: arm64 shim is no longer signed, due to major toolchain problems. See NEWS.Debian for more information. Separated out the binary package for arm64 to allow for a different description, and tweaked the Makefile too. * Update build-deps and Standards-Version * Tweak Makefile setup - do our verification testing chained from the "all" target, not "clean". Closes: #936002 * Don't include apport stuff in the Debian build, it's not useful. * Tweak dh_install* usage for docs. * Add Spanish translation for debconf templates, thanks to Camaleón. Closes: #987339 * Multiple bugfixes in postinst and postrm handling: + Call grub-install using the correct grub target in postinst + Also call grub-install using the correct grub target in the postrm, and clean up the shim binary from the ESP + In each case, also check and use the correct configured options for grub-install + Move the postinst grub-install code from the -common package to the arch-specific packages, to make sure it's always called when needed. + Only run grub-install etc. if we're actually on an EFI-booted system. shim-signed (1.34~1+deb10u1) buster; urgency=medium . * Buster update: build against new signed binaries corresponding to 15.4-2~deb10u1 * ***WARNING***: arm64 shim is no longer signed, due to major toolchain problems. See NEWS.Debian for more information. Separated out the binary package for arm64 to allow for a different description, and tweaked the Makefile too. * Tweak Makefile setup - do our verification testing chained from the "all" target, not "clean". Closes: #936002 * Don't include apport stuff in the Debian build, it's not useful. * Tweak dh_install* usage for docs. * Add Spanish translation for debconf templates, thanks to Camaleón. Closes: #987339 * Multiple bugfixes in postinst and postrm handling: + Call grub-install using the correct grub target in postinst + Also call grub-install using the correct grub target in the postrm, and clean up the shim binary from the ESP + In each case, also check and use the correct configured options for grub-install + Move the postinst grub-install code from the -common package to the arch-specific packages, to make sure it's always called when needed. + Only run grub-install etc. if we're actually on an EFI-booted system. spamassassin (3.4.2-1+deb10u3) buster-security; urgency=high . * Import upstream fix for CVE-2020-1946: arbitrary code execution via malicious rule files. (Closes: #985962) speedtest-cli (2.0.2-1+deb10u2) buster; urgency=medium . * Handle case where ignoreids is empty or contains empty ids (Closes: #986637) squid (4.6-1+deb10u6) buster-security; urgency=medium . [ Francisco Vilmar Cardoso Ruviaro ] * Add debian/patches/0029-CVE-2021-28651.patch to fix a Denial of Service in URN processing. (Closes: #988893, CVE-2021-28651) . [ Santiago Garcia Mantinan ] * Add patch to fix a Denial of Service in HTTP Response Processing. Fixes: CVE-2021-28662. Closes: #988891. * Add patch to fix a Denial of Service issue in Cache Manager. Fixes: CVE-2021-28652. Closes: #988892. * Add patch to fix Multiple Issues in HTTP Range header. Fixes: CVE-2021-31806 CVE-2021-31807 CVE-2021-31808. Closes: #989043. * Add patch to fix a Denial of Service in HTTP Response processing. Fixes: GHSA-572g-rvwr-6c7f. squid (4.6-1+deb10u5) buster-security; urgency=medium . * SQUID-2020:11 HTTP Request Smuggling (CVE-2020-25097) (Closes: #985068) tnef (1.4.12-1.2+deb10u1) buster; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2019-18849 (Closes: #944851) Using emails with a crafted winmail.dat application/ms-tnef attachment might allow to change .ssh/authorized_keys. tomcat9 (9.0.31-1~deb10u4) buster-security; urgency=medium . * CVE-2021-25122 * CVE-2021-25329 uim (1:1.8.8-4+deb10u5) buster; urgency=medium . * Non-maintainer upload. * libuim-data: Copy Breaks from uim-data as the contents will be temporarily unavailable during the transition to uim-data. (Closes: #988275) underscore (1.9.1~dfsg-1+deb10u1) buster-security; urgency=high . * Team upload * Fix arbitrary code execution (Closes: #986171) velocity (1.7-5+deb10u1) buster; urgency=medium . * CVE-2020-13936: Prevent a potential arbitrary code execution vulnerability that can be exploited by applications that allow untrusted users to upload/modify Velocity templates. (Closes: #985220) webkit2gtk (2.32.1-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev and libmanette-0.2-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. + Switch build dependencies on libgl-dev and libgles-dev with libgl1-mesa-dev and libgles2-mesa-dev. * debian/rules: + Build with -DENABLE_GAMEPAD=OFF (as libmanette is missing). webkit2gtk (2.32.0-2) unstable; urgency=high . * The WebKitGTK security advisory WSA-2021-0003 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2021-1788, CVE-2021-1844, CVE-2021-1871 (fixed in 2.32.0). * debian/patches/fix-ftbfs-m68k.patch: + Compile BytecodeGenerator.cpp without optimizations on m68k and sh4, otherwise the build fails due to gcc bugs. * debian/gbp.conf: + Update upstream branch name. webkit2gtk (2.32.0-1) experimental; urgency=medium . * New upstream release (Closes: #984522). * debian/control: + Make the gir packages require the exact binary versions of libwebkit2gtk-4.0-37 and libjavascriptcoregtk-4.0-18 * debian/watch: + Scan stable releases only. * debian/rules: + Add dependency on xdg-desktop-portal-gtk when the bubblewrap sandbox is enabled (see webkit bug #213148) (thanks, Hannes Müller). webkit2gtk (2.31.91-1) experimental; urgency=medium . * New upstream development release. * debian/patches/fix-mips-page-size.patch: + Increase the page size from 4KB to 16KB on MIPS, this fixes a crash with Loongson CPUs that don't support 4KB pages (see #977779). * debian/patches/fix-ftbfs-i386.patch: + Drop this patch. webkit2gtk (2.31.90-1) experimental; urgency=medium . * New upstream development release. * Enable the gamepad support only on Linux (Closes: #980745): + debian/rules: + Pass -DENABLE_GAMEPAD=OFF on non-Linux build. + debian/control: + Depend on libmanette-0.2-dev only on Linux. * debian/patches/fix-ftbfs-x32.patch: + Refresh patch. * debian/control: + Depend on GStreamer >= 1.14.0. + Update Standards-Version to 4.5.1 (no changes). * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. * debian/copyright: + Update copyright information of all files. * debian/watch: + Set version to 4 (fixes older-debian-watch-file-standard). * debian/patches/fix-ftbfs-i386.patch: + Fix build on i386 (upstream bug #222480). webkit2gtk (2.31.1-1) experimental; urgency=medium . * New upstream development release. * Remove some obsolete build dependencies (see #979170): + gawk is not needed since WebKitGTK switched from autotools to CMake. + libgeoclue-2-dev and geoclue-2.0 are not required since WebKitGTK 2.25.1 (upstream bug 195994). + libupower-glib-dev is not required since WebKitGTK 2.19.92 (upstream bug 181825). + libfile-copy-recursive-perl is not required since WebKitGTK 2.19.3 (upstream bug 180479). + mesa-common-dev used to provide GL/gl.h but this header is now in libgl-dev. + libgles2-mesa-dev used to provide GLES3/gl3.h but this header is now in libgles-dev. + libgl1-mesa-dev and libgles2-mesa-dev are now dummy packages. + libpango1.0-dev is not checked for any specific version at build time so there's no need to list it. * Update the minimum required versions of some packages: + cmake from 3.3 to 3.10 + libglib2.0-dev from 2.36.0 to 2.44.0 + libgtk-3-dev from 3.10.0 to 3.22.0 + libcairo2-dev from 1.10.2 to 1.14.0 + libsoup2.4-dev from 2.42.0 to 2.54.0. * debian/copyright: + Update copyright information of all files. * debian/watch, debian/gbp.conf: + Update for 2.31.x packages in experimental. * Use -DFORCE_32BIT on 32-bit builds. + This replaces debian/patches/fix-ftbfs-x86.patch. * Refresh all patches. * debian/control: + Add build dependency on libmanette-0.2-dev. + Stop suggesting browser-plugin-freshplayer-pepperflash for libwebkit2gtk-4.0-37-gtk2. * debian/NEWS: - Add item explaining the removal of support for NPAPI plugins. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. * Enable the build on non-Linux architectures (Closes: #978098): + debian/rules: - Build with -DUSE_SYSTEMD=OFF if the OS is not Linux. + debian/patches/fix-ftbfs-hurd.patch: - Add alternative implementation of scanDirectoryForDictionaries() that does not use PATH_MAX (for the Hurd). + debian/control: - Set the architecture of all binary packages to 'any' and require bubblewrap, systemd and libwpebackend-fdo on Linux only. webkit2gtk (2.30.6-1) unstable; urgency=high . * New upstream release. * debian/control: + Remove references to browser-plugin-freshplayer-pepperflash, this package is no longer available, see #966474. * debian/patches/include-libwpe.patch: + Fix build with wpebackend-fdo 1.8.1. webkit2gtk (2.30.6-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security. * The WebKitGTK security advisory WSA-2021-0002 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2020-9947 (fixed in 2.30.0). + CVE-2020-27918, CVE-2020-29623, CVE-2021-1765, CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1870 (fixed in 2.30.6). * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. + Switch build dependencies on libgl-dev and libgles-dev with libgl1-mesa-dev and libgles2-mesa-dev. webkit2gtk (2.30.5-1) unstable; urgency=high . * New upstream release (Closes: #978042). * Remove some obsolete build dependencies (Closes: #979170): + gawk is not needed since WebKitGTK switched from autotools to CMake. + libgeoclue-2-dev and geoclue-2.0 are not required since WebKitGTK 2.25.1 (upstream bug 195994). + libupower-glib-dev is not required since WebKitGTK 2.19.92 (upstream bug 181825). + libfile-copy-recursive-perl is not required since WebKitGTK 2.19.3 (upstream bug 180479). + mesa-common-dev used to provide GL/gl.h but this header is now in libgl-dev. + libgles2-mesa-dev used to provide GLES3/gl3.h but this header is now in libgles-dev. + libgl1-mesa-dev and libgles2-mesa-dev are now dummy packages. + libpango1.0-dev is not checked for any specific version at build time so there's no need to list it. * Update the minimum required versions of some packages: + cmake from 3.3 to 3.10 + libglib2.0-dev from 2.36.0 to 2.44.0 + libgtk-3-dev from 3.10.0 to 3.22.0 + libcairo2-dev from 1.10.2 to 1.14.0 + libsoup2.4-dev from 2.42.0 to 2.54.0. * debian/patches/fix-mips-page-size.patch: + Increase the page size from 4KB to 16KB on MIPS, this fixes a crash with Loongson CPUs that don't support 4KB pages (Closes: #977779). * debian/copyright: + Update copyright years. * debian/watch: + Set version to 4 (fixes older-debian-watch-file-standard). * debian/control: + Update Standards-Version to 4.5.1 (no changes). wml (2.12.2~ds1-3~deb10u1) buster; urgency=medium . * Backport Unicode fix to buster, fixing rendering issues with e.g. non-ASCII characters in various languages, as seen when building the Debian website. Some examples include ‘υ’ in Greek and ‘à ’ in French when those characters are at the end of a line. wordpress (5.0.12+dfsg1-0+deb10u1) buster-security; urgency=high . * Security release, fixes 2 bugs Closes: #987065 - CVE-2021-29450 - Authenticated disclosure of password-protected posts and pages. - CVE-2021-29447 - Authenticated XXE attack when installation is running PHP 8 wpa (2:2.7+git20190128+0c1e29f-6+deb10u3) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * WPS UPnP: Do not allow event subscriptions with URLs to other networks (CVE-2020-12695) (Closes: #976106) * WPS UPnP: Fix event message generation using a long URL path (CVE-2020-12695) (Closes: #976106) * WPS UPnP: Handle HTTP initiation failures for events more properly (CVE-2020-12695) (Closes: #976106) * P2P: Fix copying of secondary device types for P2P group client (CVE-2021-0326) (Closes: #981971) * P2P: Fix a corner case in peer addition based on PD Request (CVE-2021-27803) xen (4.11.4+99-g8bce4698f6-1) buster-security; urgency=high . * Update to new upstream version 4.11.4+99-g8bce4698f6, which also contains security fixes for the following issues: - arm: The cache may not be cleaned for newly allocated scrubbed pages XSA-364 CVE-2021-26933 - missed flush in XSA-321 backport XSA-366 CVE-2021-27379 * Note that the following XSA are not listed, because... - XSA-360 and XSA-368 only apply to Xen 4.12 and newer. - XSA-361, XSA-362, XSA-363, XSA-365, XSA-367 and XSA-369 have patches for the Linux kernel. * Drop separate patches for XSAs up to 359 that are now included in the upstream stable branch. * Fix cosmetics wrt. XSA/CVE text formatting in the previous entry. xfce4-weather-plugin (0.8.10-1+deb10u1) buster; urgency=medium . * d/patches: backport upstream port to 2.0 met.no API (Closes: #970259, #969747) xorg-server (2:1.20.4-1+deb10u3) buster-security; urgency=high . * Fix XChangeFeedbackControl() request underflow (CVE-2021-3472) ======================================= Sat, 27 Mar 2021 - Debian 10.9 released ======================================= ========================================================================= [Date: Sat, 27 Mar 2021 09:27:15 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-13-all-amd64 | 4.19.160-2 | amd64 linux-headers-4.19.0-13-amd64 | 4.19.160-2 | amd64 linux-headers-4.19.0-13-cloud-amd64 | 4.19.160-2 | amd64 linux-headers-4.19.0-13-rt-amd64 | 4.19.160-2 | amd64 linux-headers-4.19.0-15-all-amd64 | 4.19.177-1 | amd64 linux-headers-4.19.0-15-amd64 | 4.19.177-1 | amd64 linux-headers-4.19.0-15-cloud-amd64 | 4.19.177-1 | amd64 linux-headers-4.19.0-15-rt-amd64 | 4.19.177-1 | amd64 linux-image-4.19.0-13-amd64-dbg | 4.19.160-2 | amd64 linux-image-4.19.0-13-amd64-unsigned | 4.19.160-2 | amd64 linux-image-4.19.0-13-cloud-amd64-dbg | 4.19.160-2 | amd64 linux-image-4.19.0-13-cloud-amd64-unsigned | 4.19.160-2 | amd64 linux-image-4.19.0-13-rt-amd64-dbg | 4.19.160-2 | amd64 linux-image-4.19.0-13-rt-amd64-unsigned | 4.19.160-2 | amd64 linux-image-4.19.0-15-amd64-dbg | 4.19.177-1 | amd64 linux-image-4.19.0-15-amd64-unsigned | 4.19.177-1 | amd64 linux-image-4.19.0-15-cloud-amd64-dbg | 4.19.177-1 | amd64 linux-image-4.19.0-15-cloud-amd64-unsigned | 4.19.177-1 | amd64 linux-image-4.19.0-15-rt-amd64-dbg | 4.19.177-1 | amd64 linux-image-4.19.0-15-rt-amd64-unsigned | 4.19.177-1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 27 Mar 2021 09:27:28 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-13-all-mipsel | 4.19.160-2 | mipsel linux-headers-4.19.0-15-all-mipsel | 4.19.177-1 | mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 27 Mar 2021 09:27:44 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el ata-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el btrfs-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el btrfs-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el cdrom-core-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el cdrom-core-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el compress-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el compress-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el crc-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el crc-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el crypto-dm-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el crypto-dm-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el crypto-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el crypto-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el event-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el event-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el ext4-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el ext4-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el fancontrol-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el fancontrol-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el fat-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el fat-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el fb-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el fb-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el firewire-core-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el firewire-core-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el fuse-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el fuse-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el hypervisor-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el hypervisor-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el i2c-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el i2c-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el input-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el input-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el isofs-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el isofs-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el jfs-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el jfs-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el kernel-image-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el kernel-image-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el linux-headers-4.19.0-13-all-ppc64el | 4.19.160-2 | ppc64el linux-headers-4.19.0-13-powerpc64le | 4.19.160-2 | ppc64el linux-headers-4.19.0-15-all-ppc64el | 4.19.177-1 | ppc64el linux-headers-4.19.0-15-powerpc64le | 4.19.177-1 | ppc64el linux-image-4.19.0-13-powerpc64le | 4.19.160-2 | ppc64el linux-image-4.19.0-13-powerpc64le-dbg | 4.19.160-2 | ppc64el linux-image-4.19.0-15-powerpc64le | 4.19.177-1 | ppc64el linux-image-4.19.0-15-powerpc64le-dbg | 4.19.177-1 | ppc64el loop-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el loop-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el md-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el md-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el mouse-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el mouse-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el mtd-core-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el mtd-core-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el multipath-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el multipath-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el nbd-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el nbd-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el nic-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el nic-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el nic-shared-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el nic-shared-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el nic-usb-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el nic-usb-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el nic-wireless-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el nic-wireless-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el ppp-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el ppp-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el sata-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el sata-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el scsi-core-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el scsi-core-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el scsi-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el scsi-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el scsi-nic-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el scsi-nic-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el serial-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el serial-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el squashfs-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el squashfs-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el udf-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el udf-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el uinput-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el uinput-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el usb-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el usb-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el usb-serial-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el usb-serial-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el usb-storage-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el usb-storage-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el xfs-modules-4.19.0-13-powerpc64le-di | 4.19.160-2 | ppc64el xfs-modules-4.19.0-15-powerpc64le-di | 4.19.177-1 | ppc64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 27 Mar 2021 09:27:52 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: btrfs-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x btrfs-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x cdrom-core-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x cdrom-core-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x compress-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x compress-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x crc-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x crc-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x crypto-dm-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x crypto-dm-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x crypto-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x crypto-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x dasd-extra-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x dasd-extra-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x dasd-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x dasd-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x ext4-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x ext4-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x fat-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x fat-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x fuse-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x fuse-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x isofs-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x isofs-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x kernel-image-4.19.0-13-s390x-di | 4.19.160-2 | s390x kernel-image-4.19.0-15-s390x-di | 4.19.177-1 | s390x linux-headers-4.19.0-13-all-s390x | 4.19.160-2 | s390x linux-headers-4.19.0-13-s390x | 4.19.160-2 | s390x linux-headers-4.19.0-15-all-s390x | 4.19.177-1 | s390x linux-headers-4.19.0-15-s390x | 4.19.177-1 | s390x linux-image-4.19.0-13-s390x | 4.19.160-2 | s390x linux-image-4.19.0-13-s390x-dbg | 4.19.160-2 | s390x linux-image-4.19.0-15-s390x | 4.19.177-1 | s390x linux-image-4.19.0-15-s390x-dbg | 4.19.177-1 | s390x loop-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x loop-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x md-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x md-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x mtd-core-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x mtd-core-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x multipath-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x multipath-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x nbd-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x nbd-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x nic-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x nic-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x scsi-core-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x scsi-core-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x scsi-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x scsi-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x udf-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x udf-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x xfs-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x xfs-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x zlib-modules-4.19.0-13-s390x-di | 4.19.160-2 | s390x zlib-modules-4.19.0-15-s390x-di | 4.19.177-1 | s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 27 Mar 2021 09:28:14 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-13-all | 4.19.160-2 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x linux-headers-4.19.0-15-all | 4.19.177-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 27 Mar 2021 09:28:24 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-13-all-arm64 | 4.19.160-2 | arm64 linux-headers-4.19.0-13-arm64 | 4.19.160-2 | arm64 linux-headers-4.19.0-13-rt-arm64 | 4.19.160-2 | arm64 linux-headers-4.19.0-15-all-arm64 | 4.19.177-1 | arm64 linux-headers-4.19.0-15-arm64 | 4.19.177-1 | arm64 linux-headers-4.19.0-15-rt-arm64 | 4.19.177-1 | arm64 linux-image-4.19.0-13-arm64-dbg | 4.19.160-2 | arm64 linux-image-4.19.0-13-arm64-unsigned | 4.19.160-2 | arm64 linux-image-4.19.0-13-rt-arm64-dbg | 4.19.160-2 | arm64 linux-image-4.19.0-13-rt-arm64-unsigned | 4.19.160-2 | arm64 linux-image-4.19.0-15-arm64-dbg | 4.19.177-1 | arm64 linux-image-4.19.0-15-arm64-unsigned | 4.19.177-1 | arm64 linux-image-4.19.0-15-rt-arm64-dbg | 4.19.177-1 | arm64 linux-image-4.19.0-15-rt-arm64-unsigned | 4.19.177-1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 27 Mar 2021 09:28:34 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: btrfs-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel btrfs-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel cdrom-core-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel cdrom-core-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel compress-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel compress-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel crc-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel crc-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel crypto-dm-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel crypto-dm-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel crypto-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel crypto-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel event-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel event-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel ext4-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel ext4-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel fat-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel fat-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel fb-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel fb-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel fuse-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel fuse-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel input-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel input-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel ipv6-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel ipv6-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel isofs-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel isofs-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel jffs2-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel jffs2-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel jfs-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel jfs-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel kernel-image-4.19.0-13-marvell-di | 4.19.160-2 | armel kernel-image-4.19.0-15-marvell-di | 4.19.177-1 | armel leds-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel leds-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel linux-headers-4.19.0-13-all-armel | 4.19.160-2 | armel linux-headers-4.19.0-13-marvell | 4.19.160-2 | armel linux-headers-4.19.0-13-rpi | 4.19.160-2 | armel linux-headers-4.19.0-15-all-armel | 4.19.177-1 | armel linux-headers-4.19.0-15-marvell | 4.19.177-1 | armel linux-headers-4.19.0-15-rpi | 4.19.177-1 | armel linux-image-4.19.0-13-marvell | 4.19.160-2 | armel linux-image-4.19.0-13-marvell-dbg | 4.19.160-2 | armel linux-image-4.19.0-13-rpi | 4.19.160-2 | armel linux-image-4.19.0-13-rpi-dbg | 4.19.160-2 | armel linux-image-4.19.0-15-marvell | 4.19.177-1 | armel linux-image-4.19.0-15-marvell-dbg | 4.19.177-1 | armel linux-image-4.19.0-15-rpi | 4.19.177-1 | armel linux-image-4.19.0-15-rpi-dbg | 4.19.177-1 | armel loop-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel loop-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel md-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel md-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel minix-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel minix-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel mmc-core-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel mmc-core-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel mmc-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel mmc-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel mouse-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel mouse-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel mtd-core-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel mtd-core-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel mtd-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel mtd-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel multipath-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel multipath-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel nbd-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel nbd-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel nic-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel nic-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel nic-shared-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel nic-shared-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel nic-usb-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel nic-usb-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel ppp-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel ppp-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel sata-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel sata-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel scsi-core-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel scsi-core-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel squashfs-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel squashfs-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel udf-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel udf-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel uinput-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel uinput-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel usb-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel usb-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel usb-serial-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel usb-serial-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel usb-storage-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel usb-storage-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel zlib-modules-4.19.0-13-marvell-di | 4.19.160-2 | armel zlib-modules-4.19.0-15-marvell-di | 4.19.177-1 | armel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 27 Mar 2021 09:28:44 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf ata-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf btrfs-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf btrfs-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf cdrom-core-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf cdrom-core-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf compress-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf compress-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf crc-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf crc-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf crypto-dm-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf crypto-dm-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf crypto-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf crypto-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf efi-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf efi-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf event-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf event-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf ext4-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf ext4-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf fat-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf fat-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf fb-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf fb-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf fuse-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf fuse-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf i2c-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf i2c-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf input-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf input-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf isofs-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf isofs-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf jfs-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf jfs-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf kernel-image-4.19.0-13-armmp-di | 4.19.160-2 | armhf kernel-image-4.19.0-15-armmp-di | 4.19.177-1 | armhf leds-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf leds-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf linux-headers-4.19.0-13-all-armhf | 4.19.160-2 | armhf linux-headers-4.19.0-13-armmp | 4.19.160-2 | armhf linux-headers-4.19.0-13-armmp-lpae | 4.19.160-2 | armhf linux-headers-4.19.0-13-rt-armmp | 4.19.160-2 | armhf linux-headers-4.19.0-15-all-armhf | 4.19.177-1 | armhf linux-headers-4.19.0-15-armmp | 4.19.177-1 | armhf linux-headers-4.19.0-15-armmp-lpae | 4.19.177-1 | armhf linux-headers-4.19.0-15-rt-armmp | 4.19.177-1 | armhf linux-image-4.19.0-13-armmp | 4.19.160-2 | armhf linux-image-4.19.0-13-armmp-dbg | 4.19.160-2 | armhf linux-image-4.19.0-13-armmp-lpae | 4.19.160-2 | armhf linux-image-4.19.0-13-armmp-lpae-dbg | 4.19.160-2 | armhf linux-image-4.19.0-13-rt-armmp | 4.19.160-2 | armhf linux-image-4.19.0-13-rt-armmp-dbg | 4.19.160-2 | armhf linux-image-4.19.0-15-armmp | 4.19.177-1 | armhf linux-image-4.19.0-15-armmp-dbg | 4.19.177-1 | armhf linux-image-4.19.0-15-armmp-lpae | 4.19.177-1 | armhf linux-image-4.19.0-15-armmp-lpae-dbg | 4.19.177-1 | armhf linux-image-4.19.0-15-rt-armmp | 4.19.177-1 | armhf linux-image-4.19.0-15-rt-armmp-dbg | 4.19.177-1 | armhf loop-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf loop-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf md-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf md-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf mmc-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf mmc-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf mtd-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf mtd-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf multipath-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf multipath-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf nbd-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf nbd-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf nic-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf nic-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf nic-shared-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf nic-shared-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf nic-usb-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf nic-usb-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf nic-wireless-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf nic-wireless-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf pata-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf pata-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf ppp-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf ppp-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf sata-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf sata-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf scsi-core-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf scsi-core-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf scsi-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf scsi-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf scsi-nic-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf scsi-nic-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf squashfs-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf squashfs-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf udf-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf udf-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf uinput-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf uinput-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf usb-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf usb-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf usb-serial-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf usb-serial-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf usb-storage-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf usb-storage-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf zlib-modules-4.19.0-13-armmp-di | 4.19.160-2 | armhf zlib-modules-4.19.0-15-armmp-di | 4.19.177-1 | armhf ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 27 Mar 2021 09:28:54 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-13-686 | 4.19.160-2 | i386 linux-headers-4.19.0-13-686-pae | 4.19.160-2 | i386 linux-headers-4.19.0-13-all-i386 | 4.19.160-2 | i386 linux-headers-4.19.0-13-rt-686-pae | 4.19.160-2 | i386 linux-headers-4.19.0-15-686 | 4.19.177-1 | i386 linux-headers-4.19.0-15-686-pae | 4.19.177-1 | i386 linux-headers-4.19.0-15-all-i386 | 4.19.177-1 | i386 linux-headers-4.19.0-15-rt-686-pae | 4.19.177-1 | i386 linux-image-4.19.0-13-686-dbg | 4.19.160-2 | i386 linux-image-4.19.0-13-686-pae-dbg | 4.19.160-2 | i386 linux-image-4.19.0-13-686-pae-unsigned | 4.19.160-2 | i386 linux-image-4.19.0-13-686-unsigned | 4.19.160-2 | i386 linux-image-4.19.0-13-rt-686-pae-dbg | 4.19.160-2 | i386 linux-image-4.19.0-13-rt-686-pae-unsigned | 4.19.160-2 | i386 linux-image-4.19.0-15-686-dbg | 4.19.177-1 | i386 linux-image-4.19.0-15-686-pae-dbg | 4.19.177-1 | i386 linux-image-4.19.0-15-686-pae-unsigned | 4.19.177-1 | i386 linux-image-4.19.0-15-686-unsigned | 4.19.177-1 | i386 linux-image-4.19.0-15-rt-686-pae-dbg | 4.19.177-1 | i386 linux-image-4.19.0-15-rt-686-pae-unsigned | 4.19.177-1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 27 Mar 2021 09:29:04 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-13-all-mips | 4.19.160-2 | mips linux-headers-4.19.0-15-all-mips | 4.19.177-1 | mips ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 27 Mar 2021 09:29:14 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel affs-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel btrfs-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel btrfs-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel cdrom-core-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel cdrom-core-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel compress-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel compress-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel crc-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel crc-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel crypto-dm-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel crypto-dm-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel crypto-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel crypto-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel event-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel event-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel ext4-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel ext4-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel fat-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel fat-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel fuse-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel fuse-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel hfs-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel hfs-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel input-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel input-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel isofs-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel isofs-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel jfs-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel jfs-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel kernel-image-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel kernel-image-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel linux-headers-4.19.0-13-5kc-malta | 4.19.160-2 | mips, mips64el, mipsel linux-headers-4.19.0-13-octeon | 4.19.160-2 | mips, mips64el, mipsel linux-headers-4.19.0-15-5kc-malta | 4.19.177-1 | mips, mips64el, mipsel linux-headers-4.19.0-15-octeon | 4.19.177-1 | mips, mips64el, mipsel linux-image-4.19.0-13-5kc-malta | 4.19.160-2 | mips, mips64el, mipsel linux-image-4.19.0-13-5kc-malta-dbg | 4.19.160-2 | mips, mips64el, mipsel linux-image-4.19.0-13-octeon | 4.19.160-2 | mips, mips64el, mipsel linux-image-4.19.0-13-octeon-dbg | 4.19.160-2 | mips, mips64el, mipsel linux-image-4.19.0-15-5kc-malta | 4.19.177-1 | mips, mips64el, mipsel linux-image-4.19.0-15-5kc-malta-dbg | 4.19.177-1 | mips, mips64el, mipsel linux-image-4.19.0-15-octeon | 4.19.177-1 | mips, mips64el, mipsel linux-image-4.19.0-15-octeon-dbg | 4.19.177-1 | mips, mips64el, mipsel loop-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel loop-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel md-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel md-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel minix-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel minix-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel multipath-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel multipath-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel nbd-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel nbd-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel nic-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel nic-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel nic-shared-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel nic-shared-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel nic-usb-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel nic-usb-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel nic-wireless-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel nic-wireless-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel pata-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel pata-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel ppp-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel ppp-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel rtc-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel rtc-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel sata-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel sata-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel scsi-core-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel scsi-core-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel scsi-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel scsi-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel scsi-nic-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel scsi-nic-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel sound-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel sound-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel squashfs-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel squashfs-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel udf-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel udf-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel usb-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel usb-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel usb-serial-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel usb-serial-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel usb-storage-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel usb-storage-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel xfs-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel xfs-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel zlib-modules-4.19.0-13-octeon-di | 4.19.160-2 | mips, mips64el, mipsel zlib-modules-4.19.0-15-octeon-di | 4.19.177-1 | mips, mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 27 Mar 2021 09:29:25 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel affs-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel ata-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel ata-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel btrfs-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel btrfs-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel cdrom-core-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel cdrom-core-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel compress-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel compress-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel crc-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel crc-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel crypto-dm-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel crypto-dm-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel crypto-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel crypto-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel event-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel event-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel ext4-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel ext4-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel fat-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel fat-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel fb-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel fb-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel fuse-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel fuse-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel hfs-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel hfs-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel i2c-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel i2c-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel input-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel input-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel isofs-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel isofs-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel jfs-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel jfs-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel kernel-image-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel kernel-image-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel linux-headers-4.19.0-13-4kc-malta | 4.19.160-2 | mips, mipsel linux-headers-4.19.0-15-4kc-malta | 4.19.177-1 | mips, mipsel linux-image-4.19.0-13-4kc-malta | 4.19.160-2 | mips, mipsel linux-image-4.19.0-13-4kc-malta-dbg | 4.19.160-2 | mips, mipsel linux-image-4.19.0-15-4kc-malta | 4.19.177-1 | mips, mipsel linux-image-4.19.0-15-4kc-malta-dbg | 4.19.177-1 | mips, mipsel loop-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel loop-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel md-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel md-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel minix-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel minix-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel mmc-core-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel mmc-core-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel mmc-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel mmc-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel mouse-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel mouse-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel mtd-core-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel mtd-core-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel multipath-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel multipath-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel nbd-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel nbd-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel nic-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel nic-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel nic-shared-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel nic-shared-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel nic-usb-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel nic-usb-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel nic-wireless-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel nic-wireless-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel pata-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel pata-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel ppp-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel ppp-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel sata-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel sata-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel scsi-core-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel scsi-core-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel scsi-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel scsi-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel scsi-nic-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel scsi-nic-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel sound-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel sound-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel squashfs-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel squashfs-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel udf-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel udf-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel usb-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel usb-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel usb-serial-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel usb-serial-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel usb-storage-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel usb-storage-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel xfs-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel xfs-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel zlib-modules-4.19.0-13-4kc-malta-di | 4.19.160-2 | mips, mipsel zlib-modules-4.19.0-15-4kc-malta-di | 4.19.177-1 | mips, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 27 Mar 2021 09:29:32 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el affs-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el ata-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el ata-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el btrfs-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el btrfs-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el cdrom-core-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el cdrom-core-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el compress-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el compress-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el crc-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el crc-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el crypto-dm-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el crypto-dm-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el crypto-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el crypto-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el event-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el event-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el ext4-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el ext4-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el fat-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el fat-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el fb-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el fb-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el fuse-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el fuse-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el hfs-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el hfs-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el i2c-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el i2c-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el input-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el input-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el isofs-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el isofs-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el jfs-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el jfs-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el kernel-image-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el kernel-image-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el linux-headers-4.19.0-13-all-mips64el | 4.19.160-2 | mips64el linux-headers-4.19.0-15-all-mips64el | 4.19.177-1 | mips64el loop-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el loop-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el md-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el md-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el minix-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el minix-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el mmc-core-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el mmc-core-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el mmc-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el mmc-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el mouse-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el mouse-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el mtd-core-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el mtd-core-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el multipath-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el multipath-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el nbd-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el nbd-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el nic-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el nic-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el nic-shared-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el nic-shared-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el nic-usb-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el nic-usb-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el nic-wireless-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el nic-wireless-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el pata-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el pata-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el ppp-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el ppp-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el sata-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el sata-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el scsi-core-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el scsi-core-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el scsi-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el scsi-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el scsi-nic-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el scsi-nic-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el sound-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el sound-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el squashfs-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el squashfs-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el udf-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el udf-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el usb-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el usb-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el usb-serial-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el usb-serial-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el usb-storage-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el usb-storage-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el xfs-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el xfs-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el zlib-modules-4.19.0-13-5kc-malta-di | 4.19.160-2 | mips64el zlib-modules-4.19.0-15-5kc-malta-di | 4.19.177-1 | mips64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 27 Mar 2021 09:29:41 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel affs-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel ata-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel ata-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel btrfs-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel btrfs-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel cdrom-core-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel cdrom-core-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel compress-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel compress-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel crc-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel crc-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel crypto-dm-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel crypto-dm-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel crypto-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel crypto-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel event-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel event-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel ext4-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel ext4-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel fat-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel fat-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel fb-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel fb-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel firewire-core-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel firewire-core-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel fuse-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel fuse-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel hfs-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel hfs-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel input-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel input-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel isofs-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel isofs-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel jfs-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel jfs-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel kernel-image-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel kernel-image-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel linux-headers-4.19.0-13-loongson-3 | 4.19.160-2 | mips64el, mipsel linux-headers-4.19.0-15-loongson-3 | 4.19.177-1 | mips64el, mipsel linux-image-4.19.0-13-loongson-3 | 4.19.160-2 | mips64el, mipsel linux-image-4.19.0-13-loongson-3-dbg | 4.19.160-2 | mips64el, mipsel linux-image-4.19.0-15-loongson-3 | 4.19.177-1 | mips64el, mipsel linux-image-4.19.0-15-loongson-3-dbg | 4.19.177-1 | mips64el, mipsel loop-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel loop-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel md-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel md-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel minix-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel minix-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel mtd-core-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel mtd-core-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel multipath-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel multipath-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel nbd-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel nbd-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel nfs-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel nfs-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel nic-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel nic-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel nic-shared-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel nic-shared-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel nic-usb-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel nic-usb-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel nic-wireless-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel nic-wireless-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel pata-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel pata-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel ppp-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel ppp-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel sata-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel sata-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel scsi-core-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel scsi-core-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel scsi-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel scsi-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel scsi-nic-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel scsi-nic-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel sound-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel sound-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel speakup-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel speakup-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel squashfs-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel squashfs-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel udf-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel udf-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel usb-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel usb-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel usb-serial-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel usb-serial-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel usb-storage-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel usb-storage-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel xfs-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel xfs-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel zlib-modules-4.19.0-13-loongson-3-di | 4.19.160-2 | mips64el, mipsel zlib-modules-4.19.0-15-loongson-3-di | 4.19.177-1 | mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 27 Mar 2021 09:29:48 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: acpi-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 acpi-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 ata-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 ata-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 btrfs-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 btrfs-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 cdrom-core-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 cdrom-core-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 compress-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 compress-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 crc-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 crc-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 crypto-dm-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 crypto-dm-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 crypto-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 crypto-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 efi-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 efi-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 event-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 event-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 ext4-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 ext4-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 fat-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 fat-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 fb-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 fb-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 firewire-core-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 firewire-core-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 fuse-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 fuse-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 i2c-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 i2c-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 input-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 input-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 isofs-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 isofs-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 jfs-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 jfs-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 kernel-image-4.19.0-13-amd64-di | 4.19.160-2 | amd64 kernel-image-4.19.0-15-amd64-di | 4.19.177-1 | amd64 linux-image-4.19.0-13-amd64 | 4.19.160-2 | amd64 linux-image-4.19.0-13-cloud-amd64 | 4.19.160-2 | amd64 linux-image-4.19.0-13-rt-amd64 | 4.19.160-2 | amd64 linux-image-4.19.0-15-amd64 | 4.19.177-1 | amd64 linux-image-4.19.0-15-cloud-amd64 | 4.19.177-1 | amd64 linux-image-4.19.0-15-rt-amd64 | 4.19.177-1 | amd64 loop-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 loop-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 md-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 md-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 mmc-core-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 mmc-core-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 mmc-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 mmc-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 mouse-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 mouse-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 mtd-core-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 mtd-core-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 multipath-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 multipath-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 nbd-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 nbd-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 nic-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 nic-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 nic-pcmcia-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 nic-pcmcia-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 nic-shared-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 nic-shared-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 nic-usb-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 nic-usb-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 nic-wireless-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 nic-wireless-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 pata-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 pata-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 pcmcia-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 pcmcia-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 pcmcia-storage-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 pcmcia-storage-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 ppp-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 ppp-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 sata-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 sata-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 scsi-core-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 scsi-core-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 scsi-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 scsi-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 scsi-nic-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 scsi-nic-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 serial-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 serial-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 sound-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 sound-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 speakup-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 speakup-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 squashfs-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 squashfs-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 udf-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 udf-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 uinput-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 uinput-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 usb-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 usb-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 usb-serial-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 usb-serial-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 usb-storage-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 usb-storage-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 xfs-modules-4.19.0-13-amd64-di | 4.19.160-2 | amd64 xfs-modules-4.19.0-15-amd64-di | 4.19.177-1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-amd64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 27 Mar 2021 09:29:56 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 ata-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 btrfs-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 btrfs-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 cdrom-core-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 cdrom-core-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 compress-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 compress-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 crc-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 crc-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 crypto-dm-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 crypto-dm-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 crypto-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 crypto-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 efi-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 efi-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 event-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 event-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 ext4-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 ext4-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 fat-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 fat-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 fb-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 fb-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 fuse-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 fuse-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 i2c-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 i2c-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 input-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 input-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 isofs-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 isofs-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 jfs-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 jfs-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 kernel-image-4.19.0-13-arm64-di | 4.19.160-2 | arm64 kernel-image-4.19.0-15-arm64-di | 4.19.177-1 | arm64 leds-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 leds-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 linux-image-4.19.0-13-arm64 | 4.19.160-2 | arm64 linux-image-4.19.0-13-rt-arm64 | 4.19.160-2 | arm64 linux-image-4.19.0-15-arm64 | 4.19.177-1 | arm64 linux-image-4.19.0-15-rt-arm64 | 4.19.177-1 | arm64 loop-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 loop-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 md-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 md-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 mmc-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 mmc-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 mtd-core-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 mtd-core-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 multipath-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 multipath-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 nbd-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 nbd-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 nic-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 nic-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 nic-shared-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 nic-shared-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 nic-usb-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 nic-usb-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 nic-wireless-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 nic-wireless-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 ppp-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 ppp-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 sata-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 sata-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 scsi-core-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 scsi-core-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 scsi-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 scsi-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 scsi-nic-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 scsi-nic-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 squashfs-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 squashfs-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 udf-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 udf-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 uinput-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 uinput-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 usb-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 usb-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 usb-serial-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 usb-serial-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 usb-storage-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 usb-storage-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 xfs-modules-4.19.0-13-arm64-di | 4.19.160-2 | arm64 xfs-modules-4.19.0-15-arm64-di | 4.19.177-1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-arm64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 27 Mar 2021 09:30:05 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: acpi-modules-4.19.0-13-686-di | 4.19.160-2 | i386 acpi-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 acpi-modules-4.19.0-15-686-di | 4.19.177-1 | i386 acpi-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 ata-modules-4.19.0-13-686-di | 4.19.160-2 | i386 ata-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 ata-modules-4.19.0-15-686-di | 4.19.177-1 | i386 ata-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 btrfs-modules-4.19.0-13-686-di | 4.19.160-2 | i386 btrfs-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 btrfs-modules-4.19.0-15-686-di | 4.19.177-1 | i386 btrfs-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 cdrom-core-modules-4.19.0-13-686-di | 4.19.160-2 | i386 cdrom-core-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 cdrom-core-modules-4.19.0-15-686-di | 4.19.177-1 | i386 cdrom-core-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 compress-modules-4.19.0-13-686-di | 4.19.160-2 | i386 compress-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 compress-modules-4.19.0-15-686-di | 4.19.177-1 | i386 compress-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 crc-modules-4.19.0-13-686-di | 4.19.160-2 | i386 crc-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 crc-modules-4.19.0-15-686-di | 4.19.177-1 | i386 crc-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 crypto-dm-modules-4.19.0-13-686-di | 4.19.160-2 | i386 crypto-dm-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 crypto-dm-modules-4.19.0-15-686-di | 4.19.177-1 | i386 crypto-dm-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 crypto-modules-4.19.0-13-686-di | 4.19.160-2 | i386 crypto-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 crypto-modules-4.19.0-15-686-di | 4.19.177-1 | i386 crypto-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 efi-modules-4.19.0-13-686-di | 4.19.160-2 | i386 efi-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 efi-modules-4.19.0-15-686-di | 4.19.177-1 | i386 efi-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 event-modules-4.19.0-13-686-di | 4.19.160-2 | i386 event-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 event-modules-4.19.0-15-686-di | 4.19.177-1 | i386 event-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 ext4-modules-4.19.0-13-686-di | 4.19.160-2 | i386 ext4-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 ext4-modules-4.19.0-15-686-di | 4.19.177-1 | i386 ext4-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 fat-modules-4.19.0-13-686-di | 4.19.160-2 | i386 fat-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 fat-modules-4.19.0-15-686-di | 4.19.177-1 | i386 fat-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 fb-modules-4.19.0-13-686-di | 4.19.160-2 | i386 fb-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 fb-modules-4.19.0-15-686-di | 4.19.177-1 | i386 fb-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 firewire-core-modules-4.19.0-13-686-di | 4.19.160-2 | i386 firewire-core-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 firewire-core-modules-4.19.0-15-686-di | 4.19.177-1 | i386 firewire-core-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 fuse-modules-4.19.0-13-686-di | 4.19.160-2 | i386 fuse-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 fuse-modules-4.19.0-15-686-di | 4.19.177-1 | i386 fuse-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 i2c-modules-4.19.0-13-686-di | 4.19.160-2 | i386 i2c-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 i2c-modules-4.19.0-15-686-di | 4.19.177-1 | i386 i2c-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 input-modules-4.19.0-13-686-di | 4.19.160-2 | i386 input-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 input-modules-4.19.0-15-686-di | 4.19.177-1 | i386 input-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 isofs-modules-4.19.0-13-686-di | 4.19.160-2 | i386 isofs-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 isofs-modules-4.19.0-15-686-di | 4.19.177-1 | i386 isofs-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 jfs-modules-4.19.0-13-686-di | 4.19.160-2 | i386 jfs-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 jfs-modules-4.19.0-15-686-di | 4.19.177-1 | i386 jfs-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 kernel-image-4.19.0-13-686-di | 4.19.160-2 | i386 kernel-image-4.19.0-13-686-pae-di | 4.19.160-2 | i386 kernel-image-4.19.0-15-686-di | 4.19.177-1 | i386 kernel-image-4.19.0-15-686-pae-di | 4.19.177-1 | i386 linux-image-4.19.0-13-686 | 4.19.160-2 | i386 linux-image-4.19.0-13-686-pae | 4.19.160-2 | i386 linux-image-4.19.0-13-rt-686-pae | 4.19.160-2 | i386 linux-image-4.19.0-15-686 | 4.19.177-1 | i386 linux-image-4.19.0-15-686-pae | 4.19.177-1 | i386 linux-image-4.19.0-15-rt-686-pae | 4.19.177-1 | i386 loop-modules-4.19.0-13-686-di | 4.19.160-2 | i386 loop-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 loop-modules-4.19.0-15-686-di | 4.19.177-1 | i386 loop-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 md-modules-4.19.0-13-686-di | 4.19.160-2 | i386 md-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 md-modules-4.19.0-15-686-di | 4.19.177-1 | i386 md-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 mmc-core-modules-4.19.0-13-686-di | 4.19.160-2 | i386 mmc-core-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 mmc-core-modules-4.19.0-15-686-di | 4.19.177-1 | i386 mmc-core-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 mmc-modules-4.19.0-13-686-di | 4.19.160-2 | i386 mmc-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 mmc-modules-4.19.0-15-686-di | 4.19.177-1 | i386 mmc-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 mouse-modules-4.19.0-13-686-di | 4.19.160-2 | i386 mouse-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 mouse-modules-4.19.0-15-686-di | 4.19.177-1 | i386 mouse-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 mtd-core-modules-4.19.0-13-686-di | 4.19.160-2 | i386 mtd-core-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 mtd-core-modules-4.19.0-15-686-di | 4.19.177-1 | i386 mtd-core-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 multipath-modules-4.19.0-13-686-di | 4.19.160-2 | i386 multipath-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 multipath-modules-4.19.0-15-686-di | 4.19.177-1 | i386 multipath-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 nbd-modules-4.19.0-13-686-di | 4.19.160-2 | i386 nbd-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 nbd-modules-4.19.0-15-686-di | 4.19.177-1 | i386 nbd-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 nic-modules-4.19.0-13-686-di | 4.19.160-2 | i386 nic-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 nic-modules-4.19.0-15-686-di | 4.19.177-1 | i386 nic-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 nic-pcmcia-modules-4.19.0-13-686-di | 4.19.160-2 | i386 nic-pcmcia-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 nic-pcmcia-modules-4.19.0-15-686-di | 4.19.177-1 | i386 nic-pcmcia-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 nic-shared-modules-4.19.0-13-686-di | 4.19.160-2 | i386 nic-shared-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 nic-shared-modules-4.19.0-15-686-di | 4.19.177-1 | i386 nic-shared-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 nic-usb-modules-4.19.0-13-686-di | 4.19.160-2 | i386 nic-usb-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 nic-usb-modules-4.19.0-15-686-di | 4.19.177-1 | i386 nic-usb-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 nic-wireless-modules-4.19.0-13-686-di | 4.19.160-2 | i386 nic-wireless-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 nic-wireless-modules-4.19.0-15-686-di | 4.19.177-1 | i386 nic-wireless-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 pata-modules-4.19.0-13-686-di | 4.19.160-2 | i386 pata-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 pata-modules-4.19.0-15-686-di | 4.19.177-1 | i386 pata-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 pcmcia-modules-4.19.0-13-686-di | 4.19.160-2 | i386 pcmcia-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 pcmcia-modules-4.19.0-15-686-di | 4.19.177-1 | i386 pcmcia-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 pcmcia-storage-modules-4.19.0-13-686-di | 4.19.160-2 | i386 pcmcia-storage-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 pcmcia-storage-modules-4.19.0-15-686-di | 4.19.177-1 | i386 pcmcia-storage-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 ppp-modules-4.19.0-13-686-di | 4.19.160-2 | i386 ppp-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 ppp-modules-4.19.0-15-686-di | 4.19.177-1 | i386 ppp-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 sata-modules-4.19.0-13-686-di | 4.19.160-2 | i386 sata-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 sata-modules-4.19.0-15-686-di | 4.19.177-1 | i386 sata-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 scsi-core-modules-4.19.0-13-686-di | 4.19.160-2 | i386 scsi-core-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 scsi-core-modules-4.19.0-15-686-di | 4.19.177-1 | i386 scsi-core-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 scsi-modules-4.19.0-13-686-di | 4.19.160-2 | i386 scsi-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 scsi-modules-4.19.0-15-686-di | 4.19.177-1 | i386 scsi-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 scsi-nic-modules-4.19.0-13-686-di | 4.19.160-2 | i386 scsi-nic-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 scsi-nic-modules-4.19.0-15-686-di | 4.19.177-1 | i386 scsi-nic-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 serial-modules-4.19.0-13-686-di | 4.19.160-2 | i386 serial-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 serial-modules-4.19.0-15-686-di | 4.19.177-1 | i386 serial-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 sound-modules-4.19.0-13-686-di | 4.19.160-2 | i386 sound-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 sound-modules-4.19.0-15-686-di | 4.19.177-1 | i386 sound-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 speakup-modules-4.19.0-13-686-di | 4.19.160-2 | i386 speakup-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 speakup-modules-4.19.0-15-686-di | 4.19.177-1 | i386 speakup-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 squashfs-modules-4.19.0-13-686-di | 4.19.160-2 | i386 squashfs-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 squashfs-modules-4.19.0-15-686-di | 4.19.177-1 | i386 squashfs-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 udf-modules-4.19.0-13-686-di | 4.19.160-2 | i386 udf-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 udf-modules-4.19.0-15-686-di | 4.19.177-1 | i386 udf-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 uinput-modules-4.19.0-13-686-di | 4.19.160-2 | i386 uinput-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 uinput-modules-4.19.0-15-686-di | 4.19.177-1 | i386 uinput-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 usb-modules-4.19.0-13-686-di | 4.19.160-2 | i386 usb-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 usb-modules-4.19.0-15-686-di | 4.19.177-1 | i386 usb-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 usb-serial-modules-4.19.0-13-686-di | 4.19.160-2 | i386 usb-serial-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 usb-serial-modules-4.19.0-15-686-di | 4.19.177-1 | i386 usb-serial-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 usb-storage-modules-4.19.0-13-686-di | 4.19.160-2 | i386 usb-storage-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 usb-storage-modules-4.19.0-15-686-di | 4.19.177-1 | i386 usb-storage-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 xfs-modules-4.19.0-13-686-di | 4.19.160-2 | i386 xfs-modules-4.19.0-13-686-pae-di | 4.19.160-2 | i386 xfs-modules-4.19.0-15-686-di | 4.19.177-1 | i386 xfs-modules-4.19.0-15-686-pae-di | 4.19.177-1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-i386) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 27 Mar 2021 09:30:21 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-13-common | 4.19.160-2 | all linux-headers-4.19.0-13-common-rt | 4.19.160-2 | all linux-headers-4.19.0-15-common | 4.19.177-1 | all linux-headers-4.19.0-15-common-rt | 4.19.177-1 | all linux-support-4.19.0-13 | 4.19.160-2 | all linux-support-4.19.0-15 | 4.19.177-1 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux - based on source metadata) ---------------------------------------------- ========================================================================= avahi (0.7-4+deb10u1) buster; urgency=medium . [ Simon McVittie ] * Remove avahi-daemon-check-dns mechanism, no longer needed. Thanks to Trent Lloyd, Sebastien Bacher (LP: #1870824) (Closes: #433945, #559927, #629509, #747895, #878586, #898038, #929010) . [ Sjoerd Simons ] * Don't remove avahi-daemon postdown symlink in maintscript base-files (10.3+deb10u9) buster; urgency=medium . * Change /etc/debian_version to 10.9, for Debian 10.9 point release. bind9 (1:9.11.5.P4+dfsg-5.1+deb10u3) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Buffer overflow in GSSAPI security policy negotiation (CVE-2020-8625) chromium (88.0.4324.182-1~deb10u1) buster-security; urgency=medium . * New upstream security release. - CVE-2021-21148: Heap buffer overflow in V8. Reported by Mattias Buelens - CVE-2021-21149: Stack overflow in Data Transfer. Reported by Ryoya Tsukasaki - CVE-2021-21150: Use after free in Downloads. Reported by Woojin Oh - CVE-2021-21151: Use after free in Payments. Reported by Khalil Zhani - CVE-2021-21152: Heap buffer overflow in Media. Reported by Anonymous - CVE-2021-21153: Stack overflow in GPU Process. Reported by Jan Ruge - CVE-2021-21154: Heap buffer overflow in Tab Strip . Reported by Abdulrahman Alqabandi - CVE-2021-21155: Heap buffer overflow in Tab Strip . Reported by Khalil Zhani - CVE-2021-21156: Heap buffer overflow in V8. Reported by Sergei Glazunov - CVE-2021-21157: Use after free in Web Sockets. Reported by Anonymous chromium (88.0.4324.150-1) unstable; urgency=medium . * New upstream security release (closes: #982205). - CVE-2021-21148: Heap buffer overflow in V8. Reported by Mattias Buelens chromium (88.0.4324.146-1) unstable; urgency=medium . * New upstream stable release. - CVE-2021-21142: Use after free in Payments. Reported by Khalil Zhani - CVE-2021-21143: Heap buffer overflow in Extensions. Reported by Allen Parker & Alex Morgan of MU - CVE-2021-21144: Heap buffer overflow in Tab Groups. Reported by Leecraso and Guang Gong of 360 Alpha Lab - CVE-2021-21145: Use after free in Fonts. Reported by Anonymous - CVE-2021-21146: Use after free in Navigation. Reported by Alison Huffman and Choongwoo Han of Microsoft Browser Vulnerability Research - CVE-2021-21147: Inappropriate implementation in Skia. Reported by Roman Starkov chromium (88.0.4324.146-1~deb10u1) buster-security; urgency=medium . * New upstream stable release. - CVE-2021-21117: Insufficient policy enforcement in Cryptohome. Reported by Rory McNamara - CVE-2021-21118: Insufficient data validation in V8. Reported by Tyler Nighswander - CVE-2021-21119: Use after free in Media. Reported by Anonymous - CVE-2021-21120: Use after free in WebSQL. Reported by Nan Wang and Guang Gong - CVE-2021-21121: Use after free in Omnibox. Reported by Leecraso and Guang Gong - CVE-2021-21122: Use after free in Blink. Reported by Renata Hodovan - CVE-2021-21123: Insufficient data validation in File System API. Reported by Maciej Pulikowski - CVE-2021-21124: Potential user after free in Speech Recognizer. Reported by Chaoyang Ding - CVE-2021-21125: Insufficient policy enforcement in File System API. Reported by Ron Masas - CVE-2020-16044: Use after free in WebRTC. Reported by Ned Williamson - CVE-2021-21126: Insufficient policy enforcement in extensions. Reported by David Erceg - CVE-2021-21127: Insufficient policy enforcement in extensions. Reported by Jasminder Pal Singh - CVE-2021-21128: Heap buffer overflow in Blink. Reported by Liang Dong - CVE-2021-21129: Insufficient policy enforcement in File System API. Reported by Maciej Pulikowski - CVE-2021-21130: Insufficient policy enforcement in File System API. Reported by Maciej Pulikowski - CVE-2021-21131: Insufficient policy enforcement in File System API. Reported by Maciej Pulikowski - CVE-2021-21132: Inappropriate implementation in DevTools. Reported by David Erceg - CVE-2021-21133: Insufficient policy enforcement in Downloads. Reported by wester0x01 - CVE-2021-21134: Incorrect security UI in Page Info. Reported by wester0x01 - CVE-2021-21135: Inappropriate implementation in Performance API. Reported by ndevtk - CVE-2021-21136: Insufficient policy enforcement in WebView. Reported by Shiv Sahni, Movnavinothan V and Imdad Mohammed - CVE-2021-21137: Inappropriate implementation in DevTools. Reported by bobblybear - CVE-2021-21138: Use after free in DevTools. Reported by Weipeng Jiang - CVE-2021-21139: Inappropriate implementation in iframe sandbox. Reported by Jun Kokatsu - CVE-2021-21140: Uninitialized Use in USB. Reported by David Manouchehri - CVE-2021-21141: Insufficient policy enforcement in File System API. Reported by Maciej Pulikowski - CVE-2021-21142: Use after free in Payments. Reported by Khalil Zhani - CVE-2021-21143: Heap buffer overflow in Extensions. Reported by Allen Parker & Alex Morgan - CVE-2021-21144: Heap buffer overflow in Tab Groups. Reported by Leecraso and Guang Gong - CVE-2021-21145: Use after free in Fonts. Reported by Anonymous - CVE-2021-21146: Use after free in Navigation. Reported by Alison Huffman and Choongwoo Han - CVE-2021-21147: Inappropriate implementation in Skia. Reported by Roman Starkov chromium (88.0.4324.96-2) unstable; urgency=medium . * Add Michel Le Bihan to uploaders. * Add openjpeg include dirs to pdfium BUILD.gn (closes: #981270). chromium (88.0.4324.96-1) unstable; urgency=medium . * Organize patches. * Use system vpx again. * Support icu 6.3 and clang 7 in buster again. * Apply the non-maintainer uploads (closes: #972134). - Thanks to Michel Le Bihan, Jan Luca Naumann, and Peter Michael Green. chromium (88.0.4324.96-0.1) unstable; urgency=medium . * Non-maintainer upload. * New upstream stable release (closes: 980564). - CVE-2021-21117: Insufficient policy enforcement in Cryptohome. Reported by Rory McNamara - CVE-2021-21118: Insufficient data validation in V8. Reported by Tyler Nighswander @tylerni7 of Theori - CVE-2021-21119: Use after free in Media. Reported by Anonymous - CVE-2021-21120: Use after free in WebSQL. Reported by Nan Wang @eternalsakura13 and Guang Gong of 360 Alpha Lab - CVE-2021-21121: Use after free in Omnibox. Reported by Leecraso and Guang Gong of 360 Alpha Lab - CVE-2021-21122: Use after free in Blink. Reported by Renata Hodovan - CVE-2021-21123: Insufficient data validation in File System API. Reported by Maciej Pulikowski - CVE-2021-21124: Potential user after free in Speech Recognizer. Reported by Chaoyang Ding(@V4kst1z) from Codesafe Team of Legendsec at Qi'anxin Group - CVE-2021-21125: Insufficient policy enforcement in File System API. Reported by Ron Masas - CVE-2020-16044: Use after free in WebRTC. Reported by Ned Williamson of Project Zero - CVE-2021-21126: Insufficient policy enforcement in extensions. Reported by David Erceg - CVE-2021-21127: Insufficient policy enforcement in extensions. Reported by Jasminder Pal Singh, Web Services Point WSP, Kotkapura - CVE-2021-21128: Heap buffer overflow in Blink. Reported by Liang Dong - CVE-2021-21129: Insufficient policy enforcement in File System API. Reported by Maciej Pulikowski - CVE-2021-21130: Insufficient policy enforcement in File System API. Reported by Maciej Pulikowski - CVE-2021-21131: Insufficient policy enforcement in File System API. Reported by Maciej Pulikowski - CVE-2021-21132: Inappropriate implementation in DevTools. Reported by David Erceg - CVE-2021-21133: Insufficient policy enforcement in Downloads. Reported by wester0x01 - CVE-2021-21134: Incorrect security UI in Page Info. Reported by wester0x01 - CVE-2021-21135: Inappropriate implementation in Performance API. Reported by ndevtk - CVE-2021-21136: Insufficient policy enforcement in WebView. Reported by Shiv Sahni, Movnavinothan V and Imdad Mohammed - CVE-2021-21137: Inappropriate implementation in DevTools. Reported by bobblybear - CVE-2021-21138: Use after free in DevTools. Reported by Weipeng Jiang @Krace from Codesafe Team of Legendsec at Qi'anxin Group - CVE-2021-21139: Inappropriate implementation in iframe sandbox. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research - CVE-2021-21140: Uninitialized Use in USB. Reported by David Manouchehri - CVE-2021-21141: Insufficient policy enforcement in File System API. Reported by Maciej Pulikowski . [ Jan Luca Naumann ] * Add watch file. . [ Mattia Rizzolo ] * Change get-orig-source to produce reproducible tarballs. chromium (87.0.4280.141-0.1) unstable; urgency=medium . * Non-maintainer upload. * New upstream security release (closes: 979520). - CVE-2021-21106: Use after free in autofill. Reported by Weipeng Jiang @Krace from Codesafe Team of Legendsec at Qi'anxin Group - CVE-2021-21107: Use after free in drag and drop. Reported by Leecraso and Guang Gong of 360 Alpha Lab - CVE-2021-21108: Use after free in media. Reported by Leecraso and Guang Gong of 360 Alpha Lab - CVE-2021-21109: Use after free in payments. Reported by Rong Jian and Guang Gong of 360 Alpha Lab - CVE-2021-21110: Use after free in safe browsing. Reported by Anonymous - CVE-2021-21111: Insufficient policy enforcement in WebUI. Reported by Alesandro Ortiz - CVE-2021-21112: Use after free in Blink. Reported by YoungJoo Lee @ashuu_lee of Raon Whitehat - CVE-2021-21113: Heap buffer overflow in Skia. Reported by tsubmunu - CVE-2020-16043: Insufficient data validation in networking. Reported by Samy Kamkar, Ben Seri at Armis, Gregory Vishnepolsky at Armis - CVE-2021-21114: Use after free in audio. Reported by Man Yue Mo of GitHub Security Lab - CVE-2020-15995: Out of bounds write in V8. Reported by Bohan Liu @P4nda20371774 of Tencent Security Xuanwu Lab - CVE-2021-21115: Use after free in safe browsing. Reported by Leecraso and Guang Gong of 360 Alpha Lab - CVE-2021-21116: Heap buffer overflow in audio. Reported by Alison Huffman, Microsoft Browser Vulnerability Research . [ Jan Luca Naumann ] * Use desktop gl implementation as default. (closes: 979135) cloud-init (20.2-2~deb10u2) buster; urgency=high . * Avoid logging generated passwords to world-readable log files. CVE-2021-3429. (Closes: #985540) connman (1.36-2.1~deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Rebuild for buster-security . connman (1.36-2.1) unstable; urgency=high . * Non-maintainer upload. * gdhcp: Avoid reading invalid data in dhcp_get_option (CVE-2021-26676) * gdhcp: Avoid leaking stack data via unitiialized variable (CVE-2021-26676) * dnsproxy: Add length checks to prevent buffer overflow (CVE-2021-26675) debian-archive-keyring (2019.1+deb10u1) buster; urgency=medium . * Remove jessie's archive keys (Closes: #981343) * Add automatic signing keys for bullseye (Closes: #977911) * Update my own key * Add Debian Stable Release Key (11/bullseye) (ID: 600062A9605C66F00D6C9793) (Closes: #977910) * Refresh signatures over keyrings/debian-archive-keyring.gpg and keyrings/debian-archive-removed-keys.gpg * Add myself to uploaders debian-installer (20190702+deb10u9) buster; urgency=medium . * Bump Linux ABI to 4.19.0-16. debian-installer-netboot-images (20190702+deb10u9) buster; urgency=medium . * Update to 20190702+deb10u9, from buster-proposed-updates. dnsmasq (2.80-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix DNSpooq issue: CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687. exim4 (4.92-8+deb10u5) buster; urgency=medium . * Fix use of concurrent TLS connections under GnuTLS: 80_01-GnuTLS-fix-hanging-callout-connections.patch 80_02-GnuTLS-tls_write-wait-after-uncorking-the-session.patch 80_03-GnuTLS-Do-not-care-about-corked-data-when-uncorking.patch (Thanks, Heiko Schlittermann for the backport) * Pull 82_TLS-use-RFC-6125-rules-for-certifucate-name-checks-w.patch from upstream git (already included in 4.94), on TLS connections to a CNAME verify the certificate against the original CNAME instead of against the A record. Closes: #985243 * In README.Debian explicitly document the limitation/extent of server certificate checking (authenticity not enforced) in the default configuration (Thanks, Jö Fahlke). This Closes: #985244 (improved documentation and Closes: #985344 (Yes, without required cert checking MitM attacks are possible, but for a stable update documenting this is the best compromise.) fetchmail (6.4.0~beta4-3+deb10u1) buster; urgency=medium . * Backport fix to no longer reports System error during SSL_connect(): Success (closes: #928916). * Remove forced OpenSSL version check (closes: #980766). firefox-esr (78.8.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2021-08, also known as: CVE-2021-23969, CVE-2021-23968, CVE-2021-23973, CVE-2021-23978. firefox-esr (78.7.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2021-04, also known as: CVE-2021-23953, CVE-2021-23954, CVE-2020-26976, CVE-2021-23960, CVE-2021-23964. firejail (0.9.58.2-2+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Disable overlayfs support (CVE-2021-26910) flatpak (1.2.5-0+deb10u4) buster-security; urgency=high . * Add patches from upstream 1.10.2 release to fix a sandbox escape via special tokens in .desktop files (flatpak#4146, Closes: #984859) fwupd (1.2.13-3+deb10u2) buster; urgency=medium . * Turn off flashrom configuration added by mistake in the previous upload. fwupd (1.2.13-3+deb10u1) buster; urgency=medium . * Backport support for SBAT from 1_2_X fwupd-amd64-signed (1.2.13+3+deb10u2) buster; urgency=medium . * Update to fwupd version 1.2.13-3+deb10u2 fwupd-arm64-signed (1.2.13+3+deb10u2) buster; urgency=medium . * Update to fwupd version 1.2.13-3+deb10u2 fwupd-armhf-signed (1.2.13+3+deb10u2) buster; urgency=medium . * Update to fwupd version 1.2.13-3+deb10u2 fwupd-i386-signed (1.2.13+3+deb10u2) buster; urgency=medium . * Update to fwupd version 1.2.13-3+deb10u2 fwupdate (12-4+deb10u3) buster; urgency=medium . * Disable linker warning on armhf fwupdate (12-4+deb10u2) buster; urgency=medium . * Add SBAT support + Add build-depend on dos2unix + Add Debian and Ubuntu SBAT templates and scripting to use them fwupdate-amd64-signed (12+4+deb10u3) buster; urgency=medium . * Update to fwupdate version 12-4+deb10u3 fwupdate-amd64-signed (12+4+deb10u2) buster; urgency=medium . * Update to fwupdate version 12-4+deb10u2 fwupdate-arm64-signed (12+4+deb10u3) buster; urgency=medium . * Update to fwupdate version 12-4+deb10u3 fwupdate-arm64-signed (12+4+deb10u2) buster; urgency=medium . * Update to fwupdate version 12-4+deb10u2 fwupdate-armhf-signed (12+4+deb10u3) buster; urgency=medium . * Update to fwupdate version 12-4+deb10u3 fwupdate-i386-signed (12+4+deb10u3) buster; urgency=medium . * Update to fwupdate version 12-4+deb10u3 fwupdate-i386-signed (12+4+deb10u2) buster; urgency=medium . * Update to fwupdate version 12-4+deb10u2 gdnsd (2.4.3-1) buster; urgency=medium . * Fix CVE-2019-13952: IPv6 addresses in local zone file data which are longer than the maximum legitimate IPv6 address cause a stack buffer overflow and crash. (Closes: #932407) groff (1.22.4-3+deb10u1) buster; urgency=medium . * Rebuild against ghostscript 9.27 (closes: #982302). grub-efi-amd64-signed (1+2.02+dfsg1+20+deb10u4) buster-security; urgency=high . * Update to grub2 2.02+dfsg1-20+deb10u4 grub-efi-arm64-signed (1+2.02+dfsg1+20+deb10u4) buster-security; urgency=high . * Update to grub2 2.02+dfsg1-20+deb10u4 grub-efi-ia32-signed (1+2.02+dfsg1+20+deb10u4) buster-security; urgency=high . * Update to grub2 2.02+dfsg1-20+deb10u4 grub2 (2.02+dfsg1-20+deb10u4) buster-security; urgency=high . * Fix broken advice in message when the postinst has to bail out (thanks to Daniel Leidert for pointing out the problem). * Backport security patch series from upstream: - kern: Add lockdown support - kern/lockdown: Set a variable if the GRUB is locked down - efi: Lockdown the GRUB when the UEFI Secure Boot is enabled - efi: Use grub_is_lockdown() instead of hardcoding a disabled modules list - CVE-2020-14372: acpi: Don't register the acpi command when locked down - CVE-2020-27779: mmap: Don't register cutmem and badram commands when lockdown is enforced - commands: Restrict commands that can load BIOS or DT blobs when locked down - commands/setpci: Restrict setpci command when locked down - commands/hdparm: Restrict hdparm command when locked down - gdb: Restrict GDB access when locked down - loader/xnu: Don't allow loading extension and packages when locked down - docs: Document the cutmem command - CVE-2020-25632: dl: Only allow unloading modules that are not dependencies - CVE-2020-25647: usb: Avoid possible out-of-bound accesses caused by malicious devices - mmap: Fix memory leak when iterating over mapped memory - net/net: Fix possible dereference to of a NULL pointer - net/tftp: Fix dangling memory pointer - kern/parser: Fix resource leak if argc == 0 - kern/efi: Fix memory leak on failure - kern/efi/mm: Fix possible NULL pointer dereference - gnulib/regexec: Resolve unused variable - gnulib/regcomp: Fix uninitialized token structure - gnulib/argp-help: Fix dereference of a possibly NULL state - gnulib/regexec: Fix possible null-dereference - gnulib/regcomp: Fix uninitialized re_token - io/lzopio: Resolve unnecessary self-assignment errors - kern/partition: Check for NULL before dereferencing input string - disk/ldm: Make sure comp data is freed before exiting from make_vg() - disk/ldm: If failed then free vg variable too - disk/ldm: Fix memory leak on uninserted lv references - disk/cryptodisk: Fix potential integer overflow - hfsplus: Check that the volume name length is valid - zfs: Fix possible negative shift operation - zfs: Fix resource leaks while constructing path - zfs: Fix possible integer overflows - zfsinfo: Correct a check for error allocating memory - affs: Fix memory leaks - libgcrypt/mpi: Fix possible unintended sign extension - libgcrypt/mpi: Fix possible NULL dereference - syslinux: Fix memory leak while parsing - normal/completion: Fix leaking of memory when processing a completion - commands/hashsum: Fix a memory leak - video/efi_gop: Remove unnecessary return value of grub_video_gop_fill_mode_info() - video/fb/fbfill: Fix potential integer overflow - video/fb/video_fb: Fix multiple integer overflows - video/fb/video_fb: Fix possible integer overflow - video/readers/jpeg: Test for an invalid next marker reference from a jpeg file - gfxmenu/gui_list: Remove code that coverity is flagging as dead - loader/bsd: Check for NULL arg up-front - loader/xnu: Fix memory leak - loader/xnu: Free driverkey data when an error is detected in grub_xnu_writetree_toheap() - loader/xnu: Check if pointer is NULL before using it - util/grub-install: Fix NULL pointer dereferences - util/grub-editenv: Fix incorrect casting of a signed value - util/glue-efi: Fix incorrect use of a possibly negative value - script/execute: Fix NULL dereference in grub_script_execute_cmdline() - commands/ls: Require device_name is not NULL before printing - script/execute: Avoid crash when using "$#" outside a function scope - CVE-2021-20225: lib/arg: Block repeated short options that require an argument - script/execute: Don't crash on a "for" loop with no items - CVE-2021-20233: commands/menuentry: Fix quoting in setparams_prefix() - kern/misc: Always set *end in grub_strtoull() - video/readers/jpeg: Catch files with unsupported quantization or Huffman tables - video/readers/jpeg: Catch OOB reads/writes in grub_jpeg_decode_du() - video/readers/jpeg: Don't decode data before start of stream - term/gfxterm: Don't set up a font with glyphs that are too big - fs/fshelp: Catch impermissibly large block sizes in read helper - fs/hfsplus: Don't fetch a key beyond the end of the node - fs/hfsplus: Don't use uninitialized data on corrupt filesystems - fs/hfs: Disable under lockdown - fs/sfs: Fix over-read of root object name - fs/jfs: Do not move to leaf level if name length is negative - fs/jfs: Limit the extents that getblk() can consider - fs/jfs: Catch infinite recursion - fs/nilfs2: Reject too-large keys - fs/nilfs2: Don't search children if provided number is too large - fs/nilfs2: Properly bail on errors in grub_nilfs2_btree_node_lookup() - io/gzio: Bail if gzio->tl/td is NULL - io/gzio: Add init_dynamic_block() clean up if unpacking codes fails - io/gzio: Catch missing values in huft_build() and bail - io/gzio: Zero gzio->tl/td in init_dynamic_block() if huft_build() fails - disk/lvm: Don't go beyond the end of the data we read from disk - disk/lvm: Don't blast past the end of the circular metadata buffer - disk/lvm: Bail on missing PV list - disk/lvm: Do not crash if an expected string is not found - disk/lvm: Do not overread metadata - disk/lvm: Sanitize rlocn->offset to prevent wild read - disk/lvm: Do not allow a LV to be it's own segment's node's LV - kern/parser: Fix a memory leak - kern/parser: Introduce process_char() helper - kern/parser: Introduce terminate_arg() helper - kern/parser: Refactor grub_parser_split_cmdline() cleanup - kern/buffer: Add variable sized heap buffer - CVE-2020-27749: kern/parser: Fix a stack buffer overflow - kern/efi: Add initial stack protector implementation - util/mkimage: Remove unused code to add BSS section - util/mkimage: Use grub_host_to_target32() instead of grub_cpu_to_le32() - util/mkimage: Always use grub_host_to_target32() to initialize PE stack and heap stuff - util/mkimage: Unify more of the PE32 and PE32+ header set-up - util/mkimage: Reorder PE optional header fields set-up - util/mkimage: Improve data_size value calculation - util/mkimage: Refactor section setup to use a helper - util/mkimage: Add an option to import SBAT metadata into a .sbat section - grub-install-common: Add --sbat option - kern/misc: Split parse_printf_args() into format parsing and va_list handling - kern/misc: Add STRING type for internal printf() format handling - kern/misc: Add function to check printf() format against expected format - gfxmenu/gui: Check printf() format in the gui_progress_bar and gui_label - kern/mm: Fix grub_debug_calloc() compilation error * Add SBAT section (thanks, Chris Coulson). hwloc-contrib (1.11.12-3+deb10u1) buster; urgency=medium . * control: Enable build on ppc64el with libcuda1 build-dep disabled. * patches/cuda-ppc64el: Upstream fix for cudart test that does not actually need libcuda1. intel-microcode (3.20210216.1~deb10u1) buster; urgency=medium . * RELEASE MANAGER INFORMATION: this update mitigates an extra security issue on a few processors, as described in 3.20210216.1 changelog. It has zero reports of regressions when compared with 3.20201118.1~deb10u1 thus it is a safe stable update. * Rebuild for buster, keeping all changes to avoid regressions present in 3.20201118.1~deb10u1. . intel-microcode (3.20210216.1) unstable; urgency=medium . * New upstream microcode datafile 20210216 * Mitigates an issue on Skylake Server (H0/M0/U0), Xeon-D 21xx, and Cascade Lake Server (B0/B1) when using an active JTAG agent like In Target Probe (ITP), Direct Connect Interface (DCI) or a Baseboard Management Controller (BMC) to take the CPU JTAG/TAP out of reset and then returning it to reset. * This issue is related to the INTEL-SA-00381 mitigation. * Updated Microcodes: sig 0x00050654, pf_mask 0xb7, 2020-12-31, rev 0x2006a0a, size 36864 sig 0x00050656, pf_mask 0xbf, 2020-12-31, rev 0x4003006, size 53248 sig 0x00050657, pf_mask 0xbf, 2020-12-31, rev 0x5003006, size 53248 * source: update symlinks to reflect id of the latest release, 20210216 intel-microcode (3.20201118.1) unstable; urgency=medium . * New upstream microcode datafile 20201118 * Removes a faulty microcode update from release 2020-11-10 for Tiger Lake processors. Note that Debian already had removed this specific falty microcode update on the 3.20201110.1 release * Add a microcode update for the Pentium Silver N/J5xxx and Celeron N/J4xxx which didn't make it to release 20201110, fixing security issues (INTEL-SA-00381, INTEL-SA-00389) * Updated Microcodes: sig 0x000706a1, pf_mask 0x01, 2020-06-09, rev 0x0034, size 74752 * Removed Microcodes: sig 0x000806c1, pf_mask 0x80, 2020-10-02, rev 0x0068, size 107520 iputils (3:20180629-2+deb10u2) buster; urgency=medium . * Backport upstream fix for ping rounding errors (Closes: #920434) * Backport upstream fix for tracepath target corruption (Closes: #976277) jquery (3.3.1~dfsg-3+deb10u1) buster; urgency=high . * Non-maintainer upload by the LTS Team. * Prevent untrusted code execution when passing untrusted HTML to DOM manipulation methods. (CVE-2020-11022) * Prevent untrusted code execution when passing HTML containing <option> elements to DOM manipulation methods. (CVE-2020-11023) libbsd (0.9.1-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. * CVE-2019-20367 A non-NUL terminated symbol name in the string table might result in a out-of-bounds read. libpano13 (2.9.19+dfsg-3+deb10u1) buster; urgency=medium . * 850_f02459498cb4_Prevent_string_vulnerability_by_refusing.diff cherry-picked from 2.9.20 rc3: Fixes format string bug, passing along format strings in user specified output filename to printf. Closes: #985249 libreoffice (1:6.1.5-3+deb10u7) buster; urgency=medium . * debian/patches/fix-PYTHONPATH.diff: backport upstream fix to not leave a bare trailing : in PYTHONPATH as it causes unconditional loading of encodings.py from . (closes: #984703) libzstd (1.3.8+dfsg-3+deb10u2) buster-security; urgency=high . * Team upload. * The previous fix-file-permissions-on-compression.patch almost closed the window of the race condition, but not completely. This patch, adapted from upstream, 0017-fix-file-permissions-on-compression.patch, replaces the previous attempt by erasing the umask before opening the destination file. Closes: #982519 libzstd (1.3.8+dfsg-3+deb10u1) buster-security; urgency=high . * Team upload. * When a file with restricted permissions is compressed, the resulting file inherits the umask of the user for the time of the compression. This will usually lead to surprising and too relaxed permissions. This update adds fix-file-permissions-on-compression.patch to make sure the compressed file is not group or world readable for the duration of the compression. Closes: #981404 linux (4.19.181-1) buster; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.178 - HID: make arrays usage and value to be the same - USB: quirks: sort quirk entries - usb: quirks: add quirk to start video capture on ELMO L-12F document camera reliable - block: add helper for checking if queue is registered - block: split .sysfs_lock into two locks - block: fix race between switching elevator and removing queues - block: don't release queue's sysfs lock during switching elevator - NET: usb: qmi_wwan: Adding support for Cinterion MV31 - cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath. - jump_label/lockdep: Assert we hold the hotplug lock for _cpuslocked() operations - locking/static_key: Fix false positive warnings on concurrent dec/inc - vmlinux.lds.h: add DWARF v5 sections - [arm64] PCI: qcom: Use PHY_REFCLK_USE_PAD only for ipq8064 - bfq: Avoid false bfq queue merging - ALSA: usb-audio: Fix PCM buffer allocation in non-vmalloc mode - [mips*] vmlinux.lds.S: add missing PAGE_ALIGNED_DATA() section - random: fix the RNDRESEEDCRNG ioctl - [arm64] Bluetooth: btqcomsmd: Fix a resource leak in error handling paths in the probe function - Bluetooth: Fix initializing response id after clearing struct - [armhf] dts: exynos: correct PMIC interrupt trigger level on Spring - [armhf] dts: exynos: correct PMIC interrupt trigger level on Arndale Octa - bpf: Avoid warning when re-casting __bpf_call_base into __bpf_call_base_args - [arm64] dts: allwinner: A64: properly connect USB PHY to port 0 - [arm64] dts: allwinner: A64: Limit MMC2 bus frequency to 150 MHz - ACPICA: Fix exception code class checks - usb: gadget: u_audio: Free requests only after callback - Bluetooth: drop HCI device reference before return - Bluetooth: Put HCI device if inquiry procedure interrupts - [arm*] usb: dwc2: Do not update data length if it is 0 on inbound transfers - [arm*] usb: dwc2: Abort transaction after errors with unknown reason - [arm*] usb: dwc2: Make "trimming xfer length" a debug message - staging: rtl8723bs: wifi_regd.c: Fix incorrect number of regulatory rules - [armhf] dts: armada388-helios4: assign pinctrl to LEDs - [armhf] dts: armada388-helios4: assign pinctrl to each fan - bpf_lru_list: Read double-checked variable once without lock - bnxt_en: reverse order of TX disable and carrier off - xen/netback: fix spurious event detection for common event case - mac80211: fix potential overflow when multiplying to u32 integers - bpf: Fix bpf_fib_lookup helper MTU check for SKB ctx - tcp: fix SO_RCVLOWAT related hangs under mem pressure - cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in cxgb4 and ulds - b43: N-PHY: Fix the update of coef for the PHY revision >= 3case - [amd64,arm64] net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout - [amd64,arm64] net: amd-xgbe: Fix NETDEV WATCHDOG transmit queue timeout warning - [amd64,arm64] net: amd-xgbe: Reset link when the link never comes back - [amd64,arm64] net: amd-xgbe: Fix network fluctuations when using 1G BELFUSE SFP - [arm64,armhf] net: mvneta: Remove per-cpu queue mapping for Armada 3700 - [x86] drm/gma500: Fix error return code in psb_driver_load() - [x86] gma500: clean up error handling in init - [armhf] crypto: sun4i-ss - fix kmap usage - [mips*] c-r4k: Fix section mismatch for loongson2_sc_init - media: em28xx: Fix use-after-free in em28xx_alloc_urbs - media: media/pci: Fix memleak in empress_init - [x86] media: tm6000: Fix memleak in tm6000_start_stream - media: lmedm04: Fix misuse of comma - media: qm1d1c0042: fix error return code in qm1d1c0042_init() - media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values - f2fs: fix to avoid inconsistent quota data - drm/amdgpu: Prevent shift wrapping in amdgpu_read_mask() - [x86] Drivers: hv: vmbus: Avoid use-after-free in vmbus_onoffer_rescind() - btrfs: clarify error returns values in __load_free_space_cache - crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key() - fs/jfs: fix potential integer overflow on shift of a int - jffs2: fix use after free in jffs2_sum_write_data() - capabilities: Don't allow writing ambiguous v3 file capabilities - [arm64,armhf] clk: meson: clk-pll: fix initializing the old rate (fallback) for a PLL - quota: Fix memory leak when handling corrupted quota file - [arm64] clk: sunxi-ng: h6: Fix CEC clock - HID: core: detect and skip invalid inputs to snto32() - fdt: Properly handle "no-map" field in the memory region - of/fdt: Make sure no-map does not remove already reserved regions - RDMA/mlx5: Use the correct obj_id upon DEVX TIR creation - [arm64] clk: sunxi-ng: h6: Fix clock divider range on some clocks - [arm64,armhf] regulator: axp20x: Fix reference cout leak - certs: Fix blacklist flag type confusion - [armhf] regulator: s5m8767: Drop regulators OF node reference - isofs: release buffer head before return - IB/umad: Return EIO in case of when device disassociated - IB/umad: Return EPOLLERR in case of when device disassociated - [ppc64el] KVM: Make the VMX instruction emulation routines static - [armel,armhf] 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores - [arm*] amba: Fix resource leak for drivers without .remove - tracepoint: Do not fail unregistering a probe due to memory failure - perf tools: Fix DSO filtering when not finding a map for a sampled address - RDMA/rxe: Fix coding error in rxe_recv.c - RDMA/rxe: Correct skb on loopback path - [powerpc*] pseries/dlpar: handle ibm, configure-connector delay status - [amd64] spi: pxa2xx: Fix the controller numbering for Wildcat Point - Input: sur40 - fix an error code in sur40_probe() - perf intel-pt: Fix missing CYC processing in PSB - Input: elo - fix an error code in elo_connect() - [arm64,armhf] pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare() - [x86] VMCI: Use set_page_dirty_lock() when unregistering guest memory - PCI: Align checking of syscall user config accessors - [arm64] drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY) - ext4: fix potential htree index checksum corruption - i40e: Fix flow for IPv6 next header (extension header) - i40e: Add zero-initialization of AQ command structures - i40e: Fix overwriting flow control settings during driver loading - i40e: Fix VFs not created - i40e: Fix add TC filter for IPv6 - net/mlx4_core: Add missed mlx4_free_cmd_mailbox() - vxlan: move debug check after netdev unregister - ocfs2: fix a use after free on error - mm/memory.c: fix potential pte_unmap_unlock pte error - mm/hugetlb: fix potential double free in hugetlb_register_node() error path - r8169: fix jumbo packet handling on RTL8168e - [arm64] Add missing ISB after invalidating TLB in __primary_switch - mm/rmap: fix potential pte_unmap on an not mapped pte - blk-settings: align max_sectors on "logical_block_size" boundary - ACPI: property: Fix fwnode string properties matching - HID: wacom: Ignore attempts to overwrite the touch_max value from HID - Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox Series X|S - Input: joydev - prevent potential read overflow in ioctl - USB: serial: option: update interface mapping for ZTE P685M - [arm64,armhf] usb: musb: Fix runtime PM race in musb_queue_resume_work - [arm64,armhf] usb: dwc3: gadget: Fix setting of DEPCFG.bInterval_m1 - [arm64,armhf] usb: dwc3: gadget: Fix dep->interval for fullspeed interrupt - USB: serial: ftdi_sio: fix FTX sub-integer prescaler - USB: serial: mos7840: fix error code in mos7840_write() - USB: serial: mos7720: fix error code in mos7720_write() - ALSA: hda/realtek: modify EAPD in the ALC886 - tpm_tis: Fix check_locality for correct locality acquisition - tpm_tis: Clean up locality release - KEYS: trusted: Fix migratable=1 failing - btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root - btrfs: fix reloc root leak with 0 ref reloc roots on recovery - btrfs: fix extent buffer leak on failure to copy root - [arm64] crypto: arm64/sha - add missing module aliases - [armhf] crypto: sun4i-ss - checking sg length is not sufficient - [armhf] crypto: sun4i-ss - handle BigEndian for cipher - seccomp: Add missing return in non-void function - misc: rtsx: init of rts522a add OCP power off when no card is present - [x86] drivers/misc/vmw_vmci: restrict too big queue size in qp_host_alloc_queue - staging: rtl8188eu: Add Edimax EW-7811UN V2 to device table - [x86] reboot: Force all cpus to exit VMX root if VMX is supported - floppy: reintroduce O_NDELAY fix - [arm64] uprobe: Return EOPNOTSUPP for AARCH32 instruction probing - [x86] watchdog: mei_wdt: request stop on unregister - [arm64] mtd: spi-nor: hisi-sfc: Put child node np on error path - fs/affs: release old buffer head on error path - seq_file: document how per-entry resources are managed. - [x86] fix seq_file iteration for pat/memtype.c - hugetlb: fix copy_huge_page_from_user contig page struct assumption - libnvdimm/dimm: Avoid race between probe and available_slots_show() - [arm64] Extend workaround for erratum 1024718 to all versions of Cortex-A55 - module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols - [armhf] mmc: sdhci-esdhc-imx: fix kernel panic when remove module - [armhf] gpio: pcf857x: Fix missing first interrupt - printk: fix deadlock when kernel panic - [x86] cpufreq: intel_pstate: Get per-CPU max freq via MSR_HWP_CAPABILITIES if available - f2fs: fix out-of-repair __setattr_copy() - gfs2: Don't skip dlm unlock if glock has an lvb - dm: fix deadlock when swapping to encrypted device - dm era: Recover committed writeset after crash - dm era: Verify the data block size hasn't changed - dm era: Fix bitset memory leaks - dm era: Use correct value size in equality function of writeset tree - dm era: Reinitialize bitset cache before digesting a new writeset - dm era: only resize metadata in preresume - icmp: introduce helper for nat'd source address in network device context - icmp: allow icmpv6_ndo_send to work with CONFIG_IPV6=n - gtp: use icmp_ndo_send helper - xfrm: interface: use icmp_ndo_send helper - ipv6: icmp6: avoid indirect call for icmpv6_send() - ipv6: silence compilation warning for non-IPV6 builds - net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending - dm era: Update in-core bitset after committing the metadata https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.179 - net: usb: qmi_wwan: support ZTE P685M modem - hugetlb: fix update_and_free_page contig page struct assumption - drm/virtio: use kvmalloc for large allocations - [s390x] virtio/s390: implement virtio-ccw revision 2 correctly - [arm64] module: set plt* section addresses to 0x0 - [arm64] Avoid redundant type conversions in xchg() and cmpxchg() - [arm64] cmpxchg: Use "K" instead of "L" for ll/sc immediate constraint - [arm64] Use correct ll/sc atomic constraints - JFS: more checks for invalid superblock - udlfb: Fix memory leak in dlfb_usb_probe - media: mceusb: sanity check for prescaler value - xfs: Fix assert failure in xfs_setattr_size() - net: fix up truesize of cloned skb in skb_prepare_for_shift() - mm/hugetlb.c: fix unnecessary address expansion of pmd sharing - net: bridge: use switchdev for port flags set through sysfs too - dt-bindings: net: btusb: DT fix s/interrupt-name/interrupt-names/ - rsi: Fix TX EAPOL packet handling against iwlwifi AP - rsi: Move card interrupt handling to RX thread - [x86] reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk - vt/consolemap: do font sum unsigned - [arm64,armhf] wlcore: Fix command execute failure 19 for wl12xx - Bluetooth: hci_h5: Set HCI_QUIRK_SIMULTANEOUS_DISCOVERY for btrtl - pktgen: fix misuse of BUG_ON() in pktgen_thread_worker() - ath10k: fix wmi mgmt tx queue full due to race condition - [x86] build: Treat R_386_PLT32 relocation as R_386_PC32 - Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data - crypto: tcrypt - avoid signed overflow in byte count - PCI: Add a REBAR size quirk for Sapphire RX 5600 XT Pulse - media: uvcvideo: Allow entities with no pads - f2fs: handle unallocated section and zone on pinned/atgc - f2fs: fix to set/clear I_LINKABLE under i_lock - btrfs: fix error handling in commit_fs_roots - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Estar Beauty HD MID 7316R tablet - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Voyo Winpad A15 tablet - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Acer One S1002 tablet - scsi: iscsi: Restrict sessions and handles to admin capabilities (CVE-2021-27363, CVE-2021-27364) - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (CVE-2021-27365) - scsi: iscsi: Verify lengths on passthrough PDUs (CVE-2021-27365) - Xen/gnttab: handle p2m update errors on a per-slot basis (CVE-2021-28038) - xen-netback: respect gnttab_map_refs()'s return value (CVE-2021-28038) - zsmalloc: account the number of compacted pages correctly - swap: fix swapfile read/write offset - media: v4l: ioctl: Fix memory leak in video_usercopy - ALSA: hda/realtek: Add quirk for Clevo NH55RZQ - ALSA: hda/realtek: Apply dual codec quirks for MSI Godlike X570 board https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.180 - btrfs: raid56: simplify tracking of Q stripe presence - btrfs: fix raid6 qstripe kmap - btrfs: validate qgroup inherit for SNAP_CREATE_V2 ioctl - btrfs: free correct amount of space in btrfs_delayed_inode_reserve_metadata - btrfs: unlock extents in btrfs_zero_range in case of quota reservation errors - PM: runtime: Update device status before letting suppliers suspend - dm bufio: subtract the number of initial sectors in dm_bufio_get_device_size - drm/amdgpu: fix parameter error of RREG32_PCIE() in amdgpu_regs_pcie - usbip: tools: fix build error for multiple definition - Revert "zram: close udev startup race condition as default groups" - block: genhd: add 'groups' argument to device_add_disk - nvme: register ns_id attributes as default sysfs groups - aoe: register default groups with device_add_disk() - zram: register default groups with device_add_disk() - virtio-blk: modernize sysfs attribute creation - ALSA: ctxfi: cthw20k2: fix mask on conf to allow 4 bits - rsxx: Return -EFAULT if copy_to_user() fails - r8169: fix resuming from suspend on RTL8105e if machine runs on battery - [arm64,armhf] net: dsa: add GRO support via gro_cells - dm table: fix iterate_devices based device capability checks - dm table: fix DAX iterate_devices based device capability checks - dm table: fix zoned iterate_devices based device capability checks - [amd64] iommu/amd: Fix sleeping in atomic in increase_address_space() - mwifiex: pcie: skip cancel_work_sync() on reset failure path - [x86] platform/x86: acer-wmi: Cleanup ACER_CAP_FOO defines - [x86] platform/x86: acer-wmi: Cleanup accelerometer device handling - [x86] platform/x86: acer-wmi: Add new force_caps module parameter - [x86] platform/x86: acer-wmi: Add ACER_CAP_SET_FUNCTION_MODE capability flag - [x86] platform/x86: acer-wmi: Add support for SW_TABLET_MODE on Switch devices - [x86] platform/x86: acer-wmi: Add ACER_CAP_KBD_DOCK quirk for the Aspire Switch 10E SW3-016 - HID: mf: add support for 0079:1846 Mayflash/Dragonrise USB Gamecube Adapter - media: cx23885: add more quirks for reset DMA on some AMD IOMMU - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for ARCHOS Cesium 140 - PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller - misc: eeprom_93xx46: Add quirk to support Microchip 93LC46B eeprom - [arm64] drm/msm/a5xx: Remove overwriting A5XX_PC_DBG_ECO_CNTL register https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.181 - uapi: nfnetlink_cthelper.h: fix userspace compilation error - ethernet: alx: fix order of calls on resume (Closes: #983595) - ath9k: fix transmitting to stations in dynamic SMPS mode - net: Fix gro aggregation for udp encaps with zero csum - net: Introduce parse_protocol header_ops callback - can: skb: can_skb_set_owner(): fix ref counting if socket was closed before setting skb ownership - [armhf] can: flexcan: assert FRZ bit in flexcan_chip_freeze() - [armhf] can: flexcan: enable RX FIFO after FRZ/HALT valid - netfilter: x_tables: gpf inside xt_find_revision() - mt76: dma: do not report truncated frames to mac80211 - tcp: annotate tp->copied_seq lockless reads - tcp: annotate tp->write_seq lockless reads - tcp: add sanity tests to TCP_QUEUE_SEQ - cifs: return proper error code in statfs(2) - scripts/recordmcount.{c,pl}: support -ffunction-sections .text.* section names - Revert "mm, slub: consider rest of partial list if acquire_slab() fails" - net: check if protocol extracted by virtio_net_hdr_set_proto is correct - net: avoid infinite loop in mpls_gso_segment when mpls_hlen == 0 - net/mlx4_en: update moderation when config reset - [arm64,armhf] net: stmmac: fix incorrect DMA channel intr enable setting of EQoS v4.10 - net: sched: avoid duplicates in classes dump - net: usb: qmi_wwan: allow qmimux add/del with master up - [arm64,armhf] net: stmmac: stop each tx channel independently - [arm64,armhf] net: stmmac: fix watchdog timeout during suspend/resume stress test - drm/compat: Clear bounce structures - [arm64] drm: meson_drv add shutdown function - media: usbtv: Fix deadlock on suspend - net: phy: fix save wrong speed and duplex problem if autoneg is on - udf: fix silent AED tagLocation corruption - [powerpc*] pci: Add ppc_md.discover_phbs() - [powerpc*] improve handling of unrecoverable system reset - [powerpc*] perf: Record counter overflow always if SAMPLE_IP is unset - [arm64] PCI: xgene-msi: Fix race in installing chained irq handler - PCI: Fix pci_register_io_range() memory leak - i40e: Fix memory leak in i40e_probe - [s390x] smp: __smp_rescan_cpus() - move cpumask away from stack - scsi: libiscsi: Fix iscsi_prep_scsi_cmd_pdu() error handling - scsi: target: core: Add cmd length set before cmd complete - scsi: target: core: Prevent underflow for service actions - ALSA: usb: Add Plantronics C320-M USB ctrl msg delay quirk - ALSA: hda/hdmi: Cancel pending works before suspend - ALSA: hda: Drop the BATCH workaround for AMD controllers - ALSA: hda: Avoid spurious unsol event handling during S3/S4 - ALSA: usb-audio: Fix "cannot get freq eq" errors on Dell AE515 sound bar - ALSA: usb-audio: Apply the control quirk to Plantronics headsets - Revert 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file capabilities") - [s390x] dasd: fix hanging DASD driver unbind - [s390x] dasd: fix hanging IO request during DASD driver unbind - mmc: core: Fix partition switch time for eMMC - mmc: cqhci: Fix random crash when remove mmc module/card - Goodix Fingerprint device is not a modem - USB: gadget: u_ether: Fix a configfs return code - usb: gadget: f_uac2: always increase endpoint max_packet_size by one audio slot - usb: gadget: f_uac1: stop playback on function disable - [arm64] usb: dwc3: qcom: Honor wakeup enabled/disabled state - USB: usblp: fix a hang in poll() if disconnected - xhci: Improve detection of device initiated wake signal. - usb: xhci: Fix ASMedia ASM1042A and ASM3242 DMA addressing - USB: serial: io_edgeport: fix memory leak in edge_startup - USB: serial: ch341: add new Product ID - USB: serial: cp210x: add ID for Acuity Brands nLight Air Adapter - USB: serial: cp210x: add some more GE USB IDs - usbip: fix stub_dev to check for stream socket - usbip: fix vhci_hcd to check for stream socket - usbip: fix vudc to check for stream socket - usbip: fix stub_dev usbip_sockfd_store() races leading to gpf - usbip: fix vhci_hcd attach_store() races leading to gpf - usbip: fix vudc usbip_sockfd_store races leading to gpf - [x86] staging: rtl8192u: fix ->ssid overflow in r8192_wx_set_scan() - staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() (CVE-2021-28660) - staging: rtl8712: unterminated string leads to read overflow - staging: rtl8188eu: fix potential memory corruption in rtw_check_beacon_data() - staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd - [x86] staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan - [x86] staging: comedi: addi_apci_1032: Fix endian problem for COS sample - [x86] staging: comedi: addi_apci_1500: Fix endian problem for command sample - [x86] staging: comedi: adv_pci1710: Fix endian problem for AI command data - [i386] staging: comedi: das6402: Fix endian problem for AI command data - [i386] staging: comedi: das800: Fix endian problem for AI command data - [i386] staging: comedi: dmm32at: Fix endian problem for AI command data - [x86] staging: comedi: me4000: Fix endian problem for AI command data - [i386] staging: comedi: pcl711: Fix endian problem for AI command data - [i386] staging: comedi: pcl818: Fix endian problem for AI command data - NFSv4.2: fix return value of _nfs4_get_security_label() - block: rsxx: fix error return code of rsxx_pci_probe() - configfs: fix a use-after-free in __configfs_open_file - hrtimer: Update softirq_expires_next correctly after __hrtimer_get_next_event() - stop_machine: mark helpers __always_inline - include/linux/sched/mm.h: use rcu_dereference in in_vfork() - [powerpc*] 64s: Fix instruction encoding for lis in ppc_function_entry() - binfmt_misc: fix possible deadlock in bm_register_write - [amd64] x86/unwind/orc: Disable KASAN checking in the ORC unwinder, part 2 - hwmon: (lm90) Fix max6658 sporadic wrong temperature reading - [arm64] KVM: Fix exclusive limit for IPA size - xen/events: reset affinity of 2-level event when tearing it down - xen/events: don't unmask an event channel when an eoi is pending - xen/events: avoid handling the same event on two cpus at the same time . [ Salvatore Bonaccorso ] * Bump ABI to 16 * ext4: check journal inode extents more carefully (CVE-2021-3428) * bpf: Prohibit alu ops for pointer types not defining ptr_limit (CVE-2020-27170) * bpf: Fix off-by-one for area size in creating mask to left (CVE-2020-27171) * bpf: Simplify alu_limit masking for pointer arithmetic * bpf: Add sanity check for upper ptr_limit linux (4.19.177-1) buster; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.172 - tools: Factor HOSTCC, HOSTLD, HOSTAR definitions - dm integrity: conditionally disable "recalculate" feature - writeback: Drop I_DIRTY_TIME_EXPIRE - fs: fix lazytime expiration handling in __writeback_single_inode() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.173 - nbd: freeze the queue while we're adding connections (CVE-2021-3348) - ACPI: sysfs: Prefer "compatible" modalias - kernel: kexec: remove the lock operation of system_transition_mutex - xen/privcmd: allow fetching resource sizes - ALSA: hda/via: Apply the workaround generically for Clevo machines - media: rc: ensure that uevent can be read directly after rc device register - wext: fix NULL-ptr-dereference with cfg80211's lack of commit() - net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family - PM: hibernate: flush swap writer after marking - [x86] KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in intel_arch_events[] - [x86] KVM: get smi pending status correctly - leds: trigger: fix potential deadlock with libata - mt7601u: fix kernel crash unplugging the device - mt7601u: fix rx buffer refcounting - xen-blkfront: allow discard-* nodes to be optional - [armhf] imx: build suspend-imx6.S with arm instruction set - netfilter: nft_dynset: add timeout extension to template - xfrm: Fix oops in xfrm_replay_advance_bmp - xfrm: fix disable_xfrm sysctl when used on xfrm interfaces - RDMA/cxgb4: Fix the reported max_recv_sge value - pNFS/NFSv4: Fix a layout segment leak in pnfs_layout_process() - iwlwifi: pcie: use jiffies for memory read spin time limit - iwlwifi: pcie: reschedule in long-running memory reads - mac80211: pause TX while changing interface type - net/mlx5: Fix memory leak on flow table creation error flow - can: dev: prevent potential information leak in can_fill_info() - [amd64] iommu/vt-d: Gracefully handle DMAR units with no supported address widths - [amd64] iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not built - rxrpc: Fix memory leak in rxrpc_lookup_local - NFC: fix resource leak when target index is invalid - NFC: fix possible resource leak - team: protect features update by RCU to avoid deadlock - tcp: fix TLP timer not set when CA_STATE changes from DISORDER to OPEN https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.174 - [armhf] net: dsa: bcm_sf2: put device node before return - ACPI: thermal: Do not call acpi_thermal_check() directly - sysctl: handle overflow in proc_get_long - net_sched: gen_estimator: support large ewma log - [x86] platform/x86: intel-vbtn: Support for tablet mode on Dell Inspiron 7352 - [x86] __always_inline __{rd,wr}msr() - scsi: scsi_transport_srp: Don't block target in failfast state - scsi: libfc: Avoid invoking response handler twice if ep is already completed - mac80211: fix fast-rx encryption check - [ppc64el] scsi: ibmvfc: Set default timeout to avoid crash during migration - objtool: Don't fail on missing symbol table - kthread: Extract KTHREAD_IS_PER_CPU - workqueue: Restrict affinity change to rescuer https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.175 - USB: serial: cp210x: add pid/vid for WSDA-200-USB - USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000 - USB: serial: option: Adding support for Cinterion MV31 - Input: i8042 - unbreak Pegatron C15B - rxrpc: Fix deadlock around release of dst cached on udp tunnel - net: lapb: Copy the skb before sending a packet - [arm64,armhf] net: mvpp2: TCAM entry enable should be written after SRAM data - memblock: do not start bottom-up allocations with kernel_end - USB: gadget: legacy: fix an error code in eth_bind() - USB: usblp: don't call usb_set_interface if there's a single alt - [arm*] usb: dwc2: Fix endpoint direction check in ep_from_windex - [arm64,armhf] usb: dwc3: fix clock issue during resume in OTG mode - ovl: fix dentry leak in ovl_get_redirect - mac80211: fix station rate table updates on assoc - kretprobe: Avoid re-registration of the same kretprobe earlier - genirq/msi: Activate Multi-MSI early when MSI_FLAG_ACTIVATE_EARLY is set - xhci: fix bounce buffer usage for non-sg list case - cifs: report error instead of invalid when revalidating a dentry fails - smb3: Fix out-of-bounds bug in SMB2_negotiate() - mmc: core: Limit retries when analyse of SDIO tuples fails - nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs - [x86] KVM: SVM: Treat SVM as unsupported when running as an SEV guest - mm: hugetlbfs: fix cannot migrate the fallocated HugeTLB page - mm: hugetlb: fix a race between freeing and dissolving the page - mm: hugetlb: fix a race between isolating and freeing page - mm: hugetlb: remove VM_BUG_ON_PAGE from page_huge_active - mm: thp: fix MADV_REMOVE deadlock on shmem THP - [x86] build: Disable CET instrumentation in the kernel - [x86] apic: Add extra serialization for non-serializing MSRs - Input: xpad - sync supported devices with fork on GitHub - [amd64] iommu/vt-d: Do not use flush-queue when caching-mode is on - md: Set prev_flush_start and flush_bio in an atomic way - net: ip_tunnel: fix mtu calculation - [arm64,armhf] net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.176 - tracing/kprobe: Fix to support kretprobe events on unloaded modules - block: fix NULL pointer dereference in register_disk - fgraph: Initialize tracing_graph_pause at task creation - af_key: relax availability checks for skb size calculation - regulator: core: avoid regulator_resolve_supply() race condition - pNFS/NFSv4: Try to return invalid layout in pnfs_layout_process() - iwlwifi: pcie: add a NULL check in iwl_pcie_txq_unmap - iwlwifi: pcie: fix context info memory leak - iwlwifi: mvm: guard against device removal in reprobe - SUNRPC: Move simple_get_bytes and simple_get_netobj into private header - SUNRPC: Handle 0 length opaque XDR object data properly - lib/string: Add strscpy_pad() function - include/trace/events/writeback.h: fix -Wstringop-truncation warnings - memcg: fix a crash in wb_workfn when a device disappears - [x86] Fix unsynchronized access to sev members through svm_register_enc_region - block: don't hold q->sysfs_lock in elevator_init_mq - blk-mq: don't hold q->sysfs_lock in blk_mq_map_swqueue - squashfs: add more sanity checks in id lookup - squashfs: add more sanity checks in inode lookup - squashfs: add more sanity checks in xattr id lookup - regulator: core: enable power when setting up constraints - regulator: core: Clean enabling always-on regulators + their supplies - regulator: Fix lockdep warning resolving supplies https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.177 - tracing: Do not count ftrace events in top level enable output - tracing: Check length before giving out the filter buffer - [armhf] xen: Don't probe xenbus as part of an early initcall - [x86] platform/x86: hp-wmi: Disable tablet-mode reporting by default - ovl: perform vfs_getxattr() with mounter creds - cap: fix conversions on getxattr - ovl: skip getxattr of security labels - bfq-iosched: Revert "bfq: Fix computation of shallow depth" - [armel,armhf] ensure the signal page contains defined contents - [armel,armhf] kexec: fix oops after TLB are invalidated - mt76: dma: fix a possible memory leak in mt76_add_fragment() - bpf: Check for integer overflow when using roundup_pow_of_two() - netfilter: xt_recent: Fix attempt to update deleted entry - netfilter: flowtable: fix tcp and udp header checksum update - xen/netback: avoid race in xenvif_rx_ring_slots_available() - [arm64,armhf] net: stmmac: set TxQ mode back to DCB after disabling CBS - netfilter: conntrack: skip identical origin tuple in same zone only - [arm64] net: hns3: add a check for queue_id in hclge_reset_vf_queue() - [arm64] usb: dwc3: ulpi: fix checkpatch warning - [arm64] usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one - net: fix iteration for sctp transport seq_files - net/vmw_vsock: improve locking in vsock_connect_timeout() - net: watchdog: hold device global xmit lock during tx disable - vsock/virtio: update credit only if socket is not closed - vsock: fix locking in vsock_shutdown() - net/rds: restrict iovecs length for RDS_CMSG_RDMA_ARGS - ovl: expand warning in ovl_d_real() - [x86] KVM: SEV: fix double locking due to incorrect backport - [x86] Xen/x86: don't bail early from clear_foreign_p2m_mapping() (CVE-2021-26932) - [x86] Xen/x86: also check kernel mapping in set_foreign_p2m_mapping() (CVE-2021-26932) - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages() (CVE-2021-26932) - Xen/gntdev: correct error checking in gntdev_map_grant_pages() (CVE-2021-26932) - [armhf] xen/arm: don't ignore return errors from set_phys_to_machine (CVE-2021-26932) - xen-blkback: don't "handle" error by BUG() (CVE-2021-26931) - xen-netback: don't "handle" error by BUG() (CVE-2021-26931) - xen-scsiback: don't "handle" error by BUG() (CVE-2021-26931) - xen-blkback: fix error handling in xen_blkbk_map() (CVE-2021-26930) - scsi: qla2xxx: Fix crash during driver load on big endian machines - kvm: check tlbs_dirty directly . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.173-rt72 * certs: Rotate to use the "Debian Secure Boot Signer 2021 - linux" certificate * Bump ABI to 15 linux-latest (105+deb10u11) buster; urgency=medium . * Update to 4.19.0-16 linux-latest (105+deb10u10) buster; urgency=medium . * Update to 4.19.0-15 linux-signed-amd64 (4.19.181+1) buster; urgency=medium . * Sign kernel from linux 4.19.181-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.178 - HID: make arrays usage and value to be the same - USB: quirks: sort quirk entries - usb: quirks: add quirk to start video capture on ELMO L-12F document camera reliable - block: add helper for checking if queue is registered - block: split .sysfs_lock into two locks - block: fix race between switching elevator and removing queues - block: don't release queue's sysfs lock during switching elevator - NET: usb: qmi_wwan: Adding support for Cinterion MV31 - cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath. - jump_label/lockdep: Assert we hold the hotplug lock for _cpuslocked() operations - locking/static_key: Fix false positive warnings on concurrent dec/inc - vmlinux.lds.h: add DWARF v5 sections - [arm64] PCI: qcom: Use PHY_REFCLK_USE_PAD only for ipq8064 - bfq: Avoid false bfq queue merging - ALSA: usb-audio: Fix PCM buffer allocation in non-vmalloc mode - [mips*] vmlinux.lds.S: add missing PAGE_ALIGNED_DATA() section - random: fix the RNDRESEEDCRNG ioctl - [arm64] Bluetooth: btqcomsmd: Fix a resource leak in error handling paths in the probe function - Bluetooth: Fix initializing response id after clearing struct - [armhf] dts: exynos: correct PMIC interrupt trigger level on Spring - [armhf] dts: exynos: correct PMIC interrupt trigger level on Arndale Octa - bpf: Avoid warning when re-casting __bpf_call_base into __bpf_call_base_args - [arm64] dts: allwinner: A64: properly connect USB PHY to port 0 - [arm64] dts: allwinner: A64: Limit MMC2 bus frequency to 150 MHz - ACPICA: Fix exception code class checks - usb: gadget: u_audio: Free requests only after callback - Bluetooth: drop HCI device reference before return - Bluetooth: Put HCI device if inquiry procedure interrupts - [arm*] usb: dwc2: Do not update data length if it is 0 on inbound transfers - [arm*] usb: dwc2: Abort transaction after errors with unknown reason - [arm*] usb: dwc2: Make "trimming xfer length" a debug message - staging: rtl8723bs: wifi_regd.c: Fix incorrect number of regulatory rules - [armhf] dts: armada388-helios4: assign pinctrl to LEDs - [armhf] dts: armada388-helios4: assign pinctrl to each fan - bpf_lru_list: Read double-checked variable once without lock - bnxt_en: reverse order of TX disable and carrier off - xen/netback: fix spurious event detection for common event case - mac80211: fix potential overflow when multiplying to u32 integers - bpf: Fix bpf_fib_lookup helper MTU check for SKB ctx - tcp: fix SO_RCVLOWAT related hangs under mem pressure - cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in cxgb4 and ulds - b43: N-PHY: Fix the update of coef for the PHY revision >= 3case - [amd64,arm64] net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout - [amd64,arm64] net: amd-xgbe: Fix NETDEV WATCHDOG transmit queue timeout warning - [amd64,arm64] net: amd-xgbe: Reset link when the link never comes back - [amd64,arm64] net: amd-xgbe: Fix network fluctuations when using 1G BELFUSE SFP - [arm64,armhf] net: mvneta: Remove per-cpu queue mapping for Armada 3700 - [x86] drm/gma500: Fix error return code in psb_driver_load() - [x86] gma500: clean up error handling in init - [armhf] crypto: sun4i-ss - fix kmap usage - [mips*] c-r4k: Fix section mismatch for loongson2_sc_init - media: em28xx: Fix use-after-free in em28xx_alloc_urbs - media: media/pci: Fix memleak in empress_init - [x86] media: tm6000: Fix memleak in tm6000_start_stream - media: lmedm04: Fix misuse of comma - media: qm1d1c0042: fix error return code in qm1d1c0042_init() - media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values - f2fs: fix to avoid inconsistent quota data - drm/amdgpu: Prevent shift wrapping in amdgpu_read_mask() - [x86] Drivers: hv: vmbus: Avoid use-after-free in vmbus_onoffer_rescind() - btrfs: clarify error returns values in __load_free_space_cache - crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key() - fs/jfs: fix potential integer overflow on shift of a int - jffs2: fix use after free in jffs2_sum_write_data() - capabilities: Don't allow writing ambiguous v3 file capabilities - [arm64,armhf] clk: meson: clk-pll: fix initializing the old rate (fallback) for a PLL - quota: Fix memory leak when handling corrupted quota file - [arm64] clk: sunxi-ng: h6: Fix CEC clock - HID: core: detect and skip invalid inputs to snto32() - fdt: Properly handle "no-map" field in the memory region - of/fdt: Make sure no-map does not remove already reserved regions - RDMA/mlx5: Use the correct obj_id upon DEVX TIR creation - [arm64] clk: sunxi-ng: h6: Fix clock divider range on some clocks - [arm64,armhf] regulator: axp20x: Fix reference cout leak - certs: Fix blacklist flag type confusion - [armhf] regulator: s5m8767: Drop regulators OF node reference - isofs: release buffer head before return - IB/umad: Return EIO in case of when device disassociated - IB/umad: Return EPOLLERR in case of when device disassociated - [ppc64el] KVM: Make the VMX instruction emulation routines static - [armel,armhf] 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores - [arm*] amba: Fix resource leak for drivers without .remove - tracepoint: Do not fail unregistering a probe due to memory failure - perf tools: Fix DSO filtering when not finding a map for a sampled address - RDMA/rxe: Fix coding error in rxe_recv.c - RDMA/rxe: Correct skb on loopback path - [powerpc*] pseries/dlpar: handle ibm, configure-connector delay status - [amd64] spi: pxa2xx: Fix the controller numbering for Wildcat Point - Input: sur40 - fix an error code in sur40_probe() - perf intel-pt: Fix missing CYC processing in PSB - Input: elo - fix an error code in elo_connect() - [arm64,armhf] pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare() - [x86] VMCI: Use set_page_dirty_lock() when unregistering guest memory - PCI: Align checking of syscall user config accessors - [arm64] drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY) - ext4: fix potential htree index checksum corruption - i40e: Fix flow for IPv6 next header (extension header) - i40e: Add zero-initialization of AQ command structures - i40e: Fix overwriting flow control settings during driver loading - i40e: Fix VFs not created - i40e: Fix add TC filter for IPv6 - net/mlx4_core: Add missed mlx4_free_cmd_mailbox() - vxlan: move debug check after netdev unregister - ocfs2: fix a use after free on error - mm/memory.c: fix potential pte_unmap_unlock pte error - mm/hugetlb: fix potential double free in hugetlb_register_node() error path - r8169: fix jumbo packet handling on RTL8168e - [arm64] Add missing ISB after invalidating TLB in __primary_switch - mm/rmap: fix potential pte_unmap on an not mapped pte - blk-settings: align max_sectors on "logical_block_size" boundary - ACPI: property: Fix fwnode string properties matching - HID: wacom: Ignore attempts to overwrite the touch_max value from HID - Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox Series X|S - Input: joydev - prevent potential read overflow in ioctl - USB: serial: option: update interface mapping for ZTE P685M - [arm64,armhf] usb: musb: Fix runtime PM race in musb_queue_resume_work - [arm64,armhf] usb: dwc3: gadget: Fix setting of DEPCFG.bInterval_m1 - [arm64,armhf] usb: dwc3: gadget: Fix dep->interval for fullspeed interrupt - USB: serial: ftdi_sio: fix FTX sub-integer prescaler - USB: serial: mos7840: fix error code in mos7840_write() - USB: serial: mos7720: fix error code in mos7720_write() - ALSA: hda/realtek: modify EAPD in the ALC886 - tpm_tis: Fix check_locality for correct locality acquisition - tpm_tis: Clean up locality release - KEYS: trusted: Fix migratable=1 failing - btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root - btrfs: fix reloc root leak with 0 ref reloc roots on recovery - btrfs: fix extent buffer leak on failure to copy root - [arm64] crypto: arm64/sha - add missing module aliases - [armhf] crypto: sun4i-ss - checking sg length is not sufficient - [armhf] crypto: sun4i-ss - handle BigEndian for cipher - seccomp: Add missing return in non-void function - misc: rtsx: init of rts522a add OCP power off when no card is present - [x86] drivers/misc/vmw_vmci: restrict too big queue size in qp_host_alloc_queue - staging: rtl8188eu: Add Edimax EW-7811UN V2 to device table - [x86] reboot: Force all cpus to exit VMX root if VMX is supported - floppy: reintroduce O_NDELAY fix - [arm64] uprobe: Return EOPNOTSUPP for AARCH32 instruction probing - [x86] watchdog: mei_wdt: request stop on unregister - [arm64] mtd: spi-nor: hisi-sfc: Put child node np on error path - fs/affs: release old buffer head on error path - seq_file: document how per-entry resources are managed. - [x86] fix seq_file iteration for pat/memtype.c - hugetlb: fix copy_huge_page_from_user contig page struct assumption - libnvdimm/dimm: Avoid race between probe and available_slots_show() - [arm64] Extend workaround for erratum 1024718 to all versions of Cortex-A55 - module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols - [armhf] mmc: sdhci-esdhc-imx: fix kernel panic when remove module - [armhf] gpio: pcf857x: Fix missing first interrupt - printk: fix deadlock when kernel panic - [x86] cpufreq: intel_pstate: Get per-CPU max freq via MSR_HWP_CAPABILITIES if available - f2fs: fix out-of-repair __setattr_copy() - gfs2: Don't skip dlm unlock if glock has an lvb - dm: fix deadlock when swapping to encrypted device - dm era: Recover committed writeset after crash - dm era: Verify the data block size hasn't changed - dm era: Fix bitset memory leaks - dm era: Use correct value size in equality function of writeset tree - dm era: Reinitialize bitset cache before digesting a new writeset - dm era: only resize metadata in preresume - icmp: introduce helper for nat'd source address in network device context - icmp: allow icmpv6_ndo_send to work with CONFIG_IPV6=n - gtp: use icmp_ndo_send helper - xfrm: interface: use icmp_ndo_send helper - ipv6: icmp6: avoid indirect call for icmpv6_send() - ipv6: silence compilation warning for non-IPV6 builds - net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending - dm era: Update in-core bitset after committing the metadata https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.179 - net: usb: qmi_wwan: support ZTE P685M modem - hugetlb: fix update_and_free_page contig page struct assumption - drm/virtio: use kvmalloc for large allocations - [s390x] virtio/s390: implement virtio-ccw revision 2 correctly - [arm64] module: set plt* section addresses to 0x0 - [arm64] Avoid redundant type conversions in xchg() and cmpxchg() - [arm64] cmpxchg: Use "K" instead of "L" for ll/sc immediate constraint - [arm64] Use correct ll/sc atomic constraints - JFS: more checks for invalid superblock - udlfb: Fix memory leak in dlfb_usb_probe - media: mceusb: sanity check for prescaler value - xfs: Fix assert failure in xfs_setattr_size() - net: fix up truesize of cloned skb in skb_prepare_for_shift() - mm/hugetlb.c: fix unnecessary address expansion of pmd sharing - net: bridge: use switchdev for port flags set through sysfs too - dt-bindings: net: btusb: DT fix s/interrupt-name/interrupt-names/ - rsi: Fix TX EAPOL packet handling against iwlwifi AP - rsi: Move card interrupt handling to RX thread - [x86] reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk - vt/consolemap: do font sum unsigned - [arm64,armhf] wlcore: Fix command execute failure 19 for wl12xx - Bluetooth: hci_h5: Set HCI_QUIRK_SIMULTANEOUS_DISCOVERY for btrtl - pktgen: fix misuse of BUG_ON() in pktgen_thread_worker() - ath10k: fix wmi mgmt tx queue full due to race condition - [x86] build: Treat R_386_PLT32 relocation as R_386_PC32 - Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data - crypto: tcrypt - avoid signed overflow in byte count - PCI: Add a REBAR size quirk for Sapphire RX 5600 XT Pulse - media: uvcvideo: Allow entities with no pads - f2fs: handle unallocated section and zone on pinned/atgc - f2fs: fix to set/clear I_LINKABLE under i_lock - btrfs: fix error handling in commit_fs_roots - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Estar Beauty HD MID 7316R tablet - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Voyo Winpad A15 tablet - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Acer One S1002 tablet - scsi: iscsi: Restrict sessions and handles to admin capabilities (CVE-2021-27363, CVE-2021-27364) - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (CVE-2021-27365) - scsi: iscsi: Verify lengths on passthrough PDUs (CVE-2021-27365) - Xen/gnttab: handle p2m update errors on a per-slot basis (CVE-2021-28038) - xen-netback: respect gnttab_map_refs()'s return value (CVE-2021-28038) - zsmalloc: account the number of compacted pages correctly - swap: fix swapfile read/write offset - media: v4l: ioctl: Fix memory leak in video_usercopy - ALSA: hda/realtek: Add quirk for Clevo NH55RZQ - ALSA: hda/realtek: Apply dual codec quirks for MSI Godlike X570 board https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.180 - btrfs: raid56: simplify tracking of Q stripe presence - btrfs: fix raid6 qstripe kmap - btrfs: validate qgroup inherit for SNAP_CREATE_V2 ioctl - btrfs: free correct amount of space in btrfs_delayed_inode_reserve_metadata - btrfs: unlock extents in btrfs_zero_range in case of quota reservation errors - PM: runtime: Update device status before letting suppliers suspend - dm bufio: subtract the number of initial sectors in dm_bufio_get_device_size - drm/amdgpu: fix parameter error of RREG32_PCIE() in amdgpu_regs_pcie - usbip: tools: fix build error for multiple definition - Revert "zram: close udev startup race condition as default groups" - block: genhd: add 'groups' argument to device_add_disk - nvme: register ns_id attributes as default sysfs groups - aoe: register default groups with device_add_disk() - zram: register default groups with device_add_disk() - virtio-blk: modernize sysfs attribute creation - ALSA: ctxfi: cthw20k2: fix mask on conf to allow 4 bits - rsxx: Return -EFAULT if copy_to_user() fails - r8169: fix resuming from suspend on RTL8105e if machine runs on battery - [arm64,armhf] net: dsa: add GRO support via gro_cells - dm table: fix iterate_devices based device capability checks - dm table: fix DAX iterate_devices based device capability checks - dm table: fix zoned iterate_devices based device capability checks - [amd64] iommu/amd: Fix sleeping in atomic in increase_address_space() - mwifiex: pcie: skip cancel_work_sync() on reset failure path - [x86] platform/x86: acer-wmi: Cleanup ACER_CAP_FOO defines - [x86] platform/x86: acer-wmi: Cleanup accelerometer device handling - [x86] platform/x86: acer-wmi: Add new force_caps module parameter - [x86] platform/x86: acer-wmi: Add ACER_CAP_SET_FUNCTION_MODE capability flag - [x86] platform/x86: acer-wmi: Add support for SW_TABLET_MODE on Switch devices - [x86] platform/x86: acer-wmi: Add ACER_CAP_KBD_DOCK quirk for the Aspire Switch 10E SW3-016 - HID: mf: add support for 0079:1846 Mayflash/Dragonrise USB Gamecube Adapter - media: cx23885: add more quirks for reset DMA on some AMD IOMMU - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for ARCHOS Cesium 140 - PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller - misc: eeprom_93xx46: Add quirk to support Microchip 93LC46B eeprom - [arm64] drm/msm/a5xx: Remove overwriting A5XX_PC_DBG_ECO_CNTL register https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.181 - uapi: nfnetlink_cthelper.h: fix userspace compilation error - ethernet: alx: fix order of calls on resume (Closes: #983595) - ath9k: fix transmitting to stations in dynamic SMPS mode - net: Fix gro aggregation for udp encaps with zero csum - net: Introduce parse_protocol header_ops callback - can: skb: can_skb_set_owner(): fix ref counting if socket was closed before setting skb ownership - [armhf] can: flexcan: assert FRZ bit in flexcan_chip_freeze() - [armhf] can: flexcan: enable RX FIFO after FRZ/HALT valid - netfilter: x_tables: gpf inside xt_find_revision() - mt76: dma: do not report truncated frames to mac80211 - tcp: annotate tp->copied_seq lockless reads - tcp: annotate tp->write_seq lockless reads - tcp: add sanity tests to TCP_QUEUE_SEQ - cifs: return proper error code in statfs(2) - scripts/recordmcount.{c,pl}: support -ffunction-sections .text.* section names - Revert "mm, slub: consider rest of partial list if acquire_slab() fails" - net: check if protocol extracted by virtio_net_hdr_set_proto is correct - net: avoid infinite loop in mpls_gso_segment when mpls_hlen == 0 - net/mlx4_en: update moderation when config reset - [arm64,armhf] net: stmmac: fix incorrect DMA channel intr enable setting of EQoS v4.10 - net: sched: avoid duplicates in classes dump - net: usb: qmi_wwan: allow qmimux add/del with master up - [arm64,armhf] net: stmmac: stop each tx channel independently - [arm64,armhf] net: stmmac: fix watchdog timeout during suspend/resume stress test - drm/compat: Clear bounce structures - [arm64] drm: meson_drv add shutdown function - media: usbtv: Fix deadlock on suspend - net: phy: fix save wrong speed and duplex problem if autoneg is on - udf: fix silent AED tagLocation corruption - [powerpc*] pci: Add ppc_md.discover_phbs() - [powerpc*] improve handling of unrecoverable system reset - [powerpc*] perf: Record counter overflow always if SAMPLE_IP is unset - [arm64] PCI: xgene-msi: Fix race in installing chained irq handler - PCI: Fix pci_register_io_range() memory leak - i40e: Fix memory leak in i40e_probe - [s390x] smp: __smp_rescan_cpus() - move cpumask away from stack - scsi: libiscsi: Fix iscsi_prep_scsi_cmd_pdu() error handling - scsi: target: core: Add cmd length set before cmd complete - scsi: target: core: Prevent underflow for service actions - ALSA: usb: Add Plantronics C320-M USB ctrl msg delay quirk - ALSA: hda/hdmi: Cancel pending works before suspend - ALSA: hda: Drop the BATCH workaround for AMD controllers - ALSA: hda: Avoid spurious unsol event handling during S3/S4 - ALSA: usb-audio: Fix "cannot get freq eq" errors on Dell AE515 sound bar - ALSA: usb-audio: Apply the control quirk to Plantronics headsets - Revert 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file capabilities") - [s390x] dasd: fix hanging DASD driver unbind - [s390x] dasd: fix hanging IO request during DASD driver unbind - mmc: core: Fix partition switch time for eMMC - mmc: cqhci: Fix random crash when remove mmc module/card - Goodix Fingerprint device is not a modem - USB: gadget: u_ether: Fix a configfs return code - usb: gadget: f_uac2: always increase endpoint max_packet_size by one audio slot - usb: gadget: f_uac1: stop playback on function disable - [arm64] usb: dwc3: qcom: Honor wakeup enabled/disabled state - USB: usblp: fix a hang in poll() if disconnected - xhci: Improve detection of device initiated wake signal. - usb: xhci: Fix ASMedia ASM1042A and ASM3242 DMA addressing - USB: serial: io_edgeport: fix memory leak in edge_startup - USB: serial: ch341: add new Product ID - USB: serial: cp210x: add ID for Acuity Brands nLight Air Adapter - USB: serial: cp210x: add some more GE USB IDs - usbip: fix stub_dev to check for stream socket - usbip: fix vhci_hcd to check for stream socket - usbip: fix vudc to check for stream socket - usbip: fix stub_dev usbip_sockfd_store() races leading to gpf - usbip: fix vhci_hcd attach_store() races leading to gpf - usbip: fix vudc usbip_sockfd_store races leading to gpf - [x86] staging: rtl8192u: fix ->ssid overflow in r8192_wx_set_scan() - staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() (CVE-2021-28660) - staging: rtl8712: unterminated string leads to read overflow - staging: rtl8188eu: fix potential memory corruption in rtw_check_beacon_data() - staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd - [x86] staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan - [x86] staging: comedi: addi_apci_1032: Fix endian problem for COS sample - [x86] staging: comedi: addi_apci_1500: Fix endian problem for command sample - [x86] staging: comedi: adv_pci1710: Fix endian problem for AI command data - [i386] staging: comedi: das6402: Fix endian problem for AI command data - [i386] staging: comedi: das800: Fix endian problem for AI command data - [i386] staging: comedi: dmm32at: Fix endian problem for AI command data - [x86] staging: comedi: me4000: Fix endian problem for AI command data - [i386] staging: comedi: pcl711: Fix endian problem for AI command data - [i386] staging: comedi: pcl818: Fix endian problem for AI command data - NFSv4.2: fix return value of _nfs4_get_security_label() - block: rsxx: fix error return code of rsxx_pci_probe() - configfs: fix a use-after-free in __configfs_open_file - hrtimer: Update softirq_expires_next correctly after __hrtimer_get_next_event() - stop_machine: mark helpers __always_inline - include/linux/sched/mm.h: use rcu_dereference in in_vfork() - [powerpc*] 64s: Fix instruction encoding for lis in ppc_function_entry() - binfmt_misc: fix possible deadlock in bm_register_write - [amd64] x86/unwind/orc: Disable KASAN checking in the ORC unwinder, part 2 - hwmon: (lm90) Fix max6658 sporadic wrong temperature reading - [arm64] KVM: Fix exclusive limit for IPA size - xen/events: reset affinity of 2-level event when tearing it down - xen/events: don't unmask an event channel when an eoi is pending - xen/events: avoid handling the same event on two cpus at the same time . [ Salvatore Bonaccorso ] * Bump ABI to 16 * ext4: check journal inode extents more carefully (CVE-2021-3428) * bpf: Prohibit alu ops for pointer types not defining ptr_limit (CVE-2020-27170) * bpf: Fix off-by-one for area size in creating mask to left (CVE-2020-27171) * bpf: Simplify alu_limit masking for pointer arithmetic * bpf: Add sanity check for upper ptr_limit linux-signed-amd64 (4.19.177+1) buster; urgency=medium . * Sign kernel from linux 4.19.177-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.172 - tools: Factor HOSTCC, HOSTLD, HOSTAR definitions - dm integrity: conditionally disable "recalculate" feature - writeback: Drop I_DIRTY_TIME_EXPIRE - fs: fix lazytime expiration handling in __writeback_single_inode() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.173 - nbd: freeze the queue while we're adding connections (CVE-2021-3348) - ACPI: sysfs: Prefer "compatible" modalias - kernel: kexec: remove the lock operation of system_transition_mutex - xen/privcmd: allow fetching resource sizes - ALSA: hda/via: Apply the workaround generically for Clevo machines - media: rc: ensure that uevent can be read directly after rc device register - wext: fix NULL-ptr-dereference with cfg80211's lack of commit() - net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family - PM: hibernate: flush swap writer after marking - [x86] KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in intel_arch_events[] - [x86] KVM: get smi pending status correctly - leds: trigger: fix potential deadlock with libata - mt7601u: fix kernel crash unplugging the device - mt7601u: fix rx buffer refcounting - xen-blkfront: allow discard-* nodes to be optional - [armhf] imx: build suspend-imx6.S with arm instruction set - netfilter: nft_dynset: add timeout extension to template - xfrm: Fix oops in xfrm_replay_advance_bmp - xfrm: fix disable_xfrm sysctl when used on xfrm interfaces - RDMA/cxgb4: Fix the reported max_recv_sge value - pNFS/NFSv4: Fix a layout segment leak in pnfs_layout_process() - iwlwifi: pcie: use jiffies for memory read spin time limit - iwlwifi: pcie: reschedule in long-running memory reads - mac80211: pause TX while changing interface type - net/mlx5: Fix memory leak on flow table creation error flow - can: dev: prevent potential information leak in can_fill_info() - [amd64] iommu/vt-d: Gracefully handle DMAR units with no supported address widths - [amd64] iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not built - rxrpc: Fix memory leak in rxrpc_lookup_local - NFC: fix resource leak when target index is invalid - NFC: fix possible resource leak - team: protect features update by RCU to avoid deadlock - tcp: fix TLP timer not set when CA_STATE changes from DISORDER to OPEN https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.174 - [armhf] net: dsa: bcm_sf2: put device node before return - ACPI: thermal: Do not call acpi_thermal_check() directly - sysctl: handle overflow in proc_get_long - net_sched: gen_estimator: support large ewma log - [x86] platform/x86: intel-vbtn: Support for tablet mode on Dell Inspiron 7352 - [x86] __always_inline __{rd,wr}msr() - scsi: scsi_transport_srp: Don't block target in failfast state - scsi: libfc: Avoid invoking response handler twice if ep is already completed - mac80211: fix fast-rx encryption check - [ppc64el] scsi: ibmvfc: Set default timeout to avoid crash during migration - objtool: Don't fail on missing symbol table - kthread: Extract KTHREAD_IS_PER_CPU - workqueue: Restrict affinity change to rescuer https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.175 - USB: serial: cp210x: add pid/vid for WSDA-200-USB - USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000 - USB: serial: option: Adding support for Cinterion MV31 - Input: i8042 - unbreak Pegatron C15B - rxrpc: Fix deadlock around release of dst cached on udp tunnel - net: lapb: Copy the skb before sending a packet - [arm64,armhf] net: mvpp2: TCAM entry enable should be written after SRAM data - memblock: do not start bottom-up allocations with kernel_end - USB: gadget: legacy: fix an error code in eth_bind() - USB: usblp: don't call usb_set_interface if there's a single alt - [arm*] usb: dwc2: Fix endpoint direction check in ep_from_windex - [arm64,armhf] usb: dwc3: fix clock issue during resume in OTG mode - ovl: fix dentry leak in ovl_get_redirect - mac80211: fix station rate table updates on assoc - kretprobe: Avoid re-registration of the same kretprobe earlier - genirq/msi: Activate Multi-MSI early when MSI_FLAG_ACTIVATE_EARLY is set - xhci: fix bounce buffer usage for non-sg list case - cifs: report error instead of invalid when revalidating a dentry fails - smb3: Fix out-of-bounds bug in SMB2_negotiate() - mmc: core: Limit retries when analyse of SDIO tuples fails - nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs - [x86] KVM: SVM: Treat SVM as unsupported when running as an SEV guest - mm: hugetlbfs: fix cannot migrate the fallocated HugeTLB page - mm: hugetlb: fix a race between freeing and dissolving the page - mm: hugetlb: fix a race between isolating and freeing page - mm: hugetlb: remove VM_BUG_ON_PAGE from page_huge_active - mm: thp: fix MADV_REMOVE deadlock on shmem THP - [x86] build: Disable CET instrumentation in the kernel - [x86] apic: Add extra serialization for non-serializing MSRs - Input: xpad - sync supported devices with fork on GitHub - [amd64] iommu/vt-d: Do not use flush-queue when caching-mode is on - md: Set prev_flush_start and flush_bio in an atomic way - net: ip_tunnel: fix mtu calculation - [arm64,armhf] net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.176 - tracing/kprobe: Fix to support kretprobe events on unloaded modules - block: fix NULL pointer dereference in register_disk - fgraph: Initialize tracing_graph_pause at task creation - af_key: relax availability checks for skb size calculation - regulator: core: avoid regulator_resolve_supply() race condition - pNFS/NFSv4: Try to return invalid layout in pnfs_layout_process() - iwlwifi: pcie: add a NULL check in iwl_pcie_txq_unmap - iwlwifi: pcie: fix context info memory leak - iwlwifi: mvm: guard against device removal in reprobe - SUNRPC: Move simple_get_bytes and simple_get_netobj into private header - SUNRPC: Handle 0 length opaque XDR object data properly - lib/string: Add strscpy_pad() function - include/trace/events/writeback.h: fix -Wstringop-truncation warnings - memcg: fix a crash in wb_workfn when a device disappears - [x86] Fix unsynchronized access to sev members through svm_register_enc_region - block: don't hold q->sysfs_lock in elevator_init_mq - blk-mq: don't hold q->sysfs_lock in blk_mq_map_swqueue - squashfs: add more sanity checks in id lookup - squashfs: add more sanity checks in inode lookup - squashfs: add more sanity checks in xattr id lookup - regulator: core: enable power when setting up constraints - regulator: core: Clean enabling always-on regulators + their supplies - regulator: Fix lockdep warning resolving supplies https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.177 - tracing: Do not count ftrace events in top level enable output - tracing: Check length before giving out the filter buffer - [armhf] xen: Don't probe xenbus as part of an early initcall - [x86] platform/x86: hp-wmi: Disable tablet-mode reporting by default - ovl: perform vfs_getxattr() with mounter creds - cap: fix conversions on getxattr - ovl: skip getxattr of security labels - bfq-iosched: Revert "bfq: Fix computation of shallow depth" - [armel,armhf] ensure the signal page contains defined contents - [armel,armhf] kexec: fix oops after TLB are invalidated - mt76: dma: fix a possible memory leak in mt76_add_fragment() - bpf: Check for integer overflow when using roundup_pow_of_two() - netfilter: xt_recent: Fix attempt to update deleted entry - netfilter: flowtable: fix tcp and udp header checksum update - xen/netback: avoid race in xenvif_rx_ring_slots_available() - [arm64,armhf] net: stmmac: set TxQ mode back to DCB after disabling CBS - netfilter: conntrack: skip identical origin tuple in same zone only - [arm64] net: hns3: add a check for queue_id in hclge_reset_vf_queue() - [arm64] usb: dwc3: ulpi: fix checkpatch warning - [arm64] usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one - net: fix iteration for sctp transport seq_files - net/vmw_vsock: improve locking in vsock_connect_timeout() - net: watchdog: hold device global xmit lock during tx disable - vsock/virtio: update credit only if socket is not closed - vsock: fix locking in vsock_shutdown() - net/rds: restrict iovecs length for RDS_CMSG_RDMA_ARGS - ovl: expand warning in ovl_d_real() - [x86] KVM: SEV: fix double locking due to incorrect backport - [x86] Xen/x86: don't bail early from clear_foreign_p2m_mapping() (CVE-2021-26932) - [x86] Xen/x86: also check kernel mapping in set_foreign_p2m_mapping() (CVE-2021-26932) - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages() (CVE-2021-26932) - Xen/gntdev: correct error checking in gntdev_map_grant_pages() (CVE-2021-26932) - [armhf] xen/arm: don't ignore return errors from set_phys_to_machine (CVE-2021-26932) - xen-blkback: don't "handle" error by BUG() (CVE-2021-26931) - xen-netback: don't "handle" error by BUG() (CVE-2021-26931) - xen-scsiback: don't "handle" error by BUG() (CVE-2021-26931) - xen-blkback: fix error handling in xen_blkbk_map() (CVE-2021-26930) - scsi: qla2xxx: Fix crash during driver load on big endian machines - kvm: check tlbs_dirty directly . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.173-rt72 * certs: Rotate to use the "Debian Secure Boot Signer 2021 - linux" certificate * Bump ABI to 15 linux-signed-arm64 (4.19.181+1) buster; urgency=medium . * Sign kernel from linux 4.19.181-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.178 - HID: make arrays usage and value to be the same - USB: quirks: sort quirk entries - usb: quirks: add quirk to start video capture on ELMO L-12F document camera reliable - block: add helper for checking if queue is registered - block: split .sysfs_lock into two locks - block: fix race between switching elevator and removing queues - block: don't release queue's sysfs lock during switching elevator - NET: usb: qmi_wwan: Adding support for Cinterion MV31 - cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath. - jump_label/lockdep: Assert we hold the hotplug lock for _cpuslocked() operations - locking/static_key: Fix false positive warnings on concurrent dec/inc - vmlinux.lds.h: add DWARF v5 sections - [arm64] PCI: qcom: Use PHY_REFCLK_USE_PAD only for ipq8064 - bfq: Avoid false bfq queue merging - ALSA: usb-audio: Fix PCM buffer allocation in non-vmalloc mode - [mips*] vmlinux.lds.S: add missing PAGE_ALIGNED_DATA() section - random: fix the RNDRESEEDCRNG ioctl - [arm64] Bluetooth: btqcomsmd: Fix a resource leak in error handling paths in the probe function - Bluetooth: Fix initializing response id after clearing struct - [armhf] dts: exynos: correct PMIC interrupt trigger level on Spring - [armhf] dts: exynos: correct PMIC interrupt trigger level on Arndale Octa - bpf: Avoid warning when re-casting __bpf_call_base into __bpf_call_base_args - [arm64] dts: allwinner: A64: properly connect USB PHY to port 0 - [arm64] dts: allwinner: A64: Limit MMC2 bus frequency to 150 MHz - ACPICA: Fix exception code class checks - usb: gadget: u_audio: Free requests only after callback - Bluetooth: drop HCI device reference before return - Bluetooth: Put HCI device if inquiry procedure interrupts - [arm*] usb: dwc2: Do not update data length if it is 0 on inbound transfers - [arm*] usb: dwc2: Abort transaction after errors with unknown reason - [arm*] usb: dwc2: Make "trimming xfer length" a debug message - staging: rtl8723bs: wifi_regd.c: Fix incorrect number of regulatory rules - [armhf] dts: armada388-helios4: assign pinctrl to LEDs - [armhf] dts: armada388-helios4: assign pinctrl to each fan - bpf_lru_list: Read double-checked variable once without lock - bnxt_en: reverse order of TX disable and carrier off - xen/netback: fix spurious event detection for common event case - mac80211: fix potential overflow when multiplying to u32 integers - bpf: Fix bpf_fib_lookup helper MTU check for SKB ctx - tcp: fix SO_RCVLOWAT related hangs under mem pressure - cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in cxgb4 and ulds - b43: N-PHY: Fix the update of coef for the PHY revision >= 3case - [amd64,arm64] net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout - [amd64,arm64] net: amd-xgbe: Fix NETDEV WATCHDOG transmit queue timeout warning - [amd64,arm64] net: amd-xgbe: Reset link when the link never comes back - [amd64,arm64] net: amd-xgbe: Fix network fluctuations when using 1G BELFUSE SFP - [arm64,armhf] net: mvneta: Remove per-cpu queue mapping for Armada 3700 - [x86] drm/gma500: Fix error return code in psb_driver_load() - [x86] gma500: clean up error handling in init - [armhf] crypto: sun4i-ss - fix kmap usage - [mips*] c-r4k: Fix section mismatch for loongson2_sc_init - media: em28xx: Fix use-after-free in em28xx_alloc_urbs - media: media/pci: Fix memleak in empress_init - [x86] media: tm6000: Fix memleak in tm6000_start_stream - media: lmedm04: Fix misuse of comma - media: qm1d1c0042: fix error return code in qm1d1c0042_init() - media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values - f2fs: fix to avoid inconsistent quota data - drm/amdgpu: Prevent shift wrapping in amdgpu_read_mask() - [x86] Drivers: hv: vmbus: Avoid use-after-free in vmbus_onoffer_rescind() - btrfs: clarify error returns values in __load_free_space_cache - crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key() - fs/jfs: fix potential integer overflow on shift of a int - jffs2: fix use after free in jffs2_sum_write_data() - capabilities: Don't allow writing ambiguous v3 file capabilities - [arm64,armhf] clk: meson: clk-pll: fix initializing the old rate (fallback) for a PLL - quota: Fix memory leak when handling corrupted quota file - [arm64] clk: sunxi-ng: h6: Fix CEC clock - HID: core: detect and skip invalid inputs to snto32() - fdt: Properly handle "no-map" field in the memory region - of/fdt: Make sure no-map does not remove already reserved regions - RDMA/mlx5: Use the correct obj_id upon DEVX TIR creation - [arm64] clk: sunxi-ng: h6: Fix clock divider range on some clocks - [arm64,armhf] regulator: axp20x: Fix reference cout leak - certs: Fix blacklist flag type confusion - [armhf] regulator: s5m8767: Drop regulators OF node reference - isofs: release buffer head before return - IB/umad: Return EIO in case of when device disassociated - IB/umad: Return EPOLLERR in case of when device disassociated - [ppc64el] KVM: Make the VMX instruction emulation routines static - [armel,armhf] 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores - [arm*] amba: Fix resource leak for drivers without .remove - tracepoint: Do not fail unregistering a probe due to memory failure - perf tools: Fix DSO filtering when not finding a map for a sampled address - RDMA/rxe: Fix coding error in rxe_recv.c - RDMA/rxe: Correct skb on loopback path - [powerpc*] pseries/dlpar: handle ibm, configure-connector delay status - [amd64] spi: pxa2xx: Fix the controller numbering for Wildcat Point - Input: sur40 - fix an error code in sur40_probe() - perf intel-pt: Fix missing CYC processing in PSB - Input: elo - fix an error code in elo_connect() - [arm64,armhf] pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare() - [x86] VMCI: Use set_page_dirty_lock() when unregistering guest memory - PCI: Align checking of syscall user config accessors - [arm64] drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY) - ext4: fix potential htree index checksum corruption - i40e: Fix flow for IPv6 next header (extension header) - i40e: Add zero-initialization of AQ command structures - i40e: Fix overwriting flow control settings during driver loading - i40e: Fix VFs not created - i40e: Fix add TC filter for IPv6 - net/mlx4_core: Add missed mlx4_free_cmd_mailbox() - vxlan: move debug check after netdev unregister - ocfs2: fix a use after free on error - mm/memory.c: fix potential pte_unmap_unlock pte error - mm/hugetlb: fix potential double free in hugetlb_register_node() error path - r8169: fix jumbo packet handling on RTL8168e - [arm64] Add missing ISB after invalidating TLB in __primary_switch - mm/rmap: fix potential pte_unmap on an not mapped pte - blk-settings: align max_sectors on "logical_block_size" boundary - ACPI: property: Fix fwnode string properties matching - HID: wacom: Ignore attempts to overwrite the touch_max value from HID - Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox Series X|S - Input: joydev - prevent potential read overflow in ioctl - USB: serial: option: update interface mapping for ZTE P685M - [arm64,armhf] usb: musb: Fix runtime PM race in musb_queue_resume_work - [arm64,armhf] usb: dwc3: gadget: Fix setting of DEPCFG.bInterval_m1 - [arm64,armhf] usb: dwc3: gadget: Fix dep->interval for fullspeed interrupt - USB: serial: ftdi_sio: fix FTX sub-integer prescaler - USB: serial: mos7840: fix error code in mos7840_write() - USB: serial: mos7720: fix error code in mos7720_write() - ALSA: hda/realtek: modify EAPD in the ALC886 - tpm_tis: Fix check_locality for correct locality acquisition - tpm_tis: Clean up locality release - KEYS: trusted: Fix migratable=1 failing - btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root - btrfs: fix reloc root leak with 0 ref reloc roots on recovery - btrfs: fix extent buffer leak on failure to copy root - [arm64] crypto: arm64/sha - add missing module aliases - [armhf] crypto: sun4i-ss - checking sg length is not sufficient - [armhf] crypto: sun4i-ss - handle BigEndian for cipher - seccomp: Add missing return in non-void function - misc: rtsx: init of rts522a add OCP power off when no card is present - [x86] drivers/misc/vmw_vmci: restrict too big queue size in qp_host_alloc_queue - staging: rtl8188eu: Add Edimax EW-7811UN V2 to device table - [x86] reboot: Force all cpus to exit VMX root if VMX is supported - floppy: reintroduce O_NDELAY fix - [arm64] uprobe: Return EOPNOTSUPP for AARCH32 instruction probing - [x86] watchdog: mei_wdt: request stop on unregister - [arm64] mtd: spi-nor: hisi-sfc: Put child node np on error path - fs/affs: release old buffer head on error path - seq_file: document how per-entry resources are managed. - [x86] fix seq_file iteration for pat/memtype.c - hugetlb: fix copy_huge_page_from_user contig page struct assumption - libnvdimm/dimm: Avoid race between probe and available_slots_show() - [arm64] Extend workaround for erratum 1024718 to all versions of Cortex-A55 - module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols - [armhf] mmc: sdhci-esdhc-imx: fix kernel panic when remove module - [armhf] gpio: pcf857x: Fix missing first interrupt - printk: fix deadlock when kernel panic - [x86] cpufreq: intel_pstate: Get per-CPU max freq via MSR_HWP_CAPABILITIES if available - f2fs: fix out-of-repair __setattr_copy() - gfs2: Don't skip dlm unlock if glock has an lvb - dm: fix deadlock when swapping to encrypted device - dm era: Recover committed writeset after crash - dm era: Verify the data block size hasn't changed - dm era: Fix bitset memory leaks - dm era: Use correct value size in equality function of writeset tree - dm era: Reinitialize bitset cache before digesting a new writeset - dm era: only resize metadata in preresume - icmp: introduce helper for nat'd source address in network device context - icmp: allow icmpv6_ndo_send to work with CONFIG_IPV6=n - gtp: use icmp_ndo_send helper - xfrm: interface: use icmp_ndo_send helper - ipv6: icmp6: avoid indirect call for icmpv6_send() - ipv6: silence compilation warning for non-IPV6 builds - net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending - dm era: Update in-core bitset after committing the metadata https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.179 - net: usb: qmi_wwan: support ZTE P685M modem - hugetlb: fix update_and_free_page contig page struct assumption - drm/virtio: use kvmalloc for large allocations - [s390x] virtio/s390: implement virtio-ccw revision 2 correctly - [arm64] module: set plt* section addresses to 0x0 - [arm64] Avoid redundant type conversions in xchg() and cmpxchg() - [arm64] cmpxchg: Use "K" instead of "L" for ll/sc immediate constraint - [arm64] Use correct ll/sc atomic constraints - JFS: more checks for invalid superblock - udlfb: Fix memory leak in dlfb_usb_probe - media: mceusb: sanity check for prescaler value - xfs: Fix assert failure in xfs_setattr_size() - net: fix up truesize of cloned skb in skb_prepare_for_shift() - mm/hugetlb.c: fix unnecessary address expansion of pmd sharing - net: bridge: use switchdev for port flags set through sysfs too - dt-bindings: net: btusb: DT fix s/interrupt-name/interrupt-names/ - rsi: Fix TX EAPOL packet handling against iwlwifi AP - rsi: Move card interrupt handling to RX thread - [x86] reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk - vt/consolemap: do font sum unsigned - [arm64,armhf] wlcore: Fix command execute failure 19 for wl12xx - Bluetooth: hci_h5: Set HCI_QUIRK_SIMULTANEOUS_DISCOVERY for btrtl - pktgen: fix misuse of BUG_ON() in pktgen_thread_worker() - ath10k: fix wmi mgmt tx queue full due to race condition - [x86] build: Treat R_386_PLT32 relocation as R_386_PC32 - Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data - crypto: tcrypt - avoid signed overflow in byte count - PCI: Add a REBAR size quirk for Sapphire RX 5600 XT Pulse - media: uvcvideo: Allow entities with no pads - f2fs: handle unallocated section and zone on pinned/atgc - f2fs: fix to set/clear I_LINKABLE under i_lock - btrfs: fix error handling in commit_fs_roots - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Estar Beauty HD MID 7316R tablet - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Voyo Winpad A15 tablet - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Acer One S1002 tablet - scsi: iscsi: Restrict sessions and handles to admin capabilities (CVE-2021-27363, CVE-2021-27364) - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (CVE-2021-27365) - scsi: iscsi: Verify lengths on passthrough PDUs (CVE-2021-27365) - Xen/gnttab: handle p2m update errors on a per-slot basis (CVE-2021-28038) - xen-netback: respect gnttab_map_refs()'s return value (CVE-2021-28038) - zsmalloc: account the number of compacted pages correctly - swap: fix swapfile read/write offset - media: v4l: ioctl: Fix memory leak in video_usercopy - ALSA: hda/realtek: Add quirk for Clevo NH55RZQ - ALSA: hda/realtek: Apply dual codec quirks for MSI Godlike X570 board https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.180 - btrfs: raid56: simplify tracking of Q stripe presence - btrfs: fix raid6 qstripe kmap - btrfs: validate qgroup inherit for SNAP_CREATE_V2 ioctl - btrfs: free correct amount of space in btrfs_delayed_inode_reserve_metadata - btrfs: unlock extents in btrfs_zero_range in case of quota reservation errors - PM: runtime: Update device status before letting suppliers suspend - dm bufio: subtract the number of initial sectors in dm_bufio_get_device_size - drm/amdgpu: fix parameter error of RREG32_PCIE() in amdgpu_regs_pcie - usbip: tools: fix build error for multiple definition - Revert "zram: close udev startup race condition as default groups" - block: genhd: add 'groups' argument to device_add_disk - nvme: register ns_id attributes as default sysfs groups - aoe: register default groups with device_add_disk() - zram: register default groups with device_add_disk() - virtio-blk: modernize sysfs attribute creation - ALSA: ctxfi: cthw20k2: fix mask on conf to allow 4 bits - rsxx: Return -EFAULT if copy_to_user() fails - r8169: fix resuming from suspend on RTL8105e if machine runs on battery - [arm64,armhf] net: dsa: add GRO support via gro_cells - dm table: fix iterate_devices based device capability checks - dm table: fix DAX iterate_devices based device capability checks - dm table: fix zoned iterate_devices based device capability checks - [amd64] iommu/amd: Fix sleeping in atomic in increase_address_space() - mwifiex: pcie: skip cancel_work_sync() on reset failure path - [x86] platform/x86: acer-wmi: Cleanup ACER_CAP_FOO defines - [x86] platform/x86: acer-wmi: Cleanup accelerometer device handling - [x86] platform/x86: acer-wmi: Add new force_caps module parameter - [x86] platform/x86: acer-wmi: Add ACER_CAP_SET_FUNCTION_MODE capability flag - [x86] platform/x86: acer-wmi: Add support for SW_TABLET_MODE on Switch devices - [x86] platform/x86: acer-wmi: Add ACER_CAP_KBD_DOCK quirk for the Aspire Switch 10E SW3-016 - HID: mf: add support for 0079:1846 Mayflash/Dragonrise USB Gamecube Adapter - media: cx23885: add more quirks for reset DMA on some AMD IOMMU - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for ARCHOS Cesium 140 - PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller - misc: eeprom_93xx46: Add quirk to support Microchip 93LC46B eeprom - [arm64] drm/msm/a5xx: Remove overwriting A5XX_PC_DBG_ECO_CNTL register https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.181 - uapi: nfnetlink_cthelper.h: fix userspace compilation error - ethernet: alx: fix order of calls on resume (Closes: #983595) - ath9k: fix transmitting to stations in dynamic SMPS mode - net: Fix gro aggregation for udp encaps with zero csum - net: Introduce parse_protocol header_ops callback - can: skb: can_skb_set_owner(): fix ref counting if socket was closed before setting skb ownership - [armhf] can: flexcan: assert FRZ bit in flexcan_chip_freeze() - [armhf] can: flexcan: enable RX FIFO after FRZ/HALT valid - netfilter: x_tables: gpf inside xt_find_revision() - mt76: dma: do not report truncated frames to mac80211 - tcp: annotate tp->copied_seq lockless reads - tcp: annotate tp->write_seq lockless reads - tcp: add sanity tests to TCP_QUEUE_SEQ - cifs: return proper error code in statfs(2) - scripts/recordmcount.{c,pl}: support -ffunction-sections .text.* section names - Revert "mm, slub: consider rest of partial list if acquire_slab() fails" - net: check if protocol extracted by virtio_net_hdr_set_proto is correct - net: avoid infinite loop in mpls_gso_segment when mpls_hlen == 0 - net/mlx4_en: update moderation when config reset - [arm64,armhf] net: stmmac: fix incorrect DMA channel intr enable setting of EQoS v4.10 - net: sched: avoid duplicates in classes dump - net: usb: qmi_wwan: allow qmimux add/del with master up - [arm64,armhf] net: stmmac: stop each tx channel independently - [arm64,armhf] net: stmmac: fix watchdog timeout during suspend/resume stress test - drm/compat: Clear bounce structures - [arm64] drm: meson_drv add shutdown function - media: usbtv: Fix deadlock on suspend - net: phy: fix save wrong speed and duplex problem if autoneg is on - udf: fix silent AED tagLocation corruption - [powerpc*] pci: Add ppc_md.discover_phbs() - [powerpc*] improve handling of unrecoverable system reset - [powerpc*] perf: Record counter overflow always if SAMPLE_IP is unset - [arm64] PCI: xgene-msi: Fix race in installing chained irq handler - PCI: Fix pci_register_io_range() memory leak - i40e: Fix memory leak in i40e_probe - [s390x] smp: __smp_rescan_cpus() - move cpumask away from stack - scsi: libiscsi: Fix iscsi_prep_scsi_cmd_pdu() error handling - scsi: target: core: Add cmd length set before cmd complete - scsi: target: core: Prevent underflow for service actions - ALSA: usb: Add Plantronics C320-M USB ctrl msg delay quirk - ALSA: hda/hdmi: Cancel pending works before suspend - ALSA: hda: Drop the BATCH workaround for AMD controllers - ALSA: hda: Avoid spurious unsol event handling during S3/S4 - ALSA: usb-audio: Fix "cannot get freq eq" errors on Dell AE515 sound bar - ALSA: usb-audio: Apply the control quirk to Plantronics headsets - Revert 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file capabilities") - [s390x] dasd: fix hanging DASD driver unbind - [s390x] dasd: fix hanging IO request during DASD driver unbind - mmc: core: Fix partition switch time for eMMC - mmc: cqhci: Fix random crash when remove mmc module/card - Goodix Fingerprint device is not a modem - USB: gadget: u_ether: Fix a configfs return code - usb: gadget: f_uac2: always increase endpoint max_packet_size by one audio slot - usb: gadget: f_uac1: stop playback on function disable - [arm64] usb: dwc3: qcom: Honor wakeup enabled/disabled state - USB: usblp: fix a hang in poll() if disconnected - xhci: Improve detection of device initiated wake signal. - usb: xhci: Fix ASMedia ASM1042A and ASM3242 DMA addressing - USB: serial: io_edgeport: fix memory leak in edge_startup - USB: serial: ch341: add new Product ID - USB: serial: cp210x: add ID for Acuity Brands nLight Air Adapter - USB: serial: cp210x: add some more GE USB IDs - usbip: fix stub_dev to check for stream socket - usbip: fix vhci_hcd to check for stream socket - usbip: fix vudc to check for stream socket - usbip: fix stub_dev usbip_sockfd_store() races leading to gpf - usbip: fix vhci_hcd attach_store() races leading to gpf - usbip: fix vudc usbip_sockfd_store races leading to gpf - [x86] staging: rtl8192u: fix ->ssid overflow in r8192_wx_set_scan() - staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() (CVE-2021-28660) - staging: rtl8712: unterminated string leads to read overflow - staging: rtl8188eu: fix potential memory corruption in rtw_check_beacon_data() - staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd - [x86] staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan - [x86] staging: comedi: addi_apci_1032: Fix endian problem for COS sample - [x86] staging: comedi: addi_apci_1500: Fix endian problem for command sample - [x86] staging: comedi: adv_pci1710: Fix endian problem for AI command data - [i386] staging: comedi: das6402: Fix endian problem for AI command data - [i386] staging: comedi: das800: Fix endian problem for AI command data - [i386] staging: comedi: dmm32at: Fix endian problem for AI command data - [x86] staging: comedi: me4000: Fix endian problem for AI command data - [i386] staging: comedi: pcl711: Fix endian problem for AI command data - [i386] staging: comedi: pcl818: Fix endian problem for AI command data - NFSv4.2: fix return value of _nfs4_get_security_label() - block: rsxx: fix error return code of rsxx_pci_probe() - configfs: fix a use-after-free in __configfs_open_file - hrtimer: Update softirq_expires_next correctly after __hrtimer_get_next_event() - stop_machine: mark helpers __always_inline - include/linux/sched/mm.h: use rcu_dereference in in_vfork() - [powerpc*] 64s: Fix instruction encoding for lis in ppc_function_entry() - binfmt_misc: fix possible deadlock in bm_register_write - [amd64] x86/unwind/orc: Disable KASAN checking in the ORC unwinder, part 2 - hwmon: (lm90) Fix max6658 sporadic wrong temperature reading - [arm64] KVM: Fix exclusive limit for IPA size - xen/events: reset affinity of 2-level event when tearing it down - xen/events: don't unmask an event channel when an eoi is pending - xen/events: avoid handling the same event on two cpus at the same time . [ Salvatore Bonaccorso ] * Bump ABI to 16 * ext4: check journal inode extents more carefully (CVE-2021-3428) * bpf: Prohibit alu ops for pointer types not defining ptr_limit (CVE-2020-27170) * bpf: Fix off-by-one for area size in creating mask to left (CVE-2020-27171) * bpf: Simplify alu_limit masking for pointer arithmetic * bpf: Add sanity check for upper ptr_limit linux-signed-arm64 (4.19.177+1) buster; urgency=medium . * Sign kernel from linux 4.19.177-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.172 - tools: Factor HOSTCC, HOSTLD, HOSTAR definitions - dm integrity: conditionally disable "recalculate" feature - writeback: Drop I_DIRTY_TIME_EXPIRE - fs: fix lazytime expiration handling in __writeback_single_inode() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.173 - nbd: freeze the queue while we're adding connections (CVE-2021-3348) - ACPI: sysfs: Prefer "compatible" modalias - kernel: kexec: remove the lock operation of system_transition_mutex - xen/privcmd: allow fetching resource sizes - ALSA: hda/via: Apply the workaround generically for Clevo machines - media: rc: ensure that uevent can be read directly after rc device register - wext: fix NULL-ptr-dereference with cfg80211's lack of commit() - net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family - PM: hibernate: flush swap writer after marking - [x86] KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in intel_arch_events[] - [x86] KVM: get smi pending status correctly - leds: trigger: fix potential deadlock with libata - mt7601u: fix kernel crash unplugging the device - mt7601u: fix rx buffer refcounting - xen-blkfront: allow discard-* nodes to be optional - [armhf] imx: build suspend-imx6.S with arm instruction set - netfilter: nft_dynset: add timeout extension to template - xfrm: Fix oops in xfrm_replay_advance_bmp - xfrm: fix disable_xfrm sysctl when used on xfrm interfaces - RDMA/cxgb4: Fix the reported max_recv_sge value - pNFS/NFSv4: Fix a layout segment leak in pnfs_layout_process() - iwlwifi: pcie: use jiffies for memory read spin time limit - iwlwifi: pcie: reschedule in long-running memory reads - mac80211: pause TX while changing interface type - net/mlx5: Fix memory leak on flow table creation error flow - can: dev: prevent potential information leak in can_fill_info() - [amd64] iommu/vt-d: Gracefully handle DMAR units with no supported address widths - [amd64] iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not built - rxrpc: Fix memory leak in rxrpc_lookup_local - NFC: fix resource leak when target index is invalid - NFC: fix possible resource leak - team: protect features update by RCU to avoid deadlock - tcp: fix TLP timer not set when CA_STATE changes from DISORDER to OPEN https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.174 - [armhf] net: dsa: bcm_sf2: put device node before return - ACPI: thermal: Do not call acpi_thermal_check() directly - sysctl: handle overflow in proc_get_long - net_sched: gen_estimator: support large ewma log - [x86] platform/x86: intel-vbtn: Support for tablet mode on Dell Inspiron 7352 - [x86] __always_inline __{rd,wr}msr() - scsi: scsi_transport_srp: Don't block target in failfast state - scsi: libfc: Avoid invoking response handler twice if ep is already completed - mac80211: fix fast-rx encryption check - [ppc64el] scsi: ibmvfc: Set default timeout to avoid crash during migration - objtool: Don't fail on missing symbol table - kthread: Extract KTHREAD_IS_PER_CPU - workqueue: Restrict affinity change to rescuer https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.175 - USB: serial: cp210x: add pid/vid for WSDA-200-USB - USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000 - USB: serial: option: Adding support for Cinterion MV31 - Input: i8042 - unbreak Pegatron C15B - rxrpc: Fix deadlock around release of dst cached on udp tunnel - net: lapb: Copy the skb before sending a packet - [arm64,armhf] net: mvpp2: TCAM entry enable should be written after SRAM data - memblock: do not start bottom-up allocations with kernel_end - USB: gadget: legacy: fix an error code in eth_bind() - USB: usblp: don't call usb_set_interface if there's a single alt - [arm*] usb: dwc2: Fix endpoint direction check in ep_from_windex - [arm64,armhf] usb: dwc3: fix clock issue during resume in OTG mode - ovl: fix dentry leak in ovl_get_redirect - mac80211: fix station rate table updates on assoc - kretprobe: Avoid re-registration of the same kretprobe earlier - genirq/msi: Activate Multi-MSI early when MSI_FLAG_ACTIVATE_EARLY is set - xhci: fix bounce buffer usage for non-sg list case - cifs: report error instead of invalid when revalidating a dentry fails - smb3: Fix out-of-bounds bug in SMB2_negotiate() - mmc: core: Limit retries when analyse of SDIO tuples fails - nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs - [x86] KVM: SVM: Treat SVM as unsupported when running as an SEV guest - mm: hugetlbfs: fix cannot migrate the fallocated HugeTLB page - mm: hugetlb: fix a race between freeing and dissolving the page - mm: hugetlb: fix a race between isolating and freeing page - mm: hugetlb: remove VM_BUG_ON_PAGE from page_huge_active - mm: thp: fix MADV_REMOVE deadlock on shmem THP - [x86] build: Disable CET instrumentation in the kernel - [x86] apic: Add extra serialization for non-serializing MSRs - Input: xpad - sync supported devices with fork on GitHub - [amd64] iommu/vt-d: Do not use flush-queue when caching-mode is on - md: Set prev_flush_start and flush_bio in an atomic way - net: ip_tunnel: fix mtu calculation - [arm64,armhf] net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.176 - tracing/kprobe: Fix to support kretprobe events on unloaded modules - block: fix NULL pointer dereference in register_disk - fgraph: Initialize tracing_graph_pause at task creation - af_key: relax availability checks for skb size calculation - regulator: core: avoid regulator_resolve_supply() race condition - pNFS/NFSv4: Try to return invalid layout in pnfs_layout_process() - iwlwifi: pcie: add a NULL check in iwl_pcie_txq_unmap - iwlwifi: pcie: fix context info memory leak - iwlwifi: mvm: guard against device removal in reprobe - SUNRPC: Move simple_get_bytes and simple_get_netobj into private header - SUNRPC: Handle 0 length opaque XDR object data properly - lib/string: Add strscpy_pad() function - include/trace/events/writeback.h: fix -Wstringop-truncation warnings - memcg: fix a crash in wb_workfn when a device disappears - [x86] Fix unsynchronized access to sev members through svm_register_enc_region - block: don't hold q->sysfs_lock in elevator_init_mq - blk-mq: don't hold q->sysfs_lock in blk_mq_map_swqueue - squashfs: add more sanity checks in id lookup - squashfs: add more sanity checks in inode lookup - squashfs: add more sanity checks in xattr id lookup - regulator: core: enable power when setting up constraints - regulator: core: Clean enabling always-on regulators + their supplies - regulator: Fix lockdep warning resolving supplies https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.177 - tracing: Do not count ftrace events in top level enable output - tracing: Check length before giving out the filter buffer - [armhf] xen: Don't probe xenbus as part of an early initcall - [x86] platform/x86: hp-wmi: Disable tablet-mode reporting by default - ovl: perform vfs_getxattr() with mounter creds - cap: fix conversions on getxattr - ovl: skip getxattr of security labels - bfq-iosched: Revert "bfq: Fix computation of shallow depth" - [armel,armhf] ensure the signal page contains defined contents - [armel,armhf] kexec: fix oops after TLB are invalidated - mt76: dma: fix a possible memory leak in mt76_add_fragment() - bpf: Check for integer overflow when using roundup_pow_of_two() - netfilter: xt_recent: Fix attempt to update deleted entry - netfilter: flowtable: fix tcp and udp header checksum update - xen/netback: avoid race in xenvif_rx_ring_slots_available() - [arm64,armhf] net: stmmac: set TxQ mode back to DCB after disabling CBS - netfilter: conntrack: skip identical origin tuple in same zone only - [arm64] net: hns3: add a check for queue_id in hclge_reset_vf_queue() - [arm64] usb: dwc3: ulpi: fix checkpatch warning - [arm64] usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one - net: fix iteration for sctp transport seq_files - net/vmw_vsock: improve locking in vsock_connect_timeout() - net: watchdog: hold device global xmit lock during tx disable - vsock/virtio: update credit only if socket is not closed - vsock: fix locking in vsock_shutdown() - net/rds: restrict iovecs length for RDS_CMSG_RDMA_ARGS - ovl: expand warning in ovl_d_real() - [x86] KVM: SEV: fix double locking due to incorrect backport - [x86] Xen/x86: don't bail early from clear_foreign_p2m_mapping() (CVE-2021-26932) - [x86] Xen/x86: also check kernel mapping in set_foreign_p2m_mapping() (CVE-2021-26932) - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages() (CVE-2021-26932) - Xen/gntdev: correct error checking in gntdev_map_grant_pages() (CVE-2021-26932) - [armhf] xen/arm: don't ignore return errors from set_phys_to_machine (CVE-2021-26932) - xen-blkback: don't "handle" error by BUG() (CVE-2021-26931) - xen-netback: don't "handle" error by BUG() (CVE-2021-26931) - xen-scsiback: don't "handle" error by BUG() (CVE-2021-26931) - xen-blkback: fix error handling in xen_blkbk_map() (CVE-2021-26930) - scsi: qla2xxx: Fix crash during driver load on big endian machines - kvm: check tlbs_dirty directly . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.173-rt72 * certs: Rotate to use the "Debian Secure Boot Signer 2021 - linux" certificate * Bump ABI to 15 linux-signed-i386 (4.19.181+1) buster; urgency=medium . * Sign kernel from linux 4.19.181-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.178 - HID: make arrays usage and value to be the same - USB: quirks: sort quirk entries - usb: quirks: add quirk to start video capture on ELMO L-12F document camera reliable - block: add helper for checking if queue is registered - block: split .sysfs_lock into two locks - block: fix race between switching elevator and removing queues - block: don't release queue's sysfs lock during switching elevator - NET: usb: qmi_wwan: Adding support for Cinterion MV31 - cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath. - jump_label/lockdep: Assert we hold the hotplug lock for _cpuslocked() operations - locking/static_key: Fix false positive warnings on concurrent dec/inc - vmlinux.lds.h: add DWARF v5 sections - [arm64] PCI: qcom: Use PHY_REFCLK_USE_PAD only for ipq8064 - bfq: Avoid false bfq queue merging - ALSA: usb-audio: Fix PCM buffer allocation in non-vmalloc mode - [mips*] vmlinux.lds.S: add missing PAGE_ALIGNED_DATA() section - random: fix the RNDRESEEDCRNG ioctl - [arm64] Bluetooth: btqcomsmd: Fix a resource leak in error handling paths in the probe function - Bluetooth: Fix initializing response id after clearing struct - [armhf] dts: exynos: correct PMIC interrupt trigger level on Spring - [armhf] dts: exynos: correct PMIC interrupt trigger level on Arndale Octa - bpf: Avoid warning when re-casting __bpf_call_base into __bpf_call_base_args - [arm64] dts: allwinner: A64: properly connect USB PHY to port 0 - [arm64] dts: allwinner: A64: Limit MMC2 bus frequency to 150 MHz - ACPICA: Fix exception code class checks - usb: gadget: u_audio: Free requests only after callback - Bluetooth: drop HCI device reference before return - Bluetooth: Put HCI device if inquiry procedure interrupts - [arm*] usb: dwc2: Do not update data length if it is 0 on inbound transfers - [arm*] usb: dwc2: Abort transaction after errors with unknown reason - [arm*] usb: dwc2: Make "trimming xfer length" a debug message - staging: rtl8723bs: wifi_regd.c: Fix incorrect number of regulatory rules - [armhf] dts: armada388-helios4: assign pinctrl to LEDs - [armhf] dts: armada388-helios4: assign pinctrl to each fan - bpf_lru_list: Read double-checked variable once without lock - bnxt_en: reverse order of TX disable and carrier off - xen/netback: fix spurious event detection for common event case - mac80211: fix potential overflow when multiplying to u32 integers - bpf: Fix bpf_fib_lookup helper MTU check for SKB ctx - tcp: fix SO_RCVLOWAT related hangs under mem pressure - cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in cxgb4 and ulds - b43: N-PHY: Fix the update of coef for the PHY revision >= 3case - [amd64,arm64] net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout - [amd64,arm64] net: amd-xgbe: Fix NETDEV WATCHDOG transmit queue timeout warning - [amd64,arm64] net: amd-xgbe: Reset link when the link never comes back - [amd64,arm64] net: amd-xgbe: Fix network fluctuations when using 1G BELFUSE SFP - [arm64,armhf] net: mvneta: Remove per-cpu queue mapping for Armada 3700 - [x86] drm/gma500: Fix error return code in psb_driver_load() - [x86] gma500: clean up error handling in init - [armhf] crypto: sun4i-ss - fix kmap usage - [mips*] c-r4k: Fix section mismatch for loongson2_sc_init - media: em28xx: Fix use-after-free in em28xx_alloc_urbs - media: media/pci: Fix memleak in empress_init - [x86] media: tm6000: Fix memleak in tm6000_start_stream - media: lmedm04: Fix misuse of comma - media: qm1d1c0042: fix error return code in qm1d1c0042_init() - media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values - f2fs: fix to avoid inconsistent quota data - drm/amdgpu: Prevent shift wrapping in amdgpu_read_mask() - [x86] Drivers: hv: vmbus: Avoid use-after-free in vmbus_onoffer_rescind() - btrfs: clarify error returns values in __load_free_space_cache - crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key() - fs/jfs: fix potential integer overflow on shift of a int - jffs2: fix use after free in jffs2_sum_write_data() - capabilities: Don't allow writing ambiguous v3 file capabilities - [arm64,armhf] clk: meson: clk-pll: fix initializing the old rate (fallback) for a PLL - quota: Fix memory leak when handling corrupted quota file - [arm64] clk: sunxi-ng: h6: Fix CEC clock - HID: core: detect and skip invalid inputs to snto32() - fdt: Properly handle "no-map" field in the memory region - of/fdt: Make sure no-map does not remove already reserved regions - RDMA/mlx5: Use the correct obj_id upon DEVX TIR creation - [arm64] clk: sunxi-ng: h6: Fix clock divider range on some clocks - [arm64,armhf] regulator: axp20x: Fix reference cout leak - certs: Fix blacklist flag type confusion - [armhf] regulator: s5m8767: Drop regulators OF node reference - isofs: release buffer head before return - IB/umad: Return EIO in case of when device disassociated - IB/umad: Return EPOLLERR in case of when device disassociated - [ppc64el] KVM: Make the VMX instruction emulation routines static - [armel,armhf] 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores - [arm*] amba: Fix resource leak for drivers without .remove - tracepoint: Do not fail unregistering a probe due to memory failure - perf tools: Fix DSO filtering when not finding a map for a sampled address - RDMA/rxe: Fix coding error in rxe_recv.c - RDMA/rxe: Correct skb on loopback path - [powerpc*] pseries/dlpar: handle ibm, configure-connector delay status - [amd64] spi: pxa2xx: Fix the controller numbering for Wildcat Point - Input: sur40 - fix an error code in sur40_probe() - perf intel-pt: Fix missing CYC processing in PSB - Input: elo - fix an error code in elo_connect() - [arm64,armhf] pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare() - [x86] VMCI: Use set_page_dirty_lock() when unregistering guest memory - PCI: Align checking of syscall user config accessors - [arm64] drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY) - ext4: fix potential htree index checksum corruption - i40e: Fix flow for IPv6 next header (extension header) - i40e: Add zero-initialization of AQ command structures - i40e: Fix overwriting flow control settings during driver loading - i40e: Fix VFs not created - i40e: Fix add TC filter for IPv6 - net/mlx4_core: Add missed mlx4_free_cmd_mailbox() - vxlan: move debug check after netdev unregister - ocfs2: fix a use after free on error - mm/memory.c: fix potential pte_unmap_unlock pte error - mm/hugetlb: fix potential double free in hugetlb_register_node() error path - r8169: fix jumbo packet handling on RTL8168e - [arm64] Add missing ISB after invalidating TLB in __primary_switch - mm/rmap: fix potential pte_unmap on an not mapped pte - blk-settings: align max_sectors on "logical_block_size" boundary - ACPI: property: Fix fwnode string properties matching - HID: wacom: Ignore attempts to overwrite the touch_max value from HID - Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox Series X|S - Input: joydev - prevent potential read overflow in ioctl - USB: serial: option: update interface mapping for ZTE P685M - [arm64,armhf] usb: musb: Fix runtime PM race in musb_queue_resume_work - [arm64,armhf] usb: dwc3: gadget: Fix setting of DEPCFG.bInterval_m1 - [arm64,armhf] usb: dwc3: gadget: Fix dep->interval for fullspeed interrupt - USB: serial: ftdi_sio: fix FTX sub-integer prescaler - USB: serial: mos7840: fix error code in mos7840_write() - USB: serial: mos7720: fix error code in mos7720_write() - ALSA: hda/realtek: modify EAPD in the ALC886 - tpm_tis: Fix check_locality for correct locality acquisition - tpm_tis: Clean up locality release - KEYS: trusted: Fix migratable=1 failing - btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root - btrfs: fix reloc root leak with 0 ref reloc roots on recovery - btrfs: fix extent buffer leak on failure to copy root - [arm64] crypto: arm64/sha - add missing module aliases - [armhf] crypto: sun4i-ss - checking sg length is not sufficient - [armhf] crypto: sun4i-ss - handle BigEndian for cipher - seccomp: Add missing return in non-void function - misc: rtsx: init of rts522a add OCP power off when no card is present - [x86] drivers/misc/vmw_vmci: restrict too big queue size in qp_host_alloc_queue - staging: rtl8188eu: Add Edimax EW-7811UN V2 to device table - [x86] reboot: Force all cpus to exit VMX root if VMX is supported - floppy: reintroduce O_NDELAY fix - [arm64] uprobe: Return EOPNOTSUPP for AARCH32 instruction probing - [x86] watchdog: mei_wdt: request stop on unregister - [arm64] mtd: spi-nor: hisi-sfc: Put child node np on error path - fs/affs: release old buffer head on error path - seq_file: document how per-entry resources are managed. - [x86] fix seq_file iteration for pat/memtype.c - hugetlb: fix copy_huge_page_from_user contig page struct assumption - libnvdimm/dimm: Avoid race between probe and available_slots_show() - [arm64] Extend workaround for erratum 1024718 to all versions of Cortex-A55 - module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols - [armhf] mmc: sdhci-esdhc-imx: fix kernel panic when remove module - [armhf] gpio: pcf857x: Fix missing first interrupt - printk: fix deadlock when kernel panic - [x86] cpufreq: intel_pstate: Get per-CPU max freq via MSR_HWP_CAPABILITIES if available - f2fs: fix out-of-repair __setattr_copy() - gfs2: Don't skip dlm unlock if glock has an lvb - dm: fix deadlock when swapping to encrypted device - dm era: Recover committed writeset after crash - dm era: Verify the data block size hasn't changed - dm era: Fix bitset memory leaks - dm era: Use correct value size in equality function of writeset tree - dm era: Reinitialize bitset cache before digesting a new writeset - dm era: only resize metadata in preresume - icmp: introduce helper for nat'd source address in network device context - icmp: allow icmpv6_ndo_send to work with CONFIG_IPV6=n - gtp: use icmp_ndo_send helper - xfrm: interface: use icmp_ndo_send helper - ipv6: icmp6: avoid indirect call for icmpv6_send() - ipv6: silence compilation warning for non-IPV6 builds - net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending - dm era: Update in-core bitset after committing the metadata https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.179 - net: usb: qmi_wwan: support ZTE P685M modem - hugetlb: fix update_and_free_page contig page struct assumption - drm/virtio: use kvmalloc for large allocations - [s390x] virtio/s390: implement virtio-ccw revision 2 correctly - [arm64] module: set plt* section addresses to 0x0 - [arm64] Avoid redundant type conversions in xchg() and cmpxchg() - [arm64] cmpxchg: Use "K" instead of "L" for ll/sc immediate constraint - [arm64] Use correct ll/sc atomic constraints - JFS: more checks for invalid superblock - udlfb: Fix memory leak in dlfb_usb_probe - media: mceusb: sanity check for prescaler value - xfs: Fix assert failure in xfs_setattr_size() - net: fix up truesize of cloned skb in skb_prepare_for_shift() - mm/hugetlb.c: fix unnecessary address expansion of pmd sharing - net: bridge: use switchdev for port flags set through sysfs too - dt-bindings: net: btusb: DT fix s/interrupt-name/interrupt-names/ - rsi: Fix TX EAPOL packet handling against iwlwifi AP - rsi: Move card interrupt handling to RX thread - [x86] reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk - vt/consolemap: do font sum unsigned - [arm64,armhf] wlcore: Fix command execute failure 19 for wl12xx - Bluetooth: hci_h5: Set HCI_QUIRK_SIMULTANEOUS_DISCOVERY for btrtl - pktgen: fix misuse of BUG_ON() in pktgen_thread_worker() - ath10k: fix wmi mgmt tx queue full due to race condition - [x86] build: Treat R_386_PLT32 relocation as R_386_PC32 - Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data - crypto: tcrypt - avoid signed overflow in byte count - PCI: Add a REBAR size quirk for Sapphire RX 5600 XT Pulse - media: uvcvideo: Allow entities with no pads - f2fs: handle unallocated section and zone on pinned/atgc - f2fs: fix to set/clear I_LINKABLE under i_lock - btrfs: fix error handling in commit_fs_roots - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Estar Beauty HD MID 7316R tablet - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Voyo Winpad A15 tablet - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Acer One S1002 tablet - scsi: iscsi: Restrict sessions and handles to admin capabilities (CVE-2021-27363, CVE-2021-27364) - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (CVE-2021-27365) - scsi: iscsi: Verify lengths on passthrough PDUs (CVE-2021-27365) - Xen/gnttab: handle p2m update errors on a per-slot basis (CVE-2021-28038) - xen-netback: respect gnttab_map_refs()'s return value (CVE-2021-28038) - zsmalloc: account the number of compacted pages correctly - swap: fix swapfile read/write offset - media: v4l: ioctl: Fix memory leak in video_usercopy - ALSA: hda/realtek: Add quirk for Clevo NH55RZQ - ALSA: hda/realtek: Apply dual codec quirks for MSI Godlike X570 board https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.180 - btrfs: raid56: simplify tracking of Q stripe presence - btrfs: fix raid6 qstripe kmap - btrfs: validate qgroup inherit for SNAP_CREATE_V2 ioctl - btrfs: free correct amount of space in btrfs_delayed_inode_reserve_metadata - btrfs: unlock extents in btrfs_zero_range in case of quota reservation errors - PM: runtime: Update device status before letting suppliers suspend - dm bufio: subtract the number of initial sectors in dm_bufio_get_device_size - drm/amdgpu: fix parameter error of RREG32_PCIE() in amdgpu_regs_pcie - usbip: tools: fix build error for multiple definition - Revert "zram: close udev startup race condition as default groups" - block: genhd: add 'groups' argument to device_add_disk - nvme: register ns_id attributes as default sysfs groups - aoe: register default groups with device_add_disk() - zram: register default groups with device_add_disk() - virtio-blk: modernize sysfs attribute creation - ALSA: ctxfi: cthw20k2: fix mask on conf to allow 4 bits - rsxx: Return -EFAULT if copy_to_user() fails - r8169: fix resuming from suspend on RTL8105e if machine runs on battery - [arm64,armhf] net: dsa: add GRO support via gro_cells - dm table: fix iterate_devices based device capability checks - dm table: fix DAX iterate_devices based device capability checks - dm table: fix zoned iterate_devices based device capability checks - [amd64] iommu/amd: Fix sleeping in atomic in increase_address_space() - mwifiex: pcie: skip cancel_work_sync() on reset failure path - [x86] platform/x86: acer-wmi: Cleanup ACER_CAP_FOO defines - [x86] platform/x86: acer-wmi: Cleanup accelerometer device handling - [x86] platform/x86: acer-wmi: Add new force_caps module parameter - [x86] platform/x86: acer-wmi: Add ACER_CAP_SET_FUNCTION_MODE capability flag - [x86] platform/x86: acer-wmi: Add support for SW_TABLET_MODE on Switch devices - [x86] platform/x86: acer-wmi: Add ACER_CAP_KBD_DOCK quirk for the Aspire Switch 10E SW3-016 - HID: mf: add support for 0079:1846 Mayflash/Dragonrise USB Gamecube Adapter - media: cx23885: add more quirks for reset DMA on some AMD IOMMU - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for ARCHOS Cesium 140 - PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller - misc: eeprom_93xx46: Add quirk to support Microchip 93LC46B eeprom - [arm64] drm/msm/a5xx: Remove overwriting A5XX_PC_DBG_ECO_CNTL register https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.181 - uapi: nfnetlink_cthelper.h: fix userspace compilation error - ethernet: alx: fix order of calls on resume (Closes: #983595) - ath9k: fix transmitting to stations in dynamic SMPS mode - net: Fix gro aggregation for udp encaps with zero csum - net: Introduce parse_protocol header_ops callback - can: skb: can_skb_set_owner(): fix ref counting if socket was closed before setting skb ownership - [armhf] can: flexcan: assert FRZ bit in flexcan_chip_freeze() - [armhf] can: flexcan: enable RX FIFO after FRZ/HALT valid - netfilter: x_tables: gpf inside xt_find_revision() - mt76: dma: do not report truncated frames to mac80211 - tcp: annotate tp->copied_seq lockless reads - tcp: annotate tp->write_seq lockless reads - tcp: add sanity tests to TCP_QUEUE_SEQ - cifs: return proper error code in statfs(2) - scripts/recordmcount.{c,pl}: support -ffunction-sections .text.* section names - Revert "mm, slub: consider rest of partial list if acquire_slab() fails" - net: check if protocol extracted by virtio_net_hdr_set_proto is correct - net: avoid infinite loop in mpls_gso_segment when mpls_hlen == 0 - net/mlx4_en: update moderation when config reset - [arm64,armhf] net: stmmac: fix incorrect DMA channel intr enable setting of EQoS v4.10 - net: sched: avoid duplicates in classes dump - net: usb: qmi_wwan: allow qmimux add/del with master up - [arm64,armhf] net: stmmac: stop each tx channel independently - [arm64,armhf] net: stmmac: fix watchdog timeout during suspend/resume stress test - drm/compat: Clear bounce structures - [arm64] drm: meson_drv add shutdown function - media: usbtv: Fix deadlock on suspend - net: phy: fix save wrong speed and duplex problem if autoneg is on - udf: fix silent AED tagLocation corruption - [powerpc*] pci: Add ppc_md.discover_phbs() - [powerpc*] improve handling of unrecoverable system reset - [powerpc*] perf: Record counter overflow always if SAMPLE_IP is unset - [arm64] PCI: xgene-msi: Fix race in installing chained irq handler - PCI: Fix pci_register_io_range() memory leak - i40e: Fix memory leak in i40e_probe - [s390x] smp: __smp_rescan_cpus() - move cpumask away from stack - scsi: libiscsi: Fix iscsi_prep_scsi_cmd_pdu() error handling - scsi: target: core: Add cmd length set before cmd complete - scsi: target: core: Prevent underflow for service actions - ALSA: usb: Add Plantronics C320-M USB ctrl msg delay quirk - ALSA: hda/hdmi: Cancel pending works before suspend - ALSA: hda: Drop the BATCH workaround for AMD controllers - ALSA: hda: Avoid spurious unsol event handling during S3/S4 - ALSA: usb-audio: Fix "cannot get freq eq" errors on Dell AE515 sound bar - ALSA: usb-audio: Apply the control quirk to Plantronics headsets - Revert 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file capabilities") - [s390x] dasd: fix hanging DASD driver unbind - [s390x] dasd: fix hanging IO request during DASD driver unbind - mmc: core: Fix partition switch time for eMMC - mmc: cqhci: Fix random crash when remove mmc module/card - Goodix Fingerprint device is not a modem - USB: gadget: u_ether: Fix a configfs return code - usb: gadget: f_uac2: always increase endpoint max_packet_size by one audio slot - usb: gadget: f_uac1: stop playback on function disable - [arm64] usb: dwc3: qcom: Honor wakeup enabled/disabled state - USB: usblp: fix a hang in poll() if disconnected - xhci: Improve detection of device initiated wake signal. - usb: xhci: Fix ASMedia ASM1042A and ASM3242 DMA addressing - USB: serial: io_edgeport: fix memory leak in edge_startup - USB: serial: ch341: add new Product ID - USB: serial: cp210x: add ID for Acuity Brands nLight Air Adapter - USB: serial: cp210x: add some more GE USB IDs - usbip: fix stub_dev to check for stream socket - usbip: fix vhci_hcd to check for stream socket - usbip: fix vudc to check for stream socket - usbip: fix stub_dev usbip_sockfd_store() races leading to gpf - usbip: fix vhci_hcd attach_store() races leading to gpf - usbip: fix vudc usbip_sockfd_store races leading to gpf - [x86] staging: rtl8192u: fix ->ssid overflow in r8192_wx_set_scan() - staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() (CVE-2021-28660) - staging: rtl8712: unterminated string leads to read overflow - staging: rtl8188eu: fix potential memory corruption in rtw_check_beacon_data() - staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd - [x86] staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan - [x86] staging: comedi: addi_apci_1032: Fix endian problem for COS sample - [x86] staging: comedi: addi_apci_1500: Fix endian problem for command sample - [x86] staging: comedi: adv_pci1710: Fix endian problem for AI command data - [i386] staging: comedi: das6402: Fix endian problem for AI command data - [i386] staging: comedi: das800: Fix endian problem for AI command data - [i386] staging: comedi: dmm32at: Fix endian problem for AI command data - [x86] staging: comedi: me4000: Fix endian problem for AI command data - [i386] staging: comedi: pcl711: Fix endian problem for AI command data - [i386] staging: comedi: pcl818: Fix endian problem for AI command data - NFSv4.2: fix return value of _nfs4_get_security_label() - block: rsxx: fix error return code of rsxx_pci_probe() - configfs: fix a use-after-free in __configfs_open_file - hrtimer: Update softirq_expires_next correctly after __hrtimer_get_next_event() - stop_machine: mark helpers __always_inline - include/linux/sched/mm.h: use rcu_dereference in in_vfork() - [powerpc*] 64s: Fix instruction encoding for lis in ppc_function_entry() - binfmt_misc: fix possible deadlock in bm_register_write - [amd64] x86/unwind/orc: Disable KASAN checking in the ORC unwinder, part 2 - hwmon: (lm90) Fix max6658 sporadic wrong temperature reading - [arm64] KVM: Fix exclusive limit for IPA size - xen/events: reset affinity of 2-level event when tearing it down - xen/events: don't unmask an event channel when an eoi is pending - xen/events: avoid handling the same event on two cpus at the same time . [ Salvatore Bonaccorso ] * Bump ABI to 16 * ext4: check journal inode extents more carefully (CVE-2021-3428) * bpf: Prohibit alu ops for pointer types not defining ptr_limit (CVE-2020-27170) * bpf: Fix off-by-one for area size in creating mask to left (CVE-2020-27171) * bpf: Simplify alu_limit masking for pointer arithmetic * bpf: Add sanity check for upper ptr_limit linux-signed-i386 (4.19.177+1) buster; urgency=medium . * Sign kernel from linux 4.19.177-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.172 - tools: Factor HOSTCC, HOSTLD, HOSTAR definitions - dm integrity: conditionally disable "recalculate" feature - writeback: Drop I_DIRTY_TIME_EXPIRE - fs: fix lazytime expiration handling in __writeback_single_inode() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.173 - nbd: freeze the queue while we're adding connections (CVE-2021-3348) - ACPI: sysfs: Prefer "compatible" modalias - kernel: kexec: remove the lock operation of system_transition_mutex - xen/privcmd: allow fetching resource sizes - ALSA: hda/via: Apply the workaround generically for Clevo machines - media: rc: ensure that uevent can be read directly after rc device register - wext: fix NULL-ptr-dereference with cfg80211's lack of commit() - net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family - PM: hibernate: flush swap writer after marking - [x86] KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in intel_arch_events[] - [x86] KVM: get smi pending status correctly - leds: trigger: fix potential deadlock with libata - mt7601u: fix kernel crash unplugging the device - mt7601u: fix rx buffer refcounting - xen-blkfront: allow discard-* nodes to be optional - [armhf] imx: build suspend-imx6.S with arm instruction set - netfilter: nft_dynset: add timeout extension to template - xfrm: Fix oops in xfrm_replay_advance_bmp - xfrm: fix disable_xfrm sysctl when used on xfrm interfaces - RDMA/cxgb4: Fix the reported max_recv_sge value - pNFS/NFSv4: Fix a layout segment leak in pnfs_layout_process() - iwlwifi: pcie: use jiffies for memory read spin time limit - iwlwifi: pcie: reschedule in long-running memory reads - mac80211: pause TX while changing interface type - net/mlx5: Fix memory leak on flow table creation error flow - can: dev: prevent potential information leak in can_fill_info() - [amd64] iommu/vt-d: Gracefully handle DMAR units with no supported address widths - [amd64] iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not built - rxrpc: Fix memory leak in rxrpc_lookup_local - NFC: fix resource leak when target index is invalid - NFC: fix possible resource leak - team: protect features update by RCU to avoid deadlock - tcp: fix TLP timer not set when CA_STATE changes from DISORDER to OPEN https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.174 - [armhf] net: dsa: bcm_sf2: put device node before return - ACPI: thermal: Do not call acpi_thermal_check() directly - sysctl: handle overflow in proc_get_long - net_sched: gen_estimator: support large ewma log - [x86] platform/x86: intel-vbtn: Support for tablet mode on Dell Inspiron 7352 - [x86] __always_inline __{rd,wr}msr() - scsi: scsi_transport_srp: Don't block target in failfast state - scsi: libfc: Avoid invoking response handler twice if ep is already completed - mac80211: fix fast-rx encryption check - [ppc64el] scsi: ibmvfc: Set default timeout to avoid crash during migration - objtool: Don't fail on missing symbol table - kthread: Extract KTHREAD_IS_PER_CPU - workqueue: Restrict affinity change to rescuer https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.175 - USB: serial: cp210x: add pid/vid for WSDA-200-USB - USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000 - USB: serial: option: Adding support for Cinterion MV31 - Input: i8042 - unbreak Pegatron C15B - rxrpc: Fix deadlock around release of dst cached on udp tunnel - net: lapb: Copy the skb before sending a packet - [arm64,armhf] net: mvpp2: TCAM entry enable should be written after SRAM data - memblock: do not start bottom-up allocations with kernel_end - USB: gadget: legacy: fix an error code in eth_bind() - USB: usblp: don't call usb_set_interface if there's a single alt - [arm*] usb: dwc2: Fix endpoint direction check in ep_from_windex - [arm64,armhf] usb: dwc3: fix clock issue during resume in OTG mode - ovl: fix dentry leak in ovl_get_redirect - mac80211: fix station rate table updates on assoc - kretprobe: Avoid re-registration of the same kretprobe earlier - genirq/msi: Activate Multi-MSI early when MSI_FLAG_ACTIVATE_EARLY is set - xhci: fix bounce buffer usage for non-sg list case - cifs: report error instead of invalid when revalidating a dentry fails - smb3: Fix out-of-bounds bug in SMB2_negotiate() - mmc: core: Limit retries when analyse of SDIO tuples fails - nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs - [x86] KVM: SVM: Treat SVM as unsupported when running as an SEV guest - mm: hugetlbfs: fix cannot migrate the fallocated HugeTLB page - mm: hugetlb: fix a race between freeing and dissolving the page - mm: hugetlb: fix a race between isolating and freeing page - mm: hugetlb: remove VM_BUG_ON_PAGE from page_huge_active - mm: thp: fix MADV_REMOVE deadlock on shmem THP - [x86] build: Disable CET instrumentation in the kernel - [x86] apic: Add extra serialization for non-serializing MSRs - Input: xpad - sync supported devices with fork on GitHub - [amd64] iommu/vt-d: Do not use flush-queue when caching-mode is on - md: Set prev_flush_start and flush_bio in an atomic way - net: ip_tunnel: fix mtu calculation - [arm64,armhf] net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.176 - tracing/kprobe: Fix to support kretprobe events on unloaded modules - block: fix NULL pointer dereference in register_disk - fgraph: Initialize tracing_graph_pause at task creation - af_key: relax availability checks for skb size calculation - regulator: core: avoid regulator_resolve_supply() race condition - pNFS/NFSv4: Try to return invalid layout in pnfs_layout_process() - iwlwifi: pcie: add a NULL check in iwl_pcie_txq_unmap - iwlwifi: pcie: fix context info memory leak - iwlwifi: mvm: guard against device removal in reprobe - SUNRPC: Move simple_get_bytes and simple_get_netobj into private header - SUNRPC: Handle 0 length opaque XDR object data properly - lib/string: Add strscpy_pad() function - include/trace/events/writeback.h: fix -Wstringop-truncation warnings - memcg: fix a crash in wb_workfn when a device disappears - [x86] Fix unsynchronized access to sev members through svm_register_enc_region - block: don't hold q->sysfs_lock in elevator_init_mq - blk-mq: don't hold q->sysfs_lock in blk_mq_map_swqueue - squashfs: add more sanity checks in id lookup - squashfs: add more sanity checks in inode lookup - squashfs: add more sanity checks in xattr id lookup - regulator: core: enable power when setting up constraints - regulator: core: Clean enabling always-on regulators + their supplies - regulator: Fix lockdep warning resolving supplies https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.177 - tracing: Do not count ftrace events in top level enable output - tracing: Check length before giving out the filter buffer - [armhf] xen: Don't probe xenbus as part of an early initcall - [x86] platform/x86: hp-wmi: Disable tablet-mode reporting by default - ovl: perform vfs_getxattr() with mounter creds - cap: fix conversions on getxattr - ovl: skip getxattr of security labels - bfq-iosched: Revert "bfq: Fix computation of shallow depth" - [armel,armhf] ensure the signal page contains defined contents - [armel,armhf] kexec: fix oops after TLB are invalidated - mt76: dma: fix a possible memory leak in mt76_add_fragment() - bpf: Check for integer overflow when using roundup_pow_of_two() - netfilter: xt_recent: Fix attempt to update deleted entry - netfilter: flowtable: fix tcp and udp header checksum update - xen/netback: avoid race in xenvif_rx_ring_slots_available() - [arm64,armhf] net: stmmac: set TxQ mode back to DCB after disabling CBS - netfilter: conntrack: skip identical origin tuple in same zone only - [arm64] net: hns3: add a check for queue_id in hclge_reset_vf_queue() - [arm64] usb: dwc3: ulpi: fix checkpatch warning - [arm64] usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one - net: fix iteration for sctp transport seq_files - net/vmw_vsock: improve locking in vsock_connect_timeout() - net: watchdog: hold device global xmit lock during tx disable - vsock/virtio: update credit only if socket is not closed - vsock: fix locking in vsock_shutdown() - net/rds: restrict iovecs length for RDS_CMSG_RDMA_ARGS - ovl: expand warning in ovl_d_real() - [x86] KVM: SEV: fix double locking due to incorrect backport - [x86] Xen/x86: don't bail early from clear_foreign_p2m_mapping() (CVE-2021-26932) - [x86] Xen/x86: also check kernel mapping in set_foreign_p2m_mapping() (CVE-2021-26932) - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages() (CVE-2021-26932) - Xen/gntdev: correct error checking in gntdev_map_grant_pages() (CVE-2021-26932) - [armhf] xen/arm: don't ignore return errors from set_phys_to_machine (CVE-2021-26932) - xen-blkback: don't "handle" error by BUG() (CVE-2021-26931) - xen-netback: don't "handle" error by BUG() (CVE-2021-26931) - xen-scsiback: don't "handle" error by BUG() (CVE-2021-26931) - xen-blkback: fix error handling in xen_blkbk_map() (CVE-2021-26930) - scsi: qla2xxx: Fix crash during driver load on big endian machines - kvm: check tlbs_dirty directly . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.173-rt72 * certs: Rotate to use the "Debian Secure Boot Signer 2021 - linux" certificate * Bump ABI to 15 lirc (0.10.1-6.3~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster. . lirc (0.10.1-6.3) unstable; urgency=medium . * Non-maintainer upload. * d/lirc.preinst: Normalize embedded ${DEB_HOST_MULTIARCH} value in /etc/lirc/lirc_options.conf to find unmodified configuration files on all architectures. * Recommend gir1.2-vte-2.91 instead of non-existant gir1.2-vte. (Closes: #983581) lirc (0.10.1-6.2) unstable; urgency=medium . * Non-maintainer upload. * Revert "Revert "Do not install conffiles in a dummy location"" (0.10.1-5.2). (Closes: #932779, #851618) * d/lirc.maintscript: rm_conffile /etc/lirc/*.dist because they are most likely unmodified, don't mv_conffile them to =~ s/\.dist// to avoid clashes with existing and possibly modified configuration files. * d/lirc.preinst: Remove unmodified configuration files that are unknown to dpkg to avoid prompting when replacing them with conffiles. m2crypto (0.31.0-4+deb10u2) buster; urgency=medium . * Non-maintainer upload. * debian/patches/MR262.patch - fix test failure with recent openssl; Closes: #983013 * debian/rules - skip test_ssl.py during tests, more than 50% of its tests fail on an IPv6-only machine; Closes: #979865 nodejs (10.24.0~dfsg-1~deb10u1) buster-security; urgency=medium . * New upstream version 10.24.0~dfsg Fixed vulnerabilities: + CVE-2021-22883: HTTP2 'unknownProtocol' cause DoS by resource exhaustion + CVE-2021-22884: localhost6 DNS rebinding in --inspect nodejs (10.23.1~dfsg-1~deb10u1) buster-security; urgency=medium . * New upstream version 10.23.1~dfsg. Closes: #979364. Fixed vulnerabilities: + CVE-2020-8265: use-after-free in TLSWrap (High) + CVE-2020-8287: HTTP Request Smuggling (Low) . nodejs (10.22.1~dfsg-1~deb10u1) buster-security; urgency=medium . * New upstream version 10.22.1~dfsg Vulnerabilities fixed: + CVE-2020-8252 fs.realpath.native on may cause buffer overflow (Medium) nodejs (10.21.0~dfsg-1) unstable; urgency=medium . * New upstream version 10.21.0~dfsg. Closes: #962145. * Security fixes: + CVE-2020-11080 + CVE-2020-8172 + CVE-2020-8174 * Build-Depend nghttp2 >= 1.41.0 openafs (1.8.2-1+deb10u1) buster; urgency=high . * Pull in upstream patches to fix outgoing connections after unix epoch time 0x60000000 (Closes: #980115, #980116) openldap (2.4.47+dfsg-3+deb10u6) buster-security; urgency=high . * Fix slapd assertion failure in Certificate List Exact Assertion validation (ITS#9454) (CVE-2021-27212) openldap (2.4.47+dfsg-3+deb10u5) buster-security; urgency=high . * Fix slapd crashes in Certificate Exact Assertion processing (ITS#9404, ITS#9424) (CVE-2020-36221) * Fix slapd assertion failures in saslAuthzTo validation (ITS#9406, ITS#9407) (CVE-2020-36222) * Fix slapd crash in Values Return Filter control handling (ITS#9408) (CVE-2020-36223) * Fix slapd crashes in saslAuthzTo processing (ITS#9409, ITS#9412, ITS#9413) (CVE-2020-36224, CVE-2020-36225, CVE-2020-36226) * Fix slapd assertion failure in X.509 DN parsing (ITS#9423) (CVE-2020-36230) * Fix slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229) * Fix slapd crash in Certificate List Exact Assertion processing (ITS#9427) (CVE-2020-36228) * Fix slapd infinite loop with Cancel operation (ITS#9428) (CVE-2020-36227) openssl (1.1.1d-0+deb10u5) buster-security; urgency=medium . * CVE-2021-23841 (NULL pointer deref in X509_issuer_and_serial_hash()). * CVE-2021-23840 (Possible overflow of the output length argument in EVP_CipherUpdate(), EVP_EncryptUpdate() and EVP_DecryptUpdate()). * CVE-2019-1551 (Overflow in the x64_64 Montgomery squaring procedure), (Closes: #947949). php7.3 (7.3.27-1~deb10u1) buster-security; urgency=medium . [ Ondřej Surý ] * New upstream version 7.3.27 + Fixed bug #80672 (Null Dereference in SoapClient). (CVE-2021-21702) * New upstream version 7.3.26 + Fixed bug #77423 (FILTER_VALIDATE_URL accepts URLs with invalid userinfo). (CVE-2020-7071) * New upstream version 7.3.23 + Fixed bug #79699 (PHP parses encoded cookie names so malicious `__Host-` cookies can be sent). (CVE-2020-7070) + Fixed bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV). (CVE-2020-7069) * New upstream version 7.3.21 + Fixed bug #79797 (Use of freed hash key in the phar_parse_zipfile function). (CVE-2020-7068) * Disable the MySQL extension testing as it's too complicated and prone to breakages * In phpize, copy the foreign files from their respective packages (libtool, pkg-config, shtool, pkg.m4) instead of having a built-time copy in the package . [ Pino Toscano ] * Disable AppArmor support on non-Linux archs (Closes: #951857) * Enable systemd integration only on Linux archs (Closes: #951834) portaudio19 (19.6.0-1+deb10u1) buster; urgency=medium . * Apply crash fix patch (Closes: #944509) . ACKed in #982669 postgresql-11 (11.11-0+deb10u1) buster; urgency=medium . * New upstream version. . + Fix information leakage in constraint-violation error messages (Heikki Linnakangas) . If an UPDATE command attempts to move a row to a different partition but finds that it violates some constraint on the new partition, and the columns in that partition are in different physical positions than in the parent table, the error message could reveal the contents of columns that the user does not have SELECT privilege on. (CVE-2021-3393) . + Fix CREATE INDEX CONCURRENTLY to wait for concurrent prepared transactions (Andrey Borodin) . At the point where CREATE INDEX CONCURRENTLY waits for all concurrent transactions to complete so that it can see rows they inserted, it must also wait for all prepared transactions to complete, for the same reason. Its failure to do so meant that rows inserted by prepared transactions might be omitted from the new index, causing queries relying on the index to miss such rows. In installations that have enabled prepared transactions (max_prepared_transactions > 0), it's recommended to reindex any concurrently-built indexes in case this problem occurred when they were built. privoxy (3.0.28-2+deb10u1) buster; urgency=medium . * 38_CVE-2021-20217: Prevent an assertion by a crafted CGI request (CVE-2021-20217). * 39_decompress_iob: Fix detection of insufficient data. * 40_CVE-2021-20216: Fix a memory leak (CVE-2021-20216). * 41_CVE-2020-35502: Fixed memory leaks when a response is buffered and the buffer limit is reached or Privoxy is running out of memory (CVE-2020-35502). * 42_CVE-2021-20209: Fixed a memory leak in the show-status CGI handler when no action files are configured (CVE-2021-20209). * 43_CVE-2021-20210: Fixed a memory leak in the show-status CGI handler when no filter files are configured (CVE-2021-20210). * 44_CVE-2021-20211: Fixes a memory leak when client tags are active (CVE-2021-20211). * 45_CVE-2021-20212: Fixed a memory leak if multiple filters are executed and the last one is skipped due to a pcre error (CVE-2021-20212). * 46_CVE-2021-20213: Prevent an unlikely dereference of a NULL-pointer that could result in a crash if accept-intercepted-requests was enabled, Privoxy failed to get the request destination from the Host header and a memory allocation failed (CVE-2021-20213). * 47_CVE-2021-20214: Fixed memory leaks in the client-tags CGI handler when client tags are configured and memory allocations fail (CVE-2021-20214). * 48_CVE-2021-20215: Fixed memory leaks in the show-status CGI handler when memory allocations fail (CVE-2021-20215). * 49_CVE-2021-20272: ssplit(): Remove an assertion that could be triggered with a crafted CGI request (CVE-2021-20272). * 50_CVE-2021-20273: cgi_send_banner(): Overrule invalid image types. Prevents a crash with a crafted CGI request if Privoxy is toggled off (CVE-2021-20273). * 51_CVE-2021-20275: chunked_body_is_complete(): Prevent invalid read of size two (CVE-2021-20275). * 52_CVE-2021-20276: Obsolete pcre: Prevent invalid memory accesses (CVE-2021-20276). pygments (2.3.1+dfsg-1+deb10u1) buster-security; urgency=medium . * Non-maintainer upload. * CVE-2021-20270: infinite loop in the SML lexer. python-aiohttp (3.5.1-1+deb10u1) buster-security; urgency=medium . * Team upload. * CVE-2021-21330: Prevent open redirect in aiohttp.web.normalize_path_middleware. python3.7 (3.7.3-2+deb10u3) buster; urgency=medium . * CVE-2020-26116 * CVE-2021-3177 redis (5:5.0.3-4+deb10u3) buster; urgency=medium . * CVE-2021-21309: Fix a series of integer overflow issues on 32-bit systems. (Closes: #983446) ruby-mechanize (2.7.6-1+deb10u1) buster; urgency=medium . * Team upload for buster-pu. * Add patch to prevent OS command injection. (Fixes: CVE-2021-21289) screen (4.6.2-3+deb10u1) buster-security; urgency=high . * [CVE-2021-26937] Fix invalid write access and application crash or possibly unspecified other impact via a crafted UTF-8 character sequence. (Closes: #982435) shibboleth-sp (3.0.4+dfsg1-1+deb10u1) buster-security; urgency=high . * [594074b] New patch: SSPCPP-922 - Add externalParameters option to Errors element. Fix a phishing vulnerability: Template generation allows external parameters to override placeholders The primitive template engine used to render error pages allows replacement via query parameters also, though this is not a typical need. Because of this feature, it's possible to cause the SP to display some templates containing values supplied externally by URL manipulation. Though the values are encoded to prevent script injection, the content nevertheless appears to come from the server and so would be interpreted as trustworthy, allowing email addresses, logos, or support URLs to be manipulated by an attacker. This update adds a new <Errors> setting to the configuration called externalParameters, which defaults to false. When false, support for this "feature" is disabled. https://shibboleth.net/community/advisories/secadv_20210317.txt https://issues.shibboleth.net/jira/browse/SSPCPP-922 Thanks to Scott Cantor (Closes: #985405) shibboleth-sp (3.0.4+dfsg1-1+deb10u1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. spip (3.2.4-1+deb10u4) buster-security; urgency=high . * Document CVE IDs in previous changelog entries * Backport security fixes from 3.2.9 - PHP injections, XSS and secrets stored in session file subversion (1.10.4-1+deb10u2) buster-security; urgency=high . * Backport security fixes from upstream: + CVE-2020-17525: Remote unauthenticated denial-of-service in Subversion mod_authz_svn (Closes: #982464) systemd (241-7~deb10u7) buster; urgency=medium . * core: make sure to restore the control command id, too. Fixes a segfault in systemd that can be triggered when both daemon-reload and a service restart happen concurrently. (Closes: #984495) * seccomp: allow turning off of seccomp filtering via env var. Since glibc 2.33 faccessat() is implemented via faccessat2(), which is breaking running containers that use such a version of glibc under systemd-nspawn in Buster. Turning off seccomp filtering via the SYSTEMD_SECCOMP env var makes it possible to run such new containers. (Closes: #984573) tiff (4.1.0+git191117-2~deb10u2) buster-security; urgency=medium . * CVE-2020-35523 / CVE-2020-35524 tor (0.3.5.14-1) buster-security; urgency=high . * New upstream version, fixes two security issues: - Disable the dump_desc() function. (TROVE-2021-001 and CVE-2021-28089). - Fix a bug in appending detached signatures. (TROVE-2021-002 and CVE-2021-28090) uim (1:1.8.8-4+deb10u4) buster; urgency=medium . * Non-maintainer upload. * libuim-data: Perform symlink_to_dir conversion of /usr/share/doc/libuim-data in the resurrected package for clean upgrades from stretch. (Closes: #985352) webkit2gtk (2.30.5-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. + Switch build dependencies on libgl-dev and libgles-dev with libgl1-mesa-dev and libgles2-mesa-dev. webkit2gtk (2.30.4-1) unstable; urgency=high . * New upstream release. * The WebKitGTK security advisory WSA-2020-0008 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2020-9952 (fixed in 2.28.3). + CVE-2020-9948, CVE-2020-9951 (fixed in 2.30.0). + CVE-2020-9983, CVE-2020-13584 (fixed in 2.30.3). xcftools (1.0.7-6+deb10u1) buster; urgency=medium . * Non-maintainer upload by the LTS team. * Fix CVE-2019-5086 and CVE-2019-5087: An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools. An integer overflow can occur while walking through tiles that could be exploited to corrupt memory and execute arbitrary code. In order to trigger this vulnerability, a victim would need to open a specially crafted XCF file. xterm (344-1+deb10u1) buster; urgency=medium . * Apply upstream fix from xterm 366 for CVE-2021-27135. - Correct upper-limit for selection buffer, accounting for combining characters (Closes: #982439). ======================================= Sat, 06 Feb 2021 - Debian 10.8 released ======================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:27:32 -0000] [ftpmaster: Mark Hymers] Removed the following packages from stable: linux-headers-4.19.0-11-all-amd64 | 4.19.146-1 | amd64 linux-headers-4.19.0-11-amd64 | 4.19.146-1 | amd64 linux-headers-4.19.0-11-cloud-amd64 | 4.19.146-1 | amd64 linux-headers-4.19.0-11-rt-amd64 | 4.19.146-1 | amd64 linux-image-4.19.0-11-amd64-dbg | 4.19.146-1 | amd64 linux-image-4.19.0-11-amd64-unsigned | 4.19.146-1 | amd64 linux-image-4.19.0-11-cloud-amd64-dbg | 4.19.146-1 | amd64 linux-image-4.19.0-11-cloud-amd64-unsigned | 4.19.146-1 | amd64 linux-image-4.19.0-11-rt-amd64-dbg | 4.19.146-1 | amd64 linux-image-4.19.0-11-rt-amd64-unsigned | 4.19.146-1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:31:37 -0000] [ftpmaster: Mark Hymers] Removed the following packages from stable: ata-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el btrfs-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el cdrom-core-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el compress-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el crc-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el crypto-dm-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el crypto-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el event-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el ext4-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el fancontrol-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el fat-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el fb-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el firewire-core-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el fuse-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el hypervisor-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el i2c-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el input-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el isofs-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el jfs-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el kernel-image-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el linux-headers-4.19.0-11-all-ppc64el | 4.19.146-1 | ppc64el linux-headers-4.19.0-11-powerpc64le | 4.19.146-1 | ppc64el linux-image-4.19.0-11-powerpc64le | 4.19.146-1 | ppc64el linux-image-4.19.0-11-powerpc64le-dbg | 4.19.146-1 | ppc64el loop-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el md-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el mouse-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el mtd-core-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el multipath-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el nbd-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el nic-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el nic-shared-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el nic-usb-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el nic-wireless-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el ppp-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el sata-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el scsi-core-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el scsi-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el scsi-nic-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el serial-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el squashfs-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el udf-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el uinput-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el usb-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el usb-serial-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el usb-storage-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el xfs-modules-4.19.0-11-powerpc64le-di | 4.19.146-1 | ppc64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:32:07 -0000] [ftpmaster: Mark Hymers] Removed the following packages from stable: btrfs-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x cdrom-core-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x compress-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x crc-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x crypto-dm-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x crypto-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x dasd-extra-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x dasd-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x ext4-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x fat-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x fuse-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x isofs-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x kernel-image-4.19.0-11-s390x-di | 4.19.146-1 | s390x linux-headers-4.19.0-11-all-s390x | 4.19.146-1 | s390x linux-headers-4.19.0-11-s390x | 4.19.146-1 | s390x linux-image-4.19.0-11-s390x | 4.19.146-1 | s390x linux-image-4.19.0-11-s390x-dbg | 4.19.146-1 | s390x loop-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x md-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x mtd-core-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x multipath-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x nbd-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x nic-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x scsi-core-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x scsi-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x udf-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x xfs-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x zlib-modules-4.19.0-11-s390x-di | 4.19.146-1 | s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:32:46 -0000] [ftpmaster: Mark Hymers] Removed the following packages from stable: linux-headers-4.19.0-11-all | 4.19.146-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:33:10 -0000] [ftpmaster: Mark Hymers] Removed the following packages from stable: linux-headers-4.19.0-11-all-arm64 | 4.19.146-1 | arm64 linux-headers-4.19.0-11-arm64 | 4.19.146-1 | arm64 linux-headers-4.19.0-11-rt-arm64 | 4.19.146-1 | arm64 linux-image-4.19.0-11-arm64-dbg | 4.19.146-1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:33:31 -0000] [ftpmaster: Mark Hymers] Removed the following packages from stable: btrfs-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel cdrom-core-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel compress-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel crc-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel crypto-dm-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel crypto-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel event-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel ext4-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel fat-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel fb-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel fuse-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel input-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel ipv6-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel isofs-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel jffs2-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel jfs-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel kernel-image-4.19.0-11-marvell-di | 4.19.146-1 | armel leds-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel linux-headers-4.19.0-11-all-armel | 4.19.146-1 | armel linux-headers-4.19.0-11-marvell | 4.19.146-1 | armel linux-headers-4.19.0-11-rpi | 4.19.146-1 | armel linux-image-4.19.0-11-marvell | 4.19.146-1 | armel linux-image-4.19.0-11-marvell-dbg | 4.19.146-1 | armel linux-image-4.19.0-11-rpi | 4.19.146-1 | armel linux-image-4.19.0-11-rpi-dbg | 4.19.146-1 | armel loop-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel md-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel minix-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel mmc-core-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel mmc-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel mouse-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel mtd-core-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel mtd-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel multipath-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel nbd-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel nic-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel nic-shared-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel nic-usb-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel ppp-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel sata-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel scsi-core-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel squashfs-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel udf-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel uinput-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel usb-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel usb-serial-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel usb-storage-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel zlib-modules-4.19.0-11-marvell-di | 4.19.146-1 | armel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:34:03 -0000] [ftpmaster: Mark Hymers] Removed the following packages from stable: ata-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf btrfs-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf cdrom-core-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf compress-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf crc-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf crypto-dm-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf crypto-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf efi-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf event-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf ext4-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf fat-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf fb-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf fuse-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf i2c-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf input-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf isofs-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf jfs-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf kernel-image-4.19.0-11-armmp-di | 4.19.146-1 | armhf leds-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf linux-headers-4.19.0-11-all-armhf | 4.19.146-1 | armhf linux-headers-4.19.0-11-armmp | 4.19.146-1 | armhf linux-headers-4.19.0-11-armmp-lpae | 4.19.146-1 | armhf linux-headers-4.19.0-11-rt-armmp | 4.19.146-1 | armhf linux-image-4.19.0-11-armmp | 4.19.146-1 | armhf linux-image-4.19.0-11-armmp-dbg | 4.19.146-1 | armhf linux-image-4.19.0-11-armmp-lpae | 4.19.146-1 | armhf linux-image-4.19.0-11-armmp-lpae-dbg | 4.19.146-1 | armhf linux-image-4.19.0-11-rt-armmp | 4.19.146-1 | armhf linux-image-4.19.0-11-rt-armmp-dbg | 4.19.146-1 | armhf loop-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf md-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf mmc-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf mtd-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf multipath-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf nbd-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf nic-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf nic-shared-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf nic-usb-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf nic-wireless-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf pata-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf ppp-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf sata-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf scsi-core-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf scsi-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf scsi-nic-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf squashfs-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf udf-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf uinput-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf usb-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf usb-serial-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf usb-storage-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf zlib-modules-4.19.0-11-armmp-di | 4.19.146-1 | armhf ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:34:29 -0000] [ftpmaster: Mark Hymers] Removed the following packages from stable: linux-headers-4.19.0-11-686 | 4.19.146-1 | i386 linux-headers-4.19.0-11-686-pae | 4.19.146-1 | i386 linux-headers-4.19.0-11-all-i386 | 4.19.146-1 | i386 linux-headers-4.19.0-11-rt-686-pae | 4.19.146-1 | i386 linux-image-4.19.0-11-686-dbg | 4.19.146-1 | i386 linux-image-4.19.0-11-686-pae-dbg | 4.19.146-1 | i386 linux-image-4.19.0-11-686-pae-unsigned | 4.19.146-1 | i386 linux-image-4.19.0-11-686-unsigned | 4.19.146-1 | i386 linux-image-4.19.0-11-rt-686-pae-dbg | 4.19.146-1 | i386 linux-image-4.19.0-11-rt-686-pae-unsigned | 4.19.146-1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:34:43 -0000] [ftpmaster: Mark Hymers] Removed the following packages from stable: linux-headers-4.19.0-11-all-mips | 4.19.146-1 | mips ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:35:30 -0000] [ftpmaster: Mark Hymers] Removed the following packages from stable: affs-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel btrfs-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel cdrom-core-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel compress-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel crc-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel crypto-dm-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel crypto-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel event-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel ext4-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel fat-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel fuse-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel hfs-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel input-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel isofs-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel jfs-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel kernel-image-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel linux-headers-4.19.0-11-5kc-malta | 4.19.146-1 | mips, mips64el, mipsel linux-headers-4.19.0-11-octeon | 4.19.146-1 | mips, mips64el, mipsel linux-image-4.19.0-11-5kc-malta | 4.19.146-1 | mips, mips64el, mipsel linux-image-4.19.0-11-5kc-malta-dbg | 4.19.146-1 | mips, mips64el, mipsel linux-image-4.19.0-11-octeon | 4.19.146-1 | mips, mips64el, mipsel linux-image-4.19.0-11-octeon-dbg | 4.19.146-1 | mips, mips64el, mipsel loop-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel md-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel minix-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel multipath-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel nbd-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel nic-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel nic-shared-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel nic-usb-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel nic-wireless-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel pata-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel ppp-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel rtc-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel sata-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel scsi-core-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel scsi-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel scsi-nic-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel sound-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel squashfs-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel udf-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel usb-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel usb-serial-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel usb-storage-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel xfs-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel zlib-modules-4.19.0-11-octeon-di | 4.19.146-1 | mips, mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:35:50 -0000] [ftpmaster: Mark Hymers] Removed the following packages from stable: affs-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel ata-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel btrfs-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel cdrom-core-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel compress-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel crc-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel crypto-dm-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel crypto-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel event-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel ext4-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel fat-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel fb-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel fuse-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel hfs-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel i2c-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel input-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel isofs-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel jfs-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel kernel-image-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel linux-headers-4.19.0-11-4kc-malta | 4.19.146-1 | mips, mipsel linux-image-4.19.0-11-4kc-malta | 4.19.146-1 | mips, mipsel linux-image-4.19.0-11-4kc-malta-dbg | 4.19.146-1 | mips, mipsel loop-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel md-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel minix-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel mmc-core-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel mmc-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel mouse-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel mtd-core-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel multipath-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel nbd-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel nic-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel nic-shared-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel nic-usb-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel nic-wireless-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel pata-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel ppp-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel sata-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel scsi-core-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel scsi-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel scsi-nic-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel sound-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel squashfs-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel udf-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel usb-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel usb-serial-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel usb-storage-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel xfs-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel zlib-modules-4.19.0-11-4kc-malta-di | 4.19.146-1 | mips, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:36:21 -0000] [ftpmaster: Mark Hymers] Removed the following packages from stable: affs-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el ata-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el btrfs-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el cdrom-core-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el compress-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el crc-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el crypto-dm-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el crypto-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el event-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el ext4-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el fat-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el fb-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el fuse-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el hfs-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el i2c-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el input-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el isofs-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el jfs-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el kernel-image-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el linux-headers-4.19.0-11-all-mips64el | 4.19.146-1 | mips64el loop-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el md-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el minix-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el mmc-core-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el mmc-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el mouse-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el mtd-core-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el multipath-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el nbd-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el nic-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el nic-shared-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el nic-usb-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el nic-wireless-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el pata-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el ppp-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el sata-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el scsi-core-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el scsi-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el scsi-nic-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el sound-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el squashfs-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el udf-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el usb-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el usb-serial-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el usb-storage-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el xfs-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el zlib-modules-4.19.0-11-5kc-malta-di | 4.19.146-1 | mips64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:36:47 -0000] [ftpmaster: Mark Hymers] Removed the following packages from stable: affs-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel ata-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel btrfs-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel cdrom-core-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel compress-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel crc-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel crypto-dm-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel crypto-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel event-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel ext4-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel fat-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel fb-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel firewire-core-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel fuse-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel hfs-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel input-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel isofs-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel jfs-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel kernel-image-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel linux-headers-4.19.0-11-loongson-3 | 4.19.146-1 | mips64el, mipsel linux-image-4.19.0-11-loongson-3 | 4.19.146-1 | mips64el, mipsel linux-image-4.19.0-11-loongson-3-dbg | 4.19.146-1 | mips64el, mipsel loop-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel md-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel minix-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel mtd-core-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel multipath-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel nbd-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel nfs-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel nic-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel nic-shared-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel nic-usb-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel nic-wireless-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel pata-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel ppp-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel sata-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel scsi-core-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel scsi-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel scsi-nic-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel sound-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel speakup-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel squashfs-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel udf-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel usb-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel usb-serial-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel usb-storage-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel xfs-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel zlib-modules-4.19.0-11-loongson-3-di | 4.19.146-1 | mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:37:53 -0000] [ftpmaster: Mark Hymers] Removed the following packages from stable: linux-headers-4.19.0-11-all-mipsel | 4.19.146-1 | mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:38:19 -0000] [ftpmaster: Mark Hymers] Removed the following packages from stable: linux-image-4.19.0-11-arm64-unsigned | 4.19.146-1 | arm64 linux-image-4.19.0-11-rt-arm64-dbg | 4.19.146-1 | arm64 linux-image-4.19.0-11-rt-arm64-unsigned | 4.19.146-1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:38:46 -0000] [ftpmaster: Mark Hymers] Removed the following packages from stable: acpi-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 ata-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 btrfs-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 cdrom-core-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 compress-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 crc-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 crypto-dm-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 crypto-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 efi-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 event-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 ext4-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 fat-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 fb-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 firewire-core-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 fuse-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 i2c-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 input-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 isofs-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 jfs-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 kernel-image-4.19.0-11-amd64-di | 4.19.146-1 | amd64 linux-image-4.19.0-11-amd64 | 4.19.146-1 | amd64 linux-image-4.19.0-11-cloud-amd64 | 4.19.146-1 | amd64 linux-image-4.19.0-11-rt-amd64 | 4.19.146-1 | amd64 loop-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 md-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 mmc-core-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 mmc-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 mouse-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 mtd-core-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 multipath-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 nbd-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 nic-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 nic-pcmcia-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 nic-shared-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 nic-usb-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 nic-wireless-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 pata-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 pcmcia-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 pcmcia-storage-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 ppp-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 sata-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 scsi-core-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 scsi-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 scsi-nic-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 serial-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 sound-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 speakup-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 squashfs-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 udf-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 uinput-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 usb-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 usb-serial-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 usb-storage-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 xfs-modules-4.19.0-11-amd64-di | 4.19.146-1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-amd64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:39:22 -0000] [ftpmaster: Mark Hymers] Removed the following packages from stable: ata-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 btrfs-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 cdrom-core-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 compress-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 crc-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 crypto-dm-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 crypto-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 efi-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 event-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 ext4-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 fat-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 fb-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 fuse-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 i2c-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 input-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 isofs-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 jfs-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 kernel-image-4.19.0-11-arm64-di | 4.19.146-1 | arm64 leds-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 linux-image-4.19.0-11-arm64 | 4.19.146-1 | arm64 linux-image-4.19.0-11-rt-arm64 | 4.19.146-1 | arm64 loop-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 md-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 mmc-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 mtd-core-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 multipath-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 nbd-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 nic-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 nic-shared-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 nic-usb-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 nic-wireless-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 ppp-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 sata-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 scsi-core-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 scsi-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 scsi-nic-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 squashfs-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 udf-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 uinput-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 usb-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 usb-serial-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 usb-storage-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 xfs-modules-4.19.0-11-arm64-di | 4.19.146-1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-arm64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:39:45 -0000] [ftpmaster: Mark Hymers] Removed the following packages from stable: acpi-modules-4.19.0-11-686-di | 4.19.146-1 | i386 acpi-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 ata-modules-4.19.0-11-686-di | 4.19.146-1 | i386 btrfs-modules-4.19.0-11-686-di | 4.19.146-1 | i386 btrfs-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 cdrom-core-modules-4.19.0-11-686-di | 4.19.146-1 | i386 cdrom-core-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 compress-modules-4.19.0-11-686-di | 4.19.146-1 | i386 compress-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 crc-modules-4.19.0-11-686-di | 4.19.146-1 | i386 crc-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 crypto-dm-modules-4.19.0-11-686-di | 4.19.146-1 | i386 crypto-dm-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 crypto-modules-4.19.0-11-686-di | 4.19.146-1 | i386 crypto-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 efi-modules-4.19.0-11-686-di | 4.19.146-1 | i386 efi-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 event-modules-4.19.0-11-686-di | 4.19.146-1 | i386 event-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 ext4-modules-4.19.0-11-686-di | 4.19.146-1 | i386 ext4-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 fat-modules-4.19.0-11-686-di | 4.19.146-1 | i386 fat-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 fb-modules-4.19.0-11-686-di | 4.19.146-1 | i386 fb-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 firewire-core-modules-4.19.0-11-686-di | 4.19.146-1 | i386 firewire-core-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 fuse-modules-4.19.0-11-686-di | 4.19.146-1 | i386 fuse-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 i2c-modules-4.19.0-11-686-di | 4.19.146-1 | i386 i2c-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 input-modules-4.19.0-11-686-di | 4.19.146-1 | i386 input-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 isofs-modules-4.19.0-11-686-di | 4.19.146-1 | i386 isofs-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 jfs-modules-4.19.0-11-686-di | 4.19.146-1 | i386 jfs-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 kernel-image-4.19.0-11-686-di | 4.19.146-1 | i386 kernel-image-4.19.0-11-686-pae-di | 4.19.146-1 | i386 linux-image-4.19.0-11-686 | 4.19.146-1 | i386 linux-image-4.19.0-11-686-pae | 4.19.146-1 | i386 linux-image-4.19.0-11-rt-686-pae | 4.19.146-1 | i386 loop-modules-4.19.0-11-686-di | 4.19.146-1 | i386 loop-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 md-modules-4.19.0-11-686-di | 4.19.146-1 | i386 md-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 mmc-core-modules-4.19.0-11-686-di | 4.19.146-1 | i386 mmc-core-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 mmc-modules-4.19.0-11-686-di | 4.19.146-1 | i386 mmc-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 mouse-modules-4.19.0-11-686-di | 4.19.146-1 | i386 mouse-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 mtd-core-modules-4.19.0-11-686-di | 4.19.146-1 | i386 mtd-core-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 multipath-modules-4.19.0-11-686-di | 4.19.146-1 | i386 multipath-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 nbd-modules-4.19.0-11-686-di | 4.19.146-1 | i386 nbd-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 nic-modules-4.19.0-11-686-di | 4.19.146-1 | i386 nic-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 nic-pcmcia-modules-4.19.0-11-686-di | 4.19.146-1 | i386 nic-pcmcia-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 nic-shared-modules-4.19.0-11-686-di | 4.19.146-1 | i386 nic-shared-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 nic-usb-modules-4.19.0-11-686-di | 4.19.146-1 | i386 nic-usb-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 nic-wireless-modules-4.19.0-11-686-di | 4.19.146-1 | i386 nic-wireless-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 pata-modules-4.19.0-11-686-di | 4.19.146-1 | i386 pata-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 pcmcia-modules-4.19.0-11-686-di | 4.19.146-1 | i386 pcmcia-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 pcmcia-storage-modules-4.19.0-11-686-di | 4.19.146-1 | i386 pcmcia-storage-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 ppp-modules-4.19.0-11-686-di | 4.19.146-1 | i386 ppp-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 sata-modules-4.19.0-11-686-di | 4.19.146-1 | i386 sata-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 scsi-core-modules-4.19.0-11-686-di | 4.19.146-1 | i386 scsi-core-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 scsi-modules-4.19.0-11-686-di | 4.19.146-1 | i386 scsi-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 scsi-nic-modules-4.19.0-11-686-di | 4.19.146-1 | i386 scsi-nic-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 serial-modules-4.19.0-11-686-di | 4.19.146-1 | i386 serial-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 sound-modules-4.19.0-11-686-di | 4.19.146-1 | i386 sound-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 speakup-modules-4.19.0-11-686-di | 4.19.146-1 | i386 speakup-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 squashfs-modules-4.19.0-11-686-di | 4.19.146-1 | i386 squashfs-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 udf-modules-4.19.0-11-686-di | 4.19.146-1 | i386 udf-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 uinput-modules-4.19.0-11-686-di | 4.19.146-1 | i386 uinput-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 usb-modules-4.19.0-11-686-di | 4.19.146-1 | i386 usb-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 usb-serial-modules-4.19.0-11-686-di | 4.19.146-1 | i386 usb-serial-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 usb-storage-modules-4.19.0-11-686-di | 4.19.146-1 | i386 usb-storage-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 xfs-modules-4.19.0-11-686-di | 4.19.146-1 | i386 xfs-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-i386) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:40:14 -0000] [ftpmaster: Mark Hymers] Removed the following packages from stable: linux-headers-4.19.0-11-common | 4.19.146-1 | all linux-headers-4.19.0-11-common-rt | 4.19.146-1 | all linux-support-4.19.0-11 | 4.19.146-1 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:41:22 -0000] [ftpmaster: Mark Hymers] Removed the following packages from stable: ata-modules-4.19.0-11-686-pae-di | 4.19.146-1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-i386) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 06 Feb 2021 09:16:47 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: compactheader | 3.0.0~beta5-2~deb10u1 | source webext-compactheader | 3.0.0~beta5-2~deb10u1 | all xul-ext-compactheader | 3.0.0~beta5-2~deb10u1 | all Closed bugs: 980402 ------------------- Reason ------------------- RoQA; abandoned upstream, no longer usable ---------------------------------------------- ========================================================================= apt (1.8.2.2) buster-security; urgency=high . * SECURITY UPDATE: Integer overflow in parsing (LP: #1899193) - apt-pkg/contrib/arfile.cc: add extra checks. - apt-pkg/contrib/tarfile.cc: limit tar item sizes to 128 GiB - apt-pkg/deb/debfile.cc: limit control file sizes to 64 MiB - test/*: add tests. - CVE-2020-27350 * Additional hardening: - apt-pkg/contrib/tarfile.cc: Limit size of long names and links to 1 MiB * Fix autopkgtest regression in 1.8.2.1 security update atftp (0.7.git20120829-3.2~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster. . atftp (0.7.git20120829-3.2) unstable; urgency=medium . * Non-maintainer upload. * Fix for DoS issue CVE-2020-6097 (Closes: #970066) base-files (10.3+deb10u8) buster; urgency=medium . * Change /etc/debian_version to 10.8, for Debian 10.8 point release. brotli (1.0.7-2+deb10u1) buster-security; urgency=medium . * CVE-2020-8927 ca-certificates (20200601~deb10u2) buster; urgency=medium . [ Julien Cristau ] * New maintainer (see #976406) . [ Michael Shuler ] * mozilla/blacklist: Revert Symantec CA blacklist (#911289). Closes: #962596, #968002. The following root certificates were added back (+): + "GeoTrust Global CA" + "GeoTrust Primary Certification Authority" + "GeoTrust Primary Certification Authority - G2" + "GeoTrust Primary Certification Authority - G3" + "GeoTrust Universal CA" + "thawte Primary Root CA" + "thawte Primary Root CA - G2" + "thawte Primary Root CA - G3" + "VeriSign Class 3 Public Primary Certification Authority - G4" + "VeriSign Class 3 Public Primary Certification Authority - G5" + "VeriSign Universal Root Certification Authority" . Note: due to bug #743339, CA certificates added back in this version won't automatically be trusted again on upgrade. Affected users may need to reconfigure the package to restore the desired state. ca-certificates (20200601~deb10u1) buster; urgency=medium . * Rebuild for buster. * Merge changes from 20200601 - d/control; set d/gbp.conf branch to debian-buster * This release updates the Mozilla CA bundle to 2.40, blacklists distrusted Symantec roots, and blacklists expired "AddTrust External Root". Closes: #956411, #955038, #911289, #961907 ca-certificates (20200601~deb9u1) stretch; urgency=medium . * Rebuild for stretch. * Merge changes from 20200601 - d/control * This release updates the Mozilla CA bundle to 2.40, blacklists distrusted Symantec roots, and blacklists expired "AddTrust External Root". Closes: #956411, #955038, #911289, #961907 * Fix permissions on /usr/local/share/ca-certificates when using symlinks. Closes: #916833 * Remove email-only roots from mozilla trust store. Closes: #721976 cacti (1.2.2+ds1-2+deb10u4) buster; urgency=medium . * Add 0001-Fixing-Issue-4022.patch (Closes: #979998) - CVE-2020-35701: SQL injection via data_debug.php * Add 0001-Fixing-Issue-4019.patch There are a few places in the current code where an attacker, once having gained access to the Cacti database through a SQL injection, could modify data in tables to possibly expose an stored XSS bug in Cacti. cairo (1.16.0-4+deb10u1) buster; urgency=medium . * CVE-2020-35492 (Closes: #CVE-2020-35492) choose-mirror (2.99+deb10u3) buster; urgency=medium . * Update Mirrors.masterlist. chromium (87.0.4280.141-0.1~deb10u1) buster-security; urgency=high . * Non-maintainer upload. * New upstream security release (closes: 979520). - CVE-2021-21106: Use after free in autofill. Reported by Weipeng Jiang @Krace from Codesafe Team of Legendsec at Qi'anxin Group - CVE-2021-21107: Use after free in drag and drop. Reported by Leecraso and Guang Gong of 360 Alpha Lab - CVE-2021-21108: Use after free in media. Reported by Leecraso and Guang Gong of 360 Alpha Lab - CVE-2021-21109: Use after free in payments. Reported by Rong Jian and Guang Gong of 360 Alpha Lab - CVE-2021-21110: Use after free in safe browsing. Reported by Anonymous - CVE-2021-21111: Insufficient policy enforcement in WebUI. Reported by Alesandro Ortiz - CVE-2021-21112: Use after free in Blink. Reported by YoungJoo Lee @ashuu_lee of Raon Whitehat - CVE-2021-21113: Heap buffer overflow in Skia. Reported by tsubmunu - CVE-2020-16043: Insufficient data validation in networking. Reported by Samy Kamkar, Ben Seri at Armis, Gregory Vishnepolsky at Armis - CVE-2021-21114: Use after free in audio. Reported by Man Yue Mo of GitHub Security Lab - CVE-2020-15995: Out of bounds write in V8. Reported by Bohan Liu @P4nda20371774 of Tencent Security Xuanwu Lab - CVE-2021-21115: Use after free in safe browsing. Reported by Leecraso and Guang Gong of 360 Alpha Lab - CVE-2021-21116: Heap buffer overflow in audio. Reported by Alison Huffman, Microsoft Browser Vulnerability Research * Use desktop gl implementation as default. (closes: 979135) chromium (87.0.4280.88-0.4) unstable; urgency=medium . * Non-maintainer upload. . [ Michel Le Bihan ] * Install ANGLE EGL and GLESv2 libs (closes: 977870). * Disable Widevine CDM component updater (closes: 960454). * Disable usage of google-chrome in driver (closes: 930543). . [ Jan Luca Naumann ] * Remove python3-xcbgen from Build-Deps * Changes to allow building on buster * Add patch for explicit python2 usage in scripts chromium (87.0.4280.88-0.4~deb10u1) buster-security; urgency=high . * Non-maintainer upload. * New upstream stable release. - CVE-2020-6510: Heap buffer overflow in background fetch. Reported by Leecraso and Guang Gong - CVE-2020-6511: Side-channel information leakage in content security policy. Reported by Mikhail Oblozhikhin - CVE-2020-6512: Type Confusion in V8. Reported by nocma, leogan, cheneyxu - CVE-2020-6513: Heap buffer overflow in PDFium. Reported by Aleksandar Nikolic - CVE-2020-6514: Inappropriate implementation in WebRTC. Reported by Natalie Silvanovich - CVE-2020-6515: Use after free in tab strip. Reported by DDV_UA - CVE-2020-6516: Policy bypass in CORS. Reported by Yongke Wang and Aryb1n - CVE-2020-6517: Heap buffer overflow in history. Reported by ZeKai Wu - CVE-2020-6518: Use after free in developer tools. Reported by David Erceg - CVE-2020-6519: Policy bypass in CSP. Reported by Gal Weizman - CVE-2020-6520: Heap buffer overflow in Skia. Reported by Zhen Zhou - CVE-2020-6521: Side-channel information leakage in autofill. Reported by Xu Lin, Panagiotis Ilia, Jason Polakis - CVE-2020-6522: Inappropriate implementation in external protocol handlers. Reported by Eric Lawrence - CVE-2020-6523: Out of bounds write in Skia. Reported by Liu Wei and Wu Zekai - CVE-2020-6524: Heap buffer overflow in WebAudio. Reported by Sung Ta - CVE-2020-6525: Heap buffer overflow in Skia. Reported by Zhen Zhou - CVE-2020-6526: Inappropriate implementation in iframe sandbox. Reported by Jonathan Kingston - CVE-2020-6527: Insufficient policy enforcement in CSP. Reported by Zhong Zhaochen - CVE-2020-6528: Incorrect security UI in basic auth. Reported by Rayyan Bijoora - CVE-2020-6529: Inappropriate implementation in WebRTC. Reported by kaustubhvats7 - CVE-2020-6530: Out of bounds memory access in developer tools. Reported by myvyang - CVE-2020-6531: Side-channel information leakage in scroll to text. Reported by Jun Kokatsu - CVE-2020-6533: Type Confusion in V8. Reported by Avihay Cohen - CVE-2020-6534: Heap buffer overflow in WebRTC. Reported by Anonymous - CVE-2020-6535: Insufficient data validation in WebUI. Reported by Jun Kokatsu - CVE-2020-6536: Incorrect security UI in PWAs. Reported by Zhiyang Zeng - CVE-2020-6537: Type Confusion in V8. Reported by Rong Jian and Guang Gong - CVE-2020-6532: Use after free in SCTP. Reported by Anonymous - CVE-2020-6538: Inappropriate implementation in WebView. Reported by Yongke Wang and Aryb1n - CVE-2020-6539: Use after free in CSS. Reported by Oriol Brufau - CVE-2020-6540: Heap buffer overflow in Skia. Reported by Zhen Zhou - CVE-2020-6541: Use after free in WebUSB. Reported by Sergei Glazunov - CVE-2020-16037: Use after free in clipboard. Reported by Ryoya Tsukasaki - CVE-2020-16038: Use after free in media. Reported by Khalil Zhani - CVE-2020-16039: Use after free in extensions. Reported by Anonymous - CVE-2020-16040: Insufficient data validation in V8. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research - CVE-2020-16041: Out of bounds read in networking. Reported by Sergei Glazunov and Mark Brand of Google Project Zero - CVE-2020-16042: Uninitialized Use in V8. Reported by André Bargull - CVE-2020-16018: Use after free in payments. Reported by Man Yue Mo of GitHub Security Lab - CVE-2020-16019: Inappropriate implementation in filesystem. Reported by Rory McNamara - CVE-2020-16020: Inappropriate implementation in cryptohome. Reported by Rory McNamara - CVE-2020-16021: Race in ImageBurner. Reported by Rory McNamara - CVE-2020-16022: Insufficient policy enforcement in networking. Reported by @SamyKamkar - CVE-2020-16015: Insufficient data validation in WASM. Reported by Rong Jian and Leecraso of 360 Alpha Lab - CVE-2020-16014: Use after free in PPAPI. Reported by Rong Jian and Leecraso of 360 Alpha Lab - CVE-2020-16023: Use after free in WebCodecs. Reported by Brendon Tiszka and David Manouchehri supporting the @eff - CVE-2020-16024: Heap buffer overflow in UI. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-16025: Heap buffer overflow in clipboard. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-16026: Use after free in WebRTC. Reported by Jong-Gwon Kim - CVE-2020-16027: Insufficient policy enforcement in developer tools. Reported by David Erceg - CVE-2020-16028: Heap buffer overflow in WebRTC. Reported by asnine - CVE-2020-16029: Inappropriate implementation in PDFium. Reported by Anonymous - CVE-2020-16030: Insufficient data validation in Blink. Reported by Michał Bentkowski of Securitum - CVE-2019-8075: Insufficient data validation in Flash. Reported by Nethanel Gelernter, Cyberpion - CVE-2020-16031: Incorrect security UI in tab preview. Reported by wester0x01 - CVE-2020-16032: Incorrect security UI in sharing. Reported by wester0x01 - CVE-2020-16033: Incorrect security UI in WebUSB. Reported by Khalil Zhani - CVE-2020-16034: Inappropriate implementation in WebRTC. Reported by Benjamin Petermaier - CVE-2020-16035: Insufficient data validation in cros-disks. Reported by Rory McNamara - CVE-2020-16012: Side-channel information leakage in graphics. Reported by Aleksejs Popovs - CVE-2020-16036: Inappropriate implementation in cookies. Reported by Jun Kokatsu @shhnjk - CVE-2020-16013: Inappropriate implementation in V8. Reported by Anonymous - CVE-2020-16017: Use after free in site isolation. Reported by Anonymous - CVE-2020-16016: Inappropriate implementation in base. Reported by Rong Jian and Leecraso of 360 Alpha Lab - CVE-2020-16004: Use after free in user interface. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud - CVE-2020-16005: Insufficient policy enforcement in ANGLE. Reported by Jaehun Jeong @n3sk of Theori - CVE-2020-16006: Inappropriate implementation in V8. Reported by Bill Parks - CVE-2020-16007: Insufficient data validation in installer. Reported by Abdelhamid Naceri - CVE-2020-16008: Stack buffer overflow in WebRTC. Reported by Tolya Korniltsev - CVE-2020-16009: Inappropriate implementation in V8. Reported by Clement Lecigne of Google's Threat Analysis Group and Samuel Groß of Google Project Zero - CVE-2020-16011: Heap buffer overflow in UI on Windows. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-16000: Inappropriate implementation in Blink. Reported by amaebi_jp - CVE-2020-16001: Use after free in media. Reported by Khalil Zhani - CVE-2020-16002: Use after free in PDFium. Reported by Weipeng Jiang from Codesafe Team of Legendsec at Qi'anxin Group - CVE-2020-15999: Heap buffer overflow in Freetype. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-16003: Use after free in printing. Reported by Khalil Zhani - CVE-2020-15967: Use after free in payments. Reported by Man Yue Mo of GitHub Security Lab - CVE-2020-15968: Use after free in Blink. Reported by Anonymous - CVE-2020-15969: Use after free in WebRTC. Reported by Anonymous - CVE-2020-15970: Use after free in NFC. Reported by Man Yue Mo of GitHub Security Lab - CVE-2020-15971: Use after free in printing. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research - CVE-2020-15972: Use after free in audio. Reported by Anonymous - CVE-2020-15990: Use after free in autofill. Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 - CVE-2020-15991: Use after free in password manager. Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 - CVE-2020-15973: Insufficient policy enforcement in extensions. Reported by David Erceg - CVE-2020-15974: Integer overflow in Blink. Reported by Juno Im of Theori - CVE-2020-15975: Integer overflow in SwiftShader. Reported by Anonymous - CVE-2020-15976: Use after free in WebXR. Reported by YoungJoo Lee @ashuu_lee of Raon Whitehat - CVE-2020-6557: Inappropriate implementation in networking. Reported by Matthias Gierlings and Marcus Brinkmann - CVE-2020-15977: Insufficient data validation in dialogs. Reported by Narendra Bhati - CVE-2020-15978: Insufficient data validation in navigation. Reported by Luan Herrera @lbherrera_ - CVE-2020-15979: Inappropriate implementation in V8. Reported by Avihay Cohen @ SeraphicAlgorithms - CVE-2020-15980: Insufficient policy enforcement in Intents. Reported by Yongke Wang @Rudykewang and Aryb1n @aryb1n of Tencent Security Xuanwu Lab - CVE-2020-15981: Out of bounds read in audio. Reported by Christoph Guttandin - CVE-2020-15982: Side-channel information leakage in cache. Reported by Luan Herrera @lbherrera_ - CVE-2020-15983: Insufficient data validation in webUI. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research - CVE-2020-15984: Insufficient policy enforcement in Omnibox. Reported by Rayyan Bijoora - CVE-2020-15985: Inappropriate implementation in Blink. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research - CVE-2020-15986: Integer overflow in media. Reported by Mark Brand of Google Project Zero - CVE-2020-15987: Use after free in WebRTC. Reported by Philipp Hancke - CVE-2020-15992: Insufficient policy enforcement in networking. Reported by Alison Huffman, Microsoft Browser Vulnerability Research - CVE-2020-15988: Insufficient policy enforcement in downloads. Reported by Samuel Attard - CVE-2020-15989: Uninitialized Use in PDFium. Reported by Gareth Evans - CVE-2020-15960: Out of bounds read in storage. Reported by Anonymous - CVE-2020-15961: Insufficient policy enforcement in extensions. Reported by David Erceg - CVE-2020-15962: Insufficient policy enforcement in serial. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud - CVE-2020-15963: Insufficient policy enforcement in extensions. Reported by David Erceg - CVE-2020-15965: Out of bounds write in V8. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research - CVE-2020-15966: Insufficient policy enforcement in extensions. Reported by David Erceg - CVE-2020-15964: Insufficient data validation in media. Reported by Woojin Oh @pwn_expoit of STEALIEN - CVE-2020-6573: Use after free in video. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud - CVE-2020-6574: Insufficient policy enforcement in installer. Reported by CodeColorist of Ant-Financial LightYear Labs - CVE-2020-6575: Race in Mojo. Reported by Microsoft - CVE-2020-6576: Use after free in offscreen canvas. Reported by Looben Yang - CVE-2020-15959: Insufficient policy enforcement in networking. Reported by Eric Lawrence of Microsoft - CVE-2020-6558: Insufficient policy enforcement in iOS. Reported by Alison Huffman, Microsoft Browser Vulnerability Research - CVE-2020-6559: Use after free in presentation API. Reported by Liu Wei and Wu Zekai of Tencent Security Xuanwu Lab - CVE-2020-6560: Insufficient policy enforcement in autofill. Reported by Nadja Ungethuem from www.unnex.de - CVE-2020-6561: Inappropriate implementation in Content Security Policy. Reported by Rob Wu - CVE-2020-6562: Insufficient policy enforcement in Blink. Reported by Masato Kinugawa - CVE-2020-6563: Insufficient policy enforcement in intent handling. Reported by Pedro Oliveira - CVE-2020-6564: Incorrect security UI in permissions. Reported by Khalil Zhani - CVE-2020-6565: Incorrect security UI in Omnibox. Reported by Khalil Zhani - CVE-2020-6566: Insufficient policy enforcement in media. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research - CVE-2020-6567: Insufficient validation of untrusted input in command line handling. Reported by Joshua Graham of TSS - CVE-2020-6568: Insufficient policy enforcement in intent handling. Reported by Yongke Wang @Rudykewang and Aryb1n @aryb1n of Tencent Security Xuanwu Lab - CVE-2020-6569: Integer overflow in WebUSB. Reported by guaixiaomei - CVE-2020-6570: Side-channel information leakage in WebRTC. Reported by Signal/Tenable - CVE-2020-6571: Incorrect security UI in Omnibox. Reported by Rayyan Bijoora - CVE-2020-6556: Heap buffer overflow in SwiftShader. Reported by Alison Huffman, Microsoft Browser Vulnerability Research - CVE-2020-6542: Use after free in ANGLE. Reported by Piotr Bania of Cisco Talos - CVE-2020-6543: Use after free in task scheduling. Reported by Looben Yang - CVE-2020-6544: Use after free in media. Reported by Tim Becker of Theori - CVE-2020-6545: Use after free in audio. Reported by Anonymous - CVE-2020-6546: Inappropriate implementation in installer. Reported by Andrew Hess - CVE-2020-6547: Incorrect security UI in media. Reported by David Albert - CVE-2020-6548: Heap buffer overflow in Skia. Reported by Choongwoo Han, Microsoft Browser Vulnerability Research - CVE-2020-6549: Use after free in media. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-6550: Use after free in IndexedDB. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-6551: Use after free in WebXR. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-6552: Use after free in Blink. Reported by Tim Becker of Theori - CVE-2020-6553: Use after free in offline mode. Reported by Alison Huffman, Microsoft Browser Vulnerability Research - CVE-2020-6554: Use after free in extensions. Reported by Anonymous - CVE-2020-6555: Out of bounds read in WebGL. Reported by Marcin Towalski of Cisco Talos * Add 64-bit time syscalls to syscall whitelist and clock selection parameter filtering code. * Switch to explicitly versioned python2. * Update information in debian/copyright. * Include more upstream metadata information. * Install ANGLE EGL and GLESv2 libs. chromium (87.0.4280.88-0.3) unstable; urgency=medium . * Non-maintainer upload. * Fix double-delete in content service worker (closes: 977901). chromium (87.0.4280.88-0.2) unstable; urgency=medium . * Non-maintainer upload. * Exclude debian dir from unversioned python conversion script chromium (87.0.4280.88-0.1) unstable; urgency=medium . * Non-maintainer upload. * New upstream stable release (closes: 973848). - CVE-2020-16037: Use after free in clipboard. Reported by Ryoya Tsukasaki - CVE-2020-16038: Use after free in media. Reported by Khalil Zhani - CVE-2020-16039: Use after free in extensions. Reported by Anonymous - CVE-2020-16040: Insufficient data validation in V8. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research - CVE-2020-16041: Out of bounds read in networking. Reported by Sergei Glazunov and Mark Brand of Google Project Zero - CVE-2020-16042: Uninitialized Use in V8. Reported by André Bargull - CVE-2020-16018: Use after free in payments. Reported by Man Yue Mo of GitHub Security Lab - CVE-2020-16019: Inappropriate implementation in filesystem. Reported by Rory McNamara - CVE-2020-16020: Inappropriate implementation in cryptohome. Reported by Rory McNamara - CVE-2020-16021: Race in ImageBurner. Reported by Rory McNamara - CVE-2020-16022: Insufficient policy enforcement in networking. Reported by @SamyKamkar - CVE-2020-16015: Insufficient data validation in WASM. Reported by Rong Jian and Leecraso of 360 Alpha Lab - CVE-2020-16014: Use after free in PPAPI. Reported by Rong Jian and Leecraso of 360 Alpha Lab - CVE-2020-16023: Use after free in WebCodecs. Reported by Brendon Tiszka and David Manouchehri supporting the @eff - CVE-2020-16024: Heap buffer overflow in UI. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-16025: Heap buffer overflow in clipboard. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-16026: Use after free in WebRTC. Reported by Jong-Gwon Kim - CVE-2020-16027: Insufficient policy enforcement in developer tools. Reported by David Erceg - CVE-2020-16028: Heap buffer overflow in WebRTC. Reported by asnine - CVE-2020-16029: Inappropriate implementation in PDFium. Reported by Anonymous - CVE-2020-16030: Insufficient data validation in Blink. Reported by Michał Bentkowski of Securitum - CVE-2019-8075: Insufficient data validation in Flash. Reported by Nethanel Gelernter, Cyberpion - CVE-2020-16031: Incorrect security UI in tab preview. Reported by wester0x01 - CVE-2020-16032: Incorrect security UI in sharing. Reported by wester0x01 - CVE-2020-16033: Incorrect security UI in WebUSB. Reported by Khalil Zhani - CVE-2020-16034: Inappropriate implementation in WebRTC. Reported by Benjamin Petermaier - CVE-2020-16035: Insufficient data validation in cros-disks. Reported by Rory McNamara - CVE-2020-16012: Side-channel information leakage in graphics. Reported by Aleksejs Popovs - CVE-2020-16036: Inappropriate implementation in cookies. Reported by Jun Kokatsu @shhnjk - CVE-2020-16013: Inappropriate implementation in V8. Reported by Anonymous - CVE-2020-16017: Use after free in site isolation. Reported by Anonymous - CVE-2020-16016: Inappropriate implementation in base. Reported by Rong Jian and Leecraso of 360 Alpha Lab - CVE-2020-16004: Use after free in user interface. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud - CVE-2020-16005: Insufficient policy enforcement in ANGLE. Reported by Jaehun Jeong @n3sk of Theori - CVE-2020-16006: Inappropriate implementation in V8. Reported by Bill Parks - CVE-2020-16007: Insufficient data validation in installer. Reported by Abdelhamid Naceri - CVE-2020-16008: Stack buffer overflow in WebRTC. Reported by Tolya Korniltsev - CVE-2020-16009: Inappropriate implementation in V8. Reported by Clement Lecigne of Google's Threat Analysis Group and Samuel Groß of Google Project Zero - CVE-2020-16011: Heap buffer overflow in UI on Windows. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-16000: Inappropriate implementation in Blink. Reported by amaebi_jp - CVE-2020-16001: Use after free in media. Reported by Khalil Zhani - CVE-2020-16002: Use after free in PDFium. Reported by Weipeng Jiang from Codesafe Team of Legendsec at Qi'anxin Group - CVE-2020-15999: Heap buffer overflow in Freetype. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-16003: Use after free in printing. Reported by Khalil Zhani - CVE-2020-15967: Use after free in payments. Reported by Man Yue Mo of GitHub Security Lab - CVE-2020-15968: Use after free in Blink. Reported by Anonymous - CVE-2020-15969: Use after free in WebRTC. Reported by Anonymous - CVE-2020-15970: Use after free in NFC. Reported by Man Yue Mo of GitHub Security Lab - CVE-2020-15971: Use after free in printing. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research - CVE-2020-15972: Use after free in audio. Reported by Anonymous - CVE-2020-15990: Use after free in autofill. Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 - CVE-2020-15991: Use after free in password manager. Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 - CVE-2020-15973: Insufficient policy enforcement in extensions. Reported by David Erceg - CVE-2020-15974: Integer overflow in Blink. Reported by Juno Im of Theori - CVE-2020-15975: Integer overflow in SwiftShader. Reported by Anonymous - CVE-2020-15976: Use after free in WebXR. Reported by YoungJoo Lee @ashuu_lee of Raon Whitehat - CVE-2020-6557: Inappropriate implementation in networking. Reported by Matthias Gierlings and Marcus Brinkmann - CVE-2020-15977: Insufficient data validation in dialogs. Reported by Narendra Bhati - CVE-2020-15978: Insufficient data validation in navigation. Reported by Luan Herrera @lbherrera_ - CVE-2020-15979: Inappropriate implementation in V8. Reported by Avihay Cohen @ SeraphicAlgorithms - CVE-2020-15980: Insufficient policy enforcement in Intents. Reported by Yongke Wang @Rudykewang and Aryb1n @aryb1n of Tencent Security Xuanwu Lab - CVE-2020-15981: Out of bounds read in audio. Reported by Christoph Guttandin - CVE-2020-15982: Side-channel information leakage in cache. Reported by Luan Herrera @lbherrera_ - CVE-2020-15983: Insufficient data validation in webUI. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research - CVE-2020-15984: Insufficient policy enforcement in Omnibox. Reported by Rayyan Bijoora - CVE-2020-15985: Inappropriate implementation in Blink. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research - CVE-2020-15986: Integer overflow in media. Reported by Mark Brand of Google Project Zero - CVE-2020-15987: Use after free in WebRTC. Reported by Philipp Hancke - CVE-2020-15992: Insufficient policy enforcement in networking. Reported by Alison Huffman, Microsoft Browser Vulnerability Research - CVE-2020-15988: Insufficient policy enforcement in downloads. Reported by Samuel Attard - CVE-2020-15989: Uninitialized Use in PDFium. Reported by Gareth Evans - CVE-2020-15960: Out of bounds read in storage. Reported by Anonymous - CVE-2020-15961: Insufficient policy enforcement in extensions. Reported by David Erceg - CVE-2020-15962: Insufficient policy enforcement in serial. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud - CVE-2020-15963: Insufficient policy enforcement in extensions. Reported by David Erceg - CVE-2020-15965: Out of bounds write in V8. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research - CVE-2020-15966: Insufficient policy enforcement in extensions. Reported by David Erceg - CVE-2020-15964: Insufficient data validation in media. Reported by Woojin Oh @pwn_expoit of STEALIEN - CVE-2020-6573: Use after free in video. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud - CVE-2020-6574: Insufficient policy enforcement in installer. Reported by CodeColorist of Ant-Financial LightYear Labs - CVE-2020-6575: Race in Mojo. Reported by Microsoft - CVE-2020-6576: Use after free in offscreen canvas. Reported by Looben Yang - CVE-2020-15959: Insufficient policy enforcement in networking. Reported by Eric Lawrence of Microsoft - CVE-2020-6558: Insufficient policy enforcement in iOS. Reported by Alison Huffman, Microsoft Browser Vulnerability Research - CVE-2020-6559: Use after free in presentation API. Reported by Liu Wei and Wu Zekai of Tencent Security Xuanwu Lab - CVE-2020-6560: Insufficient policy enforcement in autofill. Reported by Nadja Ungethuem from www.unnex.de - CVE-2020-6561: Inappropriate implementation in Content Security Policy. Reported by Rob Wu - CVE-2020-6562: Insufficient policy enforcement in Blink. Reported by Masato Kinugawa - CVE-2020-6563: Insufficient policy enforcement in intent handling. Reported by Pedro Oliveira - CVE-2020-6564: Incorrect security UI in permissions. Reported by Khalil Zhani - CVE-2020-6565: Incorrect security UI in Omnibox. Reported by Khalil Zhani - CVE-2020-6566: Insufficient policy enforcement in media. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research - CVE-2020-6567: Insufficient validation of untrusted input in command line handling. Reported by Joshua Graham of TSS - CVE-2020-6568: Insufficient policy enforcement in intent handling. Reported by Yongke Wang @Rudykewang and Aryb1n @aryb1n of Tencent Security Xuanwu Lab - CVE-2020-6569: Integer overflow in WebUSB. Reported by guaixiaomei - CVE-2020-6570: Side-channel information leakage in WebRTC. Reported by Signal/Tenable - CVE-2020-6571: Incorrect security UI in Omnibox. Reported by Rayyan Bijoora - CVE-2020-6556: Heap buffer overflow in SwiftShader. Reported by Alison Huffman, Microsoft Browser Vulnerability Research - CVE-2020-6542: Use after free in ANGLE. Reported by Piotr Bania of Cisco Talos - CVE-2020-6543: Use after free in task scheduling. Reported by Looben Yang - CVE-2020-6544: Use after free in media. Reported by Tim Becker of Theori - CVE-2020-6545: Use after free in audio. Reported by Anonymous - CVE-2020-6546: Inappropriate implementation in installer. Reported by Andrew Hess - CVE-2020-6547: Incorrect security UI in media. Reported by David Albert - CVE-2020-6548: Heap buffer overflow in Skia. Reported by Choongwoo Han, Microsoft Browser Vulnerability Research - CVE-2020-6549: Use after free in media. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-6550: Use after free in IndexedDB. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-6551: Use after free in WebXR. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-6552: Use after free in Blink. Reported by Tim Becker of Theori - CVE-2020-6553: Use after free in offline mode. Reported by Alison Huffman, Microsoft Browser Vulnerability Research - CVE-2020-6554: Use after free in extensions. Reported by Anonymous - CVE-2020-6555: Out of bounds read in WebGL. Reported by Marcin Towalski of Cisco Talos chromium (84.0.4147.105-1) experimental; urgency=medium . * New upstream security release. - CVE-2020-6537: Type Confusion in V8. Reported by Rong Jian and Guang Gong - CVE-2020-6532: Use after free in SCTP. Reported by Anonymous - CVE-2020-6538: Inappropriate implementation in WebView. Reported by Yongke Wang and Aryb1n - CVE-2020-6539: Use after free in CSS. Reported by Oriol Brufau - CVE-2020-6540: Heap buffer overflow in Skia. Reported by Zhen Zhou - CVE-2020-6541: Use after free in WebUSB. Reported by Sergei Glazunov chromium (84.0.4147.89-1) experimental; urgency=medium . * New upstream stable release. - CVE-2020-6510: Heap buffer overflow in background fetch. Reported by Leecraso and Guang Gong - CVE-2020-6511: Side-channel information leakage in content security policy. Reported by Mikhail Oblozhikhin - CVE-2020-6512: Type Confusion in V8. Reported by nocma, leogan, cheneyxu - CVE-2020-6513: Heap buffer overflow in PDFium. Reported by Aleksandar Nikolic - CVE-2020-6514: Inappropriate implementation in WebRTC. Reported by Natalie Silvanovich - CVE-2020-6515: Use after free in tab strip. Reported by DDV_UA - CVE-2020-6516: Policy bypass in CORS. Reported by Yongke Wang and Aryb1n - CVE-2020-6517: Heap buffer overflow in history. Reported by ZeKai Wu - CVE-2020-6518: Use after free in developer tools. Reported by David Erceg - CVE-2020-6519: Policy bypass in CSP. Reported by Gal Weizman - CVE-2020-6520: Heap buffer overflow in Skia. Reported by Zhen Zhou - CVE-2020-6521: Side-channel information leakage in autofill. Reported by Xu Lin, Panagiotis Ilia, Jason Polakis - CVE-2020-6522: Inappropriate implementation in external protocol handlers. Reported by Eric Lawrence - CVE-2020-6523: Out of bounds write in Skia. Reported by Liu Wei and Wu Zekai - CVE-2020-6524: Heap buffer overflow in WebAudio. Reported by Sung Ta - CVE-2020-6525: Heap buffer overflow in Skia. Reported by Zhen Zhou - CVE-2020-6526: Inappropriate implementation in iframe sandbox. Reported by Jonathan Kingston - CVE-2020-6527: Insufficient policy enforcement in CSP. Reported by Zhong Zhaochen - CVE-2020-6528: Incorrect security UI in basic auth. Reported by Rayyan Bijoora - CVE-2020-6529: Inappropriate implementation in WebRTC. Reported by kaustubhvats7 - CVE-2020-6530: Out of bounds memory access in developer tools. Reported by myvyang - CVE-2020-6531: Side-channel information leakage in scroll to text. Reported by Jun Kokatsu - CVE-2020-6533: Type Confusion in V8. Reported by Avihay Cohen - CVE-2020-6534: Heap buffer overflow in WebRTC. Reported by Anonymous - CVE-2020-6535: Insufficient data validation in WebUI. Reported by Jun Kokatsu - CVE-2020-6536: Incorrect security UI in PWAs. Reported by Zhiyang Zeng * Update information in debian/copyright. * Include more upstream metadata information. chromium (83.0.4103.116-3.1) unstable; urgency=medium . * Non-maintainer upload. * Add 64-bit time syscalls to syscall whitelist and clock selection parameter filtering code * Switch to explicitly versioned python2 + Update build-depends + Replace references to /usr/bin/python and to env python with /usr/bin/python2 and env python2 + make exec_script in gn use python2 + add code in debian/rules clean to set the shebang in third_party/closure_compiler/compiler.py it seems someting in the upstream build system sometimes resets it. chromium (83.0.4103.116-3) unstable; urgency=high . * Fix crashes when a connection error occurs (closes: #963548). - Thank you so much to Riku Voipio. chromium (83.0.4103.116-2) unstable; urgency=medium . * Fix crashes due to ffmpeg 4.3 (closes: #963035). chromium (83.0.4103.116-1) unstable; urgency=medium . * New upstream security release. - CVE-2020-6509: Use after free in extensions. Reported by Anonymous cjson (1.7.10-1.1+deb10u1) buster; urgency=medium . * Cherry pick upstream commit 08d2bc766a82cd75764d036f9efef444590d1cf9, which fixes an infinite loop regression introduced in the previous patch. (Closes: #973442) clevis (11-2+deb10u1) buster; urgency=medium . * Cherry-pick two comments to fix initramfs creation: Closes: #969361 - "Delete remaining references to the removed http pin" to unbreak initramfs generation in dracut. - "Install cryptsetup and tpm2_pcrlist in the initramfs" to assert cryptsetup is available in the initramfs * clevis-dracut: Trigger initramfs creation upon installation coturn (4.5.1.1-1.1+deb10u2) buster-security; urgency=high . * [c750a89] Fix-CVE-2020-26262-Enable-Security - Fix ipv6 ::1 loopback check - Not allow allocate peer address 0.0.0.0/8 and ::/128 cyrus-imapd (3.0.8-6+deb10u5) buster; urgency=medium . * Fix cron script (Closes: #980240) debian-edu-config (2.10.65+deb10u7) buster; urgency=medium . [ Mike Gabriel ] * share/debian-edu-config/tools/clean-up-host-keytabs: Add script. Move host keytabs cleanup code out of gosa-modify-host into a standalone script, but still call it from there (for now). Major script improvement: Reduce LDAP calls to a single ldapsearch query which greatly improves the execution speed of the code. (Closes: #935080). debian-installer (20190702+deb10u8) buster; urgency=medium . * Bump Linux ABI to 4.19.0-14. debian-installer-netboot-images (20190702+deb10u8) buster; urgency=medium . * Update to 20190702+deb10u8, from buster-proposed-updates. debian-installer-utils (1.132+deb10u1) buster; urgency=high . * Team upload . [ Steve McIntyre ] * Backport from unstable: list-devices-linux: Support partitions on USB UAS devices Closes: #980455 device-tree-compiler (1.4.7-4) buster; urgency=medium . * Fix segfault on “dtc -I fs /proc/device-tree†by backporting 9619c8619c, first released in 1.5.0 (Closes: #981033). With huge thanks to Uwe Kleine-König for the debugging and general guidance: - 03-Kill-bogus-TYPE_BLOB-marker-type.patch * Adjust gbp configuration for the buster branch. didjvu (0.8.2-2+deb10u1) buster; urgency=medium . * Add missing build-dependency on tzdata. Closes: #943695. * Package is orphaned, set Maintainer to "Debian QA Group". dovecot (1:2.3.4.1-5+deb10u6) buster; urgency=medium . * Backport upstream fix for crash that occurred when searching mailboxes containing malformed MIME messages. (Closes: #970386) dovecot (1:2.3.4.1-5+deb10u5) buster-security; urgency=high . * Import upstream fix for security issues: - CVE-2020-24386 - When imap hibernation is active, an attacker can cause Dovecot to discover file system directory structure and access other users' emails using specially crafted command. The attacker must have valid credentials to access the mail server. - CVE-2020-25275 - Mail delivery / parsing crashed when the 10 000th MIME part was message/rfc822 (or if parent was multipart/digest). dpdk (18.11.11-1~deb10u1) buster; urgency=medium . * New upstream version 18.11.11; for a list of changes see http://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html * Refresh 0004-build-bump-minimum-Meson-version-to-0.47.1.patch for 18.11.11 * Drop 0008-net-i40e-support-aarch32.patch, merged upstream edk2 (0~20181115.85588389-3+deb10u3) buster; urgency=medium . * CryptoPkg/BaseCryptLib: fix NULL dereference. (CVE-2019-14584) (Closes: #977300) - d/p/CryptoPkg-BaseCryptLib-fix-NULL-dereference-CVE-2019.patch emacs (1:26.1+1-3.2+deb10u2) buster; urgency=medium . * Don't crash with OpenPGP User IDs with no e-mail address. Add 0015-Avoid-elisp-crash-for-OpenPGP-User-IDs-with-no-e-mai.patch to address the issue. Thanks to Daniel Kahn Gillmor for the upstream fix, and reminders to include it. (Closes: #919642) fcitx (1:4.2.9.6-5+deb10u1) buster; urgency=medium . * debian/patches/0009-ipcportal: Add patch to fix broken input method support with software installed via flatpak. (Closes: #980834) file (1:5.35-4+deb10u2) buster; urgency=medium . * Change default for name/use to 50. Closes: #928009 firefox-esr (78.7.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2021-04, also known as: CVE-2021-23953, CVE-2021-23954, CVE-2020-26976, CVE-2021-23960, CVE-2021-23964. firefox-esr (78.6.1esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2021-01, also known as CVE-2020-16044. firefox-esr (78.6.1esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2021-01, also known as CVE-2020-16044. firefox-esr (78.6.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2020-55, also known as: CVE-2020-16042, CVE-2020-26971, CVE-2020-26973, CVE-2020-26974, CVE-2020-26978, CVE-2020-35111, CVE-2020-35113. firefox-esr (78.6.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2020-55, also known as: CVE-2020-16042, CVE-2020-26971, CVE-2020-26973, CVE-2020-26974, CVE-2020-26978, CVE-2020-35111, CVE-2020-35113. firefox-esr (78.5.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2020-51, also known as: CVE-2020-26951, CVE-2020-16012, CVE-2020-26953, CVE-2020-26956, CVE-2020-26958, CVE-2020-26959, CVE-2020-26960, CVE-2020-26961, CVE-2020-26965, CVE-2020-26968. flatpak (1.2.5-0+deb10u3) buster-security; urgency=medium . * Fix regressions in DSA 4830-1 - Add patch from upstream to fix a regression in 'flatpak build'. The patches to resolve CVE-2021-21261 caused a regression in which 'flatpak build' wouldn't set the LD_LIBRARY_PATH that it should. (Closes: #980323) - Add a patch from upstream to fix possible regressions in extra-data. The extra-data mechanism, used to download large or proprietary components out-of-band, could suffer from a regression similar to #980323 if the app or runtime's apply_extra entry point relies on LD_LIBRARY_PATH. * Add CVE-2021-21261 reference to previous changelog entry flatpak (1.2.5-0+deb10u2) buster-security; urgency=medium . * Add patches for sandbox escape vulnerability GHSA-4ppf-fxf6-vxg2 geoclue-2.0 (2.5.2-1+deb10u1) buster; urgency=medium . * debian/README.Debian: Add information about MLS and a link to the service Privacy Notice page * Check the maximum allowed accuracy level even for system applications. Respect the value of the user preference concerning the usage of their geolocation. This should fix the privacy and GDPR conformity concerns as the user explicitly needs to enable the option. Note that there is no distinction between the system applications anymore, turning on the option is allowing them all to get the location. (Closes: #924516, #958497) * d/p/: Add a patch to make the Mozilla API key configurable * debian/rules: Use the key that has been allocated to debian for MLS queries * d/p: Add an upstream patch to fix the display of the usage indicator * Fix crash if submission-url is not set in the config, patch from upstream gnutls28 (3.6.7-4+deb10u6) buster; urgency=medium . * 45_4.7.0plus-01_testpkcs11-use-datefudge-to-trick-certificate-expiry.patch Fix test suite error caused by expired certificate. Closes: #977552 grub-efi-amd64-signed (1+2.02+dfsg1+20+deb10u3) buster; urgency=high . * Update to grub2 2.02+dfsg1-20+deb10u3 grub-efi-arm64-signed (1+2.02+dfsg1+20+deb10u3) buster; urgency=high . * Update to grub2 2.02+dfsg1-20+deb10u3 grub-efi-ia32-signed (1+2.02+dfsg1+20+deb10u3) buster; urgency=high . * Update to grub2 2.02+dfsg1-20+deb10u3 grub2 (2.02+dfsg1-20+deb10u3) buster; urgency=high . [ Colin Watson ] * When upgrading grub-pc noninteractively, bail out if grub-install fails. It's better to fail the upgrade than to produce a possibly-unbootable system. * Explicitly check whether the target device exists before running grub-install, since grub-install copies modules to /boot/grub/ before installing the core image, and the new modules might be incompatible with the old core image (closes: #966575). * Backport from upstream: - unix exec: avoid atexit handlers when child exits . [ Dimitri John Ledkov ] * grub-install: Add backup and restore. * Don't call grub-install on fresh install of grub-pc. It's the job of installers to do that after a fresh install. gst-plugins-bad1.0 (1.14.4-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * No-change re-upload with version bumped to 1.14.4-1+deb10u1 to sort after binNMUs for 1.14.4-1 in buster (1.14.4-1+b1). gst-plugins-bad1.0 (1.14.4-1deb10u1) buster-security; urgency=high . * debian/patches/02_ref_pic_markings_overflow.patch: Fix possible overflow of ref-pic-markings array with specially crafted streams. . See https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/commit/11353b3f6e2f047cc37483d21e6a37ae558896bc and https://bugzilla.redhat.com/show_bug.cgi?id=1917192 for details. . * debian/patches/03_openexr-std-cxx11.patch: Fix build with the buster gcc. highlight.js (9.12.0+dfsg1-4+deb10u1) buster; urgency=high . * CVE-2020-26237 (Closes: #976446) If a website or application renders user provided data it might be affected by a Prototype Pollution. This might result in strange behavior or crashes of applications that do not correctly handle unknown properties. horizon (3:14.0.2-3+deb10u2) buster-security; urgency=medium . * CVE-2020-29565: Open redirect in workflow forms (OSSA-2020-008). Applied upstream patch Fix_open_redirect.patch (Closes: #976872). influxdb (1.6.4-1+deb10u1) buster-security; urgency=medium . * Non-maintainer upload by the LTS Team. * CVE-2019-20933 By using a JWT token with an empty shared secret, one is able to bypass authentication in services/httpd/handler.go. intel-microcode (3.20201118.1~deb10u1) buster; urgency=high . * Rebuild for buster, with changes to avoid regressions * Stable Release Manager: this intel-microcode update *keeps the same revision* of Skylake D0/R0 microcode updates already in Debian 10; they're "downgraded" from the point of view of intel-microcode 3.20201118.1. For these two processor models, an attempt to update to revisions 0xd8 and higher can hang the system should the system firmware have a microcode revision older than 0x80 -- and revision 0x72/0x74/0x76 apparently are common enough in the field to ensure many users are affected. Refer to: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/31 * Downgraded microcodes (to upstream release 20200616): sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376 sig 0x000506e3, pf_mask 0x36, 2019-10-03, rev 0x00d6, size 101376 . intel-microcode (3.20201118.1) unstable; urgency=medium . * New upstream microcode datafile 20201118 * Removes a faulty microcode update from release 2020-11-10 for Tiger Lake processors. Note that Debian already had removed this specific falty microcode update on the 3.20201110.1 release * Add a microcode update for the Pentium Silver N/J5xxx and Celeron N/J4xxx which didn't make it to release 20201110, fixing security issues (INTEL-SA-00381, INTEL-SA-00389) * Updated Microcodes: sig 0x000706a1, pf_mask 0x01, 2020-06-09, rev 0x0034, size 74752 * Removed Microcodes: sig 0x000806c1, pf_mask 0x80, 2020-10-02, rev 0x0068, size 107520 . intel-microcode (3.20201110.1) unstable; urgency=medium . * New upstream microcode datafile 20201110 (closes: #974533) * Implements mitigation for CVE-2020-8696 and CVE-2020-8698, aka INTEL-SA-00381: AVX register information leakage; Fast-Forward store predictor information leakage * Implements mitigation for CVE-2020-8695, Intel SGX information disclosure via RAPL, aka INTEL-SA-00389 * Fixes critical errata on several processor models * Reintroduces SRBDS mitigations(CVE-2020-0543, INTEL-SA-00320) for Skylake-U/Y, Skylake Xeon E3 * New Microcodes sig 0x0005065b, pf_mask 0xbf, 2020-08-20, rev 0x700001e, size 27648 sig 0x000806a1, pf_mask 0x10, 2020-06-26, rev 0x0028, size 32768 sig 0x000806c1, pf_mask 0x80, 2020-10-02, rev 0x0068, size 107520 sig 0x000a0652, pf_mask 0x20, 2020-07-08, rev 0x00e0, size 93184 sig 0x000a0653, pf_mask 0x22, 2020-07-08, rev 0x00e0, size 94208 sig 0x000a0655, pf_mask 0x22, 2020-07-08, rev 0x00e0, size 93184 sig 0x000a0661, pf_mask 0x80, 2020-07-02, rev 0x00e0, size 93184 * Updated Microcodes sig 0x000306f2, pf_mask 0x6f, 2020-05-27, rev 0x0044, size 34816 sig 0x000406e3, pf_mask 0xc0, 2020-07-14, rev 0x00e2, size 105472 sig 0x00050653, pf_mask 0x97, 2020-06-18, rev 0x1000159, size 33792 sig 0x00050654, pf_mask 0xb7, 2020-06-16, rev 0x2006a08, size 35840 sig 0x00050656, pf_mask 0xbf, 2020-06-18, rev 0x4003003, size 52224 sig 0x00050657, pf_mask 0xbf, 2020-06-18, rev 0x5003003, size 52224 sig 0x000506c9, pf_mask 0x03, 2020-02-27, rev 0x0040, size 17408 sig 0x000506ca, pf_mask 0x03, 2020-02-27, rev 0x001e, size 15360 sig 0x000506e3, pf_mask 0x36, 2020-07-14, rev 0x00e2, size 105472 sig 0x000706a8, pf_mask 0x01, 2020-06-09, rev 0x0018, size 75776 sig 0x000706e5, pf_mask 0x80, 2020-07-30, rev 0x00a0, size 109568 sig 0x000806e9, pf_mask 0x10, 2020-05-27, rev 0x00de, size 104448 sig 0x000806e9, pf_mask 0xc0, 2020-05-27, rev 0x00de, size 104448 sig 0x000806ea, pf_mask 0xc0, 2020-06-17, rev 0x00e0, size 104448 sig 0x000806eb, pf_mask 0xd0, 2020-06-03, rev 0x00de, size 104448 sig 0x000806ec, pf_mask 0x94, 2020-05-18, rev 0x00de, size 104448 sig 0x000906e9, pf_mask 0x2a, 2020-05-26, rev 0x00de, size 104448 sig 0x000906ea, pf_mask 0x22, 2020-05-25, rev 0x00de, size 103424 sig 0x000906eb, pf_mask 0x02, 2020-05-25, rev 0x00de, size 104448 sig 0x000906ec, pf_mask 0x22, 2020-06-03, rev 0x00de, size 103424 sig 0x000906ed, pf_mask 0x22, 2020-05-24, rev 0x00de, size 103424 sig 0x000a0660, pf_mask 0x80, 2020-07-08, rev 0x00e0, size 94208 * 0x806c1: remove the new Tiger Lake update: causes hang on cold/warm boot https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/44 INTEL-SA-00381 AND INTEL-SA-00389 MITIGATIONS ARE THEREFORE NOT INSTALLED FOR 0x806c1 TIGER LAKE PROCESSORS by this package update. Contact your system vendor for a firmware update, or wait fo a possible fix in a future Intel microcode release. * source: update symlinks to reflect id of the latest release, 20201110 * source: ship new upstream documentation (security.md, releasenote.md) intel-microcode (3.20201118.1~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports (no changes) * WARNING: we are now shipping again the microcode updates for Skylake-U/Y, Skylake Xeon E3. It will most likely cause boot failures if your system firmware is outdated *and* had previous issues with microcode updates. The only known fix for these systems is to update their system firmware. . intel-microcode (3.20201118.1) unstable; urgency=medium . * New upstream microcode datafile 20201118 * Removes a faulty microcode update from release 2020-11-10 for Tiger Lake processors. Note that Debian already had removed this specific falty microcode update on the 3.20201110.1 release * Add a microcode update for the Pentium Silver N/J5xxx and Celeron N/J4xxx which didn't make it to release 20201110, fixing security issues (INTEL-SA-00381, INTEL-SA-00389) * Updated Microcodes: sig 0x000706a1, pf_mask 0x01, 2020-06-09, rev 0x0034, size 74752 * Removed Microcodes: sig 0x000806c1, pf_mask 0x80, 2020-10-02, rev 0x0068, size 107520 . intel-microcode (3.20201110.1) unstable; urgency=medium . * New upstream microcode datafile 20201110 (closes: #974533) * Implements mitigation for CVE-2020-8696 and CVE-2020-8698, aka INTEL-SA-00381: AVX register information leakage; Fast-Forward store predictor information leakage * Implements mitigation for CVE-2020-8695, Intel SGX information disclosure via RAPL, aka INTEL-SA-00389 * Fixes critical errata on several processor models * Reintroduces SRBDS mitigations(CVE-2020-0543, INTEL-SA-00320) for Skylake-U/Y, Skylake Xeon E3 * New Microcodes sig 0x0005065b, pf_mask 0xbf, 2020-08-20, rev 0x700001e, size 27648 sig 0x000806a1, pf_mask 0x10, 2020-06-26, rev 0x0028, size 32768 sig 0x000806c1, pf_mask 0x80, 2020-10-02, rev 0x0068, size 107520 sig 0x000a0652, pf_mask 0x20, 2020-07-08, rev 0x00e0, size 93184 sig 0x000a0653, pf_mask 0x22, 2020-07-08, rev 0x00e0, size 94208 sig 0x000a0655, pf_mask 0x22, 2020-07-08, rev 0x00e0, size 93184 sig 0x000a0661, pf_mask 0x80, 2020-07-02, rev 0x00e0, size 93184 * Updated Microcodes sig 0x000306f2, pf_mask 0x6f, 2020-05-27, rev 0x0044, size 34816 sig 0x000406e3, pf_mask 0xc0, 2020-07-14, rev 0x00e2, size 105472 sig 0x00050653, pf_mask 0x97, 2020-06-18, rev 0x1000159, size 33792 sig 0x00050654, pf_mask 0xb7, 2020-06-16, rev 0x2006a08, size 35840 sig 0x00050656, pf_mask 0xbf, 2020-06-18, rev 0x4003003, size 52224 sig 0x00050657, pf_mask 0xbf, 2020-06-18, rev 0x5003003, size 52224 sig 0x000506c9, pf_mask 0x03, 2020-02-27, rev 0x0040, size 17408 sig 0x000506ca, pf_mask 0x03, 2020-02-27, rev 0x001e, size 15360 sig 0x000506e3, pf_mask 0x36, 2020-07-14, rev 0x00e2, size 105472 sig 0x000706a8, pf_mask 0x01, 2020-06-09, rev 0x0018, size 75776 sig 0x000706e5, pf_mask 0x80, 2020-07-30, rev 0x00a0, size 109568 sig 0x000806e9, pf_mask 0x10, 2020-05-27, rev 0x00de, size 104448 sig 0x000806e9, pf_mask 0xc0, 2020-05-27, rev 0x00de, size 104448 sig 0x000806ea, pf_mask 0xc0, 2020-06-17, rev 0x00e0, size 104448 sig 0x000806eb, pf_mask 0xd0, 2020-06-03, rev 0x00de, size 104448 sig 0x000806ec, pf_mask 0x94, 2020-05-18, rev 0x00de, size 104448 sig 0x000906e9, pf_mask 0x2a, 2020-05-26, rev 0x00de, size 104448 sig 0x000906ea, pf_mask 0x22, 2020-05-25, rev 0x00de, size 103424 sig 0x000906eb, pf_mask 0x02, 2020-05-25, rev 0x00de, size 104448 sig 0x000906ec, pf_mask 0x22, 2020-06-03, rev 0x00de, size 103424 sig 0x000906ed, pf_mask 0x22, 2020-05-24, rev 0x00de, size 103424 sig 0x000a0660, pf_mask 0x80, 2020-07-08, rev 0x00e0, size 94208 * 0x806c1: remove the new Tiger Lake update: causes hang on cold/warm boot https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/44 INTEL-SA-00381 AND INTEL-SA-00389 MITIGATIONS ARE THEREFORE NOT INSTALLED FOR 0x806c1 TIGER LAKE PROCESSORS by this package update. Contact your system vendor for a firmware update, or wait fo a possible fix in a future Intel microcode release. * source: update symlinks to reflect id of the latest release, 20201110 * source: ship new upstream documentation (security.md, releasenote.md) intel-microcode (3.20201110.1) unstable; urgency=medium . * New upstream microcode datafile 20201110 (closes: #974533) * Implements mitigation for CVE-2020-8696 and CVE-2020-8698, aka INTEL-SA-00381: AVX register information leakage; Fast-Forward store predictor information leakage * Implements mitigation for CVE-2020-8695, Intel SGX information disclosure via RAPL, aka INTEL-SA-00389 * Fixes critical errata on several processor models * Reintroduces SRBDS mitigations(CVE-2020-0543, INTEL-SA-00320) for Skylake-U/Y, Skylake Xeon E3 * New Microcodes sig 0x0005065b, pf_mask 0xbf, 2020-08-20, rev 0x700001e, size 27648 sig 0x000806a1, pf_mask 0x10, 2020-06-26, rev 0x0028, size 32768 sig 0x000806c1, pf_mask 0x80, 2020-10-02, rev 0x0068, size 107520 sig 0x000a0652, pf_mask 0x20, 2020-07-08, rev 0x00e0, size 93184 sig 0x000a0653, pf_mask 0x22, 2020-07-08, rev 0x00e0, size 94208 sig 0x000a0655, pf_mask 0x22, 2020-07-08, rev 0x00e0, size 93184 sig 0x000a0661, pf_mask 0x80, 2020-07-02, rev 0x00e0, size 93184 * Updated Microcodes sig 0x000306f2, pf_mask 0x6f, 2020-05-27, rev 0x0044, size 34816 sig 0x000406e3, pf_mask 0xc0, 2020-07-14, rev 0x00e2, size 105472 sig 0x00050653, pf_mask 0x97, 2020-06-18, rev 0x1000159, size 33792 sig 0x00050654, pf_mask 0xb7, 2020-06-16, rev 0x2006a08, size 35840 sig 0x00050656, pf_mask 0xbf, 2020-06-18, rev 0x4003003, size 52224 sig 0x00050657, pf_mask 0xbf, 2020-06-18, rev 0x5003003, size 52224 sig 0x000506c9, pf_mask 0x03, 2020-02-27, rev 0x0040, size 17408 sig 0x000506ca, pf_mask 0x03, 2020-02-27, rev 0x001e, size 15360 sig 0x000506e3, pf_mask 0x36, 2020-07-14, rev 0x00e2, size 105472 sig 0x000706a8, pf_mask 0x01, 2020-06-09, rev 0x0018, size 75776 sig 0x000706e5, pf_mask 0x80, 2020-07-30, rev 0x00a0, size 109568 sig 0x000806e9, pf_mask 0x10, 2020-05-27, rev 0x00de, size 104448 sig 0x000806e9, pf_mask 0xc0, 2020-05-27, rev 0x00de, size 104448 sig 0x000806ea, pf_mask 0xc0, 2020-06-17, rev 0x00e0, size 104448 sig 0x000806eb, pf_mask 0xd0, 2020-06-03, rev 0x00de, size 104448 sig 0x000806ec, pf_mask 0x94, 2020-05-18, rev 0x00de, size 104448 sig 0x000906e9, pf_mask 0x2a, 2020-05-26, rev 0x00de, size 104448 sig 0x000906ea, pf_mask 0x22, 2020-05-25, rev 0x00de, size 103424 sig 0x000906eb, pf_mask 0x02, 2020-05-25, rev 0x00de, size 104448 sig 0x000906ec, pf_mask 0x22, 2020-06-03, rev 0x00de, size 103424 sig 0x000906ed, pf_mask 0x22, 2020-05-24, rev 0x00de, size 103424 sig 0x000a0660, pf_mask 0x80, 2020-07-08, rev 0x00e0, size 94208 * 0x806c1: remove the new Tiger Lake update: causes hang on cold/warm boot https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/44 INTEL-SA-00381 AND INTEL-SA-00389 MITIGATIONS ARE THEREFORE NOT INSTALLED FOR 0x806c1 TIGER LAKE PROCESSORS by this package update. Contact your system vendor for a firmware update, or wait fo a possible fix in a future Intel microcode release. * source: update symlinks to reflect id of the latest release, 20201110 * source: ship new upstream documentation (security.md, releasenote.md) intel-microcode (3.20200616.1) unstable; urgency=high . * New upstream microcode datafile 20200616 + Downgraded microcodes (to a previously shipped revision): sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376 sig 0x000506e3, pf_mask 0x36, 2019-10-03, rev 0x00d6, size 101376 * Works around hangs on boot on Skylake-U/Y and Skylake Xeon E3, https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/31 * This update *removes* the SRBDS mitigations from the above processors * Note that Debian had already downgraded 0x406e3 in release 3.20200609.2 iproute2 (4.20.0-2+deb10u1) buster; urgency=medium . * Backport ip-route-print-route-type-in-JSON-output.patch. Fixes bug in json output, backported from upstream. (Closes: #961278) * Backport tc-mqprio-json-ify-output.patch. Fixes bug in json output, backported from upstream. (Closes: #972784) * Backport ip-netns-use-flock-when-setting-up-run-netns.patch. Fixes race condition that DOSes the system when using ip netns add at boot. (Closes: #949235) irssi-plugin-xmpp (0.54-3+deb10u1) buster; urgency=medium . * Cherry-pick bug931886.patch from upstream to not trigger the irssi core connect timeout prematurely, thus fixing STARTTLS connections (closes: #931886) kitty (0.13.3-1+deb10u1) buster-security; urgency=high . * Backport security fix for CVE-2020-35605 + Fix arbitrary command execution via graphics protocol libdatetime-timezone-perl (1:2.23-1+2021a) buster; urgency=medium . * Update to Olson database version 2021a. This update includes contemporary changes for South Sudan. * Fix typos in previous changelog entries. libdatetime-timezone-perl (1:2.23-1+2020e) buster; urgency=medium . * Update to Olson database version 2020e. This update includes contemporary changes for Russia (Volograd). libdbd-csv-perl (0.5300-1+deb10u1) buster; urgency=medium . * Team upload. . [ Dominic Hargreaves ] * Fix test failure with libdbi-perl 1.642-1+deb10u2 (Closes: #974134) libdbi-perl (1.642-1+deb10u2) buster; urgency=medium . [ Salvatore Bonaccorso ] * t/51dbm_file.t: add test from RT#99508 * lib/DBD/File.pm: fix CVE-2014-10401 (Closes: #972180) libmaxminddb (1.3.2-1+deb10u1) buster; urgency=medium . * Backport upstream fix for CVE-2020-28241, heap-based buffer over-read in dump_entry_data_list in maxminddb.c. (Closes: #973878) libxstream-java (1.4.11.1-1+deb10u2) buster-security; urgency=high . * Team upload. * Fix CVE-2020-26258: XStream is vulnerable to a Server-Side Forgery Request which can be activated when unmarshalling. The vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream. * Fix CVE-2020-26259: Xstream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling. The vulnerability may allow a remote attacker to delete arbitrary known files on the host as long as the executing process has sufficient rights only by manipulating the processed input stream. libxstream-java (1.4.11.1-1+deb10u1) buster-security; urgency=high . * Team upload. * Fix CVE-2020-26217: It was found that XStream is vulnerable to Remote Code Execution. The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Users who rely on blocklists are affected (the default in Debian). We strongly recommend to use the whitelist approach of XStream's Security Framework because there are likely more class combinations the blacklist approach may not address. linux (4.19.171-2) buster-security; urgency=high . * xen: Fix XenStore initialisation for XS_LOCAL linux (4.19.171-1) buster-security; urgency=high . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.161 - perf event: Check ref_reloc_sym before using it - netfilter: clear skb->next in NF_HOOK_LIST() (CVE-2021-20177) - btrfs: don't access possibly stale fs_info data for printing duplicate device - btrfs: fix lockdep splat when reading qgroup config on mount - wireless: Use linux/stddef.h instead of stddef.h - [arm64] KVM: vgic-v3: Drop the reporting of GICR_TYPER.Last for userspace - [x86] KVM: handle !lapic_in_kernel case in kvm_cpu_*_extint - [x86] KVM: Fix split-irqchip vs interrupt injection window request - [arm64] pgtable: Fix pte_accessible() - [arm64] pgtable: Ensure dirty bit is preserved across pte_wrprotect() (Closes: #977615) - drm/atomic_helper: Stop modesets on unregistered connectors harder - ALSA: hda/hdmi: fix incorrect locking in hdmi_pcm_close - HID: cypress: Support Varmilo Keyboards' media hotkeys - HID: add support for Sega Saturn - Input: i8042 - allow insmod to succeed on devices without an i8042 controller - HID: hid-sensor-hub: Fix issue with devices with no report ID - HID: add HID_QUIRK_INCREMENT_USAGE_ON_DUPLICATE for Gamevice devices - [x86] xen: don't unbind uninitialized lock_kicker_irq - HID: Add Logitech Dinovo Edge battery quirk - proc: don't allow async path resolution of /proc/self components - nvme: free sq/cq dbbuf pointers when dbbuf set fails - [arm64,armhf] dmaengine: pl330: _prep_dma_memcpy: Fix wrong burst size - scsi: libiscsi: Fix NOP race condition - scsi: target: iscsi: Fix cmd abort fabric stop race - [x86] perf/x86: fix sysfs type mismatches - [arm64,armhf] phy: tegra: xusb: Fix dangling pointer on probe failure - scsi: ufs: Fix race between shutdown and runtime resume flow - bnxt_en: fix error return code in bnxt_init_one() - bnxt_en: fix error return code in bnxt_init_board() - [x86] video: hyperv_fb: Fix the cache type when mapping the VRAM - bnxt_en: Release PCI regions when DMA mask setup fails during probe. - cxgb4: fix the panic caused by non smac rewrite - [s390x] qeth: fix tear down of async TX buffers - IB/mthca: fix return value of error branch in mthca_init_cq() - net: ena: set initial DMA width to avoid intel iommu issue - [arm64] optee: add writeback to valid memory type - [arm64,armhf,x86] efivarfs: revert "fix memory leak in efivarfs_create()" (Closes: #977048) - can: gs_usb: fix endianess problem with candleLight firmware - [x86] platform/x86: thinkpad_acpi: Send tablet mode switch at wakeup time - [x86] platform/x86: toshiba_acpi: Fix the wrong variable assignment - USB: core: Change %pK for __user pointers to %px - usb: gadget: f_midi: Fix memleak in f_midi_alloc - USB: quirks: Add USB_QUIRK_DISCONNECT_SUSPEND quirk for Lenovo A630Z TIO built-in usb-audio card - usb: gadget: Fix memleak in gadgetfs_fill_super - [x86] speculation: Fix prctl() when spectre_v2_user={seccomp,prctl},ibpb - USB: core: Fix regression in Hercules audio card https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.162 - ipv6: addrlabel: fix possible memory leak in ip6addrlbl_net_init - [s390x] net/af_iucv: set correct sk_protocol for child sockets - rose: Fix Null pointer dereference in rose_send_frame() - sock: set sk_err to ee_errno on dequeue from errq - tcp: Set INET_ECN_xmit configuration in tcp_reinit_congestion_control - tun: honor IOCB_NOWAIT flag - i40e: Fix removing driver while bare-metal VFs pass traffic - bonding: wait for sysfs kobject destruction before freeing struct slave - netfilter: bridge: reset skb->pkt_type after NF_INET_POST_ROUTING traversal - ipv4: Fix tos mask in inet_rtm_getroute() - geneve: pull IP header before ECN decapsulation - net: ip6_gre: set dev->hard_header_len when using header_ops - cxgb3: fix error return code in t3_sge_alloc_qset() - [arm64,armhf] net: mvpp2: Fix error return code in mvpp2_open() - net/mlx5: Fix wrong address reclaim when command interface is down - dt-bindings: net: correct interrupt flags in examples - ALSA: usb-audio: US16x08: fix value count for level meters - Input: xpad - support Ardwiino Controllers - Input: i8042 - add ByteSpeed touchpad to noloop table - tracing: Remove WARN_ON in start_thread() - RDMA/i40iw: Address an mmap handler exploit in i40iw https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.163 - [x86] pinctrl: baytrail: Replace WARN with dev_info_once when setting direct-irq pin to output - [x86] pinctrl: baytrail: Fix pin being driven low for a while on gpiod_get(..., GPIOD_OUT_HIGH) - usb: gadget: f_fs: Use local copy of descriptors for userspace copy - USB: serial: kl5kusb105: fix memleak on open - USB: serial: ch341: add new Product ID for CH341A - USB: serial: ch341: sort device-id entries - USB: serial: option: add Fibocom NL668 variants - USB: serial: option: add support for Thales Cinterion EXS82 - USB: serial: option: fix Quectel BG96 matching - tty: Fix ->pgrp locking in tiocspgrp() (CVE-2020-29661) - tty: Fix ->session locking (CVE-2020-29660) - ALSA: hda/realtek: Add mute LED quirk to yet another HP x360 model - ALSA: hda/realtek: Enable headset of ASUS UX482EG & B9400CEA with ALC294 - ALSA: hda/realtek - Add new codec supported for ALC897 - ALSA: hda/generic: Add option to enforce preferred_dacs pairs - ftrace: Fix updating FTRACE_FL_TRAMP - cifs: fix potential use-after-free in cifs_echo_request() - [armhf] i2c: imx: Don't generate STOP condition if arbitration has been lost - scsi: mpt3sas: Fix ioctl timeout - dm writecache: fix the maximum number of arguments - dm: remove invalid sparse __acquires and __releases annotations - mm: list_lru: set shrinker map bit when child nr_items is not zero - mm/swapfile: do not sleep with a spin lock held - [x86] uprobes: Do not use prefixes.nbytes when looping over prefixes.bytes - [armhf] i2c: imx: Fix reset of I2SR_IAL flag - [armhf] i2c: imx: Check for I2SR_IAL after every byte - speakup: Reject setting the speakup line discipline outside of speakup (CVE-2020-27830) - [amd64] iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs - spi: Introduce device-managed SPI controller allocation - [arm*] spi: bcm2835: Fix use-after-free on unbind - [arm*] spi: bcm2835: Release the DMA channel if probe fails after dma_init - tracing: Fix userstacktrace option for instances - gfs2: check for empty rgrp tree in gfs2_ri_update - [arm64] i2c: qup: Fix error return code in qup_i2c_bam_schedule_desc() - dm writecache: remove BUG() and fail gracefully instead - Input: i8042 - fix error return code in i8042_setup_aux() - netfilter: nf_tables: avoid false-postive lockdep splat - [x86] insn-eval: Use new for_each_insn_prefix() macro to loop over prefixes bytes - Revert "geneve: pull IP header before ECN decapsulation" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.164 - [x86] lib: Change .weak to SYM_FUNC_START_WEAK for arch/x86/lib/mem*_64.S - [arm*] spi: bcm2835aux: Fix use-after-free on unbind - [arm*] spi: bcm2835aux: Restore err assignment in bcm2835aux_spi_probe - iwlwifi: pcie: limit memory read spin time - iwlwifi: mvm: fix kernel panic in case of assert during CSA - scsi: ufs: Make sure clk scaling happens only when HBA is runtime ACTIVE - [arm64,armhf] irqchip/gic-v3-its: Unconditionally save/restore the ITS state on suspend - [x86] platform/x86: thinkpad_acpi: Do not report SW_TABLET_MODE on Yoga 11e - [x86] platform/x86: thinkpad_acpi: Add BAT1 is primary battery quirk for Thinkpad Yoga 11e 4th gen - [x86] platform/x86: acer-wmi: add automatic keyboard background light toggle key as KEY_LIGHTS_TOGGLE - [x86] platform/x86: intel-vbtn: Support for tablet mode on HP Pavilion 13 x360 PC - Input: cm109 - do not stomp on control URB - Input: i8042 - add Acer laptops to the i8042 reset list - pinctrl: amd: remove debounce filter setting in IRQ type setting - mmc: block: Fixup condition for CMD13 polling for RPMB requests - kbuild: avoid static_assert for genksyms - scsi: be2iscsi: Revert "Fix a theoretical leak in beiscsi_create_eqs()" - [x86] membarrier: Get rid of a dubious optimization - [x86] apic/vector: Fix ordering in vector assignment - [arm64] PCI: qcom: Add missing reset for ipq806x - mac80211: mesh: fix mesh_pathtbl_init() error path - [arm64,armhf] net: stmmac: free tx skb buffer in stmmac_resume() - tcp: select sane initial rcvq_space.space for big MSS - tcp: fix cwnd-limited bug for TSO deferral where we send nothing - net/mlx4_en: Avoid scheduling restart task if it is already running - lan743x: fix for potential NULL pointer dereference with bare card - net/mlx4_en: Handle TX error CQE - [arm64,armhf] net: stmmac: delete the eee_ctrl_timer after napi disabled - [arm64,armhf] net: stmmac: dwmac-meson8b: fix mask definition of the m250_sel mux - net: bridge: vlan: fix error return code in __vlan_add() - USB: add RESET_RESUME quirk for Snapscan 1212 - ALSA: usb-audio: Fix potential out-of-bounds shift - ALSA: usb-audio: Fix control 'access overflow' errors from chmap - xhci: Give USB2 ports time to enter U3 in bus suspend - USB: UAS: introduce a quirk to set no_write_same - ALSA: pcm: oss: Fix potential out-of-bounds shift - [x86] drm/xen-front: Fix misused IS_ERR_OR_NULL checks - drm: fix drm_dp_mst_port refcount leaks in drm_dp_mst_allocate_vcpi - [x86] pinctrl: baytrail: Avoid clearing debounce value when turning it off - [arm*] gpio: mvebu: fix potential user-after-free on probe - scsi: bnx2i: Requires MMU - xsk: Fix xsk_poll()'s return type - can: softing: softing_netdev_open(): fix error handling - block: factor out requeue handling from dispatch code - netfilter: x_tables: Switch synchronization to RCU - RDMA/cm: Fix an attempt to use non-valid pointer when cleaning timewait - ixgbe: avoid premature Rx buffer reuse - [arm64,armhf] drm/tegra: replace idr_init() by idr_init_base() - kernel/cpu: add arch override for clear_tasks_mm_cpumask() mm handling - [arm64,armhf] drm/tegra: sor: Disable clocks on error in tegra_sor_init() - [arm64] syscall: exit userspace before unmasking exceptions - vxlan: Add needed_headroom for lower device - vxlan: Copy needed_tailroom from lowerdev - scsi: mpt3sas: Increase IOCInit request timeout to 30s - dm table: Remove BUG_ON(in_interrupt()) - [arm64] soc/tegra: fuse: Fix index bug in get_process_id - USB: serial: option: add interface-number sanity check to flag handling - USB: gadget: f_acm: add support for SuperSpeed Plus - USB: gadget: f_midi: setup SuperSpeed Plus descriptors - usb: gadget: f_fs: Re-use SS descriptors for SuperSpeedPlus - USB: gadget: f_rndis: fix bitrate for SuperSpeed and above - [arm64,armhf] usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul - [armhf] dts: exynos: fix roles of USB 3.0 ports on Odroid XU - [armhf] dts: exynos: fix USB 3.0 pins supply being turned off on Odroid XU - scsi: megaraid_sas: Check user-provided offsets - HID: i2c-hid: add Vero K147 to descriptor override - serial_core: Check for port state when tty is in error state - Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt() - quota: Sanity-check quota file headers on load - media: msi2500: assign SPI bus number dynamically - crypto: af_alg - avoid undefined behavior accessing salg_name - md: fix a warning caused by a race between concurrent md_ioctl()s - perf cs-etm: Change tuple from traceID-CPU# to traceID-metadata - perf cs-etm: Move definition of 'traceid_list' global variable from header file - [x86] drm/gma500: fix double free of gma_connector - selinux: fix error initialization in inode_doinit_with_dentry() - RDMA/rxe: Compute PSN windows correctly - [x86] mm/ident_map: Check for errors from ident_pud_init() - [armel,armhf] p2v: fix handling of LPAE translation in BE mode - [x86] apic: Fix x2apic enablement without interrupt remapping - sched/deadline: Fix sched_dl_global_validate() - sched: Reenable interrupts in do_sched_yield() - [arm64] crypto: inside-secure - Fix sizeof() mismatch - [powerpc*] 64: Set up a kernel stack for secondaries before cpu_restore() - [arm64] drm/msm/dsi_pll_10nm: restore VCO rate during restore_state - ASoC: pcm: DRAIN support reactivation - selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling - Bluetooth: Fix null pointer dereference in hci_event_packet() - Bluetooth: hci_h5: fix memory leak in h5_close - [armhf] spi: spi-ti-qspi: fix reference leak in ti_qspi_setup - [arm64] spi: tegra20-slink: fix reference leak in slink ops of tegra20 - [arm64,armhf] spi: tegra20-sflash: fix reference leak in tegra_sflash_resume - [arm64,armhf] spi: tegra114: fix reference leak in tegra spi ops - mwifiex: fix mwifiex_shutdown_sw() causing sw reset failure - RDMa/mthca: Work around -Wenum-conversion warning - [x86] crypto: qat - fix status check in qat_hal_put_rel_rd_xfer() - [x86] media: tm6000: Fix sizeof() mismatches - scsi: core: Fix VPD LUN ID designator priorities - media: solo6x10: fix missing snd_card_free in error handling case - [armhf] drm/omap: dmm_tiler: fix return error code in omap_dmm_probe() - Input: ads7846 - fix race that causes missing releases - Input: ads7846 - fix integer overflow on Rt calculation - Input: ads7846 - fix unaligned access on 7845 - spi: fix resource leak for drivers without .remove callback - [armhf] Input: omap4-keypad - fix runtime PM error handling - RDMA/cxgb4: Validate the number of CQEs - memstick: fix a double-free bug in memstick_check - orinoco: Move context allocation after processing the skb - [arm64] dmaengine: mv_xor_v2: Fix error return code in mv_xor_v2_probe() - media: siano: fix memory leak of debugfs members in smsdvb_hotplug - [armhf] HSI: omap_ssi: Don't jump to free ID in ssi_add_controller() - [arm64] dts: rockchip: Set dr_mode to "host" for OTG on rk3328-roc-cc - [x86] power: supply: bq24190_charger: fix reference leak - genirq/irqdomain: Don't try to free an interrupt that has no mapping - PCI: Bounds-check command-line resource alignment requests - PCI: Fix overflow in command-line resource alignment requests - [arm64] dts: meson: fix spi-max-frequency on Khadas VIM2 - [x86] platform/x86: dell-smbios-base: Fix error return code in dell_smbios_init - ath10k: Fix the parsing error in service available event - ath10k: Fix an error handling path - ath10k: Release some resources in an error handling path - NFSv4.2: condition READDIR's mask for security label based on LSM state - SUNRPC: xprt_load_transport() needs to support the netid "rdma6" - lockd: don't use interval-based rebinding over TCP - NFS: switch nfsiod to be an UNBOUND workqueue. - vfio-pci: Use io_remap_pfn_range() for PCI IO memory - media: saa7146: fix array overflow in vidioc_s_audio() - memstick: r592: Fix error return in r592_probe() - net/mlx5: Properly convey driver version to firmware - dm ioctl: fix error return code in target_message - [arm64,armhf] clocksource/drivers/arm_arch_timer: Correct fault programming of CNTKCTL_EL1.EVNTI - [armhf] cpufreq: highbank: Add missing MODULE_DEVICE_TABLE - scsi: qedi: Fix missing destroy_workqueue() on error in __qedi_probe - scsi: pm80xx: Fix error return in pm8001_pci_probe() - seq_buf: Avoid type mismatch for seq_buf_init - [x86] scsi: fnic: Fix error return code in fnic_probe() - [powerpc*] pseries/hibernation: drop pseries_suspend_begin() from suspend ops - [powerpc*] pseries/hibernation: remove redundant cacheinfo update - [armhf] usb: ehci-omap: Fix PM disable depth umbalance in ehci_hcd_omap_probe - speakup: fix uninitialized flush_lock - nfsd: Fix message level for normal termination - nfs_common: need lock during iterate through the list - [x86] kprobes: Restore BTF if the single-stepping is cancelled - [arm64,armhf] clk: tegra: Fix duplicated SE clock entry - mac80211: don't set set TDLS STA bandwidth wider than possible - watchdog: Fix potential dereferencing of null pointer - [armhf] net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function - [arm64,x86] libnvdimm/label: Return -ENXIO for no slot in __blk_label_update - [arm64] watchdog: qcom: Avoid context switch in restart handler - [armhf] clk: ti: Fix memleak in ti_fapll_synth_setup - qlcnic: Fix error code in probe - [armhf] clk: s2mps11: Fix a resource leak in error handling paths in the probe function - [arm64,armhf] clk: sunxi-ng: Make sure divider tables have sentinel - [armhf] sunxi: Add machine match for the Allwinner V3 SoC - cfg80211: initialize rekey_data - lwt: Disable BH too in run_lwt_bpf() - [arm64,armhf] Input: cros_ec_keyb - send 'scancodes' in addition to key events - Input: goodix - add upside-down quirk for Teclast X98 Pro tablet - media: gspca: Fix memory leak in probe - [armhf] media: sunxi-cir: ensure IR is handled when it is continuous - media: netup_unidvb: Don't leak SPI master in probe error path - [x86] Input: cyapa_gen6 - fix out-of-bounds stack access - ALSA: hda/ca0132 - Change Input Source enum strings. - PM: ACPI: PCI: Drop acpi_pm_set_bridge_wakeup() - Revert "ACPI / resources: Use AE_CTRL_TERMINATE to terminate resources walks" - ACPI: PNP: compare the string length in the matching_id() - ALSA: hda: Fix regressions on clear and reconfig sysfs - ALSA: hda/realtek - Enable headset mic of ASUS X430UN with ALC256 - ALSA: hda/realtek - Enable headset mic of ASUS Q524UQK with ALC255 - ALSA: pcm: oss: Fix a few more UBSAN fixes - ALSA: hda/realtek: Add quirk for MSI-GP73 - ALSA: hda/realtek: Apply jack fixup for Quanta NL3 - ALSA: usb-audio: Add VID to support native DSD reproduction on FiiO devices - ALSA: usb-audio: Disable sample read check if firmware doesn't give back - [s390x] smp: perform initial CPU reset also for SMT siblings - [s390x] dasd: fix hanging device offline processing - [s390x] dasd: prevent inconsistent LCU device data - [s390x] dasd: fix list corruption of pavgroup group list - [s390x] dasd: fix list corruption of lcu list - [x86] staging: comedi: mf6x4: Fix AI end-of-conversion detection - [powerpc*] perf: Exclude kernel samples while counting events in user space. - crypto: ecdh - avoid unaligned accesses in ecdh_set_secret() - [x86] EDAC/amd64: Fix PCI component registration - USB: serial: mos7720: fix parallel-port state restore - USB: serial: digi_acceleport: fix write-wakeup deadlocks - USB: serial: keyspan_pda: fix dropped unthrottle interrupts - USB: serial: keyspan_pda: fix write deadlock - USB: serial: keyspan_pda: fix stalled writes - USB: serial: keyspan_pda: fix write-wakeup use-after-free - USB: serial: keyspan_pda: fix tx-unthrottle use-after-free - USB: serial: keyspan_pda: fix write unthrottling - ext4: fix a memory leak of ext4_free_data - ext4: fix deadlock with fs freezing and EA inodes - [arm64] KVM: Introduce handling of AArch32 TTBCR2 traps - [armhf] dts: pandaboard: fix pinmux for gpio user button of Pandaboard ES - [powerpc*] Fix incorrect stw{, ux, u, x} instructions in __set_pte_at - [powerpc*] rtas: Fix typo of ibm,open-errinjct in RTAS filter - [powerpc*] xmon: Change printk() to pr_cont() - ceph: fix race in concurrent __ceph_remove_cap invocations - SMB3: avoid confusing warning message on mount to Azure - SMB3.1.1: do not log warning message if server doesn't populate salt - ubifs: wbuf: Don't leak kernel memory to flash - jffs2: Fix GC exit abnormally - jfs: Fix array index bounds check in dbAdjTree (CVE-2020-27815) - drm/dp_aux_dev: check aux_dev before use in drm_dp_aux_dev_get_by_minor() - [armel] mtd: parser: cmdline: Fix parsing of part-names with colons - scsi: lpfc: Fix invalid sleeping context in lpfc_sli4_nvmet_alloc() - scsi: lpfc: Re-fix use after free in lpfc_rq_buf_free() - iio: buffer: Fix demux update - [arm64,armhf] iio: adc: rockchip_saradc: fix missing clk_disable_unprepare() on error in rockchip_saradc_resume - md/cluster: block reshape with remote resync job - md/cluster: fix deadlock when node is doing resync job - [arm64,armhf] pinctrl: sunxi: Always call chained_irq_{enter, exit} in sunxi_pinctrl_irq_handler - [arm64] clk: mvebu: a3700: fix the XTAL MODE pin to MPP1_9 - xen-blkback: set ring->xenblkd to NULL after kthread_stop() (CVE-2020-29569) - xen/xenbus: Allow watches discard events before queueing (CVE-2020-29568) - xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path() (CVE-2020-29568) - xen/xenbus/xen_bus_type: Support will_handle watch callback (CVE-2020-29568) - xen/xenbus: Count pending messages for each watch (CVE-2020-29568) - xenbus/xenbus_backend: Disallow pending watch messages (CVE-2020-29568) - libnvdimm/namespace: Fix reaping of invalidated block-window-namespace labels - [x86] platform/x86: intel-vbtn: Allow switch events on Acer Switch Alpha 12 - PCI: Fix pci_slot_release() NULL pointer dereference https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.165 - md/raid10: initialize r10_bio->read_slot before use. - fscrypt: add fscrypt_is_nokey_name() - ext4: prevent creating duplicate encrypted filenames - f2fs: prevent creating duplicate encrypted filenames - ubifs: prevent creating duplicate encrypted filenames - vfio/pci: Move dummy_resources_list init in vfio_pci_probe() - ext4: don't remount read-only with errors=continue on reboot - uapi: move constants from <linux/kernel.h> to <linux/const.h> - [x86] KVM: SVM: relax conditions for allowing MSR_IA32_SPEC_CTRL accesses - [x86] KVM: reinstate vendor-agnostic check on SPEC_CTRL cpuid bits - [powerpc*] bitops: Fix possible undefined behaviour with fls() and fls64() - xen/gntdev.c: Mark pages as dirty - null_blk: Fix zone size initialization - of: fix linker-section match-table corruption - Bluetooth: hci_h5: close serdev device and free hu in h5_close - reiserfs: add check for an invalid ih_entry_count - [x86] misc: vmw_vmci: fix kernel info-leak by initializing dbells in vmci_ctx_get_chkpt_doorbells() - media: gp8psk: initialize stats at power control logic - ALSA: seq: Use bool for snd_seq_queue internal flags - ALSA: rawmidi: Access runtime->avail always in spinlock - fcntl: Fix potential deadlock in send_sig{io, urg}() - [arm64,armhf] rtc: sun6i: Fix memleak in sun6i_rtc_clk_init - module: set MODULE_STATE_GOING state when a module fails to load - quota: Don't overflow quota file offsets - NFSv4: Fix a pNFS layout related use-after-free race when freeing the inode - module: delay kobject uevent until after module init call - ALSA: pcm: Clear the full allocated memory at hw_params - dm verity: skip verity work if I/O error when system is shutting down https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.166 - kdev_t: always inline major/minor helper functions - mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (CVE-2020-36158) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.167 - workqueue: Kick a worker based on the actual activation of delayed works - scsi: ufs: Fix wrong print message in dev_err() - scsi: ufs-pci: Ensure UFS device is in PowerDown mode for suspend-to-disk ->poweroff() - scsi: scsi_transport_spi: Set RQF_PM for domain validation commands - lib/genalloc: fix the overflow when size is too big - proc: change ->nlink under proc_subdir_lock - proc: fix lookup in /proc/net subdirectories after setns(2) - i40e: Fix Error I40E_AQ_RC_EINVAL when removing VFs - [arm64,armhf] net: mvpp2: Add TCAM entry to drop flow control pause frames - [arm64,armhf] net: mvpp2: prs: fix PPPoE with ipv6 packet parse - atm: idt77252: call pci_disable_device() on error path - [arm64,armhf] net: mvpp2: Fix GoP port 3 Networking Complex Control configurations - qede: fix offload for IPIP tunnel packets - virtio_net: Fix recursive call to cpus_read_lock() - net-sysfs: take the rtnl lock when storing xps_cpus - net-sysfs: take the rtnl lock when accessing xps_cpus_map and num_tc - tun: fix return value when the number of iovs exceeds MAX_SKB_FRAGS - ipv4: Ignore ECN bits for fib lookups in fib_compute_spec_dst() - [arm64] net: hns: fix return value check in __lb_other_process() - erspan: fix version 1 check in gre_parse_header() - net: hdlc_ppp: Fix issues when mod_timer is called while timer is running - CDC-NCM: remove "connected" log message - net: usb: qmi_wwan: add Quectel EM160R-GL - r8169: work around power-saving bug on some chip versions - vhost_net: fix ubuf refcount incorrectly when sendmsg fails - net: sched: prevent invalid Scell_log shift count - net-sysfs: take the rtnl lock when storing xps_rxqs - net-sysfs: take the rtnl lock when accessing xps_rxqs_map and num_tc - Bluetooth: revert: hci_h5: close serdev device and free hu in h5_close - [x86] video: hyperv_fb: Fix the mmap() regression for v5.4.y and older - crypto: ecdh - avoid buffer overflow in ecdh_set_secret() - usb: gadget: enable super speed plus - USB: cdc-acm: blacklist another IR Droid device - USB: cdc-wdm: Fix use after free in service_outstanding_interrupt(). - [arm64] usb: dwc3: ulpi: Use VStsDone to detect PHY regs access completion - [arm64,armhf] usb: chipidea: ci_hdrc_imx: add missing put_device() call in usbmisc_get_init_data() - USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set - usb: usbip: vhci_hcd: protect shift size - USB: serial: iuu_phoenix: fix DMA from stack - USB: serial: option: add LongSung M5710 module support - USB: serial: option: add Quectel EM160R-GL - USB: yurex: fix control-URB timeout handling - USB: usblp: fix DMA to stack - ALSA: usb-audio: Fix UBSAN warnings for MIDI jacks - usb: gadget: f_uac2: reset wMaxPacketSize - usb: gadget: function: printer: Fix a memory leak for interface descriptor - usb: gadget: u_ether: Fix MTU size mismatch with RX packet size - usb: gadget: Fix spinlock lockup on usb_function_deactivate - usb: gadget: configfs: Preserve function ordering after bind failure - usb: gadget: configfs: Fix use-after-free issue with udc_name - USB: serial: keyspan_pda: remove unused variable - [x86] mm: Fix leak of pmd ptlock - ALSA: hda/via: Fix runtime PM for Clevo W35xSS - ALSA: hda/conexant: add a new hda codec CX11970 - ALSA: hda/realtek - Fix speaker volume control on Lenovo C940 - btrfs: send: fix wrong file path when there is an inode with a pending rmdir - Revert "device property: Keep secondary firmware node secondary by type" - [x86] xen/pvh: correctly setup the PV EFI interface for dom0 - netfilter: x_tables: Update remaining dereference to RCU - netfilter: ipset: fix shift-out-of-bounds in htable_bits() - netfilter: xt_RATEEST: reject non-null terminated string from userspace - [x86] mtrr: Correct the range check before performing MTRR type lookups - scsi: target: Fix XCOPY NAA identifier lookup (CVE-2020-28374) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.168 - net: cdc_ncm: correct overhead in delayed_ndp_size (Closes: #970736) - [arm64] net: hns3: fix the number of queues actually used by ARQ - [arm64,armhf] net: stmmac: dwmac-sun8i: Balance internal PHY resource references - [arm64,armhf] net: stmmac: dwmac-sun8i: Balance internal PHY power - net: vlan: avoid leaks on register_vlan_dev() failures - net: ip: always refragment ip defragmented packets - net: fix pmtu check in nopmtudisc mode - net: ipv6: fib: flush exceptions when purging route - vmlinux.lds.h: Add PGO and AutoFDO input sections - [x86] drm/i915: Fix mismatch between misplaced vma check and vma insert - [amd64] spi: pxa2xx: Fix use-after-free on unbind - HID: wacom: Fix memory leakage caused by kfifo_alloc - [armhf] OMAP2+: omap_device: fix idling of devices during probe - [x86] cpufreq: powernow-k8: pass policy rather than use cpufreq_cpu_get() - [amd64] iommu/intel: Fix memleak in intel_irq_remapping_alloc - net/mlx5e: Fix memleak in mlx5e_create_l2_table_groups - net/mlx5e: Fix two double free cases - regmap: debugfs: Fix a memory leak when calling regmap_attach_dev - [arm64] KVM: Don't access PMCR_EL0 when no PMU is available - block: fix use-after-free in disk_part_iter_next - net: drop bogus skb with CHECKSUM_PARTIAL and offset beyond end of trimmed packet - regmap: debugfs: Fix a reversed if statement in regmap_debugfs_init() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.169 - ASoC: dapm: remove widget from dirty list on free - [x86] hyperv: check cpu mask after interrupt has been disabled - [mips*] boot: Fix unaligned access with CONFIG_MIPS_RAW_APPENDED_DTB - ACPI: scan: Harden acpi_device_add() against device ID overflows - mm/hugetlb: fix potential missing huge page size info - dm snapshot: flush merged data before committing metadata - dm integrity: fix the maximum number of arguments - r8152: Add Lenovo Powered USB-C Travel Hub - ext4: fix bug for rename with RENAME_WHITEOUT - btrfs: fix transaction leak and crash after RO remount caused by qgroup rescan - bfq: Fix computation of shallow depth - [arm64] drm/msm: Call msm_init_vram before binding the gpu - dump_common_audit_data(): fix racy accesses to ->d_name - [x86] ASoC: Intel: fix error code cnl_set_dsp_D0() - NFS4: Fix use-after-free in trace_event_raw_event_nfs4_set_lock - pNFS: Mark layout for return if return-on-close was not sent - NFS/pNFS: Fix a leak of the layout 'plh_outstanding' counter - NFS: nfs_igrab_and_active must first reference the superblock - ext4: fix superblock checksum failure when setting password salt - [amd64] RDMA/usnic: Fix memleak in find_free_vf_and_create_qp_grp - RDMA/mlx5: Fix wrong free of blue flame register on error - mm, slub: consider rest of partial list if acquire_slab() fails - net: sunrpc: interpret the return value of kstrtou32 correctly - dm: eliminate potential source of excessive kernel log noise - ALSA: firewire-tascam: Fix integer overflow in midi_port_work() - ALSA: fireface: Fix integer overflow in transmit_midi_msg() - netfilter: conntrack: fix reading nf_conntrack_buckets - netfilter: nf_nat: Fix memleak in nf_nat_init https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.170 - usb: ohci: Make distrust_firmware param default to false - dm integrity: fix flush with external metadata device - nfsd4: readdirplus shouldn't return parent of export (CVE-2021-3178) - udp: Prevent reuseport_select_sock from reading uninitialized socks - netxen_nic: fix MSI/MSI-x interrupts - [arm64,armhf] net: mvpp2: Remove Pause and Asym_Pause support - rndis_host: set proper input size for OID_GEN_PHYSICAL_MEDIUM request - esp: avoid unneeded kmap_atomic call - net: dcb: Validate netlink message in DCB handler - net: dcb: Accept RTM_GETDCB messages carrying set-like DCB commands - rxrpc: Call state should be read with READ_ONCE() under some circumstances - [arm64,armhf] net: stmmac: Fixed mtu channged by cache aligned - net: sit: unregister_netdevice on newlink's error path - net: avoid 32 x truesize under-estimation for tiny skbs - rxrpc: Fix handling of an unsupported token type in rxrpc_read() - tipc: fix NULL deref in tipc_link_xmit() - net: introduce skb_list_walk_safe for skb segment walking - net: skbuff: disambiguate argument and member for skb_list_walk_safe helper - net: ipv6: Validate GSO SKB before finish IPv6 processing https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.171 - ALSA: hda/via: Add minimum mute flag - ACPI: scan: Make acpi_bus_get_device() clear return pointer on error - btrfs: fix lockdep splat in btrfs_recover_relocation - mmc: core: don't initialize block size from ext_csd if not present - [arm64] mmc: sdhci-xenon: fix 1.8v regulator stabilization - dm: avoid filesystem lookup in dm_get_dev_t() - dm integrity: fix a crash if "recalculate" used without "internal_hash" - drm/atomic: put state on error path - [x86] ASoC: Intel: haswell: Add missing pm_ops - scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback - scsi: qedi: Correct max length of CHAP secret - HID: Ignore battery for Elan touchscreen on ASUS UX550 - xen: Fix event channel callback via INTX/GSI - drm/nouveau/bios: fix issue shadowing expansion ROMs - drm/nouveau/privring: ack interrupts the same way as RM - drm/nouveau/i2c/gm200: increase width of aux semaphore owner fields - drm/nouveau/mmu: fix vram heap sizing - drm/nouveau/kms/nv50-: fix case where notifier buffer is at offset 0 - scsi: megaraid_sas: Fix MEGASAS_IOC_FIRMWARE regression - i2c: octeon: check correct size of maximum RECV_LEN packet - [x86] platform/x86: intel-vbtn: Drop HP Stream x360 Convertible PC 11 from allow-list - can: dev: can_restart: fix use after free bug - can: vxcan: vxcan_xmit: fix use after free bug - can: peak_usb: fix use after free bugs - [mips*] irqchip/mips-cpu: Set IPI domain parent chip - [x86] intel_th: pci: Add Alder Lake-P support - [arm64] serial: mvebu-uart: fix tx lost characters at power off - ehci: fix EHCI host controller initialization sequence - usb: udc: core: Use lock when write to soft_connect - xhci: make sure TRB is fully written before giving it to the controller - [arm64,armhf] xhci: tegra: Delay for disabling LFPS detector - driver core: Extend device_is_dependent() - netfilter: rpfilter: mask ecn bits before fib lookup - skbuff: back tiny skbs with kmalloc() in __netdev_alloc_skb() too - udp: mask TOS bits in udp_v4_early_demux() - ipv6: create multicast route with RTPROT_KERNEL - net_sched: avoid shift-out-of-bounds in tcindex_set_parms() - net_sched: reject silly cell_log in qdisc_get_rtab() - ipv6: set multicast flag on the multicast route - net: Disable NETIF_F_HW_TLS_RX when RXCSUM is disabled - [armhf] net: dsa: b53: fix an off by one in checking "vlan->vid" . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.165-rt70 * Bump ABI to 14 * [rt] Refresh "net/core: protect users of napi_alloc_cache against reentrance" * futex: Move futex exit handling into futex code * futex: Replace PF_EXITPIDONE with a state * exit/exec: Seperate mm_release() * futex: Split futex_mm_release() for exit/exec * futex: Set task::futex_state to DEAD right after handling futex exit * futex: Mark the begin of futex exit explicitly * futex: Sanitize exit state handling * futex: Provide state handling for exec() as well * futex: Add mutex around futex exit * futex: Provide distinct return value when owner is exiting * futex: Prevent exit livelock * [rt] Refresh "softirq: Split softirq locks" * [arm*] gpio: mvebu: fix pwm .get_state period calculation * Revert "mm/slub: fix a memory leak in sysfs_slab_add()" * futex: Ensure the correct return value from futex_lock_pi() * futex: Replace pointless printk in fixup_owner() * futex: Provide and use pi_state_update_owner() * rtmutex: Remove unused argument from rt_mutex_proxy_unlock() * futex: Use pi_state_update_owner() in put_pi_state() * futex: Simplify fixup_pi_state_owner() * futex: Handle faults correctly for PI futexes * [rt] Refresh "rtmutex: Handle the various new futex race conditions" * [rt] Refresh "rtmutex: add sleeping lock implementation" * [rt] Refresh "Revert "rtmutex: Handle the various new futex race conditions"" * [rt] Refresh "futex: Make the futex_hash_bucket lock raw" * [rt] Refresh "futex: Delay deallocation of pi_state" * [rt] Refresh "futex: Make the futex_hash_bucket spinlock_t again and bring back its old state" * HID: wacom: Correct NULL dereference on AES pen proximity * tracing: Fix race in trace_open and buffer resize call (CVE-2020-27825) . [ Uwe Kleine-König ] * [arm64] Enable support for NXP's PCF85063 RTC (Closes: #972345) linux-latest (105+deb10u9) buster-security; urgency=high . * Update to 4.19.0-14 linux-signed-amd64 (4.19.171+2) buster-security; urgency=high . * Sign kernel from linux 4.19.171-2 . * xen: Fix XenStore initialisation for XS_LOCAL linux-signed-arm64 (4.19.171+2) buster-security; urgency=high . * Sign kernel from linux 4.19.171-2 . * xen: Fix XenStore initialisation for XS_LOCAL linux-signed-i386 (4.19.171+2) buster-security; urgency=high . * Sign kernel from linux 4.19.171-2 . * xen: Fix XenStore initialisation for XS_LOCAL linux-signed-i386 (4.19.171+1) buster-security; urgency=high . * Sign kernel from linux 4.19.171-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.161 - perf event: Check ref_reloc_sym before using it - netfilter: clear skb->next in NF_HOOK_LIST() (CVE-2021-20177) - btrfs: don't access possibly stale fs_info data for printing duplicate device - btrfs: fix lockdep splat when reading qgroup config on mount - wireless: Use linux/stddef.h instead of stddef.h - [arm64] KVM: vgic-v3: Drop the reporting of GICR_TYPER.Last for userspace - [x86] KVM: handle !lapic_in_kernel case in kvm_cpu_*_extint - [x86] KVM: Fix split-irqchip vs interrupt injection window request - [arm64] pgtable: Fix pte_accessible() - [arm64] pgtable: Ensure dirty bit is preserved across pte_wrprotect() (Closes: #977615) - drm/atomic_helper: Stop modesets on unregistered connectors harder - ALSA: hda/hdmi: fix incorrect locking in hdmi_pcm_close - HID: cypress: Support Varmilo Keyboards' media hotkeys - HID: add support for Sega Saturn - Input: i8042 - allow insmod to succeed on devices without an i8042 controller - HID: hid-sensor-hub: Fix issue with devices with no report ID - HID: add HID_QUIRK_INCREMENT_USAGE_ON_DUPLICATE for Gamevice devices - [x86] xen: don't unbind uninitialized lock_kicker_irq - HID: Add Logitech Dinovo Edge battery quirk - proc: don't allow async path resolution of /proc/self components - nvme: free sq/cq dbbuf pointers when dbbuf set fails - [arm64,armhf] dmaengine: pl330: _prep_dma_memcpy: Fix wrong burst size - scsi: libiscsi: Fix NOP race condition - scsi: target: iscsi: Fix cmd abort fabric stop race - [x86] perf/x86: fix sysfs type mismatches - [arm64,armhf] phy: tegra: xusb: Fix dangling pointer on probe failure - scsi: ufs: Fix race between shutdown and runtime resume flow - bnxt_en: fix error return code in bnxt_init_one() - bnxt_en: fix error return code in bnxt_init_board() - [x86] video: hyperv_fb: Fix the cache type when mapping the VRAM - bnxt_en: Release PCI regions when DMA mask setup fails during probe. - cxgb4: fix the panic caused by non smac rewrite - [s390x] qeth: fix tear down of async TX buffers - IB/mthca: fix return value of error branch in mthca_init_cq() - net: ena: set initial DMA width to avoid intel iommu issue - [arm64] optee: add writeback to valid memory type - [arm64,armhf,x86] efivarfs: revert "fix memory leak in efivarfs_create()" (Closes: #977048) - can: gs_usb: fix endianess problem with candleLight firmware - [x86] platform/x86: thinkpad_acpi: Send tablet mode switch at wakeup time - [x86] platform/x86: toshiba_acpi: Fix the wrong variable assignment - USB: core: Change %pK for __user pointers to %px - usb: gadget: f_midi: Fix memleak in f_midi_alloc - USB: quirks: Add USB_QUIRK_DISCONNECT_SUSPEND quirk for Lenovo A630Z TIO built-in usb-audio card - usb: gadget: Fix memleak in gadgetfs_fill_super - [x86] speculation: Fix prctl() when spectre_v2_user={seccomp,prctl},ibpb - USB: core: Fix regression in Hercules audio card https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.162 - ipv6: addrlabel: fix possible memory leak in ip6addrlbl_net_init - [s390x] net/af_iucv: set correct sk_protocol for child sockets - rose: Fix Null pointer dereference in rose_send_frame() - sock: set sk_err to ee_errno on dequeue from errq - tcp: Set INET_ECN_xmit configuration in tcp_reinit_congestion_control - tun: honor IOCB_NOWAIT flag - i40e: Fix removing driver while bare-metal VFs pass traffic - bonding: wait for sysfs kobject destruction before freeing struct slave - netfilter: bridge: reset skb->pkt_type after NF_INET_POST_ROUTING traversal - ipv4: Fix tos mask in inet_rtm_getroute() - geneve: pull IP header before ECN decapsulation - net: ip6_gre: set dev->hard_header_len when using header_ops - cxgb3: fix error return code in t3_sge_alloc_qset() - [arm64,armhf] net: mvpp2: Fix error return code in mvpp2_open() - net/mlx5: Fix wrong address reclaim when command interface is down - dt-bindings: net: correct interrupt flags in examples - ALSA: usb-audio: US16x08: fix value count for level meters - Input: xpad - support Ardwiino Controllers - Input: i8042 - add ByteSpeed touchpad to noloop table - tracing: Remove WARN_ON in start_thread() - RDMA/i40iw: Address an mmap handler exploit in i40iw https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.163 - [x86] pinctrl: baytrail: Replace WARN with dev_info_once when setting direct-irq pin to output - [x86] pinctrl: baytrail: Fix pin being driven low for a while on gpiod_get(..., GPIOD_OUT_HIGH) - usb: gadget: f_fs: Use local copy of descriptors for userspace copy - USB: serial: kl5kusb105: fix memleak on open - USB: serial: ch341: add new Product ID for CH341A - USB: serial: ch341: sort device-id entries - USB: serial: option: add Fibocom NL668 variants - USB: serial: option: add support for Thales Cinterion EXS82 - USB: serial: option: fix Quectel BG96 matching - tty: Fix ->pgrp locking in tiocspgrp() (CVE-2020-29661) - tty: Fix ->session locking (CVE-2020-29660) - ALSA: hda/realtek: Add mute LED quirk to yet another HP x360 model - ALSA: hda/realtek: Enable headset of ASUS UX482EG & B9400CEA with ALC294 - ALSA: hda/realtek - Add new codec supported for ALC897 - ALSA: hda/generic: Add option to enforce preferred_dacs pairs - ftrace: Fix updating FTRACE_FL_TRAMP - cifs: fix potential use-after-free in cifs_echo_request() - [armhf] i2c: imx: Don't generate STOP condition if arbitration has been lost - scsi: mpt3sas: Fix ioctl timeout - dm writecache: fix the maximum number of arguments - dm: remove invalid sparse __acquires and __releases annotations - mm: list_lru: set shrinker map bit when child nr_items is not zero - mm/swapfile: do not sleep with a spin lock held - [x86] uprobes: Do not use prefixes.nbytes when looping over prefixes.bytes - [armhf] i2c: imx: Fix reset of I2SR_IAL flag - [armhf] i2c: imx: Check for I2SR_IAL after every byte - speakup: Reject setting the speakup line discipline outside of speakup (CVE-2020-27830) - [amd64] iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs - spi: Introduce device-managed SPI controller allocation - [arm*] spi: bcm2835: Fix use-after-free on unbind - [arm*] spi: bcm2835: Release the DMA channel if probe fails after dma_init - tracing: Fix userstacktrace option for instances - gfs2: check for empty rgrp tree in gfs2_ri_update - [arm64] i2c: qup: Fix error return code in qup_i2c_bam_schedule_desc() - dm writecache: remove BUG() and fail gracefully instead - Input: i8042 - fix error return code in i8042_setup_aux() - netfilter: nf_tables: avoid false-postive lockdep splat - [x86] insn-eval: Use new for_each_insn_prefix() macro to loop over prefixes bytes - Revert "geneve: pull IP header before ECN decapsulation" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.164 - [x86] lib: Change .weak to SYM_FUNC_START_WEAK for arch/x86/lib/mem*_64.S - [arm*] spi: bcm2835aux: Fix use-after-free on unbind - [arm*] spi: bcm2835aux: Restore err assignment in bcm2835aux_spi_probe - iwlwifi: pcie: limit memory read spin time - iwlwifi: mvm: fix kernel panic in case of assert during CSA - scsi: ufs: Make sure clk scaling happens only when HBA is runtime ACTIVE - [arm64,armhf] irqchip/gic-v3-its: Unconditionally save/restore the ITS state on suspend - [x86] platform/x86: thinkpad_acpi: Do not report SW_TABLET_MODE on Yoga 11e - [x86] platform/x86: thinkpad_acpi: Add BAT1 is primary battery quirk for Thinkpad Yoga 11e 4th gen - [x86] platform/x86: acer-wmi: add automatic keyboard background light toggle key as KEY_LIGHTS_TOGGLE - [x86] platform/x86: intel-vbtn: Support for tablet mode on HP Pavilion 13 x360 PC - Input: cm109 - do not stomp on control URB - Input: i8042 - add Acer laptops to the i8042 reset list - pinctrl: amd: remove debounce filter setting in IRQ type setting - mmc: block: Fixup condition for CMD13 polling for RPMB requests - kbuild: avoid static_assert for genksyms - scsi: be2iscsi: Revert "Fix a theoretical leak in beiscsi_create_eqs()" - [x86] membarrier: Get rid of a dubious optimization - [x86] apic/vector: Fix ordering in vector assignment - [arm64] PCI: qcom: Add missing reset for ipq806x - mac80211: mesh: fix mesh_pathtbl_init() error path - [arm64,armhf] net: stmmac: free tx skb buffer in stmmac_resume() - tcp: select sane initial rcvq_space.space for big MSS - tcp: fix cwnd-limited bug for TSO deferral where we send nothing - net/mlx4_en: Avoid scheduling restart task if it is already running - lan743x: fix for potential NULL pointer dereference with bare card - net/mlx4_en: Handle TX error CQE - [arm64,armhf] net: stmmac: delete the eee_ctrl_timer after napi disabled - [arm64,armhf] net: stmmac: dwmac-meson8b: fix mask definition of the m250_sel mux - net: bridge: vlan: fix error return code in __vlan_add() - USB: add RESET_RESUME quirk for Snapscan 1212 - ALSA: usb-audio: Fix potential out-of-bounds shift - ALSA: usb-audio: Fix control 'access overflow' errors from chmap - xhci: Give USB2 ports time to enter U3 in bus suspend - USB: UAS: introduce a quirk to set no_write_same - ALSA: pcm: oss: Fix potential out-of-bounds shift - [x86] drm/xen-front: Fix misused IS_ERR_OR_NULL checks - drm: fix drm_dp_mst_port refcount leaks in drm_dp_mst_allocate_vcpi - [x86] pinctrl: baytrail: Avoid clearing debounce value when turning it off - [arm*] gpio: mvebu: fix potential user-after-free on probe - scsi: bnx2i: Requires MMU - xsk: Fix xsk_poll()'s return type - can: softing: softing_netdev_open(): fix error handling - block: factor out requeue handling from dispatch code - netfilter: x_tables: Switch synchronization to RCU - RDMA/cm: Fix an attempt to use non-valid pointer when cleaning timewait - ixgbe: avoid premature Rx buffer reuse - [arm64,armhf] drm/tegra: replace idr_init() by idr_init_base() - kernel/cpu: add arch override for clear_tasks_mm_cpumask() mm handling - [arm64,armhf] drm/tegra: sor: Disable clocks on error in tegra_sor_init() - [arm64] syscall: exit userspace before unmasking exceptions - vxlan: Add needed_headroom for lower device - vxlan: Copy needed_tailroom from lowerdev - scsi: mpt3sas: Increase IOCInit request timeout to 30s - dm table: Remove BUG_ON(in_interrupt()) - [arm64] soc/tegra: fuse: Fix index bug in get_process_id - USB: serial: option: add interface-number sanity check to flag handling - USB: gadget: f_acm: add support for SuperSpeed Plus - USB: gadget: f_midi: setup SuperSpeed Plus descriptors - usb: gadget: f_fs: Re-use SS descriptors for SuperSpeedPlus - USB: gadget: f_rndis: fix bitrate for SuperSpeed and above - [arm64,armhf] usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul - [armhf] dts: exynos: fix roles of USB 3.0 ports on Odroid XU - [armhf] dts: exynos: fix USB 3.0 pins supply being turned off on Odroid XU - scsi: megaraid_sas: Check user-provided offsets - HID: i2c-hid: add Vero K147 to descriptor override - serial_core: Check for port state when tty is in error state - Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt() - quota: Sanity-check quota file headers on load - media: msi2500: assign SPI bus number dynamically - crypto: af_alg - avoid undefined behavior accessing salg_name - md: fix a warning caused by a race between concurrent md_ioctl()s - perf cs-etm: Change tuple from traceID-CPU# to traceID-metadata - perf cs-etm: Move definition of 'traceid_list' global variable from header file - [x86] drm/gma500: fix double free of gma_connector - selinux: fix error initialization in inode_doinit_with_dentry() - RDMA/rxe: Compute PSN windows correctly - [x86] mm/ident_map: Check for errors from ident_pud_init() - [armel,armhf] p2v: fix handling of LPAE translation in BE mode - [x86] apic: Fix x2apic enablement without interrupt remapping - sched/deadline: Fix sched_dl_global_validate() - sched: Reenable interrupts in do_sched_yield() - [arm64] crypto: inside-secure - Fix sizeof() mismatch - [powerpc*] 64: Set up a kernel stack for secondaries before cpu_restore() - [arm64] drm/msm/dsi_pll_10nm: restore VCO rate during restore_state - ASoC: pcm: DRAIN support reactivation - selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling - Bluetooth: Fix null pointer dereference in hci_event_packet() - Bluetooth: hci_h5: fix memory leak in h5_close - [armhf] spi: spi-ti-qspi: fix reference leak in ti_qspi_setup - [arm64] spi: tegra20-slink: fix reference leak in slink ops of tegra20 - [arm64,armhf] spi: tegra20-sflash: fix reference leak in tegra_sflash_resume - [arm64,armhf] spi: tegra114: fix reference leak in tegra spi ops - mwifiex: fix mwifiex_shutdown_sw() causing sw reset failure - RDMa/mthca: Work around -Wenum-conversion warning - [x86] crypto: qat - fix status check in qat_hal_put_rel_rd_xfer() - [x86] media: tm6000: Fix sizeof() mismatches - scsi: core: Fix VPD LUN ID designator priorities - media: solo6x10: fix missing snd_card_free in error handling case - [armhf] drm/omap: dmm_tiler: fix return error code in omap_dmm_probe() - Input: ads7846 - fix race that causes missing releases - Input: ads7846 - fix integer overflow on Rt calculation - Input: ads7846 - fix unaligned access on 7845 - spi: fix resource leak for drivers without .remove callback - [armhf] Input: omap4-keypad - fix runtime PM error handling - RDMA/cxgb4: Validate the number of CQEs - memstick: fix a double-free bug in memstick_check - orinoco: Move context allocation after processing the skb - [arm64] dmaengine: mv_xor_v2: Fix error return code in mv_xor_v2_probe() - media: siano: fix memory leak of debugfs members in smsdvb_hotplug - [armhf] HSI: omap_ssi: Don't jump to free ID in ssi_add_controller() - [arm64] dts: rockchip: Set dr_mode to "host" for OTG on rk3328-roc-cc - [x86] power: supply: bq24190_charger: fix reference leak - genirq/irqdomain: Don't try to free an interrupt that has no mapping - PCI: Bounds-check command-line resource alignment requests - PCI: Fix overflow in command-line resource alignment requests - [arm64] dts: meson: fix spi-max-frequency on Khadas VIM2 - [x86] platform/x86: dell-smbios-base: Fix error return code in dell_smbios_init - ath10k: Fix the parsing error in service available event - ath10k: Fix an error handling path - ath10k: Release some resources in an error handling path - NFSv4.2: condition READDIR's mask for security label based on LSM state - SUNRPC: xprt_load_transport() needs to support the netid "rdma6" - lockd: don't use interval-based rebinding over TCP - NFS: switch nfsiod to be an UNBOUND workqueue. - vfio-pci: Use io_remap_pfn_range() for PCI IO memory - media: saa7146: fix array overflow in vidioc_s_audio() - memstick: r592: Fix error return in r592_probe() - net/mlx5: Properly convey driver version to firmware - dm ioctl: fix error return code in target_message - [arm64,armhf] clocksource/drivers/arm_arch_timer: Correct fault programming of CNTKCTL_EL1.EVNTI - [armhf] cpufreq: highbank: Add missing MODULE_DEVICE_TABLE - scsi: qedi: Fix missing destroy_workqueue() on error in __qedi_probe - scsi: pm80xx: Fix error return in pm8001_pci_probe() - seq_buf: Avoid type mismatch for seq_buf_init - [x86] scsi: fnic: Fix error return code in fnic_probe() - [powerpc*] pseries/hibernation: drop pseries_suspend_begin() from suspend ops - [powerpc*] pseries/hibernation: remove redundant cacheinfo update - [armhf] usb: ehci-omap: Fix PM disable depth umbalance in ehci_hcd_omap_probe - speakup: fix uninitialized flush_lock - nfsd: Fix message level for normal termination - nfs_common: need lock during iterate through the list - [x86] kprobes: Restore BTF if the single-stepping is cancelled - [arm64,armhf] clk: tegra: Fix duplicated SE clock entry - mac80211: don't set set TDLS STA bandwidth wider than possible - watchdog: Fix potential dereferencing of null pointer - [armhf] net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function - [arm64,x86] libnvdimm/label: Return -ENXIO for no slot in __blk_label_update - [arm64] watchdog: qcom: Avoid context switch in restart handler - [armhf] clk: ti: Fix memleak in ti_fapll_synth_setup - qlcnic: Fix error code in probe - [armhf] clk: s2mps11: Fix a resource leak in error handling paths in the probe function - [arm64,armhf] clk: sunxi-ng: Make sure divider tables have sentinel - [armhf] sunxi: Add machine match for the Allwinner V3 SoC - cfg80211: initialize rekey_data - lwt: Disable BH too in run_lwt_bpf() - [arm64,armhf] Input: cros_ec_keyb - send 'scancodes' in addition to key events - Input: goodix - add upside-down quirk for Teclast X98 Pro tablet - media: gspca: Fix memory leak in probe - [armhf] media: sunxi-cir: ensure IR is handled when it is continuous - media: netup_unidvb: Don't leak SPI master in probe error path - [x86] Input: cyapa_gen6 - fix out-of-bounds stack access - ALSA: hda/ca0132 - Change Input Source enum strings. - PM: ACPI: PCI: Drop acpi_pm_set_bridge_wakeup() - Revert "ACPI / resources: Use AE_CTRL_TERMINATE to terminate resources walks" - ACPI: PNP: compare the string length in the matching_id() - ALSA: hda: Fix regressions on clear and reconfig sysfs - ALSA: hda/realtek - Enable headset mic of ASUS X430UN with ALC256 - ALSA: hda/realtek - Enable headset mic of ASUS Q524UQK with ALC255 - ALSA: pcm: oss: Fix a few more UBSAN fixes - ALSA: hda/realtek: Add quirk for MSI-GP73 - ALSA: hda/realtek: Apply jack fixup for Quanta NL3 - ALSA: usb-audio: Add VID to support native DSD reproduction on FiiO devices - ALSA: usb-audio: Disable sample read check if firmware doesn't give back - [s390x] smp: perform initial CPU reset also for SMT siblings - [s390x] dasd: fix hanging device offline processing - [s390x] dasd: prevent inconsistent LCU device data - [s390x] dasd: fix list corruption of pavgroup group list - [s390x] dasd: fix list corruption of lcu list - [x86] staging: comedi: mf6x4: Fix AI end-of-conversion detection - [powerpc*] perf: Exclude kernel samples while counting events in user space. - crypto: ecdh - avoid unaligned accesses in ecdh_set_secret() - [x86] EDAC/amd64: Fix PCI component registration - USB: serial: mos7720: fix parallel-port state restore - USB: serial: digi_acceleport: fix write-wakeup deadlocks - USB: serial: keyspan_pda: fix dropped unthrottle interrupts - USB: serial: keyspan_pda: fix write deadlock - USB: serial: keyspan_pda: fix stalled writes - USB: serial: keyspan_pda: fix write-wakeup use-after-free - USB: serial: keyspan_pda: fix tx-unthrottle use-after-free - USB: serial: keyspan_pda: fix write unthrottling - ext4: fix a memory leak of ext4_free_data - ext4: fix deadlock with fs freezing and EA inodes - [arm64] KVM: Introduce handling of AArch32 TTBCR2 traps - [armhf] dts: pandaboard: fix pinmux for gpio user button of Pandaboard ES - [powerpc*] Fix incorrect stw{, ux, u, x} instructions in __set_pte_at - [powerpc*] rtas: Fix typo of ibm,open-errinjct in RTAS filter - [powerpc*] xmon: Change printk() to pr_cont() - ceph: fix race in concurrent __ceph_remove_cap invocations - SMB3: avoid confusing warning message on mount to Azure - SMB3.1.1: do not log warning message if server doesn't populate salt - ubifs: wbuf: Don't leak kernel memory to flash - jffs2: Fix GC exit abnormally - jfs: Fix array index bounds check in dbAdjTree (CVE-2020-27815) - drm/dp_aux_dev: check aux_dev before use in drm_dp_aux_dev_get_by_minor() - [armel] mtd: parser: cmdline: Fix parsing of part-names with colons - scsi: lpfc: Fix invalid sleeping context in lpfc_sli4_nvmet_alloc() - scsi: lpfc: Re-fix use after free in lpfc_rq_buf_free() - iio: buffer: Fix demux update - [arm64,armhf] iio: adc: rockchip_saradc: fix missing clk_disable_unprepare() on error in rockchip_saradc_resume - md/cluster: block reshape with remote resync job - md/cluster: fix deadlock when node is doing resync job - [arm64,armhf] pinctrl: sunxi: Always call chained_irq_{enter, exit} in sunxi_pinctrl_irq_handler - [arm64] clk: mvebu: a3700: fix the XTAL MODE pin to MPP1_9 - xen-blkback: set ring->xenblkd to NULL after kthread_stop() (CVE-2020-29569) - xen/xenbus: Allow watches discard events before queueing (CVE-2020-29568) - xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path() (CVE-2020-29568) - xen/xenbus/xen_bus_type: Support will_handle watch callback (CVE-2020-29568) - xen/xenbus: Count pending messages for each watch (CVE-2020-29568) - xenbus/xenbus_backend: Disallow pending watch messages (CVE-2020-29568) - libnvdimm/namespace: Fix reaping of invalidated block-window-namespace labels - [x86] platform/x86: intel-vbtn: Allow switch events on Acer Switch Alpha 12 - PCI: Fix pci_slot_release() NULL pointer dereference https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.165 - md/raid10: initialize r10_bio->read_slot before use. - fscrypt: add fscrypt_is_nokey_name() - ext4: prevent creating duplicate encrypted filenames - f2fs: prevent creating duplicate encrypted filenames - ubifs: prevent creating duplicate encrypted filenames - vfio/pci: Move dummy_resources_list init in vfio_pci_probe() - ext4: don't remount read-only with errors=continue on reboot - uapi: move constants from <linux/kernel.h> to <linux/const.h> - [x86] KVM: SVM: relax conditions for allowing MSR_IA32_SPEC_CTRL accesses - [x86] KVM: reinstate vendor-agnostic check on SPEC_CTRL cpuid bits - [powerpc*] bitops: Fix possible undefined behaviour with fls() and fls64() - xen/gntdev.c: Mark pages as dirty - null_blk: Fix zone size initialization - of: fix linker-section match-table corruption - Bluetooth: hci_h5: close serdev device and free hu in h5_close - reiserfs: add check for an invalid ih_entry_count - [x86] misc: vmw_vmci: fix kernel info-leak by initializing dbells in vmci_ctx_get_chkpt_doorbells() - media: gp8psk: initialize stats at power control logic - ALSA: seq: Use bool for snd_seq_queue internal flags - ALSA: rawmidi: Access runtime->avail always in spinlock - fcntl: Fix potential deadlock in send_sig{io, urg}() - [arm64,armhf] rtc: sun6i: Fix memleak in sun6i_rtc_clk_init - module: set MODULE_STATE_GOING state when a module fails to load - quota: Don't overflow quota file offsets - NFSv4: Fix a pNFS layout related use-after-free race when freeing the inode - module: delay kobject uevent until after module init call - ALSA: pcm: Clear the full allocated memory at hw_params - dm verity: skip verity work if I/O error when system is shutting down https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.166 - kdev_t: always inline major/minor helper functions - mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (CVE-2020-36158) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.167 - workqueue: Kick a worker based on the actual activation of delayed works - scsi: ufs: Fix wrong print message in dev_err() - scsi: ufs-pci: Ensure UFS device is in PowerDown mode for suspend-to-disk ->poweroff() - scsi: scsi_transport_spi: Set RQF_PM for domain validation commands - lib/genalloc: fix the overflow when size is too big - proc: change ->nlink under proc_subdir_lock - proc: fix lookup in /proc/net subdirectories after setns(2) - i40e: Fix Error I40E_AQ_RC_EINVAL when removing VFs - [arm64,armhf] net: mvpp2: Add TCAM entry to drop flow control pause frames - [arm64,armhf] net: mvpp2: prs: fix PPPoE with ipv6 packet parse - atm: idt77252: call pci_disable_device() on error path - [arm64,armhf] net: mvpp2: Fix GoP port 3 Networking Complex Control configurations - qede: fix offload for IPIP tunnel packets - virtio_net: Fix recursive call to cpus_read_lock() - net-sysfs: take the rtnl lock when storing xps_cpus - net-sysfs: take the rtnl lock when accessing xps_cpus_map and num_tc - tun: fix return value when the number of iovs exceeds MAX_SKB_FRAGS - ipv4: Ignore ECN bits for fib lookups in fib_compute_spec_dst() - [arm64] net: hns: fix return value check in __lb_other_process() - erspan: fix version 1 check in gre_parse_header() - net: hdlc_ppp: Fix issues when mod_timer is called while timer is running - CDC-NCM: remove "connected" log message - net: usb: qmi_wwan: add Quectel EM160R-GL - r8169: work around power-saving bug on some chip versions - vhost_net: fix ubuf refcount incorrectly when sendmsg fails - net: sched: prevent invalid Scell_log shift count - net-sysfs: take the rtnl lock when storing xps_rxqs - net-sysfs: take the rtnl lock when accessing xps_rxqs_map and num_tc - Bluetooth: revert: hci_h5: close serdev device and free hu in h5_close - [x86] video: hyperv_fb: Fix the mmap() regression for v5.4.y and older - crypto: ecdh - avoid buffer overflow in ecdh_set_secret() - usb: gadget: enable super speed plus - USB: cdc-acm: blacklist another IR Droid device - USB: cdc-wdm: Fix use after free in service_outstanding_interrupt(). - [arm64] usb: dwc3: ulpi: Use VStsDone to detect PHY regs access completion - [arm64,armhf] usb: chipidea: ci_hdrc_imx: add missing put_device() call in usbmisc_get_init_data() - USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set - usb: usbip: vhci_hcd: protect shift size - USB: serial: iuu_phoenix: fix DMA from stack - USB: serial: option: add LongSung M5710 module support - USB: serial: option: add Quectel EM160R-GL - USB: yurex: fix control-URB timeout handling - USB: usblp: fix DMA to stack - ALSA: usb-audio: Fix UBSAN warnings for MIDI jacks - usb: gadget: f_uac2: reset wMaxPacketSize - usb: gadget: function: printer: Fix a memory leak for interface descriptor - usb: gadget: u_ether: Fix MTU size mismatch with RX packet size - usb: gadget: Fix spinlock lockup on usb_function_deactivate - usb: gadget: configfs: Preserve function ordering after bind failure - usb: gadget: configfs: Fix use-after-free issue with udc_name - USB: serial: keyspan_pda: remove unused variable - [x86] mm: Fix leak of pmd ptlock - ALSA: hda/via: Fix runtime PM for Clevo W35xSS - ALSA: hda/conexant: add a new hda codec CX11970 - ALSA: hda/realtek - Fix speaker volume control on Lenovo C940 - btrfs: send: fix wrong file path when there is an inode with a pending rmdir - Revert "device property: Keep secondary firmware node secondary by type" - [x86] xen/pvh: correctly setup the PV EFI interface for dom0 - netfilter: x_tables: Update remaining dereference to RCU - netfilter: ipset: fix shift-out-of-bounds in htable_bits() - netfilter: xt_RATEEST: reject non-null terminated string from userspace - [x86] mtrr: Correct the range check before performing MTRR type lookups - scsi: target: Fix XCOPY NAA identifier lookup (CVE-2020-28374) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.168 - net: cdc_ncm: correct overhead in delayed_ndp_size (Closes: #970736) - [arm64] net: hns3: fix the number of queues actually used by ARQ - [arm64,armhf] net: stmmac: dwmac-sun8i: Balance internal PHY resource references - [arm64,armhf] net: stmmac: dwmac-sun8i: Balance internal PHY power - net: vlan: avoid leaks on register_vlan_dev() failures - net: ip: always refragment ip defragmented packets - net: fix pmtu check in nopmtudisc mode - net: ipv6: fib: flush exceptions when purging route - vmlinux.lds.h: Add PGO and AutoFDO input sections - [x86] drm/i915: Fix mismatch between misplaced vma check and vma insert - [amd64] spi: pxa2xx: Fix use-after-free on unbind - HID: wacom: Fix memory leakage caused by kfifo_alloc - [armhf] OMAP2+: omap_device: fix idling of devices during probe - [x86] cpufreq: powernow-k8: pass policy rather than use cpufreq_cpu_get() - [amd64] iommu/intel: Fix memleak in intel_irq_remapping_alloc - net/mlx5e: Fix memleak in mlx5e_create_l2_table_groups - net/mlx5e: Fix two double free cases - regmap: debugfs: Fix a memory leak when calling regmap_attach_dev - [arm64] KVM: Don't access PMCR_EL0 when no PMU is available - block: fix use-after-free in disk_part_iter_next - net: drop bogus skb with CHECKSUM_PARTIAL and offset beyond end of trimmed packet - regmap: debugfs: Fix a reversed if statement in regmap_debugfs_init() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.169 - ASoC: dapm: remove widget from dirty list on free - [x86] hyperv: check cpu mask after interrupt has been disabled - [mips*] boot: Fix unaligned access with CONFIG_MIPS_RAW_APPENDED_DTB - ACPI: scan: Harden acpi_device_add() against device ID overflows - mm/hugetlb: fix potential missing huge page size info - dm snapshot: flush merged data before committing metadata - dm integrity: fix the maximum number of arguments - r8152: Add Lenovo Powered USB-C Travel Hub - ext4: fix bug for rename with RENAME_WHITEOUT - btrfs: fix transaction leak and crash after RO remount caused by qgroup rescan - bfq: Fix computation of shallow depth - [arm64] drm/msm: Call msm_init_vram before binding the gpu - dump_common_audit_data(): fix racy accesses to ->d_name - [x86] ASoC: Intel: fix error code cnl_set_dsp_D0() - NFS4: Fix use-after-free in trace_event_raw_event_nfs4_set_lock - pNFS: Mark layout for return if return-on-close was not sent - NFS/pNFS: Fix a leak of the layout 'plh_outstanding' counter - NFS: nfs_igrab_and_active must first reference the superblock - ext4: fix superblock checksum failure when setting password salt - [amd64] RDMA/usnic: Fix memleak in find_free_vf_and_create_qp_grp - RDMA/mlx5: Fix wrong free of blue flame register on error - mm, slub: consider rest of partial list if acquire_slab() fails - net: sunrpc: interpret the return value of kstrtou32 correctly - dm: eliminate potential source of excessive kernel log noise - ALSA: firewire-tascam: Fix integer overflow in midi_port_work() - ALSA: fireface: Fix integer overflow in transmit_midi_msg() - netfilter: conntrack: fix reading nf_conntrack_buckets - netfilter: nf_nat: Fix memleak in nf_nat_init https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.170 - usb: ohci: Make distrust_firmware param default to false - dm integrity: fix flush with external metadata device - nfsd4: readdirplus shouldn't return parent of export (CVE-2021-3178) - udp: Prevent reuseport_select_sock from reading uninitialized socks - netxen_nic: fix MSI/MSI-x interrupts - [arm64,armhf] net: mvpp2: Remove Pause and Asym_Pause support - rndis_host: set proper input size for OID_GEN_PHYSICAL_MEDIUM request - esp: avoid unneeded kmap_atomic call - net: dcb: Validate netlink message in DCB handler - net: dcb: Accept RTM_GETDCB messages carrying set-like DCB commands - rxrpc: Call state should be read with READ_ONCE() under some circumstances - [arm64,armhf] net: stmmac: Fixed mtu channged by cache aligned - net: sit: unregister_netdevice on newlink's error path - net: avoid 32 x truesize under-estimation for tiny skbs - rxrpc: Fix handling of an unsupported token type in rxrpc_read() - tipc: fix NULL deref in tipc_link_xmit() - net: introduce skb_list_walk_safe for skb segment walking - net: skbuff: disambiguate argument and member for skb_list_walk_safe helper - net: ipv6: Validate GSO SKB before finish IPv6 processing https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.171 - ALSA: hda/via: Add minimum mute flag - ACPI: scan: Make acpi_bus_get_device() clear return pointer on error - btrfs: fix lockdep splat in btrfs_recover_relocation - mmc: core: don't initialize block size from ext_csd if not present - [arm64] mmc: sdhci-xenon: fix 1.8v regulator stabilization - dm: avoid filesystem lookup in dm_get_dev_t() - dm integrity: fix a crash if "recalculate" used without "internal_hash" - drm/atomic: put state on error path - [x86] ASoC: Intel: haswell: Add missing pm_ops - scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback - scsi: qedi: Correct max length of CHAP secret - HID: Ignore battery for Elan touchscreen on ASUS UX550 - xen: Fix event channel callback via INTX/GSI - drm/nouveau/bios: fix issue shadowing expansion ROMs - drm/nouveau/privring: ack interrupts the same way as RM - drm/nouveau/i2c/gm200: increase width of aux semaphore owner fields - drm/nouveau/mmu: fix vram heap sizing - drm/nouveau/kms/nv50-: fix case where notifier buffer is at offset 0 - scsi: megaraid_sas: Fix MEGASAS_IOC_FIRMWARE regression - i2c: octeon: check correct size of maximum RECV_LEN packet - [x86] platform/x86: intel-vbtn: Drop HP Stream x360 Convertible PC 11 from allow-list - can: dev: can_restart: fix use after free bug - can: vxcan: vxcan_xmit: fix use after free bug - can: peak_usb: fix use after free bugs - [mips*] irqchip/mips-cpu: Set IPI domain parent chip - [x86] intel_th: pci: Add Alder Lake-P support - [arm64] serial: mvebu-uart: fix tx lost characters at power off - ehci: fix EHCI host controller initialization sequence - usb: udc: core: Use lock when write to soft_connect - xhci: make sure TRB is fully written before giving it to the controller - [arm64,armhf] xhci: tegra: Delay for disabling LFPS detector - driver core: Extend device_is_dependent() - netfilter: rpfilter: mask ecn bits before fib lookup - skbuff: back tiny skbs with kmalloc() in __netdev_alloc_skb() too - udp: mask TOS bits in udp_v4_early_demux() - ipv6: create multicast route with RTPROT_KERNEL - net_sched: avoid shift-out-of-bounds in tcindex_set_parms() - net_sched: reject silly cell_log in qdisc_get_rtab() - ipv6: set multicast flag on the multicast route - net: Disable NETIF_F_HW_TLS_RX when RXCSUM is disabled - [armhf] net: dsa: b53: fix an off by one in checking "vlan->vid" . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.165-rt70 * Bump ABI to 14 * [rt] Refresh "net/core: protect users of napi_alloc_cache against reentrance" * futex: Move futex exit handling into futex code * futex: Replace PF_EXITPIDONE with a state * exit/exec: Seperate mm_release() * futex: Split futex_mm_release() for exit/exec * futex: Set task::futex_state to DEAD right after handling futex exit * futex: Mark the begin of futex exit explicitly * futex: Sanitize exit state handling * futex: Provide state handling for exec() as well * futex: Add mutex around futex exit * futex: Provide distinct return value when owner is exiting * futex: Prevent exit livelock * [rt] Refresh "softirq: Split softirq locks" * [arm*] gpio: mvebu: fix pwm .get_state period calculation * Revert "mm/slub: fix a memory leak in sysfs_slab_add()" * futex: Ensure the correct return value from futex_lock_pi() * futex: Replace pointless printk in fixup_owner() * futex: Provide and use pi_state_update_owner() * rtmutex: Remove unused argument from rt_mutex_proxy_unlock() * futex: Use pi_state_update_owner() in put_pi_state() * futex: Simplify fixup_pi_state_owner() * futex: Handle faults correctly for PI futexes * [rt] Refresh "rtmutex: Handle the various new futex race conditions" * [rt] Refresh "rtmutex: add sleeping lock implementation" * [rt] Refresh "Revert "rtmutex: Handle the various new futex race conditions"" * [rt] Refresh "futex: Make the futex_hash_bucket lock raw" * [rt] Refresh "futex: Delay deallocation of pi_state" * [rt] Refresh "futex: Make the futex_hash_bucket spinlock_t again and bring back its old state" * HID: wacom: Correct NULL dereference on AES pen proximity * tracing: Fix race in trace_open and buffer resize call (CVE-2020-27825) . [ Uwe Kleine-König ] * [arm64] Enable support for NXP's PCF85063 RTC (Closes: #972345) lttng-modules (2.10.8-1+deb10u1) buster; urgency=medium . * [5c8aed8] Update debian/gbp.conf for buster * [16882db] Fix build on >= 4.19.0-10 kernels (Closes: #972321) lxml (4.3.2-1+deb10u2) buster-security; urgency=medium . * Enable the test suite (non-fatal). * math-svg.patch: update expected results for the test suite. * Fix regression in Python 2 in the last part of CVE-2020-27783. Closes: #977387. lxml (4.3.2-1+deb10u1) buster-security; urgency=medium . * CVE-2020-27783 * Backport a105ab8dc262ec6735977c25c13f0bdfcdec72a7 for similar issue * Pass --with-cython to make sure the C parts get actually rebuilt m2crypto (0.31.0-4+deb10u1) buster; urgency=medium . * Non-maintainer upload. * debian/patches/MR261.patch - fix compatibility with openssl/1.1.1i+; Closes: #954402 mediawiki (1:1.31.12-1~deb10u1) buster-security; urgency=medium . * New upstream version 1.31.12, fixing CVE-2020-35475, CVE-2020-35477, CVE-2020-35479, CVE-2020-35480. This version is not affected by CVE-2020-35474 nor CVE-2020-35478. * Respect $wgRedirectOnLogin configuration setting (Closes: #971986). * Flatten footer links without triggering a PHP warning (Closes: #971985). mini-buildd (1.0.36+deb10u1) buster; urgency=medium . * [36d75e1] debian/gbp.conf: Update debian branch. * [85bd4e0] builder.py: sbuild call: set '--no-arch-all' explicitly (Fixes "false" reprepro errors after successful builds w/ sbuild >= 0.77) (Fixes: #951641) minidlna (1.2.1+dfsg-2+deb10u2) buster-security; urgency=medium . * d/minidlna.postrm: Do not fail on purge (Closes: #975372). This fixes the regression (from 1.2.1+dfsg-2) in stable archive after accidentially uploaded 1.2.1+dfsg-2+deb10u1. minidlna (1.2.1+dfsg-2+deb10u1) buster-security; urgency=high . * Add 0011-upnphttp-Disallow-negative-HTTP-chunk-lengths.patch CVE-2020-28926 (Closes: #976595). * Add 0012-upnphttp-Validate-SUBSCRIBE-callback-URL.patch CVE-2020-12695 (Closes: #976594). minidlna (1.2.1+dfsg-2) unstable; urgency=medium . [ Alexander Gerasiov ] * Add 14-fix-gcc10-ftbfs.patch: Fixes FTBFS with gcc10 (Closes: #957541). * Move logs to /var/log/minidlna dir. * Remove unused START_DAEMON var from default file (Closes: #879541). * Add systemd service file (Closes: #950270). * Bump debhelper's version to 12. * Bump Standards-Version. * d/control: Update Vcs headers. * d/copyright: Secure links to format and homepage. . [ Debian Janitor ] * Trim trailing whitespace. * debian/copyright: use spaces rather than tabs to start continuation lines. * Update renamed lintian tag names in lintian overrides. * Set upstream metadata fields: Archive, Repository. . [ Alexander Gerasiov ] * Add 15-use-newer-ip_multicast_if-api.patch: (Closes: #941410). * d/control: Update description (Closes: #927393). mutt (1.10.1-2.1+deb10u5) buster-security; urgency=high . * debian/patches: + fix for CVE-2021-3181 in security/CVE-2021-3181.patch (Closes: 980326). net-snmp (5.7.3+dfsg-5+deb10u2) buster; urgency=high . * snmpd: Add cacheTime and execType flags to EXTEND-MIB. Previous security release made EXTEND-MIB read-only which meant it was not possible to set the timeout of the cache. This patch allows the administrator to set the value in the snmpd.conf file. Closes: #969508 node-ini (1.3.5-1+deb10u1) buster; urgency=medium . * Team upload * Do not allow invalid hazardous string as section name (Closes: #977718, CVE-2020-7788) node-y18n (3.2.1-2+deb10u1) buster; urgency=medium . * Team upload. * Fix prototype pollution (Closes: #976390, CVE-2020-7774) nvidia-graphics-drivers (418.181.07-1) buster; urgency=medium . * New upstream Tesla release 418.181.07 (2021-01-19). * Fixed CVE-2021-1056. (Closes: #979670) https://nvidia.custhelp.com/app/answers/detail/a_id/5142 * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Refresh patches. * Allow alternative libnvidia-{tesla,legacy}-*-cfg1 packages to substitute libnvidia-cfg1 in third-party packages (450.57-2). - Add Provides: libnvidia-cfg.so.1 (= ${nvidia:Version}). - Generate alternative versioned dependency on libnvidia-cfg.so.1 through the symbols file. * Test that the patches can be applied to the module source (450.66-1). * nvidia-kernel-dkms: Ship with unapplied patches and apply the patches while building kernel modules (450.66-1). * Simplify generating the -source and -dkms packages (450.66-1). * Bump watch file version to 4. * Bump Standards-Version to 4.5.1. No changes needed. * Upload to buster. . [ Vincent Cheng ] * Remove myself from Uploaders. . nvidia-graphics-drivers (418.165.02-2) UNRELEASED; urgency=medium . * Backport drm_prime_pages_to_sg_has_drm_device_arg and get_dma_ops changes from 455.45.01 to fix kernel module build for Linux 5.10. . nvidia-graphics-drivers (418.165.02-1) UNRELEASED; urgency=medium . * New upstream Tesla release 418.165.02 (2020-09-30). . [ Andreas Beckmann ] * Backport get_user_pages_remote, vga_tryget, smp_read_barrier_depends, drm_driver_has_gem_free_object, drm_display_mode_has_vrefresh, drm_driver_master_set_has_int_return_type and drm_gem_object_put_unlocked changes from 455.23.04 to fix kernel module build for Linux 5.9. * Refresh patches. * Update lintian overrides. . nvidia-graphics-drivers (418.152.00-2) UNRELEASED; urgency=medium . * Backport nv_vmalloc and nv_mmap_* (mmap_{sem=>lock}) changes from 450.57 to fix kernel module build for Linux 5.8. nvidia-graphics-drivers (418.181.07-1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. . nvidia-graphics-drivers (418.181.07-1) buster; urgency=medium . * New upstream Tesla release 418.181.07 (2021-01-19). * Fixed CVE-2021-1056. (Closes: #979670) https://nvidia.custhelp.com/app/answers/detail/a_id/5142 * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Refresh patches. * Allow alternative libnvidia-{tesla,legacy}-*-cfg1 packages to substitute libnvidia-cfg1 in third-party packages (450.57-2). - Add Provides: libnvidia-cfg.so.1 (= ${nvidia:Version}). - Generate alternative versioned dependency on libnvidia-cfg.so.1 through the symbols file. * Test that the patches can be applied to the module source (450.66-1). * nvidia-kernel-dkms: Ship with unapplied patches and apply the patches while building kernel modules (450.66-1). * Simplify generating the -source and -dkms packages (450.66-1). * Bump watch file version to 4. * Bump Standards-Version to 4.5.1. No changes needed. * Upload to buster. . [ Vincent Cheng ] * Remove myself from Uploaders. . nvidia-graphics-drivers (418.165.02-2) UNRELEASED; urgency=medium . * Backport drm_prime_pages_to_sg_has_drm_device_arg and get_dma_ops changes from 455.45.01 to fix kernel module build for Linux 5.10. . nvidia-graphics-drivers (418.165.02-1) UNRELEASED; urgency=medium . * New upstream Tesla release 418.165.02 (2020-09-30). . [ Andreas Beckmann ] * Backport get_user_pages_remote, vga_tryget, smp_read_barrier_depends, drm_driver_has_gem_free_object, drm_display_mode_has_vrefresh, drm_driver_master_set_has_int_return_type and drm_gem_object_put_unlocked changes from 455.23.04 to fix kernel module build for Linux 5.9. * Refresh patches. * Update lintian overrides. . nvidia-graphics-drivers (418.152.00-2) UNRELEASED; urgency=medium . * Backport nv_vmalloc and nv_mmap_* (mmap_{sem=>lock}) changes from 450.57 to fix kernel module build for Linux 5.8. nvidia-graphics-drivers-legacy-390xx (390.141-2~deb10u1) buster; urgency=medium . * Rebuild for buster. . nvidia-graphics-drivers-legacy-390xx (390.141-2) unstable; urgency=medium . * Really re-enable building the nvidia-uvm module. . nvidia-graphics-drivers-legacy-390xx (390.141-1) unstable; urgency=medium . * New upstream legacy branch release 390.141 (2021-01-07). * Fixed CVE-2021-1056. (Closes: #979672) https://nvidia.custhelp.com/app/answers/detail/a_id/5142 - Fixed a driver installation failure on Linux kernel 5.8 release candidates, where the NVIDIA kernel module failed to build with error "'struct mm_struct' has no member named 'mmap_sem'". - Fixed a driver installation failure on Linux kernel 5.8 release candidates, where the NVIDIA kernel module failed to build with error "too many arguments to function '__vmalloc'". * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Re-enable building the nvidia-uvm module. * Refresh patches. * Update glvnd symbols files. * Update lintian overrides. . nvidia-graphics-drivers-legacy-390xx (390.138-6) unstable; urgency=medium . * Backport drm_prime_pages_to_sg_has_drm_device_arg and get_dma_ops changes from 455.45.01 to fix kernel module build for Linux 5.10. * Bump watch file version to 4. * Bump Standards-Version to 4.5.1. No changes needed. . nvidia-graphics-drivers-legacy-390xx (390.138-5) unstable; urgency=medium . * Backport get_user_pages_remote, vga_tryget, drm_driver_has_gem_free_object, drm_display_mode_has_vrefresh, drm_driver_master_set_has_int_return_type and drm_gem_object_put_unlocked changes from 455.23.04 to fix kernel module build for Linux 5.9. (Closes: #972468, #972511) . nvidia-graphics-drivers-legacy-390xx (390.138-4) unstable; urgency=medium . * Do not break non-uvm architectures when disabling the uvm module. (Closes: #970390) . nvidia-graphics-drivers-legacy-390xx (390.138-3) unstable; urgency=medium . * Temporarily disable building the nvidia-uvm module. (Closes: #969085, #969755, #969889, #969894, #970093) * Update lintian overrides. . nvidia-graphics-drivers-legacy-390xx (390.138-2) unstable; urgency=medium . [ Andreas Beckmann ] * Allow alternative libnvidia-{tesla,legacy}-*-cfg1 packages to substitute libnvidia-cfg1 in third-party packages (450.57-2). - Add Provides: libnvidia-cfg.so.1 (= ${nvidia:Version}). - Generate alternative versioned dependency on libnvidia-cfg.so.1 through the symbols file. * Test that the patches can be applied to the module source (450.66-1). * nvidia-kernel-dkms: Ship with unapplied patches and apply the patches while building kernel modules (450.66-1). * Simplify generating the -source and -dkms packages (450.66-1). * Backport nv_vmalloc changes from 450.57 and work around mmap_{sem=>lock} rename to fix kernel module build for Linux 5.8. (Partly addresses #969085) * Update lintian overrides. . [ Vincent Cheng ] * Remove myself from Uploaders. nvidia-graphics-drivers-legacy-390xx (390.141-2~deb10u1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. . nvidia-graphics-drivers-legacy-390xx (390.141-2~deb10u1) buster; urgency=medium . * Rebuild for buster. . nvidia-graphics-drivers-legacy-390xx (390.141-2) unstable; urgency=medium . * Really re-enable building the nvidia-uvm module. . nvidia-graphics-drivers-legacy-390xx (390.141-1) unstable; urgency=medium . * New upstream legacy branch release 390.141 (2021-01-07). * Fixed CVE-2021-1056. (Closes: #979672) https://nvidia.custhelp.com/app/answers/detail/a_id/5142 - Fixed a driver installation failure on Linux kernel 5.8 release candidates, where the NVIDIA kernel module failed to build with error "'struct mm_struct' has no member named 'mmap_sem'". - Fixed a driver installation failure on Linux kernel 5.8 release candidates, where the NVIDIA kernel module failed to build with error "too many arguments to function '__vmalloc'". * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Re-enable building the nvidia-uvm module. * Refresh patches. * Update glvnd symbols files. * Update lintian overrides. . nvidia-graphics-drivers-legacy-390xx (390.138-6) unstable; urgency=medium . * Backport drm_prime_pages_to_sg_has_drm_device_arg and get_dma_ops changes from 455.45.01 to fix kernel module build for Linux 5.10. * Bump watch file version to 4. * Bump Standards-Version to 4.5.1. No changes needed. . nvidia-graphics-drivers-legacy-390xx (390.138-5) unstable; urgency=medium . * Backport get_user_pages_remote, vga_tryget, drm_driver_has_gem_free_object, drm_display_mode_has_vrefresh, drm_driver_master_set_has_int_return_type and drm_gem_object_put_unlocked changes from 455.23.04 to fix kernel module build for Linux 5.9. (Closes: #972468, #972511) . nvidia-graphics-drivers-legacy-390xx (390.138-4) unstable; urgency=medium . * Do not break non-uvm architectures when disabling the uvm module. (Closes: #970390) . nvidia-graphics-drivers-legacy-390xx (390.138-3) unstable; urgency=medium . * Temporarily disable building the nvidia-uvm module. (Closes: #969085, #969755, #969889, #969894, #970093) * Update lintian overrides. . nvidia-graphics-drivers-legacy-390xx (390.138-2) unstable; urgency=medium . [ Andreas Beckmann ] * Allow alternative libnvidia-{tesla,legacy}-*-cfg1 packages to substitute libnvidia-cfg1 in third-party packages (450.57-2). - Add Provides: libnvidia-cfg.so.1 (= ${nvidia:Version}). - Generate alternative versioned dependency on libnvidia-cfg.so.1 through the symbols file. * Test that the patches can be applied to the module source (450.66-1). * nvidia-kernel-dkms: Ship with unapplied patches and apply the patches while building kernel modules (450.66-1). * Simplify generating the -source and -dkms packages (450.66-1). * Backport nv_vmalloc changes from 450.57 and work around mmap_{sem=>lock} rename to fix kernel module build for Linux 5.8. (Partly addresses #969085) * Update lintian overrides. . [ Vincent Cheng ] * Remove myself from Uploaders. nvidia-graphics-drivers-legacy-390xx (390.141-2~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. . nvidia-graphics-drivers-legacy-390xx (390.141-2) unstable; urgency=medium . * Really re-enable building the nvidia-uvm module. . nvidia-graphics-drivers-legacy-390xx (390.141-1) unstable; urgency=medium . * New upstream legacy branch release 390.141 (2021-01-07). * Fixed CVE-2021-1056. (Closes: #979672) https://nvidia.custhelp.com/app/answers/detail/a_id/5142 - Fixed a driver installation failure on Linux kernel 5.8 release candidates, where the NVIDIA kernel module failed to build with error "'struct mm_struct' has no member named 'mmap_sem'". - Fixed a driver installation failure on Linux kernel 5.8 release candidates, where the NVIDIA kernel module failed to build with error "too many arguments to function '__vmalloc'". . [ Andreas Beckmann ] * Re-enable building the nvidia-uvm module. * Refresh patches. * Update symbols files. * Update lintian overrides. nvidia-graphics-drivers-legacy-390xx (390.141-1) unstable; urgency=medium . * New upstream legacy branch release 390.141 (2021-01-07). * Fixed CVE‑2021‑1056. (Closes: #979672) https://nvidia.custhelp.com/app/answers/detail/a_id/5142 - Fixed a driver installation failure on Linux kernel 5.8 release candidates, where the NVIDIA kernel module failed to build with error "'struct mm_struct' has no member named 'mmap_sem'". - Fixed a driver installation failure on Linux kernel 5.8 release candidates, where the NVIDIA kernel module failed to build with error "too many arguments to function '__vmalloc'". . [ Andreas Beckmann ] * Re-enable building the nvidia-uvm module. * Refresh patches. * Update symbols files. * Update lintian overrides. nvidia-graphics-drivers-legacy-390xx (390.138-6) unstable; urgency=medium . * Backport drm_prime_pages_to_sg_has_drm_device_arg and get_dma_ops changes from 455.45.01 to fix kernel module build for Linux 5.10. * Use a version=4 watch file. * Bump Standards-Version to 4.5.1. No changes needed. nvidia-graphics-drivers-legacy-390xx (390.138-6~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. . nvidia-graphics-drivers-legacy-390xx (390.138-6) unstable; urgency=medium . * Backport drm_prime_pages_to_sg_has_drm_device_arg and get_dma_ops changes from 455.45.01 to fix kernel module build for Linux 5.10. * Use a version=4 watch file. * Bump Standards-Version to 4.5.1. No changes needed. . nvidia-graphics-drivers-legacy-390xx (390.138-5) unstable; urgency=medium . * Backport get_user_pages_remote, vga_tryget, drm_driver_has_gem_free_object, drm_display_mode_has_vrefresh, drm_driver_master_set_has_int_return_type and drm_gem_object_put_unlocked changes from 455.23.04 to fix kernel module build for Linux 5.9. (Closes: #972468, #972511) . nvidia-graphics-drivers-legacy-390xx (390.138-4) unstable; urgency=medium . * Do not break non-uvm architectures when disabling the uvm module. (Closes: #970390) . nvidia-graphics-drivers-legacy-390xx (390.138-3) unstable; urgency=medium . * Temporarily disable building the nvidia-uvm module. (Closes: #969085, #969755, #969889, #969894, #970093) * Update lintian overrides. . nvidia-graphics-drivers-legacy-390xx (390.138-2) unstable; urgency=medium . [ Andreas Beckmann ] * Allow alternative libnvidia-{tesla,legacy}-*-cfg1 packages to substitute libnvidia-cfg1 in third-party packages (450.57-2). - Add Provides: libnvidia-cfg.so.1 (= ${nvidia:Version}). - Generate alternative versioned dependency on libnvidia-cfg.so.1 through the symbols file. * Test that the patches can be applied to the module source (450.66-1). * nvidia-kernel-dkms: Ship with unapplied patches and apply the patches while building kernel modules (450.66-1). * Simplify generating the -source and -dkms packages (450.66-1). * Backport nv_vmalloc changes from 450.57 and work around mmap_{sem=>lock} rename to fix kernel module build for Linux 5.8. (Partly addresses #969085) * Note: The nvidia-uvm kernel module will fail to build for Linux 5.8 due to licence incompatibility unless cfa6705d89b6562f79c40c249f8d94073c4276e4 "radix-tree: Use local_lock for protection" (which effectively made radix_tree_preloads GPL-only) gets reverted in Linux 5.8 or NVIDIA switches the nvidia-uvm module license to "Dual MIT/GPL" as in 415.18. * Note: Building the nvidia-uvm module can be temporarily disabled by a) commenting the last paragraph in dkms.conf and b) building with NV_EXCLUDE_KERNEL_MODULES=nvidia-uvm set in the environment. . [ Vincent Cheng ] * Remove myself from Uploaders. nvidia-graphics-drivers-legacy-390xx (390.138-5) unstable; urgency=medium . * Backport get_user_pages_remote, vga_tryget, drm_driver_has_gem_free_object, drm_display_mode_has_vrefresh, drm_driver_master_set_has_int_return_type and drm_gem_object_put_unlocked changes from 455.23.04 to fix kernel module build for Linux 5.9. (Closes: #972468, #972511) nvidia-graphics-drivers-legacy-390xx (390.138-4) unstable; urgency=medium . * Do not break non-uvm architectures when disabling the uvm module. (Closes: #970390) nvidia-graphics-drivers-legacy-390xx (390.138-3) unstable; urgency=medium . * Temporarily disable building the nvidia-uvm module. (Closes: #969085, #969755, #969889, #969894, #970093) * Update lintian overrides. nvidia-graphics-drivers-legacy-390xx (390.138-2) unstable; urgency=medium . [ Andreas Beckmann ] * Allow alternative libnvidia-{tesla,legacy}-*-cfg1 packages to substitute libnvidia-cfg1 in third-party packages (450.57-2). - Add Provides: libnvidia-cfg.so.1 (= ${nvidia:Version}). - Generate alternative versioned dependency on libnvidia-cfg.so.1 through the symbols file. * Test that the patches can be applied to the module source (450.66-1). * nvidia-kernel-dkms: Ship with unapplied patches and apply the patches while building kernel modules (450.66-1). * Simplify generating the -source and -dkms packages (450.66-1). * Backport nv_vmalloc changes from 450.57 and work around mmap_{sem=>lock} rename to fix kernel module build for Linux 5.8. (Partly addresses #969085) * Note: The nvidia-uvm kernel module will fail to build for Linux 5.8 due to licence incompatibility unless cfa6705d89b6562f79c40c249f8d94073c4276e4 "radix-tree: Use local_lock for protection" (which effectively made radix_tree_preloads GPL-only) gets reverted in Linux 5.8 or NVIDIA switches the nvidia-uvm module license to "Dual MIT/GPL" as in 415.18. * Note: Building the nvidia-uvm module can be temporarily disabled by a) commenting the last paragraph in dkms.conf and b) building with NV_EXCLUDE_KERNEL_MODULES=nvidia-uvm set in the environment. . [ Vincent Cheng ] * Remove myself from Uploaders. nvidia-graphics-drivers-legacy-390xx (390.138-1) unstable; urgency=medium . * New upstream legacy branch release 390.138 (2020-06-24). * Fixed CVE-2020-5963, CVE-2020-5967. (Closes: #963908) https://nvidia.custhelp.com/app/answers/detail/a_id/5031 - Fixed a driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "implicit declaration of function 'timespec_to_ns'". - Fixed a driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "implicit declaration of function 'getrawmonotonic'". - Fixed a driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "implicit declaration of function 'getnstimeofday'". - Fixed a driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "dereferencing pointer to incomplete type 'struct timeval'". - Fixed a driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "implicit declaration of function 'jiffies_to_timespec'". - Fixed driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "passing argument 4 of 'proc_create_data' from incompatible pointer type". - Fixed driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "implicit declaration of function 'ioremap_nocache'". - Fixed driver installation failure on Oracle Linux 7.7 systems, where the NVIDIA kernel module failed to build with error "unknown type name 'vm_fault_t'". - Add PRIME Synchronization support for Linux kernel 5.4 and newer. . [ Andreas Beckmann ] * Refresh patches. * Update lintian overrides. openssl (1.1.1d-0+deb10u4) buster-security; urgency=medium . * CVE-2020-1971 (EDIPARTYNAME NULL pointer de-reference). p11-kit (0.23.15-2+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix bounds check in p11_rpc_buffer_get_byte_array (CVE-2020-29362) * Check attribute length against buffer size (CVE-2020-29363) * Check for arithmetic overflows before allocating (CVE-2020-29361) * Follow-up to arithmetic overflow fix (CVE-2020-29361) pdns (4.1.6-3+deb10u1) buster; urgency=medium . * Apply upstream patches to fix CVE-2019-10203. To actually fix this problem in existing installations, the newly supplied schema file 4.1.10_to_4.1.11.schema.pgsql.sql has to be manually applied to the backing PostgreSQL database. (Closes: #970729) * Apply upstream patches to fix CVE-2020-17482 (Closes: #970737) pepperflashplugin-nonfree (1.8.8~deb10u1) buster; urgency=medium . * QA upload. * Rebuild for buster. . pepperflashplugin-nonfree (1.8.8) unstable; urgency=medium . * QA upload. * Adobe Flash Player has reached End-of-Life and is no longer functional or available for download: https://www.adobe.com/products/flashplayer/end-of-life.html * Turn into a dummy package taking care of removing the previously installed plugin. (Closes: #979689) (LP: #1911463) * Remove download and install functionality. * Remove chromium integration. . pepperflashplugin-nonfree (1.8.7) unstable; urgency=medium . * QA upload. * Hard-code libgcc-s1 instead of libgcc1. . pepperflashplugin-nonfree (1.8.6) unstable; urgency=medium . * QA upload. * binutils is dropped from Depends by accident . pepperflashplugin-nonfree (1.8.5) unstable; urgency=medium . * QA upload. * Remove most outdated libraries Depends, and move wget to Pre-Depends libpepflashplayer.so is almost static linked. * Use global wgetoptions when fetching upstream version * Fix lintian: package-uses-deprecated-debhelper-compat-version * Fix lintian: ancient-standards-version * Fix lintian: homepage-field-uses-insecure-uri * Fix lintian: rules-requires-root-missing * Fix lintian: file-contains-trailing-whitespace * Fix lintian: no-dep5-copyright pepperflashplugin-nonfree (1.8.7) unstable; urgency=medium . * QA upload. * Hard-code libgcc-s1 instead of libgcc1. pepperflashplugin-nonfree (1.8.6) unstable; urgency=medium . * QA upload. * binutils is dropped from Depends by accident pepperflashplugin-nonfree (1.8.5) unstable; urgency=medium . * QA upload. * Remove most outdated libraries Depends, and move wget to Pre-Depends libpepflashplayer.so is almost static linked. * Use global wgetoptions when fetching upstream version * Fix lintian: package-uses-deprecated-debhelper-compat-version * Fix lintian: ancient-standards-version * Fix lintian: homepage-field-uses-insecure-uri * Fix lintian: rules-requires-root-missing * Fix lintian: file-contains-trailing-whitespace * Fix lintian: no-dep5-copyright php-pear (1:1.10.6+submodules+notgz-1.1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * ensure we catch additional malicious/crafted filenames (CVE-2020-28948, CVE-2020-28949) (Closes: #976108) pngcheck (2.3.0-7+deb10u1) buster; urgency=high . * debian/patches/60-fix-buffer-overflow.patch: added to fix CVE-2020-27818. Thanks to Salvatore Bonaccorso <carnil@debian.org>. (Closes: #976350) postgresql-11 (11.10-0+deb10u1) buster; urgency=medium . * New upstream version. + Fixes timetz regression test failures. (Closes: #974063) . + Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries (Noah Misch) . This is essentially a leak in the security restricted operation sandbox mechanism. An attacker having permission to create non-temporary SQL objects could parlay this leak to execute arbitrary SQL code as a superuser. . The PostgreSQL Project thanks Etienne Stalmans for reporting this problem. (CVE-2020-25695) . + Fix usage of complex connection-string parameters in pg_dump, pg_restore, clusterdb, reindexdb, and vacuumdb (Tom Lane) . The -d parameter of pg_dump and pg_restore, or the --maintenance-db parameter of the other programs mentioned, can be a connection string containing multiple connection parameters rather than just a database name. In cases where these programs need to initiate additional connections, such as parallel processing or processing of multiple databases, the connection string was forgotten and just the basic connection parameters (database name, host, port, and username) were used for the additional connections. This could lead to connection failures if the connection string included any other essential information, such as non-default SSL or GSS parameters. Worse, the connection might succeed but not be encrypted as intended, or be vulnerable to man-in-the-middle attacks that the intended connection parameters would have prevented. (CVE-2020-25694) . + When psql's \connect command re-uses connection parameters, ensure that all non-overridden parameters from a previous connection string are re-used (Tom Lane) . This avoids cases where reconnection might fail due to omission of relevant parameters, such as non-default SSL or GSS options. Worse, the reconnection might succeed but not be encrypted as intended, or be vulnerable to man-in-the-middle attacks that the intended connection parameters would have prevented. This is largely the same problem as just cited for pg_dump et al, although psql's behavior is more complex since the user may intentionally override some connection parameters. (CVE-2020-25694) . + Prevent psql's \gset command from modifying specially-treated variables (Noah Misch) . \gset without a prefix would overwrite whatever variables the server told it to. Thus, a compromised server could set specially-treated variables such as PROMPT1, giving the ability to execute arbitrary shell code in the user's session. . The PostgreSQL Project thanks Nick Cleaton for reporting this problem. (CVE-2020-25696) postsrsd (1.5-2+deb10u1) buster; urgency=medium . * CVE-2020-35573: Ensure timestamp tags aren't too long before trying to decode them, to protect against a potential denial-of-service attack (backported from upstream commit 4733fb1, Closes: #977782). python-apt (1.8.4.3) buster-security; urgency=high . * REGRESSION UPDATE: Passing a file descriptor to apt_inst.ArFile or apt_inst.DebFile caused a segmentation fault (Closes: #977000): - python/arfile.cc: Fix segmentation fault when opening fd, track lifetime correctly * REGRESSION UPDATE: arfile: Collect file<->deb/ar reference cycles python-apt (1.8.4.2) buster-security; urgency=high . * SECURITY UPDATE: various memory and file descriptor leaks (LP: #1899193) - python/arfile.cc, python/generic.h, python/tag.cc, python/tarfile.cc: fix file descriptor and memory leaks - python/apt_instmodule.cc, python/apt_instmodule.h, python/arfile.h: Avoid reference cycle with control,data members in apt_inst.DebFile objects - tests/test_cve_2020_27351.py: Test cases for DebFile (others not easily testable) - CVE-2020-27351 * data/templates: Update mirror lists python-bottle (0.12.15-2+deb10u1) buster; urgency=high . * Non-maintainer upload by the Security team. * Do not split query strings on `;` anymore. (Fixes: CVE-2020-28473) python-certbot (0.31.0-1+deb10u1) buster; urgency=high . * Switch to use of ACMEv2 API to prevent renewal failures. (Closes: #971045) . Let's Encrypt's ACMEv1 API is deprecated and in the process of being shut down. Beginning with brownouts in January 2021, and ending with a total shutdown in June 2021, the Let's Encrypt APIs will become unavailable. To prevent users having disruptions to their certificate renewals, this update backports the switch over to the ACMEv2 API. qxmpp (1.0.0-4+deb10u1) buster; urgency=medium . * Add patch fix-segfault-on-connection-error: fixes potential SEGFAULT on connection error. roundcube (1.3.16+dfsg.1-1~deb10u1) buster-security; urgency=high . * New upstream bugfix release, with security fix for CVE-2020-35730: Cross-site scripting (XSS) vulnerability via HTML or Plain text messages with malicious content svg/namespace. (Closes: #978491) * Revert upstream commit 435cfa116 to avoid irrelevant jstz update. ruby-redcarpet (3.4.0-4+deb10u1) buster-security; urgency=high . * Fix a security vulnerability using `:quote` in combination with the `:escape_html` option. (Fixes: CVE-2020-26298) (Closes: #980057) salt (2018.3.4+dfsg1-6+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Prevent shell injections in netapi SSH client (CVE-2020-16846) * Prevent creating world readable private keys with the TLS execution module (CVE-2020-17490) * Properly validate eauth credentials and tokens along with their ACLs (CVE-2020-25592) silx (0.9.0+dfsg-3+deb10u1) buster; urgency=medium . * Non-maintainer upload. * python{,3}-silx: Add dependency on python{,3}-scipy. (Closes: #954352) slirp (1:1.0.17-8+deb10u1) buster; urgency=high . * CVE-2020-7039 Due to mismanagement of memory, a heap-based buffer overflow or other out-of-bounds access might happen, which can lead to a DoS or potential execute arbitrary code. * CVE-2020-8608 Prevent a buffer overflow vulnerability due to incorrect usage of return values from snprintf. slurm-llnl (18.08.5.2-1+deb10u2) buster-security; urgency=medium . * Fix potential buffer overflows from use of unpackmem() CVE-2020-27745 * Avoid unsafe use of magic cookie as arg to xauth command for X11 forwarding CVE-2020-27746 * Stop job launch if --uid fails CVE-2019-19728 * Fix Authentication bypass with message aggregation CVE-2020-12693 steam (1.0.0.68-1~deb10u1) buster; urgency=medium . * Rebuild updated steam package for Debian 10 - Change libgcc-s1 dependency back to libgcc1. It was called libgcc1 in buster. - Disable dh_dwz. The version of dwz in buster gets confused by the proprietary Steam executable. . steam (1.0.0.68-1) unstable; urgency=medium . * New upstream release - No changes relevant to this Debian package . steam (1.0.0.67-4) unstable; urgency=medium . * Swap Suggests: nvidia-driver-libs-i386 to nvidia-driver-libs. The nvidia-driver-libs-i386 package is unavailable since bullseye. However, nvidia-driver-libs is Multi-Arch: same and the steam package is Architecture: i386, so the new Suggests will also pull in nvidia-driver-libs:i386, which is what we want. (Closes: #979121) . steam (1.0.0.67-3) unstable; urgency=medium . * Add Recommends on libasound2-plugins. This is required for PulseAudio output in 32-bit games. amd64 users will typically already have libasound2-plugins:amd64, but not libasound2-plugins:i386; however, the steam package is on i386, so it is in an ideal position to pull in 32-bit libraries. (Closes: #977272) * d/steam.lintian-overrides: Remove an obsolete tag * d/source/lintian-overrides: Mark source-is-missing as known. The Steam client's source code is not available, and we don't need a reminder from Lintian. * Standards-Version: 4.5.1 (no changes required) . steam (1.0.0.67-2) unstable; urgency=medium . * Release to unstable. Version 1.0.0.67 has been promoted from beta to stable status. * d/watch: Update for new upstream layout. This only watches for upstream stable releases. Replace stable with beta to get upstream betas before they are promoted to stable status. . steam (1.0.0.67-1) experimental; urgency=medium . * New upstream release (currently a beta) - Update steam binary - Update udev rules to cover DualSense (Playstation 5) controller * Add Recommends on xdg-desktop-portal and a backend. These are used by Proton 5.13, which runs in a Steam Runtime v2 container, when a game asks to open a URL in the host system's web browser. . steam (1.0.0.66-2) unstable; urgency=medium . * Release to unstable. Version 1.0.0.66 has been promoted from beta to stable status. . steam (1.0.0.66-1) experimental; urgency=medium . * New upstream release (currently a beta) - Update steam binary - Make udev rules compatible with eudev and older udev * Add Recommends: bubblewrap, required by the experimental container runtime system . steam (1.0.0.64-1) unstable; urgency=medium . * New upstream stable release - No changes since 1.0.0.63 that are relevant to this package * d/rules: Look at stable rather than precise upstream apt suite. The official sources.list.d fragment shipped with the Steam launcher now uses the 'stable' apt suite, since the Steam client doesn't actually work on Ubuntu 12.04 'precise' any more. * Release to unstable . steam (1.0.0.63-1) experimental; urgency=medium . * New upstream release (currently a beta) - Update steam binary - Update steam-devices udev rules * debian/steam.postinst: Notify udevd to reload its rules. This means the steam-devices rules should take effect immediately, instead of being deferred until after the next reboot. - Thanks to Ludovico de Nittis * Remove unused lintian override for debian-rules-contains-unnecessary-get-orig-source-target . steam (1.0.0.62-2) unstable; urgency=medium . * steam(6): Don't redirect stderr to a log file. The upstream developers of Steam recently removed its own launch script's redirection (to /tmp/dumps), which has been noted to sometimes fill /tmp, and is less useful in practice than it was hoped to be. They have asked that we remove the similar redirection from Debian's equivalent script, so that when debugging game launch issues they can instruct users to run steam from an interactive terminal, and expect it to produce both stdout and stderr, regardless of whether their launch script or ours is in use. (Closes: #957284) * Remove libtxc-dxtn0 alternative dependency. We now require libgl1-mesa-dri (>= 17.3), which is available in Debian 10 and up, as well as Debian 9 backports. * Release to unstable. Version 1.0.0.62 has been promoted from beta to stable status. . steam (1.0.0.62-1) experimental; urgency=medium . * New upstream release (currently considered to be a beta) - New directory layout - Update steam binary - Update steam-devices udev rules from <https://github.com/ValveSoftware/steam-devices/>: add ZeroPlus P4 (hitbox) hidraw device, 0c12:0ef6 * d/rules: Make .orig directory configurable. It's canonically "..", but users of git-buildpackage often separate the directory with git repositories from the directory with large binaries. * d/rules: Add support for downloading beta steam-launcher versions. The 1.0.0.62 launcher release is currently considered to be a beta, which will be promoted to stable status after it has had more testing. * d/rules: Cope with the upstream release having an epoch. Ubuntu's modified version of this package has an epoch as a result of an older, unrelated package "sTeam" with a higher version number, which used to be in Debian and Ubuntu many years ago. Valve's steam package now has an epoch so that their 1:1.0.0.62 will be compared correctly against Ubuntu's 1:1.0.0.61. * d/rules: Be more verbose about the extraction process * d/rules: Keep most upstream files in the orig tarball. The upstream "source" tarball has been restructured, and in particular the udev rules (which are MIT-licensed and come from a separate git repository) are now in subprojects/steam-devices. bootstrap*.tar.* contains precompiled libraries without their corresponding source code (it's available from repo.steampowered.com but not part of the "source" package), which we intentionally don't ship. The crashhandler module and the steamerrorreporter executable are also non-essential binaries. The other scripts and auxiliary files in the orig tarball are likely to be useful references, even if we don't actually ship them in binary packages. * d/copyright.in: Update * d/steam-devices.install: Update for upstream restructuring * d/steam.install: Update for new location of steam binary. I've left it in a subdirectory to reduce confusion with the top-level ./steam in upstream's "source" tarball, which is a symlink to bin_steam.sh. * Standards-Version: 4.5.0 (no changes required) * d/rules: Don't run upstream Makefile * Build-Depend on the libraries Valve put in their bootstrap tarball. This ensures that we have all the necessary metadata for dpkg-shlibdeps to generate the ${shlibs:Depends} for the proprietary steam executable. * d/scripts/steam: Distinguish between ~/.steam/steam and ~/.steam/root * Explicitly depend on the libraries that we delete from the Steam Runtime. We probably shouldn't be deleting these any more, because the Steam Runtime explicitly prefers newer versions from the host system in all cases, and if there are bugs in that mechanism that make deleting them necessary, Valve would like to know about them so they can be fixed - but for now, preserve historical behaviour. * d/steam-bug.presubj: Recommend running steam-runtime-system-info. This diagnostic tool was written for use in upstream bug reports, but is equally valuable for downstream distributors like us. * Depend on libgl1 instead of transitional libgl1-mesa-glx (Closes: #930613) * Use https for more URLs. In particular, https://repo.steampowered.com now works, and appears in upstream documentation. * d/copyright: Set Upstream-Name to steam-launcher. The upstream dpkg source package is still named steam for historical reasons, but it builds steam-launcher_*.deb, and calling it "steam-launcher" is a good way to disambiguate between the launcher/bootstrapper (which is what we're actually packaging here) and the full Steam client (which is downloaded by the launcher, and is what users normally see). * Move steam-devices Recommends into sorted order * Add Depends on file, used by the Steam Runtime setup scripts * Add Recommends on xdg-utils, which is used to launch URL handlers * Add Recommends on zenity, which Steam assumes is present * Add Depends on curl, used to download Steam updates * d/scripts/steam: Put location and version in environment variables. Recent Steam diagnostic tools use this to identify how Steam was launched. . steam (1.0.0.61-2) unstable; urgency=medium . * Upload to unstable * d/control: Make Homepage more specific * Standards-Version: 4.4.0 (no changes required) * Use debhelper-compat 12 . steam (1.0.0.61-1) experimental; urgency=medium . * New upstream release - Adds udev rules for NVIDIA Shield input hardware - d/p/udev-uinput.patch: Drop, applied upstream - d/p/udev-permissions.patch: Drop, mostly applied upstream. The only remaining differences in our package were: + Setting TAG+="uaccess" twice on SteamVR device nodes, which we can drop since it's redundant (once is enough) + Setting MODE="0660" on /dev/uinput, which is the default anyway steam (1.0.0.67-4) unstable; urgency=medium . * Swap Suggests: nvidia-driver-libs-i386 to nvidia-driver-libs. The nvidia-driver-libs-i386 package is unavailable since bullseye. However, nvidia-driver-libs is Multi-Arch: same and the steam package is Architecture: i386, so the new Suggests will also pull in nvidia-driver-libs:i386, which is what we want. (Closes: #979121) steam (1.0.0.67-3) unstable; urgency=medium . * Add Recommends on libasound2-plugins. This is required for PulseAudio output in 32-bit games. amd64 users will typically already have libasound2-plugins:amd64, but not libasound2-plugins:i386; however, the steam package is on i386, so it is in an ideal position to pull in 32-bit libraries. (Closes: #977272) * d/steam.lintian-overrides: Remove an obsolete tag * d/source/lintian-overrides: Mark source-is-missing as known. The Steam client's source code is not available, and we don't need a reminder from Lintian. * Standards-Version: 4.5.1 (no changes required) steam (1.0.0.67-2) unstable; urgency=medium . * Release to unstable. Version 1.0.0.67 has been promoted from beta to stable status. * d/watch: Update for new upstream layout. This only watches for upstream stable releases. Replace stable with beta to get upstream betas before they are promoted to stable status. . steam (1.0.0.67-1) experimental; urgency=medium . * New upstream release (currently a beta) - Update steam binary - Update udev rules to cover DualSense (Playstation 5) controller * Add Recommends on xdg-desktop-portal and a backend. These are used by Proton 5.13, which runs in a Steam Runtime v2 container, when a game asks to open a URL in the host system's web browser. steam (1.0.0.67-1) experimental; urgency=medium . * New upstream release (currently a beta) - Update steam binary - Update udev rules to cover DualSense (Playstation 5) controller * Add Recommends on xdg-desktop-portal and a backend. These are used by Proton 5.13, which runs in a Steam Runtime v2 container, when a game asks to open a URL in the host system's web browser. steam (1.0.0.66-2) unstable; urgency=medium . * Release to unstable. Version 1.0.0.66 has been promoted from beta to stable status. . steam (1.0.0.66-1) experimental; urgency=medium . * New upstream release (currently a beta) - Update steam binary - Make udev rules compatible with eudev and older udev * Add Recommends: bubblewrap, required by the experimental container runtime system steam (1.0.0.66-1) experimental; urgency=medium . * New upstream release (currently a beta) - Update steam binary - Make udev rules compatible with eudev and older udev * Add Recommends: bubblewrap, required by the experimental container runtime system steam (1.0.0.64-1) unstable; urgency=medium . * New upstream stable release - No changes since 1.0.0.63 that are relevant to this package * d/rules: Look at stable rather than precise upstream apt suite. The official sources.list.d fragment shipped with the Steam launcher now uses the 'stable' apt suite, since the Steam client doesn't actually work on Ubuntu 12.04 'precise' any more. * Release to unstable steam (1.0.0.63-1) experimental; urgency=medium . * New upstream release (currently a beta) - Update steam binary - Update steam-devices udev rules * debian/steam.postinst: Notify udevd to reload its rules. This means the steam-devices rules should take effect immediately, instead of being deferred until after the next reboot. - Thanks to Ludovico de Nittis * Remove unused lintian override for debian-rules-contains-unnecessary-get-orig-source-target steam (1.0.0.62-2) unstable; urgency=medium . * steam(6): Don't redirect stderr to a log file. The upstream developers of Steam recently removed its own launch script's redirection (to /tmp/dumps), which has been noted to sometimes fill /tmp, and is less useful in practice than it was hoped to be. They have asked that we remove the similar redirection from Debian's equivalent script, so that when debugging game launch issues they can instruct users to run steam from an interactive terminal, and expect it to produce both stdout and stderr, regardless of whether their launch script or ours is in use. (Closes: #957284) * Remove libtxc-dxtn0 alternative dependency. We now require libgl1-mesa-dri (>= 17.3), which is available in Debian 10 and up, as well as Debian 9 backports. * Release to unstable. Version 1.0.0.62 has been promoted from beta to stable status. . steam (1.0.0.62-1) experimental; urgency=medium . * New upstream release (currently considered to be a beta) - New directory layout - Update steam binary - Update steam-devices udev rules from <https://github.com/ValveSoftware/steam-devices/>: add ZeroPlus P4 (hitbox) hidraw device, 0c12:0ef6 * d/rules: Make .orig directory configurable. It's canonically "..", but users of git-buildpackage often separate the directory with git repositories from the directory with large binaries. * d/rules: Add support for downloading beta steam-launcher versions. The 1.0.0.62 launcher release is currently considered to be a beta, which will be promoted to stable status after it has had more testing. * d/rules: Cope with the upstream release having an epoch. Ubuntu's modified version of this package has an epoch as a result of an older, unrelated package "sTeam" with a higher version number, which used to be in Debian and Ubuntu many years ago. Valve's steam package now has an epoch so that their 1:1.0.0.62 will be compared correctly against Ubuntu's 1:1.0.0.61. * d/rules: Be more verbose about the extraction process * d/rules: Keep most upstream files in the orig tarball. The upstream "source" tarball has been restructured, and in particular the udev rules (which are MIT-licensed and come from a separate git repository) are now in subprojects/steam-devices. bootstrap*.tar.* contains precompiled libraries without their corresponding source code (it's available from repo.steampowered.com but not part of the "source" package), which we intentionally don't ship. The crashhandler module and the steamerrorreporter executable are also non-essential binaries. The other scripts and auxiliary files in the orig tarball are likely to be useful references, even if we don't actually ship them in binary packages. * d/copyright.in: Update * d/steam-devices.install: Update for upstream restructuring * d/steam.install: Update for new location of steam binary. I've left it in a subdirectory to reduce confusion with the top-level ./steam in upstream's "source" tarball, which is a symlink to bin_steam.sh. * Standards-Version: 4.5.0 (no changes required) * d/rules: Don't run upstream Makefile * Build-Depend on the libraries Valve put in their bootstrap tarball. This ensures that we have all the necessary metadata for dpkg-shlibdeps to generate the ${shlibs:Depends} for the proprietary steam executable. * d/scripts/steam: Distinguish between ~/.steam/steam and ~/.steam/root * Explicitly depend on the libraries that we delete from the Steam Runtime. We probably shouldn't be deleting these any more, because the Steam Runtime explicitly prefers newer versions from the host system in all cases, and if there are bugs in that mechanism that make deleting them necessary, Valve would like to know about them so they can be fixed - but for now, preserve historical behaviour. * d/steam-bug.presubj: Recommend running steam-runtime-system-info. This diagnostic tool was written for use in upstream bug reports, but is equally valuable for downstream distributors like us. * Depend on libgl1 instead of transitional libgl1-mesa-glx (Closes: #930613) * Use https for more URLs. In particular, https://repo.steampowered.com now works, and appears in upstream documentation. * d/copyright: Set Upstream-Name to steam-launcher. The upstream dpkg source package is still named steam for historical reasons, but it builds steam-launcher_*.deb, and calling it "steam-launcher" is a good way to disambiguate between the launcher/bootstrapper (which is what we're actually packaging here) and the full Steam client (which is downloaded by the launcher, and is what users normally see). * Move steam-devices Recommends into sorted order * Add Depends on file, used by the Steam Runtime setup scripts * Add Recommends on xdg-utils, which is used to launch URL handlers * Add Recommends on zenity, which Steam assumes is present * Add Depends on curl, used to download Steam updates * d/scripts/steam: Put location and version in environment variables. Recent Steam diagnostic tools use this to identify how Steam was launched. steam (1.0.0.62-1) experimental; urgency=medium . * New upstream release (currently considered to be a beta) - New directory layout - Update steam binary - Update steam-devices udev rules from <https://github.com/ValveSoftware/steam-devices/>: add ZeroPlus P4 (hitbox) hidraw device, 0c12:0ef6 * d/rules: Make .orig directory configurable. It's canonically "..", but users of git-buildpackage often separate the directory with git repositories from the directory with large binaries. * d/rules: Add support for downloading beta steam-launcher versions. The 1.0.0.62 launcher release is currently considered to be a beta, which will be promoted to stable status after it has had more testing. * d/rules: Cope with the upstream release having an epoch. Ubuntu's modified version of this package has an epoch as a result of an older, unrelated package "sTeam" with a higher version number, which used to be in Debian and Ubuntu many years ago. Valve's steam package now has an epoch so that their 1:1.0.0.62 will be compared correctly against Ubuntu's 1:1.0.0.61. * d/rules: Be more verbose about the extraction process * d/rules: Keep most upstream files in the orig tarball. The upstream "source" tarball has been restructured, and in particular the udev rules (which are MIT-licensed and come from a separate git repository) are now in subprojects/steam-devices. bootstrap*.tar.* contains precompiled libraries without their corresponding source code (it's available from repo.steampowered.com but not part of the "source" package), which we intentionally don't ship. The crashhandler module and the steamerrorreporter executable are also non-essential binaries. The other scripts and auxiliary files in the orig tarball are likely to be useful references, even if we don't actually ship them in binary packages. * d/copyright.in: Update * d/steam-devices.install: Update for upstream restructuring * d/steam.install: Update for new location of steam binary. I've left it in a subdirectory to reduce confusion with the top-level ./steam in upstream's "source" tarball, which is a symlink to bin_steam.sh. * Standards-Version: 4.5.0 (no changes required) * d/rules: Don't run upstream Makefile * Build-Depend on the libraries Valve put in their bootstrap tarball. This ensures that we have all the necessary metadata for dpkg-shlibdeps to generate the ${shlibs:Depends} for the proprietary steam executable. * d/scripts/steam: Distinguish between ~/.steam/steam and ~/.steam/root * Explicitly depend on the libraries that we delete from the Steam Runtime. We probably shouldn't be deleting these any more, because the Steam Runtime explicitly prefers newer versions from the host system in all cases, and if there are bugs in that mechanism that make deleting them necessary, Valve would like to know about them so they can be fixed - but for now, preserve historical behaviour. * d/steam-bug.presubj: Recommend running steam-runtime-system-info. This diagnostic tool was written for use in upstream bug reports, but is equally valuable for downstream distributors like us. * Depend on libgl1 instead of transitional libgl1-mesa-glx (Closes: #930613) * Use https for more URLs. In particular, https://repo.steampowered.com now works, and appears in upstream documentation. * d/copyright: Set Upstream-Name to steam-launcher. The upstream dpkg source package is still named steam for historical reasons, but it builds steam-launcher_*.deb, and calling it "steam-launcher" is a good way to disambiguate between the launcher/bootstrapper (which is what we're actually packaging here) and the full Steam client (which is downloaded by the launcher, and is what users normally see). * Move steam-devices Recommends into sorted order * Add Depends on file, used by the Steam Runtime setup scripts * Add Recommends on xdg-utils, which is used to launch URL handlers * Add Recommends on zenity, which Steam assumes is present * Add Depends on curl, used to download Steam updates * d/scripts/steam: Put location and version in environment variables. Recent Steam diagnostic tools use this to identify how Steam was launched. steam (1.0.0.61-2) unstable; urgency=medium . * Upload to unstable * d/control: Make Homepage more specific * Standards-Version: 4.4.0 (no changes required) * Use debhelper-compat 12 steam (1.0.0.61-1) experimental; urgency=medium . * New upstream release - Adds udev rules for NVIDIA Shield input hardware - d/p/udev-uinput.patch: Drop, applied upstream - d/p/udev-permissions.patch: Drop, mostly applied upstream. The only remaining differences in our package were: + Setting TAG+="uaccess" twice on SteamVR device nodes, which we can drop since it's redundant (once is enough) + Setting MODE="0660" on /dev/uinput, which is the default anyway sudo (1.8.27-1+deb10u3) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Sanity check size when converting the first record to TS_LOCKEXCL * Heap-based buffer overflow (CVE-2021-3156) - Reset valid_flags to MODE_NONINTERACTIVE for sudoedit - Add sudoedit flag checks in plugin that are consistent with front-end - Fix potential buffer overflow when unescaping backslashes in user_args - Fix the memset offset when converting a v1 timestamp to TS_LOCKEXCL - Don't assume that argv is allocated as a single flat buffer sympa (6.2.40~dfsg-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload. * CVE-2020-10936: Sympa allows privilege escalation through setuid wrappers. (Closes: #961491) * CVE-2020-26932: restrict access to sympa_newaliases-wrapper (setuid root) to group sympa. (Closes: #971904) * Ask the user whether they want/need sympa_newaliases-wrapper to be setuid root (CVE-2020-26880 mitigation). * CVE-2020-9369: prevents creation of temporary files and email notifications to listmasters when encountering malformed input parameters. (Closes: #952428) * CVE-2020-29668: Sympa allows remote attackers to obtain full SOAP API access by sending any arbitrary string (except one from an expired cookie) as the cookie value to authenticateAndRun. (Closes: #976020). systemd (241-7~deb10u6) buster; urgency=medium . * journal: do not trigger assertion when journal_file_close() get NULL (Closes: #975561) * test-bpf: skip test when run inside containers. The test reliably fails inside LXC and Docker when run on a new enough kernel. It's unclear whether this is a kernel, LXC/Docker or systemd issue and apparently there is no real interest to get this fixed, so let's skip this test. * autopkgtest: mark networkd-test.py as flaky. See https://github.com/systemd/systemd/issues/18357 and https://github.com/systemd/systemd/issues/18196 tang (7-1+deb10u1) buster; urgency=medium . * Avoid race condition between keygen and update, resulting in "Key derivation key not available!". Closees: #975343 thunderbird (1:78.6.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security thunderbird (1:78.5.1-1) unstable; urgency=medium . * [08556c2] New upstream version 78.5.1 Fixed CVE issues in upstream version 78.5.1 (MFSA 2020-53): CVE-2020-26970: Stack overflow due to incorrect parsing of SMTP server response codes * [7047340] rebuild patch queue from patch-queue branch removed patch (included upstream): fixes/fix-function-nsMsgComposeAndSend-to-respect-Replo.patch * [40663bb] debian/control: increase Standards-Version to 4.5.1 No further changes needed. thunderbird (1:78.5.1-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security thunderbird (1:78.5.0-1) unstable; urgency=medium . * [7842f02] New upstream version 78.5.0 Fixed CVE issues in upstream version 78.5 (MFSA 2020-51): CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code CVE-2020-16012: Variable time processing of cross-origin images during drawImage calls CVE-2020-26953: Fullscreen could be enabled without displaying the security UI CVE-2020-26956: XSS through paste (manual and clipboard API) CVE-2020-26958: Requests intercepted through ServiceWorkers lacked MIME type restrictions CVE-2020-26959: Use-after-free in WebRequestService CVE-2020-26960: Potential use-after-free in uses of nsTArray CVE-2020-15999: Heap buffer overflow in freetype CVE-2020-26961: DoH did not filter IPv4 mapped IP Addresses CVE-2020-26965: Software keyboards may have remembered typed passwords CVE-2020-26966: Single-word search queries were also broadcast to local network CVE-2020-26968: Memory safety bugs fixed in Thunderbird 78.5 * [e19743e] rebuild patch queue from patch-queue branch removed patch (included upstream): fixes/Bug-1663715-Update-syn-and-proc-macro2-so-that-Firefox-ca.patch tomcat9 (9.0.31-1~deb10u3) buster-security; urgency=medium . * Fixed CVE-2020-13943: HTTP/2 request mix-up. If an HTTP/2 client exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - from a previous request rather than the intended headers. This could lead to users seeing responses for unexpected resources. * Fixed CVE-2020-17527: HTTP/2 request header mix-up. It was discovered that Apache Tomcat could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the HTTP/2 connection, it is possible that information could leak between requests. trafficserver (8.0.2+ds-1+deb10u4) buster-security; urgency=high . * Add fix from upstream for CVE-2020-17508 * Add fix from upstream for CVE-2020-17509 tzdata (2021a-0+deb10u1) buster; urgency=medium . * New upstream version, affecting the following future timestamp: - South Sudan changes from +03 to +02 on 2021-02-01 at 00:00. tzdata (2020f-1) unstable; urgency=medium . * New upstream version with no impact on the content of the debian package, except for the version number. tzdata (2020e-1) unstable; urgency=medium . * New upstream version, affecting the following future timestamp: - Volgograd switches to Moscow time on 2020-12-27 at 02:00. tzdata (2020e-0+deb10u1) buster; urgency=medium . * New upstream version, affecting the following future timestamp: - Volgograd switches to Moscow time on 2020-12-27 at 02:00. tzdata (2020d-1) unstable; urgency=high . * New upstream version, affecting the following future timestamp: - Palestine ends DST earlier than predicted, on 2020-10-24. * Set urgency to high to get the package into testing before the next change. unzip (6.0-23+deb10u2) buster; urgency=medium . * Two more patches from Mark Adler for CVE-2019-13232. Closes: #963996. - Fix bug in UZbunzip2() that incorrectly updated G.incnt. - Fix bug in UZinflate() that incorrectly updated G.incnt. vlc (3.0.12-0+deb10u1) buster-security; urgency=medium . * New upstream release - mkv: Fix heap-based buffer overflow (CVE-2020-26664) (Closes: #979676) * debian/vlc-plugin-base.install: Install RIST plugins vlc (3.0.11.1-3) unstable; urgency=medium . * debian/patches: Apply upstream patches to fix build with Qt 5.15 (Closes: #972157) vlc (3.0.11.1-2) unstable; urgency=medium . * debian/control: - Remove unsed B-D - Switch to libdc1394-dev - Add Suggests and Recommends on the remaining packages (Closes: #970596) vlc (3.0.11.1-1) unstable; urgency=medium . * New upstream release vlc (3.0.11-4) unstable; urgency=medium . * debian/libvlc-bin.postinst: Redirect vlc-cache-gen output to stderr * debian/tests: Run vlc-cache-gen with gdb if plugins.dat is missing vlc (3.0.11-3) unstable; urgency=medium . * debian/patches: Disable cache generation vlc (3.0.11-3~exp2) experimental; urgency=medium . * debian/rules: Fix logic vlc (3.0.11-3~exp1) experimental; urgency=medium . * debian/rules: Disable dav1d plugin on arm64 and ppc64el to check if it is reponsible for vlc-cache-gen SIGSEGV vlc (3.0.11-2) unstable; urgency=medium . * debian/: Use dav1d instead of aom for decoding AV1 videos * debian/rules: Remove -Wl,--as-needed vlc (3.0.11-1) unstable; urgency=high . * New upstream release - Fix a heap-based buffer overflow in haxxx_nall (CVE-2020-13428) webkit2gtk (2.30.4-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. webkit2gtk (2.30.3-1) unstable; urgency=high . * New upstream release webkit2gtk (2.30.3-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security. * The WebKitGTK security advisory WSA-2020-0008 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2020-9952 (fixed in 2.28.3). + CVE-2020-9948, CVE-2020-9951 (fixed in 2.30.0). + CVE-2020-9983, CVE-2020-13584 (fixed in 2.30.3). * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. webkit2gtk (2.30.2-1) unstable; urgency=medium . * New upstream release. webkit2gtk (2.30.1-1) unstable; urgency=medium . * New upstream release. * debian/copyright: + Update copyright information of all files. * debian/gbp.conf: + Update upstream branch name. * debian/source/lintian-overrides: + Remove mailing-list-obsolete-in-debian-infrastructure. webkit2gtk (2.30.1-1~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. webkit2gtk (2.30.0-1) experimental; urgency=medium . * New upstream release. * debian/watch: + Scan stable releases only. webkit2gtk (2.29.92-1) experimental; urgency=medium . * New upstream development release. webkit2gtk (2.29.91-1) experimental; urgency=medium . * New upstream development release (Closes: #967992). * debian/copyright: + Update copyright information of all files. webkit2gtk (2.29.4-1) experimental; urgency=medium . * New upstream development release. * debian/control: + Install libgl1-mesa-dev unconditionally. The decision of which gl library to use is now taken directly by cmake. * Don't build the documentation in binary-arch builds and with the nodoc build profile. + debian/control: - Move gtk-doc-tools and *-doc to Build-Depends-Indep. - Add Build-Profiles: <!nodoc> to libwebkit2gtk-4.0-doc + debian/rules: - Use dh_listpackages to decide whether to build the documentation. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. webkit2gtk (2.29.3-1) experimental; urgency=medium . * New upstream development release. * debian/rules: + Remove disabling of openjpeg on Ubuntu, it's in main now (thanks, Sebastien Bacher) * debian/copyright: + Update copyright information of all files. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. * debian/source/lintian-overrides: + Update source-is-missing overrides. webkit2gtk (2.29.2-1) experimental; urgency=medium . * New upstream development release. * debian/patches/fix-ftbfs-m68k.patch: + Refresh. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. webkit2gtk (2.29.1-1) experimental; urgency=medium . * New upstream development release (Closes: #945237). * debian/watch, debian/gbp.conf: + Update for 2.29.x packages in experimental. * Refresh all patches. * debian/patches/dont-fallback-to-libwpe.patch, debian/patches/user-agent-branding.patch: + Drop these patches, they are now included upstream. * debian/rules: + Replace USER_AGENT_GTK_DISTRIBUTOR_NAME with the new USER_AGENT_BRANDING build option in Ubuntu. * debian/patches/detect-gstreamer-gl.patch, debian/patches/detect-woff.patch: + Drop these patches. We won't be making backports of WebKitGTK 2.29.x for stretch. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. * debian/control: + Add build dependency on libsystemd-dev. * debian/source/lintian-overrides: + Update source-is-missing overrides. webkit2gtk (2.28.4-1) unstable; urgency=high . * New upstream release. * Enable OpenGL ES in arm: + debian/patches/use-gles-on-arm.patch: - Set ENABLE_GLES2_DEFAULT to ON on arm. + debian/control: - Always depend on libgl1-mesa-dev. wireshark (2.6.20-0+deb10u1) buster; urgency=medium . * Non-maintainer upload. * New upstream version including the following security fixes: - CVE-2019-16319: The Gryphon dissector could go into an infinite loop. - CVE-2019-19553: The CMS dissector could crash. - CVE-2020-7045: The BT ATT dissector could crash. - CVE-2020-9428: The EAP dissector could crash. - CVE-2020-9430: The WiMax DLMAP dissector could crash. - CVE-2020-9431: The LTE RRC dissector could leak memory. - CVE-2020-11647: The BACapp dissector could crash. (Closes: #958213) - CVE-2020-13164: The NFS dissector could crash. - CVE-2020-15466: The GVCP dissector could go into an infinite loop. - CVE-2020-25862: The TCP dissector could crash. - CVE-2020-25863: The MIME Multipart dissector could crash. * Adjust 17_libdir_location.patch for context changes. * Since Wireshark 2.6.14 tests are run automatically by debhelper, backport the build fix and making test failures non-fatal. * CVE-2020-26575: The Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. (Closes: #974688) * CVE-2020-28030: The GQUIC dissector could crash. (Closes: #974689) * CVE-2020-26418: Memory leak in the Kafka protocol dissector. * CVE-2020-26421: Crash in USB HID protocol dissector. wireshark (2.6.10-1) unstable; urgency=medium . * New upstream version 2.6.10 - security fixes: - ASN.1 BER and related dissectors crash (CVE-2019-13619) - fix QIcon crash on exit on Ubuntu 16.04 with Qt 5.5.1 (LP: #1803808) * debian/gitlab-ci.yml: User minimal reference configuration wireshark (2.6.9-1) unstable; urgency=medium . * Acknowledge NMU * New upstream version 2.6.9 * Drop obsolete CVE-2019-12295.patch * Refresh patches xen (4.11.4+57-g41a822c392-2) buster-security; urgency=high . * Apply security fixes for the following issues: - oxenstored: permissions not checked on root node XSA-353 (CVE-2020-29479) - xenstore watch notifications lacking permission checks XSA-115 (CVE-2020-29480) - Xenstore: new domains inheriting existing node permissions XSA-322 (CVE-2020-29481) - Xenstore: wrong path length check XSA-323 (CVE-2020-29482) - Xenstore: guests can crash xenstored via watchs XSA-324 (CVE-2020-29484) - Xenstore: guests can disturb domain cleanup XSA-325 (CVE-2020-29483) - oxenstored memory leak in reset_watches XSA-330 (CVE-2020-29485) - oxenstored: node ownership can be changed by unprivileged clients XSA-352 (CVE-2020-29486) - undue recursion in x86 HVM context switch code XSA-348 (CVE-2020-29566) - FIFO event channels control block related ordering XSA-358 (CVE-2020-29570) - FIFO event channels control structure ordering XSA-359 (CVE-2020-29571) * Note that the following XSA are not listed, because... - XSA-349 and XSA-350 have patches for the Linux kernel - XSA-354 has patches for the XAPI toolstack - XSA-356 only applies to Xen 4.14 xen (4.11.4+57-g41a822c392-1) buster-security; urgency=high . * Update to new upstream version 4.11.4+57-g41a822c392, which also contains security fixes for the following issues: - x86: Race condition in Xen mapping code XSA-345 (CVE-2020-27672) - undue deferral of IOMMU TLB flushes XSA-346 (CVE-2020-27671) - unsafe AMD IOMMU page table updates XSA-347 (CVE-2020-27670) - x86 PV guest INVLPG-like flushes may leave stale TLB entries XSA-286 (CVE-2020-27674) - Information leak via power sidechannel XSA-351 (CVE-2020-28368) - stack corruption from XSA-346 change XSA-355 (CVE-2020-29040) xerces-c (3.2.2+debian-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload. * CVE-2018-1311 mitigation: fix use-after-free vulnerability when processing external DTD, at the expense of a memory leak. Users may mitigate both by setting the XERCES_DISABLE_DTD environment variable. xorg-server (2:1.20.4-1+deb10u2) buster-security; urgency=medium . * CVE-2020-14360 CVE-2020-25712 ====================================== Sat, 05 Dec 2020 - Debian 10.7 released ====================================== ========================================================================= [Date: Sat, 05 Dec 2020 09:41:49 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el ata-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el btrfs-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el btrfs-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el cdrom-core-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el cdrom-core-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el compress-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el compress-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el crc-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el crc-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el crypto-dm-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el crypto-dm-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el crypto-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el crypto-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el event-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el event-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el ext4-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el ext4-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el fancontrol-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el fancontrol-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el fat-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el fat-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el fb-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el fb-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el firewire-core-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el firewire-core-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el fuse-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el fuse-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el hypervisor-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el hypervisor-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el i2c-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el i2c-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el input-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el input-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el isofs-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el isofs-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el jfs-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el jfs-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el kernel-image-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el kernel-image-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el linux-headers-4.19.0-10-all-ppc64el | 4.19.132-1 | ppc64el linux-headers-4.19.0-10-powerpc64le | 4.19.132-1 | ppc64el linux-headers-4.19.0-12-all-ppc64el | 4.19.152-1 | ppc64el linux-headers-4.19.0-12-powerpc64le | 4.19.152-1 | ppc64el linux-image-4.19.0-10-powerpc64le | 4.19.132-1 | ppc64el linux-image-4.19.0-10-powerpc64le-dbg | 4.19.132-1 | ppc64el linux-image-4.19.0-12-powerpc64le | 4.19.152-1 | ppc64el linux-image-4.19.0-12-powerpc64le-dbg | 4.19.152-1 | ppc64el loop-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el loop-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el md-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el md-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el mouse-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el mouse-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el mtd-core-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el mtd-core-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el multipath-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el multipath-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el nbd-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el nbd-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el nic-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el nic-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el nic-shared-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el nic-shared-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el nic-usb-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el nic-usb-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el nic-wireless-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el nic-wireless-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el ppp-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el ppp-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el sata-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el sata-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el scsi-core-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el scsi-core-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el scsi-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el scsi-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el scsi-nic-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el scsi-nic-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el serial-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el serial-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el squashfs-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el squashfs-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el udf-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el udf-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el uinput-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el uinput-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el usb-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el usb-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el usb-serial-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el usb-serial-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el usb-storage-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el usb-storage-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el xfs-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el xfs-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:42:40 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: btrfs-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x btrfs-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x cdrom-core-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x cdrom-core-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x compress-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x compress-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x crc-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x crc-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x crypto-dm-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x crypto-dm-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x crypto-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x crypto-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x dasd-extra-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x dasd-extra-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x dasd-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x dasd-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x ext4-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x ext4-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x fat-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x fat-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x fuse-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x fuse-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x isofs-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x isofs-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x kernel-image-4.19.0-10-s390x-di | 4.19.132-1 | s390x kernel-image-4.19.0-12-s390x-di | 4.19.152-1 | s390x linux-headers-4.19.0-10-all-s390x | 4.19.132-1 | s390x linux-headers-4.19.0-10-s390x | 4.19.132-1 | s390x linux-headers-4.19.0-12-all-s390x | 4.19.152-1 | s390x linux-headers-4.19.0-12-s390x | 4.19.152-1 | s390x linux-image-4.19.0-10-s390x | 4.19.132-1 | s390x linux-image-4.19.0-10-s390x-dbg | 4.19.132-1 | s390x linux-image-4.19.0-12-s390x | 4.19.152-1 | s390x linux-image-4.19.0-12-s390x-dbg | 4.19.152-1 | s390x loop-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x loop-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x md-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x md-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x mtd-core-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x mtd-core-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x multipath-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x multipath-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x nbd-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x nbd-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x nic-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x nic-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x scsi-core-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x scsi-core-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x scsi-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x scsi-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x udf-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x udf-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x xfs-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x xfs-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x zlib-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x zlib-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:43:11 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-10-all | 4.19.132-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x linux-headers-4.19.0-12-all | 4.19.152-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:43:39 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-10-all-arm64 | 4.19.132-1 | arm64 linux-headers-4.19.0-10-arm64 | 4.19.132-1 | arm64 linux-headers-4.19.0-10-rt-arm64 | 4.19.132-1 | arm64 linux-headers-4.19.0-12-all-arm64 | 4.19.152-1 | arm64 linux-headers-4.19.0-12-arm64 | 4.19.152-1 | arm64 linux-headers-4.19.0-12-rt-arm64 | 4.19.152-1 | arm64 linux-image-4.19.0-10-arm64-dbg | 4.19.132-1 | arm64 linux-image-4.19.0-10-arm64-unsigned | 4.19.132-1 | arm64 linux-image-4.19.0-10-rt-arm64-dbg | 4.19.132-1 | arm64 linux-image-4.19.0-10-rt-arm64-unsigned | 4.19.132-1 | arm64 linux-image-4.19.0-12-arm64-dbg | 4.19.152-1 | arm64 linux-image-4.19.0-12-arm64-unsigned | 4.19.152-1 | arm64 linux-image-4.19.0-12-rt-arm64-dbg | 4.19.152-1 | arm64 linux-image-4.19.0-12-rt-arm64-unsigned | 4.19.152-1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:45:04 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: btrfs-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel btrfs-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel cdrom-core-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel cdrom-core-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel compress-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel compress-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel crc-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel crc-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel crypto-dm-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel crypto-dm-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel crypto-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel crypto-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel event-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel event-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel ext4-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel ext4-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel fat-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel fat-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel fb-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel fb-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel fuse-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel fuse-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel input-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel input-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel ipv6-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel ipv6-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel isofs-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel isofs-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel jffs2-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel jffs2-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel jfs-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel jfs-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel kernel-image-4.19.0-10-marvell-di | 4.19.132-1 | armel kernel-image-4.19.0-12-marvell-di | 4.19.152-1 | armel leds-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel leds-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel linux-headers-4.19.0-10-all-armel | 4.19.132-1 | armel linux-headers-4.19.0-10-marvell | 4.19.132-1 | armel linux-headers-4.19.0-10-rpi | 4.19.132-1 | armel linux-headers-4.19.0-12-all-armel | 4.19.152-1 | armel linux-headers-4.19.0-12-marvell | 4.19.152-1 | armel linux-headers-4.19.0-12-rpi | 4.19.152-1 | armel linux-image-4.19.0-10-marvell | 4.19.132-1 | armel linux-image-4.19.0-10-marvell-dbg | 4.19.132-1 | armel linux-image-4.19.0-10-rpi | 4.19.132-1 | armel linux-image-4.19.0-10-rpi-dbg | 4.19.132-1 | armel linux-image-4.19.0-12-marvell | 4.19.152-1 | armel linux-image-4.19.0-12-marvell-dbg | 4.19.152-1 | armel linux-image-4.19.0-12-rpi | 4.19.152-1 | armel linux-image-4.19.0-12-rpi-dbg | 4.19.152-1 | armel loop-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel loop-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel md-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel md-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel minix-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel minix-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel mmc-core-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel mmc-core-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel mmc-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel mmc-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel mouse-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel mouse-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel mtd-core-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel mtd-core-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel mtd-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel mtd-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel multipath-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel multipath-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel nbd-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel nbd-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel nic-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel nic-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel nic-shared-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel nic-shared-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel nic-usb-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel nic-usb-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel ppp-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel ppp-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel sata-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel sata-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel scsi-core-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel scsi-core-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel squashfs-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel squashfs-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel udf-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel udf-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel uinput-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel uinput-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel usb-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel usb-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel usb-serial-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel usb-serial-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel usb-storage-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel usb-storage-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel zlib-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel zlib-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:45:58 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf ata-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf btrfs-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf btrfs-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf cdrom-core-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf cdrom-core-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf compress-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf compress-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf crc-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf crc-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf crypto-dm-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf crypto-dm-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf crypto-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf crypto-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf efi-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf efi-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf event-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf event-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf ext4-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf ext4-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf fat-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf fat-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf fb-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf fb-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf fuse-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf fuse-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf i2c-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf i2c-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf input-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf input-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf isofs-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf isofs-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf jfs-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf jfs-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf kernel-image-4.19.0-10-armmp-di | 4.19.132-1 | armhf kernel-image-4.19.0-12-armmp-di | 4.19.152-1 | armhf leds-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf leds-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf linux-headers-4.19.0-10-all-armhf | 4.19.132-1 | armhf linux-headers-4.19.0-10-armmp | 4.19.132-1 | armhf linux-headers-4.19.0-10-armmp-lpae | 4.19.132-1 | armhf linux-headers-4.19.0-10-rt-armmp | 4.19.132-1 | armhf linux-headers-4.19.0-12-all-armhf | 4.19.152-1 | armhf linux-headers-4.19.0-12-armmp | 4.19.152-1 | armhf linux-headers-4.19.0-12-armmp-lpae | 4.19.152-1 | armhf linux-headers-4.19.0-12-rt-armmp | 4.19.152-1 | armhf linux-image-4.19.0-10-armmp | 4.19.132-1 | armhf linux-image-4.19.0-10-armmp-dbg | 4.19.132-1 | armhf linux-image-4.19.0-10-armmp-lpae | 4.19.132-1 | armhf linux-image-4.19.0-10-armmp-lpae-dbg | 4.19.132-1 | armhf linux-image-4.19.0-10-rt-armmp | 4.19.132-1 | armhf linux-image-4.19.0-10-rt-armmp-dbg | 4.19.132-1 | armhf linux-image-4.19.0-12-armmp | 4.19.152-1 | armhf linux-image-4.19.0-12-armmp-dbg | 4.19.152-1 | armhf linux-image-4.19.0-12-armmp-lpae | 4.19.152-1 | armhf linux-image-4.19.0-12-armmp-lpae-dbg | 4.19.152-1 | armhf linux-image-4.19.0-12-rt-armmp | 4.19.152-1 | armhf linux-image-4.19.0-12-rt-armmp-dbg | 4.19.152-1 | armhf loop-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf loop-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf md-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf md-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf mmc-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf mmc-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf mtd-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf mtd-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf multipath-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf multipath-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf nbd-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf nbd-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf nic-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf nic-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf nic-shared-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf nic-shared-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf nic-usb-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf nic-usb-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf nic-wireless-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf nic-wireless-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf pata-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf pata-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf ppp-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf ppp-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf sata-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf sata-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf scsi-core-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf scsi-core-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf scsi-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf scsi-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf scsi-nic-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf scsi-nic-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf squashfs-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf squashfs-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf udf-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf udf-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf uinput-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf uinput-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf usb-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf usb-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf usb-serial-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf usb-serial-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf usb-storage-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf usb-storage-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf zlib-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf zlib-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:46:22 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-10-686 | 4.19.132-1 | i386 linux-headers-4.19.0-10-686-pae | 4.19.132-1 | i386 linux-headers-4.19.0-10-all-i386 | 4.19.132-1 | i386 linux-headers-4.19.0-10-rt-686-pae | 4.19.132-1 | i386 linux-headers-4.19.0-12-686 | 4.19.152-1 | i386 linux-headers-4.19.0-12-686-pae | 4.19.152-1 | i386 linux-headers-4.19.0-12-all-i386 | 4.19.152-1 | i386 linux-headers-4.19.0-12-rt-686-pae | 4.19.152-1 | i386 linux-image-4.19.0-10-686-dbg | 4.19.132-1 | i386 linux-image-4.19.0-10-686-pae-dbg | 4.19.132-1 | i386 linux-image-4.19.0-10-686-pae-unsigned | 4.19.132-1 | i386 linux-image-4.19.0-10-686-unsigned | 4.19.132-1 | i386 linux-image-4.19.0-10-rt-686-pae-dbg | 4.19.132-1 | i386 linux-image-4.19.0-10-rt-686-pae-unsigned | 4.19.132-1 | i386 linux-image-4.19.0-12-686-dbg | 4.19.152-1 | i386 linux-image-4.19.0-12-686-pae-dbg | 4.19.152-1 | i386 linux-image-4.19.0-12-686-pae-unsigned | 4.19.152-1 | i386 linux-image-4.19.0-12-686-unsigned | 4.19.152-1 | i386 linux-image-4.19.0-12-rt-686-pae-dbg | 4.19.152-1 | i386 linux-image-4.19.0-12-rt-686-pae-unsigned | 4.19.152-1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:46:41 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-10-all-mips | 4.19.132-1 | mips linux-headers-4.19.0-12-all-mips | 4.19.152-1 | mips ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:47:20 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel affs-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel btrfs-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel btrfs-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel cdrom-core-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel cdrom-core-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel compress-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel compress-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel crc-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel crc-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel crypto-dm-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel crypto-dm-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel crypto-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel crypto-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel event-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel event-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel ext4-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel ext4-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel fat-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel fat-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel fuse-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel fuse-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel hfs-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel hfs-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel input-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel input-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel isofs-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel isofs-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel jfs-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel jfs-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel kernel-image-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel kernel-image-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel linux-headers-4.19.0-10-5kc-malta | 4.19.132-1 | mips, mips64el, mipsel linux-headers-4.19.0-10-octeon | 4.19.132-1 | mips, mips64el, mipsel linux-headers-4.19.0-12-5kc-malta | 4.19.152-1 | mips, mips64el, mipsel linux-headers-4.19.0-12-octeon | 4.19.152-1 | mips, mips64el, mipsel linux-image-4.19.0-10-5kc-malta | 4.19.132-1 | mips, mips64el, mipsel linux-image-4.19.0-10-5kc-malta-dbg | 4.19.132-1 | mips, mips64el, mipsel linux-image-4.19.0-10-octeon | 4.19.132-1 | mips, mips64el, mipsel linux-image-4.19.0-10-octeon-dbg | 4.19.132-1 | mips, mips64el, mipsel linux-image-4.19.0-12-5kc-malta | 4.19.152-1 | mips, mips64el, mipsel linux-image-4.19.0-12-5kc-malta-dbg | 4.19.152-1 | mips, mips64el, mipsel linux-image-4.19.0-12-octeon | 4.19.152-1 | mips, mips64el, mipsel linux-image-4.19.0-12-octeon-dbg | 4.19.152-1 | mips, mips64el, mipsel loop-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel loop-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel md-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel md-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel minix-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel minix-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel multipath-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel multipath-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel nbd-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel nbd-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel nic-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel nic-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel nic-shared-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel nic-shared-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel nic-usb-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel nic-usb-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel nic-wireless-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel nic-wireless-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel pata-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel pata-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel ppp-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel ppp-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel rtc-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel rtc-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel sata-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel sata-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel scsi-core-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel scsi-core-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel scsi-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel scsi-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel scsi-nic-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel scsi-nic-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel sound-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel sound-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel squashfs-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel squashfs-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel udf-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel udf-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel usb-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel usb-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel usb-serial-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel usb-serial-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel usb-storage-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel usb-storage-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel xfs-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel xfs-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel zlib-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel zlib-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:47:47 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel affs-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel ata-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel ata-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel btrfs-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel btrfs-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel cdrom-core-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel cdrom-core-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel compress-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel compress-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel crc-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel crc-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel crypto-dm-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel crypto-dm-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel crypto-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel crypto-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel event-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel event-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel ext4-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel ext4-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel fat-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel fat-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel fb-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel fb-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel fuse-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel fuse-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel hfs-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel hfs-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel i2c-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel i2c-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel input-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel input-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel isofs-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel isofs-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel jfs-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel jfs-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel kernel-image-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel kernel-image-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel linux-headers-4.19.0-10-4kc-malta | 4.19.132-1 | mips, mipsel linux-headers-4.19.0-12-4kc-malta | 4.19.152-1 | mips, mipsel linux-image-4.19.0-10-4kc-malta | 4.19.132-1 | mips, mipsel linux-image-4.19.0-10-4kc-malta-dbg | 4.19.132-1 | mips, mipsel linux-image-4.19.0-12-4kc-malta | 4.19.152-1 | mips, mipsel linux-image-4.19.0-12-4kc-malta-dbg | 4.19.152-1 | mips, mipsel loop-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel loop-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel md-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel md-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel minix-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel minix-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel mmc-core-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel mmc-core-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel mmc-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel mmc-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel mouse-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel mouse-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel mtd-core-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel mtd-core-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel multipath-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel multipath-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel nbd-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel nbd-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel nic-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel nic-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel nic-shared-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel nic-shared-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel nic-usb-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel nic-usb-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel nic-wireless-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel nic-wireless-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel pata-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel pata-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel ppp-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel ppp-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel sata-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel sata-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel scsi-core-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel scsi-core-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel scsi-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel scsi-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel scsi-nic-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel scsi-nic-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel sound-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel sound-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel squashfs-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel squashfs-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel udf-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel udf-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel usb-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel usb-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel usb-serial-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel usb-serial-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel usb-storage-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel usb-storage-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel xfs-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel xfs-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel zlib-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel zlib-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:48:23 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el affs-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el ata-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el ata-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el btrfs-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el btrfs-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el cdrom-core-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el cdrom-core-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el compress-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el compress-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el crc-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el crc-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el crypto-dm-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el crypto-dm-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el crypto-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el crypto-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el event-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el event-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el ext4-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el ext4-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el fat-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el fat-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el fb-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el fb-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el fuse-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el fuse-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el hfs-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el hfs-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el i2c-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el i2c-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el input-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el input-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el isofs-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el isofs-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el jfs-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el jfs-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el kernel-image-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el kernel-image-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el linux-headers-4.19.0-10-all-mips64el | 4.19.132-1 | mips64el linux-headers-4.19.0-12-all-mips64el | 4.19.152-1 | mips64el loop-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el loop-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el md-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el md-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el minix-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el minix-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el mmc-core-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el mmc-core-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el mmc-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el mmc-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el mouse-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el mouse-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el mtd-core-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el mtd-core-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el multipath-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el multipath-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el nbd-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el nbd-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el nic-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el nic-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el nic-shared-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el nic-shared-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el nic-usb-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el nic-usb-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el nic-wireless-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el nic-wireless-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el pata-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el pata-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el ppp-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el ppp-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el sata-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el sata-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el scsi-core-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el scsi-core-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el scsi-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el scsi-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el scsi-nic-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el scsi-nic-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el sound-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el sound-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el squashfs-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el squashfs-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el udf-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el udf-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el usb-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el usb-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el usb-serial-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el usb-serial-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el usb-storage-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el usb-storage-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el xfs-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el xfs-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el zlib-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el zlib-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:48:54 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel affs-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel ata-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel ata-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel btrfs-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel btrfs-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel cdrom-core-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel cdrom-core-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel compress-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel compress-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel crc-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel crc-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel crypto-dm-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel crypto-dm-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel crypto-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel crypto-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel event-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel event-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel ext4-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel ext4-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel fat-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel fat-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel fb-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel fb-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel firewire-core-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel firewire-core-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel fuse-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel fuse-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel hfs-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel hfs-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel input-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel input-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel isofs-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel isofs-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel jfs-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel jfs-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel kernel-image-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel kernel-image-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel linux-headers-4.19.0-10-loongson-3 | 4.19.132-1 | mips64el, mipsel linux-headers-4.19.0-12-loongson-3 | 4.19.152-1 | mips64el, mipsel linux-image-4.19.0-10-loongson-3 | 4.19.132-1 | mips64el, mipsel linux-image-4.19.0-10-loongson-3-dbg | 4.19.132-1 | mips64el, mipsel linux-image-4.19.0-12-loongson-3 | 4.19.152-1 | mips64el, mipsel linux-image-4.19.0-12-loongson-3-dbg | 4.19.152-1 | mips64el, mipsel loop-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel loop-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel md-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel md-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel minix-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel minix-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel mtd-core-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel mtd-core-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel multipath-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel multipath-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel nbd-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel nbd-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel nfs-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel nfs-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel nic-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel nic-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel nic-shared-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel nic-shared-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel nic-usb-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel nic-usb-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel nic-wireless-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel nic-wireless-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel pata-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel pata-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel ppp-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel ppp-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel sata-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel sata-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel scsi-core-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel scsi-core-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel scsi-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel scsi-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel scsi-nic-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel scsi-nic-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel sound-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel sound-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel speakup-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel speakup-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel squashfs-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel squashfs-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel udf-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel udf-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel usb-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel usb-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel usb-serial-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel usb-serial-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel usb-storage-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel usb-storage-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel xfs-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel xfs-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel zlib-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel zlib-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:49:32 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: acpi-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 acpi-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 ata-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 ata-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 btrfs-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 btrfs-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 cdrom-core-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 cdrom-core-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 compress-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 compress-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 crc-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 crc-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 crypto-dm-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 crypto-dm-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 crypto-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 crypto-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 efi-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 efi-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 event-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 event-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 ext4-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 ext4-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 fat-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 fat-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 fb-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 fb-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 firewire-core-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 firewire-core-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 fuse-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 fuse-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 i2c-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 i2c-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 input-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 input-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 isofs-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 isofs-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 jfs-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 jfs-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 kernel-image-4.19.0-10-amd64-di | 4.19.132-1 | amd64 kernel-image-4.19.0-12-amd64-di | 4.19.152-1 | amd64 linux-image-4.19.0-10-amd64 | 4.19.132-1 | amd64 linux-image-4.19.0-10-cloud-amd64 | 4.19.132-1 | amd64 linux-image-4.19.0-10-rt-amd64 | 4.19.132-1 | amd64 linux-image-4.19.0-12-amd64 | 4.19.152-1 | amd64 linux-image-4.19.0-12-cloud-amd64 | 4.19.152-1 | amd64 linux-image-4.19.0-12-rt-amd64 | 4.19.152-1 | amd64 loop-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 loop-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 md-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 md-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 mmc-core-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 mmc-core-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 mmc-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 mmc-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 mouse-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 mouse-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 mtd-core-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 mtd-core-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 multipath-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 multipath-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 nbd-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 nbd-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 nic-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 nic-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 nic-pcmcia-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 nic-pcmcia-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 nic-shared-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 nic-shared-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 nic-usb-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 nic-usb-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 nic-wireless-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 nic-wireless-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 pata-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 pata-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 pcmcia-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 pcmcia-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 pcmcia-storage-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 pcmcia-storage-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 ppp-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 ppp-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 sata-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 sata-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 scsi-core-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 scsi-core-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 scsi-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 scsi-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 scsi-nic-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 scsi-nic-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 serial-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 serial-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 sound-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 sound-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 speakup-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 speakup-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 squashfs-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 squashfs-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 udf-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 udf-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 uinput-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 uinput-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 usb-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 usb-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 usb-serial-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 usb-serial-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 usb-storage-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 usb-storage-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 xfs-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 xfs-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-amd64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:50:19 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 ata-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 btrfs-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 btrfs-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 cdrom-core-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 cdrom-core-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 compress-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 compress-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 crc-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 crc-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 crypto-dm-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 crypto-dm-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 crypto-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 crypto-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 efi-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 efi-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 event-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 event-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 ext4-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 ext4-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 fat-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 fat-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 fb-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 fb-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 fuse-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 fuse-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 i2c-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 i2c-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 input-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 input-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 isofs-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 isofs-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 jfs-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 jfs-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 kernel-image-4.19.0-10-arm64-di | 4.19.132-1 | arm64 kernel-image-4.19.0-12-arm64-di | 4.19.152-1 | arm64 leds-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 leds-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 linux-image-4.19.0-10-arm64 | 4.19.132-1 | arm64 linux-image-4.19.0-10-rt-arm64 | 4.19.132-1 | arm64 linux-image-4.19.0-12-arm64 | 4.19.152-1 | arm64 linux-image-4.19.0-12-rt-arm64 | 4.19.152-1 | arm64 loop-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 loop-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 md-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 md-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 mmc-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 mmc-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 mtd-core-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 mtd-core-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 multipath-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 multipath-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 nbd-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 nbd-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 nic-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 nic-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 nic-shared-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 nic-shared-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 nic-usb-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 nic-usb-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 nic-wireless-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 nic-wireless-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 ppp-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 ppp-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 sata-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 sata-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 scsi-core-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 scsi-core-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 scsi-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 scsi-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 scsi-nic-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 scsi-nic-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 squashfs-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 squashfs-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 udf-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 udf-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 uinput-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 uinput-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 usb-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 usb-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 usb-serial-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 usb-serial-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 usb-storage-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 usb-storage-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 xfs-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 xfs-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-arm64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:52:00 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: acpi-modules-4.19.0-10-686-di | 4.19.132-1 | i386 acpi-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 acpi-modules-4.19.0-12-686-di | 4.19.152-1 | i386 acpi-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 ata-modules-4.19.0-10-686-di | 4.19.132-1 | i386 ata-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 ata-modules-4.19.0-12-686-di | 4.19.152-1 | i386 ata-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 btrfs-modules-4.19.0-10-686-di | 4.19.132-1 | i386 btrfs-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 btrfs-modules-4.19.0-12-686-di | 4.19.152-1 | i386 btrfs-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 cdrom-core-modules-4.19.0-10-686-di | 4.19.132-1 | i386 cdrom-core-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 cdrom-core-modules-4.19.0-12-686-di | 4.19.152-1 | i386 cdrom-core-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 compress-modules-4.19.0-10-686-di | 4.19.132-1 | i386 compress-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 compress-modules-4.19.0-12-686-di | 4.19.152-1 | i386 compress-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 crc-modules-4.19.0-10-686-di | 4.19.132-1 | i386 crc-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 crc-modules-4.19.0-12-686-di | 4.19.152-1 | i386 crc-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 crypto-dm-modules-4.19.0-10-686-di | 4.19.132-1 | i386 crypto-dm-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 crypto-dm-modules-4.19.0-12-686-di | 4.19.152-1 | i386 crypto-dm-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 crypto-modules-4.19.0-10-686-di | 4.19.132-1 | i386 crypto-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 crypto-modules-4.19.0-12-686-di | 4.19.152-1 | i386 crypto-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 efi-modules-4.19.0-10-686-di | 4.19.132-1 | i386 efi-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 efi-modules-4.19.0-12-686-di | 4.19.152-1 | i386 efi-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 event-modules-4.19.0-10-686-di | 4.19.132-1 | i386 event-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 event-modules-4.19.0-12-686-di | 4.19.152-1 | i386 event-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 ext4-modules-4.19.0-10-686-di | 4.19.132-1 | i386 ext4-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 ext4-modules-4.19.0-12-686-di | 4.19.152-1 | i386 ext4-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 fat-modules-4.19.0-10-686-di | 4.19.132-1 | i386 fat-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 fat-modules-4.19.0-12-686-di | 4.19.152-1 | i386 fat-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 fb-modules-4.19.0-10-686-di | 4.19.132-1 | i386 fb-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 fb-modules-4.19.0-12-686-di | 4.19.152-1 | i386 fb-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 firewire-core-modules-4.19.0-10-686-di | 4.19.132-1 | i386 firewire-core-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 firewire-core-modules-4.19.0-12-686-di | 4.19.152-1 | i386 firewire-core-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 fuse-modules-4.19.0-10-686-di | 4.19.132-1 | i386 fuse-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 fuse-modules-4.19.0-12-686-di | 4.19.152-1 | i386 fuse-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 i2c-modules-4.19.0-10-686-di | 4.19.132-1 | i386 i2c-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 i2c-modules-4.19.0-12-686-di | 4.19.152-1 | i386 i2c-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 input-modules-4.19.0-10-686-di | 4.19.132-1 | i386 input-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 input-modules-4.19.0-12-686-di | 4.19.152-1 | i386 input-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 isofs-modules-4.19.0-10-686-di | 4.19.132-1 | i386 isofs-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 isofs-modules-4.19.0-12-686-di | 4.19.152-1 | i386 isofs-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 jfs-modules-4.19.0-10-686-di | 4.19.132-1 | i386 jfs-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 jfs-modules-4.19.0-12-686-di | 4.19.152-1 | i386 jfs-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 kernel-image-4.19.0-10-686-di | 4.19.132-1 | i386 kernel-image-4.19.0-10-686-pae-di | 4.19.132-1 | i386 kernel-image-4.19.0-12-686-di | 4.19.152-1 | i386 kernel-image-4.19.0-12-686-pae-di | 4.19.152-1 | i386 linux-image-4.19.0-10-686 | 4.19.132-1 | i386 linux-image-4.19.0-10-686-pae | 4.19.132-1 | i386 linux-image-4.19.0-10-rt-686-pae | 4.19.132-1 | i386 linux-image-4.19.0-12-686 | 4.19.152-1 | i386 linux-image-4.19.0-12-686-pae | 4.19.152-1 | i386 linux-image-4.19.0-12-rt-686-pae | 4.19.152-1 | i386 loop-modules-4.19.0-10-686-di | 4.19.132-1 | i386 loop-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 loop-modules-4.19.0-12-686-di | 4.19.152-1 | i386 loop-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 md-modules-4.19.0-10-686-di | 4.19.132-1 | i386 md-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 md-modules-4.19.0-12-686-di | 4.19.152-1 | i386 md-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 mmc-core-modules-4.19.0-10-686-di | 4.19.132-1 | i386 mmc-core-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 mmc-core-modules-4.19.0-12-686-di | 4.19.152-1 | i386 mmc-core-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 mmc-modules-4.19.0-10-686-di | 4.19.132-1 | i386 mmc-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 mmc-modules-4.19.0-12-686-di | 4.19.152-1 | i386 mmc-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 mouse-modules-4.19.0-10-686-di | 4.19.132-1 | i386 mouse-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 mouse-modules-4.19.0-12-686-di | 4.19.152-1 | i386 mouse-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 mtd-core-modules-4.19.0-10-686-di | 4.19.132-1 | i386 mtd-core-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 mtd-core-modules-4.19.0-12-686-di | 4.19.152-1 | i386 mtd-core-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 multipath-modules-4.19.0-10-686-di | 4.19.132-1 | i386 multipath-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 multipath-modules-4.19.0-12-686-di | 4.19.152-1 | i386 multipath-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 nbd-modules-4.19.0-10-686-di | 4.19.132-1 | i386 nbd-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 nbd-modules-4.19.0-12-686-di | 4.19.152-1 | i386 nbd-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 nic-modules-4.19.0-10-686-di | 4.19.132-1 | i386 nic-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 nic-modules-4.19.0-12-686-di | 4.19.152-1 | i386 nic-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 nic-pcmcia-modules-4.19.0-10-686-di | 4.19.132-1 | i386 nic-pcmcia-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 nic-pcmcia-modules-4.19.0-12-686-di | 4.19.152-1 | i386 nic-pcmcia-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 nic-shared-modules-4.19.0-10-686-di | 4.19.132-1 | i386 nic-shared-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 nic-shared-modules-4.19.0-12-686-di | 4.19.152-1 | i386 nic-shared-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 nic-usb-modules-4.19.0-10-686-di | 4.19.132-1 | i386 nic-usb-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 nic-usb-modules-4.19.0-12-686-di | 4.19.152-1 | i386 nic-usb-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 nic-wireless-modules-4.19.0-10-686-di | 4.19.132-1 | i386 nic-wireless-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 nic-wireless-modules-4.19.0-12-686-di | 4.19.152-1 | i386 nic-wireless-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 pata-modules-4.19.0-10-686-di | 4.19.132-1 | i386 pata-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 pata-modules-4.19.0-12-686-di | 4.19.152-1 | i386 pata-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 pcmcia-modules-4.19.0-10-686-di | 4.19.132-1 | i386 pcmcia-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 pcmcia-modules-4.19.0-12-686-di | 4.19.152-1 | i386 pcmcia-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 pcmcia-storage-modules-4.19.0-10-686-di | 4.19.132-1 | i386 pcmcia-storage-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 pcmcia-storage-modules-4.19.0-12-686-di | 4.19.152-1 | i386 pcmcia-storage-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 ppp-modules-4.19.0-10-686-di | 4.19.132-1 | i386 ppp-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 ppp-modules-4.19.0-12-686-di | 4.19.152-1 | i386 ppp-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 sata-modules-4.19.0-10-686-di | 4.19.132-1 | i386 sata-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 sata-modules-4.19.0-12-686-di | 4.19.152-1 | i386 sata-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 scsi-core-modules-4.19.0-10-686-di | 4.19.132-1 | i386 scsi-core-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 scsi-core-modules-4.19.0-12-686-di | 4.19.152-1 | i386 scsi-core-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 scsi-modules-4.19.0-10-686-di | 4.19.132-1 | i386 scsi-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 scsi-modules-4.19.0-12-686-di | 4.19.152-1 | i386 scsi-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 scsi-nic-modules-4.19.0-10-686-di | 4.19.132-1 | i386 scsi-nic-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 scsi-nic-modules-4.19.0-12-686-di | 4.19.152-1 | i386 scsi-nic-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 serial-modules-4.19.0-10-686-di | 4.19.132-1 | i386 serial-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 serial-modules-4.19.0-12-686-di | 4.19.152-1 | i386 serial-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 sound-modules-4.19.0-10-686-di | 4.19.132-1 | i386 sound-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 sound-modules-4.19.0-12-686-di | 4.19.152-1 | i386 sound-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 speakup-modules-4.19.0-10-686-di | 4.19.132-1 | i386 speakup-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 speakup-modules-4.19.0-12-686-di | 4.19.152-1 | i386 speakup-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 squashfs-modules-4.19.0-10-686-di | 4.19.132-1 | i386 squashfs-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 squashfs-modules-4.19.0-12-686-di | 4.19.152-1 | i386 squashfs-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 udf-modules-4.19.0-10-686-di | 4.19.132-1 | i386 udf-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 udf-modules-4.19.0-12-686-di | 4.19.152-1 | i386 udf-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 uinput-modules-4.19.0-10-686-di | 4.19.132-1 | i386 uinput-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 uinput-modules-4.19.0-12-686-di | 4.19.152-1 | i386 uinput-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 usb-modules-4.19.0-10-686-di | 4.19.132-1 | i386 usb-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 usb-modules-4.19.0-12-686-di | 4.19.152-1 | i386 usb-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 usb-serial-modules-4.19.0-10-686-di | 4.19.132-1 | i386 usb-serial-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 usb-serial-modules-4.19.0-12-686-di | 4.19.152-1 | i386 usb-serial-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 usb-storage-modules-4.19.0-10-686-di | 4.19.132-1 | i386 usb-storage-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 usb-storage-modules-4.19.0-12-686-di | 4.19.152-1 | i386 usb-storage-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 xfs-modules-4.19.0-10-686-di | 4.19.132-1 | i386 xfs-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 xfs-modules-4.19.0-12-686-di | 4.19.152-1 | i386 xfs-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-i386) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:53:10 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-10-common | 4.19.132-1 | all linux-headers-4.19.0-10-common-rt | 4.19.132-1 | all linux-headers-4.19.0-12-common | 4.19.152-1 | all linux-headers-4.19.0-12-common-rt | 4.19.152-1 | all linux-support-4.19.0-10 | 4.19.132-1 | all linux-support-4.19.0-12 | 4.19.152-1 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:54:19 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-10-all-amd64 | 4.19.132-1 | amd64 linux-headers-4.19.0-10-amd64 | 4.19.132-1 | amd64 linux-headers-4.19.0-10-cloud-amd64 | 4.19.132-1 | amd64 linux-headers-4.19.0-10-rt-amd64 | 4.19.132-1 | amd64 linux-headers-4.19.0-12-all-amd64 | 4.19.152-1 | amd64 linux-headers-4.19.0-12-amd64 | 4.19.152-1 | amd64 linux-headers-4.19.0-12-cloud-amd64 | 4.19.152-1 | amd64 linux-headers-4.19.0-12-rt-amd64 | 4.19.152-1 | amd64 linux-image-4.19.0-10-amd64-dbg | 4.19.132-1 | amd64 linux-image-4.19.0-10-amd64-unsigned | 4.19.132-1 | amd64 linux-image-4.19.0-10-cloud-amd64-dbg | 4.19.132-1 | amd64 linux-image-4.19.0-10-cloud-amd64-unsigned | 4.19.132-1 | amd64 linux-image-4.19.0-10-rt-amd64-dbg | 4.19.132-1 | amd64 linux-image-4.19.0-10-rt-amd64-unsigned | 4.19.132-1 | amd64 linux-image-4.19.0-12-amd64-dbg | 4.19.152-1 | amd64 linux-image-4.19.0-12-amd64-unsigned | 4.19.152-1 | amd64 linux-image-4.19.0-12-cloud-amd64-dbg | 4.19.152-1 | amd64 linux-image-4.19.0-12-cloud-amd64-unsigned | 4.19.152-1 | amd64 linux-image-4.19.0-12-rt-amd64-dbg | 4.19.152-1 | amd64 linux-image-4.19.0-12-rt-amd64-unsigned | 4.19.152-1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:54:35 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-10-all-mipsel | 4.19.132-1 | mipsel linux-headers-4.19.0-12-all-mipsel | 4.19.152-1 | mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 10:00:37 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: chromium-ublock-origin | 1.22.2+dfsg-1~deb10u1 | all xul-ext-ublock-origin | 1.22.2+dfsg-1~deb10u1 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by ublock-origin - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:31:10 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: nostalgy | 0.2.36-1.2 | source xul-ext-nostalgy | 0.2.36-1.2 | all Closed bugs: 972005 ------------------- Reason ------------------- RoQA; incompatible with newer Thunderbird versions ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:31:39 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: sieve-extension | 0.3.0+dfsg-1 | source xul-ext-sieve | 0.3.0+dfsg-1 | all Closed bugs: 972007 ------------------- Reason ------------------- RoQA; incompatible with newer Thunderbird versions ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:32:02 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: browser-plugin-freshplayer-pepperflash | 0.3.9-2 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x freshplayerplugin | 0.3.9-2 | source Closed bugs: 974698 ------------------- Reason ------------------- RoQA; Obsolete, Unsupported by browsers, EOL upstream ---------------------------------------------- ========================================================================= base-files (10.3+deb10u7) buster; urgency=medium . * Change /etc/debian_version to 10.7, for Debian 10.7 point release. blueman (2.0.8-1+deb10u1) buster-security; urgency=medium . * Add patch to address CVE-2020-15238 and add libpolkit-agent-1-dev to build deps choose-mirror (2.99+deb10u2) buster; urgency=medium . * Update Mirrors.masterlist. codemirror-js (5.43.0-1+deb10u1) buster-security; urgency=high . * Backport patch from 5.58.2 for CVE-2020-7760 cups (2.2.10-6+deb10u4) buster; urgency=medium . * Backport upstream fix: - backend,scheduler/ipp.c: Fix 'printer-alert' invalid free (Closes: #961345) dav4tbsync (1.23-1~deb10u1) buster; urgency=medium . * [a7dd92d] Merge branch 'debian/sid' into debian/buster to work with Thunderbird 78.x * [0de401e] Correct path of file dav4tbsync (1.21-1) unstable; urgency=medium . * [6d81e6d] New upstream version 1.21 * [4029398] bumpd tb version to 78.3 and webext-tbsync to 2.18 dav4tbsync (1.21-1~deb10u1) buster; urgency=medium . * [dc48b60] Prepared for release: debian/changelog * [6db535b] Correct versioning vor release in buster: debian/changelog * [e79b91e] Prepared for release in buster (proposed-updates) * [7f0db57] Icon changed path dav4tbsync (1.16-1) unstable; urgency=medium . * prepared for unstable (Closes: #971770) + to fit compatibility with thunderbird 78.x * [67b1277] Added missing bug tracker to d/u/metadata dav4tbsync (1.16-1~exp1) experimental; urgency=medium . [ Mechtilde Stehmann ] * [2df0c43] New upstream version 1.15.5~beta * [be68ae5] adapted d/ to new version 1.15.5-beta . [ Carsten Schoenert ] * [c6f900a] d/gbp.conf: adding helper for git-buildpackage * [0ff72ed] New upstream version 1.16 * [cc1dba4] d/control: add new B-D on zip * [c3342df] d/copyright: update and reformat MIT license * [29f7431] d/rules: adjust build process to fit recent requirements * [743bf33] d/webext-dav4tbsync.links: updating sequencer to new requirement * [8e1b122] d/webext-dav4tbsync.install: adjust the *.xpi file only * [44baf78] d/webext-dav4tbsync.docs: drop not needesd LICENSE files dav4tbsync (1.16-1~deb10u1) buster; urgency=medium . * [bc487f4] Bumped to version 1.16 to fit compatibility + to thunderbird version 78.x (Closes:#971808) dav4tbsync (1.9-2~exp1) experimental; urgency=medium . * [1d04328] Changed maintainer email in d/control to avoid lintian warning * [276c091] Adapt for using TB >=76 dav4tbsync (1.9-1) unstable; urgency=medium . * [25b4ab5] New upstream version 1.9 debian-installer (20190702+deb10u7) buster; urgency=medium . [ Julien Cristau ] * Add grub2 to built-using (closes: #968998). . [ Cyril Brulebois ] * Bump Linux ABI to 4.19.0-13. debian-installer-netboot-images (20190702+deb10u7) buster; urgency=medium . * Update to 20190702+deb10u7, from buster-proposed-updates. distro-info-data (0.41+deb10u3) buster; urgency=medium . * Update data to 0.45: - Add Ubuntu 21.04, Hirsute Hippo. dpdk (18.11.10-1~deb10u2) buster; urgency=medium . * Backport patch to fix armhf build with NEON dpdk (18.11.10-1~deb10u1) buster; urgency=medium . * New upstream version 18.11.10 - Remote Code Execution in vhost_crypto (VM Escape) (CVE-2020-14374) - Time-of-check time-of-use vulnerabilities throughout (CVE-2020-14375) - Buffer overflow copying iv_data from guest to host (CVE-2020-14376) - write_back_data buffer over read (CVE-2020-14377) - Partial Denial of Service due to Integer Underflow (CVE-2020-14378) * New upstream version 18.11.9; For a list of changes see http://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html * Refresh patch to remove fuzz from 18.11.10 * Add rte_rawdev_dump to symbols file. It is not a new function, it was simply missing from the map file by mistake. eas4tbsync (1.20-1~deb10u1) buster; urgency=medium . * [60116af] Prepared for release: debian/changelog * [c67f390] Correct versioning for release in buster: debian/changelog * [1244201] Prepared for release in buster (proposed-updates) * [890f1ec] Icon changed path * [8c3444e] Improved d/copyright eas4tbsync (1.16-1) unstable; urgency=medium . * prepared for unstable (Closes: #971771) + to fit compatibility with thunderbird 78.x * [3f2710b] Added missing bug tracker to d/u/metadata eas4tbsync (1.16-1~exp1) experimental; urgency=medium . [ Mechtilde Stehmann ] * [1c2afd6] New upstream version 1.15.5~beta * UNRELEASED * [3564f2e] adapted d/ to new version 1.15.5-beta . [ Carsten Schoenert ] * [2f00b70] d/gbp.conf: adding helper for git-buildpackage * [f512c73] New upstream version 1.16 * [00cc0d6] d/control: add new B-D on zip * [685d0b7] d/copyright: update content, remove trailing whitespace * [ac56fb2] d/rules: adjust build process to fit recent requirements * [fb1fd87] d/webext-eas4tbsync.links: updating sequencer to new requirement * [0cf7043] d/webext-eas4tbsync.install: adjust the *.xpi file only * [64ac9ca] d/webext-eas4tbsync.docs: install README files dedicated eas4tbsync (1.16-1~deb10u1) buster; urgency=medium . * [b87d1b6] Bumped to version 1.16 to fit compatibility + to thunderbird version 78.x (Closes:#971809) eas4tbsync (1.14-2~exp1) experimental; urgency=medium . * [d5e4038] Adapt using TB>=76 eas4tbsync (1.14-1) unstable; urgency=medium . * [520424f] New upstream version 1.14 * [72f7bd0] Changed maintainer email in d/control to avoid lintian warning eas4tbsync (1.12-1) unstable; urgency=medium . * [a3311d7] New upstream version 1.12 edk2 (0~20181115.85588389-3+deb10u2) buster; urgency=medium . * Fix integer overflow in DxeImageVerificationHandler. (CVE-2019-14562) (Closes: #968819) - d/p/0001-SecurityPkg-DxeImageVerificationLib-extract-SecDataD.patch - d/p/0002-SecurityPkg-DxeImageVerificationLib-assign-WinCertif.patch - d/p/0003-SecurityPkg-DxeImageVerificationLib-catch-alignment-.patch efivar (37-2+deb10u1) buster; urgency=medium . * Backport important fixes from unstable: + fix uninitialized variable in parse_acpi_root, saving possible segfault. + Add support for nvme-fabrics and nvme-subsystem devices. Closes: #975417 enigmail (2:2.2.4-0.2~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster. * Don't run tests, the build dependency eslint is not in buster. enigmail (2:2.2.4-0.1) unstable; urgency=medium . * Non-maintainer upload . [ Gregor Riepl ] * new upstream release (Closes: #970111) * this version contains a migration wizard for converting existing enigmail configurations to the built-in openpgp support in thunderbird * it will no longer be maintained when thunderbird 78+ enters stable enigmail (2:2.1.6+ds1-1) unstable; urgency=medium . * new upstream release * drop patches already applied upstream * include more patches from upstream enigmail (2:2.1.5+ds1-1) unstable; urgency=medium . * new upstream release * drop patches already upstreamed * drop workaround for util/Preprocessor.py, since it is not used any longer * refresh patches * import bugfixes from upstream * fix parallel build * drop unnecessary debian/source/include-binaries * drop shlibs:Depends, since enigmail is now arch: all * standards-version: bump to 4.5.0 (no changes needed) enigmail (2:2.1.3+ds1-4) unstable; urgency=medium . * convert to python3 * convert unit tests to python3 as well * wrap-and-sort -ast espeak (1.48.04+dfsg-7+deb10u1) buster; urgency=medium . * patches/mbrola-fr4: Fix using espeak with mbrola-fr4 when mbrola-fr1 is not installed. fastd (18-3+deb10u1) buster; urgency=medium . * debian/patches: - Add 0001-receive-fix-buffer-leak-when-receiving-invalid-packe.patch, CVE-2020-27638: Fix DoS'able memory leak when receiving too many invalid packets (Closes: #972521) firefox-esr (78.5.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2020-51, also known as: CVE-2020-26951, CVE-2020-16012, CVE-2020-26953, CVE-2020-26956, CVE-2020-26958, CVE-2020-26959, CVE-2020-26960, CVE-2020-26961, CVE-2020-26965, CVE-2020-26968. firefox-esr (78.4.1esr-2) unstable; urgency=medium . * Cargo.lock, third_party/rust/proc-macro2, third_party/rust/syn: Update to fix FTBFS with rustc 1.47. bz#1663715. firefox-esr (78.4.1esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2020-49, also known as CVE-2020-26950. firefox-esr (78.4.1esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2020-49, also known as CVE-2020-26950. firefox-esr (78.4.0esr-2) unstable; urgency=medium . * debian/rules: Restore parts of debian/rules that were removed by mistake in 78.4.0esr-1, causing FTBFS on at least amd64. firefox-esr (78.4.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2020-46, also known as: CVE-2020-15969, CVE-2020-15683. . [Emilio Pozuelo Monfort] * debian/browser.bug-presubj.in, debian/control.in, debian/rules, debian/symbols.mk, debian/upstream.mk: Remove support for jessie. * debian/control.in, debian/rules: stretch: build with LLVM 7, 4.0 doesn't support -std=gnu++17. * debian/rules: - stretch: build with GCC 7 from gcc-mozilla. - Call python with -B when regenerating the control files, so as to not generate bytecode files. - Call debian/l10n/gen with C.UTF-8 as the locale, otherwise it fails in stretch when opening the iso-codes files. - stretch: don't set NASM on !x86. firefox-esr (78.4.0esr-1~deb10u2) buster-security; urgency=medium . * debian/rules: Restore parts of debian/rules that were removed by mistake in 78.4.0esr-1~deb10u1, causing FTBFS on at least amd64. firefox-esr (78.4.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2020-46, also known as: CVE-2020-15969, CVE-2020-15683. . [Emilio Pozuelo Monfort] * debian/browser.bug-presubj.in, debian/control.in, debian/rules, debian/symbols.mk, debian/upstream.mk: Remove support for jessie. * debian/control.in, debian/rules: stretch: build with LLVM 7, 4.0 doesn't support -std=gnu++17. * debian/rules: - stretch: build with GCC 7 from gcc-mozilla. - Call python with -B when regenerating the control files, so as to not generate bytecode files. - Call debian/l10n/gen with C.UTF-8 as the locale, otherwise it fails in stretch when opening the iso-codes files. - stretch: don't set NASM on !x86. . [Mike Hommey] * third-party/rust/authenticator/src/linux/ioctl_mips*.rs: Add missing bindings for mips*. firefox-esr (78.3.0esr-2) unstable; urgency=medium . * third-party/rust/authenticator/src/linux/ioctl_mips*.rs: Add missing bindings for mips*. firefox-esr (78.3.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2020-43, also known as: CVE-2020-15677, CVE-2020-15676, CVE-2020-15678, CVE-2020-15673. . * js/src/jit/mips-shared/CodeGenerator-mips-shared.cpp: Add CodeGenerator::visitWasmRegisterResult function. bz#1649655. * js/src/jit/none/MacroAssembler-none.h: Bump CodeAlignment to 8. bz#1666646. firefox-esr (78.3.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2020-43, also known as: CVE-2020-15677, CVE-2020-15676, CVE-2020-15678, CVE-2020-15673. . * js/src/jit/mips-shared/CodeGenerator-mips-shared.cpp: Add CodeGenerator::visitWasmRegisterResult function. bz#1649655. * js/src/jit/none/MacroAssembler-none.h: Bump CodeAlignment to 8. bz#1666646. * third-party/rust/authenticator/src/linux/ioctl_mips*.rs: Add missing bindings for mips*. . firefox-esr (78.2.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2020-32 and mfsa2020-38, also known as: CVE-2020-15652, CVE-2020-6514, CVE-2020-15655, CVE-2020-15653, CVE-2020-6463, CVE-2020-15656, CVE-2020-15658, CVE-2020-15654, CVE-2020-15659, CVE-2020-15664, CVE-2020-15670. . firefox (78.0.2-1) unstable; urgency=medium . * New upstream release. * Fix for mfsa2020-28. . firefox (78.0.1-1) unstable; urgency=medium . * New upstream release. . * debian/rules: - Replace --disable-ion with --disable-jit. - Don't generated the ICU data file for big-endian manually. . * js/src/jit/mips-shared/MacroAssembler-mips-shared-inl.h, js/src/jit/mips64/MacroAssembler-mips64-inl.h: Add branchTestSymbol and fallibleUnboxPtr. bz#1642265. * config/external/icu/data/*icudata*, config/external/icu/data/moz.build, js/moz.configure: Unify the includion of the ICU data file. bz#1650299. * config/external/icu/common/moz.build, config/external/icu/common/sources.mozbuild, config/external/icu/data/convert_icudata.py, config/external/icu/data/moz.build, config/external/icu/defs.mozbuild, config/external/icu/i18n/moz.build, config/external/icu/i18n/sources.mozbuild, config/external/icu/icupkg/moz.build, config/external/icu/icupkg/sources.mozbuild, config/external/icu/moz.build, config/external/icu/toolutil/moz.build, config/external/icu/toolutil/sources.mozbuild, config/recurse.mk, intl/icu_sources_data.py: Automatically convert the little-endian ICU data file for big-endian builds. . firefox (78.0-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-24, also known as: CVE-2020-12415, CVE-2020-12416, CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421, CVE-2020-12422, CVE-2020-12424, CVE-2020-12425, CVE-2020-12426. . * debian/control*: Bump nss build dependency. * debian/control*, debian/rules: Remove build dependency on python2.7. * debian/browser.mozconfig.in: Remove obsolete configure options. . * build/virtualenv_packages.txt: Don't install enum and enum34 virtualenv packages in python3 virtualenvs. bz#1632429. . firefox (77.0-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-20, also known as: CVE-2020-12399, CVE-2020-12405, CVE-2020-12406, CVE-2020-12407, CVE-2020-12408, CVE-2020-12409, CVE-2020-12410, CVE-2020-12411. . * debian/l10n/gen, debian/l10n_revs.py, debian/latest_nightly.py, debian/rules, debian/symbols.mk: Convert to python 3. * debian/control*: Bump nss and cbindgen build dependencies. * debian/rules: - Revert PKCS11 API change from 76.0.1-1 because the new API is now explicitly used by upstream code. - Stop passing -fno-schedule-insns2 -fno-lifetime-dse and -fno-delete-null-pointer-checks to GCC. . firefox (76.0.1-2) unstable; urgency=medium . * debian/browser.mozconfig.in: Allow addon sideload. Closes: #960084. * debian/control*: Bump nasm build dependency to 2.14. . firefox (76.0.1-1) unstable; urgency=medium . * New upstream release . * debian/rules: Force using old PKCS11 API when building against newer NSS releases. Closes: #960012. . firefox (76.0-2) unstable; urgency=medium . * Cargo.lock, third_party/rust/typenum/*: Upgrade typename to 1.12.0. bz#1635671. Fixes FTBFS on i386. . firefox (76.0-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-16, also known as: CVE-2020-12387, CVE-2020-6831, CVE-2020-12390, CVE-2020-12391, CVE-2020-12392, CVE-2020-12394, CVE-2020-12395, CVE-2020-12396. . * debian/control*: Bump nss build dependency. * debian/browser.install.in: Don't install blocklist.xml, it's not there anymore. . * config/recurse.mk: Don't depend on in-tree NSS/NSPR when building against system NSS/NSPR. bz#1634926. . firefox (75.0-2) unstable; urgency=medium . * build/moz.configure/util.configure: In configure, pass extra compiler flags after source path. Fixes FTBFS with --with-system-libvpx with gcc-9 >= 9-20190125-2. . firefox (75.0-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-12, also known as: CVE-2020-6821, CVE-2020-6822, CVE-2020-6823, CVE-2020-6824, CVE-2020-6825, CVE-2020-6826. . * debian/control*: Bump nss, rustc, cargo, cbindgen and nodejs build dependencies. * debian/control*, debian/rules: Build against libvpx >= 1.8. We used to build-conflicts with that version, but that's not necessary now that upstream needs that version. * debian/browser.install.in: Don't install .chk files, they aren't produced anymore. * debian/browser.install.in, debian/browser.mozconfig.in, debian/control*, debian/rules: Don't build against system sqlite. This is not supported anymore. . * python/mozbuild/mozbuild/nodeutil.py: Allow to build with older versions of nodejs 10. . firefox (74.0.1-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-11, also known as: CVE-2020-6819, CVE-2020-6820. . firefox (74.0-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2020-08, also known as: CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6808, CVE-2020-6809, CVE-2020-6810, CVE-2020-6811, CVE-2019-20503, CVE-2020-6812, CVE-2020-6813, CVE-2020-6814, CVE-2020-6815. . * debian/rules: - Use the -o flag to redirect preprocessor output rather than shell redirection to work around bz#1621465. - Remove obj-*/.mozbuild on clean. * debian/control*: Bump nspr, nss, sqlite and cbindgen build dependencies. . * config/mozunit/mozunit/mozunit.py, python/mozbuild/mozbuild/action/langpack_manifest.py, python/mozbuild/mozbuild/jar.py, python/mozbuild/mozbuild/preprocessor.py, python/mozbuild/mozbuild/test/backend/test_build.py: Use io.open() rather than open() in mozbuild/preprocessor.py. bz#1613263. * dom/canvas/ClientWebGLContext.h, dom/canvas/WebGLContext.h: Fix build errors with -Werror=format-security with GCC. . firefox (73.0.1-1) unstable; urgency=medium . * New upstream release. . * gfx/2d/SwizzleNEON.cpp: Fix NEON compile error with gcc and RGB unpacking. bz#1610814. . firefox (73.0-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2020-05, also known as: CVE-2020-6796, CVE-2020-6798, CVE-2020-6800, CVE-2020-6801. . * debian/control*: Bump nss, rustc, cargo and cbindgen build dependencies. * debian/browser.install.in: Do not install now removed chrome.manifest and libnssdbm3.* files. . firefox (72.0.2-1) unstable; urgency=medium . * New upstream release. . firefox (72.0.1-1) unstable; urgency=medium . * New upstream release. * Fix for mfsa2020-03, also known as CVE-2019-17026. . firefox (72.0-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2020-01, also known as: CVE-2019-17016, CVE-2019-17017, CVE-2019-17020, CVE-2019-17022, CVE-2019-17023, CVE-2019-17024, CVE-2019-17025. . * debian/rules: - Don't build with --compress-debug-sections on jessie. - Use sourcestamp.txt for MOZ_BUILD_DATE. - Avoid running dh_update_autotools_config. We're dealing with this manually and we don't want config.* files being touched under third_party/rust. * debian/control*: - Bump nspr, nss and sqlite build dependencies. - Add missing dependency on libdrm-dev. * debian/browser.mozconfig.in: Explicitly build with wayland support enabled. . * intl/icu_sources_data.py: Don't build ICU in parallel. * gfx/skia/skia/third_party/skcms/src/Transform_inl.h: Work around older GCC ICE on arm. (Thanks Emilio Pozuelo Monfort) . firefox (71.0-2) unstable; urgency=medium . * dom/indexedDB/ActorsParent.cpp: Work around lack of support for http://eel.is/c++draft/class.temporary#6.7 in compilers. bz#1601707 Closes: #946249, #946547. * layout/generic/WritingModes.h, servo/ports/geckolib/cbindgen.toml: Fix build with newer cbindgen. bz#1602358. . firefox (71.0-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2019-36, also known as: CVE-2019-11756, CVE-2019-17008, CVE-2019-11745, CVE-2019-17014, CVE-2019-17010, CVE-2019-17005, CVE-2019-17011, CVE-2019-17012, CVE-2019-17013. . * debian/l10n/gen: Add support for ca-valencia. * debian/control*: Bump nspr, nss, rustc and cargo build dependencies. * debian/rules, debian/control.in: - Build with nodejs-mozilla on jessie and stretch. - Build with nasm-mozilla on jessie and stretch. - Don't build with system libvpx on stretch. (Thanks Emilio Pozuelo Monfort) . firefox (70.0.1-1) unstable; urgency=medium . * New upstream release. . firefox (70.0-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2019-34, also known as: CVE-2018-6156, CVE-2019-15903, CVE-2019-11757, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11765, CVE-2019-17000, CVE-2019-17001, CVE-2019-17002, CVE-2019-11764. . * debian/control*: Bump nss, sqlite, rustc, cargo, and cbindgen build dependencies. . firefox (69.0.2-1) unstable; urgency=medium . * New upstream release. . firefox (69.0.1-1) unstable; urgency=medium . * New upstream release. * Fix for mfsa2019-31, also known as CVE-2019-11754. . * debian/control*: - Bump nss, rustc, cargo and cbindgen build dependencies. Closes: #939412. - Remove build dependency versions where Debian has had the right version since Jessie. * debian/source/lintian-overrides: Adjust DotZlib.chm path. . firefox (69.0-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2019-25, also known as: CVE-2019-11746, CVE-2019-11744, CVE-2019-11742, CVE-2019-11752, CVE-2019-9812, CVE-2019-11741, CVE-2019-11743, CVE-2019-11748, CVE-2019-11749, CVE-2019-5849, CVE-2019-11750, CVE-2019-11737, CVE-2019-11738, CVE-2019-11747, CVE-2019-11734, CVE-2019-11735, CVE-2019-11740. . * debian/upstream.mk: Read source repo and revision from json when getting upstream info. Instead of the .txt file that doesn't exist as of 69. * debian/control*: - Remove unused build dependency against python-ply. - Remove python-minimal build dependency. All supported versions of Debian have a new enough version. - Remove build dependency against libjsoncpp-dev. * debian/l10n/gen, debian/latest_nightly.py, debian/rules, debian/symbols.mk, debian/upstream.mk, debian/watch: Use explicit python2.7 instead of python. * debian/rules: Use `mach python --no-virtualenv` to invoke the preprocessor. . * config/system-headers, toolkit/crashreporter/jsoncpp/src/lib_json/moz.build, toolkit/crashreporter/minidump-analyzer/moz.build: Revert hack to build against libjsoncpp. It was fine when it was only used by the crash reporter, but that's not the case anymore, and it breaks the build. Also, the bundled version is newer than what is available in Debian. firefox-esr (78.2.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2020-32 and mfsa2020-38, also known as: CVE-2020-15652, CVE-2020-6514, CVE-2020-15655, CVE-2020-15653, CVE-2020-6463, CVE-2020-15656, CVE-2020-15658, CVE-2020-15654, CVE-2020-15659, CVE-2020-15664, CVE-2020-15670. firefox-esr (68.12.0esr-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-37, also known as CVE-2020-15664 and CVE-2020-15669. fish (3.0.2-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. + With permission from package maintainer and uploader. . [ Miao Wang ] * debian/patches: Add patch to ensure tty options are restored on exit. This fixes upstream issue 5663. (Closes: #970777) freecol (0.11.6+dfsg2-2+deb10u1) buster; urgency=medium . * CVE-2018-1000825 (Closes: #917023) freetype (2.9.1-3+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix heap buffer overflow (CVE-2020-15999) (Closes: #972586) gajim-omemo (2.6.27-1+deb10u1) buster; urgency=medium . * add patch: Switch to 12 byte IV glances (3.1.0-1+deb10u1) buster; urgency=medium . * d/control: Update my lastname. * Now glances listen on 127.0.0.1. (Closes: #970812) httpcomponents-client (4.5.7-1+deb10u1) buster-security; urgency=high . * Team upload. * Fix CVE-2020-13956: Incorrect handling of malformed authority component by URIUtils#extractHost. iptables-persistent (1.0.11+deb10u1) buster; urgency=medium . * [cdc4a5] Do not load modules. Thanks to Thorsten Glaser <tg@mirbsd.de> (Closes: #963012) * [cdc4a5] Do not call log_action_cont_msg() Thanks to Synthea <genomian@firemail.cc> (Closes: #961589) * [b6e6f9] Backport the logic to flush rules from 1.0.14 krb5 (1.17-3+deb10u1) buster-security; urgency=medium . * CVE-2020-28196 (Closes: #973880) lacme (0.5-1+deb10u2) buster; urgency=medium . * Use upstream certificate chain instead of an hardcoded one. This is a breaking change. The certificate indicated by 'CAfile' is no longer used as is in 'certificate-chain' (along with the leaf cert). The chain returned by the ACME v2 endpoint is used instead. This allows for more flexbility with respect to key/CA rotation, cf. https://letsencrypt.org/2020/11/06/own-two-feet.html and https://community.letsencrypt.org/t/beginning-issuance-from-r3/139018 * Additional current/planned CA certificates can be found under /usr/local/share/lacme: - lets-encrypt-e[12].pem - lets-encrypt-r[34]-cross-signed.pem - lets-encrypt-r[34].pem - letsencryptauthorityx[34].pem See https://letsencrypt.org/certificates/ * Moreover 'CAfile' now defaults to /usr/share/lacme/ca-certificates.crt which is a concatenation of all known active CA certificates (which includes the previous default). Closes: #975862. libdatetime-timezone-perl (1:2.23-1+2020d) buster; urgency=medium . * Update to Olson database version 2020d. This update includes contemporary changes for Palestine. libdatetime-timezone-perl (1:2.23-1+2020c) buster; urgency=medium . * Update to Olson database version 2020c. This update includes contemporary changes for Fiji. libdatetime-timezone-perl (1:2.23-1+2020b) buster; urgency=medium . * Update to Olson database version 2020b. This update includes contemporary changes for Morocco, Casey Station, and the Yukon. This release also removes the very long-deprecated "US/Pacific-New" zone name. libexif (0.6.21-5.1+deb10u5) buster-security; urgency=medium . * Add upstream patch to prevent compiler optimization of a buffer overflow check (fixes CVE-2020-0452). libimobiledevice (1.2.1~git20181030.92c5462-2+deb10u1) buster; urgency=medium . * d/patches: partial support for iOS 14 libjpeg-turbo (1:1.5.2-2+deb10u1) buster; urgency=medium . * CVE-2018-1152 (Closes: #902950) * CVE-2018-14498 (Closes: #924678) * CVE-2019-2201 * CVE-2020-13790 (Closes: #962829) libproxy (0.4.15-5+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix buffer overflow when PAC is enabled (CVE-2020-26154) (Closes: #968366) * Rewrite url::recvline to be nonrecursive (CVE-2020-25219) (Closes: #971394) libxml2 (2.9.4+dfsg1-7+deb10u1) buster; urgency=medium . * CVE-2017-18258 (Closes: #895245) * CVE-2018-14404 (Closes: #901817) * CVE-2018-14567 * CVE-2019-19956 * CVE-2019-20388 (Closes: #949583) * CVE-2020-7595 (Closes: #949582) linux (4.19.160-2) buster; urgency=medium . * net: Disable MLX5_ESWITCH on mips and mipsel (Fixes FTBFS) linux (4.19.160-1) buster; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.153 - [ppc64el] ibmveth: Switch order of ibmveth_helper calls. - [ppc64el] ibmveth: Identify ingress large send packets. - ipv4: Restore flowi4_oif update before call to xfrm_lookup_route - mlx4: handle non-napi callers to napi_poll - [armhf] net: fec: Fix phy_device lookup for phy_reset_after_clk_enable() - [armhf] net: fec: Fix PHY init after phy_reset_after_clk_enable() - net: fix pos incrementment in ipv6_route_seq_next - net/smc: fix valid DMBE buffer sizes - net: usb: qmi_wwan: add Cellient MPL200 card - tipc: fix the skb_unshare() in tipc_buf_append() - net/ipv4: always honour route mtu during forwarding - r8169: fix data corruption issue on RTL8402 - [arm*] binder: fix UAF when releasing todo list (CVE-2020-0423) - ALSA: bebob: potential info leak in hwdep_read() - net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device - [x86,ppc64el] net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling ether_setup - net/sched: act_tunnel_key: fix OOB write in case of IPv6 ERSPAN tunnels - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() - tcp: fix to update snd_wl1 in bulk receiver fast path - r8169: fix operation under forced interrupt threading - icmp: randomize the global rate limiter (CVE-2020-25705) - ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887 - cifs: remove bogus debug code - cifs: Return the error from crypt_message when enc/dec key not found. - [x86] KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages - [x86] KVM: SVM: Initialize prev_ga_tag before use - crypto: algif_aead - Do not set MAY_BACKLOG on the async path - [x86] EDAC/i5100: Fix error handling order in i5100_init_one() - [x86] fpu: Allow multiple bits in clearcpuid= parameter - [arm64] drivers/perf: xgene_pmu: Fix uninitialized resource struct - [x86] nmi: Fix nmi_handle() duration miscalculation - [amd64] x86/events/amd/iommu: Fix sizeof mismatch - crypto: algif_skcipher - EBUSY on aio should be an error - media: tuner-simple: fix regression in simple_set_radio_freq - media: uvcvideo: Set media controller entity functions - media: uvcvideo: Silence shift-out-of-bounds warning - [armhf] media: omap3isp: Fix memleak in isp_probe - [armhf] media: ti-vpe: Fix a missing check and reference count leak - regulator: resolve supply after creating regulator - ath10k: provide survey info as accumulated data - Bluetooth: hci_uart: Cancel init work before unregistering - ath6kl: prevent potential array overflow in ath6kl_add_new_sta() - ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() - ath10k: Fix the size used in a 'dma_free_coherent()' call in an error handling path - [arm64] wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 - [arm64] ASoC: qcom: lpass-platform: fix memory leak - [arm64] ASoC: qcom: lpass-cpu: fix concurrency issue - brcmfmac: check ndev pointer - mwifiex: Do not use GFP_KERNEL in atomic context - [x86] staging: rtl8192u: Do not use GFP_KERNEL in atomic context - [x86] drm/gma500: fix error check - scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()' - scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() - scsi: csiostor: Fix wrong return value in csio_hw_prep_fw() - [x86] VMCI: check return value of get_user_pages_fast() for errors - [ppc64el] tty: hvcs: Don't NULL tty->driver_data until hvcs_cleanup() - pty: do tty_flip_buffer_push without port->lock in pty_write - [x86] pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare() - [x86] pwm: lpss: Add range limit check for the base_unit register value - [x86] video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error - video: fbdev: sis: fix null ptr dereference - video: fbdev: radeon: Fix memleak in radeonfb_pci_register - HID: roccat: add bounds checking in kone_sysfs_write_settings() - [armhf] pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser - [armhf] pinctrl: mcp23s08: Fix mcp23x17 precious range - net/mlx5: Don't call timecounter cyc2time directly from 1PPS flow - [arm64,armhf] net: stmmac: use netif_tx_start|stop_all_queues() function - [arm64] cpufreq: armada-37xx: Add missing MODULE_DEVICE_TABLE - ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd() - [amd64] misc: mic: scif: Fix error handling path - [arm*] usb: dwc2: Fix parameter type in function pointer prototype - quota: clear padding in v2r1_mem2diskdqb() - HID: hid-input: fix stylus battery reporting - net: enic: Cure the enic api locking trainwreck - [mips*] mfd: sm501: Fix leaks in probe() - iwlwifi: mvm: split a print to avoid a WARNING in ROC - usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above. - usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well - nl80211: fix non-split wiphy information - [arm*] usb: dwc2: Fix INTR OUT transfers in DDMA mode. - scsi: target: tcmu: Fix warning: 'page' may be used uninitialized - scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs() - mwifiex: fix double free - ipvs: clear skb->tstamp in forwarding path - netfilter: nf_log: missing vlan offload tag and proto - mm/memcg: fix device private memcg accounting - mm, oom_adj: don't loop through tasks in __set_oom_adj when not necessary - IB/mlx4: Fix starvation in paravirt mux/demux - IB/mlx4: Adjust delayed work when a dup is observed - [powerpc*] pseries: Fix missing of_node_put() in rng_init() - [powerpc*] icp-hv: Fix missing of_node_put() in success path - RDMA/ucma: Fix locking for ctx->events_reported - RDMA/ucma: Add missing locking around rdma_leave_multicast() - [powerpc*] pseries: explicitly reschedule during drmem_lmb list traversal - mtd: mtdoops: Don't write panic data twice - [armel,armhf] ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values - xfs: limit entries returned when counting fsmap records - xfs: fix high key handling in the rt allocator's query_range function - RDMA/qedr: Fix use of uninitialized field - RDMA/qedr: Fix inline size returned for iWARP https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.154 - [powerpc*] 64s/radix: Fix mm_cpumask trimming race vs kthread_use_mm - RDMA/cma: Remove dead code for kernel rdmacm multicast - RDMA/cma: Consolidate the destruction of a cma_multicast in one place - [arm64] RDMA/hns: Set the unsupported wr opcode - [arm64] RDMA/hns: Fix missing sq_sig_type when querying QP - overflow: Include header file with SIZE_MAX declaration - [powerpc*] perf: Exclude pmc5/6 from the irrelevant PMU group constraints - [poerpc*] cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier - IB/rdmavt: Fix sizeof mismatch - f2fs: wait for sysfs kobject removal before freeing f2fs_sb_info - lib/crc32.c: fix trivial typo in preprocessor condition - rapidio: fix error handling path - rapidio: fix the missed put_device() for rio_mport_add_riodev - mailbox: avoid timer start from callback - [arm64,armhf] clk: rockchip: Initialize hw to error to avoid undefined behavior - [arm*] clk: bcm2835: add missing release if devm_clk_hw_register fails - watchdog: Fix memleak in watchdog_cdev_register - watchdog: Use put_device on error - svcrdma: fix bounce buffers for unaligned offsets and multiple pages - ext4: limit entries returned when counting fsmap records - vfio/pci: Clear token on bypass registration failure - [amd64,arm64] vfio iommu type1: Fix memory leak in vfio_iommu_type1_pin_pages - SUNRPC: fix copying of multiple pages in gss_read_proxy_verf() - [armhf] Input: omap4-keypad - fix handling of platform_get_irq() error - [armhf] Input: twl4030_keypad - fix handling of platform_get_irq() error - [armhf] Input: sun4i-ps2 - fix handling of platform_get_irq() error - [x86] KVM: emulating RDPID failure shall return #UD rather than #GP - netfilter: conntrack: connection timeout after re-register - netfilter: nf_fwd_netdev: clear timestamp in forwarding path - [armhf] dts: sun8i: r40: bananapi-m2-ultra: Fix dcdc1 regulator - [armhf] memory: omap-gpmc: Fix a couple off by ones - [powerpc*] powernv/dump: Fix race while processing OPAL dump - nvmet: fix uninitialized work for zero kato - [x86,arm64] i2c: core: Restore acpi_walk_dep_device_list() getting called after registering the ACPI i2c devs - block: ratelimit handle_bad_sector() message - [x86] crypto: ccp - fix error handling - media: firewire: fix memory leak - media: ati_remote: sanity check for both endpoints - media: media/pci: prevent memory leak in bttv_probe - media: uvcvideo: Ensure all probed info is returned to v4l2 - mmc: sdio: Check for CISTPL_VERS_1 buffer size - media: saa7134: avoid a shift overflow - fs: dlm: fix configfs memory leak - [arm64] media: venus: core: Fix runtime PM imbalance in venus_probe - ip_gre: set dev->hard_header_len and dev->needed_headroom properly - mac80211: handle lack of sband->bitrates in rates - PM: hibernate: remove the bogus call to get_gendisk() in software_resume() - scsi: mvumi: Fix error return in mvumi_io_attach() - scsi: target: core: Add CONTROL field for trace events - [amd64] mic: vop: copy data to kernel space then write to io memory - [amd64] misc: vop: add round_up(x,4) for vring_size to avoid kernel panic - usb: gadget: function: printer: fix use-after-free in __lock_acquire - udf: Limit sparing table size - udf: Avoid accessing uninitialized data on failed inode read - USB: cdc-acm: handle broken union descriptors - [arm64,armhf] usb: dwc3: simple: add support for Hikey 970 - [armhf] can: flexcan: flexcan_chip_stop(): add error handling and propagate error value - ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs() - misc: rtsx: Fix memory leak in rtsx_pci_probe - reiserfs: only call unlock_new_inode() if I_NEW - xfs: make sure the rt allocator doesn't run off the end - usb: ohci: Default to per-port over-current protection - Bluetooth: Only mark socket zapped after unlocking - [ppc64el] scsi: ibmvfc: Fix error return in ibmvfc_probe() - brcmsmac: fix memory leak in wlc_phy_attach_lcnphy - rtl8xxxu: prevent potential memory leak - Fix use after free in get_capset_info callback. - scsi: qedi: Protect active command list to avoid list corruption - scsi: qedi: Fix list_del corruption while removing active I/O - [x86] tty: ipwireless: fix error handling - ipvs: Fix uninit-value in do_ip_vs_set_ctl() - reiserfs: Fix memory leak in reiserfs_parse_options() - mwifiex: don't call del_timer_sync() on uninitialized timer - brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach - usb: core: Solve race condition in anchor cleanup functions - ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n() - usb: cdc-acm: add quirk to blacklist ETAS ES58X devices - USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync(). - eeprom: at25: set minimum read/write access stride to 1 - usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets. https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.155 - scripts/setlocalversion: make git describe output more reliable - [arm64] Run ARCH_WORKAROUND_1 enabling code on all CPUs - [arm64] link with -z norelro regardless of CONFIG_RELOCATABLE - [x86,arm64,armhf] efivarfs: Replace invalid slashes with exclamation marks in dentries. - gtp: fix an use-before-init in gtp_newlink() - netem: fix zero division in tabledist - tcp: Prevent low rmem stalls with SO_RCVLOWAT. - tipc: fix memory leak caused by tipc_buf_append() - r8169: fix issue with forced threading in combination with shared interrupts - cxgb4: set up filter action after rewrites - [x86] arch/x86/amd/ibs: Fix re-arming IBS Fetch - [x86] xen: disable Firmware First mode for correctable memory errors - fuse: fix page dereference after free - bpf: Fix comment for helper bpf_current_task_under_cgroup() - p54: avoid accessing the data mapped to streaming DMA - [powerpc*] cxl: Rework error message for incompatible slots - RDMA/addr: Fix race with netevent_callback()/rdma_addr_cancel() - mtd: lpddr: Fix bad logic in print_drs_error - [arm*] serial: pl011: Fix lockdep splat when handling magic-sysrq interrupt - fscrypt: return -EXDEV for incompatible rename or link into encrypted dir - fscrypt: clean up and improve dentry revalidation - fscrypt: fix race allowing rename() and link() of ciphertext dentries - fs, fscrypt: clear DCACHE_ENCRYPTED_NAME when unaliasing directory - fscrypt: only set dentry_operations on ciphertext dentries - fscrypt: fix race where ->lookup() marks plaintext dentry as ciphertext - Revert "block: ratelimit handle_bad_sector() message" - xen/events: don't use chip_data for legacy IRQs - xen/events: avoid removing an event channel while handling it (CVE-2020-27675) - xen/events: add a proper barrier to 2-level uevent unmasking (CVE-2020-27673) - xen/events: fix race in evtchn_fifo_unmask() (CVE-2020-27673) - xen/events: add a new "late EOI" evtchn framework (CVE-2020-27673) - xen/blkback: use lateeoi irq binding (CVE-2020-27673) - xen/netback: use lateeoi irq binding (CVE-2020-27673) - xen/scsiback: use lateeoi irq binding (CVE-2020-27673) - xen/pvcallsback: use lateeoi irq binding (CVE-2020-27673) - xen/pciback: use lateeoi irq binding (CVE-2020-27673) - xen/events: switch user event channels to lateeoi model (CVE-2020-27673) - xen/events: use a common cpu hotplug hook for event channels (CVE-2020-27673) - xen/events: defer eoi in case of excessive number of events (CVE-2020-27673) - xen/events: block rogue events for some time (CVE-2020-27673) - RDMA/qedr: Fix memory leak in iWARP CM - ata: sata_nv: Fix retrieving of active qcs - futex: Fix incorrect should_fail_futex() handling - [powerpc*] powernv/smp: Fix spurious DBG() warning - mm: fix exec activate_mm vs TLB shootdown and lazy tlb switching race - [powerpc*] select ARCH_WANT_IRQS_OFF_ACTIVATE_MM - f2fs: add trace exit in exception path - f2fs: fix uninit-value in f2fs_lookup - f2fs: fix to check segment boundary during SIT page readahead - [armel,armhf] 8997/2: hw_breakpoint: Handle inexact watchpoint addresses - power: supply: bq27xxx: report "not charging" on all types - xfs: fix realtime bitmap/summary file truncation when growing rt volume - ath10k: fix VHT NSS calculation when STBC is enabled - media: videodev2.h: RGB BT2020 and HSV are always full range - [x86] usb: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart - media: tw5864: check status of tw5864_frameinterval_get - mmc: via-sdmmc: Fix data race bug - [arm64] topology: Stop using MPIDR for topology information - media: uvcvideo: Fix dereference of out-of-bound list iterator - USB: adutux: fix debugging - uio: free uio id after uio file node is freed - usb: xhci: omit duplicate actions when suspending a runtime suspended host. - [arm64] mm: return cpu_all_mask when node is NUMA_NO_NODE - xfs: don't free rt blocks when we're doing a REMAP bunmapi call - ACPI: Add out of bounds and numa_off protections to pxm_to_node() - drivers/net/wan/hdlc_fr: Correctly handle special skb->protocol values - btrfs: fix replace of seed device - md/bitmap: md_bitmap_get_counter returns wrong blocks - bnxt_en: Log unknown link speed appropriately. - [arm64] rpmsg: glink: Use complete_all for open states - [armhf] clk: ti: clockdomain: fix static checker warning - net: 9p: initialize sun_server.sun_path to have addr's value only when addr is valid - ext4: Detect already used quota file early - gfs2: add validation checks for size of superblock - cifs: handle -EINTR in cifs_setattr - [armhf] memory: emif: Remove bogus debugfs error handling - nbd: make the config put is called before the notifying the waiter - sgl_alloc_order: fix memory leak - nvme-rdma: fix crash when connect rejected - md/raid5: fix oops during stripe resizing - [x86,arm64] mmc: sdhci-acpi: AMDI0040: Set SDHCI_QUIRK2_PRESET_VALUE_BROKEN - [x86] perf/x86/amd/ibs: Don't include randomized bits in get_ibs_op_count() - [x86] perf/x86/amd/ibs: Fix raw sample data accumulation - media: uvcvideo: Fix uvc_ctrl_fixup_xu_info() not having any effect - fs: Don't invalidate page buffers in block_write_full_page() - NFS: fix nfs_path in case of a rename retry - ACPI: button: fix handling lid state changes when input device closed - [x86] ACPI / extlog: Check for RDMSR failure (Closes: #971058) - [x86] ACPI: video: use ACPI backlight for HP 635 Notebook - [x86] acpi-cpufreq: Honor _PSD table setting on new AMD CPUs - scsi: mptfusion: Fix null pointer dereferences in mptscsih_remove() - scsi: qla2xxx: Fix crash on session cleanup with unload - btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode - btrfs: improve device scanning messages - btrfs: reschedule if necessary when logging directory items - btrfs: send, recompute reference path after orphanization of a directory - btrfs: use kvzalloc() to allocate clone_roots in btrfs_ioctl_send() - btrfs: cleanup cow block on error - btrfs: fix use-after-free on readahead extent after failure to create it - usb: xhci: Workaround for S3 issue on AMD SNPS 3.0 xHC - [arm64,armhf] usb: dwc3: ep0: Fix ZLP for OUT ep0 requests - [arm64,armhf] usb: dwc3: gadget: Check MPS of the request length - [arm64,armhf] usb: dwc3: core: add phy cleanup for probe error handling - [arm64,armhf] usb: dwc3: core: don't trigger runtime pm when remove driver - usb: cdc-acm: fix cooldown mechanism - [x86] usb: typec: tcpm: reset hard_reset_count for any disconnect - [x86] drm/i915: Force VT'd workarounds when running as a guest OS - vt: keyboard, simplify vt_kdgkbsent - vt: keyboard, extend func_buf_lock to readers (CVE-2020-25656) - HID: wacom: Avoid entering wacom_wac_pen_report for pad / battery - udf: Fix memory leak when mounting - [powerpc*] drmem: Make lmb_size 64 bit - [s390x] stp: add locking to sysfs functions - [powerpc*] rtas: Restrict RTAS requests from userspace (CVE-2020-27777) - [powerpc*] Warn about use of smt_snooze_delay - [powerpc*] powernv/elog: Fix race while processing OPAL error log event. - [powerpc*] Fix undetected data corruption with P9N DD2.1 VSX CI load emulation - NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag - NFSD: Add missing NFSv2 .pc_func methods - ubifs: dent: Fix some potential memory leaks while iterating entries - perf python scripting: Fix printable strings in python3 scripts - ubi: check kthread_should_stop() after the setting of task state - [armhf] i2c: imx: Fix external abort on interrupt in exit paths - drm/amdgpu: don't map BO in reserved region - ceph: promote to unsigned long long before shifting - libceph: clear con->out_msg on Policy::stateful_server faults - 9P: Cast to loff_t before multiplying - ring-buffer: Return 0 on success from ring_buffer_resize() - [amd64] vringh: fix __vringh_iov() when riov and wiov are different - ext4: fix leaking sysfs kobject after failed mount - ext4: fix error handling code in add_new_gdb - ext4: fix invalid inode checksum - drm/ttm: fix eviction valuable range check. - tty: make FONTX ioctl use the tty pointer they were actually passed (CVE-2020-25668) - cachefiles: Handle readpage error correctly - device property: Keep secondary firmware node secondary by type - device property: Don't clear secondary pointer for shared primary firmware node - [arm64] KVM: Fix AArch32 handling of DBGD{CCINT,SCRext} and DBGVCR - [x86] staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice - [mips*] staging: octeon: repair "fixed-link" support - [mips*] staging: octeon: Drop on uncorrectable alignment or FCS error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.156 - [x86] drm/i915: Break up error capture compression loops with cond_resched() - tipc: fix use-after-free in tipc_bcast_get_mode - ptrace: fix task_join_group_stop() for the case when current is traced - [arm64] cadence: force nonlinear buffers to be cloned - net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition - sctp: Fix COMM_LOST/CANT_STR_ASSOC err reporting on big-endian platforms - [arm64,armhf] sfp: Fix error handing in sfp_probe() - blktrace: fix debugfs use after free (CVE-2019-19770) - btrfs: extent_io: Kill the forward declaration of flush_write_bio - btrfs: extent_io: Move the BUG_ON() in flush_write_bio() one level up - Revert "btrfs: flush write bio if we loop in extent_write_cache_pages" - btrfs: flush write bio if we loop in extent_write_cache_pages - btrfs: extent_io: Handle errors better in extent_write_full_page() - btrfs: extent_io: Handle errors better in btree_write_cache_pages() - btrfs: extent_io: add proper error handling to lock_extent_buffer_for_io() - Btrfs: fix unwritten extent buffers and hangs on future writeback attempts - btrfs: Don't submit any btree write bio if the fs has errors (CVE-2019-19039, CVE-2019-19377) - btrfs: Move btrfs_check_chunk_valid() to tree-check.[ch] and export it - btrfs: tree-checker: Make chunk item checker messages more readable - btrfs: tree-checker: Make btrfs_check_chunk_valid() return EUCLEAN instead of EIO - btrfs: tree-checker: Check chunk item at tree block read time - btrfs: tree-checker: Verify dev item - btrfs: tree-checker: Fix wrong check on max devid - btrfs: tree-checker: Enhance chunk checker to validate chunk profile (CVE-2019-19816) - btrfs: tree-checker: Verify inode item - btrfs: tree-checker: fix the error message for transid error - Fonts: Replace discarded const qualifier - ALSA: usb-audio: Add implicit feedback quirk for Zoom UAC-2 - ALSA: usb-audio: add usb vendor id as DSD-capable for Khadas devices - ALSA: usb-audio: Add implicit feedback quirk for Qu-16 - ALSA: usb-audio: Add implicit feedback quirk for MODX - mm: mempolicy: fix potential pte_unmap_unlock pte error - kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled - mm: always have io_remap_pfn_range() set pgprot_decrypted() - gfs2: Wake up when sd_glock_disposal becomes zero - ring-buffer: Fix recursion protection transitions between interrupt context - ftrace: Fix recursion check for NMI test - ftrace: Handle tracing when switching between context - tracing: Fix out of bounds write in get_trace_buf - futex: Handle transient "ownerless" rtmutex state correctly - [amd64] x86/kexec: Use up-to-dated screen_info copy to fill boot params - of: Fix reserved-memory overlap detection - blk-cgroup: Fix memleak on error path - blk-cgroup: Pre-allocate tree node on blkg_conf_prep - scsi: core: Don't start concurrent async scan on same host - vsock: use ns_capable_noaudit() on socket create - [arm*] drm/vc4: drv: Add error handding for bind - [amd64,arm64] ACPI: NFIT: Fix comparison to '-ENXIO' - vt: Disable KD_FONT_OP_COPY (CVE-2020-28974) - fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent - USB: serial: cyberjack: fix write-URB completion race - USB: serial: option: add Quectel EC200T module support - USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 - USB: serial: option: add Telit FN980 composition 0x1055 - USB: Add NO_LPM quirk for Kingston flash drive - PM: runtime: Resume the device earlier in __device_release_driver() - perf/core: Fix a memory leak in perf_event_parse_addr_filter() (CVE-2020-25704) - tools: perf: Fix build error in v4.19.y - [arm64,armhf] net: dsa: read mac address from DT for slave device - [arm64] dts: marvell: espressobin: Add ethernet switch aliases https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.157 - [x86] powercap: restrict energy meter to root access (CVE-2020-8694) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.158 - regulator: defer probe when trying to get voltage from unresolved supply - time: Prevent undefined behaviour in timespec64_to_ns() - nbd: don't update block size after device is started - [arm64,armhf] usb: dwc3: gadget: Continue to process pending requests - [arm64,armhf] usb: dwc3: gadget: Reclaim extra TRBs after request completion - btrfs: sysfs: init devices outside of the chunk_mutex - btrfs: reschedule when cloning lots of extents - [x86] hv_balloon: disable warning when floor reached - net: xfrm: fix a race condition during allocing spi - xfs: set xefi_discard when creating a deferred agfl free log intent item - netfilter: ipset: Update byte and packet counters regardless of whether they match - perf tools: Add missing swap for ino_generation - [x86] ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() - can: rx-offload: don't call kfree_skb() from IRQ context - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() - can: peak_usb: add range checking in decode operations - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on - [armhf] can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A - xfs: flush new eof page on truncate to avoid post-eof corruption - [arm64,x86] tpm: efi: Don't create binary_bios_measurements file for an empty log - Btrfs: fix missing error return if writeback for extent buffer never started - ath9k_htc: Use appropriate rs_datalen type - netfilter: use actual socket sk rather than skb sk when routing harder - gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free - gfs2: Add missing truncate_inode_pages_final for sd_aspace - gfs2: check for live vs. read-only file system in gfs2_fitrim - scsi: hpsa: Fix memory leak in hpsa_init_one() - drm/amdgpu: perform srbm soft reset always on SDMA resume - mac80211: fix use of skb payload instead of header - cfg80211: regulatory: Fix inconsistent format argument - scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() - [s390x] smp: move rcu_cpu_starting() earlier - [x86] tpm_tis: Disable interrupts on ThinkPad T490s - tick/common: Touch watchdog in tick_unfreeze() on all CPUs - [x86] pinctrl: intel: Set default bias in case no particular value given - [armel,armhf] 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template - nbd: fix a block_device refcount leak in nbd_release - xfs: fix flags argument to rmap lookup when converting shared file rmaps - xfs: fix rmap key and record comparison functions - lan743x: fix "BUG: invalid wait context" when setting rx mode - xfs: fix a missing unlock on error in xfs_fs_map_blocks - of/address: Fix of_node memory leak in of_dma_is_coherent - [i386] cosa: Add missing kfree in error path of cosa_write - perf: Fix get_recursion_context() - ext4: correctly report "not supported" for {usr,grp}jquota when !CONFIG_QUOTA - ext4: unlock xattr_sem properly in ext4_inline_data_truncate() - btrfs: dev-replace: fail mount if we don't have replace item with target device - [x86] thunderbolt: Fix memory leak if ida_simple_get() fails in enumerate_services() - [x86] thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() - uio: Fix use-after-free in uio_unregister_device() - usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode - futex: Don't enable IRQs unconditionally in put_pi_state() - ocfs2: initialize ip_next_orphan - btrfs: fix potential overflow in cluster_pages_for_defrag on 32bit arch - selinux: Fix error return code in sel_ib_pkey_sid_slow() - gpio: pcie-idio-24: Fix irq mask when masking - gpio: pcie-idio-24: Fix IRQ Enable Register value - gpio: pcie-idio-24: Enable PEX8311 interrupts - don't dump the threads that had been already exiting when zapped. - [x86] drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[] - pinctrl: amd: use higher precision for 512 RtcClk - pinctrl: amd: fix incorrect way to disable debounce filter - swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb" - IPv6: Set SIT tunnel hard_header_len to zero - [s390x] net/af_iucv: fix null pointer dereference on shutdown - net: Update window_clamp if SOCK_RCVBUF is set - tipc: fix memory leak in tipc_topsrv_start() - vrf: Fix fast path output packet handling with async Netfilter rules - r8169: fix potential skb double free in an error path - random32: make prandom_u32() output unpredictable - [x86] speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP - perf/core: Fix race in the perf_mmap_close() function (CVE-2020-14351) - Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint" - reboot: fix overflow parsing reboot cpu number - net: sch_generic: fix the missing new qdisc assignment bug - Convert trailing spaces and periods in path components https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.159 - [powerpc*] 64s: move some exception handlers out of line - [powerpc*] 64s: flush L1D on kernel entry (CVE-2020-4788) - [powerpc*] Add a framework for user access tracking - [powerpc*] Implement user_access_begin and friends - [powerpc*] Fix __clear_user() with KUAP enabled - [powerpc*] uaccess: Evaluate macro arguments once, before user access is allowed - [powerpc*] 64s: flush L1D after user accesses (CVE-2020-4788) - Revert "perf cs-etm: Move definition of 'traceid_list' global variable from header file" - Input: sunkbd - avoid use-after-free in teardown paths (CVE-2020-25669) - mac80211: always wind down STA state - can: proc: can_remove_proc(): silence remove_proc_entry warning - [x86] KVM: x86: clflushopt should be treated as a no-op by emulation - [arm64] ACPI: GED: fix -Wformat https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.160 - ah6: fix error return code in ah6_input() - atm: nicstar: Unmap DMA on send error - bnxt_en: read EEPROM A2h address using page 0 - devlink: Add missing genlmsg_cancel() in devlink_nl_sb_port_pool_fill() - inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill() - lan743x: fix issue causing intermittent kernel log warnings - lan743x: prevent entire kernel HANG on open, for some platforms - net: b44: fix error return code in b44_init_one() - net: bridge: add missing counters to ndo_get_stats64 callback - [arm64,armhf] net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 - net: Have netpoll bring-up DSA management interface - net/mlx4_core: Fix init_hca fields offset - page_frag: Recover from memory pressure - qed: fix error return code in qed_iwarp_ll2_start() - qlcnic: fix error return code in qlcnic_83xx_restart_hw() - sctp: change to hold/put transport for proto_unreach_timer - tcp: only postpone PROBE_RTT if RTT is < current min_rtt estimate - [arm64,armhf] net/mlx5: Disable QoS when min_rates on all VFs are zero - net: usb: qmi_wwan: Set DTR quirk for MR400 - [arm64,armhf] pinctrl: rockchip: enable gpio pclk for rockchip_gpio_to_irq - scsi: ufs: Fix unbalanced scsi_block_reqs_cnt caused by ufshcd_hold() - [x86] ACPI: button: Add DMI quirk for Medion Akoya E2228T - [arm64] psci: Avoid printing in cpu_psci_cpu_die() - vfs: remove lockdep bogosity in __sb_start_write - [arm64] dts: allwinner: a64: Pine64 Plus: Fix ethernet node - [arm64] dts: allwinner: h5: OrangePi PC2: Fix ethernet node - [armhf] dts: sun8i: r40: bananapi-m2-ultra: Fix ethernet node - [armhf] Revert "arm: sun8i: orangepi-pc-plus: Set EMAC activity LEDs to active high" - [armhf] dts: sun8i: h3: orangepi-plus2e: Enable RGMII RX/TX delay on Ethernet PHY - [armhf] dts: sun8i: a83t: Enable both RGMII RX/TX delay on Ethernet PHY - [arm64] dts: allwinner: a64: bananapi-m64: Enable RGMII RX/TX delay on PHY - [mips*] export has_transparent_hugepage() for modules - [arm64] dts: allwinner: h5: OrangePi Prime: Fix ethernet node - perf lock: Don't free "lock_seq_stat" if read_count isn't zero - ip_tunnels: Set tunnel option flag when tunnel metadata is present - can: af_can: prevent potential access of uninitialized member in can_rcv() - can: af_can: prevent potential access of uninitialized member in canfd_rcv() - can: dev: can_restart(): post buffer from the right context - can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() - can: peak_usb: fix potential integer overflow on shift of a int - [arm64] ASoC: qcom: lpass-platform: Fix memory leak - [arm64,armhf] drm/sun4i: dw-hdmi: fix error return code in sun8i_dw_hdmi_bind() - can: kvaser_usb: kvaser_usb_hydra: Fix KCAN bittiming limits - [armhf] regulator: ti-abb: Fix array out of bound read access on the first transition - xfs: revert "xfs: fix rmap key and record comparison functions" - [amd64] efi/x86: Free efi_pgd with free_pages() - libfs: fix error cast of negative value in simple_attr_write() - speakup: Do not let the line discipline be used several times (CVE-2020-28941) - ALSA: firewire: Clean up a locking issue in copy_resp_to_buf() - ALSA: usb-audio: Add delay quirk for all Logitech USB devices - ALSA: ctl: fix error path at adding user-defined element set - ALSA: mixart: Fix mutex deadlock - ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220) - [armhf] tty: serial: imx: keep console clocks always on - [arm64,armhf,x86] efivarfs: fix memory leak in efivarfs_create() - [arm64,x86] staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids - ext4: fix bogus warning in ext4_update_dx_flag() - [x86] iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum - [x86] iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode - [armhf] regulator: pfuze100: limit pfuze-support-disable-sw to pfuze{100,200} - regulator: fix memory leak with repeated set_machine_constraints() - regulator: avoid resolve_supply() infinite recursion - regulator: workaround self-referent regulators - mac80211: minstrel: remove deferred sampling code - mac80211: minstrel: fix tx status processing corner case - mac80211: free sta in sta_info_insert_finish() on errors - [s390x] cpum_sf.c: fix file permission for cpum_sfb_size - [s390x] dasd: fix null pointer dereference for ERP requests - ptrace: Set PF_SUPERPRIV when checking capability - seccomp: Set PF_SUPERPRIV when checking capability - [x86] microcode/intel: Check patch signature before saving microcode for early loading - mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() . [ Salvatore Bonaccorso ] * net: Enable NET_SWITCHDEV; disable on armel/marvell (Closes: #949863) * Bump ABI to 13 * [rt] Update to 4.19.152-rt65 * [rt] Refresh "mm: Protect activate_mm() by preempt_[disable&enable]_rt()" * [rt] Refresh "kthread: convert worker lock to raw spinlock" * [rt] Refresh "signals: Allow rt tasks to cache one sigqueue struct" * [rt] Refresh "tpm_tis: fix stall after iowrite*()s" * [rt] Refresh "futex: Delay deallocation of pi_state" * [rt] Refresh "futex: Make the futex_hash_bucket spinlock_t again" * [rt] Update to 4.19.152-rt66 - mm/memcontrol: Disable preemption in __mod_memcg_lruvec_state() - ptrace: fix ptrace_unfreeze_traced() race with rt-lock * [rt] Update to 4.19.160-rt69 . [ Noah Meyerhans ] * Backport upstream fix for PCI bridge firmware configuration preservation (Closes: #968623) . [ John L. Villalovos ] * Backport support for USB Host Controllers with local memory to avoid crashes. In particular the Renesas USB 3.0 controller (PD720201/PD720202) which is used on the Ampere's Mt Jade platform which is part of their Altra product line: - lib/genalloc: add gen_pool_dma_zalloc() for zeroed DMA allocations - USB: use genalloc for USB HCs with local memory - USB: drop HCD_LOCAL_MEM flag - usb: don't create dma pools for HCDs with a localmem_pool - usb: add a hcd_uses_dma helper - usb: host: ohci-sm501: init genalloc for local memory - usb/hcd: Fix a NULL vs IS_ERR() bug in usb_hcd_setup_local_mem() * [arm64] config/arm64/config: Set NODES_SHIFT to 4 . [ Yves-Alexis Perez ] * usbnet: ipheth: fix connectivity with iOS 14 linux (4.19.152-1) buster-security; urgency=high . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.147 - [arm64,armhf] dsa: Allow forwarding of redirected IGMP traffic - scsi: qla2xxx: Update rscn_rcvd field to more meaningful scan_needed - scsi: qla2xxx: Move rport registration out of internal work_list - scsi: qla2xxx: Reduce holding sess_lock to prevent CPU lock-up - net: handle the return value of pskb_carve_frag_list() correctly - [x86] hv_netvsc: Remove "unlikely" from netvsc_select_queue - NFSv4.1 handle ERR_DELAY error reclaiming locking state on delegation recall - scsi: pm8001: Fix memleak in pm8001_exec_internal_task_abort - scsi: libfc: Fix for double free() - scsi: lpfc: Fix FLOGI/PLOGI receive race condition in pt2pt discovery - [arm64] regulator: pwm: Fix machine constraints application - NFS: Zero-stateid SETATTR should first return delegation - SUNRPC: stop printk reading past end of string - nvme-fc: cancel async events before freeing event struct - nvme-rdma: cancel async events before freeing event struct - f2fs: fix indefinite loop scanning for free nid - f2fs: Return EOF on unaligned end of file DIO read - i2c: algo: pca: Reapply i2c bus settings after reset - spi: Fix memory leak on splited transfers - [arm64,armhf] clk: rockchip: Fix initialization of mux_pll_src_4plls_p - [arm64] ASoC: qcom: Set card->owner to avoid warnings - [x86] Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload - fbcon: Fix user font detection test at fbcon_resize(). - USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin notebook - USB: UAS: fix disconnect by unplugging a hub - usblp: fix race between disconnect() and read() - [x86] i2c: i801: Fix resume bug - Revert "ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO" - percpu: fix first chunk size calculation for populated bitmap - Input: trackpoint - add new trackpoint variant IDs - serial: 8250_pci: Add Realtek 816a and 816b - ehci-hcd: Move include to keep CRC stable - [powerpc*] dma: Fix dma_map_ops::get_required_mask https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.148 - af_key: pfkey_dump needs parameter validation - KVM: fix memory leak in kvm_io_bus_unregister_dev() - kprobes: fix kill kprobe which has been marked as gone - mm/thp: fix __split_huge_pmd_locked() for migration PMD - cxgb4: Fix offset when clearing filter byte counters - geneve: add transport ports in route lookup for geneve (CVE-2020-25645) - [x86,ppc64el] hdlc_ppp: add range checks in ppp_cp_parse_cr() (CVE-2020-25643) - ip: fix tos reflection in ack and reset packets - ipv6: avoid lockdep issue in fib6_del() - net: DCB: Validate DCB_ATTR_DCB_BUFFER argument - net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC - net: sch_generic: aviod concurrent reset and enqueue op for lockless qdisc - nfp: use correct define to return NONE fec - tipc: Fix memory leak in tipc_group_create_member() - tipc: fix shutdown() of connection oriented socket - tipc: use skb_unshare() instead in tipc_buf_append() - bnxt_en: return proper error codes in bnxt_show_temp - bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex. - net: phy: Avoid NPD upon phy_detach() when driver is unbound - net: add __must_check to skb_put_padto() - ipv4: Update exception handling for multipath routes via same device - kbuild: add OBJSIZE variable for the size tool - mm: memcg: fix memcg reclaim soft lockup - tcp_bbr: refactor bbr_target_cwnd() for general inflight provisioning - tcp_bbr: adapt cwnd based on ack aggregation estimation - serial: 8250: Avoid error message on reprobe https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.149 - selinux: allow labeling before policy is loaded - media: mc-device.c: fix memleak in media_device_register_entity - dma-fence: Serialise signal enabling (dma_fence_enable_sw_signaling) - ath10k: fix array out-of-bounds access - ath10k: fix memory leak for tpc_stats_final - mm: fix double page fault on arm64 if PTE_AF is cleared - scsi: aacraid: fix illegal IO beyond last LBA - [x86] gma/gma500: fix a memory disclosure bug due to uninitialized bytes - [armel,armhf] ASoC: kirkwood: fix IRQ error handling - [amd64] arch/x86/lib/usercopy_64.c: fix __copy_user_flushcache() cache writeback - [x86] ioapic: Unbreak check_timer() - ALSA: usb-audio: Add delay quirk for H570e USB headsets - ALSA: hda/realtek - Couldn't detect Mic if booting with headset plugged - ALSA: hda/realtek: Enable front panel headset LED on Lenovo ThinkStation P520 - lib/string.c: implement stpcpy - [armhf] PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out - [x86] scsi: fnic: fix use after free - scsi: lpfc: Fix kernel crash at lpfc_nvme_info_show during remote port bounce - net: silence data-races on sk_backlog.tail - [armhf] clk/ti/adpll: allocate room for terminating null - mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of cfi_amdstd_setup() - mfd: mfd-core: Protect against NULL call-back function pointer - [x86] tpm_crb: fix fTPM on AMD Zen+ CPUs - tracing: Adding NULL checks for trace_array descriptor pointer - bcache: fix a lost wake-up problem caused by mca_cannibalize_lock - RDMA/qedr: Fix potential use after free - RDMA/i40iw: Fix potential use after free - fix dget_parent() fastpath race - xfs: fix attr leaf header freemap.size underflow - RDMA/iw_cgxb4: Fix an error handling path in 'c4iw_connect()' - ubi: Fix producing anchor PEBs - mmc: core: Fix size overflow for mmc partitions - gfs2: clean up iopen glock mess in gfs2_create_inode - scsi: pm80xx: Cleanup command when a reset times out - CIFS: Properly process SMB3 lease breaks - ASoC: max98090: remove msleep in PLL unlocked workaround - kernel/sys.c: avoid copying possible padding bytes in copy_to_user - [arm64,armhf] KVM: vgic: Fix potential double free dist->spis in __kvm_vgic_destroy() - xfs: fix log reservation overflows when allocating large rt extents - neigh_stat_seq_next() should increase position index - rt_cpu_seq_next should increase position index - ipv6_route_seq_next should increase position index - seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier - sctp: move trace_sctp_probe_path into sctp_outq_sack - [arm64,x86] ACPI: EC: Reference count query handlers under lock - scsi: ufs: Make ufshcd_add_command_trace() easier to read - scsi: ufs: Fix a race condition in the tracing code - [s390x] /cpum_sf: Use kzalloc and minor changes - [powerpc*] eeh: Only dump stack once if an MMIO loop is detected - Bluetooth: btrtl: Use kvmalloc for FW allocations - [armel,armhf] ARM: 8948/1: Prevent OOB access in stacktrace - ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter - ceph: ensure we have a new cap before continuing in fill_inode - Bluetooth: Fix refcount use-after-free issue - mm/swapfile.c: swap_next should increase position index - mm: pagewalk: fix termination condition in walk_pte_range() - Bluetooth: prefetch channel before killing sock - KVM: fix overflow of zero page refcount with ksm running - ALSA: hda: Clear RIRB status before reading WP - skbuff: fix a data race in skb_queue_len() - audit: CONFIG_CHANGE don't log internal bookkeeping as an event - selinux: sel_avc_get_stat_idx should increase position index - scsi: lpfc: Fix RQ buffer leakage when no IOCBs available - scsi: lpfc: Fix coverity errors in fmdi attribute handling - [armhf] drm/omap: fix possible object reference leak - crypto: chelsio - This fixes the kernel panic which occurs during a libkcapi test - mt76: clear skb pointers from rx aggregation reorder buffer during cleanup - ALSA: usb-audio: Don't create a mixer element with bogus volume range - [s390x] perf test: Fix test trace+probe_vfs_getname.sh on s390 - RDMA/rxe: Fix configuration of atomic queue pair attributes - [x86] KVM: x86: fix incorrect comparison in trace event - [x86] pkeys: Add check for pkey "overflow" - bpf: Remove recursion prevention from rcu free callback - [arm64,armhf] dmaengine: tegra-apb: Prevent race conditions on channel's freeing - random: fix data races at timer_rand_state - [arm64] bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host removal - media: go7007: Fix URB type for interrupt handling - Bluetooth: guard against controllers sending zero'd events - timekeeping: Prevent 32bit truncation in scale64_check_overflow() - ext4: fix a data race at inode->i_disksize - mm: avoid data corruption on CoW fault into PFN-mapped VMA - drm/amdgpu: increase atombios cmd timeout - ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read - scsi: aacraid: Disabling TM path and only processing IOP reset - Bluetooth: L2CAP: handle l2cap config request during open state - media: tda10071: fix unsigned sign extension overflow - xfs: don't ever return a stale pointer from __xfs_dir3_free_read - xfs: mark dir corrupt when lookup-by-hash fails - ext4: mark block bitmap corrupted when found instead of BUGON - nfsd: Don't add locks to closed or closing open stateids - RDMA/cm: Remove a race freeing timewait_info - [powerpc*] KVM: PPC: Book3S HV: Treat TM-related invalid form instructions on P9 like the valid ones - [arm64] drm/msm: fix leaks if initialization fails - [arm64] drm/msm/a5xx: Always set an OPP supported hardware value - serial: 8250_port: Don't service RX FIFO if throttled - [powerpc*] cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_work_fn - nvme-multipath: do not reset on unknown status - nvme: Fix controller creation races with teardown flow - RDMA/rxe: Set sys_image_guid to be aligned with HW IB devices - scsi: hpsa: correct race condition in offload enabled - SUNRPC: Fix a potential buffer overflow in 'svc_print_xprts()' - svcrdma: Fix leak of transport addresses - PCI: Use ioremap(), not phys_to_virt() for platform ROM - ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len - ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra endpoint descriptor - PCI: pciehp: Fix MSI interrupt race - NFS: Fix races nfs_page_group_destroy() vs nfs_destroy_unlinked_subrequests() - mm/kmemleak.c: use address-of operator on section symbols - mm/filemap.c: clear page error before actual read - mm/vmscan.c: fix data races using kswapd_classzone_idx - nvmet-rdma: fix double free of rdma queue - mm/mmap.c: initialize align_offset explicitly for vm_unmapped_area - scsi: qedi: Fix termination timeouts in session logout - [arm64] serial: uartps: Wait for tx_empty in console setup - [x86] KVM: Remove CREATE_IRQCHIP/SET_PIT2 race - bdev: Reduce time holding bd_mutex in sync in blkdev_close() - [x86] drivers: char: tlclk.c: Avoid data race between init and interrupt handler - [arm64] KVM: vgic-its: Fix memory leak on the error path of vgic_add_lpi() - net: openvswitch: use u64 for meter bucket - scsi: aacraid: Fix error handling paths in aac_probe_one() - staging:r8188eu: avoid skb_clone for amsdu to msdu conversion - [arm64] cpufeature: Relax checks for AArch32 support at EL[0-2] - dt-bindings: sound: wm8994: Correct required supplies based on actual implementaion - atm: fix a memory leak of vcc->user_back - Bluetooth: Handle Inquiry Cancel error after Inquiry Complete - tipc: fix memory leak in service subscripting - [armhf] tty: serial: samsung: Correct clock selection logic - ALSA: hda: Fix potential race in unsol event handler - [powerpc*] traps: Make unrecoverable NMIs die instead of panic - fuse: don't check refcount after stealing page - [powerpc*] scsi: cxlflash: Fix error return code in cxlflash_probe() - [arm64] cpufeature: Drop TraceFilt feature exposure from ID_DFR0 register - e1000: Do not perform reset in reset_task if we are already down - drm/nouveau/debugfs: fix runtime pm imbalance on error - drm/nouveau: fix runtime pm imbalance on error - drm/nouveau/dispnv50: fix runtime pm imbalance on error - printk: handle blank console arguments passed in. - [arm64,armhf] usb: dwc3: Increase timeout for CmdAct cleared by device controller - btrfs: don't force read-only after error in drop snapshot - vfio/pci: fix memory leaks of eventfd ctx - perf trace: Fix the selection for architectures to generate the errno name tables - [arm64,armhf] wlcore: fix runtime pm imbalance in wl1271_tx_work - [arm64,armhf] wlcore: fix runtime pm imbalance in wlcore_regdomain_config - [arm64,armhf] PCI: tegra: Fix runtime PM imbalance on error - ceph: fix potential race in ceph_check_caps - mm/swap_state: fix a data race in swapin_nr_pages - [armel] mtd: parser: cmdline: Support MTD names containing one or more colons - [x86] speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline - vfio/pci: Clear error and request eventfd ctx after releasing - cifs: Fix double add page to memcg when cifs_readpages - nvme: fix possible deadlock when I/O is blocked - scsi: libfc: Handling of extra kref - scsi: libfc: Skip additional kref updating work event - vfio/pci: fix racy on error and request eventfd ctx - btrfs: qgroup: fix data leak caused by race between writeback and truncate - net: openvswitch: use div_u64() for 64-by-32 divisions - nvme: explicitly update mpath disk capacity on revalidation - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1 - [s390x] init: add missing __init annotations - lockdep: fix order in trace_hardirqs_off_caller() - [amd64] drm/amdkfd: fix a memory leak issue - i2c: core: Call i2c_acpi_install_space_handler() before i2c_acpi_register_devices() - mwifiex: Increase AES key storage size to 256 bits - batman-adv: bla: fix type misuse for backbone_gw hash indexing - atm: eni: fix the missed pci_disable_device() for eni_init_one() - batman-adv: mcast/TT: fix wrongly dropped or rerouted packets - mac802154: tx: fix use-after-free - bpf: Fix clobbering of r2 in bpf_gen_ld_abs - [arm*] drm/vc4/vc4_hdmi: fill ASoC card owner - net: qed: RDMA personality shouldn't fail VF load - batman-adv: Add missing include for in_interrupt() - batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh - batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh - bpf: Fix a rcu warning for bpffs map pretty-print - [x86] ALSA: asihpi: fix iounmap in error handler - regmap: fix page selection for noinc reads - [x86] KVM: Reset MMU context if guest toggles CR4.SMAP or CR4.PKE - [x86] KVM: SVM: Add a dedicated INVD intercept routine - tracing: fix double free - [s390x] dasd: Fix zero write for FBA devices - kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() - mm, THP, swap: fix allocating cluster for swapfile by mistake - [s390x] zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl - ata: define AC_ERR_OK - ata: make qc_prep return ata_completion_errors - ata: sata_mv, avoid trigerrable BUG_ON - [arm64] KVM: Assume write fault on S1PTW permission fault on instruction fetch https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.150 - mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS models - USB: gadget: f_ncm: Fix NDP16 datagram validation - vsock/virtio: use RCU to avoid use-after-free on the_virtio_vsock - vsock/virtio: stop workers during the .remove() - vsock/virtio: add transport parameter to the virtio_transport_reset_no_sock() - net: virtio_vsock: Enhance connection semantics - Input: i8042 - add nopnp quirk for Acer Aspire 5 A515 - ftrace: Move RCU is watching check after recursion check - drm/amdgpu: restore proper ref count in amdgpu_display_crtc_set_config - drivers/net/wan/hdlc_fr: Add needed_headroom for PVC devices - [armhf] drm/sun4i: mixer: Extend regmap max_register - net: dec: de2104x: Increase receive ring size for Tulip - rndis_host: increase sleep time in the query-response loop - nvme-core: get/put ctrl and transport module in nvme_dev_open/release() - [x86,ppc64el] drivers/net/wan/hdlc: Set skb->protocol before transmitting - mac80211: do not allow bigger VHT MPDUs than the hardware supports - nvme-fc: fail new connections to a deleted host or remote port - [armhf] pinctrl: mvebu: Fix i2c sda definition for 98DX3236 - nfs: Fix security label length not being reset - [armhf] clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED - Input: trackpoint - enable Synaptics trackpoints - random32: Restore __latent_entropy attribute on net_rand_state - mm: replace memmap_context by meminit_context - mm: don't rely on system state to detect hot-plug operations - epoll: do not insert into poll queues until all sanity checks are done - epoll: replace ->visited/visited_list with generation count - epoll: EPOLL_CTL_ADD: close the race in decision to take fast path - ep_create_wakeup_source(): dentry name can change under you... - netfilter: ctnetlink: add a range check for l3/l4 protonum (CVE-2020-25211) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.151 - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts - fbcon: Fix global-out-of-bounds read in fbcon_get_font() - net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key() - drm/nouveau/mem: guard against NULL pointer access in mem_del - usermodehelper: reset umask to default before executing user process - [x86] platform/x86: intel-vbtn: Fix SW_TABLET_MODE always reporting 1 on the HP Pavilion 11 x360 - [x86] platform/x86: thinkpad_acpi: initialize tp_nvram_state variable - [x86] platform/x86: intel-vbtn: Switch to an allow-list for SW_TABLET_MODE reporting - [x86] platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse - driver core: Fix probe_count imbalance in really_probe() - [x86] i2c: i801: Exclude device from suspend direct complete optimization - [armhf] mtd: rawnand: sunxi: Fix the probe error path - nvme-core: put ctrl ref when module ref get fail - macsec: avoid use-after-free in macsec_handle_frame() - mm/khugepaged: fix filemap page_to_pgoff(page) != offset - xfrmi: drop ignore_df check before updating pmtu - cifs: Fix incomplete memory allocation on setxattr path - [arm64,armhf] i2c: meson: fix clock setting overwrite - [arm64,armhf] i2c: meson: fixup rate calculation with filter delay - sctp: fix sctp_auth_init_hmacs() error path - team: set dev->needed_headroom in team_setup_by_port() - net: team: fix memory leak in __team_options_register - openvswitch: handle DNAT tuple collision - drm/amdgpu: prevent double kfree ttm->sg - xfrm: clone XFRMA_SET_MARK in xfrm_do_migrate - xfrm: clone XFRMA_REPLAY_ESN_VAL in xfrm_do_migrate - xfrm: clone XFRMA_SEC_CTX in xfrm_do_migrate - xfrm: clone whole liftime_cur structure in xfrm_do_migrate - [arm64,armhf] net: stmmac: removed enabling eee in EEE set callback - xfrm: Use correct address family in xfrm_state_find - bonding: set dev->needed_headroom in bond_setup_by_slave() - net: usb: ax88179_178a: fix missing stop entry in driver_info - net/mlx5e: Fix VLAN cleanup flow - net/mlx5e: Fix VLAN create flow - rxrpc: Fix rxkad token xdr encoding - rxrpc: Downgrade the BUG() for unsupported token type in rxrpc_read() - rxrpc: Fix some missing _bh annotations on locking conn->state_lock - rxrpc: Fix server keyring leak - perf: Fix task_function_call() error handling - mmc: core: don't set limits.discard_granularity as 0 - mm: khugepaged: recalculate min_free_kbytes after memory hotplug as expected by khugepaged - net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.152 - Bluetooth: A2MP: Fix not initializing all members (CVE-2020-12352) - Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel (CVE-2020-12351) - Bluetooth: MGMT: Fix not checking if BT_HS is enabled - Bluetooth: Consolidate encryption handling in hci_encrypt_cfm - Bluetooth: Fix update of connection state in `hci_encrypt_cfm` - Bluetooth: Disconnect if E0 is used for Level 4 - media: usbtv: Fix refcounting mixup - USB: serial: option: add Cellient MPL200 card - USB: serial: option: Add Telit FT980-KS composition - [x86] staging: comedi: check validity of wMaxPacketSize of usb endpoints found - USB: serial: pl2303: add device-id for HP GC device - USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters - reiserfs: Initialize inode keys properly - reiserfs: Fix oops during mount - [arm*] drivers/net/ethernet/marvell/mvmdio.c: Fix non OF case (Closes: #908712) - [x86] crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.148-rt64 * Bump ABI to 12 * Revert "perf cs-etm: Move definition of 'traceid_list' global variable from header file" linux-latest (105+deb10u8) buster; urgency=medium . * Update to 4.19.0-13 linux-latest (105+deb10u7) buster-security; urgency=high . * Update to 4.19.0-12 linux-signed-amd64 (4.19.160+2) buster; urgency=medium . * Sign kernel from linux 4.19.160-2 . * net: Disable MLX5_ESWITCH on mips and mipsel (Fixes FTBFS) linux-signed-amd64 (4.19.160+1) buster; urgency=medium . * Sign kernel from linux 4.19.160-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.153 - [ppc64el] ibmveth: Switch order of ibmveth_helper calls. - [ppc64el] ibmveth: Identify ingress large send packets. - ipv4: Restore flowi4_oif update before call to xfrm_lookup_route - mlx4: handle non-napi callers to napi_poll - [armhf] net: fec: Fix phy_device lookup for phy_reset_after_clk_enable() - [armhf] net: fec: Fix PHY init after phy_reset_after_clk_enable() - net: fix pos incrementment in ipv6_route_seq_next - net/smc: fix valid DMBE buffer sizes - net: usb: qmi_wwan: add Cellient MPL200 card - tipc: fix the skb_unshare() in tipc_buf_append() - net/ipv4: always honour route mtu during forwarding - r8169: fix data corruption issue on RTL8402 - [arm*] binder: fix UAF when releasing todo list (CVE-2020-0423) - ALSA: bebob: potential info leak in hwdep_read() - net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device - [x86,ppc64el] net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling ether_setup - net/sched: act_tunnel_key: fix OOB write in case of IPv6 ERSPAN tunnels - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() - tcp: fix to update snd_wl1 in bulk receiver fast path - r8169: fix operation under forced interrupt threading - icmp: randomize the global rate limiter (CVE-2020-25705) - ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887 - cifs: remove bogus debug code - cifs: Return the error from crypt_message when enc/dec key not found. - [x86] KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages - [x86] KVM: SVM: Initialize prev_ga_tag before use - crypto: algif_aead - Do not set MAY_BACKLOG on the async path - [x86] EDAC/i5100: Fix error handling order in i5100_init_one() - [x86] fpu: Allow multiple bits in clearcpuid= parameter - [arm64] drivers/perf: xgene_pmu: Fix uninitialized resource struct - [x86] nmi: Fix nmi_handle() duration miscalculation - [amd64] x86/events/amd/iommu: Fix sizeof mismatch - crypto: algif_skcipher - EBUSY on aio should be an error - media: tuner-simple: fix regression in simple_set_radio_freq - media: uvcvideo: Set media controller entity functions - media: uvcvideo: Silence shift-out-of-bounds warning - [armhf] media: omap3isp: Fix memleak in isp_probe - [armhf] media: ti-vpe: Fix a missing check and reference count leak - regulator: resolve supply after creating regulator - ath10k: provide survey info as accumulated data - Bluetooth: hci_uart: Cancel init work before unregistering - ath6kl: prevent potential array overflow in ath6kl_add_new_sta() - ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() - ath10k: Fix the size used in a 'dma_free_coherent()' call in an error handling path - [arm64] wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 - [arm64] ASoC: qcom: lpass-platform: fix memory leak - [arm64] ASoC: qcom: lpass-cpu: fix concurrency issue - brcmfmac: check ndev pointer - mwifiex: Do not use GFP_KERNEL in atomic context - [x86] staging: rtl8192u: Do not use GFP_KERNEL in atomic context - [x86] drm/gma500: fix error check - scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()' - scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() - scsi: csiostor: Fix wrong return value in csio_hw_prep_fw() - [x86] VMCI: check return value of get_user_pages_fast() for errors - [ppc64el] tty: hvcs: Don't NULL tty->driver_data until hvcs_cleanup() - pty: do tty_flip_buffer_push without port->lock in pty_write - [x86] pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare() - [x86] pwm: lpss: Add range limit check for the base_unit register value - [x86] video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error - video: fbdev: sis: fix null ptr dereference - video: fbdev: radeon: Fix memleak in radeonfb_pci_register - HID: roccat: add bounds checking in kone_sysfs_write_settings() - [armhf] pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser - [armhf] pinctrl: mcp23s08: Fix mcp23x17 precious range - net/mlx5: Don't call timecounter cyc2time directly from 1PPS flow - [arm64,armhf] net: stmmac: use netif_tx_start|stop_all_queues() function - [arm64] cpufreq: armada-37xx: Add missing MODULE_DEVICE_TABLE - ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd() - [amd64] misc: mic: scif: Fix error handling path - [arm*] usb: dwc2: Fix parameter type in function pointer prototype - quota: clear padding in v2r1_mem2diskdqb() - HID: hid-input: fix stylus battery reporting - net: enic: Cure the enic api locking trainwreck - [mips*] mfd: sm501: Fix leaks in probe() - iwlwifi: mvm: split a print to avoid a WARNING in ROC - usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above. - usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well - nl80211: fix non-split wiphy information - [arm*] usb: dwc2: Fix INTR OUT transfers in DDMA mode. - scsi: target: tcmu: Fix warning: 'page' may be used uninitialized - scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs() - mwifiex: fix double free - ipvs: clear skb->tstamp in forwarding path - netfilter: nf_log: missing vlan offload tag and proto - mm/memcg: fix device private memcg accounting - mm, oom_adj: don't loop through tasks in __set_oom_adj when not necessary - IB/mlx4: Fix starvation in paravirt mux/demux - IB/mlx4: Adjust delayed work when a dup is observed - [powerpc*] pseries: Fix missing of_node_put() in rng_init() - [powerpc*] icp-hv: Fix missing of_node_put() in success path - RDMA/ucma: Fix locking for ctx->events_reported - RDMA/ucma: Add missing locking around rdma_leave_multicast() - [powerpc*] pseries: explicitly reschedule during drmem_lmb list traversal - mtd: mtdoops: Don't write panic data twice - [armel,armhf] ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values - xfs: limit entries returned when counting fsmap records - xfs: fix high key handling in the rt allocator's query_range function - RDMA/qedr: Fix use of uninitialized field - RDMA/qedr: Fix inline size returned for iWARP https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.154 - [powerpc*] 64s/radix: Fix mm_cpumask trimming race vs kthread_use_mm - RDMA/cma: Remove dead code for kernel rdmacm multicast - RDMA/cma: Consolidate the destruction of a cma_multicast in one place - [arm64] RDMA/hns: Set the unsupported wr opcode - [arm64] RDMA/hns: Fix missing sq_sig_type when querying QP - overflow: Include header file with SIZE_MAX declaration - [powerpc*] perf: Exclude pmc5/6 from the irrelevant PMU group constraints - [poerpc*] cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier - IB/rdmavt: Fix sizeof mismatch - f2fs: wait for sysfs kobject removal before freeing f2fs_sb_info - lib/crc32.c: fix trivial typo in preprocessor condition - rapidio: fix error handling path - rapidio: fix the missed put_device() for rio_mport_add_riodev - mailbox: avoid timer start from callback - [arm64,armhf] clk: rockchip: Initialize hw to error to avoid undefined behavior - [arm*] clk: bcm2835: add missing release if devm_clk_hw_register fails - watchdog: Fix memleak in watchdog_cdev_register - watchdog: Use put_device on error - svcrdma: fix bounce buffers for unaligned offsets and multiple pages - ext4: limit entries returned when counting fsmap records - vfio/pci: Clear token on bypass registration failure - [amd64,arm64] vfio iommu type1: Fix memory leak in vfio_iommu_type1_pin_pages - SUNRPC: fix copying of multiple pages in gss_read_proxy_verf() - [armhf] Input: omap4-keypad - fix handling of platform_get_irq() error - [armhf] Input: twl4030_keypad - fix handling of platform_get_irq() error - [armhf] Input: sun4i-ps2 - fix handling of platform_get_irq() error - [x86] KVM: emulating RDPID failure shall return #UD rather than #GP - netfilter: conntrack: connection timeout after re-register - netfilter: nf_fwd_netdev: clear timestamp in forwarding path - [armhf] dts: sun8i: r40: bananapi-m2-ultra: Fix dcdc1 regulator - [armhf] memory: omap-gpmc: Fix a couple off by ones - [powerpc*] powernv/dump: Fix race while processing OPAL dump - nvmet: fix uninitialized work for zero kato - [x86,arm64] i2c: core: Restore acpi_walk_dep_device_list() getting called after registering the ACPI i2c devs - block: ratelimit handle_bad_sector() message - [x86] crypto: ccp - fix error handling - media: firewire: fix memory leak - media: ati_remote: sanity check for both endpoints - media: media/pci: prevent memory leak in bttv_probe - media: uvcvideo: Ensure all probed info is returned to v4l2 - mmc: sdio: Check for CISTPL_VERS_1 buffer size - media: saa7134: avoid a shift overflow - fs: dlm: fix configfs memory leak - [arm64] media: venus: core: Fix runtime PM imbalance in venus_probe - ip_gre: set dev->hard_header_len and dev->needed_headroom properly - mac80211: handle lack of sband->bitrates in rates - PM: hibernate: remove the bogus call to get_gendisk() in software_resume() - scsi: mvumi: Fix error return in mvumi_io_attach() - scsi: target: core: Add CONTROL field for trace events - [amd64] mic: vop: copy data to kernel space then write to io memory - [amd64] misc: vop: add round_up(x,4) for vring_size to avoid kernel panic - usb: gadget: function: printer: fix use-after-free in __lock_acquire - udf: Limit sparing table size - udf: Avoid accessing uninitialized data on failed inode read - USB: cdc-acm: handle broken union descriptors - [arm64,armhf] usb: dwc3: simple: add support for Hikey 970 - [armhf] can: flexcan: flexcan_chip_stop(): add error handling and propagate error value - ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs() - misc: rtsx: Fix memory leak in rtsx_pci_probe - reiserfs: only call unlock_new_inode() if I_NEW - xfs: make sure the rt allocator doesn't run off the end - usb: ohci: Default to per-port over-current protection - Bluetooth: Only mark socket zapped after unlocking - [ppc64el] scsi: ibmvfc: Fix error return in ibmvfc_probe() - brcmsmac: fix memory leak in wlc_phy_attach_lcnphy - rtl8xxxu: prevent potential memory leak - Fix use after free in get_capset_info callback. - scsi: qedi: Protect active command list to avoid list corruption - scsi: qedi: Fix list_del corruption while removing active I/O - [x86] tty: ipwireless: fix error handling - ipvs: Fix uninit-value in do_ip_vs_set_ctl() - reiserfs: Fix memory leak in reiserfs_parse_options() - mwifiex: don't call del_timer_sync() on uninitialized timer - brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach - usb: core: Solve race condition in anchor cleanup functions - ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n() - usb: cdc-acm: add quirk to blacklist ETAS ES58X devices - USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync(). - eeprom: at25: set minimum read/write access stride to 1 - usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets. https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.155 - scripts/setlocalversion: make git describe output more reliable - [arm64] Run ARCH_WORKAROUND_1 enabling code on all CPUs - [arm64] link with -z norelro regardless of CONFIG_RELOCATABLE - [x86,arm64,armhf] efivarfs: Replace invalid slashes with exclamation marks in dentries. - gtp: fix an use-before-init in gtp_newlink() - netem: fix zero division in tabledist - tcp: Prevent low rmem stalls with SO_RCVLOWAT. - tipc: fix memory leak caused by tipc_buf_append() - r8169: fix issue with forced threading in combination with shared interrupts - cxgb4: set up filter action after rewrites - [x86] arch/x86/amd/ibs: Fix re-arming IBS Fetch - [x86] xen: disable Firmware First mode for correctable memory errors - fuse: fix page dereference after free - bpf: Fix comment for helper bpf_current_task_under_cgroup() - p54: avoid accessing the data mapped to streaming DMA - [powerpc*] cxl: Rework error message for incompatible slots - RDMA/addr: Fix race with netevent_callback()/rdma_addr_cancel() - mtd: lpddr: Fix bad logic in print_drs_error - [arm*] serial: pl011: Fix lockdep splat when handling magic-sysrq interrupt - fscrypt: return -EXDEV for incompatible rename or link into encrypted dir - fscrypt: clean up and improve dentry revalidation - fscrypt: fix race allowing rename() and link() of ciphertext dentries - fs, fscrypt: clear DCACHE_ENCRYPTED_NAME when unaliasing directory - fscrypt: only set dentry_operations on ciphertext dentries - fscrypt: fix race where ->lookup() marks plaintext dentry as ciphertext - Revert "block: ratelimit handle_bad_sector() message" - xen/events: don't use chip_data for legacy IRQs - xen/events: avoid removing an event channel while handling it (CVE-2020-27675) - xen/events: add a proper barrier to 2-level uevent unmasking (CVE-2020-27673) - xen/events: fix race in evtchn_fifo_unmask() (CVE-2020-27673) - xen/events: add a new "late EOI" evtchn framework (CVE-2020-27673) - xen/blkback: use lateeoi irq binding (CVE-2020-27673) - xen/netback: use lateeoi irq binding (CVE-2020-27673) - xen/scsiback: use lateeoi irq binding (CVE-2020-27673) - xen/pvcallsback: use lateeoi irq binding (CVE-2020-27673) - xen/pciback: use lateeoi irq binding (CVE-2020-27673) - xen/events: switch user event channels to lateeoi model (CVE-2020-27673) - xen/events: use a common cpu hotplug hook for event channels (CVE-2020-27673) - xen/events: defer eoi in case of excessive number of events (CVE-2020-27673) - xen/events: block rogue events for some time (CVE-2020-27673) - RDMA/qedr: Fix memory leak in iWARP CM - ata: sata_nv: Fix retrieving of active qcs - futex: Fix incorrect should_fail_futex() handling - [powerpc*] powernv/smp: Fix spurious DBG() warning - mm: fix exec activate_mm vs TLB shootdown and lazy tlb switching race - [powerpc*] select ARCH_WANT_IRQS_OFF_ACTIVATE_MM - f2fs: add trace exit in exception path - f2fs: fix uninit-value in f2fs_lookup - f2fs: fix to check segment boundary during SIT page readahead - [armel,armhf] 8997/2: hw_breakpoint: Handle inexact watchpoint addresses - power: supply: bq27xxx: report "not charging" on all types - xfs: fix realtime bitmap/summary file truncation when growing rt volume - ath10k: fix VHT NSS calculation when STBC is enabled - media: videodev2.h: RGB BT2020 and HSV are always full range - [x86] usb: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart - media: tw5864: check status of tw5864_frameinterval_get - mmc: via-sdmmc: Fix data race bug - [arm64] topology: Stop using MPIDR for topology information - media: uvcvideo: Fix dereference of out-of-bound list iterator - USB: adutux: fix debugging - uio: free uio id after uio file node is freed - usb: xhci: omit duplicate actions when suspending a runtime suspended host. - [arm64] mm: return cpu_all_mask when node is NUMA_NO_NODE - xfs: don't free rt blocks when we're doing a REMAP bunmapi call - ACPI: Add out of bounds and numa_off protections to pxm_to_node() - drivers/net/wan/hdlc_fr: Correctly handle special skb->protocol values - btrfs: fix replace of seed device - md/bitmap: md_bitmap_get_counter returns wrong blocks - bnxt_en: Log unknown link speed appropriately. - [arm64] rpmsg: glink: Use complete_all for open states - [armhf] clk: ti: clockdomain: fix static checker warning - net: 9p: initialize sun_server.sun_path to have addr's value only when addr is valid - ext4: Detect already used quota file early - gfs2: add validation checks for size of superblock - cifs: handle -EINTR in cifs_setattr - [armhf] memory: emif: Remove bogus debugfs error handling - nbd: make the config put is called before the notifying the waiter - sgl_alloc_order: fix memory leak - nvme-rdma: fix crash when connect rejected - md/raid5: fix oops during stripe resizing - [x86,arm64] mmc: sdhci-acpi: AMDI0040: Set SDHCI_QUIRK2_PRESET_VALUE_BROKEN - [x86] perf/x86/amd/ibs: Don't include randomized bits in get_ibs_op_count() - [x86] perf/x86/amd/ibs: Fix raw sample data accumulation - media: uvcvideo: Fix uvc_ctrl_fixup_xu_info() not having any effect - fs: Don't invalidate page buffers in block_write_full_page() - NFS: fix nfs_path in case of a rename retry - ACPI: button: fix handling lid state changes when input device closed - [x86] ACPI / extlog: Check for RDMSR failure (Closes: #971058) - [x86] ACPI: video: use ACPI backlight for HP 635 Notebook - [x86] acpi-cpufreq: Honor _PSD table setting on new AMD CPUs - scsi: mptfusion: Fix null pointer dereferences in mptscsih_remove() - scsi: qla2xxx: Fix crash on session cleanup with unload - btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode - btrfs: improve device scanning messages - btrfs: reschedule if necessary when logging directory items - btrfs: send, recompute reference path after orphanization of a directory - btrfs: use kvzalloc() to allocate clone_roots in btrfs_ioctl_send() - btrfs: cleanup cow block on error - btrfs: fix use-after-free on readahead extent after failure to create it - usb: xhci: Workaround for S3 issue on AMD SNPS 3.0 xHC - [arm64,armhf] usb: dwc3: ep0: Fix ZLP for OUT ep0 requests - [arm64,armhf] usb: dwc3: gadget: Check MPS of the request length - [arm64,armhf] usb: dwc3: core: add phy cleanup for probe error handling - [arm64,armhf] usb: dwc3: core: don't trigger runtime pm when remove driver - usb: cdc-acm: fix cooldown mechanism - [x86] usb: typec: tcpm: reset hard_reset_count for any disconnect - [x86] drm/i915: Force VT'd workarounds when running as a guest OS - vt: keyboard, simplify vt_kdgkbsent - vt: keyboard, extend func_buf_lock to readers (CVE-2020-25656) - HID: wacom: Avoid entering wacom_wac_pen_report for pad / battery - udf: Fix memory leak when mounting - [powerpc*] drmem: Make lmb_size 64 bit - [s390x] stp: add locking to sysfs functions - [powerpc*] rtas: Restrict RTAS requests from userspace (CVE-2020-27777) - [powerpc*] Warn about use of smt_snooze_delay - [powerpc*] powernv/elog: Fix race while processing OPAL error log event. - [powerpc*] Fix undetected data corruption with P9N DD2.1 VSX CI load emulation - NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag - NFSD: Add missing NFSv2 .pc_func methods - ubifs: dent: Fix some potential memory leaks while iterating entries - perf python scripting: Fix printable strings in python3 scripts - ubi: check kthread_should_stop() after the setting of task state - [armhf] i2c: imx: Fix external abort on interrupt in exit paths - drm/amdgpu: don't map BO in reserved region - ceph: promote to unsigned long long before shifting - libceph: clear con->out_msg on Policy::stateful_server faults - 9P: Cast to loff_t before multiplying - ring-buffer: Return 0 on success from ring_buffer_resize() - [amd64] vringh: fix __vringh_iov() when riov and wiov are different - ext4: fix leaking sysfs kobject after failed mount - ext4: fix error handling code in add_new_gdb - ext4: fix invalid inode checksum - drm/ttm: fix eviction valuable range check. - tty: make FONTX ioctl use the tty pointer they were actually passed (CVE-2020-25668) - cachefiles: Handle readpage error correctly - device property: Keep secondary firmware node secondary by type - device property: Don't clear secondary pointer for shared primary firmware node - [arm64] KVM: Fix AArch32 handling of DBGD{CCINT,SCRext} and DBGVCR - [x86] staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice - [mips*] staging: octeon: repair "fixed-link" support - [mips*] staging: octeon: Drop on uncorrectable alignment or FCS error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.156 - [x86] drm/i915: Break up error capture compression loops with cond_resched() - tipc: fix use-after-free in tipc_bcast_get_mode - ptrace: fix task_join_group_stop() for the case when current is traced - [arm64] cadence: force nonlinear buffers to be cloned - net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition - sctp: Fix COMM_LOST/CANT_STR_ASSOC err reporting on big-endian platforms - [arm64,armhf] sfp: Fix error handing in sfp_probe() - blktrace: fix debugfs use after free (CVE-2019-19770) - btrfs: extent_io: Kill the forward declaration of flush_write_bio - btrfs: extent_io: Move the BUG_ON() in flush_write_bio() one level up - Revert "btrfs: flush write bio if we loop in extent_write_cache_pages" - btrfs: flush write bio if we loop in extent_write_cache_pages - btrfs: extent_io: Handle errors better in extent_write_full_page() - btrfs: extent_io: Handle errors better in btree_write_cache_pages() - btrfs: extent_io: add proper error handling to lock_extent_buffer_for_io() - Btrfs: fix unwritten extent buffers and hangs on future writeback attempts - btrfs: Don't submit any btree write bio if the fs has errors (CVE-2019-19039, CVE-2019-19377) - btrfs: Move btrfs_check_chunk_valid() to tree-check.[ch] and export it - btrfs: tree-checker: Make chunk item checker messages more readable - btrfs: tree-checker: Make btrfs_check_chunk_valid() return EUCLEAN instead of EIO - btrfs: tree-checker: Check chunk item at tree block read time - btrfs: tree-checker: Verify dev item - btrfs: tree-checker: Fix wrong check on max devid - btrfs: tree-checker: Enhance chunk checker to validate chunk profile (CVE-2019-19816) - btrfs: tree-checker: Verify inode item - btrfs: tree-checker: fix the error message for transid error - Fonts: Replace discarded const qualifier - ALSA: usb-audio: Add implicit feedback quirk for Zoom UAC-2 - ALSA: usb-audio: add usb vendor id as DSD-capable for Khadas devices - ALSA: usb-audio: Add implicit feedback quirk for Qu-16 - ALSA: usb-audio: Add implicit feedback quirk for MODX - mm: mempolicy: fix potential pte_unmap_unlock pte error - kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled - mm: always have io_remap_pfn_range() set pgprot_decrypted() - gfs2: Wake up when sd_glock_disposal becomes zero - ring-buffer: Fix recursion protection transitions between interrupt context - ftrace: Fix recursion check for NMI test - ftrace: Handle tracing when switching between context - tracing: Fix out of bounds write in get_trace_buf - futex: Handle transient "ownerless" rtmutex state correctly - [amd64] x86/kexec: Use up-to-dated screen_info copy to fill boot params - of: Fix reserved-memory overlap detection - blk-cgroup: Fix memleak on error path - blk-cgroup: Pre-allocate tree node on blkg_conf_prep - scsi: core: Don't start concurrent async scan on same host - vsock: use ns_capable_noaudit() on socket create - [arm*] drm/vc4: drv: Add error handding for bind - [amd64,arm64] ACPI: NFIT: Fix comparison to '-ENXIO' - vt: Disable KD_FONT_OP_COPY (CVE-2020-28974) - fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent - USB: serial: cyberjack: fix write-URB completion race - USB: serial: option: add Quectel EC200T module support - USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 - USB: serial: option: add Telit FN980 composition 0x1055 - USB: Add NO_LPM quirk for Kingston flash drive - PM: runtime: Resume the device earlier in __device_release_driver() - perf/core: Fix a memory leak in perf_event_parse_addr_filter() (CVE-2020-25704) - tools: perf: Fix build error in v4.19.y - [arm64,armhf] net: dsa: read mac address from DT for slave device - [arm64] dts: marvell: espressobin: Add ethernet switch aliases https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.157 - [x86] powercap: restrict energy meter to root access (CVE-2020-8694) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.158 - regulator: defer probe when trying to get voltage from unresolved supply - time: Prevent undefined behaviour in timespec64_to_ns() - nbd: don't update block size after device is started - [arm64,armhf] usb: dwc3: gadget: Continue to process pending requests - [arm64,armhf] usb: dwc3: gadget: Reclaim extra TRBs after request completion - btrfs: sysfs: init devices outside of the chunk_mutex - btrfs: reschedule when cloning lots of extents - [x86] hv_balloon: disable warning when floor reached - net: xfrm: fix a race condition during allocing spi - xfs: set xefi_discard when creating a deferred agfl free log intent item - netfilter: ipset: Update byte and packet counters regardless of whether they match - perf tools: Add missing swap for ino_generation - [x86] ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() - can: rx-offload: don't call kfree_skb() from IRQ context - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() - can: peak_usb: add range checking in decode operations - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on - [armhf] can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A - xfs: flush new eof page on truncate to avoid post-eof corruption - [arm64,x86] tpm: efi: Don't create binary_bios_measurements file for an empty log - Btrfs: fix missing error return if writeback for extent buffer never started - ath9k_htc: Use appropriate rs_datalen type - netfilter: use actual socket sk rather than skb sk when routing harder - gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free - gfs2: Add missing truncate_inode_pages_final for sd_aspace - gfs2: check for live vs. read-only file system in gfs2_fitrim - scsi: hpsa: Fix memory leak in hpsa_init_one() - drm/amdgpu: perform srbm soft reset always on SDMA resume - mac80211: fix use of skb payload instead of header - cfg80211: regulatory: Fix inconsistent format argument - scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() - [s390x] smp: move rcu_cpu_starting() earlier - [x86] tpm_tis: Disable interrupts on ThinkPad T490s - tick/common: Touch watchdog in tick_unfreeze() on all CPUs - [x86] pinctrl: intel: Set default bias in case no particular value given - [armel,armhf] 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template - nbd: fix a block_device refcount leak in nbd_release - xfs: fix flags argument to rmap lookup when converting shared file rmaps - xfs: fix rmap key and record comparison functions - lan743x: fix "BUG: invalid wait context" when setting rx mode - xfs: fix a missing unlock on error in xfs_fs_map_blocks - of/address: Fix of_node memory leak in of_dma_is_coherent - [i386] cosa: Add missing kfree in error path of cosa_write - perf: Fix get_recursion_context() - ext4: correctly report "not supported" for {usr,grp}jquota when !CONFIG_QUOTA - ext4: unlock xattr_sem properly in ext4_inline_data_truncate() - btrfs: dev-replace: fail mount if we don't have replace item with target device - [x86] thunderbolt: Fix memory leak if ida_simple_get() fails in enumerate_services() - [x86] thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() - uio: Fix use-after-free in uio_unregister_device() - usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode - futex: Don't enable IRQs unconditionally in put_pi_state() - ocfs2: initialize ip_next_orphan - btrfs: fix potential overflow in cluster_pages_for_defrag on 32bit arch - selinux: Fix error return code in sel_ib_pkey_sid_slow() - gpio: pcie-idio-24: Fix irq mask when masking - gpio: pcie-idio-24: Fix IRQ Enable Register value - gpio: pcie-idio-24: Enable PEX8311 interrupts - don't dump the threads that had been already exiting when zapped. - [x86] drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[] - pinctrl: amd: use higher precision for 512 RtcClk - pinctrl: amd: fix incorrect way to disable debounce filter - swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb" - IPv6: Set SIT tunnel hard_header_len to zero - [s390x] net/af_iucv: fix null pointer dereference on shutdown - net: Update window_clamp if SOCK_RCVBUF is set - tipc: fix memory leak in tipc_topsrv_start() - vrf: Fix fast path output packet handling with async Netfilter rules - r8169: fix potential skb double free in an error path - random32: make prandom_u32() output unpredictable - [x86] speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP - perf/core: Fix race in the perf_mmap_close() function (CVE-2020-14351) - Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint" - reboot: fix overflow parsing reboot cpu number - net: sch_generic: fix the missing new qdisc assignment bug - Convert trailing spaces and periods in path components https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.159 - [powerpc*] 64s: move some exception handlers out of line - [powerpc*] 64s: flush L1D on kernel entry (CVE-2020-4788) - [powerpc*] Add a framework for user access tracking - [powerpc*] Implement user_access_begin and friends - [powerpc*] Fix __clear_user() with KUAP enabled - [powerpc*] uaccess: Evaluate macro arguments once, before user access is allowed - [powerpc*] 64s: flush L1D after user accesses (CVE-2020-4788) - Revert "perf cs-etm: Move definition of 'traceid_list' global variable from header file" - Input: sunkbd - avoid use-after-free in teardown paths (CVE-2020-25669) - mac80211: always wind down STA state - can: proc: can_remove_proc(): silence remove_proc_entry warning - [x86] KVM: x86: clflushopt should be treated as a no-op by emulation - [arm64] ACPI: GED: fix -Wformat https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.160 - ah6: fix error return code in ah6_input() - atm: nicstar: Unmap DMA on send error - bnxt_en: read EEPROM A2h address using page 0 - devlink: Add missing genlmsg_cancel() in devlink_nl_sb_port_pool_fill() - inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill() - lan743x: fix issue causing intermittent kernel log warnings - lan743x: prevent entire kernel HANG on open, for some platforms - net: b44: fix error return code in b44_init_one() - net: bridge: add missing counters to ndo_get_stats64 callback - [arm64,armhf] net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 - net: Have netpoll bring-up DSA management interface - net/mlx4_core: Fix init_hca fields offset - page_frag: Recover from memory pressure - qed: fix error return code in qed_iwarp_ll2_start() - qlcnic: fix error return code in qlcnic_83xx_restart_hw() - sctp: change to hold/put transport for proto_unreach_timer - tcp: only postpone PROBE_RTT if RTT is < current min_rtt estimate - [arm64,armhf] net/mlx5: Disable QoS when min_rates on all VFs are zero - net: usb: qmi_wwan: Set DTR quirk for MR400 - [arm64,armhf] pinctrl: rockchip: enable gpio pclk for rockchip_gpio_to_irq - scsi: ufs: Fix unbalanced scsi_block_reqs_cnt caused by ufshcd_hold() - [x86] ACPI: button: Add DMI quirk for Medion Akoya E2228T - [arm64] psci: Avoid printing in cpu_psci_cpu_die() - vfs: remove lockdep bogosity in __sb_start_write - [arm64] dts: allwinner: a64: Pine64 Plus: Fix ethernet node - [arm64] dts: allwinner: h5: OrangePi PC2: Fix ethernet node - [armhf] dts: sun8i: r40: bananapi-m2-ultra: Fix ethernet node - [armhf] Revert "arm: sun8i: orangepi-pc-plus: Set EMAC activity LEDs to active high" - [armhf] dts: sun8i: h3: orangepi-plus2e: Enable RGMII RX/TX delay on Ethernet PHY - [armhf] dts: sun8i: a83t: Enable both RGMII RX/TX delay on Ethernet PHY - [arm64] dts: allwinner: a64: bananapi-m64: Enable RGMII RX/TX delay on PHY - [mips*] export has_transparent_hugepage() for modules - [arm64] dts: allwinner: h5: OrangePi Prime: Fix ethernet node - perf lock: Don't free "lock_seq_stat" if read_count isn't zero - ip_tunnels: Set tunnel option flag when tunnel metadata is present - can: af_can: prevent potential access of uninitialized member in can_rcv() - can: af_can: prevent potential access of uninitialized member in canfd_rcv() - can: dev: can_restart(): post buffer from the right context - can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() - can: peak_usb: fix potential integer overflow on shift of a int - [arm64] ASoC: qcom: lpass-platform: Fix memory leak - [arm64,armhf] drm/sun4i: dw-hdmi: fix error return code in sun8i_dw_hdmi_bind() - can: kvaser_usb: kvaser_usb_hydra: Fix KCAN bittiming limits - [armhf] regulator: ti-abb: Fix array out of bound read access on the first transition - xfs: revert "xfs: fix rmap key and record comparison functions" - [amd64] efi/x86: Free efi_pgd with free_pages() - libfs: fix error cast of negative value in simple_attr_write() - speakup: Do not let the line discipline be used several times (CVE-2020-28941) - ALSA: firewire: Clean up a locking issue in copy_resp_to_buf() - ALSA: usb-audio: Add delay quirk for all Logitech USB devices - ALSA: ctl: fix error path at adding user-defined element set - ALSA: mixart: Fix mutex deadlock - ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220) - [armhf] tty: serial: imx: keep console clocks always on - [arm64,armhf,x86] efivarfs: fix memory leak in efivarfs_create() - [arm64,x86] staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids - ext4: fix bogus warning in ext4_update_dx_flag() - [x86] iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum - [x86] iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode - [armhf] regulator: pfuze100: limit pfuze-support-disable-sw to pfuze{100,200} - regulator: fix memory leak with repeated set_machine_constraints() - regulator: avoid resolve_supply() infinite recursion - regulator: workaround self-referent regulators - mac80211: minstrel: remove deferred sampling code - mac80211: minstrel: fix tx status processing corner case - mac80211: free sta in sta_info_insert_finish() on errors - [s390x] cpum_sf.c: fix file permission for cpum_sfb_size - [s390x] dasd: fix null pointer dereference for ERP requests - ptrace: Set PF_SUPERPRIV when checking capability - seccomp: Set PF_SUPERPRIV when checking capability - [x86] microcode/intel: Check patch signature before saving microcode for early loading - mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() . [ Salvatore Bonaccorso ] * net: Enable NET_SWITCHDEV; disable on armel/marvell (Closes: #949863) * Bump ABI to 13 * [rt] Update to 4.19.152-rt65 * [rt] Refresh "mm: Protect activate_mm() by preempt_[disable&enable]_rt()" * [rt] Refresh "kthread: convert worker lock to raw spinlock" * [rt] Refresh "signals: Allow rt tasks to cache one sigqueue struct" * [rt] Refresh "tpm_tis: fix stall after iowrite*()s" * [rt] Refresh "futex: Delay deallocation of pi_state" * [rt] Refresh "futex: Make the futex_hash_bucket spinlock_t again" * [rt] Update to 4.19.152-rt66 - mm/memcontrol: Disable preemption in __mod_memcg_lruvec_state() - ptrace: fix ptrace_unfreeze_traced() race with rt-lock * [rt] Update to 4.19.160-rt69 . [ Noah Meyerhans ] * Backport upstream fix for PCI bridge firmware configuration preservation (Closes: #968623) . [ John L. Villalovos ] * Backport support for USB Host Controllers with local memory to avoid crashes. In particular the Renesas USB 3.0 controller (PD720201/PD720202) which is used on the Ampere's Mt Jade platform which is part of their Altra product line: - lib/genalloc: add gen_pool_dma_zalloc() for zeroed DMA allocations - USB: use genalloc for USB HCs with local memory - USB: drop HCD_LOCAL_MEM flag - usb: don't create dma pools for HCDs with a localmem_pool - usb: add a hcd_uses_dma helper - usb: host: ohci-sm501: init genalloc for local memory - usb/hcd: Fix a NULL vs IS_ERR() bug in usb_hcd_setup_local_mem() * [arm64] config/arm64/config: Set NODES_SHIFT to 4 . [ Yves-Alexis Perez ] * usbnet: ipheth: fix connectivity with iOS 14 linux-signed-amd64 (4.19.152+1) buster-security; urgency=high . * Sign kernel from linux 4.19.152-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.147 - [arm64,armhf] dsa: Allow forwarding of redirected IGMP traffic - scsi: qla2xxx: Update rscn_rcvd field to more meaningful scan_needed - scsi: qla2xxx: Move rport registration out of internal work_list - scsi: qla2xxx: Reduce holding sess_lock to prevent CPU lock-up - net: handle the return value of pskb_carve_frag_list() correctly - [x86] hv_netvsc: Remove "unlikely" from netvsc_select_queue - NFSv4.1 handle ERR_DELAY error reclaiming locking state on delegation recall - scsi: pm8001: Fix memleak in pm8001_exec_internal_task_abort - scsi: libfc: Fix for double free() - scsi: lpfc: Fix FLOGI/PLOGI receive race condition in pt2pt discovery - [arm64] regulator: pwm: Fix machine constraints application - NFS: Zero-stateid SETATTR should first return delegation - SUNRPC: stop printk reading past end of string - nvme-fc: cancel async events before freeing event struct - nvme-rdma: cancel async events before freeing event struct - f2fs: fix indefinite loop scanning for free nid - f2fs: Return EOF on unaligned end of file DIO read - i2c: algo: pca: Reapply i2c bus settings after reset - spi: Fix memory leak on splited transfers - [arm64,armhf] clk: rockchip: Fix initialization of mux_pll_src_4plls_p - [arm64] ASoC: qcom: Set card->owner to avoid warnings - [x86] Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload - fbcon: Fix user font detection test at fbcon_resize(). - USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin notebook - USB: UAS: fix disconnect by unplugging a hub - usblp: fix race between disconnect() and read() - [x86] i2c: i801: Fix resume bug - Revert "ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO" - percpu: fix first chunk size calculation for populated bitmap - Input: trackpoint - add new trackpoint variant IDs - serial: 8250_pci: Add Realtek 816a and 816b - ehci-hcd: Move include to keep CRC stable - [powerpc*] dma: Fix dma_map_ops::get_required_mask https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.148 - af_key: pfkey_dump needs parameter validation - KVM: fix memory leak in kvm_io_bus_unregister_dev() - kprobes: fix kill kprobe which has been marked as gone - mm/thp: fix __split_huge_pmd_locked() for migration PMD - cxgb4: Fix offset when clearing filter byte counters - geneve: add transport ports in route lookup for geneve (CVE-2020-25645) - [x86,ppc64el] hdlc_ppp: add range checks in ppp_cp_parse_cr() (CVE-2020-25643) - ip: fix tos reflection in ack and reset packets - ipv6: avoid lockdep issue in fib6_del() - net: DCB: Validate DCB_ATTR_DCB_BUFFER argument - net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC - net: sch_generic: aviod concurrent reset and enqueue op for lockless qdisc - nfp: use correct define to return NONE fec - tipc: Fix memory leak in tipc_group_create_member() - tipc: fix shutdown() of connection oriented socket - tipc: use skb_unshare() instead in tipc_buf_append() - bnxt_en: return proper error codes in bnxt_show_temp - bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex. - net: phy: Avoid NPD upon phy_detach() when driver is unbound - net: add __must_check to skb_put_padto() - ipv4: Update exception handling for multipath routes via same device - kbuild: add OBJSIZE variable for the size tool - mm: memcg: fix memcg reclaim soft lockup - tcp_bbr: refactor bbr_target_cwnd() for general inflight provisioning - tcp_bbr: adapt cwnd based on ack aggregation estimation - serial: 8250: Avoid error message on reprobe https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.149 - selinux: allow labeling before policy is loaded - media: mc-device.c: fix memleak in media_device_register_entity - dma-fence: Serialise signal enabling (dma_fence_enable_sw_signaling) - ath10k: fix array out-of-bounds access - ath10k: fix memory leak for tpc_stats_final - mm: fix double page fault on arm64 if PTE_AF is cleared - scsi: aacraid: fix illegal IO beyond last LBA - [x86] gma/gma500: fix a memory disclosure bug due to uninitialized bytes - [armel,armhf] ASoC: kirkwood: fix IRQ error handling - [amd64] arch/x86/lib/usercopy_64.c: fix __copy_user_flushcache() cache writeback - [x86] ioapic: Unbreak check_timer() - ALSA: usb-audio: Add delay quirk for H570e USB headsets - ALSA: hda/realtek - Couldn't detect Mic if booting with headset plugged - ALSA: hda/realtek: Enable front panel headset LED on Lenovo ThinkStation P520 - lib/string.c: implement stpcpy - [armhf] PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out - [x86] scsi: fnic: fix use after free - scsi: lpfc: Fix kernel crash at lpfc_nvme_info_show during remote port bounce - net: silence data-races on sk_backlog.tail - [armhf] clk/ti/adpll: allocate room for terminating null - mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of cfi_amdstd_setup() - mfd: mfd-core: Protect against NULL call-back function pointer - [x86] tpm_crb: fix fTPM on AMD Zen+ CPUs - tracing: Adding NULL checks for trace_array descriptor pointer - bcache: fix a lost wake-up problem caused by mca_cannibalize_lock - RDMA/qedr: Fix potential use after free - RDMA/i40iw: Fix potential use after free - fix dget_parent() fastpath race - xfs: fix attr leaf header freemap.size underflow - RDMA/iw_cgxb4: Fix an error handling path in 'c4iw_connect()' - ubi: Fix producing anchor PEBs - mmc: core: Fix size overflow for mmc partitions - gfs2: clean up iopen glock mess in gfs2_create_inode - scsi: pm80xx: Cleanup command when a reset times out - CIFS: Properly process SMB3 lease breaks - ASoC: max98090: remove msleep in PLL unlocked workaround - kernel/sys.c: avoid copying possible padding bytes in copy_to_user - [arm64,armhf] KVM: vgic: Fix potential double free dist->spis in __kvm_vgic_destroy() - xfs: fix log reservation overflows when allocating large rt extents - neigh_stat_seq_next() should increase position index - rt_cpu_seq_next should increase position index - ipv6_route_seq_next should increase position index - seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier - sctp: move trace_sctp_probe_path into sctp_outq_sack - [arm64,x86] ACPI: EC: Reference count query handlers under lock - scsi: ufs: Make ufshcd_add_command_trace() easier to read - scsi: ufs: Fix a race condition in the tracing code - [s390x] /cpum_sf: Use kzalloc and minor changes - [powerpc*] eeh: Only dump stack once if an MMIO loop is detected - Bluetooth: btrtl: Use kvmalloc for FW allocations - [armel,armhf] ARM: 8948/1: Prevent OOB access in stacktrace - ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter - ceph: ensure we have a new cap before continuing in fill_inode - Bluetooth: Fix refcount use-after-free issue - mm/swapfile.c: swap_next should increase position index - mm: pagewalk: fix termination condition in walk_pte_range() - Bluetooth: prefetch channel before killing sock - KVM: fix overflow of zero page refcount with ksm running - ALSA: hda: Clear RIRB status before reading WP - skbuff: fix a data race in skb_queue_len() - audit: CONFIG_CHANGE don't log internal bookkeeping as an event - selinux: sel_avc_get_stat_idx should increase position index - scsi: lpfc: Fix RQ buffer leakage when no IOCBs available - scsi: lpfc: Fix coverity errors in fmdi attribute handling - [armhf] drm/omap: fix possible object reference leak - crypto: chelsio - This fixes the kernel panic which occurs during a libkcapi test - mt76: clear skb pointers from rx aggregation reorder buffer during cleanup - ALSA: usb-audio: Don't create a mixer element with bogus volume range - [s390x] perf test: Fix test trace+probe_vfs_getname.sh on s390 - RDMA/rxe: Fix configuration of atomic queue pair attributes - [x86] KVM: x86: fix incorrect comparison in trace event - [x86] pkeys: Add check for pkey "overflow" - bpf: Remove recursion prevention from rcu free callback - [arm64,armhf] dmaengine: tegra-apb: Prevent race conditions on channel's freeing - random: fix data races at timer_rand_state - [arm64] bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host removal - media: go7007: Fix URB type for interrupt handling - Bluetooth: guard against controllers sending zero'd events - timekeeping: Prevent 32bit truncation in scale64_check_overflow() - ext4: fix a data race at inode->i_disksize - mm: avoid data corruption on CoW fault into PFN-mapped VMA - drm/amdgpu: increase atombios cmd timeout - ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read - scsi: aacraid: Disabling TM path and only processing IOP reset - Bluetooth: L2CAP: handle l2cap config request during open state - media: tda10071: fix unsigned sign extension overflow - xfs: don't ever return a stale pointer from __xfs_dir3_free_read - xfs: mark dir corrupt when lookup-by-hash fails - ext4: mark block bitmap corrupted when found instead of BUGON - nfsd: Don't add locks to closed or closing open stateids - RDMA/cm: Remove a race freeing timewait_info - [powerpc*] KVM: PPC: Book3S HV: Treat TM-related invalid form instructions on P9 like the valid ones - [arm64] drm/msm: fix leaks if initialization fails - [arm64] drm/msm/a5xx: Always set an OPP supported hardware value - serial: 8250_port: Don't service RX FIFO if throttled - [powerpc*] cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_work_fn - nvme-multipath: do not reset on unknown status - nvme: Fix controller creation races with teardown flow - RDMA/rxe: Set sys_image_guid to be aligned with HW IB devices - scsi: hpsa: correct race condition in offload enabled - SUNRPC: Fix a potential buffer overflow in 'svc_print_xprts()' - svcrdma: Fix leak of transport addresses - PCI: Use ioremap(), not phys_to_virt() for platform ROM - ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len - ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra endpoint descriptor - PCI: pciehp: Fix MSI interrupt race - NFS: Fix races nfs_page_group_destroy() vs nfs_destroy_unlinked_subrequests() - mm/kmemleak.c: use address-of operator on section symbols - mm/filemap.c: clear page error before actual read - mm/vmscan.c: fix data races using kswapd_classzone_idx - nvmet-rdma: fix double free of rdma queue - mm/mmap.c: initialize align_offset explicitly for vm_unmapped_area - scsi: qedi: Fix termination timeouts in session logout - [arm64] serial: uartps: Wait for tx_empty in console setup - [x86] KVM: Remove CREATE_IRQCHIP/SET_PIT2 race - bdev: Reduce time holding bd_mutex in sync in blkdev_close() - [x86] drivers: char: tlclk.c: Avoid data race between init and interrupt handler - [arm64] KVM: vgic-its: Fix memory leak on the error path of vgic_add_lpi() - net: openvswitch: use u64 for meter bucket - scsi: aacraid: Fix error handling paths in aac_probe_one() - staging:r8188eu: avoid skb_clone for amsdu to msdu conversion - [arm64] cpufeature: Relax checks for AArch32 support at EL[0-2] - dt-bindings: sound: wm8994: Correct required supplies based on actual implementaion - atm: fix a memory leak of vcc->user_back - Bluetooth: Handle Inquiry Cancel error after Inquiry Complete - tipc: fix memory leak in service subscripting - [armhf] tty: serial: samsung: Correct clock selection logic - ALSA: hda: Fix potential race in unsol event handler - [powerpc*] traps: Make unrecoverable NMIs die instead of panic - fuse: don't check refcount after stealing page - [powerpc*] scsi: cxlflash: Fix error return code in cxlflash_probe() - [arm64] cpufeature: Drop TraceFilt feature exposure from ID_DFR0 register - e1000: Do not perform reset in reset_task if we are already down - drm/nouveau/debugfs: fix runtime pm imbalance on error - drm/nouveau: fix runtime pm imbalance on error - drm/nouveau/dispnv50: fix runtime pm imbalance on error - printk: handle blank console arguments passed in. - [arm64,armhf] usb: dwc3: Increase timeout for CmdAct cleared by device controller - btrfs: don't force read-only after error in drop snapshot - vfio/pci: fix memory leaks of eventfd ctx - perf trace: Fix the selection for architectures to generate the errno name tables - [arm64,armhf] wlcore: fix runtime pm imbalance in wl1271_tx_work - [arm64,armhf] wlcore: fix runtime pm imbalance in wlcore_regdomain_config - [arm64,armhf] PCI: tegra: Fix runtime PM imbalance on error - ceph: fix potential race in ceph_check_caps - mm/swap_state: fix a data race in swapin_nr_pages - [armel] mtd: parser: cmdline: Support MTD names containing one or more colons - [x86] speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline - vfio/pci: Clear error and request eventfd ctx after releasing - cifs: Fix double add page to memcg when cifs_readpages - nvme: fix possible deadlock when I/O is blocked - scsi: libfc: Handling of extra kref - scsi: libfc: Skip additional kref updating work event - vfio/pci: fix racy on error and request eventfd ctx - btrfs: qgroup: fix data leak caused by race between writeback and truncate - net: openvswitch: use div_u64() for 64-by-32 divisions - nvme: explicitly update mpath disk capacity on revalidation - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1 - [s390x] init: add missing __init annotations - lockdep: fix order in trace_hardirqs_off_caller() - [amd64] drm/amdkfd: fix a memory leak issue - i2c: core: Call i2c_acpi_install_space_handler() before i2c_acpi_register_devices() - mwifiex: Increase AES key storage size to 256 bits - batman-adv: bla: fix type misuse for backbone_gw hash indexing - atm: eni: fix the missed pci_disable_device() for eni_init_one() - batman-adv: mcast/TT: fix wrongly dropped or rerouted packets - mac802154: tx: fix use-after-free - bpf: Fix clobbering of r2 in bpf_gen_ld_abs - [arm*] drm/vc4/vc4_hdmi: fill ASoC card owner - net: qed: RDMA personality shouldn't fail VF load - batman-adv: Add missing include for in_interrupt() - batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh - batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh - bpf: Fix a rcu warning for bpffs map pretty-print - [x86] ALSA: asihpi: fix iounmap in error handler - regmap: fix page selection for noinc reads - [x86] KVM: Reset MMU context if guest toggles CR4.SMAP or CR4.PKE - [x86] KVM: SVM: Add a dedicated INVD intercept routine - tracing: fix double free - [s390x] dasd: Fix zero write for FBA devices - kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() - mm, THP, swap: fix allocating cluster for swapfile by mistake - [s390x] zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl - ata: define AC_ERR_OK - ata: make qc_prep return ata_completion_errors - ata: sata_mv, avoid trigerrable BUG_ON - [arm64] KVM: Assume write fault on S1PTW permission fault on instruction fetch https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.150 - mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS models - USB: gadget: f_ncm: Fix NDP16 datagram validation - vsock/virtio: use RCU to avoid use-after-free on the_virtio_vsock - vsock/virtio: stop workers during the .remove() - vsock/virtio: add transport parameter to the virtio_transport_reset_no_sock() - net: virtio_vsock: Enhance connection semantics - Input: i8042 - add nopnp quirk for Acer Aspire 5 A515 - ftrace: Move RCU is watching check after recursion check - drm/amdgpu: restore proper ref count in amdgpu_display_crtc_set_config - drivers/net/wan/hdlc_fr: Add needed_headroom for PVC devices - [armhf] drm/sun4i: mixer: Extend regmap max_register - net: dec: de2104x: Increase receive ring size for Tulip - rndis_host: increase sleep time in the query-response loop - nvme-core: get/put ctrl and transport module in nvme_dev_open/release() - [x86,ppc64el] drivers/net/wan/hdlc: Set skb->protocol before transmitting - mac80211: do not allow bigger VHT MPDUs than the hardware supports - nvme-fc: fail new connections to a deleted host or remote port - [armhf] pinctrl: mvebu: Fix i2c sda definition for 98DX3236 - nfs: Fix security label length not being reset - [armhf] clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED - Input: trackpoint - enable Synaptics trackpoints - random32: Restore __latent_entropy attribute on net_rand_state - mm: replace memmap_context by meminit_context - mm: don't rely on system state to detect hot-plug operations - epoll: do not insert into poll queues until all sanity checks are done - epoll: replace ->visited/visited_list with generation count - epoll: EPOLL_CTL_ADD: close the race in decision to take fast path - ep_create_wakeup_source(): dentry name can change under you... - netfilter: ctnetlink: add a range check for l3/l4 protonum (CVE-2020-25211) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.151 - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts - fbcon: Fix global-out-of-bounds read in fbcon_get_font() - net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key() - drm/nouveau/mem: guard against NULL pointer access in mem_del - usermodehelper: reset umask to default before executing user process - [x86] platform/x86: intel-vbtn: Fix SW_TABLET_MODE always reporting 1 on the HP Pavilion 11 x360 - [x86] platform/x86: thinkpad_acpi: initialize tp_nvram_state variable - [x86] platform/x86: intel-vbtn: Switch to an allow-list for SW_TABLET_MODE reporting - [x86] platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse - driver core: Fix probe_count imbalance in really_probe() - [x86] i2c: i801: Exclude device from suspend direct complete optimization - [armhf] mtd: rawnand: sunxi: Fix the probe error path - nvme-core: put ctrl ref when module ref get fail - macsec: avoid use-after-free in macsec_handle_frame() - mm/khugepaged: fix filemap page_to_pgoff(page) != offset - xfrmi: drop ignore_df check before updating pmtu - cifs: Fix incomplete memory allocation on setxattr path - [arm64,armhf] i2c: meson: fix clock setting overwrite - [arm64,armhf] i2c: meson: fixup rate calculation with filter delay - sctp: fix sctp_auth_init_hmacs() error path - team: set dev->needed_headroom in team_setup_by_port() - net: team: fix memory leak in __team_options_register - openvswitch: handle DNAT tuple collision - drm/amdgpu: prevent double kfree ttm->sg - xfrm: clone XFRMA_SET_MARK in xfrm_do_migrate - xfrm: clone XFRMA_REPLAY_ESN_VAL in xfrm_do_migrate - xfrm: clone XFRMA_SEC_CTX in xfrm_do_migrate - xfrm: clone whole liftime_cur structure in xfrm_do_migrate - [arm64,armhf] net: stmmac: removed enabling eee in EEE set callback - xfrm: Use correct address family in xfrm_state_find - bonding: set dev->needed_headroom in bond_setup_by_slave() - net: usb: ax88179_178a: fix missing stop entry in driver_info - net/mlx5e: Fix VLAN cleanup flow - net/mlx5e: Fix VLAN create flow - rxrpc: Fix rxkad token xdr encoding - rxrpc: Downgrade the BUG() for unsupported token type in rxrpc_read() - rxrpc: Fix some missing _bh annotations on locking conn->state_lock - rxrpc: Fix server keyring leak - perf: Fix task_function_call() error handling - mmc: core: don't set limits.discard_granularity as 0 - mm: khugepaged: recalculate min_free_kbytes after memory hotplug as expected by khugepaged - net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.152 - Bluetooth: A2MP: Fix not initializing all members (CVE-2020-12352) - Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel (CVE-2020-12351) - Bluetooth: MGMT: Fix not checking if BT_HS is enabled - Bluetooth: Consolidate encryption handling in hci_encrypt_cfm - Bluetooth: Fix update of connection state in `hci_encrypt_cfm` - Bluetooth: Disconnect if E0 is used for Level 4 - media: usbtv: Fix refcounting mixup - USB: serial: option: add Cellient MPL200 card - USB: serial: option: Add Telit FT980-KS composition - [x86] staging: comedi: check validity of wMaxPacketSize of usb endpoints found - USB: serial: pl2303: add device-id for HP GC device - USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters - reiserfs: Initialize inode keys properly - reiserfs: Fix oops during mount - [arm*] drivers/net/ethernet/marvell/mvmdio.c: Fix non OF case (Closes: #908712) - [x86] crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.148-rt64 * Bump ABI to 12 * Revert "perf cs-etm: Move definition of 'traceid_list' global variable from header file" linux-signed-arm64 (4.19.160+2) buster; urgency=medium . * Sign kernel from linux 4.19.160-2 . * net: Disable MLX5_ESWITCH on mips and mipsel (Fixes FTBFS) linux-signed-arm64 (4.19.160+1) buster; urgency=medium . * Sign kernel from linux 4.19.160-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.153 - [ppc64el] ibmveth: Switch order of ibmveth_helper calls. - [ppc64el] ibmveth: Identify ingress large send packets. - ipv4: Restore flowi4_oif update before call to xfrm_lookup_route - mlx4: handle non-napi callers to napi_poll - [armhf] net: fec: Fix phy_device lookup for phy_reset_after_clk_enable() - [armhf] net: fec: Fix PHY init after phy_reset_after_clk_enable() - net: fix pos incrementment in ipv6_route_seq_next - net/smc: fix valid DMBE buffer sizes - net: usb: qmi_wwan: add Cellient MPL200 card - tipc: fix the skb_unshare() in tipc_buf_append() - net/ipv4: always honour route mtu during forwarding - r8169: fix data corruption issue on RTL8402 - [arm*] binder: fix UAF when releasing todo list (CVE-2020-0423) - ALSA: bebob: potential info leak in hwdep_read() - net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device - [x86,ppc64el] net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling ether_setup - net/sched: act_tunnel_key: fix OOB write in case of IPv6 ERSPAN tunnels - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() - tcp: fix to update snd_wl1 in bulk receiver fast path - r8169: fix operation under forced interrupt threading - icmp: randomize the global rate limiter (CVE-2020-25705) - ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887 - cifs: remove bogus debug code - cifs: Return the error from crypt_message when enc/dec key not found. - [x86] KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages - [x86] KVM: SVM: Initialize prev_ga_tag before use - crypto: algif_aead - Do not set MAY_BACKLOG on the async path - [x86] EDAC/i5100: Fix error handling order in i5100_init_one() - [x86] fpu: Allow multiple bits in clearcpuid= parameter - [arm64] drivers/perf: xgene_pmu: Fix uninitialized resource struct - [x86] nmi: Fix nmi_handle() duration miscalculation - [amd64] x86/events/amd/iommu: Fix sizeof mismatch - crypto: algif_skcipher - EBUSY on aio should be an error - media: tuner-simple: fix regression in simple_set_radio_freq - media: uvcvideo: Set media controller entity functions - media: uvcvideo: Silence shift-out-of-bounds warning - [armhf] media: omap3isp: Fix memleak in isp_probe - [armhf] media: ti-vpe: Fix a missing check and reference count leak - regulator: resolve supply after creating regulator - ath10k: provide survey info as accumulated data - Bluetooth: hci_uart: Cancel init work before unregistering - ath6kl: prevent potential array overflow in ath6kl_add_new_sta() - ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() - ath10k: Fix the size used in a 'dma_free_coherent()' call in an error handling path - [arm64] wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 - [arm64] ASoC: qcom: lpass-platform: fix memory leak - [arm64] ASoC: qcom: lpass-cpu: fix concurrency issue - brcmfmac: check ndev pointer - mwifiex: Do not use GFP_KERNEL in atomic context - [x86] staging: rtl8192u: Do not use GFP_KERNEL in atomic context - [x86] drm/gma500: fix error check - scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()' - scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() - scsi: csiostor: Fix wrong return value in csio_hw_prep_fw() - [x86] VMCI: check return value of get_user_pages_fast() for errors - [ppc64el] tty: hvcs: Don't NULL tty->driver_data until hvcs_cleanup() - pty: do tty_flip_buffer_push without port->lock in pty_write - [x86] pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare() - [x86] pwm: lpss: Add range limit check for the base_unit register value - [x86] video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error - video: fbdev: sis: fix null ptr dereference - video: fbdev: radeon: Fix memleak in radeonfb_pci_register - HID: roccat: add bounds checking in kone_sysfs_write_settings() - [armhf] pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser - [armhf] pinctrl: mcp23s08: Fix mcp23x17 precious range - net/mlx5: Don't call timecounter cyc2time directly from 1PPS flow - [arm64,armhf] net: stmmac: use netif_tx_start|stop_all_queues() function - [arm64] cpufreq: armada-37xx: Add missing MODULE_DEVICE_TABLE - ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd() - [amd64] misc: mic: scif: Fix error handling path - [arm*] usb: dwc2: Fix parameter type in function pointer prototype - quota: clear padding in v2r1_mem2diskdqb() - HID: hid-input: fix stylus battery reporting - net: enic: Cure the enic api locking trainwreck - [mips*] mfd: sm501: Fix leaks in probe() - iwlwifi: mvm: split a print to avoid a WARNING in ROC - usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above. - usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well - nl80211: fix non-split wiphy information - [arm*] usb: dwc2: Fix INTR OUT transfers in DDMA mode. - scsi: target: tcmu: Fix warning: 'page' may be used uninitialized - scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs() - mwifiex: fix double free - ipvs: clear skb->tstamp in forwarding path - netfilter: nf_log: missing vlan offload tag and proto - mm/memcg: fix device private memcg accounting - mm, oom_adj: don't loop through tasks in __set_oom_adj when not necessary - IB/mlx4: Fix starvation in paravirt mux/demux - IB/mlx4: Adjust delayed work when a dup is observed - [powerpc*] pseries: Fix missing of_node_put() in rng_init() - [powerpc*] icp-hv: Fix missing of_node_put() in success path - RDMA/ucma: Fix locking for ctx->events_reported - RDMA/ucma: Add missing locking around rdma_leave_multicast() - [powerpc*] pseries: explicitly reschedule during drmem_lmb list traversal - mtd: mtdoops: Don't write panic data twice - [armel,armhf] ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values - xfs: limit entries returned when counting fsmap records - xfs: fix high key handling in the rt allocator's query_range function - RDMA/qedr: Fix use of uninitialized field - RDMA/qedr: Fix inline size returned for iWARP https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.154 - [powerpc*] 64s/radix: Fix mm_cpumask trimming race vs kthread_use_mm - RDMA/cma: Remove dead code for kernel rdmacm multicast - RDMA/cma: Consolidate the destruction of a cma_multicast in one place - [arm64] RDMA/hns: Set the unsupported wr opcode - [arm64] RDMA/hns: Fix missing sq_sig_type when querying QP - overflow: Include header file with SIZE_MAX declaration - [powerpc*] perf: Exclude pmc5/6 from the irrelevant PMU group constraints - [poerpc*] cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier - IB/rdmavt: Fix sizeof mismatch - f2fs: wait for sysfs kobject removal before freeing f2fs_sb_info - lib/crc32.c: fix trivial typo in preprocessor condition - rapidio: fix error handling path - rapidio: fix the missed put_device() for rio_mport_add_riodev - mailbox: avoid timer start from callback - [arm64,armhf] clk: rockchip: Initialize hw to error to avoid undefined behavior - [arm*] clk: bcm2835: add missing release if devm_clk_hw_register fails - watchdog: Fix memleak in watchdog_cdev_register - watchdog: Use put_device on error - svcrdma: fix bounce buffers for unaligned offsets and multiple pages - ext4: limit entries returned when counting fsmap records - vfio/pci: Clear token on bypass registration failure - [amd64,arm64] vfio iommu type1: Fix memory leak in vfio_iommu_type1_pin_pages - SUNRPC: fix copying of multiple pages in gss_read_proxy_verf() - [armhf] Input: omap4-keypad - fix handling of platform_get_irq() error - [armhf] Input: twl4030_keypad - fix handling of platform_get_irq() error - [armhf] Input: sun4i-ps2 - fix handling of platform_get_irq() error - [x86] KVM: emulating RDPID failure shall return #UD rather than #GP - netfilter: conntrack: connection timeout after re-register - netfilter: nf_fwd_netdev: clear timestamp in forwarding path - [armhf] dts: sun8i: r40: bananapi-m2-ultra: Fix dcdc1 regulator - [armhf] memory: omap-gpmc: Fix a couple off by ones - [powerpc*] powernv/dump: Fix race while processing OPAL dump - nvmet: fix uninitialized work for zero kato - [x86,arm64] i2c: core: Restore acpi_walk_dep_device_list() getting called after registering the ACPI i2c devs - block: ratelimit handle_bad_sector() message - [x86] crypto: ccp - fix error handling - media: firewire: fix memory leak - media: ati_remote: sanity check for both endpoints - media: media/pci: prevent memory leak in bttv_probe - media: uvcvideo: Ensure all probed info is returned to v4l2 - mmc: sdio: Check for CISTPL_VERS_1 buffer size - media: saa7134: avoid a shift overflow - fs: dlm: fix configfs memory leak - [arm64] media: venus: core: Fix runtime PM imbalance in venus_probe - ip_gre: set dev->hard_header_len and dev->needed_headroom properly - mac80211: handle lack of sband->bitrates in rates - PM: hibernate: remove the bogus call to get_gendisk() in software_resume() - scsi: mvumi: Fix error return in mvumi_io_attach() - scsi: target: core: Add CONTROL field for trace events - [amd64] mic: vop: copy data to kernel space then write to io memory - [amd64] misc: vop: add round_up(x,4) for vring_size to avoid kernel panic - usb: gadget: function: printer: fix use-after-free in __lock_acquire - udf: Limit sparing table size - udf: Avoid accessing uninitialized data on failed inode read - USB: cdc-acm: handle broken union descriptors - [arm64,armhf] usb: dwc3: simple: add support for Hikey 970 - [armhf] can: flexcan: flexcan_chip_stop(): add error handling and propagate error value - ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs() - misc: rtsx: Fix memory leak in rtsx_pci_probe - reiserfs: only call unlock_new_inode() if I_NEW - xfs: make sure the rt allocator doesn't run off the end - usb: ohci: Default to per-port over-current protection - Bluetooth: Only mark socket zapped after unlocking - [ppc64el] scsi: ibmvfc: Fix error return in ibmvfc_probe() - brcmsmac: fix memory leak in wlc_phy_attach_lcnphy - rtl8xxxu: prevent potential memory leak - Fix use after free in get_capset_info callback. - scsi: qedi: Protect active command list to avoid list corruption - scsi: qedi: Fix list_del corruption while removing active I/O - [x86] tty: ipwireless: fix error handling - ipvs: Fix uninit-value in do_ip_vs_set_ctl() - reiserfs: Fix memory leak in reiserfs_parse_options() - mwifiex: don't call del_timer_sync() on uninitialized timer - brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach - usb: core: Solve race condition in anchor cleanup functions - ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n() - usb: cdc-acm: add quirk to blacklist ETAS ES58X devices - USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync(). - eeprom: at25: set minimum read/write access stride to 1 - usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets. https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.155 - scripts/setlocalversion: make git describe output more reliable - [arm64] Run ARCH_WORKAROUND_1 enabling code on all CPUs - [arm64] link with -z norelro regardless of CONFIG_RELOCATABLE - [x86,arm64,armhf] efivarfs: Replace invalid slashes with exclamation marks in dentries. - gtp: fix an use-before-init in gtp_newlink() - netem: fix zero division in tabledist - tcp: Prevent low rmem stalls with SO_RCVLOWAT. - tipc: fix memory leak caused by tipc_buf_append() - r8169: fix issue with forced threading in combination with shared interrupts - cxgb4: set up filter action after rewrites - [x86] arch/x86/amd/ibs: Fix re-arming IBS Fetch - [x86] xen: disable Firmware First mode for correctable memory errors - fuse: fix page dereference after free - bpf: Fix comment for helper bpf_current_task_under_cgroup() - p54: avoid accessing the data mapped to streaming DMA - [powerpc*] cxl: Rework error message for incompatible slots - RDMA/addr: Fix race with netevent_callback()/rdma_addr_cancel() - mtd: lpddr: Fix bad logic in print_drs_error - [arm*] serial: pl011: Fix lockdep splat when handling magic-sysrq interrupt - fscrypt: return -EXDEV for incompatible rename or link into encrypted dir - fscrypt: clean up and improve dentry revalidation - fscrypt: fix race allowing rename() and link() of ciphertext dentries - fs, fscrypt: clear DCACHE_ENCRYPTED_NAME when unaliasing directory - fscrypt: only set dentry_operations on ciphertext dentries - fscrypt: fix race where ->lookup() marks plaintext dentry as ciphertext - Revert "block: ratelimit handle_bad_sector() message" - xen/events: don't use chip_data for legacy IRQs - xen/events: avoid removing an event channel while handling it (CVE-2020-27675) - xen/events: add a proper barrier to 2-level uevent unmasking (CVE-2020-27673) - xen/events: fix race in evtchn_fifo_unmask() (CVE-2020-27673) - xen/events: add a new "late EOI" evtchn framework (CVE-2020-27673) - xen/blkback: use lateeoi irq binding (CVE-2020-27673) - xen/netback: use lateeoi irq binding (CVE-2020-27673) - xen/scsiback: use lateeoi irq binding (CVE-2020-27673) - xen/pvcallsback: use lateeoi irq binding (CVE-2020-27673) - xen/pciback: use lateeoi irq binding (CVE-2020-27673) - xen/events: switch user event channels to lateeoi model (CVE-2020-27673) - xen/events: use a common cpu hotplug hook for event channels (CVE-2020-27673) - xen/events: defer eoi in case of excessive number of events (CVE-2020-27673) - xen/events: block rogue events for some time (CVE-2020-27673) - RDMA/qedr: Fix memory leak in iWARP CM - ata: sata_nv: Fix retrieving of active qcs - futex: Fix incorrect should_fail_futex() handling - [powerpc*] powernv/smp: Fix spurious DBG() warning - mm: fix exec activate_mm vs TLB shootdown and lazy tlb switching race - [powerpc*] select ARCH_WANT_IRQS_OFF_ACTIVATE_MM - f2fs: add trace exit in exception path - f2fs: fix uninit-value in f2fs_lookup - f2fs: fix to check segment boundary during SIT page readahead - [armel,armhf] 8997/2: hw_breakpoint: Handle inexact watchpoint addresses - power: supply: bq27xxx: report "not charging" on all types - xfs: fix realtime bitmap/summary file truncation when growing rt volume - ath10k: fix VHT NSS calculation when STBC is enabled - media: videodev2.h: RGB BT2020 and HSV are always full range - [x86] usb: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart - media: tw5864: check status of tw5864_frameinterval_get - mmc: via-sdmmc: Fix data race bug - [arm64] topology: Stop using MPIDR for topology information - media: uvcvideo: Fix dereference of out-of-bound list iterator - USB: adutux: fix debugging - uio: free uio id after uio file node is freed - usb: xhci: omit duplicate actions when suspending a runtime suspended host. - [arm64] mm: return cpu_all_mask when node is NUMA_NO_NODE - xfs: don't free rt blocks when we're doing a REMAP bunmapi call - ACPI: Add out of bounds and numa_off protections to pxm_to_node() - drivers/net/wan/hdlc_fr: Correctly handle special skb->protocol values - btrfs: fix replace of seed device - md/bitmap: md_bitmap_get_counter returns wrong blocks - bnxt_en: Log unknown link speed appropriately. - [arm64] rpmsg: glink: Use complete_all for open states - [armhf] clk: ti: clockdomain: fix static checker warning - net: 9p: initialize sun_server.sun_path to have addr's value only when addr is valid - ext4: Detect already used quota file early - gfs2: add validation checks for size of superblock - cifs: handle -EINTR in cifs_setattr - [armhf] memory: emif: Remove bogus debugfs error handling - nbd: make the config put is called before the notifying the waiter - sgl_alloc_order: fix memory leak - nvme-rdma: fix crash when connect rejected - md/raid5: fix oops during stripe resizing - [x86,arm64] mmc: sdhci-acpi: AMDI0040: Set SDHCI_QUIRK2_PRESET_VALUE_BROKEN - [x86] perf/x86/amd/ibs: Don't include randomized bits in get_ibs_op_count() - [x86] perf/x86/amd/ibs: Fix raw sample data accumulation - media: uvcvideo: Fix uvc_ctrl_fixup_xu_info() not having any effect - fs: Don't invalidate page buffers in block_write_full_page() - NFS: fix nfs_path in case of a rename retry - ACPI: button: fix handling lid state changes when input device closed - [x86] ACPI / extlog: Check for RDMSR failure (Closes: #971058) - [x86] ACPI: video: use ACPI backlight for HP 635 Notebook - [x86] acpi-cpufreq: Honor _PSD table setting on new AMD CPUs - scsi: mptfusion: Fix null pointer dereferences in mptscsih_remove() - scsi: qla2xxx: Fix crash on session cleanup with unload - btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode - btrfs: improve device scanning messages - btrfs: reschedule if necessary when logging directory items - btrfs: send, recompute reference path after orphanization of a directory - btrfs: use kvzalloc() to allocate clone_roots in btrfs_ioctl_send() - btrfs: cleanup cow block on error - btrfs: fix use-after-free on readahead extent after failure to create it - usb: xhci: Workaround for S3 issue on AMD SNPS 3.0 xHC - [arm64,armhf] usb: dwc3: ep0: Fix ZLP for OUT ep0 requests - [arm64,armhf] usb: dwc3: gadget: Check MPS of the request length - [arm64,armhf] usb: dwc3: core: add phy cleanup for probe error handling - [arm64,armhf] usb: dwc3: core: don't trigger runtime pm when remove driver - usb: cdc-acm: fix cooldown mechanism - [x86] usb: typec: tcpm: reset hard_reset_count for any disconnect - [x86] drm/i915: Force VT'd workarounds when running as a guest OS - vt: keyboard, simplify vt_kdgkbsent - vt: keyboard, extend func_buf_lock to readers (CVE-2020-25656) - HID: wacom: Avoid entering wacom_wac_pen_report for pad / battery - udf: Fix memory leak when mounting - [powerpc*] drmem: Make lmb_size 64 bit - [s390x] stp: add locking to sysfs functions - [powerpc*] rtas: Restrict RTAS requests from userspace (CVE-2020-27777) - [powerpc*] Warn about use of smt_snooze_delay - [powerpc*] powernv/elog: Fix race while processing OPAL error log event. - [powerpc*] Fix undetected data corruption with P9N DD2.1 VSX CI load emulation - NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag - NFSD: Add missing NFSv2 .pc_func methods - ubifs: dent: Fix some potential memory leaks while iterating entries - perf python scripting: Fix printable strings in python3 scripts - ubi: check kthread_should_stop() after the setting of task state - [armhf] i2c: imx: Fix external abort on interrupt in exit paths - drm/amdgpu: don't map BO in reserved region - ceph: promote to unsigned long long before shifting - libceph: clear con->out_msg on Policy::stateful_server faults - 9P: Cast to loff_t before multiplying - ring-buffer: Return 0 on success from ring_buffer_resize() - [amd64] vringh: fix __vringh_iov() when riov and wiov are different - ext4: fix leaking sysfs kobject after failed mount - ext4: fix error handling code in add_new_gdb - ext4: fix invalid inode checksum - drm/ttm: fix eviction valuable range check. - tty: make FONTX ioctl use the tty pointer they were actually passed (CVE-2020-25668) - cachefiles: Handle readpage error correctly - device property: Keep secondary firmware node secondary by type - device property: Don't clear secondary pointer for shared primary firmware node - [arm64] KVM: Fix AArch32 handling of DBGD{CCINT,SCRext} and DBGVCR - [x86] staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice - [mips*] staging: octeon: repair "fixed-link" support - [mips*] staging: octeon: Drop on uncorrectable alignment or FCS error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.156 - [x86] drm/i915: Break up error capture compression loops with cond_resched() - tipc: fix use-after-free in tipc_bcast_get_mode - ptrace: fix task_join_group_stop() for the case when current is traced - [arm64] cadence: force nonlinear buffers to be cloned - net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition - sctp: Fix COMM_LOST/CANT_STR_ASSOC err reporting on big-endian platforms - [arm64,armhf] sfp: Fix error handing in sfp_probe() - blktrace: fix debugfs use after free (CVE-2019-19770) - btrfs: extent_io: Kill the forward declaration of flush_write_bio - btrfs: extent_io: Move the BUG_ON() in flush_write_bio() one level up - Revert "btrfs: flush write bio if we loop in extent_write_cache_pages" - btrfs: flush write bio if we loop in extent_write_cache_pages - btrfs: extent_io: Handle errors better in extent_write_full_page() - btrfs: extent_io: Handle errors better in btree_write_cache_pages() - btrfs: extent_io: add proper error handling to lock_extent_buffer_for_io() - Btrfs: fix unwritten extent buffers and hangs on future writeback attempts - btrfs: Don't submit any btree write bio if the fs has errors (CVE-2019-19039, CVE-2019-19377) - btrfs: Move btrfs_check_chunk_valid() to tree-check.[ch] and export it - btrfs: tree-checker: Make chunk item checker messages more readable - btrfs: tree-checker: Make btrfs_check_chunk_valid() return EUCLEAN instead of EIO - btrfs: tree-checker: Check chunk item at tree block read time - btrfs: tree-checker: Verify dev item - btrfs: tree-checker: Fix wrong check on max devid - btrfs: tree-checker: Enhance chunk checker to validate chunk profile (CVE-2019-19816) - btrfs: tree-checker: Verify inode item - btrfs: tree-checker: fix the error message for transid error - Fonts: Replace discarded const qualifier - ALSA: usb-audio: Add implicit feedback quirk for Zoom UAC-2 - ALSA: usb-audio: add usb vendor id as DSD-capable for Khadas devices - ALSA: usb-audio: Add implicit feedback quirk for Qu-16 - ALSA: usb-audio: Add implicit feedback quirk for MODX - mm: mempolicy: fix potential pte_unmap_unlock pte error - kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled - mm: always have io_remap_pfn_range() set pgprot_decrypted() - gfs2: Wake up when sd_glock_disposal becomes zero - ring-buffer: Fix recursion protection transitions between interrupt context - ftrace: Fix recursion check for NMI test - ftrace: Handle tracing when switching between context - tracing: Fix out of bounds write in get_trace_buf - futex: Handle transient "ownerless" rtmutex state correctly - [amd64] x86/kexec: Use up-to-dated screen_info copy to fill boot params - of: Fix reserved-memory overlap detection - blk-cgroup: Fix memleak on error path - blk-cgroup: Pre-allocate tree node on blkg_conf_prep - scsi: core: Don't start concurrent async scan on same host - vsock: use ns_capable_noaudit() on socket create - [arm*] drm/vc4: drv: Add error handding for bind - [amd64,arm64] ACPI: NFIT: Fix comparison to '-ENXIO' - vt: Disable KD_FONT_OP_COPY (CVE-2020-28974) - fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent - USB: serial: cyberjack: fix write-URB completion race - USB: serial: option: add Quectel EC200T module support - USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 - USB: serial: option: add Telit FN980 composition 0x1055 - USB: Add NO_LPM quirk for Kingston flash drive - PM: runtime: Resume the device earlier in __device_release_driver() - perf/core: Fix a memory leak in perf_event_parse_addr_filter() (CVE-2020-25704) - tools: perf: Fix build error in v4.19.y - [arm64,armhf] net: dsa: read mac address from DT for slave device - [arm64] dts: marvell: espressobin: Add ethernet switch aliases https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.157 - [x86] powercap: restrict energy meter to root access (CVE-2020-8694) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.158 - regulator: defer probe when trying to get voltage from unresolved supply - time: Prevent undefined behaviour in timespec64_to_ns() - nbd: don't update block size after device is started - [arm64,armhf] usb: dwc3: gadget: Continue to process pending requests - [arm64,armhf] usb: dwc3: gadget: Reclaim extra TRBs after request completion - btrfs: sysfs: init devices outside of the chunk_mutex - btrfs: reschedule when cloning lots of extents - [x86] hv_balloon: disable warning when floor reached - net: xfrm: fix a race condition during allocing spi - xfs: set xefi_discard when creating a deferred agfl free log intent item - netfilter: ipset: Update byte and packet counters regardless of whether they match - perf tools: Add missing swap for ino_generation - [x86] ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() - can: rx-offload: don't call kfree_skb() from IRQ context - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() - can: peak_usb: add range checking in decode operations - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on - [armhf] can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A - xfs: flush new eof page on truncate to avoid post-eof corruption - [arm64,x86] tpm: efi: Don't create binary_bios_measurements file for an empty log - Btrfs: fix missing error return if writeback for extent buffer never started - ath9k_htc: Use appropriate rs_datalen type - netfilter: use actual socket sk rather than skb sk when routing harder - gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free - gfs2: Add missing truncate_inode_pages_final for sd_aspace - gfs2: check for live vs. read-only file system in gfs2_fitrim - scsi: hpsa: Fix memory leak in hpsa_init_one() - drm/amdgpu: perform srbm soft reset always on SDMA resume - mac80211: fix use of skb payload instead of header - cfg80211: regulatory: Fix inconsistent format argument - scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() - [s390x] smp: move rcu_cpu_starting() earlier - [x86] tpm_tis: Disable interrupts on ThinkPad T490s - tick/common: Touch watchdog in tick_unfreeze() on all CPUs - [x86] pinctrl: intel: Set default bias in case no particular value given - [armel,armhf] 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template - nbd: fix a block_device refcount leak in nbd_release - xfs: fix flags argument to rmap lookup when converting shared file rmaps - xfs: fix rmap key and record comparison functions - lan743x: fix "BUG: invalid wait context" when setting rx mode - xfs: fix a missing unlock on error in xfs_fs_map_blocks - of/address: Fix of_node memory leak in of_dma_is_coherent - [i386] cosa: Add missing kfree in error path of cosa_write - perf: Fix get_recursion_context() - ext4: correctly report "not supported" for {usr,grp}jquota when !CONFIG_QUOTA - ext4: unlock xattr_sem properly in ext4_inline_data_truncate() - btrfs: dev-replace: fail mount if we don't have replace item with target device - [x86] thunderbolt: Fix memory leak if ida_simple_get() fails in enumerate_services() - [x86] thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() - uio: Fix use-after-free in uio_unregister_device() - usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode - futex: Don't enable IRQs unconditionally in put_pi_state() - ocfs2: initialize ip_next_orphan - btrfs: fix potential overflow in cluster_pages_for_defrag on 32bit arch - selinux: Fix error return code in sel_ib_pkey_sid_slow() - gpio: pcie-idio-24: Fix irq mask when masking - gpio: pcie-idio-24: Fix IRQ Enable Register value - gpio: pcie-idio-24: Enable PEX8311 interrupts - don't dump the threads that had been already exiting when zapped. - [x86] drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[] - pinctrl: amd: use higher precision for 512 RtcClk - pinctrl: amd: fix incorrect way to disable debounce filter - swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb" - IPv6: Set SIT tunnel hard_header_len to zero - [s390x] net/af_iucv: fix null pointer dereference on shutdown - net: Update window_clamp if SOCK_RCVBUF is set - tipc: fix memory leak in tipc_topsrv_start() - vrf: Fix fast path output packet handling with async Netfilter rules - r8169: fix potential skb double free in an error path - random32: make prandom_u32() output unpredictable - [x86] speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP - perf/core: Fix race in the perf_mmap_close() function (CVE-2020-14351) - Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint" - reboot: fix overflow parsing reboot cpu number - net: sch_generic: fix the missing new qdisc assignment bug - Convert trailing spaces and periods in path components https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.159 - [powerpc*] 64s: move some exception handlers out of line - [powerpc*] 64s: flush L1D on kernel entry (CVE-2020-4788) - [powerpc*] Add a framework for user access tracking - [powerpc*] Implement user_access_begin and friends - [powerpc*] Fix __clear_user() with KUAP enabled - [powerpc*] uaccess: Evaluate macro arguments once, before user access is allowed - [powerpc*] 64s: flush L1D after user accesses (CVE-2020-4788) - Revert "perf cs-etm: Move definition of 'traceid_list' global variable from header file" - Input: sunkbd - avoid use-after-free in teardown paths (CVE-2020-25669) - mac80211: always wind down STA state - can: proc: can_remove_proc(): silence remove_proc_entry warning - [x86] KVM: x86: clflushopt should be treated as a no-op by emulation - [arm64] ACPI: GED: fix -Wformat https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.160 - ah6: fix error return code in ah6_input() - atm: nicstar: Unmap DMA on send error - bnxt_en: read EEPROM A2h address using page 0 - devlink: Add missing genlmsg_cancel() in devlink_nl_sb_port_pool_fill() - inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill() - lan743x: fix issue causing intermittent kernel log warnings - lan743x: prevent entire kernel HANG on open, for some platforms - net: b44: fix error return code in b44_init_one() - net: bridge: add missing counters to ndo_get_stats64 callback - [arm64,armhf] net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 - net: Have netpoll bring-up DSA management interface - net/mlx4_core: Fix init_hca fields offset - page_frag: Recover from memory pressure - qed: fix error return code in qed_iwarp_ll2_start() - qlcnic: fix error return code in qlcnic_83xx_restart_hw() - sctp: change to hold/put transport for proto_unreach_timer - tcp: only postpone PROBE_RTT if RTT is < current min_rtt estimate - [arm64,armhf] net/mlx5: Disable QoS when min_rates on all VFs are zero - net: usb: qmi_wwan: Set DTR quirk for MR400 - [arm64,armhf] pinctrl: rockchip: enable gpio pclk for rockchip_gpio_to_irq - scsi: ufs: Fix unbalanced scsi_block_reqs_cnt caused by ufshcd_hold() - [x86] ACPI: button: Add DMI quirk for Medion Akoya E2228T - [arm64] psci: Avoid printing in cpu_psci_cpu_die() - vfs: remove lockdep bogosity in __sb_start_write - [arm64] dts: allwinner: a64: Pine64 Plus: Fix ethernet node - [arm64] dts: allwinner: h5: OrangePi PC2: Fix ethernet node - [armhf] dts: sun8i: r40: bananapi-m2-ultra: Fix ethernet node - [armhf] Revert "arm: sun8i: orangepi-pc-plus: Set EMAC activity LEDs to active high" - [armhf] dts: sun8i: h3: orangepi-plus2e: Enable RGMII RX/TX delay on Ethernet PHY - [armhf] dts: sun8i: a83t: Enable both RGMII RX/TX delay on Ethernet PHY - [arm64] dts: allwinner: a64: bananapi-m64: Enable RGMII RX/TX delay on PHY - [mips*] export has_transparent_hugepage() for modules - [arm64] dts: allwinner: h5: OrangePi Prime: Fix ethernet node - perf lock: Don't free "lock_seq_stat" if read_count isn't zero - ip_tunnels: Set tunnel option flag when tunnel metadata is present - can: af_can: prevent potential access of uninitialized member in can_rcv() - can: af_can: prevent potential access of uninitialized member in canfd_rcv() - can: dev: can_restart(): post buffer from the right context - can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() - can: peak_usb: fix potential integer overflow on shift of a int - [arm64] ASoC: qcom: lpass-platform: Fix memory leak - [arm64,armhf] drm/sun4i: dw-hdmi: fix error return code in sun8i_dw_hdmi_bind() - can: kvaser_usb: kvaser_usb_hydra: Fix KCAN bittiming limits - [armhf] regulator: ti-abb: Fix array out of bound read access on the first transition - xfs: revert "xfs: fix rmap key and record comparison functions" - [amd64] efi/x86: Free efi_pgd with free_pages() - libfs: fix error cast of negative value in simple_attr_write() - speakup: Do not let the line discipline be used several times (CVE-2020-28941) - ALSA: firewire: Clean up a locking issue in copy_resp_to_buf() - ALSA: usb-audio: Add delay quirk for all Logitech USB devices - ALSA: ctl: fix error path at adding user-defined element set - ALSA: mixart: Fix mutex deadlock - ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220) - [armhf] tty: serial: imx: keep console clocks always on - [arm64,armhf,x86] efivarfs: fix memory leak in efivarfs_create() - [arm64,x86] staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids - ext4: fix bogus warning in ext4_update_dx_flag() - [x86] iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum - [x86] iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode - [armhf] regulator: pfuze100: limit pfuze-support-disable-sw to pfuze{100,200} - regulator: fix memory leak with repeated set_machine_constraints() - regulator: avoid resolve_supply() infinite recursion - regulator: workaround self-referent regulators - mac80211: minstrel: remove deferred sampling code - mac80211: minstrel: fix tx status processing corner case - mac80211: free sta in sta_info_insert_finish() on errors - [s390x] cpum_sf.c: fix file permission for cpum_sfb_size - [s390x] dasd: fix null pointer dereference for ERP requests - ptrace: Set PF_SUPERPRIV when checking capability - seccomp: Set PF_SUPERPRIV when checking capability - [x86] microcode/intel: Check patch signature before saving microcode for early loading - mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() . [ Salvatore Bonaccorso ] * net: Enable NET_SWITCHDEV; disable on armel/marvell (Closes: #949863) * Bump ABI to 13 * [rt] Update to 4.19.152-rt65 * [rt] Refresh "mm: Protect activate_mm() by preempt_[disable&enable]_rt()" * [rt] Refresh "kthread: convert worker lock to raw spinlock" * [rt] Refresh "signals: Allow rt tasks to cache one sigqueue struct" * [rt] Refresh "tpm_tis: fix stall after iowrite*()s" * [rt] Refresh "futex: Delay deallocation of pi_state" * [rt] Refresh "futex: Make the futex_hash_bucket spinlock_t again" * [rt] Update to 4.19.152-rt66 - mm/memcontrol: Disable preemption in __mod_memcg_lruvec_state() - ptrace: fix ptrace_unfreeze_traced() race with rt-lock * [rt] Update to 4.19.160-rt69 . [ Noah Meyerhans ] * Backport upstream fix for PCI bridge firmware configuration preservation (Closes: #968623) . [ John L. Villalovos ] * Backport support for USB Host Controllers with local memory to avoid crashes. In particular the Renesas USB 3.0 controller (PD720201/PD720202) which is used on the Ampere's Mt Jade platform which is part of their Altra product line: - lib/genalloc: add gen_pool_dma_zalloc() for zeroed DMA allocations - USB: use genalloc for USB HCs with local memory - USB: drop HCD_LOCAL_MEM flag - usb: don't create dma pools for HCDs with a localmem_pool - usb: add a hcd_uses_dma helper - usb: host: ohci-sm501: init genalloc for local memory - usb/hcd: Fix a NULL vs IS_ERR() bug in usb_hcd_setup_local_mem() * [arm64] config/arm64/config: Set NODES_SHIFT to 4 . [ Yves-Alexis Perez ] * usbnet: ipheth: fix connectivity with iOS 14 linux-signed-arm64 (4.19.152+1) buster-security; urgency=high . * Sign kernel from linux 4.19.152-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.147 - [arm64,armhf] dsa: Allow forwarding of redirected IGMP traffic - scsi: qla2xxx: Update rscn_rcvd field to more meaningful scan_needed - scsi: qla2xxx: Move rport registration out of internal work_list - scsi: qla2xxx: Reduce holding sess_lock to prevent CPU lock-up - net: handle the return value of pskb_carve_frag_list() correctly - [x86] hv_netvsc: Remove "unlikely" from netvsc_select_queue - NFSv4.1 handle ERR_DELAY error reclaiming locking state on delegation recall - scsi: pm8001: Fix memleak in pm8001_exec_internal_task_abort - scsi: libfc: Fix for double free() - scsi: lpfc: Fix FLOGI/PLOGI receive race condition in pt2pt discovery - [arm64] regulator: pwm: Fix machine constraints application - NFS: Zero-stateid SETATTR should first return delegation - SUNRPC: stop printk reading past end of string - nvme-fc: cancel async events before freeing event struct - nvme-rdma: cancel async events before freeing event struct - f2fs: fix indefinite loop scanning for free nid - f2fs: Return EOF on unaligned end of file DIO read - i2c: algo: pca: Reapply i2c bus settings after reset - spi: Fix memory leak on splited transfers - [arm64,armhf] clk: rockchip: Fix initialization of mux_pll_src_4plls_p - [arm64] ASoC: qcom: Set card->owner to avoid warnings - [x86] Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload - fbcon: Fix user font detection test at fbcon_resize(). - USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin notebook - USB: UAS: fix disconnect by unplugging a hub - usblp: fix race between disconnect() and read() - [x86] i2c: i801: Fix resume bug - Revert "ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO" - percpu: fix first chunk size calculation for populated bitmap - Input: trackpoint - add new trackpoint variant IDs - serial: 8250_pci: Add Realtek 816a and 816b - ehci-hcd: Move include to keep CRC stable - [powerpc*] dma: Fix dma_map_ops::get_required_mask https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.148 - af_key: pfkey_dump needs parameter validation - KVM: fix memory leak in kvm_io_bus_unregister_dev() - kprobes: fix kill kprobe which has been marked as gone - mm/thp: fix __split_huge_pmd_locked() for migration PMD - cxgb4: Fix offset when clearing filter byte counters - geneve: add transport ports in route lookup for geneve (CVE-2020-25645) - [x86,ppc64el] hdlc_ppp: add range checks in ppp_cp_parse_cr() (CVE-2020-25643) - ip: fix tos reflection in ack and reset packets - ipv6: avoid lockdep issue in fib6_del() - net: DCB: Validate DCB_ATTR_DCB_BUFFER argument - net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC - net: sch_generic: aviod concurrent reset and enqueue op for lockless qdisc - nfp: use correct define to return NONE fec - tipc: Fix memory leak in tipc_group_create_member() - tipc: fix shutdown() of connection oriented socket - tipc: use skb_unshare() instead in tipc_buf_append() - bnxt_en: return proper error codes in bnxt_show_temp - bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex. - net: phy: Avoid NPD upon phy_detach() when driver is unbound - net: add __must_check to skb_put_padto() - ipv4: Update exception handling for multipath routes via same device - kbuild: add OBJSIZE variable for the size tool - mm: memcg: fix memcg reclaim soft lockup - tcp_bbr: refactor bbr_target_cwnd() for general inflight provisioning - tcp_bbr: adapt cwnd based on ack aggregation estimation - serial: 8250: Avoid error message on reprobe https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.149 - selinux: allow labeling before policy is loaded - media: mc-device.c: fix memleak in media_device_register_entity - dma-fence: Serialise signal enabling (dma_fence_enable_sw_signaling) - ath10k: fix array out-of-bounds access - ath10k: fix memory leak for tpc_stats_final - mm: fix double page fault on arm64 if PTE_AF is cleared - scsi: aacraid: fix illegal IO beyond last LBA - [x86] gma/gma500: fix a memory disclosure bug due to uninitialized bytes - [armel,armhf] ASoC: kirkwood: fix IRQ error handling - [amd64] arch/x86/lib/usercopy_64.c: fix __copy_user_flushcache() cache writeback - [x86] ioapic: Unbreak check_timer() - ALSA: usb-audio: Add delay quirk for H570e USB headsets - ALSA: hda/realtek - Couldn't detect Mic if booting with headset plugged - ALSA: hda/realtek: Enable front panel headset LED on Lenovo ThinkStation P520 - lib/string.c: implement stpcpy - [armhf] PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out - [x86] scsi: fnic: fix use after free - scsi: lpfc: Fix kernel crash at lpfc_nvme_info_show during remote port bounce - net: silence data-races on sk_backlog.tail - [armhf] clk/ti/adpll: allocate room for terminating null - mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of cfi_amdstd_setup() - mfd: mfd-core: Protect against NULL call-back function pointer - [x86] tpm_crb: fix fTPM on AMD Zen+ CPUs - tracing: Adding NULL checks for trace_array descriptor pointer - bcache: fix a lost wake-up problem caused by mca_cannibalize_lock - RDMA/qedr: Fix potential use after free - RDMA/i40iw: Fix potential use after free - fix dget_parent() fastpath race - xfs: fix attr leaf header freemap.size underflow - RDMA/iw_cgxb4: Fix an error handling path in 'c4iw_connect()' - ubi: Fix producing anchor PEBs - mmc: core: Fix size overflow for mmc partitions - gfs2: clean up iopen glock mess in gfs2_create_inode - scsi: pm80xx: Cleanup command when a reset times out - CIFS: Properly process SMB3 lease breaks - ASoC: max98090: remove msleep in PLL unlocked workaround - kernel/sys.c: avoid copying possible padding bytes in copy_to_user - [arm64,armhf] KVM: vgic: Fix potential double free dist->spis in __kvm_vgic_destroy() - xfs: fix log reservation overflows when allocating large rt extents - neigh_stat_seq_next() should increase position index - rt_cpu_seq_next should increase position index - ipv6_route_seq_next should increase position index - seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier - sctp: move trace_sctp_probe_path into sctp_outq_sack - [arm64,x86] ACPI: EC: Reference count query handlers under lock - scsi: ufs: Make ufshcd_add_command_trace() easier to read - scsi: ufs: Fix a race condition in the tracing code - [s390x] /cpum_sf: Use kzalloc and minor changes - [powerpc*] eeh: Only dump stack once if an MMIO loop is detected - Bluetooth: btrtl: Use kvmalloc for FW allocations - [armel,armhf] ARM: 8948/1: Prevent OOB access in stacktrace - ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter - ceph: ensure we have a new cap before continuing in fill_inode - Bluetooth: Fix refcount use-after-free issue - mm/swapfile.c: swap_next should increase position index - mm: pagewalk: fix termination condition in walk_pte_range() - Bluetooth: prefetch channel before killing sock - KVM: fix overflow of zero page refcount with ksm running - ALSA: hda: Clear RIRB status before reading WP - skbuff: fix a data race in skb_queue_len() - audit: CONFIG_CHANGE don't log internal bookkeeping as an event - selinux: sel_avc_get_stat_idx should increase position index - scsi: lpfc: Fix RQ buffer leakage when no IOCBs available - scsi: lpfc: Fix coverity errors in fmdi attribute handling - [armhf] drm/omap: fix possible object reference leak - crypto: chelsio - This fixes the kernel panic which occurs during a libkcapi test - mt76: clear skb pointers from rx aggregation reorder buffer during cleanup - ALSA: usb-audio: Don't create a mixer element with bogus volume range - [s390x] perf test: Fix test trace+probe_vfs_getname.sh on s390 - RDMA/rxe: Fix configuration of atomic queue pair attributes - [x86] KVM: x86: fix incorrect comparison in trace event - [x86] pkeys: Add check for pkey "overflow" - bpf: Remove recursion prevention from rcu free callback - [arm64,armhf] dmaengine: tegra-apb: Prevent race conditions on channel's freeing - random: fix data races at timer_rand_state - [arm64] bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host removal - media: go7007: Fix URB type for interrupt handling - Bluetooth: guard against controllers sending zero'd events - timekeeping: Prevent 32bit truncation in scale64_check_overflow() - ext4: fix a data race at inode->i_disksize - mm: avoid data corruption on CoW fault into PFN-mapped VMA - drm/amdgpu: increase atombios cmd timeout - ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read - scsi: aacraid: Disabling TM path and only processing IOP reset - Bluetooth: L2CAP: handle l2cap config request during open state - media: tda10071: fix unsigned sign extension overflow - xfs: don't ever return a stale pointer from __xfs_dir3_free_read - xfs: mark dir corrupt when lookup-by-hash fails - ext4: mark block bitmap corrupted when found instead of BUGON - nfsd: Don't add locks to closed or closing open stateids - RDMA/cm: Remove a race freeing timewait_info - [powerpc*] KVM: PPC: Book3S HV: Treat TM-related invalid form instructions on P9 like the valid ones - [arm64] drm/msm: fix leaks if initialization fails - [arm64] drm/msm/a5xx: Always set an OPP supported hardware value - serial: 8250_port: Don't service RX FIFO if throttled - [powerpc*] cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_work_fn - nvme-multipath: do not reset on unknown status - nvme: Fix controller creation races with teardown flow - RDMA/rxe: Set sys_image_guid to be aligned with HW IB devices - scsi: hpsa: correct race condition in offload enabled - SUNRPC: Fix a potential buffer overflow in 'svc_print_xprts()' - svcrdma: Fix leak of transport addresses - PCI: Use ioremap(), not phys_to_virt() for platform ROM - ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len - ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra endpoint descriptor - PCI: pciehp: Fix MSI interrupt race - NFS: Fix races nfs_page_group_destroy() vs nfs_destroy_unlinked_subrequests() - mm/kmemleak.c: use address-of operator on section symbols - mm/filemap.c: clear page error before actual read - mm/vmscan.c: fix data races using kswapd_classzone_idx - nvmet-rdma: fix double free of rdma queue - mm/mmap.c: initialize align_offset explicitly for vm_unmapped_area - scsi: qedi: Fix termination timeouts in session logout - [arm64] serial: uartps: Wait for tx_empty in console setup - [x86] KVM: Remove CREATE_IRQCHIP/SET_PIT2 race - bdev: Reduce time holding bd_mutex in sync in blkdev_close() - [x86] drivers: char: tlclk.c: Avoid data race between init and interrupt handler - [arm64] KVM: vgic-its: Fix memory leak on the error path of vgic_add_lpi() - net: openvswitch: use u64 for meter bucket - scsi: aacraid: Fix error handling paths in aac_probe_one() - staging:r8188eu: avoid skb_clone for amsdu to msdu conversion - [arm64] cpufeature: Relax checks for AArch32 support at EL[0-2] - dt-bindings: sound: wm8994: Correct required supplies based on actual implementaion - atm: fix a memory leak of vcc->user_back - Bluetooth: Handle Inquiry Cancel error after Inquiry Complete - tipc: fix memory leak in service subscripting - [armhf] tty: serial: samsung: Correct clock selection logic - ALSA: hda: Fix potential race in unsol event handler - [powerpc*] traps: Make unrecoverable NMIs die instead of panic - fuse: don't check refcount after stealing page - [powerpc*] scsi: cxlflash: Fix error return code in cxlflash_probe() - [arm64] cpufeature: Drop TraceFilt feature exposure from ID_DFR0 register - e1000: Do not perform reset in reset_task if we are already down - drm/nouveau/debugfs: fix runtime pm imbalance on error - drm/nouveau: fix runtime pm imbalance on error - drm/nouveau/dispnv50: fix runtime pm imbalance on error - printk: handle blank console arguments passed in. - [arm64,armhf] usb: dwc3: Increase timeout for CmdAct cleared by device controller - btrfs: don't force read-only after error in drop snapshot - vfio/pci: fix memory leaks of eventfd ctx - perf trace: Fix the selection for architectures to generate the errno name tables - [arm64,armhf] wlcore: fix runtime pm imbalance in wl1271_tx_work - [arm64,armhf] wlcore: fix runtime pm imbalance in wlcore_regdomain_config - [arm64,armhf] PCI: tegra: Fix runtime PM imbalance on error - ceph: fix potential race in ceph_check_caps - mm/swap_state: fix a data race in swapin_nr_pages - [armel] mtd: parser: cmdline: Support MTD names containing one or more colons - [x86] speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline - vfio/pci: Clear error and request eventfd ctx after releasing - cifs: Fix double add page to memcg when cifs_readpages - nvme: fix possible deadlock when I/O is blocked - scsi: libfc: Handling of extra kref - scsi: libfc: Skip additional kref updating work event - vfio/pci: fix racy on error and request eventfd ctx - btrfs: qgroup: fix data leak caused by race between writeback and truncate - net: openvswitch: use div_u64() for 64-by-32 divisions - nvme: explicitly update mpath disk capacity on revalidation - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1 - [s390x] init: add missing __init annotations - lockdep: fix order in trace_hardirqs_off_caller() - [amd64] drm/amdkfd: fix a memory leak issue - i2c: core: Call i2c_acpi_install_space_handler() before i2c_acpi_register_devices() - mwifiex: Increase AES key storage size to 256 bits - batman-adv: bla: fix type misuse for backbone_gw hash indexing - atm: eni: fix the missed pci_disable_device() for eni_init_one() - batman-adv: mcast/TT: fix wrongly dropped or rerouted packets - mac802154: tx: fix use-after-free - bpf: Fix clobbering of r2 in bpf_gen_ld_abs - [arm*] drm/vc4/vc4_hdmi: fill ASoC card owner - net: qed: RDMA personality shouldn't fail VF load - batman-adv: Add missing include for in_interrupt() - batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh - batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh - bpf: Fix a rcu warning for bpffs map pretty-print - [x86] ALSA: asihpi: fix iounmap in error handler - regmap: fix page selection for noinc reads - [x86] KVM: Reset MMU context if guest toggles CR4.SMAP or CR4.PKE - [x86] KVM: SVM: Add a dedicated INVD intercept routine - tracing: fix double free - [s390x] dasd: Fix zero write for FBA devices - kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() - mm, THP, swap: fix allocating cluster for swapfile by mistake - [s390x] zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl - ata: define AC_ERR_OK - ata: make qc_prep return ata_completion_errors - ata: sata_mv, avoid trigerrable BUG_ON - [arm64] KVM: Assume write fault on S1PTW permission fault on instruction fetch https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.150 - mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS models - USB: gadget: f_ncm: Fix NDP16 datagram validation - vsock/virtio: use RCU to avoid use-after-free on the_virtio_vsock - vsock/virtio: stop workers during the .remove() - vsock/virtio: add transport parameter to the virtio_transport_reset_no_sock() - net: virtio_vsock: Enhance connection semantics - Input: i8042 - add nopnp quirk for Acer Aspire 5 A515 - ftrace: Move RCU is watching check after recursion check - drm/amdgpu: restore proper ref count in amdgpu_display_crtc_set_config - drivers/net/wan/hdlc_fr: Add needed_headroom for PVC devices - [armhf] drm/sun4i: mixer: Extend regmap max_register - net: dec: de2104x: Increase receive ring size for Tulip - rndis_host: increase sleep time in the query-response loop - nvme-core: get/put ctrl and transport module in nvme_dev_open/release() - [x86,ppc64el] drivers/net/wan/hdlc: Set skb->protocol before transmitting - mac80211: do not allow bigger VHT MPDUs than the hardware supports - nvme-fc: fail new connections to a deleted host or remote port - [armhf] pinctrl: mvebu: Fix i2c sda definition for 98DX3236 - nfs: Fix security label length not being reset - [armhf] clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED - Input: trackpoint - enable Synaptics trackpoints - random32: Restore __latent_entropy attribute on net_rand_state - mm: replace memmap_context by meminit_context - mm: don't rely on system state to detect hot-plug operations - epoll: do not insert into poll queues until all sanity checks are done - epoll: replace ->visited/visited_list with generation count - epoll: EPOLL_CTL_ADD: close the race in decision to take fast path - ep_create_wakeup_source(): dentry name can change under you... - netfilter: ctnetlink: add a range check for l3/l4 protonum (CVE-2020-25211) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.151 - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts - fbcon: Fix global-out-of-bounds read in fbcon_get_font() - net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key() - drm/nouveau/mem: guard against NULL pointer access in mem_del - usermodehelper: reset umask to default before executing user process - [x86] platform/x86: intel-vbtn: Fix SW_TABLET_MODE always reporting 1 on the HP Pavilion 11 x360 - [x86] platform/x86: thinkpad_acpi: initialize tp_nvram_state variable - [x86] platform/x86: intel-vbtn: Switch to an allow-list for SW_TABLET_MODE reporting - [x86] platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse - driver core: Fix probe_count imbalance in really_probe() - [x86] i2c: i801: Exclude device from suspend direct complete optimization - [armhf] mtd: rawnand: sunxi: Fix the probe error path - nvme-core: put ctrl ref when module ref get fail - macsec: avoid use-after-free in macsec_handle_frame() - mm/khugepaged: fix filemap page_to_pgoff(page) != offset - xfrmi: drop ignore_df check before updating pmtu - cifs: Fix incomplete memory allocation on setxattr path - [arm64,armhf] i2c: meson: fix clock setting overwrite - [arm64,armhf] i2c: meson: fixup rate calculation with filter delay - sctp: fix sctp_auth_init_hmacs() error path - team: set dev->needed_headroom in team_setup_by_port() - net: team: fix memory leak in __team_options_register - openvswitch: handle DNAT tuple collision - drm/amdgpu: prevent double kfree ttm->sg - xfrm: clone XFRMA_SET_MARK in xfrm_do_migrate - xfrm: clone XFRMA_REPLAY_ESN_VAL in xfrm_do_migrate - xfrm: clone XFRMA_SEC_CTX in xfrm_do_migrate - xfrm: clone whole liftime_cur structure in xfrm_do_migrate - [arm64,armhf] net: stmmac: removed enabling eee in EEE set callback - xfrm: Use correct address family in xfrm_state_find - bonding: set dev->needed_headroom in bond_setup_by_slave() - net: usb: ax88179_178a: fix missing stop entry in driver_info - net/mlx5e: Fix VLAN cleanup flow - net/mlx5e: Fix VLAN create flow - rxrpc: Fix rxkad token xdr encoding - rxrpc: Downgrade the BUG() for unsupported token type in rxrpc_read() - rxrpc: Fix some missing _bh annotations on locking conn->state_lock - rxrpc: Fix server keyring leak - perf: Fix task_function_call() error handling - mmc: core: don't set limits.discard_granularity as 0 - mm: khugepaged: recalculate min_free_kbytes after memory hotplug as expected by khugepaged - net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.152 - Bluetooth: A2MP: Fix not initializing all members (CVE-2020-12352) - Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel (CVE-2020-12351) - Bluetooth: MGMT: Fix not checking if BT_HS is enabled - Bluetooth: Consolidate encryption handling in hci_encrypt_cfm - Bluetooth: Fix update of connection state in `hci_encrypt_cfm` - Bluetooth: Disconnect if E0 is used for Level 4 - media: usbtv: Fix refcounting mixup - USB: serial: option: add Cellient MPL200 card - USB: serial: option: Add Telit FT980-KS composition - [x86] staging: comedi: check validity of wMaxPacketSize of usb endpoints found - USB: serial: pl2303: add device-id for HP GC device - USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters - reiserfs: Initialize inode keys properly - reiserfs: Fix oops during mount - [arm*] drivers/net/ethernet/marvell/mvmdio.c: Fix non OF case (Closes: #908712) - [x86] crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.148-rt64 * Bump ABI to 12 * Revert "perf cs-etm: Move definition of 'traceid_list' global variable from header file" linux-signed-i386 (4.19.160+2) buster; urgency=medium . * Sign kernel from linux 4.19.160-2 . * net: Disable MLX5_ESWITCH on mips and mipsel (Fixes FTBFS) linux-signed-i386 (4.19.160+1) buster; urgency=medium . * Sign kernel from linux 4.19.160-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.153 - [ppc64el] ibmveth: Switch order of ibmveth_helper calls. - [ppc64el] ibmveth: Identify ingress large send packets. - ipv4: Restore flowi4_oif update before call to xfrm_lookup_route - mlx4: handle non-napi callers to napi_poll - [armhf] net: fec: Fix phy_device lookup for phy_reset_after_clk_enable() - [armhf] net: fec: Fix PHY init after phy_reset_after_clk_enable() - net: fix pos incrementment in ipv6_route_seq_next - net/smc: fix valid DMBE buffer sizes - net: usb: qmi_wwan: add Cellient MPL200 card - tipc: fix the skb_unshare() in tipc_buf_append() - net/ipv4: always honour route mtu during forwarding - r8169: fix data corruption issue on RTL8402 - [arm*] binder: fix UAF when releasing todo list (CVE-2020-0423) - ALSA: bebob: potential info leak in hwdep_read() - net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device - [x86,ppc64el] net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling ether_setup - net/sched: act_tunnel_key: fix OOB write in case of IPv6 ERSPAN tunnels - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() - tcp: fix to update snd_wl1 in bulk receiver fast path - r8169: fix operation under forced interrupt threading - icmp: randomize the global rate limiter (CVE-2020-25705) - ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887 - cifs: remove bogus debug code - cifs: Return the error from crypt_message when enc/dec key not found. - [x86] KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages - [x86] KVM: SVM: Initialize prev_ga_tag before use - crypto: algif_aead - Do not set MAY_BACKLOG on the async path - [x86] EDAC/i5100: Fix error handling order in i5100_init_one() - [x86] fpu: Allow multiple bits in clearcpuid= parameter - [arm64] drivers/perf: xgene_pmu: Fix uninitialized resource struct - [x86] nmi: Fix nmi_handle() duration miscalculation - [amd64] x86/events/amd/iommu: Fix sizeof mismatch - crypto: algif_skcipher - EBUSY on aio should be an error - media: tuner-simple: fix regression in simple_set_radio_freq - media: uvcvideo: Set media controller entity functions - media: uvcvideo: Silence shift-out-of-bounds warning - [armhf] media: omap3isp: Fix memleak in isp_probe - [armhf] media: ti-vpe: Fix a missing check and reference count leak - regulator: resolve supply after creating regulator - ath10k: provide survey info as accumulated data - Bluetooth: hci_uart: Cancel init work before unregistering - ath6kl: prevent potential array overflow in ath6kl_add_new_sta() - ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() - ath10k: Fix the size used in a 'dma_free_coherent()' call in an error handling path - [arm64] wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 - [arm64] ASoC: qcom: lpass-platform: fix memory leak - [arm64] ASoC: qcom: lpass-cpu: fix concurrency issue - brcmfmac: check ndev pointer - mwifiex: Do not use GFP_KERNEL in atomic context - [x86] staging: rtl8192u: Do not use GFP_KERNEL in atomic context - [x86] drm/gma500: fix error check - scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()' - scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() - scsi: csiostor: Fix wrong return value in csio_hw_prep_fw() - [x86] VMCI: check return value of get_user_pages_fast() for errors - [ppc64el] tty: hvcs: Don't NULL tty->driver_data until hvcs_cleanup() - pty: do tty_flip_buffer_push without port->lock in pty_write - [x86] pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare() - [x86] pwm: lpss: Add range limit check for the base_unit register value - [x86] video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error - video: fbdev: sis: fix null ptr dereference - video: fbdev: radeon: Fix memleak in radeonfb_pci_register - HID: roccat: add bounds checking in kone_sysfs_write_settings() - [armhf] pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser - [armhf] pinctrl: mcp23s08: Fix mcp23x17 precious range - net/mlx5: Don't call timecounter cyc2time directly from 1PPS flow - [arm64,armhf] net: stmmac: use netif_tx_start|stop_all_queues() function - [arm64] cpufreq: armada-37xx: Add missing MODULE_DEVICE_TABLE - ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd() - [amd64] misc: mic: scif: Fix error handling path - [arm*] usb: dwc2: Fix parameter type in function pointer prototype - quota: clear padding in v2r1_mem2diskdqb() - HID: hid-input: fix stylus battery reporting - net: enic: Cure the enic api locking trainwreck - [mips*] mfd: sm501: Fix leaks in probe() - iwlwifi: mvm: split a print to avoid a WARNING in ROC - usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above. - usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well - nl80211: fix non-split wiphy information - [arm*] usb: dwc2: Fix INTR OUT transfers in DDMA mode. - scsi: target: tcmu: Fix warning: 'page' may be used uninitialized - scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs() - mwifiex: fix double free - ipvs: clear skb->tstamp in forwarding path - netfilter: nf_log: missing vlan offload tag and proto - mm/memcg: fix device private memcg accounting - mm, oom_adj: don't loop through tasks in __set_oom_adj when not necessary - IB/mlx4: Fix starvation in paravirt mux/demux - IB/mlx4: Adjust delayed work when a dup is observed - [powerpc*] pseries: Fix missing of_node_put() in rng_init() - [powerpc*] icp-hv: Fix missing of_node_put() in success path - RDMA/ucma: Fix locking for ctx->events_reported - RDMA/ucma: Add missing locking around rdma_leave_multicast() - [powerpc*] pseries: explicitly reschedule during drmem_lmb list traversal - mtd: mtdoops: Don't write panic data twice - [armel,armhf] ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values - xfs: limit entries returned when counting fsmap records - xfs: fix high key handling in the rt allocator's query_range function - RDMA/qedr: Fix use of uninitialized field - RDMA/qedr: Fix inline size returned for iWARP https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.154 - [powerpc*] 64s/radix: Fix mm_cpumask trimming race vs kthread_use_mm - RDMA/cma: Remove dead code for kernel rdmacm multicast - RDMA/cma: Consolidate the destruction of a cma_multicast in one place - [arm64] RDMA/hns: Set the unsupported wr opcode - [arm64] RDMA/hns: Fix missing sq_sig_type when querying QP - overflow: Include header file with SIZE_MAX declaration - [powerpc*] perf: Exclude pmc5/6 from the irrelevant PMU group constraints - [poerpc*] cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier - IB/rdmavt: Fix sizeof mismatch - f2fs: wait for sysfs kobject removal before freeing f2fs_sb_info - lib/crc32.c: fix trivial typo in preprocessor condition - rapidio: fix error handling path - rapidio: fix the missed put_device() for rio_mport_add_riodev - mailbox: avoid timer start from callback - [arm64,armhf] clk: rockchip: Initialize hw to error to avoid undefined behavior - [arm*] clk: bcm2835: add missing release if devm_clk_hw_register fails - watchdog: Fix memleak in watchdog_cdev_register - watchdog: Use put_device on error - svcrdma: fix bounce buffers for unaligned offsets and multiple pages - ext4: limit entries returned when counting fsmap records - vfio/pci: Clear token on bypass registration failure - [amd64,arm64] vfio iommu type1: Fix memory leak in vfio_iommu_type1_pin_pages - SUNRPC: fix copying of multiple pages in gss_read_proxy_verf() - [armhf] Input: omap4-keypad - fix handling of platform_get_irq() error - [armhf] Input: twl4030_keypad - fix handling of platform_get_irq() error - [armhf] Input: sun4i-ps2 - fix handling of platform_get_irq() error - [x86] KVM: emulating RDPID failure shall return #UD rather than #GP - netfilter: conntrack: connection timeout after re-register - netfilter: nf_fwd_netdev: clear timestamp in forwarding path - [armhf] dts: sun8i: r40: bananapi-m2-ultra: Fix dcdc1 regulator - [armhf] memory: omap-gpmc: Fix a couple off by ones - [powerpc*] powernv/dump: Fix race while processing OPAL dump - nvmet: fix uninitialized work for zero kato - [x86,arm64] i2c: core: Restore acpi_walk_dep_device_list() getting called after registering the ACPI i2c devs - block: ratelimit handle_bad_sector() message - [x86] crypto: ccp - fix error handling - media: firewire: fix memory leak - media: ati_remote: sanity check for both endpoints - media: media/pci: prevent memory leak in bttv_probe - media: uvcvideo: Ensure all probed info is returned to v4l2 - mmc: sdio: Check for CISTPL_VERS_1 buffer size - media: saa7134: avoid a shift overflow - fs: dlm: fix configfs memory leak - [arm64] media: venus: core: Fix runtime PM imbalance in venus_probe - ip_gre: set dev->hard_header_len and dev->needed_headroom properly - mac80211: handle lack of sband->bitrates in rates - PM: hibernate: remove the bogus call to get_gendisk() in software_resume() - scsi: mvumi: Fix error return in mvumi_io_attach() - scsi: target: core: Add CONTROL field for trace events - [amd64] mic: vop: copy data to kernel space then write to io memory - [amd64] misc: vop: add round_up(x,4) for vring_size to avoid kernel panic - usb: gadget: function: printer: fix use-after-free in __lock_acquire - udf: Limit sparing table size - udf: Avoid accessing uninitialized data on failed inode read - USB: cdc-acm: handle broken union descriptors - [arm64,armhf] usb: dwc3: simple: add support for Hikey 970 - [armhf] can: flexcan: flexcan_chip_stop(): add error handling and propagate error value - ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs() - misc: rtsx: Fix memory leak in rtsx_pci_probe - reiserfs: only call unlock_new_inode() if I_NEW - xfs: make sure the rt allocator doesn't run off the end - usb: ohci: Default to per-port over-current protection - Bluetooth: Only mark socket zapped after unlocking - [ppc64el] scsi: ibmvfc: Fix error return in ibmvfc_probe() - brcmsmac: fix memory leak in wlc_phy_attach_lcnphy - rtl8xxxu: prevent potential memory leak - Fix use after free in get_capset_info callback. - scsi: qedi: Protect active command list to avoid list corruption - scsi: qedi: Fix list_del corruption while removing active I/O - [x86] tty: ipwireless: fix error handling - ipvs: Fix uninit-value in do_ip_vs_set_ctl() - reiserfs: Fix memory leak in reiserfs_parse_options() - mwifiex: don't call del_timer_sync() on uninitialized timer - brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach - usb: core: Solve race condition in anchor cleanup functions - ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n() - usb: cdc-acm: add quirk to blacklist ETAS ES58X devices - USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync(). - eeprom: at25: set minimum read/write access stride to 1 - usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets. https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.155 - scripts/setlocalversion: make git describe output more reliable - [arm64] Run ARCH_WORKAROUND_1 enabling code on all CPUs - [arm64] link with -z norelro regardless of CONFIG_RELOCATABLE - [x86,arm64,armhf] efivarfs: Replace invalid slashes with exclamation marks in dentries. - gtp: fix an use-before-init in gtp_newlink() - netem: fix zero division in tabledist - tcp: Prevent low rmem stalls with SO_RCVLOWAT. - tipc: fix memory leak caused by tipc_buf_append() - r8169: fix issue with forced threading in combination with shared interrupts - cxgb4: set up filter action after rewrites - [x86] arch/x86/amd/ibs: Fix re-arming IBS Fetch - [x86] xen: disable Firmware First mode for correctable memory errors - fuse: fix page dereference after free - bpf: Fix comment for helper bpf_current_task_under_cgroup() - p54: avoid accessing the data mapped to streaming DMA - [powerpc*] cxl: Rework error message for incompatible slots - RDMA/addr: Fix race with netevent_callback()/rdma_addr_cancel() - mtd: lpddr: Fix bad logic in print_drs_error - [arm*] serial: pl011: Fix lockdep splat when handling magic-sysrq interrupt - fscrypt: return -EXDEV for incompatible rename or link into encrypted dir - fscrypt: clean up and improve dentry revalidation - fscrypt: fix race allowing rename() and link() of ciphertext dentries - fs, fscrypt: clear DCACHE_ENCRYPTED_NAME when unaliasing directory - fscrypt: only set dentry_operations on ciphertext dentries - fscrypt: fix race where ->lookup() marks plaintext dentry as ciphertext - Revert "block: ratelimit handle_bad_sector() message" - xen/events: don't use chip_data for legacy IRQs - xen/events: avoid removing an event channel while handling it (CVE-2020-27675) - xen/events: add a proper barrier to 2-level uevent unmasking (CVE-2020-27673) - xen/events: fix race in evtchn_fifo_unmask() (CVE-2020-27673) - xen/events: add a new "late EOI" evtchn framework (CVE-2020-27673) - xen/blkback: use lateeoi irq binding (CVE-2020-27673) - xen/netback: use lateeoi irq binding (CVE-2020-27673) - xen/scsiback: use lateeoi irq binding (CVE-2020-27673) - xen/pvcallsback: use lateeoi irq binding (CVE-2020-27673) - xen/pciback: use lateeoi irq binding (CVE-2020-27673) - xen/events: switch user event channels to lateeoi model (CVE-2020-27673) - xen/events: use a common cpu hotplug hook for event channels (CVE-2020-27673) - xen/events: defer eoi in case of excessive number of events (CVE-2020-27673) - xen/events: block rogue events for some time (CVE-2020-27673) - RDMA/qedr: Fix memory leak in iWARP CM - ata: sata_nv: Fix retrieving of active qcs - futex: Fix incorrect should_fail_futex() handling - [powerpc*] powernv/smp: Fix spurious DBG() warning - mm: fix exec activate_mm vs TLB shootdown and lazy tlb switching race - [powerpc*] select ARCH_WANT_IRQS_OFF_ACTIVATE_MM - f2fs: add trace exit in exception path - f2fs: fix uninit-value in f2fs_lookup - f2fs: fix to check segment boundary during SIT page readahead - [armel,armhf] 8997/2: hw_breakpoint: Handle inexact watchpoint addresses - power: supply: bq27xxx: report "not charging" on all types - xfs: fix realtime bitmap/summary file truncation when growing rt volume - ath10k: fix VHT NSS calculation when STBC is enabled - media: videodev2.h: RGB BT2020 and HSV are always full range - [x86] usb: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart - media: tw5864: check status of tw5864_frameinterval_get - mmc: via-sdmmc: Fix data race bug - [arm64] topology: Stop using MPIDR for topology information - media: uvcvideo: Fix dereference of out-of-bound list iterator - USB: adutux: fix debugging - uio: free uio id after uio file node is freed - usb: xhci: omit duplicate actions when suspending a runtime suspended host. - [arm64] mm: return cpu_all_mask when node is NUMA_NO_NODE - xfs: don't free rt blocks when we're doing a REMAP bunmapi call - ACPI: Add out of bounds and numa_off protections to pxm_to_node() - drivers/net/wan/hdlc_fr: Correctly handle special skb->protocol values - btrfs: fix replace of seed device - md/bitmap: md_bitmap_get_counter returns wrong blocks - bnxt_en: Log unknown link speed appropriately. - [arm64] rpmsg: glink: Use complete_all for open states - [armhf] clk: ti: clockdomain: fix static checker warning - net: 9p: initialize sun_server.sun_path to have addr's value only when addr is valid - ext4: Detect already used quota file early - gfs2: add validation checks for size of superblock - cifs: handle -EINTR in cifs_setattr - [armhf] memory: emif: Remove bogus debugfs error handling - nbd: make the config put is called before the notifying the waiter - sgl_alloc_order: fix memory leak - nvme-rdma: fix crash when connect rejected - md/raid5: fix oops during stripe resizing - [x86,arm64] mmc: sdhci-acpi: AMDI0040: Set SDHCI_QUIRK2_PRESET_VALUE_BROKEN - [x86] perf/x86/amd/ibs: Don't include randomized bits in get_ibs_op_count() - [x86] perf/x86/amd/ibs: Fix raw sample data accumulation - media: uvcvideo: Fix uvc_ctrl_fixup_xu_info() not having any effect - fs: Don't invalidate page buffers in block_write_full_page() - NFS: fix nfs_path in case of a rename retry - ACPI: button: fix handling lid state changes when input device closed - [x86] ACPI / extlog: Check for RDMSR failure (Closes: #971058) - [x86] ACPI: video: use ACPI backlight for HP 635 Notebook - [x86] acpi-cpufreq: Honor _PSD table setting on new AMD CPUs - scsi: mptfusion: Fix null pointer dereferences in mptscsih_remove() - scsi: qla2xxx: Fix crash on session cleanup with unload - btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode - btrfs: improve device scanning messages - btrfs: reschedule if necessary when logging directory items - btrfs: send, recompute reference path after orphanization of a directory - btrfs: use kvzalloc() to allocate clone_roots in btrfs_ioctl_send() - btrfs: cleanup cow block on error - btrfs: fix use-after-free on readahead extent after failure to create it - usb: xhci: Workaround for S3 issue on AMD SNPS 3.0 xHC - [arm64,armhf] usb: dwc3: ep0: Fix ZLP for OUT ep0 requests - [arm64,armhf] usb: dwc3: gadget: Check MPS of the request length - [arm64,armhf] usb: dwc3: core: add phy cleanup for probe error handling - [arm64,armhf] usb: dwc3: core: don't trigger runtime pm when remove driver - usb: cdc-acm: fix cooldown mechanism - [x86] usb: typec: tcpm: reset hard_reset_count for any disconnect - [x86] drm/i915: Force VT'd workarounds when running as a guest OS - vt: keyboard, simplify vt_kdgkbsent - vt: keyboard, extend func_buf_lock to readers (CVE-2020-25656) - HID: wacom: Avoid entering wacom_wac_pen_report for pad / battery - udf: Fix memory leak when mounting - [powerpc*] drmem: Make lmb_size 64 bit - [s390x] stp: add locking to sysfs functions - [powerpc*] rtas: Restrict RTAS requests from userspace (CVE-2020-27777) - [powerpc*] Warn about use of smt_snooze_delay - [powerpc*] powernv/elog: Fix race while processing OPAL error log event. - [powerpc*] Fix undetected data corruption with P9N DD2.1 VSX CI load emulation - NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag - NFSD: Add missing NFSv2 .pc_func methods - ubifs: dent: Fix some potential memory leaks while iterating entries - perf python scripting: Fix printable strings in python3 scripts - ubi: check kthread_should_stop() after the setting of task state - [armhf] i2c: imx: Fix external abort on interrupt in exit paths - drm/amdgpu: don't map BO in reserved region - ceph: promote to unsigned long long before shifting - libceph: clear con->out_msg on Policy::stateful_server faults - 9P: Cast to loff_t before multiplying - ring-buffer: Return 0 on success from ring_buffer_resize() - [amd64] vringh: fix __vringh_iov() when riov and wiov are different - ext4: fix leaking sysfs kobject after failed mount - ext4: fix error handling code in add_new_gdb - ext4: fix invalid inode checksum - drm/ttm: fix eviction valuable range check. - tty: make FONTX ioctl use the tty pointer they were actually passed (CVE-2020-25668) - cachefiles: Handle readpage error correctly - device property: Keep secondary firmware node secondary by type - device property: Don't clear secondary pointer for shared primary firmware node - [arm64] KVM: Fix AArch32 handling of DBGD{CCINT,SCRext} and DBGVCR - [x86] staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice - [mips*] staging: octeon: repair "fixed-link" support - [mips*] staging: octeon: Drop on uncorrectable alignment or FCS error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.156 - [x86] drm/i915: Break up error capture compression loops with cond_resched() - tipc: fix use-after-free in tipc_bcast_get_mode - ptrace: fix task_join_group_stop() for the case when current is traced - [arm64] cadence: force nonlinear buffers to be cloned - net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition - sctp: Fix COMM_LOST/CANT_STR_ASSOC err reporting on big-endian platforms - [arm64,armhf] sfp: Fix error handing in sfp_probe() - blktrace: fix debugfs use after free (CVE-2019-19770) - btrfs: extent_io: Kill the forward declaration of flush_write_bio - btrfs: extent_io: Move the BUG_ON() in flush_write_bio() one level up - Revert "btrfs: flush write bio if we loop in extent_write_cache_pages" - btrfs: flush write bio if we loop in extent_write_cache_pages - btrfs: extent_io: Handle errors better in extent_write_full_page() - btrfs: extent_io: Handle errors better in btree_write_cache_pages() - btrfs: extent_io: add proper error handling to lock_extent_buffer_for_io() - Btrfs: fix unwritten extent buffers and hangs on future writeback attempts - btrfs: Don't submit any btree write bio if the fs has errors (CVE-2019-19039, CVE-2019-19377) - btrfs: Move btrfs_check_chunk_valid() to tree-check.[ch] and export it - btrfs: tree-checker: Make chunk item checker messages more readable - btrfs: tree-checker: Make btrfs_check_chunk_valid() return EUCLEAN instead of EIO - btrfs: tree-checker: Check chunk item at tree block read time - btrfs: tree-checker: Verify dev item - btrfs: tree-checker: Fix wrong check on max devid - btrfs: tree-checker: Enhance chunk checker to validate chunk profile (CVE-2019-19816) - btrfs: tree-checker: Verify inode item - btrfs: tree-checker: fix the error message for transid error - Fonts: Replace discarded const qualifier - ALSA: usb-audio: Add implicit feedback quirk for Zoom UAC-2 - ALSA: usb-audio: add usb vendor id as DSD-capable for Khadas devices - ALSA: usb-audio: Add implicit feedback quirk for Qu-16 - ALSA: usb-audio: Add implicit feedback quirk for MODX - mm: mempolicy: fix potential pte_unmap_unlock pte error - kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled - mm: always have io_remap_pfn_range() set pgprot_decrypted() - gfs2: Wake up when sd_glock_disposal becomes zero - ring-buffer: Fix recursion protection transitions between interrupt context - ftrace: Fix recursion check for NMI test - ftrace: Handle tracing when switching between context - tracing: Fix out of bounds write in get_trace_buf - futex: Handle transient "ownerless" rtmutex state correctly - [amd64] x86/kexec: Use up-to-dated screen_info copy to fill boot params - of: Fix reserved-memory overlap detection - blk-cgroup: Fix memleak on error path - blk-cgroup: Pre-allocate tree node on blkg_conf_prep - scsi: core: Don't start concurrent async scan on same host - vsock: use ns_capable_noaudit() on socket create - [arm*] drm/vc4: drv: Add error handding for bind - [amd64,arm64] ACPI: NFIT: Fix comparison to '-ENXIO' - vt: Disable KD_FONT_OP_COPY (CVE-2020-28974) - fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent - USB: serial: cyberjack: fix write-URB completion race - USB: serial: option: add Quectel EC200T module support - USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 - USB: serial: option: add Telit FN980 composition 0x1055 - USB: Add NO_LPM quirk for Kingston flash drive - PM: runtime: Resume the device earlier in __device_release_driver() - perf/core: Fix a memory leak in perf_event_parse_addr_filter() (CVE-2020-25704) - tools: perf: Fix build error in v4.19.y - [arm64,armhf] net: dsa: read mac address from DT for slave device - [arm64] dts: marvell: espressobin: Add ethernet switch aliases https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.157 - [x86] powercap: restrict energy meter to root access (CVE-2020-8694) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.158 - regulator: defer probe when trying to get voltage from unresolved supply - time: Prevent undefined behaviour in timespec64_to_ns() - nbd: don't update block size after device is started - [arm64,armhf] usb: dwc3: gadget: Continue to process pending requests - [arm64,armhf] usb: dwc3: gadget: Reclaim extra TRBs after request completion - btrfs: sysfs: init devices outside of the chunk_mutex - btrfs: reschedule when cloning lots of extents - [x86] hv_balloon: disable warning when floor reached - net: xfrm: fix a race condition during allocing spi - xfs: set xefi_discard when creating a deferred agfl free log intent item - netfilter: ipset: Update byte and packet counters regardless of whether they match - perf tools: Add missing swap for ino_generation - [x86] ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() - can: rx-offload: don't call kfree_skb() from IRQ context - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() - can: peak_usb: add range checking in decode operations - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on - [armhf] can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A - xfs: flush new eof page on truncate to avoid post-eof corruption - [arm64,x86] tpm: efi: Don't create binary_bios_measurements file for an empty log - Btrfs: fix missing error return if writeback for extent buffer never started - ath9k_htc: Use appropriate rs_datalen type - netfilter: use actual socket sk rather than skb sk when routing harder - gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free - gfs2: Add missing truncate_inode_pages_final for sd_aspace - gfs2: check for live vs. read-only file system in gfs2_fitrim - scsi: hpsa: Fix memory leak in hpsa_init_one() - drm/amdgpu: perform srbm soft reset always on SDMA resume - mac80211: fix use of skb payload instead of header - cfg80211: regulatory: Fix inconsistent format argument - scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() - [s390x] smp: move rcu_cpu_starting() earlier - [x86] tpm_tis: Disable interrupts on ThinkPad T490s - tick/common: Touch watchdog in tick_unfreeze() on all CPUs - [x86] pinctrl: intel: Set default bias in case no particular value given - [armel,armhf] 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template - nbd: fix a block_device refcount leak in nbd_release - xfs: fix flags argument to rmap lookup when converting shared file rmaps - xfs: fix rmap key and record comparison functions - lan743x: fix "BUG: invalid wait context" when setting rx mode - xfs: fix a missing unlock on error in xfs_fs_map_blocks - of/address: Fix of_node memory leak in of_dma_is_coherent - [i386] cosa: Add missing kfree in error path of cosa_write - perf: Fix get_recursion_context() - ext4: correctly report "not supported" for {usr,grp}jquota when !CONFIG_QUOTA - ext4: unlock xattr_sem properly in ext4_inline_data_truncate() - btrfs: dev-replace: fail mount if we don't have replace item with target device - [x86] thunderbolt: Fix memory leak if ida_simple_get() fails in enumerate_services() - [x86] thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() - uio: Fix use-after-free in uio_unregister_device() - usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode - futex: Don't enable IRQs unconditionally in put_pi_state() - ocfs2: initialize ip_next_orphan - btrfs: fix potential overflow in cluster_pages_for_defrag on 32bit arch - selinux: Fix error return code in sel_ib_pkey_sid_slow() - gpio: pcie-idio-24: Fix irq mask when masking - gpio: pcie-idio-24: Fix IRQ Enable Register value - gpio: pcie-idio-24: Enable PEX8311 interrupts - don't dump the threads that had been already exiting when zapped. - [x86] drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[] - pinctrl: amd: use higher precision for 512 RtcClk - pinctrl: amd: fix incorrect way to disable debounce filter - swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb" - IPv6: Set SIT tunnel hard_header_len to zero - [s390x] net/af_iucv: fix null pointer dereference on shutdown - net: Update window_clamp if SOCK_RCVBUF is set - tipc: fix memory leak in tipc_topsrv_start() - vrf: Fix fast path output packet handling with async Netfilter rules - r8169: fix potential skb double free in an error path - random32: make prandom_u32() output unpredictable - [x86] speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP - perf/core: Fix race in the perf_mmap_close() function (CVE-2020-14351) - Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint" - reboot: fix overflow parsing reboot cpu number - net: sch_generic: fix the missing new qdisc assignment bug - Convert trailing spaces and periods in path components https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.159 - [powerpc*] 64s: move some exception handlers out of line - [powerpc*] 64s: flush L1D on kernel entry (CVE-2020-4788) - [powerpc*] Add a framework for user access tracking - [powerpc*] Implement user_access_begin and friends - [powerpc*] Fix __clear_user() with KUAP enabled - [powerpc*] uaccess: Evaluate macro arguments once, before user access is allowed - [powerpc*] 64s: flush L1D after user accesses (CVE-2020-4788) - Revert "perf cs-etm: Move definition of 'traceid_list' global variable from header file" - Input: sunkbd - avoid use-after-free in teardown paths (CVE-2020-25669) - mac80211: always wind down STA state - can: proc: can_remove_proc(): silence remove_proc_entry warning - [x86] KVM: x86: clflushopt should be treated as a no-op by emulation - [arm64] ACPI: GED: fix -Wformat https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.160 - ah6: fix error return code in ah6_input() - atm: nicstar: Unmap DMA on send error - bnxt_en: read EEPROM A2h address using page 0 - devlink: Add missing genlmsg_cancel() in devlink_nl_sb_port_pool_fill() - inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill() - lan743x: fix issue causing intermittent kernel log warnings - lan743x: prevent entire kernel HANG on open, for some platforms - net: b44: fix error return code in b44_init_one() - net: bridge: add missing counters to ndo_get_stats64 callback - [arm64,armhf] net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 - net: Have netpoll bring-up DSA management interface - net/mlx4_core: Fix init_hca fields offset - page_frag: Recover from memory pressure - qed: fix error return code in qed_iwarp_ll2_start() - qlcnic: fix error return code in qlcnic_83xx_restart_hw() - sctp: change to hold/put transport for proto_unreach_timer - tcp: only postpone PROBE_RTT if RTT is < current min_rtt estimate - [arm64,armhf] net/mlx5: Disable QoS when min_rates on all VFs are zero - net: usb: qmi_wwan: Set DTR quirk for MR400 - [arm64,armhf] pinctrl: rockchip: enable gpio pclk for rockchip_gpio_to_irq - scsi: ufs: Fix unbalanced scsi_block_reqs_cnt caused by ufshcd_hold() - [x86] ACPI: button: Add DMI quirk for Medion Akoya E2228T - [arm64] psci: Avoid printing in cpu_psci_cpu_die() - vfs: remove lockdep bogosity in __sb_start_write - [arm64] dts: allwinner: a64: Pine64 Plus: Fix ethernet node - [arm64] dts: allwinner: h5: OrangePi PC2: Fix ethernet node - [armhf] dts: sun8i: r40: bananapi-m2-ultra: Fix ethernet node - [armhf] Revert "arm: sun8i: orangepi-pc-plus: Set EMAC activity LEDs to active high" - [armhf] dts: sun8i: h3: orangepi-plus2e: Enable RGMII RX/TX delay on Ethernet PHY - [armhf] dts: sun8i: a83t: Enable both RGMII RX/TX delay on Ethernet PHY - [arm64] dts: allwinner: a64: bananapi-m64: Enable RGMII RX/TX delay on PHY - [mips*] export has_transparent_hugepage() for modules - [arm64] dts: allwinner: h5: OrangePi Prime: Fix ethernet node - perf lock: Don't free "lock_seq_stat" if read_count isn't zero - ip_tunnels: Set tunnel option flag when tunnel metadata is present - can: af_can: prevent potential access of uninitialized member in can_rcv() - can: af_can: prevent potential access of uninitialized member in canfd_rcv() - can: dev: can_restart(): post buffer from the right context - can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() - can: peak_usb: fix potential integer overflow on shift of a int - [arm64] ASoC: qcom: lpass-platform: Fix memory leak - [arm64,armhf] drm/sun4i: dw-hdmi: fix error return code in sun8i_dw_hdmi_bind() - can: kvaser_usb: kvaser_usb_hydra: Fix KCAN bittiming limits - [armhf] regulator: ti-abb: Fix array out of bound read access on the first transition - xfs: revert "xfs: fix rmap key and record comparison functions" - [amd64] efi/x86: Free efi_pgd with free_pages() - libfs: fix error cast of negative value in simple_attr_write() - speakup: Do not let the line discipline be used several times (CVE-2020-28941) - ALSA: firewire: Clean up a locking issue in copy_resp_to_buf() - ALSA: usb-audio: Add delay quirk for all Logitech USB devices - ALSA: ctl: fix error path at adding user-defined element set - ALSA: mixart: Fix mutex deadlock - ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220) - [armhf] tty: serial: imx: keep console clocks always on - [arm64,armhf,x86] efivarfs: fix memory leak in efivarfs_create() - [arm64,x86] staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids - ext4: fix bogus warning in ext4_update_dx_flag() - [x86] iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum - [x86] iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode - [armhf] regulator: pfuze100: limit pfuze-support-disable-sw to pfuze{100,200} - regulator: fix memory leak with repeated set_machine_constraints() - regulator: avoid resolve_supply() infinite recursion - regulator: workaround self-referent regulators - mac80211: minstrel: remove deferred sampling code - mac80211: minstrel: fix tx status processing corner case - mac80211: free sta in sta_info_insert_finish() on errors - [s390x] cpum_sf.c: fix file permission for cpum_sfb_size - [s390x] dasd: fix null pointer dereference for ERP requests - ptrace: Set PF_SUPERPRIV when checking capability - seccomp: Set PF_SUPERPRIV when checking capability - [x86] microcode/intel: Check patch signature before saving microcode for early loading - mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() . [ Salvatore Bonaccorso ] * net: Enable NET_SWITCHDEV; disable on armel/marvell (Closes: #949863) * Bump ABI to 13 * [rt] Update to 4.19.152-rt65 * [rt] Refresh "mm: Protect activate_mm() by preempt_[disable&enable]_rt()" * [rt] Refresh "kthread: convert worker lock to raw spinlock" * [rt] Refresh "signals: Allow rt tasks to cache one sigqueue struct" * [rt] Refresh "tpm_tis: fix stall after iowrite*()s" * [rt] Refresh "futex: Delay deallocation of pi_state" * [rt] Refresh "futex: Make the futex_hash_bucket spinlock_t again" * [rt] Update to 4.19.152-rt66 - mm/memcontrol: Disable preemption in __mod_memcg_lruvec_state() - ptrace: fix ptrace_unfreeze_traced() race with rt-lock * [rt] Update to 4.19.160-rt69 . [ Noah Meyerhans ] * Backport upstream fix for PCI bridge firmware configuration preservation (Closes: #968623) . [ John L. Villalovos ] * Backport support for USB Host Controllers with local memory to avoid crashes. In particular the Renesas USB 3.0 controller (PD720201/PD720202) which is used on the Ampere's Mt Jade platform which is part of their Altra product line: - lib/genalloc: add gen_pool_dma_zalloc() for zeroed DMA allocations - USB: use genalloc for USB HCs with local memory - USB: drop HCD_LOCAL_MEM flag - usb: don't create dma pools for HCDs with a localmem_pool - usb: add a hcd_uses_dma helper - usb: host: ohci-sm501: init genalloc for local memory - usb/hcd: Fix a NULL vs IS_ERR() bug in usb_hcd_setup_local_mem() * [arm64] config/arm64/config: Set NODES_SHIFT to 4 . [ Yves-Alexis Perez ] * usbnet: ipheth: fix connectivity with iOS 14 linux-signed-i386 (4.19.152+1) buster-security; urgency=high . * Sign kernel from linux 4.19.152-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.147 - [arm64,armhf] dsa: Allow forwarding of redirected IGMP traffic - scsi: qla2xxx: Update rscn_rcvd field to more meaningful scan_needed - scsi: qla2xxx: Move rport registration out of internal work_list - scsi: qla2xxx: Reduce holding sess_lock to prevent CPU lock-up - net: handle the return value of pskb_carve_frag_list() correctly - [x86] hv_netvsc: Remove "unlikely" from netvsc_select_queue - NFSv4.1 handle ERR_DELAY error reclaiming locking state on delegation recall - scsi: pm8001: Fix memleak in pm8001_exec_internal_task_abort - scsi: libfc: Fix for double free() - scsi: lpfc: Fix FLOGI/PLOGI receive race condition in pt2pt discovery - [arm64] regulator: pwm: Fix machine constraints application - NFS: Zero-stateid SETATTR should first return delegation - SUNRPC: stop printk reading past end of string - nvme-fc: cancel async events before freeing event struct - nvme-rdma: cancel async events before freeing event struct - f2fs: fix indefinite loop scanning for free nid - f2fs: Return EOF on unaligned end of file DIO read - i2c: algo: pca: Reapply i2c bus settings after reset - spi: Fix memory leak on splited transfers - [arm64,armhf] clk: rockchip: Fix initialization of mux_pll_src_4plls_p - [arm64] ASoC: qcom: Set card->owner to avoid warnings - [x86] Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload - fbcon: Fix user font detection test at fbcon_resize(). - USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin notebook - USB: UAS: fix disconnect by unplugging a hub - usblp: fix race between disconnect() and read() - [x86] i2c: i801: Fix resume bug - Revert "ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO" - percpu: fix first chunk size calculation for populated bitmap - Input: trackpoint - add new trackpoint variant IDs - serial: 8250_pci: Add Realtek 816a and 816b - ehci-hcd: Move include to keep CRC stable - [powerpc*] dma: Fix dma_map_ops::get_required_mask https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.148 - af_key: pfkey_dump needs parameter validation - KVM: fix memory leak in kvm_io_bus_unregister_dev() - kprobes: fix kill kprobe which has been marked as gone - mm/thp: fix __split_huge_pmd_locked() for migration PMD - cxgb4: Fix offset when clearing filter byte counters - geneve: add transport ports in route lookup for geneve (CVE-2020-25645) - [x86,ppc64el] hdlc_ppp: add range checks in ppp_cp_parse_cr() (CVE-2020-25643) - ip: fix tos reflection in ack and reset packets - ipv6: avoid lockdep issue in fib6_del() - net: DCB: Validate DCB_ATTR_DCB_BUFFER argument - net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC - net: sch_generic: aviod concurrent reset and enqueue op for lockless qdisc - nfp: use correct define to return NONE fec - tipc: Fix memory leak in tipc_group_create_member() - tipc: fix shutdown() of connection oriented socket - tipc: use skb_unshare() instead in tipc_buf_append() - bnxt_en: return proper error codes in bnxt_show_temp - bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex. - net: phy: Avoid NPD upon phy_detach() when driver is unbound - net: add __must_check to skb_put_padto() - ipv4: Update exception handling for multipath routes via same device - kbuild: add OBJSIZE variable for the size tool - mm: memcg: fix memcg reclaim soft lockup - tcp_bbr: refactor bbr_target_cwnd() for general inflight provisioning - tcp_bbr: adapt cwnd based on ack aggregation estimation - serial: 8250: Avoid error message on reprobe https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.149 - selinux: allow labeling before policy is loaded - media: mc-device.c: fix memleak in media_device_register_entity - dma-fence: Serialise signal enabling (dma_fence_enable_sw_signaling) - ath10k: fix array out-of-bounds access - ath10k: fix memory leak for tpc_stats_final - mm: fix double page fault on arm64 if PTE_AF is cleared - scsi: aacraid: fix illegal IO beyond last LBA - [x86] gma/gma500: fix a memory disclosure bug due to uninitialized bytes - [armel,armhf] ASoC: kirkwood: fix IRQ error handling - [amd64] arch/x86/lib/usercopy_64.c: fix __copy_user_flushcache() cache writeback - [x86] ioapic: Unbreak check_timer() - ALSA: usb-audio: Add delay quirk for H570e USB headsets - ALSA: hda/realtek - Couldn't detect Mic if booting with headset plugged - ALSA: hda/realtek: Enable front panel headset LED on Lenovo ThinkStation P520 - lib/string.c: implement stpcpy - [armhf] PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out - [x86] scsi: fnic: fix use after free - scsi: lpfc: Fix kernel crash at lpfc_nvme_info_show during remote port bounce - net: silence data-races on sk_backlog.tail - [armhf] clk/ti/adpll: allocate room for terminating null - mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of cfi_amdstd_setup() - mfd: mfd-core: Protect against NULL call-back function pointer - [x86] tpm_crb: fix fTPM on AMD Zen+ CPUs - tracing: Adding NULL checks for trace_array descriptor pointer - bcache: fix a lost wake-up problem caused by mca_cannibalize_lock - RDMA/qedr: Fix potential use after free - RDMA/i40iw: Fix potential use after free - fix dget_parent() fastpath race - xfs: fix attr leaf header freemap.size underflow - RDMA/iw_cgxb4: Fix an error handling path in 'c4iw_connect()' - ubi: Fix producing anchor PEBs - mmc: core: Fix size overflow for mmc partitions - gfs2: clean up iopen glock mess in gfs2_create_inode - scsi: pm80xx: Cleanup command when a reset times out - CIFS: Properly process SMB3 lease breaks - ASoC: max98090: remove msleep in PLL unlocked workaround - kernel/sys.c: avoid copying possible padding bytes in copy_to_user - [arm64,armhf] KVM: vgic: Fix potential double free dist->spis in __kvm_vgic_destroy() - xfs: fix log reservation overflows when allocating large rt extents - neigh_stat_seq_next() should increase position index - rt_cpu_seq_next should increase position index - ipv6_route_seq_next should increase position index - seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier - sctp: move trace_sctp_probe_path into sctp_outq_sack - [arm64,x86] ACPI: EC: Reference count query handlers under lock - scsi: ufs: Make ufshcd_add_command_trace() easier to read - scsi: ufs: Fix a race condition in the tracing code - [s390x] /cpum_sf: Use kzalloc and minor changes - [powerpc*] eeh: Only dump stack once if an MMIO loop is detected - Bluetooth: btrtl: Use kvmalloc for FW allocations - [armel,armhf] ARM: 8948/1: Prevent OOB access in stacktrace - ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter - ceph: ensure we have a new cap before continuing in fill_inode - Bluetooth: Fix refcount use-after-free issue - mm/swapfile.c: swap_next should increase position index - mm: pagewalk: fix termination condition in walk_pte_range() - Bluetooth: prefetch channel before killing sock - KVM: fix overflow of zero page refcount with ksm running - ALSA: hda: Clear RIRB status before reading WP - skbuff: fix a data race in skb_queue_len() - audit: CONFIG_CHANGE don't log internal bookkeeping as an event - selinux: sel_avc_get_stat_idx should increase position index - scsi: lpfc: Fix RQ buffer leakage when no IOCBs available - scsi: lpfc: Fix coverity errors in fmdi attribute handling - [armhf] drm/omap: fix possible object reference leak - crypto: chelsio - This fixes the kernel panic which occurs during a libkcapi test - mt76: clear skb pointers from rx aggregation reorder buffer during cleanup - ALSA: usb-audio: Don't create a mixer element with bogus volume range - [s390x] perf test: Fix test trace+probe_vfs_getname.sh on s390 - RDMA/rxe: Fix configuration of atomic queue pair attributes - [x86] KVM: x86: fix incorrect comparison in trace event - [x86] pkeys: Add check for pkey "overflow" - bpf: Remove recursion prevention from rcu free callback - [arm64,armhf] dmaengine: tegra-apb: Prevent race conditions on channel's freeing - random: fix data races at timer_rand_state - [arm64] bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host removal - media: go7007: Fix URB type for interrupt handling - Bluetooth: guard against controllers sending zero'd events - timekeeping: Prevent 32bit truncation in scale64_check_overflow() - ext4: fix a data race at inode->i_disksize - mm: avoid data corruption on CoW fault into PFN-mapped VMA - drm/amdgpu: increase atombios cmd timeout - ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read - scsi: aacraid: Disabling TM path and only processing IOP reset - Bluetooth: L2CAP: handle l2cap config request during open state - media: tda10071: fix unsigned sign extension overflow - xfs: don't ever return a stale pointer from __xfs_dir3_free_read - xfs: mark dir corrupt when lookup-by-hash fails - ext4: mark block bitmap corrupted when found instead of BUGON - nfsd: Don't add locks to closed or closing open stateids - RDMA/cm: Remove a race freeing timewait_info - [powerpc*] KVM: PPC: Book3S HV: Treat TM-related invalid form instructions on P9 like the valid ones - [arm64] drm/msm: fix leaks if initialization fails - [arm64] drm/msm/a5xx: Always set an OPP supported hardware value - serial: 8250_port: Don't service RX FIFO if throttled - [powerpc*] cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_work_fn - nvme-multipath: do not reset on unknown status - nvme: Fix controller creation races with teardown flow - RDMA/rxe: Set sys_image_guid to be aligned with HW IB devices - scsi: hpsa: correct race condition in offload enabled - SUNRPC: Fix a potential buffer overflow in 'svc_print_xprts()' - svcrdma: Fix leak of transport addresses - PCI: Use ioremap(), not phys_to_virt() for platform ROM - ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len - ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra endpoint descriptor - PCI: pciehp: Fix MSI interrupt race - NFS: Fix races nfs_page_group_destroy() vs nfs_destroy_unlinked_subrequests() - mm/kmemleak.c: use address-of operator on section symbols - mm/filemap.c: clear page error before actual read - mm/vmscan.c: fix data races using kswapd_classzone_idx - nvmet-rdma: fix double free of rdma queue - mm/mmap.c: initialize align_offset explicitly for vm_unmapped_area - scsi: qedi: Fix termination timeouts in session logout - [arm64] serial: uartps: Wait for tx_empty in console setup - [x86] KVM: Remove CREATE_IRQCHIP/SET_PIT2 race - bdev: Reduce time holding bd_mutex in sync in blkdev_close() - [x86] drivers: char: tlclk.c: Avoid data race between init and interrupt handler - [arm64] KVM: vgic-its: Fix memory leak on the error path of vgic_add_lpi() - net: openvswitch: use u64 for meter bucket - scsi: aacraid: Fix error handling paths in aac_probe_one() - staging:r8188eu: avoid skb_clone for amsdu to msdu conversion - [arm64] cpufeature: Relax checks for AArch32 support at EL[0-2] - dt-bindings: sound: wm8994: Correct required supplies based on actual implementaion - atm: fix a memory leak of vcc->user_back - Bluetooth: Handle Inquiry Cancel error after Inquiry Complete - tipc: fix memory leak in service subscripting - [armhf] tty: serial: samsung: Correct clock selection logic - ALSA: hda: Fix potential race in unsol event handler - [powerpc*] traps: Make unrecoverable NMIs die instead of panic - fuse: don't check refcount after stealing page - [powerpc*] scsi: cxlflash: Fix error return code in cxlflash_probe() - [arm64] cpufeature: Drop TraceFilt feature exposure from ID_DFR0 register - e1000: Do not perform reset in reset_task if we are already down - drm/nouveau/debugfs: fix runtime pm imbalance on error - drm/nouveau: fix runtime pm imbalance on error - drm/nouveau/dispnv50: fix runtime pm imbalance on error - printk: handle blank console arguments passed in. - [arm64,armhf] usb: dwc3: Increase timeout for CmdAct cleared by device controller - btrfs: don't force read-only after error in drop snapshot - vfio/pci: fix memory leaks of eventfd ctx - perf trace: Fix the selection for architectures to generate the errno name tables - [arm64,armhf] wlcore: fix runtime pm imbalance in wl1271_tx_work - [arm64,armhf] wlcore: fix runtime pm imbalance in wlcore_regdomain_config - [arm64,armhf] PCI: tegra: Fix runtime PM imbalance on error - ceph: fix potential race in ceph_check_caps - mm/swap_state: fix a data race in swapin_nr_pages - [armel] mtd: parser: cmdline: Support MTD names containing one or more colons - [x86] speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline - vfio/pci: Clear error and request eventfd ctx after releasing - cifs: Fix double add page to memcg when cifs_readpages - nvme: fix possible deadlock when I/O is blocked - scsi: libfc: Handling of extra kref - scsi: libfc: Skip additional kref updating work event - vfio/pci: fix racy on error and request eventfd ctx - btrfs: qgroup: fix data leak caused by race between writeback and truncate - net: openvswitch: use div_u64() for 64-by-32 divisions - nvme: explicitly update mpath disk capacity on revalidation - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1 - [s390x] init: add missing __init annotations - lockdep: fix order in trace_hardirqs_off_caller() - [amd64] drm/amdkfd: fix a memory leak issue - i2c: core: Call i2c_acpi_install_space_handler() before i2c_acpi_register_devices() - mwifiex: Increase AES key storage size to 256 bits - batman-adv: bla: fix type misuse for backbone_gw hash indexing - atm: eni: fix the missed pci_disable_device() for eni_init_one() - batman-adv: mcast/TT: fix wrongly dropped or rerouted packets - mac802154: tx: fix use-after-free - bpf: Fix clobbering of r2 in bpf_gen_ld_abs - [arm*] drm/vc4/vc4_hdmi: fill ASoC card owner - net: qed: RDMA personality shouldn't fail VF load - batman-adv: Add missing include for in_interrupt() - batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh - batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh - bpf: Fix a rcu warning for bpffs map pretty-print - [x86] ALSA: asihpi: fix iounmap in error handler - regmap: fix page selection for noinc reads - [x86] KVM: Reset MMU context if guest toggles CR4.SMAP or CR4.PKE - [x86] KVM: SVM: Add a dedicated INVD intercept routine - tracing: fix double free - [s390x] dasd: Fix zero write for FBA devices - kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() - mm, THP, swap: fix allocating cluster for swapfile by mistake - [s390x] zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl - ata: define AC_ERR_OK - ata: make qc_prep return ata_completion_errors - ata: sata_mv, avoid trigerrable BUG_ON - [arm64] KVM: Assume write fault on S1PTW permission fault on instruction fetch https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.150 - mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS models - USB: gadget: f_ncm: Fix NDP16 datagram validation - vsock/virtio: use RCU to avoid use-after-free on the_virtio_vsock - vsock/virtio: stop workers during the .remove() - vsock/virtio: add transport parameter to the virtio_transport_reset_no_sock() - net: virtio_vsock: Enhance connection semantics - Input: i8042 - add nopnp quirk for Acer Aspire 5 A515 - ftrace: Move RCU is watching check after recursion check - drm/amdgpu: restore proper ref count in amdgpu_display_crtc_set_config - drivers/net/wan/hdlc_fr: Add needed_headroom for PVC devices - [armhf] drm/sun4i: mixer: Extend regmap max_register - net: dec: de2104x: Increase receive ring size for Tulip - rndis_host: increase sleep time in the query-response loop - nvme-core: get/put ctrl and transport module in nvme_dev_open/release() - [x86,ppc64el] drivers/net/wan/hdlc: Set skb->protocol before transmitting - mac80211: do not allow bigger VHT MPDUs than the hardware supports - nvme-fc: fail new connections to a deleted host or remote port - [armhf] pinctrl: mvebu: Fix i2c sda definition for 98DX3236 - nfs: Fix security label length not being reset - [armhf] clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED - Input: trackpoint - enable Synaptics trackpoints - random32: Restore __latent_entropy attribute on net_rand_state - mm: replace memmap_context by meminit_context - mm: don't rely on system state to detect hot-plug operations - epoll: do not insert into poll queues until all sanity checks are done - epoll: replace ->visited/visited_list with generation count - epoll: EPOLL_CTL_ADD: close the race in decision to take fast path - ep_create_wakeup_source(): dentry name can change under you... - netfilter: ctnetlink: add a range check for l3/l4 protonum (CVE-2020-25211) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.151 - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts - fbcon: Fix global-out-of-bounds read in fbcon_get_font() - net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key() - drm/nouveau/mem: guard against NULL pointer access in mem_del - usermodehelper: reset umask to default before executing user process - [x86] platform/x86: intel-vbtn: Fix SW_TABLET_MODE always reporting 1 on the HP Pavilion 11 x360 - [x86] platform/x86: thinkpad_acpi: initialize tp_nvram_state variable - [x86] platform/x86: intel-vbtn: Switch to an allow-list for SW_TABLET_MODE reporting - [x86] platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse - driver core: Fix probe_count imbalance in really_probe() - [x86] i2c: i801: Exclude device from suspend direct complete optimization - [armhf] mtd: rawnand: sunxi: Fix the probe error path - nvme-core: put ctrl ref when module ref get fail - macsec: avoid use-after-free in macsec_handle_frame() - mm/khugepaged: fix filemap page_to_pgoff(page) != offset - xfrmi: drop ignore_df check before updating pmtu - cifs: Fix incomplete memory allocation on setxattr path - [arm64,armhf] i2c: meson: fix clock setting overwrite - [arm64,armhf] i2c: meson: fixup rate calculation with filter delay - sctp: fix sctp_auth_init_hmacs() error path - team: set dev->needed_headroom in team_setup_by_port() - net: team: fix memory leak in __team_options_register - openvswitch: handle DNAT tuple collision - drm/amdgpu: prevent double kfree ttm->sg - xfrm: clone XFRMA_SET_MARK in xfrm_do_migrate - xfrm: clone XFRMA_REPLAY_ESN_VAL in xfrm_do_migrate - xfrm: clone XFRMA_SEC_CTX in xfrm_do_migrate - xfrm: clone whole liftime_cur structure in xfrm_do_migrate - [arm64,armhf] net: stmmac: removed enabling eee in EEE set callback - xfrm: Use correct address family in xfrm_state_find - bonding: set dev->needed_headroom in bond_setup_by_slave() - net: usb: ax88179_178a: fix missing stop entry in driver_info - net/mlx5e: Fix VLAN cleanup flow - net/mlx5e: Fix VLAN create flow - rxrpc: Fix rxkad token xdr encoding - rxrpc: Downgrade the BUG() for unsupported token type in rxrpc_read() - rxrpc: Fix some missing _bh annotations on locking conn->state_lock - rxrpc: Fix server keyring leak - perf: Fix task_function_call() error handling - mmc: core: don't set limits.discard_granularity as 0 - mm: khugepaged: recalculate min_free_kbytes after memory hotplug as expected by khugepaged - net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.152 - Bluetooth: A2MP: Fix not initializing all members (CVE-2020-12352) - Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel (CVE-2020-12351) - Bluetooth: MGMT: Fix not checking if BT_HS is enabled - Bluetooth: Consolidate encryption handling in hci_encrypt_cfm - Bluetooth: Fix update of connection state in `hci_encrypt_cfm` - Bluetooth: Disconnect if E0 is used for Level 4 - media: usbtv: Fix refcounting mixup - USB: serial: option: add Cellient MPL200 card - USB: serial: option: Add Telit FT980-KS composition - [x86] staging: comedi: check validity of wMaxPacketSize of usb endpoints found - USB: serial: pl2303: add device-id for HP GC device - USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters - reiserfs: Initialize inode keys properly - reiserfs: Fix oops during mount - [arm*] drivers/net/ethernet/marvell/mvmdio.c: Fix non OF case (Closes: #908712) - [x86] crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.148-rt64 * Bump ABI to 12 * Revert "perf cs-etm: Move definition of 'traceid_list' global variable from header file" lmod (6.6-0.3+deb10u1) buster; urgency=medium . * Change Architecture: to any. Closes: #951508 This is required because lmod now gets LUA_PATH and LUA_CPATH at compile time (to deal with users overriding those variables). See https://github.com/TACC/Lmod/issues/112 There was an upstream report that this breaks Raspian, which was rejected, so it is unlikely that upstream will return to the current behaviour. See https://github.com/TACC/Lmod/issues/338 Thanks to Baptiste Jonglez for finding the relevant upstream bug reports. The same change was just uploaded as an NMU to unstable (in 6.6-0.4). mariadb-10.3 (1:10.3.27-0+deb10u1) buster; urgency=medium . * New upstream version 10.3.27. Includes fixes to serious regressions in MariaDB 10.3.26 that corrupted data or made server unable to start. * SECURITY UPDATE: Includes new upstream 10.3.26 which included fixes for the following security vulnerabilities: - CVE-2020-28912 - CVE-2020-14812 - CVE-2020-14789 - CVE-2020-14776 - CVE-2020-14765 * Upstream 10.3.26 included: - Fix mytop shebang (Closes: #972780, Closes: #970681) * Remove 3 patches applied upstream. mariadb-10.3 (1:10.3.25-0+deb10u1) buster-security; urgency=high . * SECURITY UPDATE: New upstream version 10.3.25. Includes fixes for the following security vulnerabilities: - CVE-2020-15180 * Salsa-CI: Update to be compatible with latest master/salsa-ci.yml mariadb-10.3 (1:10.3.24-2) unstable; urgency=medium . * Include MariaDB client plugin caching_sha2_password * Fix Perl script segfaults by backporting patch (Closes: #966633) mariadb-10.3 (1:10.3.24-1) unstable; urgency=medium . [ Otto Kekäläinen ] * New upstream version 10.3.24 - Drop kFreeBSD, Risv64 and ZSTD patches applied upstream * Remove redundant patterns from d/copyright * Includes permanent upstream fixes to get RocksDB built on riscv64 (Closes: #933151, Closes: LP#1876814) . [ Andrius Merkys ] * Fix a pair of typos in apparmor-profile mariadb-10.3 (1:10.3.23-1) unstable; urgency=medium . [ Otto Kekäläinen ] * SECURITY UPDATE: New upstream version 10.3.23. Includes fixes for the following security vulnerabilities (Closes: #961849): - CVE-2020-2752 - CVE-2020-2760 - CVE-2020-2812 - CVE-2020-2814 - CVE-2020-13249 - Includes fix for MDEV-21586: Server does not start if lc_messages setting was not English (Closes: #951059) - Backport packaging improvements from MariaDB 10.4: - Fix RocksDB build failure on arch riscv64 - Amend changelog with #951059 reference - Properly use DH_ and DEB_ flag in d/rules - Detect MySQL 8.0 based on undo_001 file as *.flag is buggy in mysql-8.0 - Make mariadb-client-10.4 Recommends libdbd-mariadb-perl as primary option - Update package to use debhelper level 10 - Delete pam_mariadb_mtr.so test plugin from build completely - Fix minor typos in docs and in-line comments - Sync server stopping logic from MariaDB 10.4 preinst/postinst/postrm - Sync AppArmor profile handling from MariaDB 10.4 - Sync non-functional delta from upstream 10.4 - Simplify autopkgtest 'smoke' to be easier to debug . [ Christian Ehrhardt ] * Fix RocksDB build failure on arch riscv64 mediawiki (1:1.31.10-1~deb10u1) buster-security; urgency=medium . * New upstream version 1.31.10, fixing CVE-2020-15005, CVE-2020-25812, CVE-2020-25813, CVE-2020-25814, CVE-2020-25827, CVE-2020-25828. CVE-2020-25689 does not affect this package, it requires an additional extension. * Additionally, mitigations for firejail's CVE-2020-17367, CVE-2020-17368 are included as well. mediawiki (1:1.31.8-1) unstable; urgency=medium . * New upstream version 1.31.8, fixing CVE-2020-15005. * Use debhelper 12 and dh_installsystemd. mediawiki (1:1.31.7-1) unstable; urgency=medium . * New upstream version 1.31.7, fixing CVE-2020-10960. CVE-2020-10960 does not affect this version of MediaWiki. * A hardening fix was included for the OATHAuth extension to limit access of user-controlled JavaScript. * Standards-Version: 4.5.0, no changes needed moin (1.9.9-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * security: fix stored XSS vulnerability via SVG attachment (CVE-2020-15275) * security: fix remote code execution via cache action (CVE-2020-25074) * Tweak Debian version used to 1.9.9-1+deb10u1 to avoid possible version clash with lower suite. mupdf (1.14.0+ds1-4+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Detect/avoid overflow when calculating sizes of pixmaps (CVE-2020-26519) (Closes: #971595) mutt (1.10.1-2.1+deb10u4) buster; urgency=medium . * debian/patches: + fix for CVE-2020-28896 located in security/CVE-2020-28896.patch. neomutt (20180716+dfsg.1-1+deb10u2) buster; urgency=medium . * debian/patches: + security/CVE-2020-28896.patch: handle the relevant CVE to stop sending login information over an encrypted connections in certain conditions. node-object-path (0.11.4-2+deb10u1) buster; urgency=medium . * Team upload * Fix prototype pollution in set() (Closes: CVE-2020-15256) node-pathval (1.1.0-3+deb10u1) buster; urgency=medium . * Fix prototype pollution (Closes: #972895, CVE-2020-7751) okular (4:17.12.2-2.2+deb10u1) buster; urgency=medium . * CVE-2020-9359 (Closes: #954891) openjdk-11 (11.0.9.1+1-1~deb10u2) buster; urgency=medium . * Rebuild for Buster (Closes: #975728) * Disable tests for this upload. openjdk-11 (11.0.9.1+1-1~deb10u1) buster; urgency=medium . * Rebuild for Buster (Closes: #975728) openjdk-11 (11.0.9+11-1) unstable; urgency=medium . * OpenJDK 11.0.9+11 build (release). * Security fixes: - JDK-8233624: Enhance JNI linkage - JDK-8236196: Improve string pooling - JDK-8236862, CVE-2020-14779: Enhance support of Proxy class - JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts - JDK-8237995, CVE-2020-14782: Enhance certificate processing - JDK-8240124: Better VM Interning - JDK-8241114, CVE-2020-14792: Better range handling - JDK-8242680, CVE-2020-14796: Improved URI Support - JDK-8242685, CVE-2020-14797: Better Path Validation - JDK-8242695, CVE-2020-14798: Enhanced buffer support - JDK-8243302: Advanced class supports - JDK-8244136, CVE-2020-14803: Improved Buffer supports - JDK-8244479: Further constrain certificates - JDK-8244955: Additional Fix for JDK-8240124 - JDK-8245407: Enhance zoning of times - JDK-8245412: Better class definitions - JDK-8245417: Improve certificate chain handling - JDK-8248574: Improve jpeg processing - JDK-8249927: Specify limits of jdk.serialProxyInterfaceLimit - JDK-8253019: Enhanced JPEG decoding . [ Tiago Stürmer Daitx ] * debian/rules: - copy apport hook to source_$(PKGSOURCE).py, fixes apport on Ubuntu where source name is openjdk-lts instead of openjdk-11. * Refresh patches. . [ Matthias Klose ] * Don't run the jdk tests as an autopkg test, taking too long. * Call strip-nondeterminism before computing jmod hashes (Julian Gilbey). Closes: #944738. * Build with GCC 10 in current development versions. Closes: #972288. openjdk-11 (11.0.9+11-1~deb10u1) buster-security; urgency=medium . * Rebuild for Buster openjdk-11 (11.0.8+10-1.1) unstable; urgency=medium . * Non-maintainer upload. * Apply patch to strip nondeterminism before computing jmod hash. Thank you to Julian Gilbey for the patch. (Closes: #944738) Add Build-Depends on strip-nondeterminism. openjdk-11 (11.0.8+10-1) unstable; urgency=high . * OpenJDK 11.0.8+10 build (release). * Security fixes: - JDK-8233239, CVE-2020-14562: Enhance TIFF support - JDK-8236867, CVE-2020-14573: Enhance Graal interface handling - JDK-8237117, CVE-2020-14556: Better ForkJoinPool behavior - JDK-8237592, CVE-2020-14577: Enhance certificate verification - JDK-8238002, CVE-2020-14581: Better matrix operations - JDK-8238920, CVE-2020-14583: Better Buffer support - JDK-8240119, CVE-2020-14593: Less Affine Transformations - JDK-8242136, CVE-2020-14621: Better XML namespace handling - JDK-8230613: Better ASCII conversions - JDK-8231800: Better listing of arrays - JDK-8232014: Expand DTD support - JDK-8233234: Better Zip Naming - JDK-8233255: Better Swing Buttons - JDK-8234032: Improve basic calendar services - JDK-8234042: Better factory production of certificates - JDK-8234418: Better parsing with CertificateFactory - JDK-8234836: Improve serialization handling - JDK-8236191: Enhance OID processing - JDK-8238013: Enhance String writing - JDK-8238804: Enhance key handling process - JDK-8238842: AIOOBE in GIFImageReader.initializeStringTable - JDK-8238843: Enhanced font handing - JDK-8238925: Enhance WAV file playback - JDK-8240482: Improved WAV file playback - JDK-8241379: Update JCEKS support - JDK-8241522: Manifest improved jar headers redux . [ Tiago Stürmer Daitx ] * d/p/default-jvm-cfg.diff: updated patch. * d/p/8214571.diff, d/p/8228407.diff: applied by upstream, removed patches. . [ Matthias Klose ] * Don't try to run autopkg tests on armel, mipsel, mips64el. * debian/copyright (remove licenses not found anymore in the sources): - Little CMS, libpng, GIFLIB. * Prepare to Build using GCC 10. openldap (2.4.47+dfsg-3+deb10u4) buster-security; urgency=high . * Fix slapd abort due to assertion failure in Certificate List syntax validation (ITS#9383) (CVE-2020-25709) * Fix slapd abort due to assertion failure in CSN normalization with invalid input (ITS#9384) (CVE-2020-25710) openldap (2.4.47+dfsg-3+deb10u3) buster-security; urgency=high . * Fix slapd normalization handling with modrdn (ITS#9370) pacemaker (2.0.1-5+deb10u1) buster-security; urgency=high . * [bf23450] Apply patch series fixing CVE-2020-25654: ACL bypass. A vulnerability was found in Pacemaker allowing a user who is in the haclient group but restricted by ACLs to bypass those ACLs, providing cluster-wide arbitrary code execution with root privileges. When the enable-acl cluster option isn't set to true, members of the haclient group (and root) can modify Pacemaker's CIB without restriction, which already gives them these capabilities, so there is no additional exposure in that case. More info: https://www.openwall.com/lists/oss-security/2020/10/27/1 Patches: https://lists.clusterlabs.org/pipermail/developers/2020-October/002324.html Thanks to Ken Gaillot (Closes: #973254) partman-auto (149+deb10u1) buster; urgency=medium . * Bump /boot sizes in most recipes from between 128 and 256M to between 512 and 768M. As initramfs keep growing, and kernel ABI bumps keep happening, running out of space on /boot is unpleasant. Closes: #893886, 951709. * Import from Ubuntu: Introduce partman-auto/cap-ram, to allow capping RAM size as used for swap partition calculations. This allows us to cap the minimum size of swap partitions size to 1*CAP, and their maximum size to a maximum of 2 or 3*CAP depending on architecture. Default is set to 1024, thus capping swap partitions to between 1 and 3GB. LP: #1351267, closes: #949651, #950344. Patch from Dimitri John Ledkov. pcaudiolib (1.1-3+deb10u1) buster; urgency=medium . * patches/cancel: Cap cancellation latency to 10ms. plinth (19.1+deb10u1) buster; urgency=medium . * apache: Disable mod_status (CVE-2020-25073) puma (3.12.0-2+deb10u2) buster; urgency=medium . * Team upload. * d/patches/0009-disable-tests-failing-in-single-cpu.patch: Add author and bug tracker information. * d/patches/CVE-2020-5247.patch: Add patch to fix CVE-2020-5247. - Fix header value could inject their own HTTP response (closes: #952766). * d/patches/CVE-2020-5249.patch: Add patch to fix CVE-2020-5249. - Fix splitting newlines in headers and another vector for HTTP injection (closes: #953122). * d/patches/CVE-2020-11076.patch: Add patch to fix CVE-2020-11076. - Better handle client input to fix HTTP Smuggling via Transfer-Encoding header (closes: #972102). * d/patches/CVE-2020-11077.patch: Add patch to fix CVE-2020-11077. - Reduce ambiguity of headers to fix HTTP Smuggling via Transfer-Encoding header (closes: #972102). * d/patches/series: Enable new patches. python-flask-cors (3.0.7-1+deb10u1) buster-security; urgency=high . * Team upload. * Fix CVE-2020-25032 (Closes: #969362) with upstream patch rails (2:5.2.2.1+dfsg-1+deb10u2) buster-security; urgency=medium . * CVE-2020-8162 CVE-2020-8164 CVE-2020-8165 CVE-2020-8166 CVE-2020-8167 CVE-2020-15169 raptor2 (2.0.14-1.1~deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Rebuild for buster-security . raptor2 (2.0.14-1.1) unstable; urgency=medium . * Non-maintainer upload. * Calcualte max nspace declarations correctly for XML writer (CVE-2017-18926) (Closes: #973889) ros-ros-comm (1.14.3+ds1-5+deb10u2) buster; urgency=high . * Add https://github.com/ros/ros_comm/pull/2065 (Fix CVE-2020-16124) ruby2.5 (2.5.5-3+deb10u3) buster; urgency=high . * Add patch to fix a potential HTTP request smuggling vulnerability in WEBrick. (Fixes: CVE-2020-25613) sddm (0.18.0-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix X not having access control on startup (CVE-2020-28049) (Closes: #973748) sleuthkit (4.6.5-1+deb10u1) buster; urgency=high . * Team upload. * Add patch to fix stack buffer overflow in yaffsfs_istat. (Closes: #953976, CVE-2020-10232) spice (0.14.0-1.3+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * quic: Check we have some data to start decoding quic image (CVE-2020-14355) * quic: Check image size in quic_decode_begin (CVE-2020-14355) * quic: Check RLE lengths (CVE-2020-14355) * quic: Avoid possible buffer overflow in find_bucket (CVE-2020-14355) spip (3.2.4-1+deb10u3) buster-security; urgency=medium . * Backport security fixes from 3.2.8 - Critical security issue, allowing identified authors to execute arbitrary PHP code sqlite3 (3.27.2-3+deb10u1) buster; urgency=medium . * CVE-2019-19923 * CVE-2019-19925 * CVE-2019-19959 * CVE-2019-20218 * CVE-2020-13434 * CVE-2020-13435 * CVE-2020-13630 * CVE-2020-13632 * CVE-2020-15358 * CVE-2019-16168 systemd (241-7~deb10u5) buster; urgency=medium . * basic/cap-list: parse/print numerical capabilities (Closes: #964926) * missing: add new Linux capabilities. Linux kernel v5.8 adds two new capabilities. Make sure we can recognize them even when built with an older kernel. * networkd: do not generate MAC for bridge device (Closes: #963488) tbsync (2.18-1~deb10u1) buster; urgency=medium . [ Mechtilde ] * [962f929] Built for buster: debian/changelog * [2c6dea8] Prepared for release in buster (proposed-updates) tbsync (2.16.1-1) unstable; urgency=medium . [ Mechtilde ] * prepared for unstable (Closes: #968102) + to fit compatibility with thunderbird 78.x . * [501e05b] Added missing bug tracker to d/u/metadata tbsync (2.16.1-1~exp1) experimental; urgency=medium . [ Mechtilde ] * [3701379] New upstream version 2.15.5~beta * [15dcb16] Adapted d/ to the new version 2.15.5-beta . [ Carsten Schoenert ] * [94005c6] d/gbp.conf: adding helper for git-buildpackage * [256c84b] New upstream version 2.16.1 * [841ffa1] d/copyright: update and sort content alphabetically * [bb84449] d/rules: rework the build process a bit * [1afb65f] d/webext-tbsync.links: updating sequencer to new requirement * [79ff8f8] d/webext-tbsync.install: adopt installing files * [0fa330f] lintian: drop source override as not needed any more tbsync (2.16.1-1~deb10u1) buster; urgency=medium . * Rebuild for buster to fit compatibility with Tb 78.x + (Closes:#971807) tbsync (2.11-2~exp1) experimental; urgency=medium . [ Mechtilde Stehmann ] * [760cf22] Changed maintainer email in d/control to avoid lintian warning * [744a80c] Removed lightning from dependency for TB >=76 * [701c8fd] Adapt versions of dependencies tbsync (2.11-1) unstable; urgency=medium . * [c20de3a] New upstream version 2.11 tcpdump (4.9.3-1~deb10u2) buster; urgency=high . * Cherry-pick commit 32027e1993 from the upstream tcpdump-4.9 branch to fix untrusted input issue in the PPP printer (CVE-2020-8037, closes: #973877). thunderbird (1:78.5.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security thunderbird (1:78.4.2-1) unstable; urgency=medium . * [c7f4ed2] New upstream version 78.4.2 Fixed CVE issues in upstream version 78.4 (MFSA 2020-49): CVE-2020-26950: Write side effects in MCallGetProperty opcode not accounted for * [c3a617d] rebuild patch queue from patch-queue branch added patch: fixes/Bug-1663715-Update-syn-and-proc-macro2-so-that-Firefox-ca.patch * [8e4e7ad] thunderbird-l10n-all: add thunderbird-l10n-cy (Closes: #974127) thunderbird (1:78.4.2-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security (Closes: #973660) [ Emilio Pozuelo Monfort ] * [3d58cc1] d/control: reenable the armhf build on buster thunderbird (1:78.4.1-1) unstable; urgency=medium . * [cf8bf1e] New upstream version 78.4.1 * [529000c] rebuild patch queue from patch-queue branch added patches: fixes/Bug-1650299-Unify-the-inclusion-of-the-ICU-data-file.-r-f.patch fixes/Don-t-build-ICU-in-parallel.patch Patches are picked from Firefox and fixing FTBFS on s390x within buster. thunderbird (1:78.4.0-1) unstable; urgency=medium . [ Emilio Pozuelo Monfort ] * [652f8de] install the apparmor profile in thunderbird.install . [ Carsten Schoenert ] * [5240d53] Revert "thunderbird.install: adjust.desktop renamed file name" (Closes: #972601) * [861b21a] Revert "Rename .desktop file for AppStream compliance" (Closes: #972578) * [ffc5818] New upstream version 78.4.0 Fixed CVE issues in upstream version 78.4 (MFSA 2020-47): CVE-2020-15969: Use-after-free in usersctp CVE-2020-15683: Memory safety bugs fixed in Thunderbird 78.4 * [81396e3] rebuild patch queue from patch-queue branch removed patches (fixed upstream): porting-mips/Bug-1649655-MIPS-Add-CodeGenerator-visitWasmRegisterResul.patch porting/Bug-1666646-Bump-CodeAlignment-to-8-in-MacroAssembler-non.patch . modified patches: fixes/Appdata-Adding-some-German-translations.patch fixes/Appdata-Fix-up-AppStream-error-by-adding-missing-field.patch . Minor fine tuning to the AppStream specific parts but also revert some translation entries as they are not intend to be translatable. These modification also in correlation with the mentioned bug reports above which are closed by the other adjustments. thunderbird (1:78.4.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security thunderbird (1:78.3.3-1) unstable; urgency=medium . [ Emilio Pozuelo Monfort ] * [6f18974] Remove duplicated --disable-debug-symbols flag * [1119d50] Print a verbose build log by not calling the mach wrapper * [fcf7c11] Exclude -g from CXXFLAGS as well . [ Carsten Schoenert ] * [9eb159f] New upstream version 78.3.3 * [47171dc] rebuild patch queue from patch-queue branch added patches: fixes/Appdata-Adding-some-German-translations.patch fixes/Appdata-Fix-up-AppStream-error-by-adding-missing-field.patch * [1474d91] Rename .desktop file for AppStream compliance * [10e49a9] thunderbird.install: adjust.desktop renamed file name * [018bbc1] thunderbird.pc: remove left over cruft thunderbird (1:78.3.2-1) unstable; urgency=medium . * [0b2f19f] d/rules: remove hand crafted icu build Cherry-picked from debian/buster branch. The possible required build of the ICU if the usage of an external ICU library is now handled by the upstream build system. * [1583517] d/rules: rewrite dpkg_buildflags to remove option '-g' Cherry-picked from debian/buster branch. We need to remove the option '-g' from the dpkg_buildflags variable for real if we want a build without debugging information (e.g. on 32bit architectures). * [fb4c9c4] New upstream version 78.3.2 * [9d5e2b9] d/rules: install the language Add-ons into /u/l/t/e Do not install the thunderbird-l10n packages into /usr/share/thunderbird any more, install them directly into /usr/libt/thunderbird/extensions. This simplifies the package structures as there is no real need to install the packages into /usr/share/thunderbird and linking them back. thunderbird (1:78.3.1-2) unstable; urgency=medium . * [649f664] rebuild patch queue from patch-queue branch added patches: fixes/reduce-the-rust-debuginfo-level-on-selected-architectures.patch porting-s390x/Explicitly-instantiate-TIntermTraverser-traverse-TIntermN.patch thunderbird (1:78.3.1-2~deb10u2) stable-security; urgency=medium . * [72d9abd] d/rules: rewrite dpkg_buildflags to remove option '-g' * [adb263e] d/rules: disable dbgsym package on i386 for stable-security thunderbird (1:78.3.1-2~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security * [cc92401] d/rules: remove hand crafted icu build thunderbird (1:78.3.1-1) unstable; urgency=medium . [ Carsten Schoenert ] * [6bd965f] New upstream version 78.3.1 Fixed CVE issues in upstream version 78.3.1 (MFSA 2020-44): CVE-2020-15677: Download origin spoofing via redirect CVE-2020-15676: XSS when pasting attacker-controlled data into a contenteditable element CVE-2020-15678: When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free scenario CVE-2020-15673: Memory safety bugs fixed in Thunderbird 78.3 * [8ba13c5] rebuild patch queue from patch-queue branch added patches(picked from firefox packaging): fixes/Add-missing-bindings-for-mips-in-the-authenticator-crate.patch porting-mips/Bug-1642265-MIPS64-Add-branchTestSymbol-and-fallibleUnbox.patch porting-mips/Bug-1649655-MIPS-Add-CodeGenerator-visitWasmRegisterResul.patch porting/Bug-1666646-Bump-CodeAlignment-to-8-in-MacroAssembler-non.patch removed patch(fixed upstream): fixes/Bug-1664607-Don-t-try-to-load-what-s-new-page-when-built-.patch * [c6d282d] calendar-google-provider*: removing left over cruft There are two left over sequencer files from the calendar-google-package, not need any more since 1:68.2.2-1 * [cf37615] d/README.Debian: Update and adding new information Some updated information regarding the now included OpenPGP support, also updating some grammar for 'Add-on'. * [faf225b] thunderbird.NEWS: Add hint about integration of OpenPGP support Giving the user a information about the OpenPGP status within Thunderbird since the version 78.0. * [d6f4f0e] Revert "d/tb.lintian-overrides: ignore warning about none versioned breaks" * [9e6cbec] d/copyright: update content thunderbird (1:78.2.2-1) experimental; urgency=medium . * [c6592e8] New upstream version 78.2.2 * [28f5fce] rebuild patch queue from patch-queue branch added patches: fixes/Bug-1664607-Don-t-try-to-load-what-s-new-page-when-built-.patch porting-s390x/Use-more-recent-embedded-version-of-sqlite3.patch * [4866c06] d/mozconfig.default: add extra config options for ppc64el thunderbird (1:78.2.1-1) experimental; urgency=medium . * [1f3f76b] d/rules: drop C{,XX}FLAGS originally intended for GCC6 * [4490e37] d/mozconfig.default: add options for mips64el * [17b4e5c] d/rules: Don't build debug symbols on 32Bit arch * [6dff7e0] d/rules: addind -Wl,--as-needed to linker flags * [a213a7f] New upstream version 78.2.1 thunderbird (1:78.2.0-1) experimental; urgency=medium . [ intrigeri ] * [f6fcafd] d/control: drop hard dependency on libgtk2.0-0 (Closes: #908654) * [85b7a2e] autopkgtests: fix typo in comment * [4bd70ae] d/mozconfig.default: fix typos in comments * [d986a6d] d/control: allow Enigmail 2.2.0 and newer (Closes: #968707) . [ Carsten Schoenert ] * [52b4006] d/control: increase B-D for libnss3 (Closes: #966805) * [7794563] New upstream version 78.2.0 Fixed CVE issues in upstream version 78.2.0 (MFSA 2020-41): CVE-2020-15663: Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege CVE-2020-15664: Attacker-induced prompt for extension installation CVE-2020-15670: Memory safety bugs fixed in Thunderbird 78.2 * [623f853] rebuild patch queue from patch-queue branch No modifications made, just updating the index. thunderbird (1:78.1.1-1) experimental; urgency=medium . * [5fb842b] d/mozconfig.default: adding new option regarding Add-Ons Adding additional options --allow-addon-sideload and --with-unsigned-addon-scopes=app,system. These option are adopted and taken from the firefox package. * [8de0b35] New upstream version 78.1.1 * [4abe5ed] d/copyright: update content Some small updates to the copyright information. * [3caa541] d/control: adding new B-D for botan and json-c The upstream source now offers the possibility to use the system libraries for botan and json-c, for this we need to have both libraries installed for building Thunderbird. * [251d524] d/mozconfig.default: use botan and json-c system libraries Turn on the configuration flags for botan and also for json-c that let the build use the installed provided system libraries instead of using internal versions. * [a32a163] rebuild patch queue from patch-queue branch removed patch: debian-hacks/stop-configure-if-with-system-bz2-was-passed-but-no-.patch Upstream has now (again) a configure option for using a installed system bzip2 library that makes our added patch for this not needed anymore. * [16c91c0] lintian: remove override for embedded bzip2 in librnp.so thunderbird (1:78.1.0-1) experimental; urgency=medium . * [c4099cd] New upstream version 78.1.0 Fixed CVE issues in upstream version 78.1.0 (MFSA 2020-33): CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker CVE-2020-6514: WebRTC data channel leaks internal address to peer CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy CVE-2020-15653: Bypassing iframe sandbox when allowing popups CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture CVE-2020-15656: Type confusion for special arguments in IonMonkey CVE-2020-15658: Overriding file type when saving to disk CVE-2020-15657: DLL hijacking due to incorrect loading path CVE-2020-15654: Custom cursor can overlay user interface CVE-2020-15659: Memory safety bugs fixed in Thunderbird 78.1 thunderbird (1:78.0.1-1) experimental; urgency=medium . * [5450d8d] d/control: increase B-D for libnss3 * [9749d1d] d/control: drop B-D on python2 and move over to python3 * [b31360b] d/xpi-pack.sh: adding xpi-pack shell script * [89ede80] Drop mozilla-devscripts as B-D * [f3b2ced] New upstream version 78.0.1 * [1847202] d/tb.lintian-overrides: ignore warning about none versioned breaks * [d56c922] d/lightning.links: removing left over sequencer file thunderbird (1:78.0-1) experimental; urgency=medium . * [1016cc5] New upstream version 78.0 Fixed CVE issues in upstream version 78.0 (MFSA 2020-29): CVE-2020-12415: AppCache manifest poisoning due to url encoded character processing CVE-2020-12416: Use-after-free in WebRTC VideoBroadcaster CVE-2020-12417: Memory corruption due to missing sign-extension for ValueTags on ARM64 CVE-2020-12418: Information disclosure due to manipulated URL object CVE-2020-12419: Use-after-free in nsGlobalWindowInner CVE-2020-12420: Use-After-Free when trying to connect to a STUN server CVE-2020-15648: X-Frame-Options bypass using object or embed tags CVE-2020-12402: RSA Key Generation vulnerable to side-channel attack CVE-2020-12421: Add-On updates did not respect the same certificate trust rules as software updates CVE-2020-12422: Integer overflow in nsJPEGEncoder::emptyOutputBuffer CVE-2020-12424: WebRTC permission prompt could have been bypassed by a compromised content process CVE-2020-12425: Out of bound read in Date.parse() CVE-2020-12426: Memory safety bugs fixed in Thunderbird 78 * [ad66b04] rebuild patch queue from patch-queue branch reworked patch: porting-kfreebsd-hurd/LDAP-support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch * [4a2039c] d/mozconfig.default: enable OpenPGP feature build thunderbird (1:78.0~b2-1) experimental; urgency=medium . * [c8da927] d/source.filter: fix obviously happen typo * [c513a96] New upstream version 78.0~b2 * [6e9104e] d/control: tb, adding binary version to lightning provides Make the Provides for Lightning a versioned provide. * [8adec8f] enigmail: let any version of Enigmail break We now can break on any Enigmail version, the Enigmail functions are now included in Thunderbird and don't want to have an Enigmail package get installed in parallel. * [696b1fc] xul-ext-*/webext-*: adding more extensions to break Quite all of the current packaged Thunderbird extensions will not work for now with Thunderbird 78.*, adding/renaming the current know packages with recent versions to Breaks for thunderbird. * [e488d0c] thunderbird: remove some non-existing packages from Breaks The listed packages xul-ext-foxyproxy-standard xul-ext-gnome-keyring xul-ext-nostalgy aren't in any supported release so we don't need them any more within a Breaks for thunderbird. * [039ee90] thunderbird: remove outdated myspell packages from Breaks All previously listed myspell packages in Breaks for thunderbird aren't reachable with the given version any more. We can remove them safely. * [08ea0ba] thunderbird: remove outdated hunspell packages from Breaks The same is true for the hunspell packages that were listed in the Breaks field for thunderbird. thunderbird (1:78.0~b1-1) experimental; urgency=medium . [ Carsten Schoenert ] * [625efa9] d/source.filter: some updates to filtering list Recent modification of the shipped files in the upstream tarball do require small updates of the filter list we use to repack the tarball. * [967ee19] New upstream version 78.0~b1 * [240991e] rebuild patch queue from patch-queue branch removed patch: debian-hacks/use-icudt-b-l-.dat-depending-on-architecture.patch This will require some additional adjustment later for the stable-security upkoads as this patch was required to get a recent ICU version build before the build of the thunderbird sources did start. reworked patch: debian-hacks/stop-configure-if-with-system-bz2-was-passed-but-no-.patch * [07cab53] d/mozconfig.default: remove no longer existing options By this release a lot of old configure options are kicked out, some of them we have used until now. We need to remove these from the config. * [df2e99b] d/copyright: update content As usual some required update of the copyright file, more files are not shipped anymore. . [ intrigeri ] * [82a4b03] AppArmor: update profile from upstream at commit 860d2d9 (cherry-picked from unstable) thunderbird (1:77.0~b3-1) experimental; urgency=medium . * [82de2f6] New upstream version 77.0~b3 * [8beaf6f] rebuild patch queue from patch-queue branch removed patch (included upstream): fixes/Bug-1634994-fix-disable-av1-r-tnikkel.patch * [ab2d7a2] d/copyright: Add license for appstream xml file * [1533187] d/source.filter: Remove some *.wasm files as well * [7cdfe03] d/thunderbird.lintian-overrides: Some more needed overrides We need currently the included bzip library. Also add a false positive about the misread postinst script. * [9385fd4b] d/control: Remove doubled listed package libglib2.0-dev Drop a doubled listed package libglib2.0-dev within B-D. thunderbird (1:77.0~b2-1) experimental; urgency=medium . * [185d4f7] New upstream version 77.0~b2 * [e918036] rebuild patch queue from patch-queue branch removed patch: fixes/Bug-1635671-Upgrade-typename-to-1.12.0.-r-emilio.patch * [c1979ce] d/mozconfig.default: Remove obsolete options Drop the options '--with-distribution-id' and '--with-user-appdir'. The former is basically only supporting the given default 'org.mozilla' and the latter was set to the default '.mozilla' anyway. thunderbird (1:77.0~b1-1) experimental; urgency=medium . * [ee06e6e] New upstream version 77.0~b1 * [a21b649] rebuild patch queue from patch-queue branch removed patches (not needed any more): lower-down-required-version-on-NSS3.patch . added patches: fixes/Bug-1634994-fix-disable-av1-r-tnikkel.patch fixes/Bug-1635671-Upgrade-typename-to-1.12.0.-r-emilio.patch * [295cc4d] d/control: increase B-D for libnss3 The build requires now libnss3-dev >= 2:3.52. * [f998baf] lintian-overrides: remove overrides for kinto-http-client.js No override needed for this file, it's not included any more. thunderbird (1:76.0~b2-1) experimental; urgency=medium . * [87988db] d/control: increase B-D for cargo to 0.42 * [b9b0dfd] rebuild patch queue from patch-queue branch removed patch: debian-hacks/Ignore-version-check-for-cargo.patch * [8386db0] d/control: Remove B-D on libjson-dev and libsqlite3-dev The built uses internal copies for libjson and libsqlite as there are made modifications to them. For now we can decrease the list of build dependencies by removing this two packages. * [6324222] New upstream version 76.0~b2 * [629b3bb] d/rules: Remove default compiler flag No needed for '-Wl,--as-needed' any more, it's default now. thunderbird (1:76.0~b1-1) experimental; urgency=medium . * [b52cd52] d/c-thunderbird-l10n-tarball.sh: change upstream resource Upstream has changed the folder were we can find the language providing XPI packages. They simply moved over from linux-i686 to linux-x86_64. * [22e697a] d/rules: drop set up of LIGHTNING_VERSION variable We don't need this variable any more for building the packages (like all the lightning-foo named stuff), there is no dedicated Lighting named stuff around. * [4ad871b] d/gbp.conf: Remove additional tarball for lightning-l10n git-buildpackage won't find this additional tarball as it's not needed starting by the import of the next upstream version (this is 76.0b1). * [25d8d42] d/c-l-l10n-t.sh: Remove helper script We also don't need to build the l10n specific additional tarball for Lighting related parts any more. Dropping this helper script. * [9d33d06] d/README.source: Remove part of lightning-l10n * [b063d7f] New upstream version 76.0~b1 * [e7a23ec] rebuild patch queue from patch-queue branch removed patches (not needed or included upstream): debian-hacks/Build-against-system-libjsoncpp.patch debian-hacks/Downgrade-SQlite-version-to-3.27.2.patch fixes/Bug-1531309-Don-t-use-__PRETTY_FUNCTION__-or-__FUNCTION__.patch fixes/Bug-1560340-Only-add-confvars.sh-as-a-dependency-to-confi.patch . added patches: debian-hacks/Ignore-version-check-for-cargo.patch lower-down-required-version-on-NSS3.patch * [94d8593] d/control: adding new packages thunderbird-l10n-{cak,kab,uz} After the final release of Thunderbird 68.0 new l10n support for the languages Kacqhikel, Georgian and Uzbek was added. Reflect this by adding new binary packages for those languages. * [5397182] d/mozconfig.default: remove option for system-sqlite Upstream is using their own version of an modified SQLite now and has dropping the additional configure option about this. * [abb0ded] d/control: increase various versions in B-D The current source requires some more recent versions of the helping tools for building the sources as usual. * [abfc8b2] d/rules: remove any action related to old lightning stuff As the sources doesn't have any Lightning specific parts any more we need to adjust the build process within debina/rules a bit. Thus dropping all the rules around Lighting things. * [f95b3ad] d/control: Turn lightning into transitional package For now switch the behaviour of the lightning package into a transitional one. We might can drop the whole package rather soon. * [c3062cb] d/thunderbird.install: Remove blocklist.xml Don't install the file blocklist.xml any more, it's now not shipped by upstream any more. * [856e99e] d/mozconfig.thunderbird: Remove --enable-calendar Previously the build of the Lightning extension was needed to get enabled to built this as an extension. Now it's fully integrated into the core this configure option isn't needed any longer. * [5551a8a] d/copyright: update content As usual there is some moving within the source code between the major versions, reflect this by adjusting the content of the copyright file. * [21e9b7f] lintian-overrides: adjust overrides for needed files Also the override file for the source is needing some adjustments. * [f25ddc4] d/source.filter: update the filter sequences The control for filtering non needed stuff from the upstream tarball must also get adjusted due changed versions, moved folders etc. * [e4a81ba] d/thunderbird.install: Install also appdata.xml Upstream is providing an AppStream data file which we want install mow also. * [80385c9] d/source.filter: Sorting entries alphabetically No functional modifications, just sorting entries to find stuff more easily. * [585cf0a] d/thunderbird.lintian-overrides: update after config changes We also need to modify the content for Lintian overrides for the thunderbird package a bit. Thunderbird comes now (again) with own versions of the libraries libtheora and libjsoncpp. Mostly because Mozilla has made some own modifications within these libraries. thunderbird (1:68.12.0-1) unstable; urgency=medium . * [103cab7] New upstream version 68.12.0 Fixed CVE issues in upstream version 68.11.0 (MFSA 2020-35): CVE-2020-15663: Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege CVE-2020-15664: Attacker-induced prompt for extension installation CVE-2020-15669: Use-After-Free when aborting an operation tigervnc (1.9.0+dfsg-3+deb10u3) buster; urgency=high . [ Joachim Falk ] * Properly store certificate exceptions in native and java VNC viewer. The VNC viewers stored the certificate exceptions as authorities, meaning that the owner of a certificate could impersonate any server after a client had added an exception. This is issue CVE-2020-26117 (Closes: #971272). tor (0.3.5.12-1) buster; urgency=medium . * New upstream version, updating Tor in stable (cf. #975297). transmission (2.94-2+deb10u2) buster; urgency=medium . * Fix mem leak (Closes: #968097) tzdata (2020d-0+deb10u1) buster; urgency=medium . * New upstream version, affecting the following future timestamp: - Palestine ends DST earlier than predicted, on 2020-10-24. - Fiji starts DST later than usual, on 2020-12-20. tzdata (2020c-1) unstable; urgency=medium . * New upstream version, affecting the following future timestamp: - Fiji starts DST later than usual, on 2020-12-20. tzdata (2020b-1) unstable; urgency=medium . * New upstream version, affecting the following past and future timestamps: - Revised predictions for Morocco's changes starting in 2023. - Macquarie Island has stayed in sync with Tasmania since 2011. - Casey, Antarctica is at +08 in winter and +11 in summer since 2018. * Update German debconf translation, by Helge Kreutzmann. Closes: #960783. * Update Dutch debconf translation, by Frans Spiesschaert. Closes: #963007. * Update Portuguese debconf translation, by Rui Branco. Closes: #871051. * Update debian/upstream/signing-key.asc. * Get rid of old SystemV timezones, as this has been fully removed upstream. Convert existing configuration to the "new" America/* names. * Drop pacificnew support, it has been removed upstream. tzdata (2020b-0+deb10u1) buster; urgency=medium . * New upstream version, affecting the following past and future timestamps: - Revised predictions for Morocco's changes starting in 2023. - Macquarie Island has stayed in sync with Tasmania since 2011. - Casey, Antarctica is at +08 in winter and +11 in summer since 2018. * Restore the pacificnew and systemv files that have been removed upstream. The corresponding timezones have been removed from the bullseye/sid package, with the switch to the new names handle by the maintainer scripts. However we do not want to transition to the new names in a stable release. * Update debian/upstream/signing-key.asc. tzdata (2020a-1) unstable; urgency=medium . * New upstream version, affecting the following future timestamps: - Morocco springs forward on 2020-05-31, not 2020-05-24. - Canada's Yukon advanced to -07 year-round on 2020-03-08. * Bump Standards-Version to 4.5.0 (no changes). ublock-origin (1.30.0+dfsg-1~deb10u1) buster; urgency=medium . * Backport version 1.30.0+dfsg to Buster. * Revert to debhelper level 12. ublock-origin (1.29.0+dfsg-2) unstable; urgency=medium . * Update debian/copyright. Readd codemirror license which got accidentally removed and two new fonts licenses. (Closes: #969742) ublock-origin (1.29.0+dfsg-1) unstable; urgency=medium . * New upstream version 1.29.0+dfsg. - Restore compatibility with Firefox 80. (Closes: #969123) * Restore compatibility with Chromium. Add new binary package webext-ublock-origin-chromium. (Closes: #954097) ublock-origin (1.28.0+dfsg-1) unstable; urgency=medium . * New upstream version 1.28.0+dfsg. (Closes: #952645) * Remove obsolete binary packages xul-ext-ublock-origin and chromium-ublock-origin. (Closes: #908158) * Install the Firefox version into webext-ublock-origin. Temporarily only the Firefox web browser is supported. A new version of ublock-origin is currently waiting in the ftp-master's NEW queue. As soon as this version enters Debian, both web browsers, Chromium and Firefox, will be supported again. * Fix the wrong version number in both Firefox and Chromium manifest files. (Closes: #946796) ublock-origin (1.25.0+dfsg-1) experimental; urgency=medium . * New upstream version 1.25.0+dfsg. (Closes: #952645) * Remove obsolete binary packages xul-ext-ublock-origin and chromium-ublock-origin. (Closes: #908158) * Make webext-ublock-origin a transitional package. From now on users need to install the browser-specific addon versions,either webext-ublock-origin-firefox or webext-ublock-origin-chromium. Please also read /usr/share/doc/webext-ublock-origin/NEWS. Providing just a single binary package for both web browsers was not a viable solution due to sandboxing limitations. (Closes: #946808, #911098) * Fix the wrong version number in both Firefox and Chromium manifest files. (Closes: #946796) ublock-origin (1.22.2+dfsg-2) unstable; urgency=medium . * Update debian/copyright. Add some missing file paths and the MIT license. (Closes: #956268) ublock-origin (1.22.2+dfsg-1) unstable; urgency=medium . * New upstream version 1.22.2+dfsg. vips (8.7.4-1+deb10u1) buster; urgency=medium . * Fix CVE-2020-20739: variable used-before-set error in im_vips2dz() . wordpress (5.0.11+dfsg1-0+deb10u1) buster-security; urgency=high . * Security release, fixes 8 bugs Closes: #973562 - CVE-2020-28039: Protected meta that could lead to arbitrary file deletion. - CVE-2020-28035: XML-RPC privilege escalation. - CVE-2020-28036: XML-RPC privilege escalation. - CVE-2020-28032: Hardening deserialization requests. - CVE-2020-28037: DoS attack could lead to RCE. - CVE-2020-28038: Stored XSS in post slugs. - CVE-2020-28033: Disable spam embeds from disabled sites on a multisite network. - CVE-2020-28034: Cross-Site Scripting (XSS) via global variables. - CVE-2020-28040: CSRF attacks that change a theme's background image. * Remove duplicated changeset 45974 Closes: #971914 x11vnc (0.9.13-6+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * scan: limit access to shared memory segments to current user (CVE-2020-29074) (Closes: #975875) xen (4.11.4+37-g3263f257ca-1) buster-security; urgency=high . * Update to new upstream version 4.11.4+37-g3263f257ca, which also contains security fixes for the following issues: - x86 pv: Crash when handling guest access to MSR_MISC_ENABLE XSA-333 CVE-2020-25602 - race when migrating timers between x86 HVM vCPU-s XSA-336 CVE-2020-25604 - PCI passthrough code reading back hardware registers XSA-337 CVE-2020-25595 - once valid event channels may not turn invalid XSA-338 CVE-2020-25597 - x86 pv guest kernel DoS via SYSENTER XSA-339 CVE-2020-25596 - Missing memory barriers when accessing/allocating an event channel XSA-340 CVE-2020-25603 - out of bounds event channels available to 32-bit x86 domains XSA-342 CVE-2020-25600 - races with evtchn_reset() XSA-343 CVE-2020-25599 - lack of preemption in evtchn_reset() / evtchn_destroy() XSA-344 CVE-2020-25601 * Note that with this update, we will be detaching the Buster updates from the Xen version in Debian unstable, which will get a newer Xen version RSN. xen (4.11.4+24-gddaaccbbab-1) unstable; urgency=medium . * Update to new upstream version 4.11.4+24-gddaaccbbab, which also contains security fixes for the following issues: - inverted code paths in x86 dirty VRAM tracking XSA-319 CVE-2020-15563 - Special Register Buffer speculative side channel XSA-320 CVE-2020-0543 N.B: To mitigate this issue, new cpu microcode is required. The changes in Xen provide a workaround for affected hardware that is not receiving a vendor microcode update. Please refer to the upstream XSA-320 Advisory text for more details. - insufficient cache write-back under VT-d XSA-321 CVE-2020-15565 - Missing alignment check in VCPUOP_register_vcpu_info XSA-327 CVE-2020-15564 - non-atomic modification of live EPT PTE XSA-328 CVE-2020-15567 yaws (2.0.6+dfsg-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Reject external entities in DAV requests (CVE-2020-24379) * Fix unused variable warning * Sanitize CGI requests (CVE-2020-24916) ======================================= Sat, 26 Sep 2020 - Debian 10.6 released ======================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:07:04 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-9-all-amd64 | 4.19.118-2+deb10u1 | amd64 linux-headers-4.19.0-9-amd64 | 4.19.118-2+deb10u1 | amd64 linux-headers-4.19.0-9-cloud-amd64 | 4.19.118-2+deb10u1 | amd64 linux-headers-4.19.0-9-rt-amd64 | 4.19.118-2+deb10u1 | amd64 linux-image-4.19.0-9-amd64-dbg | 4.19.118-2+deb10u1 | amd64 linux-image-4.19.0-9-amd64-unsigned | 4.19.118-2+deb10u1 | amd64 linux-image-4.19.0-9-cloud-amd64-dbg | 4.19.118-2+deb10u1 | amd64 linux-image-4.19.0-9-cloud-amd64-unsigned | 4.19.118-2+deb10u1 | amd64 linux-image-4.19.0-9-rt-amd64-dbg | 4.19.118-2+deb10u1 | amd64 linux-image-4.19.0-9-rt-amd64-unsigned | 4.19.118-2+deb10u1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:07:15 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-9-all-mipsel | 4.19.118-2+deb10u1 | mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:07:27 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el btrfs-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el cdrom-core-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el compress-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el crc-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el crypto-dm-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el crypto-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el event-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el ext4-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el fancontrol-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el fat-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el fb-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el firewire-core-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el fuse-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el hypervisor-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el i2c-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el input-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el isofs-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el jfs-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el kernel-image-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el linux-headers-4.19.0-9-all-ppc64el | 4.19.118-2+deb10u1 | ppc64el linux-headers-4.19.0-9-powerpc64le | 4.19.118-2+deb10u1 | ppc64el linux-image-4.19.0-9-powerpc64le | 4.19.118-2+deb10u1 | ppc64el linux-image-4.19.0-9-powerpc64le-dbg | 4.19.118-2+deb10u1 | ppc64el loop-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el md-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el mouse-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el mtd-core-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el multipath-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el nbd-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el nic-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el nic-shared-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el nic-usb-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el nic-wireless-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el ppp-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el sata-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el scsi-core-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el scsi-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el scsi-nic-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el serial-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el squashfs-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el udf-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el uinput-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el usb-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el usb-serial-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el usb-storage-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el xfs-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:07:39 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: btrfs-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x cdrom-core-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x compress-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x crc-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x crypto-dm-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x crypto-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x dasd-extra-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x dasd-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x ext4-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x fat-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x fuse-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x isofs-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x kernel-image-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x linux-headers-4.19.0-9-all-s390x | 4.19.118-2+deb10u1 | s390x linux-headers-4.19.0-9-s390x | 4.19.118-2+deb10u1 | s390x linux-image-4.19.0-9-s390x | 4.19.118-2+deb10u1 | s390x linux-image-4.19.0-9-s390x-dbg | 4.19.118-2+deb10u1 | s390x loop-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x md-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x mtd-core-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x multipath-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x nbd-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x nic-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x scsi-core-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x scsi-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x udf-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x xfs-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x zlib-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:08:01 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-9-all | 4.19.118-2+deb10u1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:08:17 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-9-all-arm64 | 4.19.118-2+deb10u1 | arm64 linux-headers-4.19.0-9-arm64 | 4.19.118-2+deb10u1 | arm64 linux-headers-4.19.0-9-rt-arm64 | 4.19.118-2+deb10u1 | arm64 linux-image-4.19.0-9-arm64-dbg | 4.19.118-2+deb10u1 | arm64 linux-image-4.19.0-9-arm64-unsigned | 4.19.118-2+deb10u1 | arm64 linux-image-4.19.0-9-rt-arm64-dbg | 4.19.118-2+deb10u1 | arm64 linux-image-4.19.0-9-rt-arm64-unsigned | 4.19.118-2+deb10u1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:08:35 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: btrfs-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel cdrom-core-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel compress-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel crc-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel crypto-dm-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel crypto-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel event-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel ext4-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel fat-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel fb-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel fuse-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel input-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel ipv6-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel isofs-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel jffs2-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel jfs-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel kernel-image-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel leds-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel linux-headers-4.19.0-9-all-armel | 4.19.118-2+deb10u1 | armel linux-headers-4.19.0-9-marvell | 4.19.118-2+deb10u1 | armel linux-headers-4.19.0-9-rpi | 4.19.118-2+deb10u1 | armel linux-image-4.19.0-9-marvell | 4.19.118-2+deb10u1 | armel linux-image-4.19.0-9-marvell-dbg | 4.19.118-2+deb10u1 | armel linux-image-4.19.0-9-rpi | 4.19.118-2+deb10u1 | armel linux-image-4.19.0-9-rpi-dbg | 4.19.118-2+deb10u1 | armel loop-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel md-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel minix-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel mmc-core-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel mmc-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel mouse-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel mtd-core-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel mtd-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel multipath-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel nbd-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel nic-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel nic-shared-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel nic-usb-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel ppp-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel sata-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel scsi-core-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel squashfs-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel udf-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel uinput-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel usb-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel usb-serial-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel usb-storage-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel zlib-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:08:45 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf btrfs-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf cdrom-core-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf compress-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf crc-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf crypto-dm-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf crypto-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf efi-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf event-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf ext4-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf fat-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf fb-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf fuse-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf i2c-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf input-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf isofs-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf jfs-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf kernel-image-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf leds-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf linux-headers-4.19.0-9-all-armhf | 4.19.118-2+deb10u1 | armhf linux-headers-4.19.0-9-armmp | 4.19.118-2+deb10u1 | armhf linux-headers-4.19.0-9-armmp-lpae | 4.19.118-2+deb10u1 | armhf linux-headers-4.19.0-9-rt-armmp | 4.19.118-2+deb10u1 | armhf linux-image-4.19.0-9-armmp | 4.19.118-2+deb10u1 | armhf linux-image-4.19.0-9-armmp-dbg | 4.19.118-2+deb10u1 | armhf linux-image-4.19.0-9-armmp-lpae | 4.19.118-2+deb10u1 | armhf linux-image-4.19.0-9-armmp-lpae-dbg | 4.19.118-2+deb10u1 | armhf linux-image-4.19.0-9-rt-armmp | 4.19.118-2+deb10u1 | armhf linux-image-4.19.0-9-rt-armmp-dbg | 4.19.118-2+deb10u1 | armhf loop-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf md-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf mmc-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf mtd-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf multipath-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf nbd-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf nic-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf nic-shared-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf nic-usb-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf nic-wireless-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf pata-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf ppp-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf sata-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf scsi-core-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf scsi-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf scsi-nic-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf squashfs-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf udf-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf uinput-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf usb-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf usb-serial-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf usb-storage-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf zlib-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:08:54 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-9-686 | 4.19.118-2+deb10u1 | i386 linux-headers-4.19.0-9-686-pae | 4.19.118-2+deb10u1 | i386 linux-headers-4.19.0-9-all-i386 | 4.19.118-2+deb10u1 | i386 linux-headers-4.19.0-9-rt-686-pae | 4.19.118-2+deb10u1 | i386 linux-image-4.19.0-9-686-dbg | 4.19.118-2+deb10u1 | i386 linux-image-4.19.0-9-686-pae-dbg | 4.19.118-2+deb10u1 | i386 linux-image-4.19.0-9-686-pae-unsigned | 4.19.118-2+deb10u1 | i386 linux-image-4.19.0-9-686-unsigned | 4.19.118-2+deb10u1 | i386 linux-image-4.19.0-9-rt-686-pae-dbg | 4.19.118-2+deb10u1 | i386 linux-image-4.19.0-9-rt-686-pae-unsigned | 4.19.118-2+deb10u1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:09:03 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-9-all-mips | 4.19.118-2+deb10u1 | mips ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:09:16 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel btrfs-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel cdrom-core-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel compress-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel crc-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel crypto-dm-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel crypto-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel event-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel ext4-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel fat-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel fuse-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel hfs-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel input-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel isofs-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel jfs-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel kernel-image-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel linux-headers-4.19.0-9-5kc-malta | 4.19.118-2+deb10u1 | mips, mips64el, mipsel linux-headers-4.19.0-9-octeon | 4.19.118-2+deb10u1 | mips, mips64el, mipsel linux-image-4.19.0-9-5kc-malta | 4.19.118-2+deb10u1 | mips, mips64el, mipsel linux-image-4.19.0-9-5kc-malta-dbg | 4.19.118-2+deb10u1 | mips, mips64el, mipsel linux-image-4.19.0-9-octeon | 4.19.118-2+deb10u1 | mips, mips64el, mipsel linux-image-4.19.0-9-octeon-dbg | 4.19.118-2+deb10u1 | mips, mips64el, mipsel loop-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel md-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel minix-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel multipath-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel nbd-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel nic-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel nic-shared-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel nic-usb-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel nic-wireless-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel pata-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel ppp-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel rtc-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel sata-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel scsi-core-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel scsi-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel scsi-nic-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel sound-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel squashfs-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel udf-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel usb-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel usb-serial-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel usb-storage-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel xfs-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel zlib-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:09:32 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel ata-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel btrfs-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel cdrom-core-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel compress-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel crc-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel crypto-dm-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel crypto-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel event-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel ext4-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel fat-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel fb-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel fuse-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel hfs-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel i2c-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel input-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel isofs-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel jfs-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel kernel-image-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel linux-headers-4.19.0-9-4kc-malta | 4.19.118-2+deb10u1 | mips, mipsel linux-image-4.19.0-9-4kc-malta | 4.19.118-2+deb10u1 | mips, mipsel linux-image-4.19.0-9-4kc-malta-dbg | 4.19.118-2+deb10u1 | mips, mipsel loop-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel md-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel minix-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel mmc-core-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel mmc-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel mouse-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel mtd-core-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel multipath-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel nbd-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel nic-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel nic-shared-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel nic-usb-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel nic-wireless-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel pata-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel ppp-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel sata-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel scsi-core-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel scsi-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel scsi-nic-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel sound-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel squashfs-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel udf-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel usb-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel usb-serial-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel usb-storage-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel xfs-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel zlib-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:09:46 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el ata-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el btrfs-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el cdrom-core-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el compress-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el crc-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el crypto-dm-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el crypto-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el event-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el ext4-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el fat-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el fb-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el fuse-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el hfs-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el i2c-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el input-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el isofs-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el jfs-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el kernel-image-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el linux-headers-4.19.0-9-all-mips64el | 4.19.118-2+deb10u1 | mips64el loop-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el md-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el minix-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el mmc-core-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el mmc-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el mouse-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el mtd-core-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el multipath-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el nbd-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el nic-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el nic-shared-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el nic-usb-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el nic-wireless-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el pata-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el ppp-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el sata-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el scsi-core-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el scsi-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el scsi-nic-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el sound-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el squashfs-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el udf-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el usb-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el usb-serial-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el usb-storage-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el xfs-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el zlib-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:10:10 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel ata-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel btrfs-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel cdrom-core-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel compress-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel crc-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel crypto-dm-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel crypto-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel event-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel ext4-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel fat-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel fb-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel firewire-core-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel fuse-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel hfs-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel input-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel isofs-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel jfs-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel kernel-image-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel linux-headers-4.19.0-9-loongson-3 | 4.19.118-2+deb10u1 | mips64el, mipsel linux-image-4.19.0-9-loongson-3 | 4.19.118-2+deb10u1 | mips64el, mipsel linux-image-4.19.0-9-loongson-3-dbg | 4.19.118-2+deb10u1 | mips64el, mipsel loop-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel md-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel minix-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel mtd-core-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel multipath-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel nbd-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel nfs-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel nic-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel nic-shared-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel nic-usb-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel nic-wireless-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel pata-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel ppp-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel sata-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel scsi-core-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel scsi-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel scsi-nic-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel sound-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel speakup-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel squashfs-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel udf-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel usb-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel usb-serial-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel usb-storage-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel xfs-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel zlib-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:10:21 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: acpi-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 ata-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 btrfs-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 cdrom-core-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 compress-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 crc-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 crypto-dm-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 crypto-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 efi-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 event-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 ext4-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 fat-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 fb-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 firewire-core-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 fuse-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 i2c-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 input-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 isofs-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 jfs-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 kernel-image-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 linux-image-4.19.0-9-amd64 | 4.19.118-2+deb10u1 | amd64 linux-image-4.19.0-9-cloud-amd64 | 4.19.118-2+deb10u1 | amd64 linux-image-4.19.0-9-rt-amd64 | 4.19.118-2+deb10u1 | amd64 loop-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 md-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 mmc-core-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 mmc-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 mouse-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 mtd-core-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 multipath-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 nbd-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 nic-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 nic-pcmcia-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 nic-shared-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 nic-usb-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 nic-wireless-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 pata-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 pcmcia-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 pcmcia-storage-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 ppp-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 sata-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 scsi-core-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 scsi-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 scsi-nic-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 serial-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 sound-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 speakup-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 squashfs-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 udf-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 uinput-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 usb-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 usb-serial-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 usb-storage-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 xfs-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-amd64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:10:33 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 btrfs-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 cdrom-core-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 compress-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 crc-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 crypto-dm-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 crypto-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 efi-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 event-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 ext4-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 fat-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 fb-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 fuse-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 i2c-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 input-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 isofs-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 jfs-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 kernel-image-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 leds-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 linux-image-4.19.0-9-arm64 | 4.19.118-2+deb10u1 | arm64 linux-image-4.19.0-9-rt-arm64 | 4.19.118-2+deb10u1 | arm64 loop-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 md-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 mmc-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 mtd-core-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 multipath-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 nbd-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 nic-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 nic-shared-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 nic-usb-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 nic-wireless-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 ppp-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 sata-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 scsi-core-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 scsi-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 scsi-nic-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 squashfs-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 udf-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 uinput-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 usb-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 usb-serial-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 usb-storage-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 xfs-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-arm64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:10:47 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: acpi-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 acpi-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 ata-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 ata-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 btrfs-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 btrfs-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 cdrom-core-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 cdrom-core-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 compress-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 compress-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 crc-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 crc-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 crypto-dm-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 crypto-dm-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 crypto-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 crypto-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 efi-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 efi-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 event-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 event-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 ext4-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 ext4-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 fat-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 fat-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 fb-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 fb-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 firewire-core-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 firewire-core-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 fuse-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 fuse-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 i2c-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 i2c-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 input-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 input-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 isofs-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 isofs-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 jfs-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 jfs-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 kernel-image-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 kernel-image-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 linux-image-4.19.0-9-686 | 4.19.118-2+deb10u1 | i386 linux-image-4.19.0-9-686-pae | 4.19.118-2+deb10u1 | i386 linux-image-4.19.0-9-rt-686-pae | 4.19.118-2+deb10u1 | i386 loop-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 loop-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 md-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 md-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 mmc-core-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 mmc-core-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 mmc-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 mmc-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 mouse-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 mouse-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 mtd-core-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 mtd-core-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 multipath-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 multipath-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 nbd-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 nbd-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 nic-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 nic-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 nic-pcmcia-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 nic-pcmcia-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 nic-shared-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 nic-shared-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 nic-usb-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 nic-usb-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 nic-wireless-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 nic-wireless-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 pata-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 pata-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 pcmcia-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 pcmcia-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 pcmcia-storage-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 pcmcia-storage-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 ppp-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 ppp-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 sata-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 sata-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 scsi-core-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 scsi-core-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 scsi-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 scsi-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 scsi-nic-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 scsi-nic-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 serial-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 serial-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 sound-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 sound-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 speakup-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 speakup-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 squashfs-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 squashfs-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 udf-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 udf-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 uinput-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 uinput-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 usb-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 usb-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 usb-serial-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 usb-serial-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 usb-storage-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 usb-storage-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 xfs-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 xfs-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-i386) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:11:23 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-9-common | 4.19.118-2+deb10u1 | all linux-headers-4.19.0-9-common-rt | 4.19.118-2+deb10u1 | all linux-support-4.19.0-9 | 4.19.118-2+deb10u1 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 08:52:40 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: libstd-rust-1.34 | 1.34.2+dfsg1-1 | amd64, arm64, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by rustc - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 08:54:18 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: librust-cbindgen-dev | 0.8.7-1 | amd64, arm64, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by rustc - based on source metadata) ---------------------------------------------- ========================================================================= apache2 (2.4.38-3+deb10u4) buster-security; urgency=high . * Import http2 modules from 2.4.46 (Closes: CVE-2020-9490, CVE-2020-11993) * Fix error out on HTTP header larger than 16K (Closes: CVE-2020-11984) * Fix bad regexp in mod_rewrite (Closes: CVE-2020-1927) * Fix uninitialized memory when proxying to a malicious FTP server (Closes: CVE-2020-1934) arch-test (0.15-2+deb10u1) buster; urgency=medium . * Fix s390x detection sometimes failing (Alexander Efremkin). ark (4:18.08.3-1+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Pass the ARCHIVE_EXTRACT_SECURE_SYMLINKS flag to libarchive (CVE-2020-24654) (Closes: #969437) ark (4:18.08.3-1+deb10u1) buster-security; urgency=medium . * CVE-2020-16116 asterisk (1:16.2.1~dfsg-1+deb10u2) buster; urgency=medium . * CVE-2019-15297: AST-2019-004 Crash when negotiating for T.38 with a declined stream (Closes: #940060) * CVE-2019-18790: AST-2019-006 SIP request can change address of a SIP peer (Closes: #947381) * CVE-2019-18610: AST-2019-007 AMI user could execute system commands (Closes: #947377) * Fix use-after-free with TEST_FRAMEWORK enabled (Closes: #966334) * Fix segfault in pjsip show history with IPv6 peers (Closes: #882145) bacula (9.4.2-2+deb10u1) buster; urgency=medium . * Backport fix from upstream for CVE-2020-11061: oversized digest strings allow a malicious client to cause a heap overflow in the director's memory base-files (10.3+deb10u6) buster; urgency=medium . * Change /etc/debian_version to 10.6, for Debian 10.6 point release. bind9 (1:9.11.5.P4+dfsg-5.1+deb10u2) buster-security; urgency=high . [ Salvatore Bonaccorso ] * [CVE-2020-8622] Properly handle malformed truncated responses to TSIG queries * [CVE-2020-8623] Fix crash in pk11_numbits() with crafted packet when native-pkcs11 is used * Wait more than 1 second for NSEC3 chain changes * [CVE-2020-8624] Fix processing of "update-policy" rules of type "subdomain" (Closes: #966497) . [ OndÅ™ej Surý ] * [CVE-2020-8619]: It was possible to trigger a INSIST when a zone with interior (non-leaf) wildcard label calamares-settings-debian (10.0.20-1+deb10u4) buster; urgency=medium . * Disable displaymanager module, reverting the change from deb10u2 (Closes: #968267) cargo (0.43.1-3~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport to buster. * Vendor libgit2, the system one is too old. * Revert changes to the cargo wrapper: use debian/DEB_CARGO_PACKAGE rather than DESTDIR as the latter is not automatically set by buster's debhelper. * Bump build-dependency on rustc to 1.41. cargo (0.43.1-2) unstable; urgency=medium . * cargo-debian-wrapper: don't install /usr/.crates2.json. (Closes: #958301) cargo (0.43.1-1) unstable; urgency=medium . [ Fabian Grünbichler ] * New upstream release. cargo (0.40.0-3) unstable; urgency=medium . * debian cargo wrapper: drop DEB_CARGO_PACKAGE in favour of the more standardised DESTDIR. * Experimental riscv64 support. cargo (0.40.0-2) unstable; urgency=medium . * Restore patch for pkg-config crate to auto-detect Debian cross-compiling. * Add patch for backtrace-sys to auto-detect Debian cross-compiling. cargo (0.40.0-1) unstable; urgency=medium . [ Sylvestre Ledru ] * Ship the zsh completion (Closes: #941437) . [ Ximin Luo ] * New upstream release. cargo (0.37.0-3) unstable; urgency=medium . * Update 2001_more_portable_rustflags.patch, fixes mips FTBFS cargo (0.37.0-2) unstable; urgency=medium . * Bump serde vendored crate version up to 1.0.96 to avoid issue when compiling with atomics (the default). cargo (0.37.0-1) unstable; urgency=medium . * New upstream release. chocolate-doom (3.0.0-4+deb10u1) buster; urgency=medium . * CVE-2020-14983 chrony (3.4-4+deb10u1) buster; urgency=medium . * debian/patches/: - Add create-new-file-when-writing-pidfile.patch to prevent symlink race when writing to PID file (CVE-2020-14367). . * debian/tests/: - Fix a regression when running upstream-simulation-test-suite autopkgtest on Buster. . [ Matt Corallo ] * debian/usr.sbin.chronyd: - Fix temperature reading. (Closes: #970421) debian-installer (20190702+deb10u6) buster; urgency=medium . * Bump Linux ABI to 4.19.0-11. debian-installer-netboot-images (20190702+deb10u6) buster; urgency=medium . * Update to 20190702+deb10u6, from buster-proposed-updates. diaspora-installer (0.7.6.1+debian1+deb10u1) buster; urgency=medium . * Use --frozen option to bundle install to use upstream Gemfile.lock * Don't exclude Gemfile.lock during upgrades * Don't overiwrite config/oidc_key.pem during upgrades * Make config/schedule.yml writeable (Closes: #926968) dojo (1.14.2+dfsg1-1+deb10u2) buster; urgency=medium . * Team upload * Fix prototype pollution in deepCopy method (Closes: #953585, CVE-2020-5258) * Fix Prototype Pollution in jqMix method (Closes: #953587, CVE-2020-5259) dovecot (1:2.3.4.1-5+deb10u4) buster; urgency=medium . * Import upstream fix for dsync sieve filter sync regression (Closes: #930919) * userdb-passwd: Fix getpwent errno handling (Closes: #928492) dovecot (1:2.3.4.1-5+deb10u3) buster-security; urgency=high . * Fix CVE-2020-12100 - Receiving mail with deeply nested MIME parts leads to resource exhaustion as Dovecot attempts to parse it. * CVE-2020-12673 - Dovecot's NTLM implementation does not correctly check message buffer size, which leads to reading past allocation which can lead to crash. * CVE-2020-12674 - Dovecot's RPA mechanism implementation accepts zero-length message, which leads to assert-crash later on. facter (3.11.0-2+deb10u2) buster; urgency=medium . * Change Google GCE Metadata endpoint from "v1beta1" to "v1". Adds patch debian/patches/FACT-2018-update-gce-metadata-endpoint.patch (Closes: #966374) firefox-esr (68.12.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release * Fixes for mfsa2020-37, also known as CVE-2020-15664 and CVE-2020-15669. firefox-esr (68.11.0esr-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-31, also known as: CVE-2020-15652, CVE-2020-6514, CVE-2020-6463, CVE-2020-15659. firefox-esr (68.11.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release * Fixes for mfsa2020-31, also known as: CVE-2020-15652, CVE-2020-6514, CVE-2020-6463, CVE-2020-15659. firefox-esr (68.10.0esr-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-25, also known as: CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421. firejail (0.9.58.2-2+deb10u1) buster-security; urgency=high . * Import security fixes for CVE-2020-17367 and CVE-2020-17368: - don't interpret output arguments after end-of-options tag - don't pass command line through shell when redirecting output ghostscript (9.27~dfsg-2+deb10u4) buster-security; urgency=medium . * CVE-2020-16287 CVE-2020-16288 CVE-2020-16289 CVE-2020-16290 * CVE-2020-16291 CVE-2020-16292 CVE-2020-16293 CVE-2020-16294 * CVE-2020-16295 CVE-2020-16296 CVE-2020-17538 CVE-2020-16297 * CVE-2020-16298 CVE-2020-16299 CVE-2020-16300 CVE-2020-16301 * CVE-2020-16302 CVE-2020-16303 CVE-2020-16304 CVE-2020-16305 * CVE-2020-16306 CVE-2020-16307 CVE-2020-16308 CVE-2020-16309 * CVE-2020-16310 gnome-maps (3.30.3.1-0+deb10u1) buster; urgency=medium . * Non-maintainer upload * New upstream release - Make the shape layer renderer use the tile size specified in the dynamic service file, fixing an issue with misaligned shape layer (GeoJSON, GPX, KML) rendering with the new 512 pixel tile - Update Icelandic translation gnome-shell (3.30.2-11~deb10u2) buster; urgency=medium . * Team upload . [ Mike Gabriel ] * debian/patches: + Add loginDialog-*_CVE-2020-17498.patch. loginDialog: Reset auth prompt on vt switch before fade in. (Closes: #968311. CVE-2020-17489). gnome-weather (3.26.0-6~deb10u1) buster; urgency=medium . * Team upload * Upload to stable to fix #935090 * d/gbp.conf: Set packaging and upstream branches for Debian 10 stable updates . gnome-weather (3.26.0-6) unstable; urgency=medium . * Team upload * d/p/app-Use-find_nearest_city-instead-of-new_detached.patch, d/p/shared-world.js-don-t-use-detached-location-from-settings.patch: Add patches from version 3.32.1 to prevent a crash when the locations configured are invalid. In particular, this is a prerequisite for correcting the airport code for Lima in #935075, because otherwise, gnome-weather would read the old airport code from dconf on startup, and crash. Thanks to Diego Escalante Urrelo. (Closes: #935090) * d/gbp.conf: Set packaging branch to debian/unstable. debian/master is now tracking newer GNOME releases. grunt (1.0.1-8+deb10u1) buster; urgency=medium . * Team upload * Use `safeLoad` for loading YML files via `file.readYAML` (Closes: #969668, CVE-2020-7729) gssdp (1.0.5-0+deb10u1) buster; urgency=medium . * New upstream stable release. * Add get_address_mask needed by gupnp for the CVE-2020-12695 fix. gupnp (1.0.5-0+deb10u1) buster; urgency=medium . * New upstream stable release. * CVE-2020-12695: CallStranger prevention. + Needs GSSDP 1.0.5. * Fix a UAF in the CVE-2020-12695 changes. haproxy (1.8.19-1+deb10u3) buster; urgency=medium . * d/logrotate.conf: use rsyslog helper instead of SysV init script. Closes: #946973. * d/patches: reject messages where "chunked" is missing from transfer-encoding. CVE-2019-18277. icinga2 (2.10.3-2+deb10u1) buster; urgency=medium . * Team upload. * Update branch in gbp.conf & Vcs-Git URL. * Add upstream patch to fix CVE-2020-14004. (closes: #970252) icingaweb2 (2.6.2-3+deb10u1) buster-security; urgency=high . * Team upload. * Update branch in gbp.conf & Vcs-Git URL. * Add upstream patch to fix CVE-2020-24368. (closes: #968833) incron (0.5.12-1+deb10u1) buster; urgency=medium . * Add a patch to fix cleanup of zombie processes (Closes: #930526) inetutils (2:1.9.4-7+deb10u1) buster; urgency=medium . * CVE-2020-10188 (Closes: #956084) inspircd (2.0.27-1+deb10u1) buster-security; urgency=high . * Patch denial-of-service security vulnerabilities (Closes: #960650) + in m_mysql (CVE-2019-20917 / InspIRCd Security Advisory 2019-02) + in m_pgsql (CVE-2020-25269 / InspIRCd Security Advisory 2020-01) json-c (0.12.1+ds-2+deb10u1) buster-security; urgency=high . * d/patches/611.patch: Add upstream patch to fix CVE-2020-12762 lemonldap-ng (2.0.2+ds-7+deb10u5) buster-security; urgency=high . * Fix Nginx configuration files in documentation (Closes: CVE-2020-24660) * Add debian/NEWS entry libcommons-compress-java (1.18-2+deb10u1) buster; urgency=medium . * Team upload. * Add patch for CVE-2019-12402 (Closes: #939610) libdbi-perl (1.642-1+deb10u1) buster; urgency=medium . * Fix memory corruption in XS functions when Perl stack is reallocated (Closes: CVE-2020-14392) * Fix a buffer overflow on an overlong DBD class name (Closes: CVE-2020-14393) * Fix a NULL profile dereference in dbi_profile() (Closes: CVE-2019-20919) libvncserver (0.9.11+dfsg-1.3+deb10u4) buster; urgency=medium . * CVE-2019-20839: libvncclient: bail out if unix socket name would overflow. * CVE-2020-14397: libvncserver: add missing NULL pointer checks. * CVE-2020-14399: libvncclient: fix pointer aliasing/alignment issue. * CVE-2020-14400: libvncserver: fix pointer aliasing/alignment issue. * CVE-2020-14401: libvncserver: scale: cast to 64 bit before shifting. * CVE-2020-14402, CVE-2020-14403, CVE-2020-14404: libvncserver: encodings: prevent OOB accesses. * CVE-2020-14405: libvncclient/rfbproto: limit max textchat size. libx11 (2:1.6.7-1+deb10u1) buster; urgency=medium . * CVE-2020-14344 * CVE-2020-14363 (Closes: #969008) lighttpd (1.4.53-4+deb10u1) buster; urgency=high . [ Glenn Strauss ] * QA upload. * backport security, bug, portability fixes from lighttpd 1.4.54, 1.4.55 + mod_evhost, mod_flv_streaming: [regression] %0 pattern does not match hostnames without the domain part https://redmine.lighttpd.net/issues/2932 + mod_magnet: Lighttpd crashes on wrong return type in lua script https://redmine.lighttpd.net/issues/2938 + failed assertion on incoming bad request with server.error-handler https://redmine.lighttpd.net/issues/2941 + mod_wstunnel: fix wstunnel.ping-interval for big-endian architectures https://redmine.lighttpd.net/issues/2944 + fix abort in server.http-parseopts with url-path-2f-decode enabled https://redmine.lighttpd.net/issues/2945 + remove repeated slashes in server.http-parseopts with url-path-dotseg-remove, including leading "//" + [regression][Bisected] lighttpd uses way more memory with POST since 1.4.52 https://redmine.lighttpd.net/issues/2948 (closes: #954759) + OPTIONS should return 2xx status for non-existent resources if Allow is set https://redmine.lighttpd.net/issues/2939 + use high precision stat timestamp (on systems where available) in etag + mod_authn_ldap/mod_cgi race condition, "Can't contact LDAP server" https://redmine.lighttpd.net/issues/2940 + SUN_LEN in sock_addr.c (1.4.53, 1.4.54) https://redmine.lighttpd.net/issues/2962 + Embedded vim command line in conf file with no comment (#) hangs server https://redmine.lighttpd.net/issues/2980 + mod_authn_gssapi: 500 if fail to delegate creds https://redmine.lighttpd.net/issues/2967 + mod_authn_gssapi: option to store delegated creds https://redmine.lighttpd.net/issues/2967 + mod_auth: require digest uri= match original URI HTTP digest authentication not compatible with some clients https://redmine.lighttpd.net/issues/2974 + mod_auth: send Authentication-Info nextnonce when nonce is approaching expiration + mod_auth: http_auth_const_time_memeq improvement + mod_auth: http_auth_const_time_memeq_pad() + mod_auth: use constant time comparison when comparing digests + stricter request header parsing: reject WS following header field-name https://redmine.lighttpd.net/issues/2985 + stricter request header parsing: reject Transfer-Encoding + Content-Length https://redmine.lighttpd.net/issues/2985 + mod_openssl: reject invalid ALPN + mod_accesslog: parse multiple cookies https://redmine.lighttpd.net/issues/2986 + preserve %2b and %2B in query string https://redmine.lighttpd.net/issues/2999 + mod_auth: close connection after bad password mitigation slows down brute force password attacks https://redmine.lighttpd.net/boards/3/topics/8885 + do not accept() > server.max-connections + update /var/run -> /run for systemd (closes: #929203) lilypond (2.19.81+really-2.18.2-13+deb10u1) buster-security; urgency=medium . * Disable embedded-postscript and embedded-svg in safe mode linux (4.19.146-1) buster; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.133 - [s390x] KVM: s390: reduce number of IO pins to 1 - regmap: fix alignment issue - [arm64,armhf] drm/tegra: hub: Do not enable orphaned window group - [arm64,armhf] gpu: host1x: Detach driver on unregister - spi: spidev: fix a race between spidev_release and spidev_remove - spi: spidev: fix a potential use-after-free in spidev_release() - ixgbe: protect ring accesses with READ- and WRITE_ONCE - i40e: protect ring accesses with READ- and WRITE_ONCE - [x86] drm: panel-orientation-quirks: Add quirk for Asus T101HA panel - [x86] drm: panel-orientation-quirks: Use generic orientation-data for Acer S1003 - cifs: update ctime and mtime during truncate - [armhf] imx6: add missing put_device() call in imx6q_suspend_init() - scsi: mptscsih: Fix read sense data size - [arm64] usb: dwc3: pci: Fix reference count leak in dwc3_pci_resume_work - block: release bip in a right way in error path - nvme-rdma: assign completion vector correctly - [x86] entry: Increase entry_stack size to a full page - net: cxgb4: fix return error value in t4_prep_fw - smsc95xx: check return value of smsc95xx_reset - smsc95xx: avoid memory leak in smsc95xx_bind - [arm64] net: hns3: fix use-after-free when doing self test - [x86] ALSA: compress: fix partial_drain completion state - nbd: Fix memory leak in nbd_add_socket - cxgb4: fix all-mask IP address comparison - bnxt_en: fix NULL dereference in case SR-IOV configuration fails - [arm64] net: macb: mark device wake capable when "magic-packet" property present - ALSA: opl3: fix infoleak in opl3 - ALSA: hda - let hs_mic be picked ahead of hp_mic - ALSA: usb-audio: add quirk for MacroSilicon MS2109 - [arm64] KVM: Fix definition of PAGE_HYP_DEVICE - [arm64] KVM: Stop clobbering x0 for HVC_SOFT_RESTART - [x86] KVM: bit 8 of non-leaf PDPEs is not reserved - [x86] KVM: Inject #GP if guest attempts to toggle CR4.LA57 in 64-bit mode - [x86] KVM: Mark CR4.TSD as being possibly owned by the guest - kallsyms: Refactor kallsyms_show_value() to take cred - kernel: module: Use struct_size() helper - module: Refactor section attr into bin attribute - module: Do not expose section addresses to non-CAP_SYSLOG - kprobes: Do not expose probe addresses to non-CAP_SYSLOG - bpf: Check correct cred for CAP_SYSLOG in bpf_dump_raw_ok() - btrfs: fix fatal extent_buffer readahead vs releasepage race - drm/radeon: fix double free - dm: use noio when sending kobject event - [s390x] mm: fix huge pte soft dirty copying https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.134 - perf: Make perf able to build with latest libbfd - genetlink: remove genl_bind - ipv4: fill fl4_icmp_{type,code} in ping_v4_sendmsg - l2tp: remove skb_dst_set() from l2tp_xmit_skb() - llc: make sure applications use ARPHRD_ETHER - net: Added pointer check for dst->ops->neigh_lookup in dst_neigh_lookup_skb - net_sched: fix a memory leak in atm_tc_init() - net: usb: qmi_wwan: add support for Quectel EG95 LTE modem - tcp: fix SO_RCVLOWAT possible hangs under high mem pressure - tcp: make sure listeners don't initialize congestion-control state - tcp: md5: add missing memory barriers in tcp_md5_do_add()/tcp_md5_hash_key() - tcp: md5: do not send silly options in SYNCOOKIES - tcp: md5: refine tcp_md5_do_add()/tcp_md5_hash_key() barriers - tcp: md5: allow changing MD5 keys in all socket states - cgroup: fix cgroup_sk_alloc() for sk_clone_lock() (CVE-2020-14356) (Closes: #966846) - cgroup: Fix sock_cgroup_data on big-endian. - sched: consistently handle layer3 header accesses in the presence of VLANs - vlan: consolidate VLAN parsing code and limit max parsing depth - [arm64] drm/msm: fix potential memleak in error branch - [arm64] alternatives: use subsections for replacement sequences - [arm64,x86] tpm_tis: extra chip->ops check on error path in tpm_tis_core_init - gfs2: read-only mounts should grab the sd_freeze_gl glock - [i386] i2c: eg20t: Load module automatically if ID matches - [arm64] alternatives: don't patch up internal branches - [armhf] iio: mma8452: Add missed iio_device_unregister() call in mma8452_probe() - [armhf] net: dsa: bcm_sf2: Fix node reference count - of: of_mdio: Correct loop scanning logic - Revert "usb/ohci-platform: Fix a warning when hibernating" - [arm64,armhf] Revert "usb/xhci-plat: Set PM runtime as active on resume" - Revert "usb/ehci-platform: Set PM runtime as active on resume" - [arm64,armhf] net: sfp: add support for module quirks - [arm64,armhf] net: sfp: add some quirks for GPON modules - HID: quirks: Remove ITE 8595 entry from hid_have_special_driver - ALSA: usb-audio: Create a registration quirk for Kingston HyperX Amp (0951:16d8) - mmc: sdhci: do not enable card detect interrupt for gpio cd type - ALSA: usb-audio: Rewrite registration quirk handling - [x86] ACPI: video: Use native backlight on Acer Aspire 5783z - ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Alpha S - [x86] ACPI: video: Use native backlight on Acer TravelMate 5735Z - ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Flight S - [arm64,armhf] phy: sun4i-usb: fix dereference of pointer phy0 before it is null checked - [armhf] spi: spi-sun6i: sun6i_spi_transfer_one(): fix setting of clock rate - [x86] staging: comedi: verify array index is correct before using it - regmap: debugfs: Don't sleep while atomic for fast_io regmaps - [x86] copy_xstate_to_kernel: Fix typo which caused GDB regression - apparmor: ensure that dfa state tables have entries - perf stat: Zero all the 'ena' and 'run' array slot stats for interval mode - [armhf] mtd: rawnand: marvell: Use nand_cleanup() when the device is not yet registered - [armhf] mtd: rawnand: marvell: Fix probe error path - mtd: rawnand: timings: Fix default tR_max and tCCS_min timings - HID: magicmouse: do not set up autorepeat - HID: quirks: Always poll Obins Anne Pro 2 keyboard - HID: quirks: Ignore Simply Automated UPB PIM - ALSA: line6: Perform sanity check for each URB creation - ALSA: line6: Sync the pending work cancel at disconnection - ALSA: usb-audio: Fix race against the error recovery URB submission - [x86] ALSA: hda/realtek - change to suitable link model for ASUS platform - [x86] ALSA: hda/realtek - Enable Speaker for ASUS UX533 and UX534 - [arm*] usb: dwc2: Fix shutdown callback in platform - [arm64,armhf] usb: chipidea: core: add wakeup support for extcon - USB: serial: iuu_phoenix: fix memory corruption - USB: serial: cypress_m8: enable Simply Automated UPB PIM - USB: serial: ch341: add new Product ID for CH340 - USB: serial: option: add GosunCn GM500 series - USB: serial: option: add Quectel EG95 LTE modem - [x86] virt: vbox: Fix VBGL_IOCTL_VMMDEV_REQUEST_BIG and _LOG req numbers to match upstream - [x86] virt: vbox: Fix guest capabilities mask check - [arm64] virtio: virtio_console: add missing MODULE_DEVICE_TABLE() for rproc serial - ovl: inode reference leak in ovl_is_inuse true case. - ovl: relax WARN_ON() when decoding lower directory file handle - ovl: fix unneeded call to ovl_change_flags() - fuse: Fix parameter for FS_IOC_{GET,SET}FLAGS - Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()" (CVE-2020-10781) - [x86] mei: bus: don't clean driver pointer - timer: Prevent base->clk from moving backward - timer: Fix wheel index calculation on last level - [mips*] Fix build for LTS kernel caused by backporting lpj adjustment - hwmon: (emc2103) fix unable to change fan pwm1_enable attribute - [powerpc*] book3s64/pkeys: Fix pkey_access_permitted() for execute disable pkey - [x86] intel_th: pci: Add Jasper Lake CPU support - [x86] intel_th: pci: Add Tiger Lake PCH-H support - [x86] intel_th: pci: Add Emmitsburg PCH support - [x86] intel_th: Fix a NULL dereference when hub driver is not loaded - [arm*] thermal/drivers/cpufreq_cooling: Fix wrong frequency converted from power - [arm64] ptrace: Override SPSR.SS when single-stepping is enabled - [arm64] ptrace: Consistently use pseudo-singlestep exceptions - [arm64] compat: Ensure upper 32 bits of x0 are zero on syscall return - sched: Fix unreliable rseq cpu_id for new tasks - sched/fair: handle case of task_h_load() returning 0 - genirq/affinity: Handle affinity setting on inactive interrupts correctly - printk: queue wake_up_klogd irq_work only if per-CPU areas are ready - libceph: don't omit recovery_deletes in target_copy() - rxrpc: Fix trace string https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.135 - mac80211: allow rx of mesh eapol frames with default rx key - scsi: scsi_transport_spi: Fix function pointer check - net: sky2: initialize return of gm_phy_read - drm/nouveau/i2c/g94-: increase NV_PMGR_DP_AUXCTL_TRANSACTREQ timeout - fuse: fix weird page warning - [x86] irqdomain/treewide: Keep firmware node unconditionally allocated - SUNRPC reverting d03727b248d0 ("NFSv4 fix CLOSE not waiting for direct IO compeletion") - tipc: clean up skb list lock handling on send path - IB/umem: fix reference count leak in ib_umem_odp_get() - uprobes: Change handle_swbp() to send SIGTRAP with si_code=SI_KERNEL, to fix GDB regression - ALSA: info: Drop WARN_ON() from buffer NULL sanity check - btrfs: fix double free on ulist after backref resolution failure - btrfs: fix mount failure caused by race with umount - btrfs: fix page leaks after failure to lock page for delalloc - bnxt_en: Fix race when modifying pause settings. - [x86] hippi: Fix a size used in a 'pci_free_consistent()' in an error handling path - ax88172a: fix ax88172a_unbind() failures - ieee802154: fix one possible memleak in adf7242_probe - [arm64,armhf] drm: sun4i: hdmi: Fix inverted HPD result - [arm64,armhf] net: smc91x: Fix possible memory leak in smc_drv_probe() - bonding: check error value of register_netdevice() immediately - qed: suppress "don't support RoCE & iWARP" flooding on HW init - ipvs: fix the connection sync failed in some cases - bonding: check return value of register_netdevice() in bond_newlink() - serial: exar: Fix GPIO configuration for Sealevel cards based on XR17V35X - [arm64,x86] HID: i2c-hid: add Mediacom FlexBook edge13 to descriptor override - HID: alps: support devices with report id 2 - HID: steam: fixes race in handling device list. - HID: apple: Disable Fn-key key-re-mapping on clone keyboards - [arm64] dmaengine: tegra210-adma: Fix runtime PM imbalance on error - Input: add `SW_MACHINE_COVER` - regmap: dev_get_regmap_match(): fix string comparison - hwmon: (aspeed-pwm-tacho) Avoid possible buffer overflow - [amd64] dmaengine: ioat setting ioat timeout as module parameter - [x86] Input: synaptics - enable InterTouch for ThinkPad X1E 1st gen - [arm64] Use test_tsk_thread_flag() for checking TIF_SINGLESTEP - [arm*] binder: Don't use mmput() from shrinker function. - usb: xhci: Fix ASM2142/ASM3142 DMA addressing - Revert "cifs: Fix the target file was deleted when rename failed." (Closes: #966917) - [x86] staging: wlan-ng: properly check endpoint types - [x86] staging: comedi: addi_apci_1032: check INSN_CONFIG_DIGITAL_TRIG shift - [x86] staging: comedi: ni_6527: fix INSN_CONFIG_DIGITAL_TRIG support - [x86] staging: comedi: addi_apci_1500: check INSN_CONFIG_DIGITAL_TRIG shift - [x86] staging: comedi: addi_apci_1564: check INSN_CONFIG_DIGITAL_TRIG shift - serial: 8250: fix null-ptr-deref in serial8250_start_tx() - fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins. - vt: Reject zero-sized screen buffer size. - mm/memcg: fix refcount error while moving and swapping - mm: memcg/slab: synchronize access to kmem_cache dying flag using a spinlock - mm: memcg/slab: fix memory leak at non-root kmem_cache destroy - io-mapping: indicate mapping failure - drm/amdgpu: Fix NULL dereference in dpm sysfs handlers - [x86] vmlinux.lds: Page-align end of ..page_aligned sections - [x86] ASoC: rt5670: Add new gpio1_is_ext_spk_en quirk and enable it on the Lenovo Miix 2 10 - dm integrity: fix integrity recalculation that is improperly skipped - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb - ath9k: Fix regression with Atheros 9271 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.136 - AX.25: Fix out-of-bounds read in ax25_connect() - AX.25: Prevent out-of-bounds read in ax25_sendmsg() - dev: Defer free of skbs in flush_backlog - ip6_gre: fix null-ptr-deref in ip6gre_init_net() - net-sysfs: add a newline when printing 'tx_timeout' by sysfs - net: udp: Fix wrong clean up for IS_UDPLITE macro - rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA - tcp: allow at most one TLP probe per flight - AX.25: Prevent integer overflows in connect and sendmsg - sctp: shrink stream outq only when new outcnt < old outcnt - sctp: shrink stream outq when fails to do addstream reconf - udp: Copy has_conns in reuseport_grow(). - udp: Improve load balancing for SO_REUSEPORT. - rtnetlink: Fix memory(net_device) leak when ->newlink fails - regmap: debugfs: check count when read regmap file https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.137 - [x86] crypto: ccp - Release all allocated memory if sha type is invalid (CVE-2019-18808) - media: rc: prevent memory leak in cx23888_ir_probe (CVE-2019-19054) - iio: imu: adis16400: fix memory leak (CVE-2019-19061) - [x86] drm/amdgpu: fix multiple memory leaks in acp_hw_init (CVE-2019-19067) - tracing: Have error path in predicate_parse() free its allocated memory (CVE-2019-19072) - ath9k_htc: release allocated buffer if timed out (CVE-2019-19073) - ath9k: release allocated buffer if timed out (CVE-2019-19074) - drm/amd/display: prevent memory leak (CVE-2019-19082) - btrfs: inode: Verify inode mode to avoid NULL pointer dereference (CVE-2019-19813, CVE-2019-19816) - sctp: implement memory accounting on tx path (CVE-2019-3874) - Btrfs: fix selftests failure due to uninitialized i_mode in test inodes - PCI/ASPM: Disable ASPM on ASMedia ASM1083/1085 PCIe-to-PCI bridge - 9p/trans_fd: Fix concurrency del of req_list in p9_fd_cancelled/p9_read_work - wireless: Use offsetof instead of custom macro. - [armel,armhf] 8986/1: hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints - Revert "drm/amdgpu: Fix NULL dereference in dpm sysfs handlers" - drm/amdgpu: Prevent kernel-infoleak in amdgpu_info_ioctl() - drm: hold gem reference until object is no longer accessed - rds: Prevent kernel-infoleak in rds_notify_queue_get() - xfs: fix missed wakeup on l_flush_wait - xfrm: Fix crash when the hold queue is used. - net/mlx5: Verify Hardware supports requested ptp function on a given pin - net: lan78xx: add missing endpoint sanity check - net: lan78xx: fix transfer-buffer memory leak - mlx4: disable device on shutdown - bpf: Fix map leak in HASH_OF_MAPS map - mac80211: mesh: Free ie data when leaving mesh - mac80211: mesh: Free pending skb when destroying a mpath - [arm64] alternatives: move length validation inside the subsection - [arm64] csum: Fix handling of bad packets - Bluetooth: fix kernel oops in store_pending_adv_report - net/mlx5e: fix bpf_prog reference count leaks in mlx5e_alloc_rq - qed: Disable "MFW indication via attention" SPAM every 5 minutes - [amd64] x86/unwind/orc: Fix ORC for newly forked tasks - cxgb4: add missing release on skb in uld_send() - xen-netfront: fix potential deadlock in xennet_remove() - [x86] KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled - [x86] i8259: Use printk_deferred() to prevent deadlock https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.138 - random32: update the net random state on interrupt and activity (CVE-2020-16166) - [armel] ARM: percpu.h: fix build error - random: fix circular include dependency on arm64 after addition of percpu.h - random32: remove net_rand_state from the latent entropy gcc plugin - random32: move the pseudo-random 32-bit definitions to prandom.h - ext4: fix direct I/O read error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.139 - USB: serial: qcserial: add EM7305 QDL product ID - USB: iowarrior: fix up report size handling for some devices - usb: xhci: define IDs for various ASMedia host controllers - usb: xhci: Fix ASMedia ASM1142 DMA addressing - Revert "ALSA: hda: call runtime_allow() for all hda controllers" - [arm*] staging: android: ashmem: Fix lockdep warning for write operation - Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_evt() - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt() - [arm*] binder: Prevent context manager from incrementing ref 0 - vgacon: Fix for missing check in scrollback handling (CVE-2020-14331) - mtd: properly check all write ioctls for permissions - net/9p: validate fds in p9_fd_open - drm/nouveau/fbcon: fix module unload when fbcon init has failed for some reason - drm/nouveau/fbcon: zero-initialise the mode_cmd2 structure - usb: hso: check for return value in hso_serial_common_create() - firmware: Fix a reference count leak. - cfg80211: check vendor command doit pointer before use - igb: reinit_locked() should be called with rtnl_lock - atm: fix atm_dev refcnt leaks in atmtcp_remove_persistent - tools lib traceevent: Fix memory leak in process_dynamic_array_len - [x86] Drivers: hv: vmbus: Ignore CHANNELMSG_TL_CONNECT_RESULT(23) - xattr: break delegations in {set,remove}xattr - ipv4: Silence suspicious RCU usage warning - ipv6: fix memory leaks on IPV6_ADDRFORM path - vxlan: Ensure FDB dump is performed under RCU - net: lan78xx: replace bogus endpoint lookup - [x86] hv_netvsc: do not use VF device if link is down - net: gre: recompute gre csum for sctp over gre tunnels - [arm64] net: thunderx: use spin_lock_bh in nicvf_set_rx_mode_task() - openvswitch: Prevent kernel-infoleak in ovs_ct_put_key() - Revert "vxlan: fix tos value before xmit" - rxrpc: Fix race between recvmsg and sendmsg on immediate call failure - i40e: add num_vectors checker in iwarp handler - i40e: Wrong truncation from u16 to u8 - i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c - i40e: Memory leak in i40e_config_iwarp_qvlist https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.140 - tracepoint: Mark __tracepoint_string's __used - HID: input: Fix devices that return multiple bytes in battery report - cgroup: add missing skcd->no_refcnt check in cgroup_sk_clone() - [x86] mce/inject: Fix a wrong assignment of i_mce.status - sched/fair: Fix NOHZ next idle balance - sched: correct SD_flags returned by tl->sd_flags() - EDAC: Fix reference count leaks - [x86] platform/x86: intel-hid: Fix return value check in check_acpi_dev() - [x86] platform/x86: intel-vbtn: Fix return value check in check_acpi_dev() - [armhf] drm/tilcdc: fix leak & null ref in panel_connector_get_modes - Bluetooth: add a mutex lock to avoid UAF in do_enale_set - loop: be paranoid on exit and prevent new additions / removals - fs/btrfs: Add cond_resched() for try_release_extent_mapping() stalls - drm/amdgpu: avoid dereferencing a NULL pointer - drm/radeon: Fix reference count leaks caused by pm_runtime_get_sync - [x86] crypto: aesni - Fix build with LLVM_IAS=1 - video: fbdev: neofb: fix memory leak in neo_scan_monitor() - md-cluster: fix wild pointer of unlock_all_bitmaps() - [arm64] dts: hisilicon: hikey: fixes to comply with adi, adv7533 DT binding - [armhf] drm/etnaviv: fix ref count leak via pm_runtime_get_sync - drm/nouveau: fix multiple instances of reference count leaks - drm/debugfs: fix plain echo to connector "force" attribute - drm/radeon: disable AGP by default - mm/mmap.c: Add cond_resched() for exit_mmap() CPU stalls - brcmfmac: keep SDIO watchdog running when console_interval is non-zero - brcmfmac: To fix Bss Info flag definition Bug - brcmfmac: set state of hanger slot to FREE when flushing PSQ - iwlegacy: Check the return value of pcie_capability_read_*() - [arm64,armhf] gpu: host1x: debug: Fix multiple channels emitting messages simultaneously - usb: gadget: net2280: fix memory leak on probe error handling paths - dyndbg: fix a BUG_ON in ddebug_describe_flags - bcache: fix super block seq numbers comparision in register_cache_set() - [arm64,x86] ACPICA: Do not increment operation_region reference counts for field units - [arm64] drm/msm: ratelimit crtc event overflow error - [x86] agp/intel: Fix a memory leak on module initialisation failure - ath10k: Acquire tx_lock in tx error paths - [armhf] drm/etnaviv: Fix error path on failure to enable bus clk - [arm64] drm/arm: fix unintentional integer overflow on left shift - drm/mipi: use dcs write for mipi_dsi_dcs_set_tear_scanline - [powerpc*] cxl: Fix kobject memleak - drm/radeon: fix array out-of-bounds read and write issues - ipvs: allow connection reuse for unconfirmed conntrack - xfs: don't eat an EIO/ENOSPC writeback error when scrubbing data fork - xfs: fix reflink quota reservation accounting error - RDMA/rxe: Skip dgid check in loopback mode - PCI: Fix pci_cfg_wait queue locking problem - leds: core: Flush scheduled work for system suspend - [arm64,armhf] drm: panel: simple: Fix bpc for LG LB070WV8 panel - [armhf] phy: exynos5-usbdrd: Calibrating makes sense only for USB2.0 PHY - scsi: scsi_debug: Add check for sdebug_max_queue during module init - mwifiex: Prevent memory corruption handling keys - [powerpc*] vdso: Fix vdso cpu truncation - RDMA/qedr: SRQ's bug fixes - RDMA/rxe: Prevent access to wr->next ptr afrer wr is posted to send queue - [x86] staging: rtl8192u: fix a dubious looking mask before a shift - PCI/ASPM: Add missing newline in sysfs 'policy' - [powerpc*] book3s64/pkeys: Use PVR check instead of cpu feature - USB: serial: iuu_phoenix: fix led-activity helpers - usb: core: fix quirks_param_set() writing to a const pointer - [armhf] thermal: ti-soc-thermal: Fix reversed condition in ti_thermal_expose_sensor() - [mips*] OCTEON: add missing put_device() call in dwc3_octeon_device_init() - [arm*] usb: dwc2: Fix error path in gadget registration - [arm64,armhf] net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration - RDMA/core: Fix return error value in _ib_modify_qp() to negative - Bluetooth: hci_h5: Set HCI_UART_RESET_ON_INIT to correct flags - Bluetooth: hci_serdev: Only unregister device if it was registered - [x86] PCI: Release IVRS table in AMD ACS quirk - [s390x] qeth: don't process empty bridge port events - [arm64,armhf] wl1251: fix always return 0 error - [amd64] net: ethernet: aquantia: Fix wrong return value - liquidio: Fix wrong return value in cn23xx_get_pf_num() - dlm: Fix kobject memleak - ocfs2: fix unbalanced locking - [arm64,armhf] pinctrl-single: fix pcs_parse_pinconf() return value - svcrdma: Fix page leak in svc_rdma_recv_read_chunk() - [x86] fsgsbase/64: Fix NULL deref in 86_fsgsbase_read_task - [amd64] crypto: aesni - add compatibility with IAS - af_packet: TPACKET_V3: fix fill status rwlock imbalance - net/nfc/rawsock.c: add CAP_NET_RAW check. - net: Set fput_needed iff FDPUT_FPUT is set - net: refactor bind_bucket fastreuse into helper - net: initialize fastreuse on inet_inherit_port - USB: serial: cp210x: re-enable auto-RTS on open - USB: serial: cp210x: enable usb generic throttle/unthrottle - [x86] ALSA: hda - fix the micmute led status for Lenovo ThinkCentre AIO - ALSA: usb-audio: Creative USB X-Fi Pro SB1095 volume knob support - ALSA: usb-audio: fix overeager device match for MacroSilicon MS2109 - ALSA: usb-audio: work around streaming quirk for MacroSilicon MS2109 - [x86] crypto: qat - fix double free in qat_uclo_create_batch_init_list - [x86] crypto: ccp - Fix use of merged scatterlists - [arm64] crypto: cpt - don't sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified - bitfield.h: don't compile-time validate _val in FIELD_FIT - fs/minix: check return value of sb_getblk() - fs/minix: don't allow getting deleted inodes - fs/minix: reject too-large maximum file size - ALSA: usb-audio: add quirk for Pioneer DDJ-RB - 9p: Fix memory leak in v9fs_mount - drm/ttm/nouveau: don't call tt destroy callback on alloc failure. - NFS: Don't move layouts to plh_return_segs list while in use - NFS: Don't return layout segments that are in use - [arm64] cpufreq: dt: fix oops on armada37xx - include/asm-generic/vmlinux.lds.h: align ro_after_init - spi: spidev: Align buffers for DMA - [x86] irqdomain/treewide: Free firmware node after domain removal - xen/balloon: fix accounting in alloc_xenballooned_pages error path - xen/balloon: make the balloon wait interruptible https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.141 - smb3: warn on confusing error scenario with sec=krb5 - genirq/affinity: Make affinity setting if activated opt-in - [arm64,x86] PCI: hotplug: ACPI: Fix context refcounting in acpiphp_grab_context() - PCI: Mark AMD Navi10 GPU rev 0x00 ATS as broken - PCI: Add device even if driver attach failed - [arm64] PCI: qcom: Define some PARF params needed for ipq8064 SoC - [arm64] PCI: qcom: Add support for tx term offset for rev 2.1.0 - PCI: Probe bridge window attributes once at enumeration-time - btrfs: free anon block device right after subvolume deletion - btrfs: don't allocate anonymous block device for user invisible roots - btrfs: ref-verify: fix memory leak in add_block_entry - btrfs: don't traverse into the seed devices in show_devname - btrfs: open device without device_list_mutex - btrfs: fix messages after changing compression level by remount - btrfs: only search for left_info if there is no right_info in try_merge_free_space (CVE-2019-19448) - btrfs: fix memory leaks after failure to lookup checksums during inode logging - btrfs: fix return value mixup in btrfs_get_extent - cifs: Fix leak when handling lease break for cached root fid - [powerpc*] Allow 4224 bytes of stack expansion for the signal frame - [powerpc*] Fix circular dependency between percpu.h and mmu.h - [arm64] net: ethernet: stmmac: Disable hardware multicast filter - [arm64,armhf] net: stmmac: dwmac1000: provide multicast filter fallback - net/compat: Add missing sock updates for SCM_RIGHTS - md/raid5: Fix Force reconstruct-write io stuck in degraded raid5 - bcache: allocate meta data pages as compound pages - bcache: fix overflow in offset_to_stripe() - mac80211: fix misplaced while instead of if - driver core: Avoid binding drivers to dead devices - [mips*] CPU#0 is not hotpluggable - ocfs2: change slot number type s16 to u16 - mm/page_counter.c: fix protection usage propagation - ftrace: Setup correct FTRACE_FL_REGS flags for module - kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler - tracing/hwlat: Honor the tracing_cpumask - tracing: Use trace_sched_process_free() instead of exit() for pid tracing - [x86] watchdog: f71808e_wdt: indicate WDIOF_CARDRESET support in watchdog_info.options - [x86] watchdog: f71808e_wdt: remove use of wrong watchdog_info option - [x86] watchdog: f71808e_wdt: clear watchdog timeout occurred flag - [powerpc*] pseries: Fix 64 bit logical memory block panic - module: Correctly truncate sysfs sections output - [armhf] drm/imx: imx-ldb: Disable both channels for split mode in enc->disable() - RDMA/ipoib: Return void from ipoib_ib_dev_stop() - RDMA/ipoib: Fix ABBA deadlock with ipoib_reap_ah() - USB: serial: ftdi_sio: make process-packet buffer unsigned - USB: serial: ftdi_sio: clean up receive processing - [armhf] gpu: ipu-v3: image-convert: Combine rotate/no-rotate irq handlers - dm rq: don't call blk_mq_queue_stopped() in dm_stop_queue() - [amd64] iommu/vt-d: Enforce PASID devTLB field mask - scsi: lpfc: nvmet: Avoid hang / use-after-free again when destroying targetport - watchdog: initialize device before misc_register - Input: sentelic - fix error return when fsp_reg_write fails - [x86] drm/vmwgfx: Use correct vmw_legacy_display_unit pointer - [x86] drm/vmwgfx: Fix two list_for_each loop exit tests - [arm64] net: qcom/emac: add missed clk_disable_unprepare in error path of emac_clks_phase1_init - nfs: Fix getxattr kernel panic and memory overflow (CVE-2020-25212) - fs/minix: set s_maxbytes correctly - fs/minix: fix block limit check for V1 filesystems - fs/minix: remove expected error message in block_to_path() - fs/ufs: avoid potential u32 multiplication overflow - khugepaged: retract_page_tables() remember to test exit - [arm64] dts: marvell: espressobin: add ethernet alias - [x86] drm: Added orientation quirk for ASUS tablet model T103HAF https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.142 - drm/vgem: Replace opencoded version of drm_gem_dumb_map_offset() - perf probe: Fix memory leakage when the probe point is not found - khugepaged: khugepaged_test_exit() check mmget_still_valid() - khugepaged: adjust VM_BUG_ON_MM() in __khugepaged_enter() - btrfs: export helpers for subvolume name/id resolution - btrfs: don't show full path of bind mounts in subvol= - btrfs: Move free_pages_out label in inline extent handling branch in compress_file_range - btrfs: inode: fix NULL pointer dereference if inode doesn't need compression - btrfs: sysfs: use NOFS for device creation - romfs: fix uninitialized memory leak in romfs_dev_read() - kernel/relay.c: fix memleak on destroy relay channel - mm: include CMA pages in lowmem_reserve at boot - mm, page_alloc: fix core hung in free_pcppages_bulk() - ext4: fix checking of directory entry validity for inline directories - jbd2: add the missing unlock_buffer() in the error path of jbd2_write_superblock() - [s390x] scsi: zfcp: Fix use-after-free in request timeout handlers - kthread: Do not preempt current task if it is going to call schedule() - spi: Prevent adding devices below an unregistering controller - scsi: ufs: Add DELAY_BEFORE_LPM quirk for Micron devices - [arm*] scsi: target: tcmu: Fix crash in tcmu_flush_dcache_range on ARM - media: budget-core: Improve exception handling in budget_register() - Input: psmouse - add a newline when printing 'proto' by sysfs - svcrdma: Fix another Receive buffer leak - xfs: fix inode quota reservation checks - jffs2: fix UAF problem - ceph: fix use-after-free for fsc->mdsc - [x86] cpufreq: intel_pstate: Fix cpuinfo_max_freq when MSR_TURBO_RATIO_LIMIT is 0 - scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases - virtio_ring: Avoid loop when vq is broken in virtqueue_poll - xfs: Fix UBSAN null-ptr-deref in xfs_sysfs_init - fs/signalfd.c: fix inconsistent return codes for signalfd4 - ext4: fix potential negative array index in do_split() (CVE-2020-14314) - ext4: don't allow overlapping system zones - i40e: Set RX_ONLY mode for unicast promiscuous on VLAN - i40e: Fix crash during removing i40e driver - [armhf] net: fec: correct the error path for regulator disable in probe - bonding: show saner speed for broadcast mode - bonding: fix a potential double-unregister - [s390x] runtime_instrumentation: fix storage key handling - [s390x] ptrace: fix storage key handling - [x86] ASoC: intel: Fix memleak in sst_media_open - [amd64,arm64] vfio/type1: Add proper error unwind for vfio_iommu_replay() - [x86] kvm: Toggling CR4.SMAP does not load PDPTEs in PAE mode - [x86] kvm: Toggling CR4.PKE does not load PDPTEs in PAE mode - efi: avoid error message when booting under Xen - afs: Fix NULL deref in afs_dynroot_depopulate() - bonding: fix active-backup failover for current ARP slave - net: ena: Prevent reset after device destruction - [x86] hv_netvsc: Fix the queue_mapping in netvsc_vf_xmit() - [armhf] net: dsa: b53: check for timeout - [powerpc*] pseries: Do not initiate shutdown when system is running on UPS - efi: add missed destroy_workqueue when efisubsys_init fails - epoll: Keep a reference on files added to the check list - do_epoll_ctl(): clean the failure exits up a bit - mm/hugetlb: fix calculation of adjust_range_if_pmd_sharing_possible - xen: don't reschedule in preemption off sections - clk: Evict unregistered clks from parent caches - KVM: Pass MMU notifier range flags to kvm_unmap_hva_range() - [arm64] KVM: Only reschedule if MMU_NOTIFIER_RANGE_BLOCKABLE is not set https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.143 - [powerpc*] 64s: Don't init FSCR_DSCR in __init_FSCR() - gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY - net: Fix potential wrong skb->protocol in skb_vlan_untag() - net/smc: Prevent kernel-infoleak in __smc_diag_dump() - tipc: fix uninit skb->data in tipc_nl_compat_dumpit() - net: ena: Make missed_tx stat incremental - ipvlan: fix device features - [x86] mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs - [powerpc*] xive: Ignore kmemleak false positives - media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA value in debiirq() - blktrace: ensure our debugfs dir exists - scsi: target: tcmu: Fix crash on ARM during cmd completion - [arm*] iommu/iova: Don't BUG on invalid PFNs - [amd64] drm/amdkfd: Fix reference count leaks. - drm/radeon: fix multiple reference count leak - drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms - drm/amd/display: fix ref count leak in amdgpu_drm_ioctl - drm/amdgpu: fix ref count leak in amdgpu_display_crtc_set_config - drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails - scsi: lpfc: Fix shost refcount mismatch when deleting vport - xfs: Don't allow logging of XFS_ISTALE inodes - f2fs: fix error path in do_recover_data() - PCI: Fix pci_create_slot() reference count leak - rtlwifi: rtl8192cu: Prevent leaking urb - [mips*] vdso: Fix resource leaks in genvdso.c - cec-api: prevent leaking memory through hole in structure - HID: quirks: add NOGET quirk for Logitech GROUP - f2fs: fix use-after-free issue - drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open - drm/nouveau: fix reference count leak in nv50_disp_atomic_commit - drm/nouveau: Fix reference count leak in nouveau_connector_detect - btrfs: file: reserve qgroup space after the hole punch range is locked - scsi: iscsi: Do not put host in iscsi_set_flashnode_param() - ceph: fix potential mdsc use-after-free crash - scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del() - [x86] EDAC/ie31200: Fallback if host bridge device is already initialized - [arm64] KVM: Fix symbol dependency in __hyp_call_panic_nvhe - USB: sisusbvga: Fix a potential UB casued by left shifting a negative value - [arm64] drm/msm/adreno: fix updating ring fence - nvme-fc: Fix wrong return value in __nvme_fc_init_request() - null_blk: fix passing of REQ_FUA flag in null_handle_rq - jbd2: make sure jh have b_transaction set in refile/unfile_buffer - ext4: don't BUG on inconsistent journal feature - ext4: handle read only external journal device - jbd2: abort journal if free a async write error metadata buffer - ext4: handle option set by mount flags correctly - ext4: handle error of ext4_setup_system_zone() on remount - ext4: correctly restore system zone info when remount fails - fs: prevent BUG_ON in submit_bh_wbc() - [s390x] cio: add cond_resched() in the slow_eval_known_fn() loop - scsi: fcoe: Fix I/O path allocation - scsi: ufs: Fix possible infinite loop in ufshcd_hold - scsi: ufs: Improve interrupt handling for shared interrupts - scsi: ufs: Clean up completed request without interrupt notification - scsi: qla2xxx: Check if FW supports MQ before enabling - scsi: qla2xxx: Fix null pointer access during disconnect from subsystem - Revert "scsi: qla2xxx: Fix crash on qla2x00_mailbox_command" - macvlan: validate setting of multiple remote source MAC addresses - [powerpc*] perf: Fix soft lockups due to missed interrupt accounting - block: loop: set discard granularity and alignment for block device backed loop - [arm64,x86] HID: i2c-hid: Always sleep 60ms after I2C_HID_PWR_ON commands - blk-mq: order adding requests to hctx->dispatch and checking SCHED_RESTART - btrfs: reset compression level for lzo on remount - btrfs: fix space cache memory leak after transaction abort - fbcon: prevent user font height or width change from causing potential out-of-bounds access - vt: defer kfree() of vc_screenbuf in vc_do_resize() - vt_ioctl: change VT_RESIZEX ioctl to check for error return from vc_resize() - [armhf] serial: samsung: Removes the IRQ not found warning - [arm*] serial: pl011: Fix oops on -EPROBE_DEFER - [arm*] serial: pl011: Don't leak amba_ports entry on driver register error - serial: 8250_exar: Fix number of ports for Commtech PCIe cards - serial: 8250: change lock order in serial8250_do_startup() - writeback: Protect inode->i_io_list with inode->i_lock - writeback: Avoid skipping inode writeback - writeback: Fix sync livelock due to b_dirty_time processing - XEN uses irqdesc::irq_data_common::handler_data to store a per interrupt XEN data pointer which contains XEN specific information. - usb: host: xhci: fix ep context print mismatch in debugfs - xhci: Do warm-reset when both CAS and XDEV_RESUME are set - xhci: Always restore EP_SOFT_CLEAR_TOGGLE even if ep reset failed - PM: sleep: core: Fix the handling of pending runtime resume requests - device property: Fix the secondary firmware node handling in set_primary_fwnode() - [x86] genirq/matrix: Deal with the sillyness of for_each_cpu() on UP - drm/amdgpu: Fix buffer overflow in INFO ioctl - USB: yurex: Fix bad gfp argument - USB: quirks: Add no-lpm quirk for another Raydium touchscreen - USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D - [armhf] usb: host: ohci-exynos: Fix error handling in exynos_ohci_probe() - USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() - USB: cdc-acm: rework notification_buffer resizing - btrfs: check the right error variable in btrfs_del_dir_entries_in_log - [arm64,armhf] usb: dwc3: gadget: Don't setup more than requested - [arm64,armhf] usb: dwc3: gadget: Fix handling ZLP - [arm64,armhf] usb: dwc3: gadget: Handle ZLP for sg requests - [arm64,x86] tpm: Unify the mismatching TPM space buffer sizes - HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.144 - HID: core: Correctly handle ReportSize being zero - HID: core: Sanitize event code and type when mapping input - scsi: target: tcmu: Fix size in calls to tcmu_flush_dcache_range - scsi: target: tcmu: Optimize use of flush_dcache_page - [arm64] drm/msm: add shutdown support for display platform_driver - [x86] hwmon: (applesmc) check status earlier. - nvmet: Disable keep-alive timer when kato is cleared to 0h - [arm64] drm/msm/a6xx: fix gmu start on newer firmware - ceph: don't allow setlease on cephfs - cpuidle: Fixup IRQ state - [s390x] don't trace preemption in percpu macros - xen/xenbus: Fix granting of vmalloc'd memory - dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling - batman-adv: Avoid uninitialized chaddr when handling DHCP - batman-adv: bla: use netif_rx_ni when not in interrupt context - [mips*] mm: BMIPS5000 has inclusive physical caches - netfilter: nf_tables: add NFTA_SET_USERDATA if not null - netfilter: nf_tables: incorrect enum nft_list_attributes definition - netfilter: nf_tables: fix destination register zeroing - [arm64] net: hns: Fix memleak in hns_nic_dev_probe - [arm64,armhf] dmaengine: pl330: Fix burst length if burst size is smaller than bus width - gtp: add GTPA_LINK info to msg sent to userspace - bnxt_en: Don't query FW when netif_running() is false. - bnxt_en: Check for zero dir entries in NVRAM. - bnxt_en: Fix PCI AER error recovery flow - bnxt_en: fix HWRM error when querying VF temperature - xfs: fix boundary test in xfs_attr_shortform_verify (CVE-2020-14385) - bnxt: don't enable NAPI until rings are ready - netfilter: nfnetlink: nfnetlink_unicast() reports EAGAIN instead of ENOBUFS - nvmet-fc: Fix a missed _irqsave version of spin_lock in 'nvmet_fc_fod_op_done()' - net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init() - fix regression in "epoll: Keep a reference on files added to the check list" - xfs: fix xfs_bmap_validate_extent_raw when checking attr fork of rt files - tg3: Fix soft lockup when tg3_reset_task() fails. - [amd64] x86, fakenuma: Fix invalid starting node ID - [amd64] iommu/vt-d: Serialize IOMMU GCMD register modifications - [armhf] thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430 - xfs: don't update mtime on COW faults - btrfs: drop path before adding new uuid tree entry - vfio/type1: Support faulting PFNMAP vmas - vfio-pci: Fault mmaps to enable vma tracking - vfio-pci: Invalidate mmaps and block MMIO access on disabled memory (CVE-2020-12888) - btrfs: Remove redundant extent_buffer_get in get_old_root - btrfs: Remove extraneous extent_buffer_get from tree_mod_log_rewind - btrfs: set the lockdep class for log tree extent buffers - uaccess: Add non-pagefault user-space read functions - uaccess: Add non-pagefault user-space write function - btrfs: fix potential deadlock in the search ioctl - net: usb: qmi_wwan: add Telit 0x1050 composition - usb: qmi_wwan: add D-Link DWM-222 A2 device ID - ALSA: ca0106: fix error code handling - ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check - [x86] ALSA: hda/hdmi: always check pin power status in i915 pin fixup - ALSA: firewire-digi00x: exclude Avid Adrenaline from detection - [x86] ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO - media: rc: do not access device via sysfs after rc_unregister_device() - media: rc: uevent sysfs file races with rc_unregister_device() - affs: fix basic permission bits to actually work - block: allow for_each_bvec to support zero len bvec - libata: implement ATA_HORKAGE_MAX_TRIM_128M and apply to Sandisks - dm writecache: handle DAX to partitions on persistent memory correctly - dm cache metadata: Avoid returning cmd->bm wild pointer on error - dm thin metadata: Avoid returning cmd->bm wild pointer on error - mm: slub: fix conversion of freelist_corrupted() - [arm64] KVM: Add kvm_extable for vaxorcism code - [arm64] KVM: Defer guest entry when an asynchronous exception is pending - [arm64] KVM: Survive synchronous exceptions caused by AT instructions - [arm64] KVM: Set HCR_EL2.PTW to prevent AT taking synchronous exception - vfio/pci: Fix SR-IOV VF handling with MMIO blocking - checkpatch: fix the usage of capture group ( ... ) - mm/hugetlb: fix a race between hugetlb sysctl handlers (CVE-2020-25285) - cfg80211: regulatory: reject invalid hints - net: usb: Fix uninit-was-stored issue in asix_read_phy_addr() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.145 - ALSA; firewire-tascam: exclude Tascam FE-8 from detection - block: ensure bdi->io_pages is always initialized - net: usb: dm9601: Add USB ID of Keenetic Plus DSL - sctp: not disable bh in the whole sctp_get_port_local() - tipc: fix shutdown() of connectionless socket - net: disable netpoll on fresh napis - [arm64,armhf] net/mlx5e: Don't support phys switch id if not in switchdev mode https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.146 - RDMA/rxe: Fix memleak in rxe_mem_init_user - RDMA/rxe: Drop pointless checks in rxe_init_ports - [armhf] drm/sun4i: Fix dsi dcs long write function - scsi: libsas: Set data_dir as DMA_NONE if libata marks qc as NODATA - RDMA/core: Fix reported speed and width - [arm64] mmc: sdhci-msm: Add retries when all tuning phases are found valid - [arm64,x86] dmaengine: acpi: Put the CSRT table after using it - netfilter: conntrack: allow sctp hearbeat after connection re-use - [x86] firestream: Fix memleak in fs_open - [arm64,armhf] ALSA: hda: Fix 2 channel swapping for Tegra - xfs: initialize the shortform attr header padding entry - nvme-fabrics: don't check state NVME_CTRL_NEW for request acceptance - nvme-rdma: serialize controller teardown sequences - HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for all Saitek X52 devices - [ppc64el,x86] drivers/net/wan/hdlc_cisco: Add hard_header_len - HID: elan: Fix memleak in elan_input_configured - [x86] cpufreq: intel_pstate: Refuse to turn off with HWP enabled - [x86] cpufreq: intel_pstate: Fix intel_pstate_get_hwp_max() for turbo disabled - ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled - [amd64] iommu/amd: Do not use IOMMUv2 functionality when SME is active - [x86] iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak. - [x86] iio:magnetometer:ak8975 Fix alignment and data leak issues. - [armhf] iio:accel:mma8452: Fix timestamp alignment and prevent data leak. - [x86] staging: wlan-ng: fix out of bounds read in prism2sta_probe_usb() - btrfs: require only sector size alignment for parent eb bytenr - btrfs: fix lockdep splat in add_missing_dev - btrfs: fix wrong address when faulting in pages in the search ioctl - regulator: push allocation in set_consumer_device_supply() out of lock - scsi: target: iscsi: Fix data digest calculation - scsi: target: iscsi: Fix hang in iscsit_access_np() when getting tpg->np_login_sem - [arm64] drm/msm: Disable preemption on all 5xx targets - rbd: require global CAP_SYS_ADMIN for mapping and unmapping (CVE-2020-25284) - RDMA/rxe: Fix the parent sysfs read when the interface has 15 chars - vgacon: remove software scrollback support - fbcon: remove soft scrollback code (CVE-2020-14390) - fbcon: remove now unusued 'softback_lines' cursor() argument - [x86] KVM: VMX: Don't freeze guest when event delivery causes an APIC-access exit - [x86] video: fbdev: fix OOB read in vga_8planes_imageblit() - [arm64] phy: qcom-qmp: Use correct values for ipq8074 PCIe Gen2 PHY init - usb: core: fix slab-out-of-bounds Read in read_descriptors - USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter - USB: serial: option: support dynamic Quectel USB compositions - USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules - usb: Fix out of sync data toggle if a configured device is reconfigured - [x86] usb: typec: ucsi: acpi: Check the _DEP dependencies . [ Salvatore Bonaccorso ] * Bump ABI to 11 * Drop 'Revert "mips: Add udelay lpj numbers adjustment"' * [rt] Update to 4.19.135-rt60 * [rt] Refresh "net: Use skbufhead with raw lock" for context changes in 4.19.136 * [rt] Refresh "timers: Prepare for full preemption" for context changes in 4.19.138 * [rt] Refresh "timers: Redo the notification of canceling timers on -RT" for context changes in 4.19.138 * [rt] Refresh "watchdog: prevent deferral of watchdogd wakeup on RT" for context changes in 4.19.141 * Refresh "net: ena: fix crash during ena_remove()" for context changes in 4.19.142 * [rt] Refresh "Split IRQ-off and zone->lock while freeing pages from PCP list #1" for context changes in 4.19.142 * ACPI: configfs: Disallow loading ACPI tables when locked down (CVE-2020-15780) * [rt] Update to 4.19.142-rt63 * net/packet: fix overflow in tpacket_rcv (CVE-2020-14386) * debian/tests/python: pycodestyle: Increase max-line-length to 100. * gfs2: initialize transaction tr_ailX_lists earlier (Closes: #968567) linux-latest (105+deb10u6) buster; urgency=medium . * Update to 4.19.0-11 linux-signed-amd64 (4.19.146+1) buster; urgency=medium . * Sign kernel from linux 4.19.146-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.133 - [s390x] KVM: s390: reduce number of IO pins to 1 - regmap: fix alignment issue - [arm64,armhf] drm/tegra: hub: Do not enable orphaned window group - [arm64,armhf] gpu: host1x: Detach driver on unregister - spi: spidev: fix a race between spidev_release and spidev_remove - spi: spidev: fix a potential use-after-free in spidev_release() - ixgbe: protect ring accesses with READ- and WRITE_ONCE - i40e: protect ring accesses with READ- and WRITE_ONCE - [x86] drm: panel-orientation-quirks: Add quirk for Asus T101HA panel - [x86] drm: panel-orientation-quirks: Use generic orientation-data for Acer S1003 - cifs: update ctime and mtime during truncate - [armhf] imx6: add missing put_device() call in imx6q_suspend_init() - scsi: mptscsih: Fix read sense data size - [arm64] usb: dwc3: pci: Fix reference count leak in dwc3_pci_resume_work - block: release bip in a right way in error path - nvme-rdma: assign completion vector correctly - [x86] entry: Increase entry_stack size to a full page - net: cxgb4: fix return error value in t4_prep_fw - smsc95xx: check return value of smsc95xx_reset - smsc95xx: avoid memory leak in smsc95xx_bind - [arm64] net: hns3: fix use-after-free when doing self test - [x86] ALSA: compress: fix partial_drain completion state - nbd: Fix memory leak in nbd_add_socket - cxgb4: fix all-mask IP address comparison - bnxt_en: fix NULL dereference in case SR-IOV configuration fails - [arm64] net: macb: mark device wake capable when "magic-packet" property present - ALSA: opl3: fix infoleak in opl3 - ALSA: hda - let hs_mic be picked ahead of hp_mic - ALSA: usb-audio: add quirk for MacroSilicon MS2109 - [arm64] KVM: Fix definition of PAGE_HYP_DEVICE - [arm64] KVM: Stop clobbering x0 for HVC_SOFT_RESTART - [x86] KVM: bit 8 of non-leaf PDPEs is not reserved - [x86] KVM: Inject #GP if guest attempts to toggle CR4.LA57 in 64-bit mode - [x86] KVM: Mark CR4.TSD as being possibly owned by the guest - kallsyms: Refactor kallsyms_show_value() to take cred - kernel: module: Use struct_size() helper - module: Refactor section attr into bin attribute - module: Do not expose section addresses to non-CAP_SYSLOG - kprobes: Do not expose probe addresses to non-CAP_SYSLOG - bpf: Check correct cred for CAP_SYSLOG in bpf_dump_raw_ok() - btrfs: fix fatal extent_buffer readahead vs releasepage race - drm/radeon: fix double free - dm: use noio when sending kobject event - [s390x] mm: fix huge pte soft dirty copying https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.134 - perf: Make perf able to build with latest libbfd - genetlink: remove genl_bind - ipv4: fill fl4_icmp_{type,code} in ping_v4_sendmsg - l2tp: remove skb_dst_set() from l2tp_xmit_skb() - llc: make sure applications use ARPHRD_ETHER - net: Added pointer check for dst->ops->neigh_lookup in dst_neigh_lookup_skb - net_sched: fix a memory leak in atm_tc_init() - net: usb: qmi_wwan: add support for Quectel EG95 LTE modem - tcp: fix SO_RCVLOWAT possible hangs under high mem pressure - tcp: make sure listeners don't initialize congestion-control state - tcp: md5: add missing memory barriers in tcp_md5_do_add()/tcp_md5_hash_key() - tcp: md5: do not send silly options in SYNCOOKIES - tcp: md5: refine tcp_md5_do_add()/tcp_md5_hash_key() barriers - tcp: md5: allow changing MD5 keys in all socket states - cgroup: fix cgroup_sk_alloc() for sk_clone_lock() (CVE-2020-14356) (Closes: #966846) - cgroup: Fix sock_cgroup_data on big-endian. - sched: consistently handle layer3 header accesses in the presence of VLANs - vlan: consolidate VLAN parsing code and limit max parsing depth - [arm64] drm/msm: fix potential memleak in error branch - [arm64] alternatives: use subsections for replacement sequences - [arm64,x86] tpm_tis: extra chip->ops check on error path in tpm_tis_core_init - gfs2: read-only mounts should grab the sd_freeze_gl glock - [i386] i2c: eg20t: Load module automatically if ID matches - [arm64] alternatives: don't patch up internal branches - [armhf] iio: mma8452: Add missed iio_device_unregister() call in mma8452_probe() - [armhf] net: dsa: bcm_sf2: Fix node reference count - of: of_mdio: Correct loop scanning logic - Revert "usb/ohci-platform: Fix a warning when hibernating" - [arm64,armhf] Revert "usb/xhci-plat: Set PM runtime as active on resume" - Revert "usb/ehci-platform: Set PM runtime as active on resume" - [arm64,armhf] net: sfp: add support for module quirks - [arm64,armhf] net: sfp: add some quirks for GPON modules - HID: quirks: Remove ITE 8595 entry from hid_have_special_driver - ALSA: usb-audio: Create a registration quirk for Kingston HyperX Amp (0951:16d8) - mmc: sdhci: do not enable card detect interrupt for gpio cd type - ALSA: usb-audio: Rewrite registration quirk handling - [x86] ACPI: video: Use native backlight on Acer Aspire 5783z - ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Alpha S - [x86] ACPI: video: Use native backlight on Acer TravelMate 5735Z - ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Flight S - [arm64,armhf] phy: sun4i-usb: fix dereference of pointer phy0 before it is null checked - [armhf] spi: spi-sun6i: sun6i_spi_transfer_one(): fix setting of clock rate - [x86] staging: comedi: verify array index is correct before using it - regmap: debugfs: Don't sleep while atomic for fast_io regmaps - [x86] copy_xstate_to_kernel: Fix typo which caused GDB regression - apparmor: ensure that dfa state tables have entries - perf stat: Zero all the 'ena' and 'run' array slot stats for interval mode - [armhf] mtd: rawnand: marvell: Use nand_cleanup() when the device is not yet registered - [armhf] mtd: rawnand: marvell: Fix probe error path - mtd: rawnand: timings: Fix default tR_max and tCCS_min timings - HID: magicmouse: do not set up autorepeat - HID: quirks: Always poll Obins Anne Pro 2 keyboard - HID: quirks: Ignore Simply Automated UPB PIM - ALSA: line6: Perform sanity check for each URB creation - ALSA: line6: Sync the pending work cancel at disconnection - ALSA: usb-audio: Fix race against the error recovery URB submission - [x86] ALSA: hda/realtek - change to suitable link model for ASUS platform - [x86] ALSA: hda/realtek - Enable Speaker for ASUS UX533 and UX534 - [arm*] usb: dwc2: Fix shutdown callback in platform - [arm64,armhf] usb: chipidea: core: add wakeup support for extcon - USB: serial: iuu_phoenix: fix memory corruption - USB: serial: cypress_m8: enable Simply Automated UPB PIM - USB: serial: ch341: add new Product ID for CH340 - USB: serial: option: add GosunCn GM500 series - USB: serial: option: add Quectel EG95 LTE modem - [x86] virt: vbox: Fix VBGL_IOCTL_VMMDEV_REQUEST_BIG and _LOG req numbers to match upstream - [x86] virt: vbox: Fix guest capabilities mask check - [arm64] virtio: virtio_console: add missing MODULE_DEVICE_TABLE() for rproc serial - ovl: inode reference leak in ovl_is_inuse true case. - ovl: relax WARN_ON() when decoding lower directory file handle - ovl: fix unneeded call to ovl_change_flags() - fuse: Fix parameter for FS_IOC_{GET,SET}FLAGS - Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()" (CVE-2020-10781) - [x86] mei: bus: don't clean driver pointer - timer: Prevent base->clk from moving backward - timer: Fix wheel index calculation on last level - [mips*] Fix build for LTS kernel caused by backporting lpj adjustment - hwmon: (emc2103) fix unable to change fan pwm1_enable attribute - [powerpc*] book3s64/pkeys: Fix pkey_access_permitted() for execute disable pkey - [x86] intel_th: pci: Add Jasper Lake CPU support - [x86] intel_th: pci: Add Tiger Lake PCH-H support - [x86] intel_th: pci: Add Emmitsburg PCH support - [x86] intel_th: Fix a NULL dereference when hub driver is not loaded - [arm*] thermal/drivers/cpufreq_cooling: Fix wrong frequency converted from power - [arm64] ptrace: Override SPSR.SS when single-stepping is enabled - [arm64] ptrace: Consistently use pseudo-singlestep exceptions - [arm64] compat: Ensure upper 32 bits of x0 are zero on syscall return - sched: Fix unreliable rseq cpu_id for new tasks - sched/fair: handle case of task_h_load() returning 0 - genirq/affinity: Handle affinity setting on inactive interrupts correctly - printk: queue wake_up_klogd irq_work only if per-CPU areas are ready - libceph: don't omit recovery_deletes in target_copy() - rxrpc: Fix trace string https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.135 - mac80211: allow rx of mesh eapol frames with default rx key - scsi: scsi_transport_spi: Fix function pointer check - net: sky2: initialize return of gm_phy_read - drm/nouveau/i2c/g94-: increase NV_PMGR_DP_AUXCTL_TRANSACTREQ timeout - fuse: fix weird page warning - [x86] irqdomain/treewide: Keep firmware node unconditionally allocated - SUNRPC reverting d03727b248d0 ("NFSv4 fix CLOSE not waiting for direct IO compeletion") - tipc: clean up skb list lock handling on send path - IB/umem: fix reference count leak in ib_umem_odp_get() - uprobes: Change handle_swbp() to send SIGTRAP with si_code=SI_KERNEL, to fix GDB regression - ALSA: info: Drop WARN_ON() from buffer NULL sanity check - btrfs: fix double free on ulist after backref resolution failure - btrfs: fix mount failure caused by race with umount - btrfs: fix page leaks after failure to lock page for delalloc - bnxt_en: Fix race when modifying pause settings. - [x86] hippi: Fix a size used in a 'pci_free_consistent()' in an error handling path - ax88172a: fix ax88172a_unbind() failures - ieee802154: fix one possible memleak in adf7242_probe - [arm64,armhf] drm: sun4i: hdmi: Fix inverted HPD result - [arm64,armhf] net: smc91x: Fix possible memory leak in smc_drv_probe() - bonding: check error value of register_netdevice() immediately - qed: suppress "don't support RoCE & iWARP" flooding on HW init - ipvs: fix the connection sync failed in some cases - bonding: check return value of register_netdevice() in bond_newlink() - serial: exar: Fix GPIO configuration for Sealevel cards based on XR17V35X - [arm64,x86] HID: i2c-hid: add Mediacom FlexBook edge13 to descriptor override - HID: alps: support devices with report id 2 - HID: steam: fixes race in handling device list. - HID: apple: Disable Fn-key key-re-mapping on clone keyboards - [arm64] dmaengine: tegra210-adma: Fix runtime PM imbalance on error - Input: add `SW_MACHINE_COVER` - regmap: dev_get_regmap_match(): fix string comparison - hwmon: (aspeed-pwm-tacho) Avoid possible buffer overflow - [amd64] dmaengine: ioat setting ioat timeout as module parameter - [x86] Input: synaptics - enable InterTouch for ThinkPad X1E 1st gen - [arm64] Use test_tsk_thread_flag() for checking TIF_SINGLESTEP - [arm*] binder: Don't use mmput() from shrinker function. - usb: xhci: Fix ASM2142/ASM3142 DMA addressing - Revert "cifs: Fix the target file was deleted when rename failed." (Closes: #966917) - [x86] staging: wlan-ng: properly check endpoint types - [x86] staging: comedi: addi_apci_1032: check INSN_CONFIG_DIGITAL_TRIG shift - [x86] staging: comedi: ni_6527: fix INSN_CONFIG_DIGITAL_TRIG support - [x86] staging: comedi: addi_apci_1500: check INSN_CONFIG_DIGITAL_TRIG shift - [x86] staging: comedi: addi_apci_1564: check INSN_CONFIG_DIGITAL_TRIG shift - serial: 8250: fix null-ptr-deref in serial8250_start_tx() - fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins. - vt: Reject zero-sized screen buffer size. - mm/memcg: fix refcount error while moving and swapping - mm: memcg/slab: synchronize access to kmem_cache dying flag using a spinlock - mm: memcg/slab: fix memory leak at non-root kmem_cache destroy - io-mapping: indicate mapping failure - drm/amdgpu: Fix NULL dereference in dpm sysfs handlers - [x86] vmlinux.lds: Page-align end of ..page_aligned sections - [x86] ASoC: rt5670: Add new gpio1_is_ext_spk_en quirk and enable it on the Lenovo Miix 2 10 - dm integrity: fix integrity recalculation that is improperly skipped - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb - ath9k: Fix regression with Atheros 9271 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.136 - AX.25: Fix out-of-bounds read in ax25_connect() - AX.25: Prevent out-of-bounds read in ax25_sendmsg() - dev: Defer free of skbs in flush_backlog - ip6_gre: fix null-ptr-deref in ip6gre_init_net() - net-sysfs: add a newline when printing 'tx_timeout' by sysfs - net: udp: Fix wrong clean up for IS_UDPLITE macro - rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA - tcp: allow at most one TLP probe per flight - AX.25: Prevent integer overflows in connect and sendmsg - sctp: shrink stream outq only when new outcnt < old outcnt - sctp: shrink stream outq when fails to do addstream reconf - udp: Copy has_conns in reuseport_grow(). - udp: Improve load balancing for SO_REUSEPORT. - rtnetlink: Fix memory(net_device) leak when ->newlink fails - regmap: debugfs: check count when read regmap file https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.137 - [x86] crypto: ccp - Release all allocated memory if sha type is invalid (CVE-2019-18808) - media: rc: prevent memory leak in cx23888_ir_probe (CVE-2019-19054) - iio: imu: adis16400: fix memory leak (CVE-2019-19061) - [x86] drm/amdgpu: fix multiple memory leaks in acp_hw_init (CVE-2019-19067) - tracing: Have error path in predicate_parse() free its allocated memory (CVE-2019-19072) - ath9k_htc: release allocated buffer if timed out (CVE-2019-19073) - ath9k: release allocated buffer if timed out (CVE-2019-19074) - drm/amd/display: prevent memory leak (CVE-2019-19082) - btrfs: inode: Verify inode mode to avoid NULL pointer dereference (CVE-2019-19813, CVE-2019-19816) - sctp: implement memory accounting on tx path (CVE-2019-3874) - Btrfs: fix selftests failure due to uninitialized i_mode in test inodes - PCI/ASPM: Disable ASPM on ASMedia ASM1083/1085 PCIe-to-PCI bridge - 9p/trans_fd: Fix concurrency del of req_list in p9_fd_cancelled/p9_read_work - wireless: Use offsetof instead of custom macro. - [armel,armhf] 8986/1: hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints - Revert "drm/amdgpu: Fix NULL dereference in dpm sysfs handlers" - drm/amdgpu: Prevent kernel-infoleak in amdgpu_info_ioctl() - drm: hold gem reference until object is no longer accessed - rds: Prevent kernel-infoleak in rds_notify_queue_get() - xfs: fix missed wakeup on l_flush_wait - xfrm: Fix crash when the hold queue is used. - net/mlx5: Verify Hardware supports requested ptp function on a given pin - net: lan78xx: add missing endpoint sanity check - net: lan78xx: fix transfer-buffer memory leak - mlx4: disable device on shutdown - bpf: Fix map leak in HASH_OF_MAPS map - mac80211: mesh: Free ie data when leaving mesh - mac80211: mesh: Free pending skb when destroying a mpath - [arm64] alternatives: move length validation inside the subsection - [arm64] csum: Fix handling of bad packets - Bluetooth: fix kernel oops in store_pending_adv_report - net/mlx5e: fix bpf_prog reference count leaks in mlx5e_alloc_rq - qed: Disable "MFW indication via attention" SPAM every 5 minutes - [amd64] x86/unwind/orc: Fix ORC for newly forked tasks - cxgb4: add missing release on skb in uld_send() - xen-netfront: fix potential deadlock in xennet_remove() - [x86] KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled - [x86] i8259: Use printk_deferred() to prevent deadlock https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.138 - random32: update the net random state on interrupt and activity (CVE-2020-16166) - [armel] ARM: percpu.h: fix build error - random: fix circular include dependency on arm64 after addition of percpu.h - random32: remove net_rand_state from the latent entropy gcc plugin - random32: move the pseudo-random 32-bit definitions to prandom.h - ext4: fix direct I/O read error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.139 - USB: serial: qcserial: add EM7305 QDL product ID - USB: iowarrior: fix up report size handling for some devices - usb: xhci: define IDs for various ASMedia host controllers - usb: xhci: Fix ASMedia ASM1142 DMA addressing - Revert "ALSA: hda: call runtime_allow() for all hda controllers" - [arm*] staging: android: ashmem: Fix lockdep warning for write operation - Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_evt() - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt() - [arm*] binder: Prevent context manager from incrementing ref 0 - vgacon: Fix for missing check in scrollback handling (CVE-2020-14331) - mtd: properly check all write ioctls for permissions - net/9p: validate fds in p9_fd_open - drm/nouveau/fbcon: fix module unload when fbcon init has failed for some reason - drm/nouveau/fbcon: zero-initialise the mode_cmd2 structure - usb: hso: check for return value in hso_serial_common_create() - firmware: Fix a reference count leak. - cfg80211: check vendor command doit pointer before use - igb: reinit_locked() should be called with rtnl_lock - atm: fix atm_dev refcnt leaks in atmtcp_remove_persistent - tools lib traceevent: Fix memory leak in process_dynamic_array_len - [x86] Drivers: hv: vmbus: Ignore CHANNELMSG_TL_CONNECT_RESULT(23) - xattr: break delegations in {set,remove}xattr - ipv4: Silence suspicious RCU usage warning - ipv6: fix memory leaks on IPV6_ADDRFORM path - vxlan: Ensure FDB dump is performed under RCU - net: lan78xx: replace bogus endpoint lookup - [x86] hv_netvsc: do not use VF device if link is down - net: gre: recompute gre csum for sctp over gre tunnels - [arm64] net: thunderx: use spin_lock_bh in nicvf_set_rx_mode_task() - openvswitch: Prevent kernel-infoleak in ovs_ct_put_key() - Revert "vxlan: fix tos value before xmit" - rxrpc: Fix race between recvmsg and sendmsg on immediate call failure - i40e: add num_vectors checker in iwarp handler - i40e: Wrong truncation from u16 to u8 - i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c - i40e: Memory leak in i40e_config_iwarp_qvlist https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.140 - tracepoint: Mark __tracepoint_string's __used - HID: input: Fix devices that return multiple bytes in battery report - cgroup: add missing skcd->no_refcnt check in cgroup_sk_clone() - [x86] mce/inject: Fix a wrong assignment of i_mce.status - sched/fair: Fix NOHZ next idle balance - sched: correct SD_flags returned by tl->sd_flags() - EDAC: Fix reference count leaks - [x86] platform/x86: intel-hid: Fix return value check in check_acpi_dev() - [x86] platform/x86: intel-vbtn: Fix return value check in check_acpi_dev() - [armhf] drm/tilcdc: fix leak & null ref in panel_connector_get_modes - Bluetooth: add a mutex lock to avoid UAF in do_enale_set - loop: be paranoid on exit and prevent new additions / removals - fs/btrfs: Add cond_resched() for try_release_extent_mapping() stalls - drm/amdgpu: avoid dereferencing a NULL pointer - drm/radeon: Fix reference count leaks caused by pm_runtime_get_sync - [x86] crypto: aesni - Fix build with LLVM_IAS=1 - video: fbdev: neofb: fix memory leak in neo_scan_monitor() - md-cluster: fix wild pointer of unlock_all_bitmaps() - [arm64] dts: hisilicon: hikey: fixes to comply with adi, adv7533 DT binding - [armhf] drm/etnaviv: fix ref count leak via pm_runtime_get_sync - drm/nouveau: fix multiple instances of reference count leaks - drm/debugfs: fix plain echo to connector "force" attribute - drm/radeon: disable AGP by default - mm/mmap.c: Add cond_resched() for exit_mmap() CPU stalls - brcmfmac: keep SDIO watchdog running when console_interval is non-zero - brcmfmac: To fix Bss Info flag definition Bug - brcmfmac: set state of hanger slot to FREE when flushing PSQ - iwlegacy: Check the return value of pcie_capability_read_*() - [arm64,armhf] gpu: host1x: debug: Fix multiple channels emitting messages simultaneously - usb: gadget: net2280: fix memory leak on probe error handling paths - dyndbg: fix a BUG_ON in ddebug_describe_flags - bcache: fix super block seq numbers comparision in register_cache_set() - [arm64,x86] ACPICA: Do not increment operation_region reference counts for field units - [arm64] drm/msm: ratelimit crtc event overflow error - [x86] agp/intel: Fix a memory leak on module initialisation failure - ath10k: Acquire tx_lock in tx error paths - [armhf] drm/etnaviv: Fix error path on failure to enable bus clk - [arm64] drm/arm: fix unintentional integer overflow on left shift - drm/mipi: use dcs write for mipi_dsi_dcs_set_tear_scanline - [powerpc*] cxl: Fix kobject memleak - drm/radeon: fix array out-of-bounds read and write issues - ipvs: allow connection reuse for unconfirmed conntrack - xfs: don't eat an EIO/ENOSPC writeback error when scrubbing data fork - xfs: fix reflink quota reservation accounting error - RDMA/rxe: Skip dgid check in loopback mode - PCI: Fix pci_cfg_wait queue locking problem - leds: core: Flush scheduled work for system suspend - [arm64,armhf] drm: panel: simple: Fix bpc for LG LB070WV8 panel - [armhf] phy: exynos5-usbdrd: Calibrating makes sense only for USB2.0 PHY - scsi: scsi_debug: Add check for sdebug_max_queue during module init - mwifiex: Prevent memory corruption handling keys - [powerpc*] vdso: Fix vdso cpu truncation - RDMA/qedr: SRQ's bug fixes - RDMA/rxe: Prevent access to wr->next ptr afrer wr is posted to send queue - [x86] staging: rtl8192u: fix a dubious looking mask before a shift - PCI/ASPM: Add missing newline in sysfs 'policy' - [powerpc*] book3s64/pkeys: Use PVR check instead of cpu feature - USB: serial: iuu_phoenix: fix led-activity helpers - usb: core: fix quirks_param_set() writing to a const pointer - [armhf] thermal: ti-soc-thermal: Fix reversed condition in ti_thermal_expose_sensor() - [mips*] OCTEON: add missing put_device() call in dwc3_octeon_device_init() - [arm*] usb: dwc2: Fix error path in gadget registration - [arm64,armhf] net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration - RDMA/core: Fix return error value in _ib_modify_qp() to negative - Bluetooth: hci_h5: Set HCI_UART_RESET_ON_INIT to correct flags - Bluetooth: hci_serdev: Only unregister device if it was registered - [x86] PCI: Release IVRS table in AMD ACS quirk - [s390x] qeth: don't process empty bridge port events - [arm64,armhf] wl1251: fix always return 0 error - [amd64] net: ethernet: aquantia: Fix wrong return value - liquidio: Fix wrong return value in cn23xx_get_pf_num() - dlm: Fix kobject memleak - ocfs2: fix unbalanced locking - [arm64,armhf] pinctrl-single: fix pcs_parse_pinconf() return value - svcrdma: Fix page leak in svc_rdma_recv_read_chunk() - [x86] fsgsbase/64: Fix NULL deref in 86_fsgsbase_read_task - [amd64] crypto: aesni - add compatibility with IAS - af_packet: TPACKET_V3: fix fill status rwlock imbalance - net/nfc/rawsock.c: add CAP_NET_RAW check. - net: Set fput_needed iff FDPUT_FPUT is set - net: refactor bind_bucket fastreuse into helper - net: initialize fastreuse on inet_inherit_port - USB: serial: cp210x: re-enable auto-RTS on open - USB: serial: cp210x: enable usb generic throttle/unthrottle - [x86] ALSA: hda - fix the micmute led status for Lenovo ThinkCentre AIO - ALSA: usb-audio: Creative USB X-Fi Pro SB1095 volume knob support - ALSA: usb-audio: fix overeager device match for MacroSilicon MS2109 - ALSA: usb-audio: work around streaming quirk for MacroSilicon MS2109 - [x86] crypto: qat - fix double free in qat_uclo_create_batch_init_list - [x86] crypto: ccp - Fix use of merged scatterlists - [arm64] crypto: cpt - don't sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified - bitfield.h: don't compile-time validate _val in FIELD_FIT - fs/minix: check return value of sb_getblk() - fs/minix: don't allow getting deleted inodes - fs/minix: reject too-large maximum file size - ALSA: usb-audio: add quirk for Pioneer DDJ-RB - 9p: Fix memory leak in v9fs_mount - drm/ttm/nouveau: don't call tt destroy callback on alloc failure. - NFS: Don't move layouts to plh_return_segs list while in use - NFS: Don't return layout segments that are in use - [arm64] cpufreq: dt: fix oops on armada37xx - include/asm-generic/vmlinux.lds.h: align ro_after_init - spi: spidev: Align buffers for DMA - [x86] irqdomain/treewide: Free firmware node after domain removal - xen/balloon: fix accounting in alloc_xenballooned_pages error path - xen/balloon: make the balloon wait interruptible https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.141 - smb3: warn on confusing error scenario with sec=krb5 - genirq/affinity: Make affinity setting if activated opt-in - [arm64,x86] PCI: hotplug: ACPI: Fix context refcounting in acpiphp_grab_context() - PCI: Mark AMD Navi10 GPU rev 0x00 ATS as broken - PCI: Add device even if driver attach failed - [arm64] PCI: qcom: Define some PARF params needed for ipq8064 SoC - [arm64] PCI: qcom: Add support for tx term offset for rev 2.1.0 - PCI: Probe bridge window attributes once at enumeration-time - btrfs: free anon block device right after subvolume deletion - btrfs: don't allocate anonymous block device for user invisible roots - btrfs: ref-verify: fix memory leak in add_block_entry - btrfs: don't traverse into the seed devices in show_devname - btrfs: open device without device_list_mutex - btrfs: fix messages after changing compression level by remount - btrfs: only search for left_info if there is no right_info in try_merge_free_space (CVE-2019-19448) - btrfs: fix memory leaks after failure to lookup checksums during inode logging - btrfs: fix return value mixup in btrfs_get_extent - cifs: Fix leak when handling lease break for cached root fid - [powerpc*] Allow 4224 bytes of stack expansion for the signal frame - [powerpc*] Fix circular dependency between percpu.h and mmu.h - [arm64] net: ethernet: stmmac: Disable hardware multicast filter - [arm64,armhf] net: stmmac: dwmac1000: provide multicast filter fallback - net/compat: Add missing sock updates for SCM_RIGHTS - md/raid5: Fix Force reconstruct-write io stuck in degraded raid5 - bcache: allocate meta data pages as compound pages - bcache: fix overflow in offset_to_stripe() - mac80211: fix misplaced while instead of if - driver core: Avoid binding drivers to dead devices - [mips*] CPU#0 is not hotpluggable - ocfs2: change slot number type s16 to u16 - mm/page_counter.c: fix protection usage propagation - ftrace: Setup correct FTRACE_FL_REGS flags for module - kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler - tracing/hwlat: Honor the tracing_cpumask - tracing: Use trace_sched_process_free() instead of exit() for pid tracing - [x86] watchdog: f71808e_wdt: indicate WDIOF_CARDRESET support in watchdog_info.options - [x86] watchdog: f71808e_wdt: remove use of wrong watchdog_info option - [x86] watchdog: f71808e_wdt: clear watchdog timeout occurred flag - [powerpc*] pseries: Fix 64 bit logical memory block panic - module: Correctly truncate sysfs sections output - [armhf] drm/imx: imx-ldb: Disable both channels for split mode in enc->disable() - RDMA/ipoib: Return void from ipoib_ib_dev_stop() - RDMA/ipoib: Fix ABBA deadlock with ipoib_reap_ah() - USB: serial: ftdi_sio: make process-packet buffer unsigned - USB: serial: ftdi_sio: clean up receive processing - [armhf] gpu: ipu-v3: image-convert: Combine rotate/no-rotate irq handlers - dm rq: don't call blk_mq_queue_stopped() in dm_stop_queue() - [amd64] iommu/vt-d: Enforce PASID devTLB field mask - scsi: lpfc: nvmet: Avoid hang / use-after-free again when destroying targetport - watchdog: initialize device before misc_register - Input: sentelic - fix error return when fsp_reg_write fails - [x86] drm/vmwgfx: Use correct vmw_legacy_display_unit pointer - [x86] drm/vmwgfx: Fix two list_for_each loop exit tests - [arm64] net: qcom/emac: add missed clk_disable_unprepare in error path of emac_clks_phase1_init - nfs: Fix getxattr kernel panic and memory overflow (CVE-2020-25212) - fs/minix: set s_maxbytes correctly - fs/minix: fix block limit check for V1 filesystems - fs/minix: remove expected error message in block_to_path() - fs/ufs: avoid potential u32 multiplication overflow - khugepaged: retract_page_tables() remember to test exit - [arm64] dts: marvell: espressobin: add ethernet alias - [x86] drm: Added orientation quirk for ASUS tablet model T103HAF https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.142 - drm/vgem: Replace opencoded version of drm_gem_dumb_map_offset() - perf probe: Fix memory leakage when the probe point is not found - khugepaged: khugepaged_test_exit() check mmget_still_valid() - khugepaged: adjust VM_BUG_ON_MM() in __khugepaged_enter() - btrfs: export helpers for subvolume name/id resolution - btrfs: don't show full path of bind mounts in subvol= - btrfs: Move free_pages_out label in inline extent handling branch in compress_file_range - btrfs: inode: fix NULL pointer dereference if inode doesn't need compression - btrfs: sysfs: use NOFS for device creation - romfs: fix uninitialized memory leak in romfs_dev_read() - kernel/relay.c: fix memleak on destroy relay channel - mm: include CMA pages in lowmem_reserve at boot - mm, page_alloc: fix core hung in free_pcppages_bulk() - ext4: fix checking of directory entry validity for inline directories - jbd2: add the missing unlock_buffer() in the error path of jbd2_write_superblock() - [s390x] scsi: zfcp: Fix use-after-free in request timeout handlers - kthread: Do not preempt current task if it is going to call schedule() - spi: Prevent adding devices below an unregistering controller - scsi: ufs: Add DELAY_BEFORE_LPM quirk for Micron devices - [arm*] scsi: target: tcmu: Fix crash in tcmu_flush_dcache_range on ARM - media: budget-core: Improve exception handling in budget_register() - Input: psmouse - add a newline when printing 'proto' by sysfs - svcrdma: Fix another Receive buffer leak - xfs: fix inode quota reservation checks - jffs2: fix UAF problem - ceph: fix use-after-free for fsc->mdsc - [x86] cpufreq: intel_pstate: Fix cpuinfo_max_freq when MSR_TURBO_RATIO_LIMIT is 0 - scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases - virtio_ring: Avoid loop when vq is broken in virtqueue_poll - xfs: Fix UBSAN null-ptr-deref in xfs_sysfs_init - fs/signalfd.c: fix inconsistent return codes for signalfd4 - ext4: fix potential negative array index in do_split() (CVE-2020-14314) - ext4: don't allow overlapping system zones - i40e: Set RX_ONLY mode for unicast promiscuous on VLAN - i40e: Fix crash during removing i40e driver - [armhf] net: fec: correct the error path for regulator disable in probe - bonding: show saner speed for broadcast mode - bonding: fix a potential double-unregister - [s390x] runtime_instrumentation: fix storage key handling - [s390x] ptrace: fix storage key handling - [x86] ASoC: intel: Fix memleak in sst_media_open - [amd64,arm64] vfio/type1: Add proper error unwind for vfio_iommu_replay() - [x86] kvm: Toggling CR4.SMAP does not load PDPTEs in PAE mode - [x86] kvm: Toggling CR4.PKE does not load PDPTEs in PAE mode - efi: avoid error message when booting under Xen - afs: Fix NULL deref in afs_dynroot_depopulate() - bonding: fix active-backup failover for current ARP slave - net: ena: Prevent reset after device destruction - [x86] hv_netvsc: Fix the queue_mapping in netvsc_vf_xmit() - [armhf] net: dsa: b53: check for timeout - [powerpc*] pseries: Do not initiate shutdown when system is running on UPS - efi: add missed destroy_workqueue when efisubsys_init fails - epoll: Keep a reference on files added to the check list - do_epoll_ctl(): clean the failure exits up a bit - mm/hugetlb: fix calculation of adjust_range_if_pmd_sharing_possible - xen: don't reschedule in preemption off sections - clk: Evict unregistered clks from parent caches - KVM: Pass MMU notifier range flags to kvm_unmap_hva_range() - [arm64] KVM: Only reschedule if MMU_NOTIFIER_RANGE_BLOCKABLE is not set https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.143 - [powerpc*] 64s: Don't init FSCR_DSCR in __init_FSCR() - gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY - net: Fix potential wrong skb->protocol in skb_vlan_untag() - net/smc: Prevent kernel-infoleak in __smc_diag_dump() - tipc: fix uninit skb->data in tipc_nl_compat_dumpit() - net: ena: Make missed_tx stat incremental - ipvlan: fix device features - [x86] mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs - [powerpc*] xive: Ignore kmemleak false positives - media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA value in debiirq() - blktrace: ensure our debugfs dir exists - scsi: target: tcmu: Fix crash on ARM during cmd completion - [arm*] iommu/iova: Don't BUG on invalid PFNs - [amd64] drm/amdkfd: Fix reference count leaks. - drm/radeon: fix multiple reference count leak - drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms - drm/amd/display: fix ref count leak in amdgpu_drm_ioctl - drm/amdgpu: fix ref count leak in amdgpu_display_crtc_set_config - drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails - scsi: lpfc: Fix shost refcount mismatch when deleting vport - xfs: Don't allow logging of XFS_ISTALE inodes - f2fs: fix error path in do_recover_data() - PCI: Fix pci_create_slot() reference count leak - rtlwifi: rtl8192cu: Prevent leaking urb - [mips*] vdso: Fix resource leaks in genvdso.c - cec-api: prevent leaking memory through hole in structure - HID: quirks: add NOGET quirk for Logitech GROUP - f2fs: fix use-after-free issue - drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open - drm/nouveau: fix reference count leak in nv50_disp_atomic_commit - drm/nouveau: Fix reference count leak in nouveau_connector_detect - btrfs: file: reserve qgroup space after the hole punch range is locked - scsi: iscsi: Do not put host in iscsi_set_flashnode_param() - ceph: fix potential mdsc use-after-free crash - scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del() - [x86] EDAC/ie31200: Fallback if host bridge device is already initialized - [arm64] KVM: Fix symbol dependency in __hyp_call_panic_nvhe - USB: sisusbvga: Fix a potential UB casued by left shifting a negative value - [arm64] drm/msm/adreno: fix updating ring fence - nvme-fc: Fix wrong return value in __nvme_fc_init_request() - null_blk: fix passing of REQ_FUA flag in null_handle_rq - jbd2: make sure jh have b_transaction set in refile/unfile_buffer - ext4: don't BUG on inconsistent journal feature - ext4: handle read only external journal device - jbd2: abort journal if free a async write error metadata buffer - ext4: handle option set by mount flags correctly - ext4: handle error of ext4_setup_system_zone() on remount - ext4: correctly restore system zone info when remount fails - fs: prevent BUG_ON in submit_bh_wbc() - [s390x] cio: add cond_resched() in the slow_eval_known_fn() loop - scsi: fcoe: Fix I/O path allocation - scsi: ufs: Fix possible infinite loop in ufshcd_hold - scsi: ufs: Improve interrupt handling for shared interrupts - scsi: ufs: Clean up completed request without interrupt notification - scsi: qla2xxx: Check if FW supports MQ before enabling - scsi: qla2xxx: Fix null pointer access during disconnect from subsystem - Revert "scsi: qla2xxx: Fix crash on qla2x00_mailbox_command" - macvlan: validate setting of multiple remote source MAC addresses - [powerpc*] perf: Fix soft lockups due to missed interrupt accounting - block: loop: set discard granularity and alignment for block device backed loop - [arm64,x86] HID: i2c-hid: Always sleep 60ms after I2C_HID_PWR_ON commands - blk-mq: order adding requests to hctx->dispatch and checking SCHED_RESTART - btrfs: reset compression level for lzo on remount - btrfs: fix space cache memory leak after transaction abort - fbcon: prevent user font height or width change from causing potential out-of-bounds access - vt: defer kfree() of vc_screenbuf in vc_do_resize() - vt_ioctl: change VT_RESIZEX ioctl to check for error return from vc_resize() - [armhf] serial: samsung: Removes the IRQ not found warning - [arm*] serial: pl011: Fix oops on -EPROBE_DEFER - [arm*] serial: pl011: Don't leak amba_ports entry on driver register error - serial: 8250_exar: Fix number of ports for Commtech PCIe cards - serial: 8250: change lock order in serial8250_do_startup() - writeback: Protect inode->i_io_list with inode->i_lock - writeback: Avoid skipping inode writeback - writeback: Fix sync livelock due to b_dirty_time processing - XEN uses irqdesc::irq_data_common::handler_data to store a per interrupt XEN data pointer which contains XEN specific information. - usb: host: xhci: fix ep context print mismatch in debugfs - xhci: Do warm-reset when both CAS and XDEV_RESUME are set - xhci: Always restore EP_SOFT_CLEAR_TOGGLE even if ep reset failed - PM: sleep: core: Fix the handling of pending runtime resume requests - device property: Fix the secondary firmware node handling in set_primary_fwnode() - [x86] genirq/matrix: Deal with the sillyness of for_each_cpu() on UP - drm/amdgpu: Fix buffer overflow in INFO ioctl - USB: yurex: Fix bad gfp argument - USB: quirks: Add no-lpm quirk for another Raydium touchscreen - USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D - [armhf] usb: host: ohci-exynos: Fix error handling in exynos_ohci_probe() - USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() - USB: cdc-acm: rework notification_buffer resizing - btrfs: check the right error variable in btrfs_del_dir_entries_in_log - [arm64,armhf] usb: dwc3: gadget: Don't setup more than requested - [arm64,armhf] usb: dwc3: gadget: Fix handling ZLP - [arm64,armhf] usb: dwc3: gadget: Handle ZLP for sg requests - [arm64,x86] tpm: Unify the mismatching TPM space buffer sizes - HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.144 - HID: core: Correctly handle ReportSize being zero - HID: core: Sanitize event code and type when mapping input - scsi: target: tcmu: Fix size in calls to tcmu_flush_dcache_range - scsi: target: tcmu: Optimize use of flush_dcache_page - [arm64] drm/msm: add shutdown support for display platform_driver - [x86] hwmon: (applesmc) check status earlier. - nvmet: Disable keep-alive timer when kato is cleared to 0h - [arm64] drm/msm/a6xx: fix gmu start on newer firmware - ceph: don't allow setlease on cephfs - cpuidle: Fixup IRQ state - [s390x] don't trace preemption in percpu macros - xen/xenbus: Fix granting of vmalloc'd memory - dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling - batman-adv: Avoid uninitialized chaddr when handling DHCP - batman-adv: bla: use netif_rx_ni when not in interrupt context - [mips*] mm: BMIPS5000 has inclusive physical caches - netfilter: nf_tables: add NFTA_SET_USERDATA if not null - netfilter: nf_tables: incorrect enum nft_list_attributes definition - netfilter: nf_tables: fix destination register zeroing - [arm64] net: hns: Fix memleak in hns_nic_dev_probe - [arm64,armhf] dmaengine: pl330: Fix burst length if burst size is smaller than bus width - gtp: add GTPA_LINK info to msg sent to userspace - bnxt_en: Don't query FW when netif_running() is false. - bnxt_en: Check for zero dir entries in NVRAM. - bnxt_en: Fix PCI AER error recovery flow - bnxt_en: fix HWRM error when querying VF temperature - xfs: fix boundary test in xfs_attr_shortform_verify (CVE-2020-14385) - bnxt: don't enable NAPI until rings are ready - netfilter: nfnetlink: nfnetlink_unicast() reports EAGAIN instead of ENOBUFS - nvmet-fc: Fix a missed _irqsave version of spin_lock in 'nvmet_fc_fod_op_done()' - net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init() - fix regression in "epoll: Keep a reference on files added to the check list" - xfs: fix xfs_bmap_validate_extent_raw when checking attr fork of rt files - tg3: Fix soft lockup when tg3_reset_task() fails. - [amd64] x86, fakenuma: Fix invalid starting node ID - [amd64] iommu/vt-d: Serialize IOMMU GCMD register modifications - [armhf] thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430 - xfs: don't update mtime on COW faults - btrfs: drop path before adding new uuid tree entry - vfio/type1: Support faulting PFNMAP vmas - vfio-pci: Fault mmaps to enable vma tracking - vfio-pci: Invalidate mmaps and block MMIO access on disabled memory (CVE-2020-12888) - btrfs: Remove redundant extent_buffer_get in get_old_root - btrfs: Remove extraneous extent_buffer_get from tree_mod_log_rewind - btrfs: set the lockdep class for log tree extent buffers - uaccess: Add non-pagefault user-space read functions - uaccess: Add non-pagefault user-space write function - btrfs: fix potential deadlock in the search ioctl - net: usb: qmi_wwan: add Telit 0x1050 composition - usb: qmi_wwan: add D-Link DWM-222 A2 device ID - ALSA: ca0106: fix error code handling - ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check - [x86] ALSA: hda/hdmi: always check pin power status in i915 pin fixup - ALSA: firewire-digi00x: exclude Avid Adrenaline from detection - [x86] ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO - media: rc: do not access device via sysfs after rc_unregister_device() - media: rc: uevent sysfs file races with rc_unregister_device() - affs: fix basic permission bits to actually work - block: allow for_each_bvec to support zero len bvec - libata: implement ATA_HORKAGE_MAX_TRIM_128M and apply to Sandisks - dm writecache: handle DAX to partitions on persistent memory correctly - dm cache metadata: Avoid returning cmd->bm wild pointer on error - dm thin metadata: Avoid returning cmd->bm wild pointer on error - mm: slub: fix conversion of freelist_corrupted() - [arm64] KVM: Add kvm_extable for vaxorcism code - [arm64] KVM: Defer guest entry when an asynchronous exception is pending - [arm64] KVM: Survive synchronous exceptions caused by AT instructions - [arm64] KVM: Set HCR_EL2.PTW to prevent AT taking synchronous exception - vfio/pci: Fix SR-IOV VF handling with MMIO blocking - checkpatch: fix the usage of capture group ( ... ) - mm/hugetlb: fix a race between hugetlb sysctl handlers (CVE-2020-25285) - cfg80211: regulatory: reject invalid hints - net: usb: Fix uninit-was-stored issue in asix_read_phy_addr() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.145 - ALSA; firewire-tascam: exclude Tascam FE-8 from detection - block: ensure bdi->io_pages is always initialized - net: usb: dm9601: Add USB ID of Keenetic Plus DSL - sctp: not disable bh in the whole sctp_get_port_local() - tipc: fix shutdown() of connectionless socket - net: disable netpoll on fresh napis - [arm64,armhf] net/mlx5e: Don't support phys switch id if not in switchdev mode https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.146 - RDMA/rxe: Fix memleak in rxe_mem_init_user - RDMA/rxe: Drop pointless checks in rxe_init_ports - [armhf] drm/sun4i: Fix dsi dcs long write function - scsi: libsas: Set data_dir as DMA_NONE if libata marks qc as NODATA - RDMA/core: Fix reported speed and width - [arm64] mmc: sdhci-msm: Add retries when all tuning phases are found valid - [arm64,x86] dmaengine: acpi: Put the CSRT table after using it - netfilter: conntrack: allow sctp hearbeat after connection re-use - [x86] firestream: Fix memleak in fs_open - [arm64,armhf] ALSA: hda: Fix 2 channel swapping for Tegra - xfs: initialize the shortform attr header padding entry - nvme-fabrics: don't check state NVME_CTRL_NEW for request acceptance - nvme-rdma: serialize controller teardown sequences - HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for all Saitek X52 devices - [ppc64el,x86] drivers/net/wan/hdlc_cisco: Add hard_header_len - HID: elan: Fix memleak in elan_input_configured - [x86] cpufreq: intel_pstate: Refuse to turn off with HWP enabled - [x86] cpufreq: intel_pstate: Fix intel_pstate_get_hwp_max() for turbo disabled - ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled - [amd64] iommu/amd: Do not use IOMMUv2 functionality when SME is active - [x86] iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak. - [x86] iio:magnetometer:ak8975 Fix alignment and data leak issues. - [armhf] iio:accel:mma8452: Fix timestamp alignment and prevent data leak. - [x86] staging: wlan-ng: fix out of bounds read in prism2sta_probe_usb() - btrfs: require only sector size alignment for parent eb bytenr - btrfs: fix lockdep splat in add_missing_dev - btrfs: fix wrong address when faulting in pages in the search ioctl - regulator: push allocation in set_consumer_device_supply() out of lock - scsi: target: iscsi: Fix data digest calculation - scsi: target: iscsi: Fix hang in iscsit_access_np() when getting tpg->np_login_sem - [arm64] drm/msm: Disable preemption on all 5xx targets - rbd: require global CAP_SYS_ADMIN for mapping and unmapping (CVE-2020-25284) - RDMA/rxe: Fix the parent sysfs read when the interface has 15 chars - vgacon: remove software scrollback support - fbcon: remove soft scrollback code (CVE-2020-14390) - fbcon: remove now unusued 'softback_lines' cursor() argument - [x86] KVM: VMX: Don't freeze guest when event delivery causes an APIC-access exit - [x86] video: fbdev: fix OOB read in vga_8planes_imageblit() - [arm64] phy: qcom-qmp: Use correct values for ipq8074 PCIe Gen2 PHY init - usb: core: fix slab-out-of-bounds Read in read_descriptors - USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter - USB: serial: option: support dynamic Quectel USB compositions - USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules - usb: Fix out of sync data toggle if a configured device is reconfigured - [x86] usb: typec: ucsi: acpi: Check the _DEP dependencies . [ Salvatore Bonaccorso ] * Bump ABI to 11 * Drop 'Revert "mips: Add udelay lpj numbers adjustment"' * [rt] Update to 4.19.135-rt60 * [rt] Refresh "net: Use skbufhead with raw lock" for context changes in 4.19.136 * [rt] Refresh "timers: Prepare for full preemption" for context changes in 4.19.138 * [rt] Refresh "timers: Redo the notification of canceling timers on -RT" for context changes in 4.19.138 * [rt] Refresh "watchdog: prevent deferral of watchdogd wakeup on RT" for context changes in 4.19.141 * Refresh "net: ena: fix crash during ena_remove()" for context changes in 4.19.142 * [rt] Refresh "Split IRQ-off and zone->lock while freeing pages from PCP list #1" for context changes in 4.19.142 * ACPI: configfs: Disallow loading ACPI tables when locked down (CVE-2020-15780) * [rt] Update to 4.19.142-rt63 * net/packet: fix overflow in tpacket_rcv (CVE-2020-14386) * debian/tests/python: pycodestyle: Increase max-line-length to 100. * gfs2: initialize transaction tr_ailX_lists earlier (Closes: #968567) linux-signed-arm64 (4.19.146+1) buster; urgency=medium . * Sign kernel from linux 4.19.146-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.133 - [s390x] KVM: s390: reduce number of IO pins to 1 - regmap: fix alignment issue - [arm64,armhf] drm/tegra: hub: Do not enable orphaned window group - [arm64,armhf] gpu: host1x: Detach driver on unregister - spi: spidev: fix a race between spidev_release and spidev_remove - spi: spidev: fix a potential use-after-free in spidev_release() - ixgbe: protect ring accesses with READ- and WRITE_ONCE - i40e: protect ring accesses with READ- and WRITE_ONCE - [x86] drm: panel-orientation-quirks: Add quirk for Asus T101HA panel - [x86] drm: panel-orientation-quirks: Use generic orientation-data for Acer S1003 - cifs: update ctime and mtime during truncate - [armhf] imx6: add missing put_device() call in imx6q_suspend_init() - scsi: mptscsih: Fix read sense data size - [arm64] usb: dwc3: pci: Fix reference count leak in dwc3_pci_resume_work - block: release bip in a right way in error path - nvme-rdma: assign completion vector correctly - [x86] entry: Increase entry_stack size to a full page - net: cxgb4: fix return error value in t4_prep_fw - smsc95xx: check return value of smsc95xx_reset - smsc95xx: avoid memory leak in smsc95xx_bind - [arm64] net: hns3: fix use-after-free when doing self test - [x86] ALSA: compress: fix partial_drain completion state - nbd: Fix memory leak in nbd_add_socket - cxgb4: fix all-mask IP address comparison - bnxt_en: fix NULL dereference in case SR-IOV configuration fails - [arm64] net: macb: mark device wake capable when "magic-packet" property present - ALSA: opl3: fix infoleak in opl3 - ALSA: hda - let hs_mic be picked ahead of hp_mic - ALSA: usb-audio: add quirk for MacroSilicon MS2109 - [arm64] KVM: Fix definition of PAGE_HYP_DEVICE - [arm64] KVM: Stop clobbering x0 for HVC_SOFT_RESTART - [x86] KVM: bit 8 of non-leaf PDPEs is not reserved - [x86] KVM: Inject #GP if guest attempts to toggle CR4.LA57 in 64-bit mode - [x86] KVM: Mark CR4.TSD as being possibly owned by the guest - kallsyms: Refactor kallsyms_show_value() to take cred - kernel: module: Use struct_size() helper - module: Refactor section attr into bin attribute - module: Do not expose section addresses to non-CAP_SYSLOG - kprobes: Do not expose probe addresses to non-CAP_SYSLOG - bpf: Check correct cred for CAP_SYSLOG in bpf_dump_raw_ok() - btrfs: fix fatal extent_buffer readahead vs releasepage race - drm/radeon: fix double free - dm: use noio when sending kobject event - [s390x] mm: fix huge pte soft dirty copying https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.134 - perf: Make perf able to build with latest libbfd - genetlink: remove genl_bind - ipv4: fill fl4_icmp_{type,code} in ping_v4_sendmsg - l2tp: remove skb_dst_set() from l2tp_xmit_skb() - llc: make sure applications use ARPHRD_ETHER - net: Added pointer check for dst->ops->neigh_lookup in dst_neigh_lookup_skb - net_sched: fix a memory leak in atm_tc_init() - net: usb: qmi_wwan: add support for Quectel EG95 LTE modem - tcp: fix SO_RCVLOWAT possible hangs under high mem pressure - tcp: make sure listeners don't initialize congestion-control state - tcp: md5: add missing memory barriers in tcp_md5_do_add()/tcp_md5_hash_key() - tcp: md5: do not send silly options in SYNCOOKIES - tcp: md5: refine tcp_md5_do_add()/tcp_md5_hash_key() barriers - tcp: md5: allow changing MD5 keys in all socket states - cgroup: fix cgroup_sk_alloc() for sk_clone_lock() (CVE-2020-14356) (Closes: #966846) - cgroup: Fix sock_cgroup_data on big-endian. - sched: consistently handle layer3 header accesses in the presence of VLANs - vlan: consolidate VLAN parsing code and limit max parsing depth - [arm64] drm/msm: fix potential memleak in error branch - [arm64] alternatives: use subsections for replacement sequences - [arm64,x86] tpm_tis: extra chip->ops check on error path in tpm_tis_core_init - gfs2: read-only mounts should grab the sd_freeze_gl glock - [i386] i2c: eg20t: Load module automatically if ID matches - [arm64] alternatives: don't patch up internal branches - [armhf] iio: mma8452: Add missed iio_device_unregister() call in mma8452_probe() - [armhf] net: dsa: bcm_sf2: Fix node reference count - of: of_mdio: Correct loop scanning logic - Revert "usb/ohci-platform: Fix a warning when hibernating" - [arm64,armhf] Revert "usb/xhci-plat: Set PM runtime as active on resume" - Revert "usb/ehci-platform: Set PM runtime as active on resume" - [arm64,armhf] net: sfp: add support for module quirks - [arm64,armhf] net: sfp: add some quirks for GPON modules - HID: quirks: Remove ITE 8595 entry from hid_have_special_driver - ALSA: usb-audio: Create a registration quirk for Kingston HyperX Amp (0951:16d8) - mmc: sdhci: do not enable card detect interrupt for gpio cd type - ALSA: usb-audio: Rewrite registration quirk handling - [x86] ACPI: video: Use native backlight on Acer Aspire 5783z - ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Alpha S - [x86] ACPI: video: Use native backlight on Acer TravelMate 5735Z - ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Flight S - [arm64,armhf] phy: sun4i-usb: fix dereference of pointer phy0 before it is null checked - [armhf] spi: spi-sun6i: sun6i_spi_transfer_one(): fix setting of clock rate - [x86] staging: comedi: verify array index is correct before using it - regmap: debugfs: Don't sleep while atomic for fast_io regmaps - [x86] copy_xstate_to_kernel: Fix typo which caused GDB regression - apparmor: ensure that dfa state tables have entries - perf stat: Zero all the 'ena' and 'run' array slot stats for interval mode - [armhf] mtd: rawnand: marvell: Use nand_cleanup() when the device is not yet registered - [armhf] mtd: rawnand: marvell: Fix probe error path - mtd: rawnand: timings: Fix default tR_max and tCCS_min timings - HID: magicmouse: do not set up autorepeat - HID: quirks: Always poll Obins Anne Pro 2 keyboard - HID: quirks: Ignore Simply Automated UPB PIM - ALSA: line6: Perform sanity check for each URB creation - ALSA: line6: Sync the pending work cancel at disconnection - ALSA: usb-audio: Fix race against the error recovery URB submission - [x86] ALSA: hda/realtek - change to suitable link model for ASUS platform - [x86] ALSA: hda/realtek - Enable Speaker for ASUS UX533 and UX534 - [arm*] usb: dwc2: Fix shutdown callback in platform - [arm64,armhf] usb: chipidea: core: add wakeup support for extcon - USB: serial: iuu_phoenix: fix memory corruption - USB: serial: cypress_m8: enable Simply Automated UPB PIM - USB: serial: ch341: add new Product ID for CH340 - USB: serial: option: add GosunCn GM500 series - USB: serial: option: add Quectel EG95 LTE modem - [x86] virt: vbox: Fix VBGL_IOCTL_VMMDEV_REQUEST_BIG and _LOG req numbers to match upstream - [x86] virt: vbox: Fix guest capabilities mask check - [arm64] virtio: virtio_console: add missing MODULE_DEVICE_TABLE() for rproc serial - ovl: inode reference leak in ovl_is_inuse true case. - ovl: relax WARN_ON() when decoding lower directory file handle - ovl: fix unneeded call to ovl_change_flags() - fuse: Fix parameter for FS_IOC_{GET,SET}FLAGS - Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()" (CVE-2020-10781) - [x86] mei: bus: don't clean driver pointer - timer: Prevent base->clk from moving backward - timer: Fix wheel index calculation on last level - [mips*] Fix build for LTS kernel caused by backporting lpj adjustment - hwmon: (emc2103) fix unable to change fan pwm1_enable attribute - [powerpc*] book3s64/pkeys: Fix pkey_access_permitted() for execute disable pkey - [x86] intel_th: pci: Add Jasper Lake CPU support - [x86] intel_th: pci: Add Tiger Lake PCH-H support - [x86] intel_th: pci: Add Emmitsburg PCH support - [x86] intel_th: Fix a NULL dereference when hub driver is not loaded - [arm*] thermal/drivers/cpufreq_cooling: Fix wrong frequency converted from power - [arm64] ptrace: Override SPSR.SS when single-stepping is enabled - [arm64] ptrace: Consistently use pseudo-singlestep exceptions - [arm64] compat: Ensure upper 32 bits of x0 are zero on syscall return - sched: Fix unreliable rseq cpu_id for new tasks - sched/fair: handle case of task_h_load() returning 0 - genirq/affinity: Handle affinity setting on inactive interrupts correctly - printk: queue wake_up_klogd irq_work only if per-CPU areas are ready - libceph: don't omit recovery_deletes in target_copy() - rxrpc: Fix trace string https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.135 - mac80211: allow rx of mesh eapol frames with default rx key - scsi: scsi_transport_spi: Fix function pointer check - net: sky2: initialize return of gm_phy_read - drm/nouveau/i2c/g94-: increase NV_PMGR_DP_AUXCTL_TRANSACTREQ timeout - fuse: fix weird page warning - [x86] irqdomain/treewide: Keep firmware node unconditionally allocated - SUNRPC reverting d03727b248d0 ("NFSv4 fix CLOSE not waiting for direct IO compeletion") - tipc: clean up skb list lock handling on send path - IB/umem: fix reference count leak in ib_umem_odp_get() - uprobes: Change handle_swbp() to send SIGTRAP with si_code=SI_KERNEL, to fix GDB regression - ALSA: info: Drop WARN_ON() from buffer NULL sanity check - btrfs: fix double free on ulist after backref resolution failure - btrfs: fix mount failure caused by race with umount - btrfs: fix page leaks after failure to lock page for delalloc - bnxt_en: Fix race when modifying pause settings. - [x86] hippi: Fix a size used in a 'pci_free_consistent()' in an error handling path - ax88172a: fix ax88172a_unbind() failures - ieee802154: fix one possible memleak in adf7242_probe - [arm64,armhf] drm: sun4i: hdmi: Fix inverted HPD result - [arm64,armhf] net: smc91x: Fix possible memory leak in smc_drv_probe() - bonding: check error value of register_netdevice() immediately - qed: suppress "don't support RoCE & iWARP" flooding on HW init - ipvs: fix the connection sync failed in some cases - bonding: check return value of register_netdevice() in bond_newlink() - serial: exar: Fix GPIO configuration for Sealevel cards based on XR17V35X - [arm64,x86] HID: i2c-hid: add Mediacom FlexBook edge13 to descriptor override - HID: alps: support devices with report id 2 - HID: steam: fixes race in handling device list. - HID: apple: Disable Fn-key key-re-mapping on clone keyboards - [arm64] dmaengine: tegra210-adma: Fix runtime PM imbalance on error - Input: add `SW_MACHINE_COVER` - regmap: dev_get_regmap_match(): fix string comparison - hwmon: (aspeed-pwm-tacho) Avoid possible buffer overflow - [amd64] dmaengine: ioat setting ioat timeout as module parameter - [x86] Input: synaptics - enable InterTouch for ThinkPad X1E 1st gen - [arm64] Use test_tsk_thread_flag() for checking TIF_SINGLESTEP - [arm*] binder: Don't use mmput() from shrinker function. - usb: xhci: Fix ASM2142/ASM3142 DMA addressing - Revert "cifs: Fix the target file was deleted when rename failed." (Closes: #966917) - [x86] staging: wlan-ng: properly check endpoint types - [x86] staging: comedi: addi_apci_1032: check INSN_CONFIG_DIGITAL_TRIG shift - [x86] staging: comedi: ni_6527: fix INSN_CONFIG_DIGITAL_TRIG support - [x86] staging: comedi: addi_apci_1500: check INSN_CONFIG_DIGITAL_TRIG shift - [x86] staging: comedi: addi_apci_1564: check INSN_CONFIG_DIGITAL_TRIG shift - serial: 8250: fix null-ptr-deref in serial8250_start_tx() - fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins. - vt: Reject zero-sized screen buffer size. - mm/memcg: fix refcount error while moving and swapping - mm: memcg/slab: synchronize access to kmem_cache dying flag using a spinlock - mm: memcg/slab: fix memory leak at non-root kmem_cache destroy - io-mapping: indicate mapping failure - drm/amdgpu: Fix NULL dereference in dpm sysfs handlers - [x86] vmlinux.lds: Page-align end of ..page_aligned sections - [x86] ASoC: rt5670: Add new gpio1_is_ext_spk_en quirk and enable it on the Lenovo Miix 2 10 - dm integrity: fix integrity recalculation that is improperly skipped - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb - ath9k: Fix regression with Atheros 9271 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.136 - AX.25: Fix out-of-bounds read in ax25_connect() - AX.25: Prevent out-of-bounds read in ax25_sendmsg() - dev: Defer free of skbs in flush_backlog - ip6_gre: fix null-ptr-deref in ip6gre_init_net() - net-sysfs: add a newline when printing 'tx_timeout' by sysfs - net: udp: Fix wrong clean up for IS_UDPLITE macro - rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA - tcp: allow at most one TLP probe per flight - AX.25: Prevent integer overflows in connect and sendmsg - sctp: shrink stream outq only when new outcnt < old outcnt - sctp: shrink stream outq when fails to do addstream reconf - udp: Copy has_conns in reuseport_grow(). - udp: Improve load balancing for SO_REUSEPORT. - rtnetlink: Fix memory(net_device) leak when ->newlink fails - regmap: debugfs: check count when read regmap file https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.137 - [x86] crypto: ccp - Release all allocated memory if sha type is invalid (CVE-2019-18808) - media: rc: prevent memory leak in cx23888_ir_probe (CVE-2019-19054) - iio: imu: adis16400: fix memory leak (CVE-2019-19061) - [x86] drm/amdgpu: fix multiple memory leaks in acp_hw_init (CVE-2019-19067) - tracing: Have error path in predicate_parse() free its allocated memory (CVE-2019-19072) - ath9k_htc: release allocated buffer if timed out (CVE-2019-19073) - ath9k: release allocated buffer if timed out (CVE-2019-19074) - drm/amd/display: prevent memory leak (CVE-2019-19082) - btrfs: inode: Verify inode mode to avoid NULL pointer dereference (CVE-2019-19813, CVE-2019-19816) - sctp: implement memory accounting on tx path (CVE-2019-3874) - Btrfs: fix selftests failure due to uninitialized i_mode in test inodes - PCI/ASPM: Disable ASPM on ASMedia ASM1083/1085 PCIe-to-PCI bridge - 9p/trans_fd: Fix concurrency del of req_list in p9_fd_cancelled/p9_read_work - wireless: Use offsetof instead of custom macro. - [armel,armhf] 8986/1: hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints - Revert "drm/amdgpu: Fix NULL dereference in dpm sysfs handlers" - drm/amdgpu: Prevent kernel-infoleak in amdgpu_info_ioctl() - drm: hold gem reference until object is no longer accessed - rds: Prevent kernel-infoleak in rds_notify_queue_get() - xfs: fix missed wakeup on l_flush_wait - xfrm: Fix crash when the hold queue is used. - net/mlx5: Verify Hardware supports requested ptp function on a given pin - net: lan78xx: add missing endpoint sanity check - net: lan78xx: fix transfer-buffer memory leak - mlx4: disable device on shutdown - bpf: Fix map leak in HASH_OF_MAPS map - mac80211: mesh: Free ie data when leaving mesh - mac80211: mesh: Free pending skb when destroying a mpath - [arm64] alternatives: move length validation inside the subsection - [arm64] csum: Fix handling of bad packets - Bluetooth: fix kernel oops in store_pending_adv_report - net/mlx5e: fix bpf_prog reference count leaks in mlx5e_alloc_rq - qed: Disable "MFW indication via attention" SPAM every 5 minutes - [amd64] x86/unwind/orc: Fix ORC for newly forked tasks - cxgb4: add missing release on skb in uld_send() - xen-netfront: fix potential deadlock in xennet_remove() - [x86] KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled - [x86] i8259: Use printk_deferred() to prevent deadlock https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.138 - random32: update the net random state on interrupt and activity (CVE-2020-16166) - [armel] ARM: percpu.h: fix build error - random: fix circular include dependency on arm64 after addition of percpu.h - random32: remove net_rand_state from the latent entropy gcc plugin - random32: move the pseudo-random 32-bit definitions to prandom.h - ext4: fix direct I/O read error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.139 - USB: serial: qcserial: add EM7305 QDL product ID - USB: iowarrior: fix up report size handling for some devices - usb: xhci: define IDs for various ASMedia host controllers - usb: xhci: Fix ASMedia ASM1142 DMA addressing - Revert "ALSA: hda: call runtime_allow() for all hda controllers" - [arm*] staging: android: ashmem: Fix lockdep warning for write operation - Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_evt() - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt() - [arm*] binder: Prevent context manager from incrementing ref 0 - vgacon: Fix for missing check in scrollback handling (CVE-2020-14331) - mtd: properly check all write ioctls for permissions - net/9p: validate fds in p9_fd_open - drm/nouveau/fbcon: fix module unload when fbcon init has failed for some reason - drm/nouveau/fbcon: zero-initialise the mode_cmd2 structure - usb: hso: check for return value in hso_serial_common_create() - firmware: Fix a reference count leak. - cfg80211: check vendor command doit pointer before use - igb: reinit_locked() should be called with rtnl_lock - atm: fix atm_dev refcnt leaks in atmtcp_remove_persistent - tools lib traceevent: Fix memory leak in process_dynamic_array_len - [x86] Drivers: hv: vmbus: Ignore CHANNELMSG_TL_CONNECT_RESULT(23) - xattr: break delegations in {set,remove}xattr - ipv4: Silence suspicious RCU usage warning - ipv6: fix memory leaks on IPV6_ADDRFORM path - vxlan: Ensure FDB dump is performed under RCU - net: lan78xx: replace bogus endpoint lookup - [x86] hv_netvsc: do not use VF device if link is down - net: gre: recompute gre csum for sctp over gre tunnels - [arm64] net: thunderx: use spin_lock_bh in nicvf_set_rx_mode_task() - openvswitch: Prevent kernel-infoleak in ovs_ct_put_key() - Revert "vxlan: fix tos value before xmit" - rxrpc: Fix race between recvmsg and sendmsg on immediate call failure - i40e: add num_vectors checker in iwarp handler - i40e: Wrong truncation from u16 to u8 - i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c - i40e: Memory leak in i40e_config_iwarp_qvlist https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.140 - tracepoint: Mark __tracepoint_string's __used - HID: input: Fix devices that return multiple bytes in battery report - cgroup: add missing skcd->no_refcnt check in cgroup_sk_clone() - [x86] mce/inject: Fix a wrong assignment of i_mce.status - sched/fair: Fix NOHZ next idle balance - sched: correct SD_flags returned by tl->sd_flags() - EDAC: Fix reference count leaks - [x86] platform/x86: intel-hid: Fix return value check in check_acpi_dev() - [x86] platform/x86: intel-vbtn: Fix return value check in check_acpi_dev() - [armhf] drm/tilcdc: fix leak & null ref in panel_connector_get_modes - Bluetooth: add a mutex lock to avoid UAF in do_enale_set - loop: be paranoid on exit and prevent new additions / removals - fs/btrfs: Add cond_resched() for try_release_extent_mapping() stalls - drm/amdgpu: avoid dereferencing a NULL pointer - drm/radeon: Fix reference count leaks caused by pm_runtime_get_sync - [x86] crypto: aesni - Fix build with LLVM_IAS=1 - video: fbdev: neofb: fix memory leak in neo_scan_monitor() - md-cluster: fix wild pointer of unlock_all_bitmaps() - [arm64] dts: hisilicon: hikey: fixes to comply with adi, adv7533 DT binding - [armhf] drm/etnaviv: fix ref count leak via pm_runtime_get_sync - drm/nouveau: fix multiple instances of reference count leaks - drm/debugfs: fix plain echo to connector "force" attribute - drm/radeon: disable AGP by default - mm/mmap.c: Add cond_resched() for exit_mmap() CPU stalls - brcmfmac: keep SDIO watchdog running when console_interval is non-zero - brcmfmac: To fix Bss Info flag definition Bug - brcmfmac: set state of hanger slot to FREE when flushing PSQ - iwlegacy: Check the return value of pcie_capability_read_*() - [arm64,armhf] gpu: host1x: debug: Fix multiple channels emitting messages simultaneously - usb: gadget: net2280: fix memory leak on probe error handling paths - dyndbg: fix a BUG_ON in ddebug_describe_flags - bcache: fix super block seq numbers comparision in register_cache_set() - [arm64,x86] ACPICA: Do not increment operation_region reference counts for field units - [arm64] drm/msm: ratelimit crtc event overflow error - [x86] agp/intel: Fix a memory leak on module initialisation failure - ath10k: Acquire tx_lock in tx error paths - [armhf] drm/etnaviv: Fix error path on failure to enable bus clk - [arm64] drm/arm: fix unintentional integer overflow on left shift - drm/mipi: use dcs write for mipi_dsi_dcs_set_tear_scanline - [powerpc*] cxl: Fix kobject memleak - drm/radeon: fix array out-of-bounds read and write issues - ipvs: allow connection reuse for unconfirmed conntrack - xfs: don't eat an EIO/ENOSPC writeback error when scrubbing data fork - xfs: fix reflink quota reservation accounting error - RDMA/rxe: Skip dgid check in loopback mode - PCI: Fix pci_cfg_wait queue locking problem - leds: core: Flush scheduled work for system suspend - [arm64,armhf] drm: panel: simple: Fix bpc for LG LB070WV8 panel - [armhf] phy: exynos5-usbdrd: Calibrating makes sense only for USB2.0 PHY - scsi: scsi_debug: Add check for sdebug_max_queue during module init - mwifiex: Prevent memory corruption handling keys - [powerpc*] vdso: Fix vdso cpu truncation - RDMA/qedr: SRQ's bug fixes - RDMA/rxe: Prevent access to wr->next ptr afrer wr is posted to send queue - [x86] staging: rtl8192u: fix a dubious looking mask before a shift - PCI/ASPM: Add missing newline in sysfs 'policy' - [powerpc*] book3s64/pkeys: Use PVR check instead of cpu feature - USB: serial: iuu_phoenix: fix led-activity helpers - usb: core: fix quirks_param_set() writing to a const pointer - [armhf] thermal: ti-soc-thermal: Fix reversed condition in ti_thermal_expose_sensor() - [mips*] OCTEON: add missing put_device() call in dwc3_octeon_device_init() - [arm*] usb: dwc2: Fix error path in gadget registration - [arm64,armhf] net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration - RDMA/core: Fix return error value in _ib_modify_qp() to negative - Bluetooth: hci_h5: Set HCI_UART_RESET_ON_INIT to correct flags - Bluetooth: hci_serdev: Only unregister device if it was registered - [x86] PCI: Release IVRS table in AMD ACS quirk - [s390x] qeth: don't process empty bridge port events - [arm64,armhf] wl1251: fix always return 0 error - [amd64] net: ethernet: aquantia: Fix wrong return value - liquidio: Fix wrong return value in cn23xx_get_pf_num() - dlm: Fix kobject memleak - ocfs2: fix unbalanced locking - [arm64,armhf] pinctrl-single: fix pcs_parse_pinconf() return value - svcrdma: Fix page leak in svc_rdma_recv_read_chunk() - [x86] fsgsbase/64: Fix NULL deref in 86_fsgsbase_read_task - [amd64] crypto: aesni - add compatibility with IAS - af_packet: TPACKET_V3: fix fill status rwlock imbalance - net/nfc/rawsock.c: add CAP_NET_RAW check. - net: Set fput_needed iff FDPUT_FPUT is set - net: refactor bind_bucket fastreuse into helper - net: initialize fastreuse on inet_inherit_port - USB: serial: cp210x: re-enable auto-RTS on open - USB: serial: cp210x: enable usb generic throttle/unthrottle - [x86] ALSA: hda - fix the micmute led status for Lenovo ThinkCentre AIO - ALSA: usb-audio: Creative USB X-Fi Pro SB1095 volume knob support - ALSA: usb-audio: fix overeager device match for MacroSilicon MS2109 - ALSA: usb-audio: work around streaming quirk for MacroSilicon MS2109 - [x86] crypto: qat - fix double free in qat_uclo_create_batch_init_list - [x86] crypto: ccp - Fix use of merged scatterlists - [arm64] crypto: cpt - don't sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified - bitfield.h: don't compile-time validate _val in FIELD_FIT - fs/minix: check return value of sb_getblk() - fs/minix: don't allow getting deleted inodes - fs/minix: reject too-large maximum file size - ALSA: usb-audio: add quirk for Pioneer DDJ-RB - 9p: Fix memory leak in v9fs_mount - drm/ttm/nouveau: don't call tt destroy callback on alloc failure. - NFS: Don't move layouts to plh_return_segs list while in use - NFS: Don't return layout segments that are in use - [arm64] cpufreq: dt: fix oops on armada37xx - include/asm-generic/vmlinux.lds.h: align ro_after_init - spi: spidev: Align buffers for DMA - [x86] irqdomain/treewide: Free firmware node after domain removal - xen/balloon: fix accounting in alloc_xenballooned_pages error path - xen/balloon: make the balloon wait interruptible https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.141 - smb3: warn on confusing error scenario with sec=krb5 - genirq/affinity: Make affinity setting if activated opt-in - [arm64,x86] PCI: hotplug: ACPI: Fix context refcounting in acpiphp_grab_context() - PCI: Mark AMD Navi10 GPU rev 0x00 ATS as broken - PCI: Add device even if driver attach failed - [arm64] PCI: qcom: Define some PARF params needed for ipq8064 SoC - [arm64] PCI: qcom: Add support for tx term offset for rev 2.1.0 - PCI: Probe bridge window attributes once at enumeration-time - btrfs: free anon block device right after subvolume deletion - btrfs: don't allocate anonymous block device for user invisible roots - btrfs: ref-verify: fix memory leak in add_block_entry - btrfs: don't traverse into the seed devices in show_devname - btrfs: open device without device_list_mutex - btrfs: fix messages after changing compression level by remount - btrfs: only search for left_info if there is no right_info in try_merge_free_space (CVE-2019-19448) - btrfs: fix memory leaks after failure to lookup checksums during inode logging - btrfs: fix return value mixup in btrfs_get_extent - cifs: Fix leak when handling lease break for cached root fid - [powerpc*] Allow 4224 bytes of stack expansion for the signal frame - [powerpc*] Fix circular dependency between percpu.h and mmu.h - [arm64] net: ethernet: stmmac: Disable hardware multicast filter - [arm64,armhf] net: stmmac: dwmac1000: provide multicast filter fallback - net/compat: Add missing sock updates for SCM_RIGHTS - md/raid5: Fix Force reconstruct-write io stuck in degraded raid5 - bcache: allocate meta data pages as compound pages - bcache: fix overflow in offset_to_stripe() - mac80211: fix misplaced while instead of if - driver core: Avoid binding drivers to dead devices - [mips*] CPU#0 is not hotpluggable - ocfs2: change slot number type s16 to u16 - mm/page_counter.c: fix protection usage propagation - ftrace: Setup correct FTRACE_FL_REGS flags for module - kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler - tracing/hwlat: Honor the tracing_cpumask - tracing: Use trace_sched_process_free() instead of exit() for pid tracing - [x86] watchdog: f71808e_wdt: indicate WDIOF_CARDRESET support in watchdog_info.options - [x86] watchdog: f71808e_wdt: remove use of wrong watchdog_info option - [x86] watchdog: f71808e_wdt: clear watchdog timeout occurred flag - [powerpc*] pseries: Fix 64 bit logical memory block panic - module: Correctly truncate sysfs sections output - [armhf] drm/imx: imx-ldb: Disable both channels for split mode in enc->disable() - RDMA/ipoib: Return void from ipoib_ib_dev_stop() - RDMA/ipoib: Fix ABBA deadlock with ipoib_reap_ah() - USB: serial: ftdi_sio: make process-packet buffer unsigned - USB: serial: ftdi_sio: clean up receive processing - [armhf] gpu: ipu-v3: image-convert: Combine rotate/no-rotate irq handlers - dm rq: don't call blk_mq_queue_stopped() in dm_stop_queue() - [amd64] iommu/vt-d: Enforce PASID devTLB field mask - scsi: lpfc: nvmet: Avoid hang / use-after-free again when destroying targetport - watchdog: initialize device before misc_register - Input: sentelic - fix error return when fsp_reg_write fails - [x86] drm/vmwgfx: Use correct vmw_legacy_display_unit pointer - [x86] drm/vmwgfx: Fix two list_for_each loop exit tests - [arm64] net: qcom/emac: add missed clk_disable_unprepare in error path of emac_clks_phase1_init - nfs: Fix getxattr kernel panic and memory overflow (CVE-2020-25212) - fs/minix: set s_maxbytes correctly - fs/minix: fix block limit check for V1 filesystems - fs/minix: remove expected error message in block_to_path() - fs/ufs: avoid potential u32 multiplication overflow - khugepaged: retract_page_tables() remember to test exit - [arm64] dts: marvell: espressobin: add ethernet alias - [x86] drm: Added orientation quirk for ASUS tablet model T103HAF https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.142 - drm/vgem: Replace opencoded version of drm_gem_dumb_map_offset() - perf probe: Fix memory leakage when the probe point is not found - khugepaged: khugepaged_test_exit() check mmget_still_valid() - khugepaged: adjust VM_BUG_ON_MM() in __khugepaged_enter() - btrfs: export helpers for subvolume name/id resolution - btrfs: don't show full path of bind mounts in subvol= - btrfs: Move free_pages_out label in inline extent handling branch in compress_file_range - btrfs: inode: fix NULL pointer dereference if inode doesn't need compression - btrfs: sysfs: use NOFS for device creation - romfs: fix uninitialized memory leak in romfs_dev_read() - kernel/relay.c: fix memleak on destroy relay channel - mm: include CMA pages in lowmem_reserve at boot - mm, page_alloc: fix core hung in free_pcppages_bulk() - ext4: fix checking of directory entry validity for inline directories - jbd2: add the missing unlock_buffer() in the error path of jbd2_write_superblock() - [s390x] scsi: zfcp: Fix use-after-free in request timeout handlers - kthread: Do not preempt current task if it is going to call schedule() - spi: Prevent adding devices below an unregistering controller - scsi: ufs: Add DELAY_BEFORE_LPM quirk for Micron devices - [arm*] scsi: target: tcmu: Fix crash in tcmu_flush_dcache_range on ARM - media: budget-core: Improve exception handling in budget_register() - Input: psmouse - add a newline when printing 'proto' by sysfs - svcrdma: Fix another Receive buffer leak - xfs: fix inode quota reservation checks - jffs2: fix UAF problem - ceph: fix use-after-free for fsc->mdsc - [x86] cpufreq: intel_pstate: Fix cpuinfo_max_freq when MSR_TURBO_RATIO_LIMIT is 0 - scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases - virtio_ring: Avoid loop when vq is broken in virtqueue_poll - xfs: Fix UBSAN null-ptr-deref in xfs_sysfs_init - fs/signalfd.c: fix inconsistent return codes for signalfd4 - ext4: fix potential negative array index in do_split() (CVE-2020-14314) - ext4: don't allow overlapping system zones - i40e: Set RX_ONLY mode for unicast promiscuous on VLAN - i40e: Fix crash during removing i40e driver - [armhf] net: fec: correct the error path for regulator disable in probe - bonding: show saner speed for broadcast mode - bonding: fix a potential double-unregister - [s390x] runtime_instrumentation: fix storage key handling - [s390x] ptrace: fix storage key handling - [x86] ASoC: intel: Fix memleak in sst_media_open - [amd64,arm64] vfio/type1: Add proper error unwind for vfio_iommu_replay() - [x86] kvm: Toggling CR4.SMAP does not load PDPTEs in PAE mode - [x86] kvm: Toggling CR4.PKE does not load PDPTEs in PAE mode - efi: avoid error message when booting under Xen - afs: Fix NULL deref in afs_dynroot_depopulate() - bonding: fix active-backup failover for current ARP slave - net: ena: Prevent reset after device destruction - [x86] hv_netvsc: Fix the queue_mapping in netvsc_vf_xmit() - [armhf] net: dsa: b53: check for timeout - [powerpc*] pseries: Do not initiate shutdown when system is running on UPS - efi: add missed destroy_workqueue when efisubsys_init fails - epoll: Keep a reference on files added to the check list - do_epoll_ctl(): clean the failure exits up a bit - mm/hugetlb: fix calculation of adjust_range_if_pmd_sharing_possible - xen: don't reschedule in preemption off sections - clk: Evict unregistered clks from parent caches - KVM: Pass MMU notifier range flags to kvm_unmap_hva_range() - [arm64] KVM: Only reschedule if MMU_NOTIFIER_RANGE_BLOCKABLE is not set https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.143 - [powerpc*] 64s: Don't init FSCR_DSCR in __init_FSCR() - gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY - net: Fix potential wrong skb->protocol in skb_vlan_untag() - net/smc: Prevent kernel-infoleak in __smc_diag_dump() - tipc: fix uninit skb->data in tipc_nl_compat_dumpit() - net: ena: Make missed_tx stat incremental - ipvlan: fix device features - [x86] mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs - [powerpc*] xive: Ignore kmemleak false positives - media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA value in debiirq() - blktrace: ensure our debugfs dir exists - scsi: target: tcmu: Fix crash on ARM during cmd completion - [arm*] iommu/iova: Don't BUG on invalid PFNs - [amd64] drm/amdkfd: Fix reference count leaks. - drm/radeon: fix multiple reference count leak - drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms - drm/amd/display: fix ref count leak in amdgpu_drm_ioctl - drm/amdgpu: fix ref count leak in amdgpu_display_crtc_set_config - drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails - scsi: lpfc: Fix shost refcount mismatch when deleting vport - xfs: Don't allow logging of XFS_ISTALE inodes - f2fs: fix error path in do_recover_data() - PCI: Fix pci_create_slot() reference count leak - rtlwifi: rtl8192cu: Prevent leaking urb - [mips*] vdso: Fix resource leaks in genvdso.c - cec-api: prevent leaking memory through hole in structure - HID: quirks: add NOGET quirk for Logitech GROUP - f2fs: fix use-after-free issue - drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open - drm/nouveau: fix reference count leak in nv50_disp_atomic_commit - drm/nouveau: Fix reference count leak in nouveau_connector_detect - btrfs: file: reserve qgroup space after the hole punch range is locked - scsi: iscsi: Do not put host in iscsi_set_flashnode_param() - ceph: fix potential mdsc use-after-free crash - scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del() - [x86] EDAC/ie31200: Fallback if host bridge device is already initialized - [arm64] KVM: Fix symbol dependency in __hyp_call_panic_nvhe - USB: sisusbvga: Fix a potential UB casued by left shifting a negative value - [arm64] drm/msm/adreno: fix updating ring fence - nvme-fc: Fix wrong return value in __nvme_fc_init_request() - null_blk: fix passing of REQ_FUA flag in null_handle_rq - jbd2: make sure jh have b_transaction set in refile/unfile_buffer - ext4: don't BUG on inconsistent journal feature - ext4: handle read only external journal device - jbd2: abort journal if free a async write error metadata buffer - ext4: handle option set by mount flags correctly - ext4: handle error of ext4_setup_system_zone() on remount - ext4: correctly restore system zone info when remount fails - fs: prevent BUG_ON in submit_bh_wbc() - [s390x] cio: add cond_resched() in the slow_eval_known_fn() loop - scsi: fcoe: Fix I/O path allocation - scsi: ufs: Fix possible infinite loop in ufshcd_hold - scsi: ufs: Improve interrupt handling for shared interrupts - scsi: ufs: Clean up completed request without interrupt notification - scsi: qla2xxx: Check if FW supports MQ before enabling - scsi: qla2xxx: Fix null pointer access during disconnect from subsystem - Revert "scsi: qla2xxx: Fix crash on qla2x00_mailbox_command" - macvlan: validate setting of multiple remote source MAC addresses - [powerpc*] perf: Fix soft lockups due to missed interrupt accounting - block: loop: set discard granularity and alignment for block device backed loop - [arm64,x86] HID: i2c-hid: Always sleep 60ms after I2C_HID_PWR_ON commands - blk-mq: order adding requests to hctx->dispatch and checking SCHED_RESTART - btrfs: reset compression level for lzo on remount - btrfs: fix space cache memory leak after transaction abort - fbcon: prevent user font height or width change from causing potential out-of-bounds access - vt: defer kfree() of vc_screenbuf in vc_do_resize() - vt_ioctl: change VT_RESIZEX ioctl to check for error return from vc_resize() - [armhf] serial: samsung: Removes the IRQ not found warning - [arm*] serial: pl011: Fix oops on -EPROBE_DEFER - [arm*] serial: pl011: Don't leak amba_ports entry on driver register error - serial: 8250_exar: Fix number of ports for Commtech PCIe cards - serial: 8250: change lock order in serial8250_do_startup() - writeback: Protect inode->i_io_list with inode->i_lock - writeback: Avoid skipping inode writeback - writeback: Fix sync livelock due to b_dirty_time processing - XEN uses irqdesc::irq_data_common::handler_data to store a per interrupt XEN data pointer which contains XEN specific information. - usb: host: xhci: fix ep context print mismatch in debugfs - xhci: Do warm-reset when both CAS and XDEV_RESUME are set - xhci: Always restore EP_SOFT_CLEAR_TOGGLE even if ep reset failed - PM: sleep: core: Fix the handling of pending runtime resume requests - device property: Fix the secondary firmware node handling in set_primary_fwnode() - [x86] genirq/matrix: Deal with the sillyness of for_each_cpu() on UP - drm/amdgpu: Fix buffer overflow in INFO ioctl - USB: yurex: Fix bad gfp argument - USB: quirks: Add no-lpm quirk for another Raydium touchscreen - USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D - [armhf] usb: host: ohci-exynos: Fix error handling in exynos_ohci_probe() - USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() - USB: cdc-acm: rework notification_buffer resizing - btrfs: check the right error variable in btrfs_del_dir_entries_in_log - [arm64,armhf] usb: dwc3: gadget: Don't setup more than requested - [arm64,armhf] usb: dwc3: gadget: Fix handling ZLP - [arm64,armhf] usb: dwc3: gadget: Handle ZLP for sg requests - [arm64,x86] tpm: Unify the mismatching TPM space buffer sizes - HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.144 - HID: core: Correctly handle ReportSize being zero - HID: core: Sanitize event code and type when mapping input - scsi: target: tcmu: Fix size in calls to tcmu_flush_dcache_range - scsi: target: tcmu: Optimize use of flush_dcache_page - [arm64] drm/msm: add shutdown support for display platform_driver - [x86] hwmon: (applesmc) check status earlier. - nvmet: Disable keep-alive timer when kato is cleared to 0h - [arm64] drm/msm/a6xx: fix gmu start on newer firmware - ceph: don't allow setlease on cephfs - cpuidle: Fixup IRQ state - [s390x] don't trace preemption in percpu macros - xen/xenbus: Fix granting of vmalloc'd memory - dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling - batman-adv: Avoid uninitialized chaddr when handling DHCP - batman-adv: bla: use netif_rx_ni when not in interrupt context - [mips*] mm: BMIPS5000 has inclusive physical caches - netfilter: nf_tables: add NFTA_SET_USERDATA if not null - netfilter: nf_tables: incorrect enum nft_list_attributes definition - netfilter: nf_tables: fix destination register zeroing - [arm64] net: hns: Fix memleak in hns_nic_dev_probe - [arm64,armhf] dmaengine: pl330: Fix burst length if burst size is smaller than bus width - gtp: add GTPA_LINK info to msg sent to userspace - bnxt_en: Don't query FW when netif_running() is false. - bnxt_en: Check for zero dir entries in NVRAM. - bnxt_en: Fix PCI AER error recovery flow - bnxt_en: fix HWRM error when querying VF temperature - xfs: fix boundary test in xfs_attr_shortform_verify (CVE-2020-14385) - bnxt: don't enable NAPI until rings are ready - netfilter: nfnetlink: nfnetlink_unicast() reports EAGAIN instead of ENOBUFS - nvmet-fc: Fix a missed _irqsave version of spin_lock in 'nvmet_fc_fod_op_done()' - net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init() - fix regression in "epoll: Keep a reference on files added to the check list" - xfs: fix xfs_bmap_validate_extent_raw when checking attr fork of rt files - tg3: Fix soft lockup when tg3_reset_task() fails. - [amd64] x86, fakenuma: Fix invalid starting node ID - [amd64] iommu/vt-d: Serialize IOMMU GCMD register modifications - [armhf] thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430 - xfs: don't update mtime on COW faults - btrfs: drop path before adding new uuid tree entry - vfio/type1: Support faulting PFNMAP vmas - vfio-pci: Fault mmaps to enable vma tracking - vfio-pci: Invalidate mmaps and block MMIO access on disabled memory (CVE-2020-12888) - btrfs: Remove redundant extent_buffer_get in get_old_root - btrfs: Remove extraneous extent_buffer_get from tree_mod_log_rewind - btrfs: set the lockdep class for log tree extent buffers - uaccess: Add non-pagefault user-space read functions - uaccess: Add non-pagefault user-space write function - btrfs: fix potential deadlock in the search ioctl - net: usb: qmi_wwan: add Telit 0x1050 composition - usb: qmi_wwan: add D-Link DWM-222 A2 device ID - ALSA: ca0106: fix error code handling - ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check - [x86] ALSA: hda/hdmi: always check pin power status in i915 pin fixup - ALSA: firewire-digi00x: exclude Avid Adrenaline from detection - [x86] ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO - media: rc: do not access device via sysfs after rc_unregister_device() - media: rc: uevent sysfs file races with rc_unregister_device() - affs: fix basic permission bits to actually work - block: allow for_each_bvec to support zero len bvec - libata: implement ATA_HORKAGE_MAX_TRIM_128M and apply to Sandisks - dm writecache: handle DAX to partitions on persistent memory correctly - dm cache metadata: Avoid returning cmd->bm wild pointer on error - dm thin metadata: Avoid returning cmd->bm wild pointer on error - mm: slub: fix conversion of freelist_corrupted() - [arm64] KVM: Add kvm_extable for vaxorcism code - [arm64] KVM: Defer guest entry when an asynchronous exception is pending - [arm64] KVM: Survive synchronous exceptions caused by AT instructions - [arm64] KVM: Set HCR_EL2.PTW to prevent AT taking synchronous exception - vfio/pci: Fix SR-IOV VF handling with MMIO blocking - checkpatch: fix the usage of capture group ( ... ) - mm/hugetlb: fix a race between hugetlb sysctl handlers (CVE-2020-25285) - cfg80211: regulatory: reject invalid hints - net: usb: Fix uninit-was-stored issue in asix_read_phy_addr() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.145 - ALSA; firewire-tascam: exclude Tascam FE-8 from detection - block: ensure bdi->io_pages is always initialized - net: usb: dm9601: Add USB ID of Keenetic Plus DSL - sctp: not disable bh in the whole sctp_get_port_local() - tipc: fix shutdown() of connectionless socket - net: disable netpoll on fresh napis - [arm64,armhf] net/mlx5e: Don't support phys switch id if not in switchdev mode https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.146 - RDMA/rxe: Fix memleak in rxe_mem_init_user - RDMA/rxe: Drop pointless checks in rxe_init_ports - [armhf] drm/sun4i: Fix dsi dcs long write function - scsi: libsas: Set data_dir as DMA_NONE if libata marks qc as NODATA - RDMA/core: Fix reported speed and width - [arm64] mmc: sdhci-msm: Add retries when all tuning phases are found valid - [arm64,x86] dmaengine: acpi: Put the CSRT table after using it - netfilter: conntrack: allow sctp hearbeat after connection re-use - [x86] firestream: Fix memleak in fs_open - [arm64,armhf] ALSA: hda: Fix 2 channel swapping for Tegra - xfs: initialize the shortform attr header padding entry - nvme-fabrics: don't check state NVME_CTRL_NEW for request acceptance - nvme-rdma: serialize controller teardown sequences - HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for all Saitek X52 devices - [ppc64el,x86] drivers/net/wan/hdlc_cisco: Add hard_header_len - HID: elan: Fix memleak in elan_input_configured - [x86] cpufreq: intel_pstate: Refuse to turn off with HWP enabled - [x86] cpufreq: intel_pstate: Fix intel_pstate_get_hwp_max() for turbo disabled - ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled - [amd64] iommu/amd: Do not use IOMMUv2 functionality when SME is active - [x86] iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak. - [x86] iio:magnetometer:ak8975 Fix alignment and data leak issues. - [armhf] iio:accel:mma8452: Fix timestamp alignment and prevent data leak. - [x86] staging: wlan-ng: fix out of bounds read in prism2sta_probe_usb() - btrfs: require only sector size alignment for parent eb bytenr - btrfs: fix lockdep splat in add_missing_dev - btrfs: fix wrong address when faulting in pages in the search ioctl - regulator: push allocation in set_consumer_device_supply() out of lock - scsi: target: iscsi: Fix data digest calculation - scsi: target: iscsi: Fix hang in iscsit_access_np() when getting tpg->np_login_sem - [arm64] drm/msm: Disable preemption on all 5xx targets - rbd: require global CAP_SYS_ADMIN for mapping and unmapping (CVE-2020-25284) - RDMA/rxe: Fix the parent sysfs read when the interface has 15 chars - vgacon: remove software scrollback support - fbcon: remove soft scrollback code (CVE-2020-14390) - fbcon: remove now unusued 'softback_lines' cursor() argument - [x86] KVM: VMX: Don't freeze guest when event delivery causes an APIC-access exit - [x86] video: fbdev: fix OOB read in vga_8planes_imageblit() - [arm64] phy: qcom-qmp: Use correct values for ipq8074 PCIe Gen2 PHY init - usb: core: fix slab-out-of-bounds Read in read_descriptors - USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter - USB: serial: option: support dynamic Quectel USB compositions - USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules - usb: Fix out of sync data toggle if a configured device is reconfigured - [x86] usb: typec: ucsi: acpi: Check the _DEP dependencies . [ Salvatore Bonaccorso ] * Bump ABI to 11 * Drop 'Revert "mips: Add udelay lpj numbers adjustment"' * [rt] Update to 4.19.135-rt60 * [rt] Refresh "net: Use skbufhead with raw lock" for context changes in 4.19.136 * [rt] Refresh "timers: Prepare for full preemption" for context changes in 4.19.138 * [rt] Refresh "timers: Redo the notification of canceling timers on -RT" for context changes in 4.19.138 * [rt] Refresh "watchdog: prevent deferral of watchdogd wakeup on RT" for context changes in 4.19.141 * Refresh "net: ena: fix crash during ena_remove()" for context changes in 4.19.142 * [rt] Refresh "Split IRQ-off and zone->lock while freeing pages from PCP list #1" for context changes in 4.19.142 * ACPI: configfs: Disallow loading ACPI tables when locked down (CVE-2020-15780) * [rt] Update to 4.19.142-rt63 * net/packet: fix overflow in tpacket_rcv (CVE-2020-14386) * debian/tests/python: pycodestyle: Increase max-line-length to 100. * gfs2: initialize transaction tr_ailX_lists earlier (Closes: #968567) linux-signed-i386 (4.19.146+1) buster; urgency=medium . * Sign kernel from linux 4.19.146-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.133 - [s390x] KVM: s390: reduce number of IO pins to 1 - regmap: fix alignment issue - [arm64,armhf] drm/tegra: hub: Do not enable orphaned window group - [arm64,armhf] gpu: host1x: Detach driver on unregister - spi: spidev: fix a race between spidev_release and spidev_remove - spi: spidev: fix a potential use-after-free in spidev_release() - ixgbe: protect ring accesses with READ- and WRITE_ONCE - i40e: protect ring accesses with READ- and WRITE_ONCE - [x86] drm: panel-orientation-quirks: Add quirk for Asus T101HA panel - [x86] drm: panel-orientation-quirks: Use generic orientation-data for Acer S1003 - cifs: update ctime and mtime during truncate - [armhf] imx6: add missing put_device() call in imx6q_suspend_init() - scsi: mptscsih: Fix read sense data size - [arm64] usb: dwc3: pci: Fix reference count leak in dwc3_pci_resume_work - block: release bip in a right way in error path - nvme-rdma: assign completion vector correctly - [x86] entry: Increase entry_stack size to a full page - net: cxgb4: fix return error value in t4_prep_fw - smsc95xx: check return value of smsc95xx_reset - smsc95xx: avoid memory leak in smsc95xx_bind - [arm64] net: hns3: fix use-after-free when doing self test - [x86] ALSA: compress: fix partial_drain completion state - nbd: Fix memory leak in nbd_add_socket - cxgb4: fix all-mask IP address comparison - bnxt_en: fix NULL dereference in case SR-IOV configuration fails - [arm64] net: macb: mark device wake capable when "magic-packet" property present - ALSA: opl3: fix infoleak in opl3 - ALSA: hda - let hs_mic be picked ahead of hp_mic - ALSA: usb-audio: add quirk for MacroSilicon MS2109 - [arm64] KVM: Fix definition of PAGE_HYP_DEVICE - [arm64] KVM: Stop clobbering x0 for HVC_SOFT_RESTART - [x86] KVM: bit 8 of non-leaf PDPEs is not reserved - [x86] KVM: Inject #GP if guest attempts to toggle CR4.LA57 in 64-bit mode - [x86] KVM: Mark CR4.TSD as being possibly owned by the guest - kallsyms: Refactor kallsyms_show_value() to take cred - kernel: module: Use struct_size() helper - module: Refactor section attr into bin attribute - module: Do not expose section addresses to non-CAP_SYSLOG - kprobes: Do not expose probe addresses to non-CAP_SYSLOG - bpf: Check correct cred for CAP_SYSLOG in bpf_dump_raw_ok() - btrfs: fix fatal extent_buffer readahead vs releasepage race - drm/radeon: fix double free - dm: use noio when sending kobject event - [s390x] mm: fix huge pte soft dirty copying https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.134 - perf: Make perf able to build with latest libbfd - genetlink: remove genl_bind - ipv4: fill fl4_icmp_{type,code} in ping_v4_sendmsg - l2tp: remove skb_dst_set() from l2tp_xmit_skb() - llc: make sure applications use ARPHRD_ETHER - net: Added pointer check for dst->ops->neigh_lookup in dst_neigh_lookup_skb - net_sched: fix a memory leak in atm_tc_init() - net: usb: qmi_wwan: add support for Quectel EG95 LTE modem - tcp: fix SO_RCVLOWAT possible hangs under high mem pressure - tcp: make sure listeners don't initialize congestion-control state - tcp: md5: add missing memory barriers in tcp_md5_do_add()/tcp_md5_hash_key() - tcp: md5: do not send silly options in SYNCOOKIES - tcp: md5: refine tcp_md5_do_add()/tcp_md5_hash_key() barriers - tcp: md5: allow changing MD5 keys in all socket states - cgroup: fix cgroup_sk_alloc() for sk_clone_lock() (CVE-2020-14356) (Closes: #966846) - cgroup: Fix sock_cgroup_data on big-endian. - sched: consistently handle layer3 header accesses in the presence of VLANs - vlan: consolidate VLAN parsing code and limit max parsing depth - [arm64] drm/msm: fix potential memleak in error branch - [arm64] alternatives: use subsections for replacement sequences - [arm64,x86] tpm_tis: extra chip->ops check on error path in tpm_tis_core_init - gfs2: read-only mounts should grab the sd_freeze_gl glock - [i386] i2c: eg20t: Load module automatically if ID matches - [arm64] alternatives: don't patch up internal branches - [armhf] iio: mma8452: Add missed iio_device_unregister() call in mma8452_probe() - [armhf] net: dsa: bcm_sf2: Fix node reference count - of: of_mdio: Correct loop scanning logic - Revert "usb/ohci-platform: Fix a warning when hibernating" - [arm64,armhf] Revert "usb/xhci-plat: Set PM runtime as active on resume" - Revert "usb/ehci-platform: Set PM runtime as active on resume" - [arm64,armhf] net: sfp: add support for module quirks - [arm64,armhf] net: sfp: add some quirks for GPON modules - HID: quirks: Remove ITE 8595 entry from hid_have_special_driver - ALSA: usb-audio: Create a registration quirk for Kingston HyperX Amp (0951:16d8) - mmc: sdhci: do not enable card detect interrupt for gpio cd type - ALSA: usb-audio: Rewrite registration quirk handling - [x86] ACPI: video: Use native backlight on Acer Aspire 5783z - ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Alpha S - [x86] ACPI: video: Use native backlight on Acer TravelMate 5735Z - ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Flight S - [arm64,armhf] phy: sun4i-usb: fix dereference of pointer phy0 before it is null checked - [armhf] spi: spi-sun6i: sun6i_spi_transfer_one(): fix setting of clock rate - [x86] staging: comedi: verify array index is correct before using it - regmap: debugfs: Don't sleep while atomic for fast_io regmaps - [x86] copy_xstate_to_kernel: Fix typo which caused GDB regression - apparmor: ensure that dfa state tables have entries - perf stat: Zero all the 'ena' and 'run' array slot stats for interval mode - [armhf] mtd: rawnand: marvell: Use nand_cleanup() when the device is not yet registered - [armhf] mtd: rawnand: marvell: Fix probe error path - mtd: rawnand: timings: Fix default tR_max and tCCS_min timings - HID: magicmouse: do not set up autorepeat - HID: quirks: Always poll Obins Anne Pro 2 keyboard - HID: quirks: Ignore Simply Automated UPB PIM - ALSA: line6: Perform sanity check for each URB creation - ALSA: line6: Sync the pending work cancel at disconnection - ALSA: usb-audio: Fix race against the error recovery URB submission - [x86] ALSA: hda/realtek - change to suitable link model for ASUS platform - [x86] ALSA: hda/realtek - Enable Speaker for ASUS UX533 and UX534 - [arm*] usb: dwc2: Fix shutdown callback in platform - [arm64,armhf] usb: chipidea: core: add wakeup support for extcon - USB: serial: iuu_phoenix: fix memory corruption - USB: serial: cypress_m8: enable Simply Automated UPB PIM - USB: serial: ch341: add new Product ID for CH340 - USB: serial: option: add GosunCn GM500 series - USB: serial: option: add Quectel EG95 LTE modem - [x86] virt: vbox: Fix VBGL_IOCTL_VMMDEV_REQUEST_BIG and _LOG req numbers to match upstream - [x86] virt: vbox: Fix guest capabilities mask check - [arm64] virtio: virtio_console: add missing MODULE_DEVICE_TABLE() for rproc serial - ovl: inode reference leak in ovl_is_inuse true case. - ovl: relax WARN_ON() when decoding lower directory file handle - ovl: fix unneeded call to ovl_change_flags() - fuse: Fix parameter for FS_IOC_{GET,SET}FLAGS - Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()" (CVE-2020-10781) - [x86] mei: bus: don't clean driver pointer - timer: Prevent base->clk from moving backward - timer: Fix wheel index calculation on last level - [mips*] Fix build for LTS kernel caused by backporting lpj adjustment - hwmon: (emc2103) fix unable to change fan pwm1_enable attribute - [powerpc*] book3s64/pkeys: Fix pkey_access_permitted() for execute disable pkey - [x86] intel_th: pci: Add Jasper Lake CPU support - [x86] intel_th: pci: Add Tiger Lake PCH-H support - [x86] intel_th: pci: Add Emmitsburg PCH support - [x86] intel_th: Fix a NULL dereference when hub driver is not loaded - [arm*] thermal/drivers/cpufreq_cooling: Fix wrong frequency converted from power - [arm64] ptrace: Override SPSR.SS when single-stepping is enabled - [arm64] ptrace: Consistently use pseudo-singlestep exceptions - [arm64] compat: Ensure upper 32 bits of x0 are zero on syscall return - sched: Fix unreliable rseq cpu_id for new tasks - sched/fair: handle case of task_h_load() returning 0 - genirq/affinity: Handle affinity setting on inactive interrupts correctly - printk: queue wake_up_klogd irq_work only if per-CPU areas are ready - libceph: don't omit recovery_deletes in target_copy() - rxrpc: Fix trace string https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.135 - mac80211: allow rx of mesh eapol frames with default rx key - scsi: scsi_transport_spi: Fix function pointer check - net: sky2: initialize return of gm_phy_read - drm/nouveau/i2c/g94-: increase NV_PMGR_DP_AUXCTL_TRANSACTREQ timeout - fuse: fix weird page warning - [x86] irqdomain/treewide: Keep firmware node unconditionally allocated - SUNRPC reverting d03727b248d0 ("NFSv4 fix CLOSE not waiting for direct IO compeletion") - tipc: clean up skb list lock handling on send path - IB/umem: fix reference count leak in ib_umem_odp_get() - uprobes: Change handle_swbp() to send SIGTRAP with si_code=SI_KERNEL, to fix GDB regression - ALSA: info: Drop WARN_ON() from buffer NULL sanity check - btrfs: fix double free on ulist after backref resolution failure - btrfs: fix mount failure caused by race with umount - btrfs: fix page leaks after failure to lock page for delalloc - bnxt_en: Fix race when modifying pause settings. - [x86] hippi: Fix a size used in a 'pci_free_consistent()' in an error handling path - ax88172a: fix ax88172a_unbind() failures - ieee802154: fix one possible memleak in adf7242_probe - [arm64,armhf] drm: sun4i: hdmi: Fix inverted HPD result - [arm64,armhf] net: smc91x: Fix possible memory leak in smc_drv_probe() - bonding: check error value of register_netdevice() immediately - qed: suppress "don't support RoCE & iWARP" flooding on HW init - ipvs: fix the connection sync failed in some cases - bonding: check return value of register_netdevice() in bond_newlink() - serial: exar: Fix GPIO configuration for Sealevel cards based on XR17V35X - [arm64,x86] HID: i2c-hid: add Mediacom FlexBook edge13 to descriptor override - HID: alps: support devices with report id 2 - HID: steam: fixes race in handling device list. - HID: apple: Disable Fn-key key-re-mapping on clone keyboards - [arm64] dmaengine: tegra210-adma: Fix runtime PM imbalance on error - Input: add `SW_MACHINE_COVER` - regmap: dev_get_regmap_match(): fix string comparison - hwmon: (aspeed-pwm-tacho) Avoid possible buffer overflow - [amd64] dmaengine: ioat setting ioat timeout as module parameter - [x86] Input: synaptics - enable InterTouch for ThinkPad X1E 1st gen - [arm64] Use test_tsk_thread_flag() for checking TIF_SINGLESTEP - [arm*] binder: Don't use mmput() from shrinker function. - usb: xhci: Fix ASM2142/ASM3142 DMA addressing - Revert "cifs: Fix the target file was deleted when rename failed." (Closes: #966917) - [x86] staging: wlan-ng: properly check endpoint types - [x86] staging: comedi: addi_apci_1032: check INSN_CONFIG_DIGITAL_TRIG shift - [x86] staging: comedi: ni_6527: fix INSN_CONFIG_DIGITAL_TRIG support - [x86] staging: comedi: addi_apci_1500: check INSN_CONFIG_DIGITAL_TRIG shift - [x86] staging: comedi: addi_apci_1564: check INSN_CONFIG_DIGITAL_TRIG shift - serial: 8250: fix null-ptr-deref in serial8250_start_tx() - fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins. - vt: Reject zero-sized screen buffer size. - mm/memcg: fix refcount error while moving and swapping - mm: memcg/slab: synchronize access to kmem_cache dying flag using a spinlock - mm: memcg/slab: fix memory leak at non-root kmem_cache destroy - io-mapping: indicate mapping failure - drm/amdgpu: Fix NULL dereference in dpm sysfs handlers - [x86] vmlinux.lds: Page-align end of ..page_aligned sections - [x86] ASoC: rt5670: Add new gpio1_is_ext_spk_en quirk and enable it on the Lenovo Miix 2 10 - dm integrity: fix integrity recalculation that is improperly skipped - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb - ath9k: Fix regression with Atheros 9271 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.136 - AX.25: Fix out-of-bounds read in ax25_connect() - AX.25: Prevent out-of-bounds read in ax25_sendmsg() - dev: Defer free of skbs in flush_backlog - ip6_gre: fix null-ptr-deref in ip6gre_init_net() - net-sysfs: add a newline when printing 'tx_timeout' by sysfs - net: udp: Fix wrong clean up for IS_UDPLITE macro - rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA - tcp: allow at most one TLP probe per flight - AX.25: Prevent integer overflows in connect and sendmsg - sctp: shrink stream outq only when new outcnt < old outcnt - sctp: shrink stream outq when fails to do addstream reconf - udp: Copy has_conns in reuseport_grow(). - udp: Improve load balancing for SO_REUSEPORT. - rtnetlink: Fix memory(net_device) leak when ->newlink fails - regmap: debugfs: check count when read regmap file https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.137 - [x86] crypto: ccp - Release all allocated memory if sha type is invalid (CVE-2019-18808) - media: rc: prevent memory leak in cx23888_ir_probe (CVE-2019-19054) - iio: imu: adis16400: fix memory leak (CVE-2019-19061) - [x86] drm/amdgpu: fix multiple memory leaks in acp_hw_init (CVE-2019-19067) - tracing: Have error path in predicate_parse() free its allocated memory (CVE-2019-19072) - ath9k_htc: release allocated buffer if timed out (CVE-2019-19073) - ath9k: release allocated buffer if timed out (CVE-2019-19074) - drm/amd/display: prevent memory leak (CVE-2019-19082) - btrfs: inode: Verify inode mode to avoid NULL pointer dereference (CVE-2019-19813, CVE-2019-19816) - sctp: implement memory accounting on tx path (CVE-2019-3874) - Btrfs: fix selftests failure due to uninitialized i_mode in test inodes - PCI/ASPM: Disable ASPM on ASMedia ASM1083/1085 PCIe-to-PCI bridge - 9p/trans_fd: Fix concurrency del of req_list in p9_fd_cancelled/p9_read_work - wireless: Use offsetof instead of custom macro. - [armel,armhf] 8986/1: hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints - Revert "drm/amdgpu: Fix NULL dereference in dpm sysfs handlers" - drm/amdgpu: Prevent kernel-infoleak in amdgpu_info_ioctl() - drm: hold gem reference until object is no longer accessed - rds: Prevent kernel-infoleak in rds_notify_queue_get() - xfs: fix missed wakeup on l_flush_wait - xfrm: Fix crash when the hold queue is used. - net/mlx5: Verify Hardware supports requested ptp function on a given pin - net: lan78xx: add missing endpoint sanity check - net: lan78xx: fix transfer-buffer memory leak - mlx4: disable device on shutdown - bpf: Fix map leak in HASH_OF_MAPS map - mac80211: mesh: Free ie data when leaving mesh - mac80211: mesh: Free pending skb when destroying a mpath - [arm64] alternatives: move length validation inside the subsection - [arm64] csum: Fix handling of bad packets - Bluetooth: fix kernel oops in store_pending_adv_report - net/mlx5e: fix bpf_prog reference count leaks in mlx5e_alloc_rq - qed: Disable "MFW indication via attention" SPAM every 5 minutes - [amd64] x86/unwind/orc: Fix ORC for newly forked tasks - cxgb4: add missing release on skb in uld_send() - xen-netfront: fix potential deadlock in xennet_remove() - [x86] KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled - [x86] i8259: Use printk_deferred() to prevent deadlock https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.138 - random32: update the net random state on interrupt and activity (CVE-2020-16166) - [armel] ARM: percpu.h: fix build error - random: fix circular include dependency on arm64 after addition of percpu.h - random32: remove net_rand_state from the latent entropy gcc plugin - random32: move the pseudo-random 32-bit definitions to prandom.h - ext4: fix direct I/O read error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.139 - USB: serial: qcserial: add EM7305 QDL product ID - USB: iowarrior: fix up report size handling for some devices - usb: xhci: define IDs for various ASMedia host controllers - usb: xhci: Fix ASMedia ASM1142 DMA addressing - Revert "ALSA: hda: call runtime_allow() for all hda controllers" - [arm*] staging: android: ashmem: Fix lockdep warning for write operation - Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_evt() - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt() - [arm*] binder: Prevent context manager from incrementing ref 0 - vgacon: Fix for missing check in scrollback handling (CVE-2020-14331) - mtd: properly check all write ioctls for permissions - net/9p: validate fds in p9_fd_open - drm/nouveau/fbcon: fix module unload when fbcon init has failed for some reason - drm/nouveau/fbcon: zero-initialise the mode_cmd2 structure - usb: hso: check for return value in hso_serial_common_create() - firmware: Fix a reference count leak. - cfg80211: check vendor command doit pointer before use - igb: reinit_locked() should be called with rtnl_lock - atm: fix atm_dev refcnt leaks in atmtcp_remove_persistent - tools lib traceevent: Fix memory leak in process_dynamic_array_len - [x86] Drivers: hv: vmbus: Ignore CHANNELMSG_TL_CONNECT_RESULT(23) - xattr: break delegations in {set,remove}xattr - ipv4: Silence suspicious RCU usage warning - ipv6: fix memory leaks on IPV6_ADDRFORM path - vxlan: Ensure FDB dump is performed under RCU - net: lan78xx: replace bogus endpoint lookup - [x86] hv_netvsc: do not use VF device if link is down - net: gre: recompute gre csum for sctp over gre tunnels - [arm64] net: thunderx: use spin_lock_bh in nicvf_set_rx_mode_task() - openvswitch: Prevent kernel-infoleak in ovs_ct_put_key() - Revert "vxlan: fix tos value before xmit" - rxrpc: Fix race between recvmsg and sendmsg on immediate call failure - i40e: add num_vectors checker in iwarp handler - i40e: Wrong truncation from u16 to u8 - i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c - i40e: Memory leak in i40e_config_iwarp_qvlist https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.140 - tracepoint: Mark __tracepoint_string's __used - HID: input: Fix devices that return multiple bytes in battery report - cgroup: add missing skcd->no_refcnt check in cgroup_sk_clone() - [x86] mce/inject: Fix a wrong assignment of i_mce.status - sched/fair: Fix NOHZ next idle balance - sched: correct SD_flags returned by tl->sd_flags() - EDAC: Fix reference count leaks - [x86] platform/x86: intel-hid: Fix return value check in check_acpi_dev() - [x86] platform/x86: intel-vbtn: Fix return value check in check_acpi_dev() - [armhf] drm/tilcdc: fix leak & null ref in panel_connector_get_modes - Bluetooth: add a mutex lock to avoid UAF in do_enale_set - loop: be paranoid on exit and prevent new additions / removals - fs/btrfs: Add cond_resched() for try_release_extent_mapping() stalls - drm/amdgpu: avoid dereferencing a NULL pointer - drm/radeon: Fix reference count leaks caused by pm_runtime_get_sync - [x86] crypto: aesni - Fix build with LLVM_IAS=1 - video: fbdev: neofb: fix memory leak in neo_scan_monitor() - md-cluster: fix wild pointer of unlock_all_bitmaps() - [arm64] dts: hisilicon: hikey: fixes to comply with adi, adv7533 DT binding - [armhf] drm/etnaviv: fix ref count leak via pm_runtime_get_sync - drm/nouveau: fix multiple instances of reference count leaks - drm/debugfs: fix plain echo to connector "force" attribute - drm/radeon: disable AGP by default - mm/mmap.c: Add cond_resched() for exit_mmap() CPU stalls - brcmfmac: keep SDIO watchdog running when console_interval is non-zero - brcmfmac: To fix Bss Info flag definition Bug - brcmfmac: set state of hanger slot to FREE when flushing PSQ - iwlegacy: Check the return value of pcie_capability_read_*() - [arm64,armhf] gpu: host1x: debug: Fix multiple channels emitting messages simultaneously - usb: gadget: net2280: fix memory leak on probe error handling paths - dyndbg: fix a BUG_ON in ddebug_describe_flags - bcache: fix super block seq numbers comparision in register_cache_set() - [arm64,x86] ACPICA: Do not increment operation_region reference counts for field units - [arm64] drm/msm: ratelimit crtc event overflow error - [x86] agp/intel: Fix a memory leak on module initialisation failure - ath10k: Acquire tx_lock in tx error paths - [armhf] drm/etnaviv: Fix error path on failure to enable bus clk - [arm64] drm/arm: fix unintentional integer overflow on left shift - drm/mipi: use dcs write for mipi_dsi_dcs_set_tear_scanline - [powerpc*] cxl: Fix kobject memleak - drm/radeon: fix array out-of-bounds read and write issues - ipvs: allow connection reuse for unconfirmed conntrack - xfs: don't eat an EIO/ENOSPC writeback error when scrubbing data fork - xfs: fix reflink quota reservation accounting error - RDMA/rxe: Skip dgid check in loopback mode - PCI: Fix pci_cfg_wait queue locking problem - leds: core: Flush scheduled work for system suspend - [arm64,armhf] drm: panel: simple: Fix bpc for LG LB070WV8 panel - [armhf] phy: exynos5-usbdrd: Calibrating makes sense only for USB2.0 PHY - scsi: scsi_debug: Add check for sdebug_max_queue during module init - mwifiex: Prevent memory corruption handling keys - [powerpc*] vdso: Fix vdso cpu truncation - RDMA/qedr: SRQ's bug fixes - RDMA/rxe: Prevent access to wr->next ptr afrer wr is posted to send queue - [x86] staging: rtl8192u: fix a dubious looking mask before a shift - PCI/ASPM: Add missing newline in sysfs 'policy' - [powerpc*] book3s64/pkeys: Use PVR check instead of cpu feature - USB: serial: iuu_phoenix: fix led-activity helpers - usb: core: fix quirks_param_set() writing to a const pointer - [armhf] thermal: ti-soc-thermal: Fix reversed condition in ti_thermal_expose_sensor() - [mips*] OCTEON: add missing put_device() call in dwc3_octeon_device_init() - [arm*] usb: dwc2: Fix error path in gadget registration - [arm64,armhf] net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration - RDMA/core: Fix return error value in _ib_modify_qp() to negative - Bluetooth: hci_h5: Set HCI_UART_RESET_ON_INIT to correct flags - Bluetooth: hci_serdev: Only unregister device if it was registered - [x86] PCI: Release IVRS table in AMD ACS quirk - [s390x] qeth: don't process empty bridge port events - [arm64,armhf] wl1251: fix always return 0 error - [amd64] net: ethernet: aquantia: Fix wrong return value - liquidio: Fix wrong return value in cn23xx_get_pf_num() - dlm: Fix kobject memleak - ocfs2: fix unbalanced locking - [arm64,armhf] pinctrl-single: fix pcs_parse_pinconf() return value - svcrdma: Fix page leak in svc_rdma_recv_read_chunk() - [x86] fsgsbase/64: Fix NULL deref in 86_fsgsbase_read_task - [amd64] crypto: aesni - add compatibility with IAS - af_packet: TPACKET_V3: fix fill status rwlock imbalance - net/nfc/rawsock.c: add CAP_NET_RAW check. - net: Set fput_needed iff FDPUT_FPUT is set - net: refactor bind_bucket fastreuse into helper - net: initialize fastreuse on inet_inherit_port - USB: serial: cp210x: re-enable auto-RTS on open - USB: serial: cp210x: enable usb generic throttle/unthrottle - [x86] ALSA: hda - fix the micmute led status for Lenovo ThinkCentre AIO - ALSA: usb-audio: Creative USB X-Fi Pro SB1095 volume knob support - ALSA: usb-audio: fix overeager device match for MacroSilicon MS2109 - ALSA: usb-audio: work around streaming quirk for MacroSilicon MS2109 - [x86] crypto: qat - fix double free in qat_uclo_create_batch_init_list - [x86] crypto: ccp - Fix use of merged scatterlists - [arm64] crypto: cpt - don't sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified - bitfield.h: don't compile-time validate _val in FIELD_FIT - fs/minix: check return value of sb_getblk() - fs/minix: don't allow getting deleted inodes - fs/minix: reject too-large maximum file size - ALSA: usb-audio: add quirk for Pioneer DDJ-RB - 9p: Fix memory leak in v9fs_mount - drm/ttm/nouveau: don't call tt destroy callback on alloc failure. - NFS: Don't move layouts to plh_return_segs list while in use - NFS: Don't return layout segments that are in use - [arm64] cpufreq: dt: fix oops on armada37xx - include/asm-generic/vmlinux.lds.h: align ro_after_init - spi: spidev: Align buffers for DMA - [x86] irqdomain/treewide: Free firmware node after domain removal - xen/balloon: fix accounting in alloc_xenballooned_pages error path - xen/balloon: make the balloon wait interruptible https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.141 - smb3: warn on confusing error scenario with sec=krb5 - genirq/affinity: Make affinity setting if activated opt-in - [arm64,x86] PCI: hotplug: ACPI: Fix context refcounting in acpiphp_grab_context() - PCI: Mark AMD Navi10 GPU rev 0x00 ATS as broken - PCI: Add device even if driver attach failed - [arm64] PCI: qcom: Define some PARF params needed for ipq8064 SoC - [arm64] PCI: qcom: Add support for tx term offset for rev 2.1.0 - PCI: Probe bridge window attributes once at enumeration-time - btrfs: free anon block device right after subvolume deletion - btrfs: don't allocate anonymous block device for user invisible roots - btrfs: ref-verify: fix memory leak in add_block_entry - btrfs: don't traverse into the seed devices in show_devname - btrfs: open device without device_list_mutex - btrfs: fix messages after changing compression level by remount - btrfs: only search for left_info if there is no right_info in try_merge_free_space (CVE-2019-19448) - btrfs: fix memory leaks after failure to lookup checksums during inode logging - btrfs: fix return value mixup in btrfs_get_extent - cifs: Fix leak when handling lease break for cached root fid - [powerpc*] Allow 4224 bytes of stack expansion for the signal frame - [powerpc*] Fix circular dependency between percpu.h and mmu.h - [arm64] net: ethernet: stmmac: Disable hardware multicast filter - [arm64,armhf] net: stmmac: dwmac1000: provide multicast filter fallback - net/compat: Add missing sock updates for SCM_RIGHTS - md/raid5: Fix Force reconstruct-write io stuck in degraded raid5 - bcache: allocate meta data pages as compound pages - bcache: fix overflow in offset_to_stripe() - mac80211: fix misplaced while instead of if - driver core: Avoid binding drivers to dead devices - [mips*] CPU#0 is not hotpluggable - ocfs2: change slot number type s16 to u16 - mm/page_counter.c: fix protection usage propagation - ftrace: Setup correct FTRACE_FL_REGS flags for module - kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler - tracing/hwlat: Honor the tracing_cpumask - tracing: Use trace_sched_process_free() instead of exit() for pid tracing - [x86] watchdog: f71808e_wdt: indicate WDIOF_CARDRESET support in watchdog_info.options - [x86] watchdog: f71808e_wdt: remove use of wrong watchdog_info option - [x86] watchdog: f71808e_wdt: clear watchdog timeout occurred flag - [powerpc*] pseries: Fix 64 bit logical memory block panic - module: Correctly truncate sysfs sections output - [armhf] drm/imx: imx-ldb: Disable both channels for split mode in enc->disable() - RDMA/ipoib: Return void from ipoib_ib_dev_stop() - RDMA/ipoib: Fix ABBA deadlock with ipoib_reap_ah() - USB: serial: ftdi_sio: make process-packet buffer unsigned - USB: serial: ftdi_sio: clean up receive processing - [armhf] gpu: ipu-v3: image-convert: Combine rotate/no-rotate irq handlers - dm rq: don't call blk_mq_queue_stopped() in dm_stop_queue() - [amd64] iommu/vt-d: Enforce PASID devTLB field mask - scsi: lpfc: nvmet: Avoid hang / use-after-free again when destroying targetport - watchdog: initialize device before misc_register - Input: sentelic - fix error return when fsp_reg_write fails - [x86] drm/vmwgfx: Use correct vmw_legacy_display_unit pointer - [x86] drm/vmwgfx: Fix two list_for_each loop exit tests - [arm64] net: qcom/emac: add missed clk_disable_unprepare in error path of emac_clks_phase1_init - nfs: Fix getxattr kernel panic and memory overflow (CVE-2020-25212) - fs/minix: set s_maxbytes correctly - fs/minix: fix block limit check for V1 filesystems - fs/minix: remove expected error message in block_to_path() - fs/ufs: avoid potential u32 multiplication overflow - khugepaged: retract_page_tables() remember to test exit - [arm64] dts: marvell: espressobin: add ethernet alias - [x86] drm: Added orientation quirk for ASUS tablet model T103HAF https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.142 - drm/vgem: Replace opencoded version of drm_gem_dumb_map_offset() - perf probe: Fix memory leakage when the probe point is not found - khugepaged: khugepaged_test_exit() check mmget_still_valid() - khugepaged: adjust VM_BUG_ON_MM() in __khugepaged_enter() - btrfs: export helpers for subvolume name/id resolution - btrfs: don't show full path of bind mounts in subvol= - btrfs: Move free_pages_out label in inline extent handling branch in compress_file_range - btrfs: inode: fix NULL pointer dereference if inode doesn't need compression - btrfs: sysfs: use NOFS for device creation - romfs: fix uninitialized memory leak in romfs_dev_read() - kernel/relay.c: fix memleak on destroy relay channel - mm: include CMA pages in lowmem_reserve at boot - mm, page_alloc: fix core hung in free_pcppages_bulk() - ext4: fix checking of directory entry validity for inline directories - jbd2: add the missing unlock_buffer() in the error path of jbd2_write_superblock() - [s390x] scsi: zfcp: Fix use-after-free in request timeout handlers - kthread: Do not preempt current task if it is going to call schedule() - spi: Prevent adding devices below an unregistering controller - scsi: ufs: Add DELAY_BEFORE_LPM quirk for Micron devices - [arm*] scsi: target: tcmu: Fix crash in tcmu_flush_dcache_range on ARM - media: budget-core: Improve exception handling in budget_register() - Input: psmouse - add a newline when printing 'proto' by sysfs - svcrdma: Fix another Receive buffer leak - xfs: fix inode quota reservation checks - jffs2: fix UAF problem - ceph: fix use-after-free for fsc->mdsc - [x86] cpufreq: intel_pstate: Fix cpuinfo_max_freq when MSR_TURBO_RATIO_LIMIT is 0 - scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases - virtio_ring: Avoid loop when vq is broken in virtqueue_poll - xfs: Fix UBSAN null-ptr-deref in xfs_sysfs_init - fs/signalfd.c: fix inconsistent return codes for signalfd4 - ext4: fix potential negative array index in do_split() (CVE-2020-14314) - ext4: don't allow overlapping system zones - i40e: Set RX_ONLY mode for unicast promiscuous on VLAN - i40e: Fix crash during removing i40e driver - [armhf] net: fec: correct the error path for regulator disable in probe - bonding: show saner speed for broadcast mode - bonding: fix a potential double-unregister - [s390x] runtime_instrumentation: fix storage key handling - [s390x] ptrace: fix storage key handling - [x86] ASoC: intel: Fix memleak in sst_media_open - [amd64,arm64] vfio/type1: Add proper error unwind for vfio_iommu_replay() - [x86] kvm: Toggling CR4.SMAP does not load PDPTEs in PAE mode - [x86] kvm: Toggling CR4.PKE does not load PDPTEs in PAE mode - efi: avoid error message when booting under Xen - afs: Fix NULL deref in afs_dynroot_depopulate() - bonding: fix active-backup failover for current ARP slave - net: ena: Prevent reset after device destruction - [x86] hv_netvsc: Fix the queue_mapping in netvsc_vf_xmit() - [armhf] net: dsa: b53: check for timeout - [powerpc*] pseries: Do not initiate shutdown when system is running on UPS - efi: add missed destroy_workqueue when efisubsys_init fails - epoll: Keep a reference on files added to the check list - do_epoll_ctl(): clean the failure exits up a bit - mm/hugetlb: fix calculation of adjust_range_if_pmd_sharing_possible - xen: don't reschedule in preemption off sections - clk: Evict unregistered clks from parent caches - KVM: Pass MMU notifier range flags to kvm_unmap_hva_range() - [arm64] KVM: Only reschedule if MMU_NOTIFIER_RANGE_BLOCKABLE is not set https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.143 - [powerpc*] 64s: Don't init FSCR_DSCR in __init_FSCR() - gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY - net: Fix potential wrong skb->protocol in skb_vlan_untag() - net/smc: Prevent kernel-infoleak in __smc_diag_dump() - tipc: fix uninit skb->data in tipc_nl_compat_dumpit() - net: ena: Make missed_tx stat incremental - ipvlan: fix device features - [x86] mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs - [powerpc*] xive: Ignore kmemleak false positives - media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA value in debiirq() - blktrace: ensure our debugfs dir exists - scsi: target: tcmu: Fix crash on ARM during cmd completion - [arm*] iommu/iova: Don't BUG on invalid PFNs - [amd64] drm/amdkfd: Fix reference count leaks. - drm/radeon: fix multiple reference count leak - drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms - drm/amd/display: fix ref count leak in amdgpu_drm_ioctl - drm/amdgpu: fix ref count leak in amdgpu_display_crtc_set_config - drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails - scsi: lpfc: Fix shost refcount mismatch when deleting vport - xfs: Don't allow logging of XFS_ISTALE inodes - f2fs: fix error path in do_recover_data() - PCI: Fix pci_create_slot() reference count leak - rtlwifi: rtl8192cu: Prevent leaking urb - [mips*] vdso: Fix resource leaks in genvdso.c - cec-api: prevent leaking memory through hole in structure - HID: quirks: add NOGET quirk for Logitech GROUP - f2fs: fix use-after-free issue - drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open - drm/nouveau: fix reference count leak in nv50_disp_atomic_commit - drm/nouveau: Fix reference count leak in nouveau_connector_detect - btrfs: file: reserve qgroup space after the hole punch range is locked - scsi: iscsi: Do not put host in iscsi_set_flashnode_param() - ceph: fix potential mdsc use-after-free crash - scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del() - [x86] EDAC/ie31200: Fallback if host bridge device is already initialized - [arm64] KVM: Fix symbol dependency in __hyp_call_panic_nvhe - USB: sisusbvga: Fix a potential UB casued by left shifting a negative value - [arm64] drm/msm/adreno: fix updating ring fence - nvme-fc: Fix wrong return value in __nvme_fc_init_request() - null_blk: fix passing of REQ_FUA flag in null_handle_rq - jbd2: make sure jh have b_transaction set in refile/unfile_buffer - ext4: don't BUG on inconsistent journal feature - ext4: handle read only external journal device - jbd2: abort journal if free a async write error metadata buffer - ext4: handle option set by mount flags correctly - ext4: handle error of ext4_setup_system_zone() on remount - ext4: correctly restore system zone info when remount fails - fs: prevent BUG_ON in submit_bh_wbc() - [s390x] cio: add cond_resched() in the slow_eval_known_fn() loop - scsi: fcoe: Fix I/O path allocation - scsi: ufs: Fix possible infinite loop in ufshcd_hold - scsi: ufs: Improve interrupt handling for shared interrupts - scsi: ufs: Clean up completed request without interrupt notification - scsi: qla2xxx: Check if FW supports MQ before enabling - scsi: qla2xxx: Fix null pointer access during disconnect from subsystem - Revert "scsi: qla2xxx: Fix crash on qla2x00_mailbox_command" - macvlan: validate setting of multiple remote source MAC addresses - [powerpc*] perf: Fix soft lockups due to missed interrupt accounting - block: loop: set discard granularity and alignment for block device backed loop - [arm64,x86] HID: i2c-hid: Always sleep 60ms after I2C_HID_PWR_ON commands - blk-mq: order adding requests to hctx->dispatch and checking SCHED_RESTART - btrfs: reset compression level for lzo on remount - btrfs: fix space cache memory leak after transaction abort - fbcon: prevent user font height or width change from causing potential out-of-bounds access - vt: defer kfree() of vc_screenbuf in vc_do_resize() - vt_ioctl: change VT_RESIZEX ioctl to check for error return from vc_resize() - [armhf] serial: samsung: Removes the IRQ not found warning - [arm*] serial: pl011: Fix oops on -EPROBE_DEFER - [arm*] serial: pl011: Don't leak amba_ports entry on driver register error - serial: 8250_exar: Fix number of ports for Commtech PCIe cards - serial: 8250: change lock order in serial8250_do_startup() - writeback: Protect inode->i_io_list with inode->i_lock - writeback: Avoid skipping inode writeback - writeback: Fix sync livelock due to b_dirty_time processing - XEN uses irqdesc::irq_data_common::handler_data to store a per interrupt XEN data pointer which contains XEN specific information. - usb: host: xhci: fix ep context print mismatch in debugfs - xhci: Do warm-reset when both CAS and XDEV_RESUME are set - xhci: Always restore EP_SOFT_CLEAR_TOGGLE even if ep reset failed - PM: sleep: core: Fix the handling of pending runtime resume requests - device property: Fix the secondary firmware node handling in set_primary_fwnode() - [x86] genirq/matrix: Deal with the sillyness of for_each_cpu() on UP - drm/amdgpu: Fix buffer overflow in INFO ioctl - USB: yurex: Fix bad gfp argument - USB: quirks: Add no-lpm quirk for another Raydium touchscreen - USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D - [armhf] usb: host: ohci-exynos: Fix error handling in exynos_ohci_probe() - USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() - USB: cdc-acm: rework notification_buffer resizing - btrfs: check the right error variable in btrfs_del_dir_entries_in_log - [arm64,armhf] usb: dwc3: gadget: Don't setup more than requested - [arm64,armhf] usb: dwc3: gadget: Fix handling ZLP - [arm64,armhf] usb: dwc3: gadget: Handle ZLP for sg requests - [arm64,x86] tpm: Unify the mismatching TPM space buffer sizes - HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.144 - HID: core: Correctly handle ReportSize being zero - HID: core: Sanitize event code and type when mapping input - scsi: target: tcmu: Fix size in calls to tcmu_flush_dcache_range - scsi: target: tcmu: Optimize use of flush_dcache_page - [arm64] drm/msm: add shutdown support for display platform_driver - [x86] hwmon: (applesmc) check status earlier. - nvmet: Disable keep-alive timer when kato is cleared to 0h - [arm64] drm/msm/a6xx: fix gmu start on newer firmware - ceph: don't allow setlease on cephfs - cpuidle: Fixup IRQ state - [s390x] don't trace preemption in percpu macros - xen/xenbus: Fix granting of vmalloc'd memory - dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling - batman-adv: Avoid uninitialized chaddr when handling DHCP - batman-adv: bla: use netif_rx_ni when not in interrupt context - [mips*] mm: BMIPS5000 has inclusive physical caches - netfilter: nf_tables: add NFTA_SET_USERDATA if not null - netfilter: nf_tables: incorrect enum nft_list_attributes definition - netfilter: nf_tables: fix destination register zeroing - [arm64] net: hns: Fix memleak in hns_nic_dev_probe - [arm64,armhf] dmaengine: pl330: Fix burst length if burst size is smaller than bus width - gtp: add GTPA_LINK info to msg sent to userspace - bnxt_en: Don't query FW when netif_running() is false. - bnxt_en: Check for zero dir entries in NVRAM. - bnxt_en: Fix PCI AER error recovery flow - bnxt_en: fix HWRM error when querying VF temperature - xfs: fix boundary test in xfs_attr_shortform_verify (CVE-2020-14385) - bnxt: don't enable NAPI until rings are ready - netfilter: nfnetlink: nfnetlink_unicast() reports EAGAIN instead of ENOBUFS - nvmet-fc: Fix a missed _irqsave version of spin_lock in 'nvmet_fc_fod_op_done()' - net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init() - fix regression in "epoll: Keep a reference on files added to the check list" - xfs: fix xfs_bmap_validate_extent_raw when checking attr fork of rt files - tg3: Fix soft lockup when tg3_reset_task() fails. - [amd64] x86, fakenuma: Fix invalid starting node ID - [amd64] iommu/vt-d: Serialize IOMMU GCMD register modifications - [armhf] thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430 - xfs: don't update mtime on COW faults - btrfs: drop path before adding new uuid tree entry - vfio/type1: Support faulting PFNMAP vmas - vfio-pci: Fault mmaps to enable vma tracking - vfio-pci: Invalidate mmaps and block MMIO access on disabled memory (CVE-2020-12888) - btrfs: Remove redundant extent_buffer_get in get_old_root - btrfs: Remove extraneous extent_buffer_get from tree_mod_log_rewind - btrfs: set the lockdep class for log tree extent buffers - uaccess: Add non-pagefault user-space read functions - uaccess: Add non-pagefault user-space write function - btrfs: fix potential deadlock in the search ioctl - net: usb: qmi_wwan: add Telit 0x1050 composition - usb: qmi_wwan: add D-Link DWM-222 A2 device ID - ALSA: ca0106: fix error code handling - ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check - [x86] ALSA: hda/hdmi: always check pin power status in i915 pin fixup - ALSA: firewire-digi00x: exclude Avid Adrenaline from detection - [x86] ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO - media: rc: do not access device via sysfs after rc_unregister_device() - media: rc: uevent sysfs file races with rc_unregister_device() - affs: fix basic permission bits to actually work - block: allow for_each_bvec to support zero len bvec - libata: implement ATA_HORKAGE_MAX_TRIM_128M and apply to Sandisks - dm writecache: handle DAX to partitions on persistent memory correctly - dm cache metadata: Avoid returning cmd->bm wild pointer on error - dm thin metadata: Avoid returning cmd->bm wild pointer on error - mm: slub: fix conversion of freelist_corrupted() - [arm64] KVM: Add kvm_extable for vaxorcism code - [arm64] KVM: Defer guest entry when an asynchronous exception is pending - [arm64] KVM: Survive synchronous exceptions caused by AT instructions - [arm64] KVM: Set HCR_EL2.PTW to prevent AT taking synchronous exception - vfio/pci: Fix SR-IOV VF handling with MMIO blocking - checkpatch: fix the usage of capture group ( ... ) - mm/hugetlb: fix a race between hugetlb sysctl handlers (CVE-2020-25285) - cfg80211: regulatory: reject invalid hints - net: usb: Fix uninit-was-stored issue in asix_read_phy_addr() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.145 - ALSA; firewire-tascam: exclude Tascam FE-8 from detection - block: ensure bdi->io_pages is always initialized - net: usb: dm9601: Add USB ID of Keenetic Plus DSL - sctp: not disable bh in the whole sctp_get_port_local() - tipc: fix shutdown() of connectionless socket - net: disable netpoll on fresh napis - [arm64,armhf] net/mlx5e: Don't support phys switch id if not in switchdev mode https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.146 - RDMA/rxe: Fix memleak in rxe_mem_init_user - RDMA/rxe: Drop pointless checks in rxe_init_ports - [armhf] drm/sun4i: Fix dsi dcs long write function - scsi: libsas: Set data_dir as DMA_NONE if libata marks qc as NODATA - RDMA/core: Fix reported speed and width - [arm64] mmc: sdhci-msm: Add retries when all tuning phases are found valid - [arm64,x86] dmaengine: acpi: Put the CSRT table after using it - netfilter: conntrack: allow sctp hearbeat after connection re-use - [x86] firestream: Fix memleak in fs_open - [arm64,armhf] ALSA: hda: Fix 2 channel swapping for Tegra - xfs: initialize the shortform attr header padding entry - nvme-fabrics: don't check state NVME_CTRL_NEW for request acceptance - nvme-rdma: serialize controller teardown sequences - HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for all Saitek X52 devices - [ppc64el,x86] drivers/net/wan/hdlc_cisco: Add hard_header_len - HID: elan: Fix memleak in elan_input_configured - [x86] cpufreq: intel_pstate: Refuse to turn off with HWP enabled - [x86] cpufreq: intel_pstate: Fix intel_pstate_get_hwp_max() for turbo disabled - ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled - [amd64] iommu/amd: Do not use IOMMUv2 functionality when SME is active - [x86] iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak. - [x86] iio:magnetometer:ak8975 Fix alignment and data leak issues. - [armhf] iio:accel:mma8452: Fix timestamp alignment and prevent data leak. - [x86] staging: wlan-ng: fix out of bounds read in prism2sta_probe_usb() - btrfs: require only sector size alignment for parent eb bytenr - btrfs: fix lockdep splat in add_missing_dev - btrfs: fix wrong address when faulting in pages in the search ioctl - regulator: push allocation in set_consumer_device_supply() out of lock - scsi: target: iscsi: Fix data digest calculation - scsi: target: iscsi: Fix hang in iscsit_access_np() when getting tpg->np_login_sem - [arm64] drm/msm: Disable preemption on all 5xx targets - rbd: require global CAP_SYS_ADMIN for mapping and unmapping (CVE-2020-25284) - RDMA/rxe: Fix the parent sysfs read when the interface has 15 chars - vgacon: remove software scrollback support - fbcon: remove soft scrollback code (CVE-2020-14390) - fbcon: remove now unusued 'softback_lines' cursor() argument - [x86] KVM: VMX: Don't freeze guest when event delivery causes an APIC-access exit - [x86] video: fbdev: fix OOB read in vga_8planes_imageblit() - [arm64] phy: qcom-qmp: Use correct values for ipq8074 PCIe Gen2 PHY init - usb: core: fix slab-out-of-bounds Read in read_descriptors - USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter - USB: serial: option: support dynamic Quectel USB compositions - USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules - usb: Fix out of sync data toggle if a configured device is reconfigured - [x86] usb: typec: ucsi: acpi: Check the _DEP dependencies . [ Salvatore Bonaccorso ] * Bump ABI to 11 * Drop 'Revert "mips: Add udelay lpj numbers adjustment"' * [rt] Update to 4.19.135-rt60 * [rt] Refresh "net: Use skbufhead with raw lock" for context changes in 4.19.136 * [rt] Refresh "timers: Prepare for full preemption" for context changes in 4.19.138 * [rt] Refresh "timers: Redo the notification of canceling timers on -RT" for context changes in 4.19.138 * [rt] Refresh "watchdog: prevent deferral of watchdogd wakeup on RT" for context changes in 4.19.141 * Refresh "net: ena: fix crash during ena_remove()" for context changes in 4.19.142 * [rt] Refresh "Split IRQ-off and zone->lock while freeing pages from PCP list #1" for context changes in 4.19.142 * ACPI: configfs: Disallow loading ACPI tables when locked down (CVE-2020-15780) * [rt] Update to 4.19.142-rt63 * net/packet: fix overflow in tpacket_rcv (CVE-2020-14386) * debian/tests/python: pycodestyle: Increase max-line-length to 100. * gfs2: initialize transaction tr_ailX_lists earlier (Closes: #968567) llvm-toolchain-7 (1:7.0.1-8+deb10u2) buster; urgency=medium . * Non-maintainer upload. . [ Aurelien Jarno ] * Include upstream patch D71028 to add support for min/max/umin/umax atomics, fixing rust mips tests (Closes: #946874). llvm-toolchain-7 (1:7.0.1-8+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Fix for unordered cmpxchg instructions when building rustc. * Disable nomadd4 instructions on mips*. lucene-solr (3.6.2+dfsg-20+deb10u2) buster; urgency=medium . * Team upload. * Fix CVE-2019-0193: The DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging / development of a DIH config. Since a DIH config can contain scripts, this parameter is a security risk. Starting from now on, use of this parameter requires setting the Java System property "enable.dih.dataConfigParam" to true. For example this can be achieved with solr-tomcat by adding -Denable.dih.dataConfigParam=true to JAVA_OPTS in /etc/default/tomcat9. milkytracker (1.02.00+dfsg-1+deb10u1) buster; urgency=medium . * CVE-2020-15569 (Closes: #964797) * CVE-2019-14464, CVE-2019-14496, CVE-2019-14497 (Closes: #933964) modsecurity (3.0.3-1+deb10u2) buster-security; urgency=medium . * Add patch by Ervin Hegedüs to fix CVE-2020-15598. mupdf (1.14.0+ds1-4+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Heap-based buffer overflow in fz_append_display_node (CVE-2019-13290) (Closes: #931475) net-snmp (5.7.3+dfsg-5+deb10u1) buster-security; urgency=high . * snmpd: Make EXTEND-MIB readonly access Fixes CVE-2020-15862 Closes: #965166 * snmpd: Do not cache MIB directory Fixes CVE-2020-15861 Closes: #966599 nginx (1.14.2-2+deb10u3) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * bugfix: prevented request smuggling in the ngx.location.capture API (CVE-2020-11724) (Closes: #964950) node-bl (1.1.2-1+deb10u1) buster; urgency=medium . * Team upload * Add patch to fix over-read vulnerability (Closes: #969309, CVE-2020-8244) node-elliptic (6.4.1~dfsg-1+deb10u1) buster; urgency=medium . * Prevent malleability and overflows (Closes: CVE-2020-13822) node-mysql (2.16.0-1+deb10u1) buster; urgency=medium . * Team upload * Add localInfile option to control LOAD DATA LOCAL INFILE (Closes: #934712, CVE-2019-14939) node-url-parse (1.2.0-2+deb10u1) buster; urgency=medium . * Add missing test dependency: mocha * Fix insufficient validation and sanitization of user input (Closes: CVE-2020-8124) npm (5.8.0+ds6-4+deb10u2) buster; urgency=medium . * Team upload * Don't show password in logs (Closes: CVE-2020-15095) openexr (2.2.1-4.1+deb10u1) buster-security; urgency=medium . * CVE-2017-9115 CVE-2017-9114 CVE-2017-9113 CVE-2017-9111 CVE-2020-11765 CVE-2020-11764 CVE-2020-11763 CVE-2020-11762 CVE-2020-11761 CVE-2020-11760 CVE-2020-11759 CVE-2020-11758 CVE-2020-15306 CVE-2020-15305 openjdk-11 (11.0.8+10-1~deb10u1) buster-security; urgency=medium . * Rebuild for Buster openjdk-11 (11.0.7+10-3) unstable; urgency=high . * Backport the fix for JDK-8214571, -Xdoclint of array serialField gives "error: array type not allowed here". Introduced with 11.0.7. * Enable running the testsuite on release architectures. openjdk-11 (11.0.7+10-3~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security openjdk-11 (11.0.7+10-2) unstable; urgency=high . * Backport the fix for 8228407, JVM crashes with shared archive file mismatch. * Enable again bootcycle build for all hotspot architectures. * Build again with -march=zEC12 on Ubuntu/s390x. . openjdk-11 (11.0.7+10-1) unstable; urgency=high . * OpenJDK 11.0.7+10 build (release). * Security fixes - JDK-8223898, CVE-2020-2754: Forward references to Nashorn - JDK-8223904, CVE-2020-2755: Improve Nashorn matching - JDK-8224541, CVE-2020-2756: Better mapping of serial ENUMs - JDK-8224549, CVE-2020-2757: Less Blocking Array Queues - JDK-8225603: Enhancement for big integers - JDK-8226346: Build better binary builders - JDK-8227467: Better class method invocations - JDK-8227542: Manifest improved jar headers - JDK-8229733: TLS message handling improvements - JDK-8231415, CVE-2020-2773: Better signatures in XML - JDK-8231785: Improved socket permissions - JDK-8232424, CVE-2020-2778: More constrained algorithms - JDK-8232581, CVE-2020-2767: Improve TLS verification - JDK-8233250: Better X11 rendering - JDK-8233410: Better Build Scripting - JDK-8234027: Better JCEKS key support - JDK-8234408, CVE-2020-2781: Improve TLS session handling - JDK-8234825, CVE-2020-2800: Better Headings for HTTP Servers - JDK-8234841, CVE-2020-2803: Enhance buffering of byte buffers - JDK-8235274, CVE-2020-2805: Enhance typing of methods - JDK-8235691, CVE-2020-2816: Enhance TLS connectivity - JDK-8236201, CVE-2020-2830: Better Scanner conversions - JDK-8238960: linux-i586 builds are inconsistent as the newly build jdk is not able to reserve enough space for object heap . [ Matthias Klose ] * Refresh patches. * Configure --with-jtreg=/usr/share/jtreg. * Enable the buildwatch script on sh4 (Adrian Glaubitz). Closes: #956728. * Build with -march=z13 -mtune=z15 on Ubuntu/s390x. openjdk-11 (11.0.7+10-1) unstable; urgency=medium . * OpenJDK 11.0.7+10 build (release). - S8160926: FLAGS_COMPILER_CHECK_ARGUMENTS doesn't handle cross-compilation - S8189861: Refactor CacheFind - S8204551: Event descriptions are truncated in logs - S8210459: Add support for generating compile_commands.json - S8214534: Setting of THIS_FILE in the build is broken - S8217728: Speed up incremental rerun of "make hotspot" - S8219597: (bf) Heap buffer state changes could provoke unexpected exceptions - S8220613: java/util/Arrays/TimSortStackSize2.java times out with fastdebug build - S8221851: Use of THIS_FILE in hotspot invalidates precompiled header on Linux/GCC - S8222264: Windows incremental build is broken with JDK-8217728 - S8223678: Add Visual Studio Code workspace generation support (for native code) - S8223898: Forward references to Nashorn - S8223904: Improve Nashorn matching - S8224541: Better mapping of serial ENUMs - S8224549: Less Blocking Array Queues - S8225603: Enhancement for big integers - S8226346: Build better binary builders - S8227467: Better class method invocations - S8227542: Manifest improved jar headers - S8229733: TLS message handling improvements - S8231415: Better signatures in XML - S8231785: Improved socket permissions - S8232424: More constrained algorithms - S8232581: Improve TLS verification - S8233250: Better X11 rendering - S8233383: Various minor fixes - S8233410: Better Build Scripting - S8234027: Better JCEKS key support - S8234408: Improve TLS session handling - S8234825: Better Headings for HTTP Servers - S8234841: Enhance buffering of byte buffers - S8235274: Enhance typing of methods - S8235691: Enhance TLS connectivity - S8236201: Better Scanner conversions - S8237879: make 4.3 breaks build - S8238960: linux-i586 builds are inconsistent as the newly build jdk is not able to reserve enough space for object heap . [ Matthias Klose ] * Refresh patches. * Configure --with-jtreg=/usr/share/jtreg. * Enable the buildwatch script on sh4 (Adrian Glaubitz). Closes: #956728. * Build with -march=z13 -mtune=z15 on Ubuntu/s390x. openjdk-11 (11.0.7+9-1) unstable; urgency=medium . * OpenJDK 11.0.7+9 build (early access). * Make autopkgtests cross-test-friendly (Steve Langasek). LP: #1861467. * d/tests/jtreg-autopkgtest.in: keep generated hs_err log files with test artifacts to improve later debug (Tiago Stürmer Daitx). * d/tests/jtdiff-autopkgtest.in: set default vm to correctly locate (Tiago Stürmer Daitx) * jhsdb isn't built on sh4 (Adrian Glaubitz). Closes: #951774. openjdk-11 (11.0.6+10-2) unstable; urgency=medium . * Fix FTCBFS (Helmut Grohne). Addresses: #949460. - Missing Build-Depends: zlib1g-dev:native. - Use triplet-prefixed objcopy and strip. * Bump standards version. openjdk-11 (11.0.6+10-1) unstable; urgency=high . * OpenJDK 11.0.5+10 build (release). - S8220598: Malformed copyright year range in a few files in java.base. - S8224909, CVE-2020-2583: Unlink Set of LinkedHashSets. - S8225261: Better method resolutions. - S8225279: Better XRender interpolation. - S8226352, CVE-2020-2590: Improve Kerberos interop capabilities. - S8227758: More valid PKIX processing. - S8227816: More Colorful ICC profiles. - S8228548, CVE-2020-2593: Normalize normalization for all. - S8229728: Implement negotiation parameters. - S8229951, CVE-2020-2601: Better Ticket Granting Services. - S8230279: Improve Pack200 file reading. - S8230318: Better trust store usage. - S8230967: Improve Registry support of clients. - S8231139: Improved keystore support. - S8231422, CVE-2020-2604: Better serial filter handling. - S8231780, CVE-2020-2655: Better TLS messaging support. - S8231790: Provide better FileSystemProviders. - S8232419: Improve Registry registration. - S8234037, CVE-2020-2654: Improve Object Identifier Processing. * Disable zero on sparc64 (Adrian Glaubitz). Closes: #942030. * Make the generated character data source files reproducible (Emmanuel Bourg). Closes: #933339. * Make the generated module-info.java files reproducible (Emmanuel Bourg). Closes: #933342. * Make the generated copyright headers reproducible (Emmanuel Bourg). Closes: #933349. * Make the build user reproducible (Emmanuel Bourg). Closes: #933373. orocos-kdl (1.4.0-7+deb10u2) buster; urgency=medium . * Add patch for include path KDLConfig.cmake exports ${CMAKE_CURRENT_LIST_DIR}/../../../include as an include path, which resolves to /usr/include. This breaks with gcc > 5 and cmake < 3.16 as discussed in https://github.com/ros/rosdistro/issues/26526. As /usr/include is a default include path, the patch simply removes the extra path. postgresql-11 (11.9-0+deb10u1) buster; urgency=medium . * New upstream version. + Set a secure search_path in logical replication walsenders and apply workers (Noah Misch) . A malicious user of either the publisher or subscriber database could potentially cause execution of arbitrary SQL code by the role running replication, which is often a superuser. Some of the risks here are equivalent to those described in CVE-2018-1058, and are mitigated in this patch by ensuring that the replication sender and receiver execute with empty search_path settings. (As with CVE-2018-1058, that change might cause problems for under-qualified names used in replicated tables' DDL.) Other risks are inherent in replicating objects that belong to untrusted roles; the most we can do is document that there is a hazard to consider. (CVE-2020-14349) . + Make contrib modules' installation scripts more secure (Tom Lane) . Attacks similar to those described in CVE-2018-1058 could be carried out against an extension installation script, if the attacker can create objects in either the extension's target schema or the schema of some prerequisite extension. Since extensions often require superuser privilege to install, this can open a path to obtaining superuser privilege. To mitigate this risk, be more careful about the search_path used to run an installation script; disable check_function_bodies within the script; and fix catalog-adjustment queries used in some contrib modules to ensure they are secure. Also provide documentation to help third-party extension authors make their installation scripts secure. This is not a complete solution; extensions that depend on other extensions can still be at risk if installed carelessly. (CVE-2020-14350) postgresql-common (200+deb10u4) buster; urgency=medium . * t/170_extensions.t: Don't drop plpgsql before testing extensions. A recent security fix in the PostgreSQL server (CVE-2020-14350) makes use of plpgsql DO blocks in various extension creation scripts without declaring a formal dependency on it, so change tests not to drop plpgsql. pyzmq (17.1.2-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. * asyncio: wait for POLLOUT on sender in can_connect (Closes: #970567) qemu (1:3.1+dfsg-8+deb10u8) buster-security; urgency=medium . * mention fixing of CVE-2020-13765 in 3.1+dfsg-8+deb10u6 * xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch ARM-only XGMAC NIC, possible buffer overflow during packet transmission Closes: CVE-2020-15863 * sm501 OOB read/write due to integer overflow in sm501_2d_operation() List of patches: sm501-convert-printf-abort-to-qemu_log_mask.patch sm501-shorten-long-variable-names-in-sm501_2d_operation.patch sm501-use-BIT-macro-to-shorten-constant.patch sm501-clean-up-local-variables-in-sm501_2d_operation.patch sm501-replace-hand-written-implementation-with-pixman-CVE-2020-12829.patch Closes: #961451, CVE-2020-12829 * usb-fix-setup_len-init-CVE-2020-14364.patch Fix OOB r/w access in USB emulation Closes: #968947, CVE-2020-14364 * net-assertion-in-net_tx_pkt_add_raw_fragment-CVE-2020-16092.patch Fix net_tx_pkt_add_raw_fragment assertion in e1000e & vmxnet3 Closes: CVE-2020-16092 qt4-x11 (4:4.8.7+dfsg-18+deb10u1) buster; urgency=medium . * Backport upstream patch to fix buffer overflow in XBM parser, CVE-2020-17507 (Closes: #970308). qtbase-opensource-src (5.11.3+dfsg1-1+deb10u4) buster; urgency=medium . [ Dmitry Shachnev ] * Backport upstream patch to fix buffer overflow in XBM parser (CVE-2020-17507, closes: #968444). . [ Lisandro Damián Nicanor Pérez Meyer ] * Backport XCB_Fix_clipboard_breaking_when_timer_wraps_after_50_days.patch (Closes: #961293). Thanks Nicolás for pointing us to the bug fix. ros-actionlib (1.11.15-1+deb10u1) buster; urgency=high . * Add https://github.com/ros/actionlib/pull/171 (Fix CVE-2020-10289) roundcube (1.3.15+dfsg.1-1~deb10u1) buster-security; urgency=high . * New upstream release, with security fix for CVE-2020-16145: Cross-site scripting (XSS) vulnerability via HTML messages with malicious svg or math content. (Closes: #968216) ruby-kramdown (1.17.0-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Add option forbidden_inline_options (CVE-2020-14001) (Closes: #965305) ruby-ronn (0.8.0-2+deb10u1) buster; urgency=medium . * Team upload. * Fix handling of UTF-8 content in manpages (Closes: #965294) rust-cbindgen (0.14.4-1~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport to buster. * Vendor dependencies, they are not available in buster. * Only build the cbindgen binary. * Lower dh-cargo build-dep. * Bump rustc and cargo build-deps. rust-cbindgen (0.14.3-1) unstable; urgency=medium . * Package cbindgen 0.14.3 from crates.io using debcargo 2.4.3 rust-cbindgen (0.14.2-1) unstable; urgency=medium . * Package cbindgen 0.14.2 from crates.io using debcargo 2.4.2 rust-cbindgen (0.14.1-1) unstable; urgency=medium . * Package cbindgen 0.14.1 from crates.io using debcargo 2.4.2 rust-cbindgen (0.14.0-3) unstable; urgency=medium . * Package cbindgen 0.14.0 from crates.io using debcargo 2.4.0 * Only run the testssuite on the binary rust-cbindgen (0.14.0-2) unstable; urgency=medium . * Don't run autopkgtest for now. It needs g++ and I cannot add it as dep as debcargo doesn't manage that yet. WIP https://salsa.debian.org/rust-team/debcargo/-/merge_requests/24 rust-cbindgen (0.14.0-1) unstable; urgency=medium . * Package cbindgen 0.14.0 from crates.io using debcargo 2.4.0 * Cherry-pick upstream page to fix autopkgtest rust-cbindgen (0.13.1-2) unstable; urgency=medium . * Package cbindgen 0.13.1 from crates.io using debcargo 2.4.0 * Upload to unstable. Still blocked by NEW. rust-cbindgen (0.13.1-1) experimental; urgency=medium . * Team upload. * Package cbindgen 0.13.1 from crates.io using debcargo 2.4.2 rust-cbindgen (0.12.1-1) unstable; urgency=medium . * Package cbindgen 0.12.1 from crates.io using debcargo 2.4.0 rust-cbindgen (0.12.0-1) unstable; urgency=medium . * Package cbindgen 0.12.0 from crates.io using debcargo 2.4.0 rust-cbindgen (0.11.1-1) unstable; urgency=medium . * Package cbindgen 0.11.1 from crates.io using debcargo 2.4.0 rust-cbindgen (0.11.0-1) unstable; urgency=medium . * Package cbindgen 0.11.0 from crates.io using debcargo 2.4.0 rust-cbindgen (0.10.0-1) unstable; urgency=medium . * Package cbindgen 0.10.0 from crates.io using debcargo 2.4.0 rust-cbindgen (0.9.1-1) unstable; urgency=medium . * Package cbindgen 0.9.1 from crates.io using debcargo 2.4.0 rust-cbindgen (0.9.0-1) unstable; urgency=medium . * Package cbindgen 0.9.0 from crates.io using debcargo 2.3.1-alpha.0 * Remove testsuite-fix.patch (merged upstream) rustc (1.41.1+dfsg1-1~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport to buster. * stage0 build. - Use arm-unknown-linux-gnueabi target for armel. * Use LLVM 7. * Disable wasm. * Reduce debugging symbols on i386 to avoid FTBFS due to OOM. rustc (1.40.0+dfsg1-5) unstable; urgency=medium . * More python 2 -> 3 fixes. * Allow 24 failing tests on riscv64. * Reenable debuginfo for rustc, not just libstd. * Reenable backtraces during tests. rustc (1.40.0+dfsg1-4) unstable; urgency=medium . * Experimental riscv64 support. rustc (1.40.0+dfsg1-3) unstable; urgency=medium . * Work around upstream #59264 again. :/ rustc (1.40.0+dfsg1-2) unstable; urgency=medium . * Fix more internal build scripts so they use python3. * Don't add -L/usr/lib/llvm when cross-compiling. (Closes: #941783) rustc (1.40.0+dfsg1-1) unstable; urgency=medium . * Upload to unstable. * Ignore new test failing on arm that also fails in previous versions. rustc (1.40.0+dfsg1-1~exp1) experimental; urgency=medium . * New upstream release. rustc (1.39.0+dfsg1-4) unstable; urgency=medium . * Update to LLVM 9. (Closes: #946886) rustc (1.39.0+dfsg1-3) unstable; urgency=medium . * Fix mips patch involving mxgot for new RUSTFLAGS behaviour. rustc (1.39.0+dfsg1-2) unstable; urgency=medium . * Include reproducibility patch for compiler-builtins. * Use python3 instead of python to run rustbuild. (Closes: #938422) * Expand d-ignore-error-detail-diff.patch for unfixed upstream #53081. rustc (1.39.0+dfsg1-1) unstable; urgency=medium . * New upstream release. rustc (1.38.0+dfsg1-2) unstable; urgency=medium . * Fix building with rustc 1.38.0 * Fix building with cargo 0.40.0 rustc (1.38.0+dfsg1-1) unstable; urgency=medium . * New upstream release. rustc (1.37.0+dfsg1-1) unstable; urgency=medium . * Upload to unstable. * Fix a typo in debian/rules regex causing FTBFS on some arches. rustc (1.37.0+dfsg1-1~exp2) experimental; urgency=medium . * Support cross-compiling to wasm32. (Closes: #903110) To do that, install the libstd-rust-dev-wasm32-cross package and give --target wasm32-unknown-unknown. * Drop dependency on system compiler-rt, these new versions of rustc actually don't need it at all. rustc (1.37.0+dfsg1-1~exp1) experimental; urgency=medium . * New upstream release. * Use system compiler-rt. rustc (1.36.0+dfsg1-2) unstable; urgency=medium . * Set CARGO_HOME to debian/cargo_home (instead of $HOME/.cargo) as newer versions of cargo must take a file lock that has to exist. rustc (1.36.0+dfsg1-1) unstable; urgency=medium . * Upload to unstable. rustc (1.36.0+dfsg1-1~exp1) experimental; urgency=medium . * New upstream release. rustc (1.35.0+dfsg1-1) unstable; urgency=medium . * Add entry in 1.34.2+dfsg1-1 to note that it uses LLVM 7. * Add entry in 1.35.0+dfsg1-1~exp2 to note that it uses LLVM 8. * Fix ICE on sparc64 by including upstream PR #61881. rustc (1.35.0+dfsg1-1~exp1) experimental; urgency=medium . * Don't use system compiler-rt, it's not ready yet. * New upstream release. s390-tools (2.3.0-2~deb10u1) buster; urgency=medium . * Upload debootstrap fix to Debian stable. (Closes: #960265) squid (4.6-1+deb10u4) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * SQUID-2020:8 HTTP(S) Request Splitting (CVE-2020-15811) (Closes: #968932) * SQUID-2020:9 Denial of Service processing Cache Digest Response (CVE-2020-24606) (Closes: #968933) * SQUID-2020:10 HTTP(S) Request Smuggling (CVE-2020-15810) (Closes: #968934) teeworlds (0.7.2-5+deb10u1) buster-security; urgency=high . * Team upload. * Fix CVE-2020-12066: A remote attacker was able to shut down the teeworlds server and cause a denial-of-service by crafting a specific server packet. thunderbird (1:68.12.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security * [32b3711] Revert "d/xpi-pack.sh: adding xpi-pack shell script" * [b50609a] Revert "Drop mozilla-devscripts as B-D" * [fd054fc] Revert "Drop python-{minimal,ply} from B-D" * [5a2a88c] Revert "d/control: tb manually set dep on libnss3 to 2:3.55" thunderbird (1:68.11.0-3) unstable; urgency=medium . * [28707fd] d/xpi-pack.sh: adding xpi-pack shell script As we can't depend on mozilla-devscripts anymore we pick up the shell script from that package as this builds XPI files we need. * [037212e] Drop mozilla-devscripts as B-D mozilla-devscripts isn't ported to Python3 yet and depends on Python2 so. We don't need that package as B-D as we picked the main shell script from that and we can drop that package from the build dependencies. * [31eda41] Drop python-{minimal,ply} from B-D These packages are removed from teh archive and we don't need them for building Thunderbird as long we have python2 as package available. (Closes: #967223) thunderbird (1:68.11.0-2) unstable; urgency=medium . * [110a375] d/control: increase B-D for libnss3 * [73fa23e] d/control: tb manually set dep on libnss3 to 2:3.55 (Closes: #966806) thunderbird (1:68.11.0-1) unstable; urgency=medium . * [093b080] New upstream version 68.11.0 Fixed CVE issues in upstream version 68.11.0 (MFSA 2020-35): CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker CVE-2020-6514: WebRTC data channel leaks internal address to peer CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture CVE-2020-15659: Memory safety bugs fixed in Thunderbird 68.11 thunderbird (1:68.11.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security thunderbird (1:68.10.0-1) unstable; urgency=medium . * [7537684] New upstream version 68.10.0 Fixed CVE issues in upstream version 68.10.0 (MFSA 2020-26): CVE-2020-12417: Memory corruption due to missing sign-extension for ValueTags on ARM64 CVE-2020-12418: Information disclosure due to manipulated URL object CVE-2020-12419: Use-after-free in nsGlobalWindowInner CVE-2020-12420: Use-After-Free when trying to connect to a STUN server MFSA-2020-0001: Automatic account setup leaks Microsoft Exchange login credentials CVE-2020-12421: Add-On updates did not respect the same certificate trust rules as software updates webkit2gtk (2.28.4-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. webkit2gtk (2.28.3-2) unstable; urgency=high . * The WebKitGTK security advisory WSA-2020-0006 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-13753 (fixed in 2.28.3). * Don't build the documentation in binary-arch builds and with the nodoc build profile (Closes: #962616). + debian/control: - Move gtk-doc-tools and *-doc to Build-Depends-Indep. - Add Build-Profiles: <!nodoc> to libwebkit2gtk-4.0-doc + debian/rules: - Use dh_listpackages to decide whether to build the documentation. xorg-server (2:1.20.4-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix for ZDI-11426 (CVE-2020-14347) (Closes: #968986) * Correct bounds checking in XkbSetNames() (CVE-2020-14345) * Fix XIChangeHierarchy() integer underflow (CVE-2020-14346) * Fix XkbSelectEvents() integer underflow (CVE-2020-14361) * Fix XRecordRegisterClients() Integer underflow (CVE-2020-14362) xrdp (0.9.9-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * libscp v1 server set height twice, and not set width * xrdp-sesman can be crashed remotely over port 3350 (CVE-2020-4044) (Closes: #964573) * Fixed CVE-2020-4044 CI errors zeromq3 (4.3.1-4+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * zeromq connects peer before handshake is completed (CVE-2020-15166) ====================================== Sat, 01 Aug 2020 - Debian 10.5 released ====================================== ========================================================================= [Date: Sat, 01 Aug 2020 08:54:01 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: matrix-synapse | 0.99.2-6 | source, all Closed bugs: 959723 ------------------- Reason ------------------- RoM; security issues; unsupportable ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 01 Aug 2020 08:54:20 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: firefoxdriver | 3.14.1-1 | amd64, i386 selenium-firefoxdriver | 3.14.1-1 | source Closed bugs: 960585 ------------------- Reason ------------------- RoQA; does not support firefox beyond 52.0 ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 01 Aug 2020 08:54:51 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: janus | 0.6.1-1 | source, amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x janus-demos | 0.6.1-1 | all janus-dev | 0.6.1-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x janus-doc | 0.6.1-1 | all janus-tools | 0.6.1-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x libjs-janus | 0.6.1-1 | all Closed bugs: 962694 ------------------- Reason ------------------- RoM; not supportable for the lifetime of a stable release ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 01 Aug 2020 08:55:10 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: fonts-mathematica | 21 | all mathematica-fonts | 21 | source, all Closed bugs: 964343 ------------------- Reason ------------------- RoQA; relies on unavailable download location ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 01 Aug 2020 08:55:28 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: golang-github-unknwon-cae | 0.0~git20160715.0.c6aac99-4 | source golang-github-unknwon-cae-dev | 0.0~git20160715.0.c6aac99-4 | all Closed bugs: 966454 ------------------- Reason ------------------- RoQA; security issues; unmaintained ---------------------------------------------- ========================================================================= apache-log4j1.2 (1.2.17-8+deb10u1) buster-security; urgency=high . * Team upload. * Fix CVE-2019-17571. (Closes: #947124) Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. appstream-glib (0.7.14-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport upstream fix for FTBFS in the year 2020. (Closes: #949169) apt (1.8.2.1) buster-security; urgency=high . * SECURITY UPDATE: Out of bounds read in ar, tar implementations (LP: #1878177) - apt-pkg/contrib/arfile.cc: Fix out-of-bounds read in member name - apt-pkg/contrib/arfile.cc: Fix out-of-bounds read on unterminated member names in error path - apt-pkg/contrib/extracttar.cc: Fix out-of-bounds read on unterminated member names in error path - CVE-2020-3810 * .gitlab.ci.yml: Point to debian:buster asunder (2.9.3-3+deb10u1) buster; urgency=medium . * Add patch to use gnudb instead of freedb by default * Add a NEWS item for freedb closing b43-fwcutter (1:019-4+deb10u1) buster; urgency=medium . [ Andreas Beckmann ] * QA upload. * Run firmware removal commands under LC_ALL=C. (Closes: #960791) * Do not fail while removing no longer existing files. (Closes: #956858) * Add dependency on pciutils for lspci. . [ Raphaël Hertzog ] * Add ca-certificates to Depends so that we can download over https. balsa (2.5.6-2+deb10u1) buster; urgency=medium . * Provide server identity when validating certificates (allows to verify certs with a glib-networking patch for CVE-2020-13645). Patch taken from Ubuntu. Closes: #961792. base-files (10.3+deb10u5) buster; urgency=medium . * Change /etc/debian_version to 10.5, for Debian 10.5 point release. batik (1.10-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. * CVE-2019-17566: Server-side request forgery via xlink:href attributes. (Closes: #964510) bind9 (1:9.11.5.P4+dfsg-5.1+deb10u1) buster-security; urgency=high . * [CVE-2019-6477]: TCP-pipelined queries can bypass tcp-clients limit. (Closes: #945171) * [CVE-2020-8616]: Fix NXNSATTACK amplification attack on BIND 9 * [CVE-2020-8617]: Fix assertion failure in TSIG processing code borgbackup (1.1.9-2+deb10u1) buster; urgency=medium . * Fix index corruption bug leading to data loss (Closes: #953615). bundler (1.17.3-3+deb10u1) buster; urgency=medium . * Non-maintainer upload. . [ Utkarsh Gupta ] * Bump minimum version of ruby-molinillo in ruby-bundler (Closes: #945481) c-icap-modules (1:0.5.3-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport support for ClamAV 0.102. (Closes: #952009) cacti (1.2.2+ds1-2+deb10u3) buster; urgency=medium . * Unix timestamps after Sep 13 2020 are rejected as graph start/end arguments (Upstream bug #3245) * CVE-2020-7237: Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify the Performance Settings of the product. (Closes: #949997) * CVE-2020-7106: XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS). (Closes: #949996) * CVE-2020-13230: Disabling an user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs) * CVE-2020-13231: auth_profile.php?action=edit allows CSRF for an admin email change calamares-settings-debian (10.0.20-1+deb10u3) buster; urgency=medium . * Use xdg-user-dir to specify Desktop directory (Closes: #959541) calamares-settings-debian (10.0.20-1+deb10u2) buster; urgency=medium . * Fix type in previous entry (s/desk/disk) * Enable displaymanager module, fixing autologin options (Closes: #934503, #934504) chromium (83.0.4103.116-1~deb10u3) buster-security; urgency=medium . * Fix crashes when a connection error occurs (closes: #963548). chromium (83.0.4103.116-1~deb10u2) buster-security; urgency=medium . * Rebuild with optimization (closes: #964145). chromium (83.0.4103.116-1~deb10u1) buster-security; urgency=medium . * New upstream stable release. - CVE-2020-6423: Use after free in audio. Reported by Anonymous - CVE-2020-6430: Type Confusion in V8. Reported by Avihay Cohen - CVE-2020-6431: Insufficient policy enforcement in full screen. Reported by Luan Herrera - CVE-2020-6432: Insufficient policy enforcement in navigations. Reported by David Erceg - CVE-2020-6433: Insufficient policy enforcement in extensions. Reported by David Erceg - CVE-2020-6434: Use after free in devtools. Reported by HyungSeok Han - CVE-2020-6435: Insufficient policy enforcement in extensions. Reported by Sergei Glazunov - CVE-2020-6436: Use after free in window management. Reported by Igor Bukanov - CVE-2020-6437: Inappropriate implementation in WebView. Reported by Jann Horn - CVE-2020-6438: Insufficient policy enforcement in extensions. Reported by Ng Yik Phang - CVE-2020-6439: Insufficient policy enforcement in navigations. Reported by remkoboonstra - CVE-2020-6440: Inappropriate implementation in extensions. Reported by David Erceg - CVE-2020-6441: Insufficient policy enforcement in omnibox. Reported by David Erceg - CVE-2020-6442: Inappropriate implementation in cache. Reported by B@rMey - CVE-2020-6443: Insufficient data validation in developer tools. Reported by @lovasoa - CVE-2020-6444: Uninitialized use in WebRTC. Reported by mlfbrown - CVE-2020-6445: Insufficient policy enforcement in trusted types. Reported by Jun Kokatsu - CVE-2020-6446: Insufficient policy enforcement in trusted types. Reported by Jun Kokatsu - CVE-2020-6447: Inappropriate implementation in developer tools. Reported by David Erceg - CVE-2020-6448: Use after free in V8. Reported by Guang Gong - CVE-2020-6454: Use after free in extensions. Reported by leecraso and Guang Gong - CVE-2020-6455: Out of bounds read in WebSQL. Reported by Nan Wang and Guang Gong - CVE-2020-6456: Insufficient validation of untrusted input in clipboard. Reported by MichaÅ‚ Bentkowski - CVE-2020-6457: Use after free in speech recognizer. Reported by Leecraso and Guang Gong - CVE-2020-6458: Out of bounds read and write in PDFium. Reported by Aleksandar Nikolic - CVE-2020-6459: Use after free in payments. Reported by Zhe Jin - CVE-2020-6460: Insufficient data validation in URL formatting. Reported by Anonymous - CVE-2020-6461: Use after free in storage. Reported by Zhe Jin - CVE-2020-6462: Use after free in task scheduling. Reported by Zhe Jin - CVE-2020-6463: Use after free in ANGLE. Reported by Pawel Wylecial - CVE-2020-6464: Type Confusion in Blink. Reported by Looben Yang - CVE-2020-6465: Use after free in reader mode. Reported by Woojin Oh - CVE-2020-6466: Use after free in media. Reported by Zhe Jin - CVE-2020-6467: Use after free in WebRTC. Reported by ZhanJia Song - CVE-2020-6468: Type Confusion in V8. Reported by Chris Salls and Jake Corina - CVE-2020-6469: Insufficient policy enforcement in developer tools. Reported by David Erceg - CVE-2020-6470: Insufficient validation of untrusted input in clipboard. Reported by MichaÅ‚ Bentkowski - CVE-2020-6471: Insufficient policy enforcement in developer tools. Reported by David Erceg - CVE-2020-6472: Insufficient policy enforcement in developer tools. Reported by David Erceg - CVE-2020-6473: Insufficient policy enforcement in Blink. Reported by Soroush Karami and Panagiotis Ilia - CVE-2020-6474: Use after free in Blink. Reported by Zhe Jin - CVE-2020-6475: Incorrect security UI in full screen. Reported by Khalil Zhani - CVE-2020-6476: Insufficient policy enforcement in tab strip. Reported by Alexandre Le Borgne - CVE-2020-6478: Inappropriate implementation in full screen. Reported by Khalil Zhani - CVE-2020-6479: Inappropriate implementation in sharing. Reported by Zhong Zhaochen - CVE-2020-6480: Insufficient policy enforcement in enterprise. Reported by Marvin Witt - CVE-2020-6481: Insufficient policy enforcement in URL formatting. Reported by Rayyan Bijoora - CVE-2020-6482: Insufficient policy enforcement in developer tools. Reported by Abdulrahman Alqabandi - CVE-2020-6483: Insufficient policy enforcement in payments. Reported by Jun Kokatsu - CVE-2020-6484: Insufficient data validation in ChromeDriver. Reported by Artem Zinenko - CVE-2020-6485: Insufficient data validation in media router. Reported by Sergei Glazunov - CVE-2020-6486: Insufficient policy enforcement in navigations. Reported by David Erceg - CVE-2020-6487: Insufficient policy enforcement in downloads. Reported by Jun Kokatsu - CVE-2020-6488: Insufficient policy enforcement in downloads. Reported by David Erceg - CVE-2020-6489: Inappropriate implementation in developer tools. Reported by @lovasoa - CVE-2020-6490: Insufficient data validation in loader. Reported by Twitter - CVE-2020-6491: Incorrect security UI in site information. Reported by Sultan Haikal - CVE-2020-6493: Use after free in WebAuthentication. Reported by Anonymous - CVE-2020-6494: Incorrect security UI in payments. Reported by Juho Nurminen - CVE-2020-6495: Insufficient policy enforcement in developer tools. Reported by David Erceg - CVE-2020-6496: Use after free in payments. Reported by Khalil Zhani - CVE-2020-6497: Insufficient policy enforcement in Omnibox. Reported by Rayyan Bijoora - CVE-2020-6498: Incorrect security UI in progress display. Reported by Rayyan Bijoora - CVE-2020-6505: Use after free in speech. Reported by Khalil Zhani - CVE-2020-6506: Insufficient policy enforcement in WebView. Reported by Alesandro Ortiz - CVE-2020-6507: Out of bounds write in V8. Reported by Sergei Glazunov - CVE-2020-6509: Use after free in extensions. Reported by Anonymous - CVE-2020-6831: Stack buffer overflow in SCTP. Reported by Natalie Silvanovich chromium (83.0.4103.106-1) unstable; urgency=medium . * New upstream security release. - CVE-2020-6493: Use after free in WebAuthentication. Reported by Anonymous - CVE-2020-6494: Incorrect security UI in payments. Reported by Juho Nurminen - CVE-2020-6495: Insufficient policy enforcement in developer tools. Reported by David Erceg - CVE-2020-6496: Use after free in payments. Reported by Khalil Zhani - CVE-2020-6497: Insufficient policy enforcement in Omnibox. Reported by Rayyan Bijoora - CVE-2020-6498: Incorrect security UI in progress display. Reported by Rayyan Bijoora - CVE-2020-6505: Use after free in speech. Reported by Khalil Zhani - CVE-2020-6506: Insufficient policy enforcement in WebView. Reported by Alesandro Ortiz - CVE-2020-6507: Out of bounds write in V8. Reported by Sergei Glazunov * Conflict with ffmpeg 4.3 (closes: #963080). * Support building with icu 67 (closes: #960236). * Support building with re2 20200501 (closes: #960361). chromium (83.0.4103.83-1) unstable; urgency=medium . * New upstream stable release. - CVE-2020-6457: Use after free in speech recognizer. Reported by Leecraso and Guang Gong - CVE-2020-6458: Out of bounds read and write in PDFium. Reported by Aleksandar Nikolic - CVE-2020-6459: Use after free in payments. Reported by Zhe Jin - CVE-2020-6460: Insufficient data validation in URL formatting. Reported by Anonymous - CVE-2020-6461: Use after free in storage. Reported by Zhe Jin - CVE-2020-6462: Use after free in task scheduling. Reported by Zhe Jin - CVE-2020-6463: Use after free in ANGLE. Reported by Pawel Wylecial - CVE-2020-6464: Type Confusion in Blink. Reported by Looben Yang - CVE-2020-6465: Use after free in reader mode. Reported by Woojin Oh - CVE-2020-6466: Use after free in media. Reported by Zhe Jin - CVE-2020-6467: Use after free in WebRTC. Reported by ZhanJia Song - CVE-2020-6468: Type Confusion in V8. Reported by Chris Salls and Jake Corina - CVE-2020-6469: Insufficient policy enforcement in developer tools. Reported by David Erceg - CVE-2020-6470: Insufficient validation of untrusted input in clipboard. Reported by MichaÅ‚ Bentkowski - CVE-2020-6471: Insufficient policy enforcement in developer tools. Reported by David Erceg - CVE-2020-6472: Insufficient policy enforcement in developer tools. Reported by David Erceg - CVE-2020-6473: Insufficient policy enforcement in Blink. Reported by Soroush Karami and Panagiotis Ilia - CVE-2020-6474: Use after free in Blink. Reported by Zhe Jin - CVE-2020-6475: Incorrect security UI in full screen. Reported by Khalil Zhani - CVE-2020-6476: Insufficient policy enforcement in tab strip. Reported by Alexandre Le Borgne - CVE-2020-6478: Inappropriate implementation in full screen. Reported by Khalil Zhani - CVE-2020-6479: Inappropriate implementation in sharing. Reported by Zhong Zhaochen - CVE-2020-6480: Insufficient policy enforcement in enterprise. Reported by Marvin Witt - CVE-2020-6481: Insufficient policy enforcement in URL formatting. Reported by Rayyan Bijoora - CVE-2020-6482: Insufficient policy enforcement in developer tools. Reported by Abdulrahman Alqabandi - CVE-2020-6483: Insufficient policy enforcement in payments. Reported by Jun Kokatsu - CVE-2020-6484: Insufficient data validation in ChromeDriver. Reported by Artem Zinenko - CVE-2020-6485: Insufficient data validation in media router. Reported by Sergei Glazunov - CVE-2020-6486: Insufficient policy enforcement in navigations. Reported by David Erceg - CVE-2020-6487: Insufficient policy enforcement in downloads. Reported by Jun Kokatsu - CVE-2020-6488: Insufficient policy enforcement in downloads. Reported by David Erceg - CVE-2020-6489: Inappropriate implementation in developer tools. Reported by @lovasoa - CVE-2020-6490: Insufficient data validation in loader. Reported by Twitter - CVE-2020-6491: Incorrect security UI in site information. Reported by Sultan Haikal - CVE-2020-6831: Stack buffer overflow in SCTP. Reported by Natalie Silvanovich chromium (81.0.4044.92-1) unstable; urgency=medium . * New upstream stable release. - CVE-2020-6423: Use after free in audio. Reported by Anonymous - CVE-2020-6430: Type Confusion in V8. Reported by Avihay Cohen - CVE-2020-6431: Insufficient policy enforcement in full screen. Reported by Luan Herrera - CVE-2020-6432: Insufficient policy enforcement in navigations. Reported by David Erceg - CVE-2020-6433: Insufficient policy enforcement in extensions. Reported by David Erceg - CVE-2020-6434: Use after free in devtools. Reported by HyungSeok Han - CVE-2020-6435: Insufficient policy enforcement in extensions. Reported by Sergei Glazunov - CVE-2020-6436: Use after free in window management. Reported by Igor Bukanov - CVE-2020-6437: Inappropriate implementation in WebView. Reported by Jann Horn - CVE-2020-6438: Insufficient policy enforcement in extensions. Reported by Ng Yik Phang - CVE-2020-6439: Insufficient policy enforcement in navigations. Reported by remkoboonstra - CVE-2020-6440: Inappropriate implementation in extensions. Reported by David Erceg - CVE-2020-6441: Insufficient policy enforcement in omnibox. Reported by David Erceg - CVE-2020-6442: Inappropriate implementation in cache. Reported by B@rMey - CVE-2020-6443: Insufficient data validation in developer tools. Reported by @lovasoa - CVE-2020-6444: Uninitialized use in WebRTC. Reported by mlfbrown - CVE-2020-6445: Insufficient policy enforcement in trusted types. Reported by Jun Kokatsu - CVE-2020-6446: Insufficient policy enforcement in trusted types. Reported by Jun Kokatsu - CVE-2020-6447: Inappropriate implementation in developer tools. Reported by David Erceg - CVE-2020-6448: Use after free in V8. Reported by Guang Gong - CVE-2020-6454: Use after free in extensions. Reported by leecraso and Guang Gong - CVE-2020-6455: Out of bounds read in WebSQL. Reported by Nan Wang and Guang Gong - CVE-2020-6456: Insufficient validation of untrusted input in clipboard. Reported by MichaÅ‚ Bentkowski chromium (81.0.4044.62-1) experimental; urgency=medium . * New upstream beta release. chromium (80.0.3987.162-1) unstable; urgency=medium . * New upstream security release. - CVE-2020-6450: Use after free in WebAudio. Reported by Man Yue Mo - CVE-2020-6451: Use after free in WebAudio. Reported by Man Yue Mo - CVE-2020-6452: Heap buffer overflow in media. Reported by asnine clamav (0.102.4+dfsg-0+deb10u1) buster; urgency=medium . * Import 0.102.4 - CVE-2020-3350 (A malicious user trick clamav into moving a different file). - CVE-2020-3327 (A vulnerability in the ARJ archive parsing module). - CVE-2020-3481 (A vulnerability in the EGG archive module). * Update symbol file. clamav (0.102.3+dfsg-1) unstable; urgency=medium . * Import 0.102.3 - CVE-2020-3327 (A vulnerability in the ARJ archive parsing module) - CVE-2020-3341 (A vulnerability in the PDF parsing module) * Update symbol file. clamav (0.102.3+dfsg-0+deb10u1) buster; urgency=medium . [ Sebastian Andrzej Siewior ] * Import 0.102.3 - CVE-2020-3327 (A vulnerability in the ARJ archive parsing module) - CVE-2020-3341 (A vulnerability in the PDF parsing module) * Update symbol file. . [ Scott Kitterman ] * Add Suggests for unversioned libclamunrar package on clamav-daemon and clamav binaries clamav (0.102.3+dfsg-0~deb9u1) stretch; urgency=medium . [ Sebastian Andrzej Siewior ] * Import 0.102.3 - CVE-2020-3327 (A vulnerability in the ARJ archive parsing module) - CVE-2020-3341 (A vulnerability in the PDF parsing module) * Update symbol file. . [ Scott Kitterman ] * Add Suggests for unversioned libclamunrar package on clamav-daemon and clamav binaries clamav (0.102.2+dfsg-2) unstable; urgency=medium . * Add a patch to let freshclam consider CURL_CA_BUNDLE environment variable to set the CA bundle (like curl does) (Closes: #951057). * Recommend ca-certificates, new freshclash uses https by default. * Bump standards-version to 4.5.0 without further change * Use dh-compat level 12. clamav (0.102.2+dfsg-1) unstable; urgency=medium . * Import 0.102.2 - CVE-2020-3123 (DoS may occur in the optional DLP feature) (Closes: 950944). * Update symbol file. * Set ReceiveTimeout to 0 which is upstream default. cloud-init (20.2-2~deb10u1) buster; urgency=medium . * Release for buster. No further changes. . cloud-init (20.2-2) unstable; urgency=medium . * Add missing Build-Dep on python3-pytest . cloud-init (20.2-1) unstable; urgency=medium . * New upstream version * Drop patches that have been merged upstream * Switch to pytest for running tests, per upstream change . cloud-init (20.1-2) unstable; urgency=medium . * Fix python 3.8 incompatibility (Closes: #954276) * Cherry-pick fa1abfec2705 (ec2: only redact token request headers in logs, avoid altering request) from upstream. (Closes: #954363) * Cherry-pick 1f860e5ac7eb (ec2: Do not fallback to IMDSv1 on EC2) from upstream. . cloud-init (20.1-1) unstable; urgency=medium . * New upstream release * Remove patches applied upstream: - CVE-2020-8631.patch - CVE-2020-8632.patch * Refresh patches: - 0009-Drop-all-unused-extended-version-handling.patch * Reduce cloud-guest-utils from Depends to Recommends * Bump standards version to 4.5.0 (no changes needed) * Remove Charles Plessy <plessy@debian.org> from uploaders, as he is no longer active in the cloud team. . cloud-init (19.4-2) unstable; urgency=medium . * Import upstream fix for CVE-2020-8632. rand_user_password generates passwords of insufficient length. (Closes: #951363) * Import upstream fix for CVE-2020-8631. Cloud-init uses an insufficient source of randomness when generating passwords. (Closes: #951362) . cloud-init (19.4-1) unstable; urgency=medium . * New upstream release. * Update debian/copyright to note dual-dual license status (Closes: #866613) . cloud-init (19.3-2) unstable; urgency=medium . * Build-depends on python3-pep8 instead of just pep8 (Closes: #949940). . cloud-init (19.3-1) unstable; urgency=medium . * New upstream release. . cloud-init (19.2-4) unstable; urgency=medium . * Removed the last bit of Python2 build-depends (Closes: #942968). . cloud-init (19.2-3) unstable; urgency=medium . * Remove the patch for sources.list, and activate the option to preserve the sources.list by default (ie: apt_preserve_sources_list: true). . cloud-init (19.2-2) unstable; urgency=medium . * Comment out backports by default in apt/sources.list. * Standards-Version bump to 4.4.1. . cloud-init (19.2-1) unstable; urgency=medium . * New upstream release. (Closes: #931173, #936030) * Drop 0008-opennebula-also-exclude-epochseconds-from-changed-en.patch applied upstream. * Drop CVE-2019-0816_Filter_list_of_ssh_keys_pulled_from_fabric.patch also applied upstream. * Rebased patches: - 0009-Drop-all-unused-extended-version-handling.patch - 0012-Fix-message-when-a-local-is-missing.patch cloud-init (20.2-2~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. cloud-init (20.2-1) unstable; urgency=medium . * New upstream version * Drop patches that have been merged upstream * Switch to pytest for running tests, per upstream change cloud-init (20.1-2) unstable; urgency=medium . * Fix python 3.8 incompatibility (Closes: #954276) * Cherry-pick fa1abfec2705 (ec2: only redact token request headers in logs, avoid altering request) from upstream. (Closes: #954363) * Cherry-pick 1f860e5ac7eb (ec2: Do not fallback to IMDSv1 on EC2) from upstream. cloud-init (20.1-1) unstable; urgency=medium . * New upstream release * Remove patches applied upstream: - CVE-2020-8631.patch - CVE-2020-8632.patch * Refresh patches: - 0009-Drop-all-unused-extended-version-handling.patch * Reduce cloud-guest-utils from Depends to Recommends * Bump standards version to 4.5.0 (no changes needed) * Remove Charles Plessy <plessy@debian.org> from uploaders, as he is no longer active in the cloud team. cloud-init (19.4-2) unstable; urgency=medium . * Import upstream fix for CVE-2020-8632. rand_user_password generates passwords of insufficient length. (Closes: #951363) * Import upstream fix for CVE-2020-8631. Cloud-init uses an insufficient source of randomness when generating passwords. (Closes: #951362) cloud-init (19.4-1) unstable; urgency=medium . * New upstream release. * Update debian/copyright to note dual-dual license status (Closes: #866613) cloud-init (19.3-2) unstable; urgency=medium . * Build-depends on python3-pep8 instead of just pep8 (Closes: #949940). cloud-init (19.3-1) unstable; urgency=medium . * New upstream release. cloud-init (19.2-4) unstable; urgency=medium . * Removed the last bit of Python2 build-depends (Closes: #942968). cloud-init (19.2-3) unstable; urgency=medium . * Remove the patch for sources.list, and activate the option to preserve the sources.list by default (ie: apt_preserve_sources_list: true). cloud-init (19.2-2) unstable; urgency=medium . * Comment out backports by default in apt/sources.list. * Standards-Version bump to 4.4.1. cloud-init (19.2-1) unstable; urgency=medium . * New upstream release. * Drop 0008-opennebula-also-exclude-epochseconds-from-changed-en.patch applied upstream. * Drop CVE-2019-0816_Filter_list_of_ssh_keys_pulled_from_fabric.patch also applied upstream. * Rebased patches: - 0009-Drop-all-unused-extended-version-handling.patch - 0012-Fix-message-when-a-local-is-missing.patch commons-configuration2 (2.2-1+deb10u1) buster; urgency=medium . * CVE-2020-1953 (Closes: #954713) confget (2.2.0-4+deb10u1) buster; urgency=medium . * Fix the Python module's handling of values containing "=": - add the test-ini-eq patch to add a test for such values - add the python-value-eq patch to fix the problem - Closes: #959887 coturn (4.5.1.1-1.1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * specially crafted HTTP POST request can lead to heap overflow which can result in information leak (CVE-2020-6061) (Closes: #951876) * specially crafted HTTP POST request can lead to server crash and denial of service (CVE-2020-6062) (Closes: #951876) * init with zero any new or reused stun buffers (CVE-2020-4067) dbus (1.12.20-0+deb10u1) buster; urgency=medium . * New upstream stable release - CVE-2020-12049: Prevent a denial of service attack in which a local user can make the system dbus-daemon run out of file descriptors - Prevent use-after-free if two usernames share a uid - d/p/dbus-daemon-test-Don-t-test-fd-limits-if-in-an-unprivileg.patch: Drop patch, applied upstream. * d/gbp.conf: Configure for debian/buster dbus (1.12.18-1) unstable; urgency=medium . [ Simon McVittie ] * New upstream stable release - CVE-2020-12049: Prevent a denial of service attack in which a local user can make the system dbus-daemon run out of file descriptors - d/p/dbus-daemon-test-Don-t-test-fd-limits-if-in-an-unprivileg.patch: Drop patch, applied upstream. * Switch to debhelper-compat 12 - Don't restart systemd units on upgrade. Previously, this was handled by the dh_installinit override. - Add ${misc:Pre-Depends} to all binary packages. This is required for dbus for dh_installsystemd under dh compat level 12, and is harmless for the others. * dbus: Remove an unused Lintian override. Lintian used to warn twice for the statically-enabled dbus.service unit, but now only warns once. * dbus-tests: Silence package-contains-documentation-outside-usr-share-doc Lintian tag. The tests contain some READMEs that describe what is in their directory. * d/tests: Remove compatibility with deprecated ADTTMP. autopkgtest has supported AUTOPKGTEST_TMP long enough to use it unconditionally. * Introduce noinsttest build profile. This disables dbus-tests, and when combined with nocheck it disables the circular GLib dependency. * Remove non-standard pkg.dbus.minimal build profile. It was not a "safe" build profile (it altered the contents of binary packages, notably dropping LSM and systemd support, which could result in dependent packages being broken), and the combination of nocheck, nodoc and noinsttest achieves most of the same build-dependency reductions. * Explicitly build-depend on pkg-config. Previously, this was pulled in by libglib2.0-dev. (Closes: #945201) * d/upstream/metadata: Distinguish between Bug-Submit and Bug-Database * Change system bus socket to /run/dbus/system_bus_socket. The interoperable cross-distro path is /var/run/dbus/system_bus_socket, so this remains the upstream default for the benefit of distributions where /var/run and /run are (problematically) not guaranteed to be equivalent. However, Debian Policy since at least v4.1.5 guarantees that /var/run is a symlink to /run, and this has been implemented for several stable releases (since at least initscripts 2.88dsf-29 in 2012, in the sysvinit case), so it is harmless to prefer the path in /run, which has advantages in a few corner cases (ability to unmount /var is the main one) and avoids warnings from systemd. (Closes: #783321, #857678, #932105, #958289) * Standards-Version: 4.5.0 - Note that the user for `dbus-daemon --system` is still named 'messagebus' for historical reasons. If it was added today, we'd call it _dbus as per Policy §9.2.1, but this is not the right package to be experimenting with renaming system users. * d/dbus-udeb.postinst: Remove #DEBHELPER# token. debhelper doesn't actually substitute this in udebs, making it just an ordinary comment. . [ Debian Janitor ] * Remove trailing whitespace in d/changelog. * Use secure URI in Homepage field. * Re-export upstream signing key without extra signatures. * Set upstream metadata fields: Bug-Submit (from ./configure), Repository, Repository-Browse. dbus (1.12.16-2) unstable; urgency=medium . * Add bug number to previous changelog entry * Standards-Version: 4.4.1 (no changes required) - Note that dbus-user-session still has its previous dependencies, and has deliberately not been switched to the new default-logind virtual package. dbus-user-session relies on systemd --user: it is not enough to have systemd-logind or a compatible replacement like elogind. * d/dbus.init: Work around #940971 in libnss-systemd. If we are booting with a non-systemd init but libnss-systemd is still installed, tell libnss-systemd not to try to connect to dbus-daemon, which is never going to work well from inside dbus-daemon. * dbus.postinst: Append dbus to /run/reboot-required.pkgs on upgrade (Closes: #867263) debian-edu-config (2.10.65+deb10u6) buster; urgency=medium . [ Wolfgang Schweer ] * Fix loss of dynamically allocated v4 IP address. (Closes: #966129) - Drop etc/network/if-up.d/wpad-proxy-update. This script fails to work due to changed behaviour of the ifupdown/dhclient/systemd combination and now also causes the loss of a dynamically allocated ipv4 IP address about 30 minutes after booting. - Add code to d/debian-edu-config.postinstall to implement the intended proxy setting update after a WPAD change just after rebooting the system. (It would otherwise happen at first DHCP lease renewal ~15 minutes later.) - Adjust Makefile and debian/dirs. debian-installer (20190702+deb10u5) buster; urgency=medium . * Bump Linux ABI to 4.19.0-10. debian-installer-netboot-images (20190702+deb10u5) buster; urgency=medium . * Update to 20190702+deb10u5, from buster-proposed-updates. debian-ports-archive-keyring (2019.11.05~deb10u1) buster; urgency=medium . * Upload to buster. Closes: #952655. debian-security-support (2020.06.21~deb10u1) buster; urgency=medium . * Rebuild for buster. . debian-security-support (2020.06.21) unstable; urgency=medium . [ Mike Gabriel ] * Add cinder (OpenStack component) to security-support-ended.deb8. . debian-security-support (2020.06.11) unstable; urgency=medium . * Also add unbound to security-support-ended.deb8 - see DSA 4694-1 and https://lists.debian.org/debian-lts/2020/06/msg00024.html and follow-ups. . debian-security-support (2020.06.09) unstable; urgency=medium . [ Salvatore Bonaccorso ] * Add unbound to security-support-ended.deb9 (see DSA 4694-1). . debian-security-support (2020.05.22) unstable; urgency=medium . * Add pdns-recursor to security-support-ended.deb9 as explained in DSA-4691-1. . debian-security-support (2020.05.08) unstable; urgency=medium . [ Chris Lamb ] * Mark OpenStack packages as being unsupported in LTS; "jessie lost support from upstream just a few weeks after the release." debian-security-support (2020.06.21~deb9u1) stretch; urgency=medium . * This update for stretch only contains changes to the files security-support-limited and security-support-ended.deb(8|9|10) from version 2020.06.21 from unstable, the changes in detail are: - from 2020.06.21: * Add cinder (OpenStack component) to security-support-ended.deb8. - from 2020.06.11: * Also add unbound to security-support-ended.deb8 - see DSA 4694-1 and https://lists.debian.org/debian-lts/2020/06/msg00024.html and follow-ups. - from 2020.06.09: * Add unbound to security-support-ended.deb9 (see DSA 4694-1). - from 2020.05.22: * Add pdns-recursor to security-support-ended.deb9 as explained in DSA-4691-1. - from 2020.05.08: * Mark OpenStack packages as being unsupported in LTS; "jessie lost support from upstream just a few weeks after the release." - from 2020.04.16: * Add tor to security-support-ended.deb8 as well, see DSA 4644-1. * Add libperlspeak-perl to security-support-ended.deb(8|9|10), because of CVE-2020-10674 (#954238), also see #954297, #954298 and #954299. - from 2020.03.22: * Add tor to security-support-ended.deb9, see DSA 4644-1. - from 2020.03.15: * security-support-limited/zoneminder: declare limited support behind an authenticated HTTP zone (see #922724). - from 2020.03.05: * Add xen to security-support-ended.deb8. - from 2020.02.21: * Add nodejs to security-support-ended.deb8 and .deb9. - from 2020.01.21: * Add nethack to security-support-ended.deb8. * Mark xen as end-of-life for Stretch (DSA 4602-1). debian-security-support (2020.06.11) unstable; urgency=medium . * Also add unbound to security-support-ended.deb8 - see DSA 4694-1 and https://lists.debian.org/debian-lts/2020/06/msg00024.html and follow-ups. debian-security-support (2020.06.09) unstable; urgency=medium . [ Salvatore Bonaccorso ] * Add unbound to security-support-ended.deb9 (see DSA 4694-1). debian-security-support (2020.05.22) unstable; urgency=medium . * Add pdns-recursor to security-support-ended.deb9 as explained in DSA-4691-1. debian-security-support (2020.05.08) unstable; urgency=medium . [ Chris Lamb ] * Mark OpenStack packages as being unsupported in LTS; "jessie lost support from upstream just a few weeks after the release." debian-security-support (2020.04.16) unstable; urgency=medium . * Add tor to security-support-ended.deb8 as well, see DSA 4644-1. * Add libperlspeak-perl to security-support-ended.deb(8|9|10), because of CVE-2020-10674 (#954238), also see #954297, #954298 and #954299. docker.io (18.09.1+dfsg1-7.1+deb10u2) buster-security; urgency=medium . * Add upstream patch for CVE-2020-13401 (Closes: #962141) dovecot (1:2.3.4.1-5+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Apply upstream fixes for CVE-2020-10957, CVE-2020-10958 and CVE-2020-10967 (Closes: #960963) - lib-smtp: smtp-server-cmd-vrfy - Restructure parameter parsing. - lib-smtp: smtp-syntax - Do not allow NULL return parameters for smtp_string_parse(). - lib-smtp: smtp-syntax - Do not allow NULL return parameters for smtp_xtext_parse(). - lib-smtp: syntax: Fix smtp_ehlo_line_parse() to also record the last parameter. - lib-smtp: smtp-syntax - Do not allow NULL return parameters for smtp_ehlo_line_parse(). - lib-smtp: smtp-syntax - Return 0 for smtp_string_parse() with empty input. - lib-smtp: Add tests for smtp_string_parse() and smtp_string_write(). - lib-smtp: test-smtp-server-errors - Add tests for VRFY and NOOP commands with invalid parameters. - lib-smtp: server: command: Move core of smtp_server_command_submit_reply() into a separate function. - lib-smtp: smtp-server-command - Assign cmd->reg immediately. - lib-smtp: smtp-server-command - Guarantee that non-destroy hooks aren't called for an ended command. - lib-smtp: smtp-server-command - Perform initial command execution in separate function. - lib-smtp: smtp-server-connection - Hold a command reference while executing a command. - lib-smtp: test-smtp-server-errors - Add tests for large series of empty and bad commands. - lib-smtp: smtp-address - Don't return NULL from smtp_address_clone*() unless the input is NULL. - lib-smtp: smtp-address - Don't recognize an address with empty localpart as <>. - lmtp: lmtp-commands - Explicity prohibit empty RCPT path. dpdk (18.11.8-1~deb10u1) buster; urgency=medium . * New upstream version 18.11.8; For a list of changes see http://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html * Drop CVE patches, merged upstream * Drop 0008-Revert-common-octeontx-add-missing-public-symbol.patch, merged upstream * Refresh 0004-build-bump-minimum-Meson-version-to-0.47.1.patch for 18.11.8 * Add missing symbol from mapfile in librte-cfgfile . dpdk (18.11.6-1~deb10u2) buster-security; urgency=high . * Backport patches to fix CVE-2020-10722, CVE-2020-10723, CVE-2020-10724 which affect the vhost driver. dpdk (18.11.6-1) unstable; urgency=medium . [ Luca Boccassi ] * New upstream version 18.11.6; For a list of changes see http://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html * Drop avoid-as-needed-as-it-causes-overlinking.patch, merged upstream. * Refresh remaining patches to remove fuzz from 18.11.6. * Add patch to avoid changing stable symbol version, breaking ABI. * Update librte-eal18.11.symbols with new experimental symbol from 18.11.6 . [ Christian Ehrhardt ] * d/*.lintian-overrides: add overrides for a few known but accepted deficiencies . [ Luca Boccassi ] * Use chrpath to strip RPATH from dpdk-test binary * Add missing librte-gro symbols file dpdk (18.11.6-1~deb10u2) buster-security; urgency=high . * Backport patches to fix CVE-2020-10722, CVE-2020-10723, CVE-2020-10724 which affect the vhost driver. evolution-data-server (3.30.5-1+deb10u1) buster-security; urgency=medium . * CVE-2020-14928: Response Injection via STARTTLS in SMTP and POP3. exim4 (4.92-8+deb10u4) buster-security; urgency=high . * Fix authentication bypass in SPA authenticator due to out-of-bound buffer read. https://bugs.exim.org/show_bug.cgi?id=2571 CVE-2020-12783 exiv2 (0.25-4+deb10u1) buster; urgency=medium . * Non-maintainer upload by the Security Team. * Minor adjustment to the patch for CVE-2018-10958 and CVE-2018-10999. The initial patch was overly restrictive in counting PNG image chunks. * CVE-2018-16336: remote denial of service (heap-based buffer over-read) via a crafted image file. fdroidserver (1.1.7-1~deb10u1) buster; urgency=medium . * New upstream release targeted for Debian/buster (Closes: #954070) * Remove "Recommends" test, ci.debian.net do not support binfmt_misc: https://salsa.debian.org/ci-team/debian-ci-config/-/issues/1 fdroidserver (1.1.7-1~deb10u1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. fdroidserver (1.1.6-4) unstable; urgency=medium . * fix running Recommends: test in containers fdroidserver (1.1.6-2) unstable; urgency=medium . * fix autopkgtest: run in VM so binfmt can be properly setup (Closes: #954395) fdroidserver (1.1.6-1) unstable; urgency=medium . * New upstream release targeted for Debian/buster fdroidserver (1.1.6-1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. . fdroidserver (1.1.6-1) unstable; urgency=medium . * New upstream release targeted for Debian/buster . fdroidserver (1.1.4-1) unstable; urgency=medium . * New upstream release targeted for Debian/buster * remove upstreamed patches . fdroidserver (1.1.3-3) unstable; urgency=medium . * conditionally disable tests that can't work with apksigner . fdroidserver (1.1.3-2) unstable; urgency=medium . * fix Recommends test, MD5 test fails with apksigner present . fdroidserver (1.1.3-1) unstable; urgency=medium . * New upstream version 1.1.3 to fix test suite . fdroidserver (1.1.2-1) unstable; urgency=medium . * New upstream version 1.1.2 (Closes: #929905) . fdroidserver (1.1.1-1) unstable; urgency=medium . * New upstream release * Recommends: apksigner to support APK Signature v2 and v3 . fdroidserver (1.1-1) unstable; urgency=medium . * New upstream release . fdroidserver (1.0.10-1) unstable; urgency=medium . * New upstream version . fdroidserver (1.0.9-1) unstable; urgency=medium . * New upstream version . fdroidserver (1.0.8-3) unstable; urgency=medium . * hack to get autopkgtest to skip failing gpg test . fdroidserver (1.0.8-2) unstable; urgency=medium . * autopkgtest: explicitly purge gnupg so tests pass . fdroidserver (1.0.8-1) unstable; urgency=medium . * New upstream version * remove python3-distutils, it is no longer needed . fdroidserver (1.0.7-2) unstable; urgency=medium . * Depends: python3-distutils so its always there . fdroidserver (1.0.7-1) unstable; urgency=medium . * New upstream release * fix autopkgtest . fdroidserver (1.0.6-1) unstable; urgency=medium . * New upstream release . fdroidserver (1.0.4-3) unstable; urgency=medium . * fix autopkgtest run: working dir, and UTF-8 environment . fdroidserver (1.0.4-2) unstable; urgency=medium . * run upstream testsuite using autopkgtest . fdroidserver (1.0.4-1) unstable; urgency=medium . * New upstream version 1.0.4 * Standards-Version: 4.1.4 no changes * support all the Java 10 and 11 packages * works with only androguard, removed optional deps * add debian/upstream/metadata file * Depends: androguard only on arches where it works . fdroidserver (1.0.3-2) unstable; urgency=medium . * only depend on aapt/androguard/zipalign on arches where available . fdroidserver (1.0.3-1) unstable; urgency=medium . * New upstream version * tighten up Depends to install fewer packages . fdroidserver (1.0.2-1) unstable; urgency=medium . * New upstream version . fdroidserver (1.0.0-1) unstable; urgency=medium . * New upstream version 1.0.0 . fdroidserver (0.9.1-1) unstable; urgency=medium . * New upstream release . fdroidserver (0.8-1) unstable; urgency=medium . * New upstream release fdroidserver (1.1.4-1) unstable; urgency=medium . * New upstream release targeted for Debian/buster * remove upstreamed patches ffmpeg (7:4.1.6-1~deb10u1) buster-security; urgency=medium . * New upstream release ffmpeg (7:4.1.4-1) unstable; urgency=medium . [ James Cowgill ] * New upstream release. (LP: #1837480) - avformat/aadec: Check for scanf() failure (CVE-2019-12730) (Closes: #932469) . * d/copyright: Remove paragraph containing license files. * d/control: Bump standards version to 4.4.0. * d/ffmpeg-doc.doc-base*: - Move API docs to Programming/C section. - Index the main manual pages as well. Thanks to ç©ä¸¹å°¼ Dan Jacobson for the suggestion. (Closes: #924528) * d/rules: - Disable crystalhd. (Closes: #917292) - Generate index.html file for the HTML manual pages. . [ OndÅ™ej Nový ] * d/control: - Use debhelper-compat instead of debian/compat. file-roller (3.30.1-2+deb10u1) buster; urgency=medium . * CVE-2020-11736 (Closes: #956638) firefox-esr (68.10.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release * Fixes for mfsa2020-25, also known as: CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421. firefox-esr (68.10.0esr-1~deb9u1) stretch-security; urgency=medium . * New upstream release * Fixes for mfsa2020-25, also known as: CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421. firefox-esr (68.9.0esr-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-21, also known as: CVE-2020-12399, CVE-2020-12405, CVE-2020-12406, CVE-2020-12410. . * debian/rules: Force using old PKCS11 API when building against newer NSS releases. Closes: #961762. * debian/control*: Bump nss build dependencies. firefox-esr (68.9.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release * Fixes for mfsa2020-21, also known as: CVE-2020-12399, CVE-2020-12405, CVE-2020-12406, CVE-2020-12410. . * debian/rules: Force using old PKCS11 API when building against newer NSS releases. Closes: #961762. * debian/control*: Bump nss build dependencies. firefox-esr (68.9.0esr-1~deb9u1) stretch-security; urgency=medium . * New upstream release * Fixes for mfsa2020-21, also known as: CVE-2020-12399, CVE-2020-12405, CVE-2020-12406, CVE-2020-12410. . * debian/rules: Force using old PKCS11 API when building against newer NSS releases. Closes: #961762. * debian/control*: Bump nss build dependencies. firefox-esr (68.8.0esr-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-17, also known as: CVE-2020-12387, CVE-2020-6831, CVE-2020-12392, CVE-2020-12395. firefox-esr (68.8.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release * Fixes for mfsa2020-17, also known as: CVE-2020-12387, CVE-2020-6831, CVE-2020-12392, CVE-2020-12395. firefox-esr (68.8.0esr-1~deb9u1) stretch-security; urgency=medium . * New upstream release * Fixes for mfsa2020-17, also known as: CVE-2020-12387, CVE-2020-6831, CVE-2020-12392, CVE-2020-12395. firefox-esr (68.7.0esr-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-13, also known as: CVE-2020-6821, CVE-2020-6822, CVE-2020-6825. freerdp2 (2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2) buster; urgency=medium . [ Bernhard Miklautz ] * debian/patches - security releated backports from upstream * Add 0003-Fixed-6007-Boundary-checks-in-rdp_read_flow_control.patch * Add 0004-Fixed-6009-Bounds-checks-in-autodetect_recv_bandwidt.patch * Add 0005-Fixed-6006-bounds-checks-in-update_read_synchronize.patch * Add 0006-Fixed-6005-Bounds-checks-in-update_read_bitmap_data.patch * Add 0007-Fixed-6011-Bounds-check-in-rdp_read_font_capability.patch * Add 0008-Fixed-6013-Check-new-length-is-0.patch * Add 0009-Fix-6010-Check-length-in-read_icon_info.patch * Add 0010-Use-substreams-to-parse-gcc_read_server_data_blocks.patch * Add 0011-Fixed-Stream_-macros-bracing-arguments.patch * Add 0012-Use-safe-seek-for-capability-parsing.patch * Add 0013-Fixed-CVE-2020-11525-Out-of-bounds-read-in-bitmap_ca.patch (CVE-2020-11525). * Add 0014-Fixed-6012-CVE-2020-11526-Out-of-bounds-read-in-upda.patch (CVE-2020-11526). * Add 0015-Fix-CVE-2020-11523-clamp-invalid-rectangles-to-size-.patch (CVE-2020-11523). * Add 0016-Fix-CVE-2020-11524-out-of-bounds-access-in-interleav.patch (CVE-2020-11524). * Add 0017-Fixed-CVE-2020-11522-Limit-number-of-DELTA_RECT-to-4.patch (CVE-2020-11522). * Add 0018-Fixed-CVE-2020-11521-Out-of-bounds-write-in-planar-c.patch (CVE-2020-11521). * Add 0019-Fixed-possible-NULL-access.patch * Add 0020-Check-for-int-overflow-in-gdi_InvalidateRegion.patch . [ Mike Gabriel ] * debian/patches: + Add 0002_fix-channels-smartcard-fix-statusw-call.patch. Fix smartcard login failures. (Closes: #919281). fwupd (1.2.13-2) buster; urgency=medium . * No-change upload to pick up rotated Debian signing keys fwupd (1.2.13-1) stable; urgency=medium . * Update to 1.2.13 stable release. - Fixes issues on stable release (Closes: #961490) - Fixes vendor id hard requirement (Closes: #946623) - Fixes CVE-2020-10759 (Closes: #962517) * Add patch to revert new libxmlb requirement to allow working with libxmlb available in Buster. * debian/* changes backported from testing: - Refresh symbols - Install fwupdoffline binary - Install fwupd shutdown systemd unit - Refresh dependencies for modem manager plugin - Update copyright for new new contributors - Update watch file for correct upstream URL. fwupd (1.2.10-2) unstable; urgency=medium . [ Steve McIntyre ] * Add Built-Using for the fwupd-*-signed packages. Closes: #932757 fwupd (1.2.10-1) unstable; urgency=medium . * New upstream version (1.2.10) fwupd (1.2.9-1) unstable; urgency=medium . * New upstream version (1.2.9) fwupd (1.2.6-1) unstable; urgency=medium . * New upstream version (1.2.6) * debian/control: - Add new build depends related to Modem Manager fwupd-amd64-signed (1.2.13+2) buster; urgency=medium . * Update to fwupd version 1.2.13-2 fwupd-amd64-signed (1.2.13+1) stable; urgency=medium . * Update to fwupd version 1.2.13-1 fwupd-amd64-signed (1.2.10+2) unstable; urgency=medium . * Update to fwupd version 1.2.10-2 fwupd-amd64-signed (1.2.10+1) unstable; urgency=medium . * Update to fwupd version 1.2.10-1 fwupd-amd64-signed (1.2.9+1) unstable; urgency=medium . * Update to fwupd version 1.2.9-1 fwupd-amd64-signed (1.2.6+1) unstable; urgency=medium . * Update to fwupd version 1.2.6-1 fwupd-arm64-signed (1.2.13+2) buster; urgency=medium . * Update to fwupd version 1.2.13-2 fwupd-arm64-signed (1.2.13+1) stable; urgency=medium . * Update to fwupd version 1.2.13-1 fwupd-arm64-signed (1.2.10+2) unstable; urgency=medium . * Update to fwupd version 1.2.10-2 fwupd-arm64-signed (1.2.10+1) unstable; urgency=medium . * Update to fwupd version 1.2.10-1 fwupd-arm64-signed (1.2.9+1) unstable; urgency=medium . * Update to fwupd version 1.2.9-1 fwupd-arm64-signed (1.2.6+1) unstable; urgency=medium . * Update to fwupd version 1.2.6-1 fwupd-armhf-signed (1.2.13+2) buster; urgency=medium . * Update to fwupd version 1.2.13-2 fwupd-armhf-signed (1.2.13+1) stable; urgency=medium . * Update to fwupd version 1.2.13-1 fwupd-armhf-signed (1.2.10+2) unstable; urgency=medium . * Update to fwupd version 1.2.10-2 fwupd-armhf-signed (1.2.10+1) unstable; urgency=medium . * Update to fwupd version 1.2.10-1 fwupd-armhf-signed (1.2.9+1) unstable; urgency=medium . * Update to fwupd version 1.2.9-1 fwupd-armhf-signed (1.2.6+1) unstable; urgency=medium . * Update to fwupd version 1.2.6-1 fwupd-i386-signed (1.2.13+2) buster; urgency=medium . * Update to fwupd version 1.2.13-2 fwupd-i386-signed (1.2.13+1) stable; urgency=medium . * Update to fwupd version 1.2.13-1 fwupd-i386-signed (1.2.10+2) unstable; urgency=medium . * Update to fwupd version 1.2.10-2 fwupd-i386-signed (1.2.10+1) unstable; urgency=medium . * Update to fwupd version 1.2.10-1 fwupd-i386-signed (1.2.9+1) unstable; urgency=medium . * Update to fwupd version 1.2.9-1 fwupd-i386-signed (1.2.6+1) unstable; urgency=medium . * Update to fwupd version 1.2.6-1 fwupdate (12-4+deb10u1) buster; urgency=medium fwupdate-amd64-signed (12+4+deb10u1) buster; urgency=medium . * Update to fwupdate version 12-4+deb10u1 fwupdate-arm64-signed (12+4+deb10u1) buster; urgency=medium . * Update to fwupdate version 12-4+deb10u1 fwupdate-armhf-signed (12+4+deb10u1) buster; urgency=medium . * Update to fwupdate version 12-4+deb10u1 fwupdate-i386-signed (12+4+deb10u1) buster; urgency=medium . * Update to fwupdate version 12-4+deb10u1 gist (5.0.0-2+deb10u1) buster; urgency=medium . * Avoid deprecated authorization API (Closes: #964544) glib-networking (2.58.0-2+deb10u2) buster; urgency=medium . * Break balsa older than 2.5.6-2+deb10u1 as the fix for CVE-2020-13645 breaks balsa's certificate verification (see #961792). glib-networking (2.58.0-2+deb10u1) buster; urgency=medium . * Team upload * d/p/Return-bad-identity-error-if-identity-is-unset.patch: Backport fix for CVE-2020-13645 from upstream (Closes: #961756) gnutls28 (3.6.7-4+deb10u5) buster; urgency=medium . * 42_rel3.6.11_10-session-tickets-parse-extension-during-session-resum.patch from GNUTLS 3.6.11: Fix TL1.2 resumption errors. Closes: #956649 * 47_rel3.6.13_10-session_pack-fix-leak-in-error-path.patch from GNUTLS 3.6.14: One line fix for memory leak. Closes: #958704 * Rename 44_rel3.6.14_01-stek-differentiate-initial-state-from-valid-time-win.patch (security upload) to 44_rel3.6.14_90_... to be able to pull earlier fixes from 3.6.14 and have correct patch filename order. * 44_rel3.6.14_10-Update-session_ticket.c-to-add-support-for-zero-leng.patch from GnuTLS 3.6.14: Handle zero length session tickets, fixing connection errors on TLS1.2 sessions to some big hosting providers. (See LP 1876286) * 44_rel3.6.14_15-_gnutls_pkcs11_verify_crt_status-check-validity-agai.patch 44_rel3.6.14_16-x509-trigger-fallback-verification-path-when-cert-is.patch 44_rel3.6.14_17-tests-add-test-case-for-certificate-chain-supersedin.patch backported from GnuTLS 3.6.14: Fix verification error with alternate chains. Closes: #961889 gnutls28 (3.6.7-4+deb10u4) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * GNUTLS-SA-2020-06-03: Flaw in TLS session ticket key construction (CVE-2020-13777) (Closes: #962289) graphicsmagick (1.4+really1.3.35-1~deb10u1) buster-security; urgency=high . * Security backport for Buster. * Relax Standards-Version to 4.3.0 . . graphicsmagick (1.4+really1.3.35-1) unstable; urgency=high . * New upstream release, fixing the following security issues among others: - ReadSVGImage(): Fix dereference of NULL pointer when stopping image timer, - DrawImage(): Fix integer-overflow in DrawPolygonPrimitive() . * Update library symbols for this release. . [ Nicolas Boulenguez <nicolas@debian.org> ] * mime: improve formatting. * mime: adjust priority for all images (closes: #951758). . graphicsmagick (1.4+really1.3.34+hg16230-1) unstable; urgency=medium . * Mercurial snapshot, fixing the following security issues: - WritePICTImage(): Eliminating small buffer overrun when run-length encoding pixels, - WriteOneJNGImage(): Detect when JPEG encoder has failed, and throw exception, - DecodeImage(): Fix heap buffer over-reads, - DecodeImage(): Allocate extra scanline memory to allow small RLE overrun. * Update library symbols for this release. * Update Standards-Version to 4.5.0 . . graphicsmagick (1.4+really1.3.34+hg16181-1) unstable; urgency=medium . * Mercurial snapshot, fixing the following security issue: - WritePCXImage(): Fix heap overflow in PCX writer when bytes per line value overflows its 16-bit storage unit. * Fix definition of ResourceInfinity. . [ Nicolas Boulenguez <nicolas@debian.org> ] * Lower MIME priority for PS/PDF (closes: #935099). . graphicsmagick (1.4+really1.3.34-2) unstable; urgency=medium . * Still use glibc malloc allocator. . graphicsmagick (1.4+really1.3.34-1) unstable; urgency=high . * New upstream release, fixing the following security issues among others: - PNMInteger(): Place a generous arbitrary limit on the amount of PNM comment text to avoid DoS opportunity, - MagickClearException(): Destroy any existing exception info before re-initializing the exception info or else there will be a memory leak, - HuffmanDecodeImage(): Fix signed overflow on range check which leads to heap overflow, - ReadMNGImage(): Only magnify the image if the requested magnification methods are supported, - GenerateEXIFAttribute(): Add validations to prevent heap buffer overflow, - DrawPatternPath(): Don't leak memory if fill_pattern or stroke_pattern of cloned draw_info are not null, - CVE-2019-19953: PICT: Throw a writer exception if the PICT width limit is exceeded (closes: #947311). * Build with Google Thread-Caching Malloc library. * Update Standards-Version to 4.4.1 . . graphicsmagick (1.4+really1.3.33+hg16117-1) unstable; urgency=high . * Mercurial snapshot, fixing the following security issue: - CVE-2019-16709: ReadDPSImage(): Fix memory leak when OpenBlob() reports failure. . graphicsmagick (1.4+really1.3.33+hg16115-1) unstable; urgency=high . * Mercurial snapshot, fixing the following security issues: - ReadMNGImage(): skip coalescing layers if there is only one layer, - DrawStrokePolygon(): handle case where TraceStrokePolygon() returns NULL, - DrawDashPolygon(): handle case where DrawStrokePolygon() returns MagickFail, - TraceBezier(): detect arithmetic overflow and return errors via normal error path rather than exiting, - ExtractTokensBetweenPushPop(): fix non-terminal parsing loop, - GenerateEXIFAttribute(): check that we are not being directed to read an IFD that we are already parsing and quit in order to avoid a loop, - ReallocColormap(): avoid dereferencing a NULL pointer if image->colormap is NULL, - png_read_raw_profile(): fix validation of raw profile length, - TraceArcPath(): substitute a lineto command when tracing arc is impossible, - GenerateEXIFAttribute(): skip unsupported/invalid format 0. . graphicsmagick (1.4+really1.3.33-1) unstable; urgency=medium . * New upstream release, including many security fixes. . graphicsmagick (1.4+really1.3.32-1) unstable; urgency=high . * New upstream release, fixing the following security issues among others: - DrawImage(): Terminate drawing if DrawCompositeMask() reports failure, - DrawImage(): Detect an error in TracePath() and quit rather than forging on. * Backport security fixes: - ReadTIFFImage(): Fix typo in initialization of 'tile' pointer variable, - WriteDIBImage(): Detect arithmetic overflow of image_size, - WriteBMPImage(): Detect arithmetic overflow of image_size, - WriteBMPImage(): Assure that chromaticity uses double-precision for multiply before casting to unsigned integer. . graphicsmagick (1.4~hg16039-1) unstable; urgency=high . * Mercurial snapshot, fixing the following security issues: - ImportRLEPixels(): Fix heap overflow caused by a typo in the code. Also fix undefined behavior caused by large left shifts of an unsigned char, - ThrowException(), ThrowLoggedException(): Handle the case where some passed character strings refer to existing exception character strings, - PICT: Allocate output buffer used by ExpandBuffer() on DecodeImage() stack, - WritePDFImage(): Allocate working buffer on stack and pass as argument to EscapeParenthesis() to eliminate a thread safety problem, - TranslateTextEx(): Remove support for reading from a file using '@filename' syntax, - DrawImage(): Only support '@filename' syntax to read drawing primitive from a file if we are not already drawing. * Update library symbols for this release. graphicsmagick (1.4+really1.3.34+hg16230-1) unstable; urgency=medium . * Mercurial snapshot, fixing the following security issues: - WritePICTImage(): Eliminating small buffer overrun when run-length encoding pixels, - WriteOneJNGImage(): Detect when JPEG encoder has failed, and throw exception, - DecodeImage(): Fix heap buffer over-reads, - DecodeImage(): Allocate extra scanline memory to allow small RLE overrun. * Update library symbols for this release. * Update Standards-Version to 4.5.0 . graphicsmagick (1.4+really1.3.34+hg16181-1) unstable; urgency=medium . * Mercurial snapshot, fixing the following security issue: - WritePCXImage(): Fix heap overflow in PCX writer when bytes per line value overflows its 16-bit storage unit. * Fix definition of ResourceInfinity. . [ Nicolas Boulenguez <nicolas@debian.org> ] * Lower MIME priority for PS/PDF (closes: #935099). graphicsmagick (1.4+really1.3.34-2) unstable; urgency=medium . * Still use glibc malloc allocator. graphicsmagick (1.4+really1.3.34-1) unstable; urgency=high . * New upstream release, fixing the following security issues among others: - PNMInteger(): Place a generous arbitrary limit on the amount of PNM comment text to avoid DoS opportunity, - MagickClearException(): Destroy any existing exception info before re-initializing the exception info or else there will be a memory leak, - HuffmanDecodeImage(): Fix signed overflow on range check which leads to heap overflow, - ReadMNGImage(): Only magnify the image if the requested magnification methods are supported, - GenerateEXIFAttribute(): Add validations to prevent heap buffer overflow, - DrawPatternPath(): Don't leak memory if fill_pattern or stroke_pattern of cloned draw_info are not null, - CVE-2019-19953: PICT: Throw a writer exception if the PICT width limit is exceeded (closes: #947311). * Build with Google Thread-Caching Malloc library. * Update Standards-Version to 4.4.1 . graphicsmagick (1.4+really1.3.33+hg16117-1) unstable; urgency=high . * Mercurial snapshot, fixing the following security issue: - CVE-2019-16709: ReadDPSImage(): Fix memory leak when OpenBlob() reports failure. graphicsmagick (1.4+really1.3.33+hg16115-1) unstable; urgency=high . * Mercurial snapshot, fixing the following security issues: - ReadMNGImage(): skip coalescing layers if there is only one layer, - DrawStrokePolygon(): handle case where TraceStrokePolygon() returns NULL, - DrawDashPolygon(): handle case where DrawStrokePolygon() returns MagickFail, - TraceBezier(): detect arithmetic overflow and return errors via normal error path rather than exiting, - ExtractTokensBetweenPushPop(): fix non-terminal parsing loop, - GenerateEXIFAttribute(): check that we are not being directed to read an IFD that we are already parsing and quit in order to avoid a loop, - ReallocColormap(): avoid dereferencing a NULL pointer if image->colormap is NULL, - png_read_raw_profile(): fix validation of raw profile length, - TraceArcPath(): substitute a lineto command when tracing arc is impossible, - GenerateEXIFAttribute(): skip unsupported/invalid format 0. graphicsmagick (1.4+really1.3.33-1) unstable; urgency=medium . * New upstream release, including many security fixes. graphicsmagick (1.4+really1.3.32-1) unstable; urgency=high . * New upstream release, fixing the following security issues among others: - DrawImage(): Terminate drawing if DrawCompositeMask() reports failure, - DrawImage(): Detect an error in TracePath() and quit rather than forging on. * Backport security fixes: - ReadTIFFImage(): Fix typo in initialization of 'tile' pointer variable, - WriteDIBImage(): Detect arithmetic overflow of image_size, - WriteBMPImage(): Detect arithmetic overflow of image_size, - WriteBMPImage(): Assure that chromaticity uses double-precision for multiply before casting to unsigned integer. graphicsmagick (1.4~hg16039-1) unstable; urgency=high . * Mercurial snapshot, fixing the following security issues: - ImportRLEPixels(): Fix heap overflow caused by a typo in the code. Also fix undefined behavior caused by large left shifts of an unsigned char, - ThrowException(), ThrowLoggedException(): Handle the case where some passed character strings refer to existing exception character strings, - PICT: Allocate output buffer used by ExpandBuffer() on DecodeImage() stack, - WritePDFImage(): Allocate working buffer on stack and pass as argument to EscapeParenthesis() to eliminate a thread safety problem, - TranslateTextEx(): Remove support for reading from a file using '@filename' syntax, - DrawImage(): Only support '@filename' syntax to read drawing primitive from a file if we are not already drawing. * Update library symbols for this release. grub-efi-amd64-signed (1+2.02+dfsg1+20+deb10u2) buster-security; urgency=high . * Update to grub2 2.02+dfsg1-20+deb10u2 grub-efi-amd64-signed (1+2.02+dfsg1+20+deb10u1) buster-security; urgency=high . * Update to grub2 2.02+dfsg1-20+deb10u1 grub-efi-arm64-signed (1+2.02+dfsg1+20+deb10u2) buster-security; urgency=high . * Update to grub2 2.02+dfsg1-20+deb10u2 grub-efi-arm64-signed (1+2.02+dfsg1+20+deb10u1) buster-security; urgency=high . * Update to grub2 2.02+dfsg1-20+deb10u1 grub-efi-ia32-signed (1+2.02+dfsg1+20+deb10u2) buster-security; urgency=high . * Update to grub2 2.02+dfsg1-20+deb10u2 grub-efi-ia32-signed (1+2.02+dfsg1+20+deb10u1) buster-security; urgency=high . * Update to grub2 2.02+dfsg1-20+deb10u1 grub2 (2.02+dfsg1-20+deb10u2) buster-security; urgency=high . * Fix a regression caused by "efi: fix some malformed device path arithmetic errors" (thanks, Chris Coulson and Steve McIntyre; closes: #966554). grub2 (2.02+dfsg1-20+deb10u1) buster-security; urgency=high . * Backport security patch series from upstream: - CVE-2020-10713: yylex: Make lexer fatal errors actually be fatal - safemath: Add some arithmetic primitives that check for overflow - calloc: Make sure we always have an overflow-checking calloc() available - CVE-2020-14308: calloc: Use calloc() at most places - CVE-2020-14309, CVE-2020-14310, CVE-2020-14311: malloc: Use overflow checking primitives where we do complex allocations - iso9660: Don't leak memory on realloc() failures - font: Do not load more than one NAME section - gfxmenu: Fix double free in load_image() - xnu: Fix double free in grub_xnu_devprop_add_property() - lzma: Make sure we don't dereference past array - term: Fix overflow on user inputs - udf: Fix memory leak - tftp: Do not use priority queue - relocator: Protect grub_relocator_alloc_chunk_addr() input args against integer underflow/overflow - relocator: Protect grub_relocator_alloc_chunk_align() max_addr against integer underflow - script: Remove unused fields from grub_script_function struct - CVE-2020-15706: script: Avoid a use-after-free when redefining a function during execution - relocator: Fix grub_relocator_alloc_chunk_align() top memory allocation - hfsplus: fix two more overflows - lvm: fix two more potential data-dependent alloc overflows - emu: make grub_free(NULL) safe - efi: fix some malformed device path arithmetic errors - update safemath with fallback code for gcc older than 5.1 - efi: Fix use-after-free in halt/reboot path - linux loader: avoid overflow on initrd size calculation - CVE-2020-15707: linux: Fix integer overflows in initrd size handling * Apply overflow checking to allocations in Debian patches: - CVE-2020-15707: efilinux: Fix integer overflows in grub_cmd_initrd - bootp: Fix integer overflow in parse_dhcp6_option - unix/config: Fix integer overflow in grub_util_load_config - deviceiter: Fix integer overflow in grub_util_iterate_devices imagemagick (8:6.9.10.23+dfsg-2.1+deb10u1) buster-security; urgency=medium . * CVE-2019-10649 * CVE-2019-11470 (Closes: #927830) * CVE-2019-11472 (Closes: #927828) * CVE-2019-11597 (Closes: #928207) * CVE-2019-11598 (Closes: #928206) * CVE-2019-12974 (Closes: #931196) * CVE-2019-12975 (Closes: #931193) * CVE-2019-12976 (Closes: #931192) * CVE-2019-12977 (Closes: #931191) * CVE-2019-12978 (Closes: #931190) * CVE-2019-12979 (Closes: #931189) * CVE-2019-13135 (Closes: #932079) * CVE-2019-13137 (Closes: #931342) * CVE-2019-13295 (Closes: #931457) * CVE-2019-13297 (Closes: #931455) * CVE-2019-13300 (Closes: #931454) * CVE-2019-13301 * CVE-2019-13304 (Closes: #931453) * CVE-2019-13305 (Closes: #931452) * CVE-2019-13307 (Closes: #931448) * CVE-2019-13308 (Closes: #931447) * CVE-2019-13309 * CVE-2019-13311 * CVE-2019-13454 (Closes: #931740) * CVE-2019-14981 (Closes: #955025) * CVE-2019-15139 (Closes: #941670) * CVE-2019-15140 (Closes: #941671) * CVE-2019-16708 * CVE-2019-16710 * CVE-2019-16711 * CVE-2019-16713 * CVE-2019-7175 * CVE-2019-7395 * CVE-2019-7396 * CVE-2019-7397 * CVE-2019-7398 * CVE-2019-19948 (Closes: #947308) * CVE-2019-19949 (Closes: #947309) Thanks for Marc Deslauriers for patches from the 19.10 USN update (same base version) intel-microcode (3.20200616.1~deb10u1) buster; urgency=high . * Rebuild for Debian stable (buster), no changes . intel-microcode (3.20200616.1) unstable; urgency=high . * New upstream microcode datafile 20200616 + Downgraded microcodes (to a previously shipped revision): sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376 sig 0x000506e3, pf_mask 0x36, 2019-10-03, rev 0x00d6, size 101376 * Works around hangs on boot on Skylake-U/Y and Skylake Xeon E3, https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/31 * This update *removes* the SRBDS mitigations from the above processors * Note that Debian had already downgraded 0x406e3 in release 3.20200609.2 intel-microcode (3.20200616.1~deb9u1) stretch; urgency=high . * Rebuild for Debian oldstable (stretch), no changes . intel-microcode (3.20200616.1) unstable; urgency=high . * New upstream microcode datafile 20200616 + Downgraded microcodes (to a previously shipped revision): sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376 sig 0x000506e3, pf_mask 0x36, 2019-10-03, rev 0x00d6, size 101376 * Works around hangs on boot on Skylake-U/Y and Skylake Xeon E3, https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/31 * This update *removes* the SRBDS mitigations from the above processors * Note that Debian had already downgraded 0x406e3 in release 3.20200609.2 intel-microcode (3.20200609.2) unstable; urgency=medium . * REGRESSION FIX: 0x406e3: rollback to rev 0xd6 and document regression * Microcode rollbacks (closes: LP#1883002) sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376 * THIS REMOVES THE SECURITY FIXES FOR SKYLAKE-U/Y PROCESSORS * Avoid hangs on boot on (some?) Skylake-U/Y processors, https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/31 * ucode-blacklist: blacklist models 0x8e and 0x9e from late-loading, just in case. Note that Debian does not do late loading by itself. Refer to LP#1883002 for the report, 0x806ec hangs upon late load. intel-microcode (3.20200609.2~deb10u1) buster-security; urgency=high . * Rebuild for buster-security, no changes Refer to changelog entries for 3.20200609.2 and 3.20200609.1 for details . intel-microcode (3.20200609.2) unstable; urgency=medium . * REGRESSION FIX: 0x406e3: rollback to rev 0xd6 and document regression * Microcode rollbacks (closes: LP#1883002) sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376 * THIS REMOVES THE SECURITY FIXES FOR SKYLAKE-U/Y PROCESSORS * Avoid hangs on boot on (some?) Skylake-U/Y processors, https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/31 * ucode-blacklist: blacklist models 0x8e and 0x9e from late-loading, just in case. Note that Debian does not do late loading by itself. Refer to LP#1883002 for the report, 0x806ec hangs upon late load. . intel-microcode (3.20200609.1) unstable; urgency=high . * SECURITY UPDATE * For most processors: SRBDS and/or VRDS, L1DCES mitigations depending on the processor model * For Skylake HEDT and Skylake Xeons with signature 0x50654: VRDS and L1DCES mitigations, plus mitigations described in the changelog entry for package release 3.20191112.1. * Expect some performance impact, the mitigations are enabled by default. A Linux kernel update will be issued that allows one to selectively disable the mitigations. * New upstream microcode datafile 20200609 * Implements mitigation for CVE-2020-0543 Special Register Buffer Data Sampling (SRBDS), INTEL-SA-00320, CROSSTalk * Implements mitigation for CVE-2020-0548 Vector Register Data Sampling (VRDS), INTEL-SA-00329 * Implements mitigation for CVE-2020-0549 L1D Cache Eviction Sampling (L1DCES), INTEL-SA-00329 * Known to fix the regression introduced in release 2019-11-12 (sig 0x50564, rev. 0x2000065), which would cause several systems with Skylake Xeon, Skylake HEDT processors to hang while rebooting * Updated Microcodes: sig 0x000306c3, pf_mask 0x32, 2019-11-12, rev 0x0028, size 23552 sig 0x000306d4, pf_mask 0xc0, 2019-11-12, rev 0x002f, size 19456 sig 0x00040651, pf_mask 0x72, 2019-11-12, rev 0x0026, size 22528 sig 0x00040661, pf_mask 0x32, 2019-11-12, rev 0x001c, size 25600 sig 0x00040671, pf_mask 0x22, 2019-11-12, rev 0x0022, size 14336 sig 0x000406e3, pf_mask 0xc0, 2020-04-27, rev 0x00dc, size 104448 sig 0x00050653, pf_mask 0x97, 2020-04-24, rev 0x1000157, size 32768 sig 0x00050654, pf_mask 0xb7, 2020-04-24, rev 0x2006906, size 34816 sig 0x00050656, pf_mask 0xbf, 2020-04-23, rev 0x4002f01, size 52224 sig 0x00050657, pf_mask 0xbf, 2020-04-23, rev 0x5002f01, size 52224 sig 0x000506e3, pf_mask 0x36, 2020-04-27, rev 0x00dc, size 104448 sig 0x000806e9, pf_mask 0x10, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806e9, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806ea, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806eb, pf_mask 0xd0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806ec, pf_mask 0x94, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906e9, pf_mask 0x2a, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906ea, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400 sig 0x000906eb, pf_mask 0x02, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906ec, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400 sig 0x000906ed, pf_mask 0x22, 2020-04-23, rev 0x00d6, size 103424 * Restores the microcode-level fixes that were reverted by release 3.20191115.2 for sig 0x50654 (Skylake Xeon, Skylake HEDT) . intel-microcode (3.20200520.1) unstable; urgency=medium . * New upstream microcode datafile 20200520 + Updated Microcodes: sig 0x000206d6, pf_mask 0x6d, 2020-03-04, rev 0x0621, size 18432 sig 0x000206d7, pf_mask 0x6d, 2020-03-24, rev 0x071a, size 19456 . intel-microcode (3.20200508.1) unstable; urgency=medium . * New upstream microcode datafile 20200508 + Updated Microcodes: sig 0x000706e5, pf_mask 0x80, 2020-03-12, rev 0x0078, size 107520 * Likely fixes several critical errata on IceLake-U/Y causing system hangs intel-microcode (3.20200609.2~deb9u1) stretch-security; urgency=high . * Rebuild for stretch-security, no changes Refer to changelog entries for 3.20200609.2 and 3.20200609.1 for details . intel-microcode (3.20200609.2) unstable; urgency=medium . * REGRESSION FIX: 0x406e3: rollback to rev 0xd6 and document regression * Microcode rollbacks (closes: LP#1883002) sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376 * THIS REMOVES THE SECURITY FIXES FOR SKYLAKE-U/Y PROCESSORS * Avoid hangs on boot on (some?) Skylake-U/Y processors, https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/31 * ucode-blacklist: blacklist models 0x8e and 0x9e from late-loading, just in case. Note that Debian does not do late loading by itself. Refer to LP#1883002 for the report, 0x806ec hangs upon late load. . intel-microcode (3.20200609.1) unstable; urgency=high . * SECURITY UPDATE * For most processors: SRBDS and/or VRDS, L1DCES mitigations depending on the processor model * For Skylake HEDT and Skylake Xeons with signature 0x50654: VRDS and L1DCES mitigations, plus mitigations described in the changelog entry for package release 3.20191112.1. * Expect some performance impact, the mitigations are enabled by default. A Linux kernel update will be issued that allows one to selectively disable the mitigations. * New upstream microcode datafile 20200609 * Implements mitigation for CVE-2020-0543 Special Register Buffer Data Sampling (SRBDS), INTEL-SA-00320, CROSSTalk * Implements mitigation for CVE-2020-0548 Vector Register Data Sampling (VRDS), INTEL-SA-00329 * Implements mitigation for CVE-2020-0549 L1D Cache Eviction Sampling (L1DCES), INTEL-SA-00329 * Known to fix the regression introduced in release 2019-11-12 (sig 0x50564, rev. 0x2000065), which would cause several systems with Skylake Xeon, Skylake HEDT processors to hang while rebooting * Updated Microcodes: sig 0x000306c3, pf_mask 0x32, 2019-11-12, rev 0x0028, size 23552 sig 0x000306d4, pf_mask 0xc0, 2019-11-12, rev 0x002f, size 19456 sig 0x00040651, pf_mask 0x72, 2019-11-12, rev 0x0026, size 22528 sig 0x00040661, pf_mask 0x32, 2019-11-12, rev 0x001c, size 25600 sig 0x00040671, pf_mask 0x22, 2019-11-12, rev 0x0022, size 14336 sig 0x000406e3, pf_mask 0xc0, 2020-04-27, rev 0x00dc, size 104448 sig 0x00050653, pf_mask 0x97, 2020-04-24, rev 0x1000157, size 32768 sig 0x00050654, pf_mask 0xb7, 2020-04-24, rev 0x2006906, size 34816 sig 0x00050656, pf_mask 0xbf, 2020-04-23, rev 0x4002f01, size 52224 sig 0x00050657, pf_mask 0xbf, 2020-04-23, rev 0x5002f01, size 52224 sig 0x000506e3, pf_mask 0x36, 2020-04-27, rev 0x00dc, size 104448 sig 0x000806e9, pf_mask 0x10, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806e9, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806ea, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806eb, pf_mask 0xd0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806ec, pf_mask 0x94, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906e9, pf_mask 0x2a, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906ea, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400 sig 0x000906eb, pf_mask 0x02, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906ec, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400 sig 0x000906ed, pf_mask 0x22, 2020-04-23, rev 0x00d6, size 103424 * Restores the microcode-level fixes that were reverted by release 3.20191115.2 for sig 0x50654 (Skylake Xeon, Skylake HEDT) . intel-microcode (3.20200520.1) unstable; urgency=medium . * New upstream microcode datafile 20200520 + Updated Microcodes: sig 0x000206d6, pf_mask 0x6d, 2020-03-04, rev 0x0621, size 18432 sig 0x000206d7, pf_mask 0x6d, 2020-03-24, rev 0x071a, size 19456 . intel-microcode (3.20200508.1) unstable; urgency=medium . * New upstream microcode datafile 20200508 + Updated Microcodes: sig 0x000706e5, pf_mask 0x80, 2020-03-12, rev 0x0078, size 107520 * Likely fixes several critical errata on IceLake-U/Y causing system hangs intel-microcode (3.20200609.1) unstable; urgency=high . * SECURITY UPDATE * For most processors: SRBDS and/or VRDS, L1DCES mitigations depending on the processor model * For Skylake HEDT and Skylake Xeons with signature 0x50654: VRDS and L1DCES mitigations, plus mitigations described in the changelog entry for package release 3.20191112.1. * Expect some performance impact, the mitigations are enabled by default. A Linux kernel update will be issued that allows one to selectively disable the mitigations. * New upstream microcode datafile 20200609 * Implements mitigation for CVE-2020-0543 Special Register Buffer Data Sampling (SRBDS), INTEL-SA-00320, CROSSTalk * Implements mitigation for CVE-2020-0548 Vector Register Data Sampling (VRDS), INTEL-SA-00329 * Implements mitigation for CVE-2020-0549 L1D Cache Eviction Sampling (L1DCES), INTEL-SA-00329 * Known to fix the regression introduced in release 2019-11-12 (sig 0x50564, rev. 0x2000065), which would cause several systems with Skylake Xeon, Skylake HEDT processors to hang while rebooting * Updated Microcodes: sig 0x000306c3, pf_mask 0x32, 2019-11-12, rev 0x0028, size 23552 sig 0x000306d4, pf_mask 0xc0, 2019-11-12, rev 0x002f, size 19456 sig 0x00040651, pf_mask 0x72, 2019-11-12, rev 0x0026, size 22528 sig 0x00040661, pf_mask 0x32, 2019-11-12, rev 0x001c, size 25600 sig 0x00040671, pf_mask 0x22, 2019-11-12, rev 0x0022, size 14336 sig 0x000406e3, pf_mask 0xc0, 2020-04-27, rev 0x00dc, size 104448 sig 0x00050653, pf_mask 0x97, 2020-04-24, rev 0x1000157, size 32768 sig 0x00050654, pf_mask 0xb7, 2020-04-24, rev 0x2006906, size 34816 sig 0x00050656, pf_mask 0xbf, 2020-04-23, rev 0x4002f01, size 52224 sig 0x00050657, pf_mask 0xbf, 2020-04-23, rev 0x5002f01, size 52224 sig 0x000506e3, pf_mask 0x36, 2020-04-27, rev 0x00dc, size 104448 sig 0x000806e9, pf_mask 0x10, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806e9, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806ea, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806eb, pf_mask 0xd0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806ec, pf_mask 0x94, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906e9, pf_mask 0x2a, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906ea, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400 sig 0x000906eb, pf_mask 0x02, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906ec, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400 sig 0x000906ed, pf_mask 0x22, 2020-04-23, rev 0x00d6, size 103424 * Restores the microcode-level fixes that were reverted by release 3.20191115.2 for sig 0x50654 (Skylake Xeon, Skylake HEDT) intel-microcode (3.20200609.1~deb10u1) buster-security; urgency=high . * Rebuild for buster-security, no changes . intel-microcode (3.20200609.1) unstable; urgency=high . * SECURITY UPDATE * For most processors: SRBDS and/or VRDS, L1DCES mitigations depending on the processor model * For Skylake HEDT and Skylake Xeons with signature 0x50654: VRDS and L1DCES mitigations, plus mitigations described in the changelog entry for package release 3.20191112.1. * Expect some performance impact, the mitigations are enabled by default. A Linux kernel update will be issued that allows one to selectively disable the mitigations. * New upstream microcode datafile 20200609 * Implements mitigation for CVE-2020-0543 Special Register Buffer Data Sampling (SRBDS), INTEL-SA-00320, CROSSTalk * Implements mitigation for CVE-2020-0548 Vector Register Data Sampling (VRDS), INTEL-SA-00329 * Implements mitigation for CVE-2020-0549 L1D Cache Eviction Sampling (L1DCES), INTEL-SA-00329 * Known to fix the regression introduced in release 2019-11-12 (sig 0x50564, rev. 0x2000065), which would cause several systems with Skylake Xeon, Skylake HEDT processors to hang while rebooting * Updated Microcodes: sig 0x000306c3, pf_mask 0x32, 2019-11-12, rev 0x0028, size 23552 sig 0x000306d4, pf_mask 0xc0, 2019-11-12, rev 0x002f, size 19456 sig 0x00040651, pf_mask 0x72, 2019-11-12, rev 0x0026, size 22528 sig 0x00040661, pf_mask 0x32, 2019-11-12, rev 0x001c, size 25600 sig 0x00040671, pf_mask 0x22, 2019-11-12, rev 0x0022, size 14336 sig 0x000406e3, pf_mask 0xc0, 2020-04-27, rev 0x00dc, size 104448 sig 0x00050653, pf_mask 0x97, 2020-04-24, rev 0x1000157, size 32768 sig 0x00050654, pf_mask 0xb7, 2020-04-24, rev 0x2006906, size 34816 sig 0x00050656, pf_mask 0xbf, 2020-04-23, rev 0x4002f01, size 52224 sig 0x00050657, pf_mask 0xbf, 2020-04-23, rev 0x5002f01, size 52224 sig 0x000506e3, pf_mask 0x36, 2020-04-27, rev 0x00dc, size 104448 sig 0x000806e9, pf_mask 0x10, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806e9, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806ea, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806eb, pf_mask 0xd0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806ec, pf_mask 0x94, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906e9, pf_mask 0x2a, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906ea, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400 sig 0x000906eb, pf_mask 0x02, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906ec, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400 sig 0x000906ed, pf_mask 0x22, 2020-04-23, rev 0x00d6, size 103424 * Restores the microcode-level fixes that were reverted by release 3.20191115.2 for sig 0x50654 (Skylake Xeon, Skylake HEDT) . intel-microcode (3.20200520.1) unstable; urgency=medium . * New upstream microcode datafile 20200520 + Updated Microcodes: sig 0x000206d6, pf_mask 0x6d, 2020-03-04, rev 0x0621, size 18432 sig 0x000206d7, pf_mask 0x6d, 2020-03-24, rev 0x071a, size 19456 . intel-microcode (3.20200508.1) unstable; urgency=medium . * New upstream microcode datafile 20200508 + Updated Microcodes: sig 0x000706e5, pf_mask 0x80, 2020-03-12, rev 0x0078, size 107520 * Likely fixes several critical errata on IceLake-U/Y causing system hangs intel-microcode (3.20200609.1~deb9u1) stretch-security; urgency=high . * Rebuild for stretch-security, no changes . intel-microcode (3.20200609.1) unstable; urgency=high . * SECURITY UPDATE * For most processors: SRBDS and/or VRDS, L1DCES mitigations depending on the processor model * For Skylake HEDT and Skylake Xeons with signature 0x50654: VRDS and L1DCES mitigations, plus mitigations described in the changelog entry for package release 3.20191112.1. * Expect some performance impact, the mitigations are enabled by default. A Linux kernel update will be issued that allows one to selectively disable the mitigations. * New upstream microcode datafile 20200609 * Implements mitigation for CVE-2020-0543 Special Register Buffer Data Sampling (SRBDS), INTEL-SA-00320, CROSSTalk * Implements mitigation for CVE-2020-0548 Vector Register Data Sampling (VRDS), INTEL-SA-00329 * Implements mitigation for CVE-2020-0549 L1D Cache Eviction Sampling (L1DCES), INTEL-SA-00329 * Known to fix the regression introduced in release 2019-11-12 (sig 0x50564, rev. 0x2000065), which would cause several systems with Skylake Xeon, Skylake HEDT processors to hang while rebooting * Updated Microcodes: sig 0x000306c3, pf_mask 0x32, 2019-11-12, rev 0x0028, size 23552 sig 0x000306d4, pf_mask 0xc0, 2019-11-12, rev 0x002f, size 19456 sig 0x00040651, pf_mask 0x72, 2019-11-12, rev 0x0026, size 22528 sig 0x00040661, pf_mask 0x32, 2019-11-12, rev 0x001c, size 25600 sig 0x00040671, pf_mask 0x22, 2019-11-12, rev 0x0022, size 14336 sig 0x000406e3, pf_mask 0xc0, 2020-04-27, rev 0x00dc, size 104448 sig 0x00050653, pf_mask 0x97, 2020-04-24, rev 0x1000157, size 32768 sig 0x00050654, pf_mask 0xb7, 2020-04-24, rev 0x2006906, size 34816 sig 0x00050656, pf_mask 0xbf, 2020-04-23, rev 0x4002f01, size 52224 sig 0x00050657, pf_mask 0xbf, 2020-04-23, rev 0x5002f01, size 52224 sig 0x000506e3, pf_mask 0x36, 2020-04-27, rev 0x00dc, size 104448 sig 0x000806e9, pf_mask 0x10, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806e9, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806ea, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806eb, pf_mask 0xd0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806ec, pf_mask 0x94, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906e9, pf_mask 0x2a, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906ea, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400 sig 0x000906eb, pf_mask 0x02, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906ec, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400 sig 0x000906ed, pf_mask 0x22, 2020-04-23, rev 0x00d6, size 103424 * Restores the microcode-level fixes that were reverted by release 3.20191115.2 for sig 0x50654 (Skylake Xeon, Skylake HEDT) . intel-microcode (3.20200520.1) unstable; urgency=medium . * New upstream microcode datafile 20200520 + Updated Microcodes: sig 0x000206d6, pf_mask 0x6d, 2020-03-04, rev 0x0621, size 18432 sig 0x000206d7, pf_mask 0x6d, 2020-03-24, rev 0x071a, size 19456 . intel-microcode (3.20200508.1) unstable; urgency=medium . * New upstream microcode datafile 20200508 + Updated Microcodes: sig 0x000706e5, pf_mask 0x80, 2020-03-12, rev 0x0078, size 107520 * Likely fixes several critical errata on IceLake-U/Y causing system hangs intel-microcode (3.20200520.1) unstable; urgency=medium . * New upstream microcode datafile 20200520 + Updated Microcodes: sig 0x000206d6, pf_mask 0x6d, 2020-03-04, rev 0x0621, size 18432 sig 0x000206d7, pf_mask 0x6d, 2020-03-24, rev 0x071a, size 19456 intel-microcode (3.20200508.1) unstable; urgency=medium . * New upstream microcode datafile 20200508 + Updated Microcodes: sig 0x000706e5, pf_mask 0x80, 2020-03-12, rev 0x0078, size 107520 * Likely fixes several critical errata on IceLake-U/Y causing system hangs intel-microcode (3.20191115.2) unstable; urgency=medium . * Microcode rollbacks (closes: #946515, LP#1854764): sig 0x00050654, pf_mask 0xb7, 2019-07-31, rev 0x2000064, size 33792 * Avoids hangs on warm reboots (cold boots work fine) on HEDT and Xeon processors with signature 0x50654. https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/21 jackson-databind (2.9.8-3+deb10u2) buster; urgency=medium . * Add multiple-CVE-BeanDeserializerFactory.patch and block more classes from polymorphic deserialization. This fixes 20 CVE that currently affect the package namely, CVE-2020-9548, CVE-2020-9547, CVE-2020-9546, CVE-2020-8840, CVE-2020-14195, CVE-2020-14062, CVE-2020-14061, CVE-2020-14060, CVE-2020-11620, CVE-2020-11619, CVE-2020-11113, CVE-2020-11112, CVE-2020-11111, CVE-2020-10969, CVE-2020-10968, CVE-2020-10673, CVE-2020-10672, CVE-2019-20330, CVE-2019-17531 and CVE-2019-17267. jameica (2.8.4+dfsg-1+deb10u1) buster; urgency=medium . * Add mckoisqldb to classpath. This is needed for SynTAX and was accidentally removed in debian/patches/0001-*.patch. jigdo (0.7.3-5+deb10u1) buster; urgency=medium . * Backport more upstream changes to make jigdo-lite and jigdo-mirror support https. Closes: #962776 keystone (2:14.2.0-0+deb10u1) buster-security; urgency=medium . * New upstream point release. * Removed patch applied upstream: - PY3_switch_to_using_unicode_text_values.patch * Removed debian/keystone.cron.hourly: UUID tokens are removed in favor of Fernet tokens, therefore, this cron job is useless. * Add upstream patches to fix grave security bug: EC2 and credential endpoints are not protected from a scoped context (Closes: #959900). - 0001-Add-cadf-auditing-to-credentials.patch - CVE_Check_timestamp_of_signed_EC2_token_request.patch - Ensure_OAuth1_authorized_roles_are_respected.patch - CVE_Fix_security_issues_with_EC2_credentials.patch ksh (93u+20120801-3.4+deb10u1) buster; urgency=high . * Fix for CVE-2019-14868: in ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely. (Closes: #948989) lemonldap-ng (2.0.2+ds-7+deb10u4) buster; urgency=medium . * Fix nginx configuration regression introduced by CVE-2019-19791 fix (Closes: #960392) libapache-mod-jk (1:1.2.46-1+deb10u1) buster; urgency=medium . * Rename httpd-jk.conf to jk.conf to restore compatibility with Debian's Apache helpers a2enmod and a2dismod. (Closes: #928813) libclamunrar (0.102.3-0+deb10u1) buster; urgency=medium . * Import 0.102.3 - Updated libclamunrar to UnRAR 5.9.2. * Provide a libclamunrar meta package which depends on the latest binary package. Suggested by Matus UHLAR - fantomas (Closes: #939824). libclamunrar (0.102.3-0+deb9u1) stretch; urgency=medium . * Import 0.102.3 - Updated libclamunrar to UnRAR 5.9.2. * Provide a libclamunrar meta package which depends on the latest binary package. Suggested by Matus UHLAR - fantomas (Closes: #939824). libembperl-perl (2.5.0-12+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Update debian/patches/apache2.4-compat.patch to work with Apache 2.4.40+ error pages. (Closes: #941926) libexif (0.6.21-5.1+deb10u4) buster; urgency=medium . * Add upstream patches to fix two security issues: - Fix a buffer read overflow in exif_entry_get_value() (CVE-2020-0182). - Fix an unsigned integer overflow in libexif/exif-data.c (CVE-2020-0198) (Closes: #962345). libexif (0.6.21-5.1+deb10u3) buster; urgency=medium . * Add upstream patches to fix multiple security issues: - cve-2020-13112.patch: Fix MakerNote tag size overflow issues at read time (CVE-2020-13112) (Closes: #961407). - cve-2020-13113.patch: Ensure MakerNote data pointers are NULL-initialized (CVE-2020-13113) (Closes: #961409). - cve-2020-13114.patch: Add a failsafe on the maximum number of Canon MakerNote subtags to catch extremely large values in tags (CVE-2020-13114) (Closes: #961410). libexif (0.6.21-5.1+deb10u2) buster; urgency=medium . [ Mike Gabriel ] * Sponsored upload. * debian/patches: Trivial rebase of various patches. . [ Hugh McMaster ] * Team upload. * Add upstream patches to fix two security issues: - cve-2020-12767.patch: Prevent some possible division-by-zero errors in exif_entry_get_value() (CVE-2020-12767) (Closes: #960199). - cve-2020-0093.patch: Prevent read buffer overflow (CVE-2020-0093). libinput (1.12.6-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. * quirks: add trackpoint integration attribute (Closes: #952700) libntlm (1.5-1+deb10u1) buster; urgency=medium . * Non-maintainer upload * Fix buffer overflow. CVE-2019-17455: Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request. Closes: #942145 * Add regression test for CVE-2019-17455 libopenmpt (0.4.3-1+deb10u1) buster-security; urgency=medium . * CVE-2019-14380 / CVE-2019-17113 libpam-radius-auth (1.4.0-3~deb10u1) buster; urgency=medium . * Rebuild for buster. * Revert packaging changes: - Lower Standards-Version to 4.2.0 - Lower Debhelper compat level to 11 . libpam-radius-auth (1.4.0-3) unstable; urgency=medium . * QA upload * Add patch to fix buffer overflow in password field. (Fixes: CVE-2015-9542) (Closes: #951396) * Bump Standards-Version to 4.5.0 and dh-compat to 12 libreswan (3.27-6+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * DoS attack via malicious IKEv1 informational exchange message (CVE-2020-1763) (Closes: #960458) libunwind (1.2.1-10~deb10u1) buster; urgency=medium . * Rebuild on buster. . libunwind (1.2.1-10) unstable; urgency=high . * Manually enable C++ exception support only on i386 and amd64, it is known broken on several other architectures. Thanks to Bernhard Ãœbelacker. (Closes: #923962) * Backport upstream fix for segfaults on mips, thanks to Guillaume Tucker. (Closes: #932725) libyang (0.16.105-1+deb10u1) buster; urgency=medium . * Fix CVE-2019-19333 & CVE-2019-19334 (Closes: #946217) * Fix cache corruption crash (upstream bug 752) linux (4.19.132-1) buster; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.132 - btrfs: fix a block group ref counter leak after failure to remove block group - mm: fix swap cache node allocation mask - [x86] EDAC/amd64: Read back the scrub rate PCI register on F15h - usbnet: smsc95xx: Fix use-after-free after removal - mm/slub.c: fix corrupted freechain in deactivate_slab() - mm/slub: fix stack overruns with SLUB_STATS - [s390x] debug: avoid kernel warning on too large number of pages - nvme-multipath: set bdi capabilities once - nvme-multipath: fix deadlock between ana_work and scan_work - crypto: af_alg - fix use-after-free in af_alg_accept() due to bh_lock_sock() - [arm64] drm/msm/dpu: fix error return code in dpu_encoder_init - cxgb4: use unaligned conversion for fetching timestamp - cxgb4: parse TC-U32 key values and masks natively - cxgb4: use correct type for all-mask IP address comparison - cxgb4: fix SGE queue dump destination buffer context - [x86] hwmon: (acpi_power_meter) Fix potential memory leak in acpi_power_meter_add() - [arm64,armhf] drm: sun4i: hdmi: Remove extra HPD polling - virtio-blk: free vblk-vqs in error path of virtblk_probe() - SMB3: Honor 'posix' flag for multiuser mounts - nvme: fix a crash in nvme_mpath_add_disk - i2c: algo-pca: Add 0x78 as SCL stuck low status for PCA9665 - Revert "ALSA: usb-audio: Improve frames size computation" - SMB3: Honor 'seal' flag for multiuser mounts - SMB3: Honor persistent/resilient handle flags for multiuser mounts - SMB3: Honor lease disabling for multiuser mounts - cifs: Fix the target file was deleted when rename failed. - [mips*] Add missing EHB in mtc0 -> mfc0 sequence for DSPen - [arm64,armhf] irqchip/gic: Atomically update affinity - dm zoned: assign max_io_len correctly - efi: Make it possible to disable efivar_ssdt entirely . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.132-rt59 * Revert "ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb" (Closes: #964153, #964480) * efi: Restrict efivar_ssdt_load when the kernel is locked down (CVE-2019-20908) * certs: Rotate to use the Debian Secure Boot Signer 2020 certificate * e1000e: Add support for Comet Lake (Closes: #965365) linux (4.19.131-2) buster; urgency=medium . [ Aurelien Jarno ] * Revert "mips: Add udelay lpj numbers adjustment", since it causes the build to fail with CONFIG_CPU_FREQ=y. linux (4.19.131-1) buster; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.119 - ext4: fix extent_status fragmentation for plain files - [arm64] drm/msm: Use the correct dma_sync calls harder - vti4: removed duplicate log message. - [arm64] Add part number for Neoverse N1 - [arm64] errata: Hide CTR_EL0.DIC on systems affected by Neoverse-N1 #1542419 - [arm64] Fake the IminLine size on systems affected by Neoverse-N1 #1542419 - [arm64] compat: Workaround Neoverse-N1 #1542419 for compat user-space - watchdog: reset last_hw_keepalive time at start - scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login - scsi: lpfc: Fix crash in target side cable pulls hitting WAIT_FOR_UNREG - ceph: return ceph_mdsc_do_request() errors from __get_parent() - ceph: don't skip updating wanted caps when cap is stale - scsi: iscsi: Report unbind session event when the target has been removed - [x86] ASoC: Intel: atom: Take the drv->lock mutex before calling sst_send_slot_map() - nvme: fix deadlock caused by ANA update wrong locking - ipc/util.c: sysvipc_find_ipc() should increase position index - [s390x] cio: avoid duplicated 'ADD' uevents - loop: Better discard support for block devices - [powerpc*] Revert "powerpc/64: irq_work avoid interrupt when called with hardware irqs enabled" - [arm*] pwm: bcm2835: Dynamically allocate base - perf/core: Disable page faults when getting phys address - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN MPWIN895CL tablet - xhci: Ensure link state is U3 after setting USB_SS_PORT_LS_U3 - virtio-blk: improve virtqueue error to BLK_STS - scsi: smartpqi: fix call trace in device discovery - PCI/ASPM: Allow re-enabling Clock PM - [x86] KVM: VMX: Zero out *all* general purpose registers after VM-Exit - cxgb4: fix adapter crash due to wrong MC size - cxgb4: fix large delays in PTP synchronization - ipv6: fix restrict IPV6_ADDRFORM operation - macsec: avoid to set wrong mtu - macvlan: fix null dereference in macvlan_device_event() - net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node - [arm64,armhf] net: stmmac: dwmac-meson8b: Add missing boundary to RGMII TX clock array - sched: etf: do not assume all sockets are full blown - tcp: cache line align MAX_TCP_HEADER - team: fix hang in team_mode_get() - vrf: Fix IPv6 with qdisc and xfrm - [armhf] net: dsa: b53: Lookup VID in ARL searches when VLAN is enabled - [armhf] net: dsa: b53: Fix ARL register definitions - [armhf] net: dsa: b53: Rework ARL bin logic - [armhf] net: dsa: b53: b53_arl_rw_op() needs to select IVL or SVL - xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish - vrf: Check skb for XFRM_TRANSFORMED flag - KEYS: Avoid false positive ENOMEM error on key read - ALSA: hda: Remove ASUS ROG Zenith from the blacklist - ALSA: usb-audio: Add static mapping table for ALC1220-VB-based mobos - ALSA: usb-audio: Add connector notifier delegation - [armhf] iio: st_sensors: rely on odr mask to know if odr can be set - USB: sisusbvga: Change port variable from signed to unsigned - USB: Add USB_QUIRK_DELAY_CTRL_MSG and USB_QUIRK_DELAY_INIT for Corsair K70 RGB RAPIDFIRE - USB: early: Handle AMD's spec-compliant identifiers, too - USB: hub: Fix handling of connect changes during sleep - vmalloc: fix remap_vmalloc_range() bounds checks - mm/hugetlb: fix a addressing exception caused by huge_pte_offset - mm/ksm: fix NULL pointer dereference when KSM zero page is enabled - ALSA: hda/realtek - Fix unexpected init_amp override - ALSA: hda/realtek - Add new codec supported for ALC245 - ALSA: usb-audio: Fix usb audio refcnt leak when getting spdif - ALSA: usb-audio: Filter out unsupported sample rates on Focusrite devices - tpm/tpm_tis: Free IRQ if probing fails - [s390x] KVM: Return last valid slot if approx index is out-of-bounds - KVM: Check validity of resolved slot when searching memslots - [x86] KVM: VMX: Enable machine check support for 32bit targets - tty: hvc: fix buffer overflow during hvc_alloc(). - [x86] tty: rocket, avoid OOB access - usb-storage: Add unusual_devs entry for JMicron JMS566 - audit: check the length of userspace generated audit records - ASoC: dapm: fixup dapm kcontrol widget - iwlwifi: pcie: actually release queue memory in TVQM - iwlwifi: mvm: beacon statistics shouldn't go backwards - [armel,armhf] ARM: imx: provide v7_cpu_resume() only on ARM_CPU_SUSPEND=y - [powerpc*] setup_64: Set cache-line-size based on cache-block-size - [i386] staging: comedi: dt2815: fix writing hi byte of analog output - [x86] staging: comedi: Fix comedi_device refcnt leak in comedi_open - vt: don't hardcode the mem allocation upper bound - vt: don't use kmalloc() for the unicode screen buffer - [x86] staging: vt6656: Don't set RCR_MULTICAST or RCR_BROADCAST by default. - [x86] staging: vt6656: Fix calling conditions of vnt_set_bss_mode - [x86] staging: vt6656: Fix drivers TBTT timing counter. - [x86] staging: vt6656: Fix pairwise key entry save. - [x86] staging: vt6656: Power save stop wake_up_count wrap around. - cdc-acm: close race betrween suspend() and acm_softint - cdc-acm: introduce a cool down - UAS: no use logging any details in case of ENODEV - UAS: fix deadlock in error handling and PM flushing work - [arm64,armhf] usb: dwc3: gadget: Fix request completion check - usb: f_fs: Clear OS Extended descriptor counts to zero in ffs_data_reset() - xhci: prevent bus suspend if a roothub port detected a over-current condition - xfs: Fix deadlock between AGI and AGF with RENAME_WHITEOUT https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.120 - mtd: cfi: fix deadloop in cfi_cmdset_0002.c do_write_buffer - [arm*] binder: take read mode of mmap_sem in binder_alloc_free_page() - [arm64,armhf] usb: dwc3: gadget: Do link recovery for SS and SSP - nfsd: memory corruption in nfsd4_lock() - rxrpc: Fix DATA Tx to disable nofrag for UDP on AF_INET6 socket - net/cxgb4: Check the return from t4_query_params properly - xfs: acquire superblock freeze protection on eofblocks scans - svcrdma: Fix trace point use-after-free race - svcrdma: Fix leak of svc_rdma_recv_ctxt objects - PCI: Avoid ASMedia XHCI USB PME# from D0 defect - [s390x] net/mlx5: Fix failing fw tracer allocation on s390 - perf/core: fix parent pid/tid in task exit events - [i386] bpf, x86_32: Fix incorrect encoding in BPF_LDX zero-extension - mm: shmem: disable interrupt when acquiring info->lock in userfaultfd_copy path - xfs: clear PF_MEMALLOC before exiting xfsaild thread - [x86] bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B - [armhf] net: fec: set GPR bit on suspend by DT configuration. - [x86] hyperv: report value of misc_features - xfs: fix partially uninitialized structure in xfs_reflink_remap_extent - ALSA: hda: Keep the controller initialization even if no codecs found - ALSA: hda: Explicitly permit using autosuspend if runtime PM is supported - scsi: target: fix PR IN / READ FULL STATUS for FC - scsi: target: tcmu: reset_ring should reset TCMU_DEV_BIT_BROKEN - xen/xenbus: ensure xenbus_map_ring_valloc() returns proper grant status - ALSA: hda: call runtime_allow() for all hda controllers - [arm64] Delete the space separator in __emit_inst - ext4: use matching invalidatepage in ext4_writepage - ext4: increase wait time needed before reuse of deleted inode numbers - ext4: convert BUG_ON's to WARN_ON's in mballoc.c - hwmon: (jc42) Fix name to have no illegal characters - [i386] bpf, x86_32: Fix clobbering of dst for BPF_JSET - qed: Fix use after free in qed_chain_free - ext4: check for non-zero journal inum in ext4_calculate_overhead https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.121 - drm/edid: Fix off-by-one in DispID DTD pixel clock - drm/qxl: qxl_release leak in qxl_draw_dirty_fb() - drm/qxl: qxl_release leak in qxl_hw_surface_alloc() - drm/qxl: qxl_release use after free - btrfs: fix block group leak when removing fails - ALSA: hda/realtek - Two front mics on a Lenovo ThinkCenter - ALSA: usb-audio: Correct a typo of NuPrime DAC-10 USB ID - ALSA: hda/hdmi: fix without unlocked before return - ALSA: pcm: oss: Place the plugin buffer overflow checks correctly (Closes: #960493) - PM: ACPI: Output correct message on target power state - PM: hibernate: Freeze kernel threads in software_resume() - dm writecache: fix data corruption when reloading the target - dm multipath: use updated MPATHF_QUEUE_IO on mapping for bio-based mpath - scsi: qla2xxx: set UNLOADING before waiting for session deletion - scsi: qla2xxx: check UNLOADING before posting async work - RDMA/mlx5: Set GRH fields in query QP on RoCE - RDMA/mlx4: Initialize ib_spec on the stack - RDMA/core: Prevent mixed use of FDs between shared ufiles - RDMA/core: Fix race between destroy and release FD object - [amd64,arm64] vfio: avoid possible overflow in vfio_iommu_type1_pin_pages - [amd64,arm64] vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() - [arm64] iommu/qcom: Fix local_base status check - scsi: target/iblock: fix WRITE SAME zeroing - [amd64] iommu/amd: Fix legacy interrupt remapping for x2APIC-enabled system - nfs: Fix potential posix_acl refcnt leak in nfs3_set_acl - btrfs: fix partial loss of prealloc extent past i_size after fsync - btrfs: transaction: Avoid deadlock due to bad initialization timing of fs_info::journal_info - mmc: cqhci: Avoid false "cqhci: CQE stuck on" by not open-coding timeout loop - [arm64] mmc: sdhci-xenon: fix annoying 1.8V regulator warning - mmc: sdhci-pci: Fix eMMC driver strength for BYT-based controllers - [arm64] mmc: sdhci-msm: Enable host capabilities pertains to R1b response - [armhf] mmc: meson-mx-sdio: Set MMC_CAP_WAIT_WHILE_BUSY - [armhf] mmc: meson-mx-sdio: remove the broken ->card_busy() op https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.122 - vhost: vsock: kick send_pkt worker once device is started - [powerpc*] pci/of: Parse unassigned resources - [x86] ASoC: topology: Check return value of pcm_new_ver - [armhf] ASoC: sgtl5000: Fix VAG power-on handling - [arm64,armhf] usb: dwc3: gadget: Properly set maxpacket limit - [x86] ASoC: codecs: hdac_hdmi: Fix incorrect use of list_for_each_entry - wimax/i2400m: Fix potential urb refcnt leak - [armhf] net: stmmac: fix enabling socfpga's ptp_ref_clock - [armhf] net: stmmac: Fix sub-second increment - cifs: protect updating server->dstaddr with a spinlock - [s390x] ftrace: fix potential crashes when switching tracers - sctp: Fix SHUTDOWN CTSN Ack in the peer restart case - drm/amdgpu: Fix oops when pp_funcs is unset in ACPI event - lib: devres: add a helper function for ioremap_uc - [x86] mfd: intel-lpss: Use devm_ioremap_uc for MMIO - ALSA: hda: Match both PCI ID and SSID for driver blacklist - [x86] platform: GPD pocket fan: Fix error message when temp-limits are out of range - mac80211: add ieee80211_is_any_nullfunc() - cgroup, netclassid: remove double cond_resched - drm/atomic: Take the atomic toys away from X https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.123 - USB: serial: qcserial: Add DW5816e support - tracing/kprobes: Fix a double initialization typo - vt: fix unicode console freeing with a common interface - fq_codel: fix TCA_FQ_CODEL_DROP_BATCH_SIZE sanity checks - net: macsec: preserve ingress frame ordering - net/mlx4_core: Fix use of ENOSPC around mlx4_counter_alloc() - net_sched: sch_skbprio: add message validation to skbprio_change() - net: usb: qmi_wwan: add support for DW5816e - sch_choke: avoid potential panic in choke_reset() - sch_sfq: validate silly quantum values - tipc: fix partial topology connection closure - bnxt_en: Fix VLAN acceleration handling in bnxt_fix_features(). - net/mlx5: Fix forced completion access non initialized command entry - net/mlx5: Fix command entry leak in Internal Error State - bnxt_en: Improve AER slot reset. - bnxt_en: Fix VF anti-spoof filter setup. - net: stricter validation of untrusted gso packets - HID: wacom: Read HID_DG_CONTACTMAX directly for non-generic devices - sctp: Fix bundling of SHUTDOWN with COOKIE-ACK - HID: usbhid: Fix race between usbhid_close() and usbhid_stop() - USB: uas: add quirk for LaCie 2Big Quadra - USB: serial: garmin_gps: add sanity checking for data length - tracing: Add a vmalloc_sync_mappings() for safe measure - [arm64,armhf] KVM: vgic: Fix limit condition when writing to GICD_I[CS]ACTIVER - [arm64] KVM: Fix 32bit PC wrap-around - [arm64] hugetlb: avoid potential NULL dereference - mm/page_alloc: fix watchdog soft lockups during set_zone_contiguous() - [x86] KVM: VMX: Explicitly reference RCX as the vmx_vcpu pointer in asm blobs - [x86] KVM: VMX: Mark RCX, RDX and RSI as clobbered in vmx_vcpu_run()'s asm blob - batman-adv: fix batadv_nc_random_weight_tq - batman-adv: Fix refcnt leak in batadv_show_throughput_override - batman-adv: Fix refcnt leak in batadv_store_throughput_override - batman-adv: Fix refcnt leak in batadv_v_ogm_process - [amd64] x86/entry/64: Fix unwind hints in register clearing code - [amd64] x86/entry/64: Fix unwind hints in kernel exit path - [amd64] x86/entry/64: Fix unwind hints in rewind_stack_do_exit() - [amd64] x86/unwind/orc: Don't skip the first frame for inactive tasks - [amd64] x86/unwind/orc: Prevent unwinding before ORC initialization - [amd64] x86/unwind/orc: Fix error path for bad ORC entry type - [amd64] x86/unwind/orc: Fix premature unwind stoppage due to IRET frames - netfilter: nat: never update the UDP checksum when it's 0 - netfilter: nf_osf: avoid passing pointer to local var - scripts/decodecode: fix trapping instruction formatting - ipc/mqueue.c: change __do_notify() to bypass check_kill_permission() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.124 - [arm64,armhf] net: dsa: Do not make user port errors fatal - shmem: fix possible deadlocks on shmlock_user_lock - virtio-blk: handle block_device_operations callbacks after hot unplug - mmc: sdhci-acpi: Add SDHCI_QUIRK2_BROKEN_64_BIT_DMA for AMDI0040 - net: fix a potential recursive NETDEV_FEAT_CHANGE - net: phy: fix aneg restart in phy_ethtool_set_eee - pppoe: only process PADT targeted at local interfaces - Revert "ipv6: add mtu lock check in __ip6_rt_update_pmtu" - tcp: fix error recovery in tcp_zerocopy_receive() - virtio_net: fix lockdep warning on 32 bit - [x86,arm64] hinic: fix a bug of ndo_stop - net: ipv4: really enforce backoff for redirects - netprio_cgroup: Fix unlimited memory leak of v2 cgroups - net: tcp: fix rx timestamp behavior for tcp_recvmsg - tcp: fix SO_RCVLOWAT hangs with fat skbs - [i386] dmaengine: pch_dma.c: Avoid data race between probe and irq handler - [x86] cpufreq: intel_pstate: Only mention the BIOS disabling turbo mode once - ALSA: hda/hdmi: fix race in monitor detection during probe - drm/qxl: lost qxl_bo_kunmap_atomic_page in qxl_image_init_helper() - ipc/util.c: sysvipc_find_ipc() incorrectly updates position index - ALSA: hda/realtek - Fix S3 pop noise on Dell Wyse - gfs2: Another gfs2_walk_metadata fix - [x86] pinctrl: baytrail: Enable pin configuration setting for GPIO chip - [x86] pinctrl: cherryview: Add missing spinlock usage in chv_gpio_irq_handler - i40iw: Fix error handling in i40iw_manage_arp_cache() - mmc: core: Check request type before completing the request - mmc: block: Fix request completion in the CQE timeout path - NFS: Fix fscache super_cookie index_key from changing after umount - nfs: fscache: use timespec64 in inode auxdata - NFSv4: Fix fscache cookie aux_data to ensure change_attr is included - [arm64] fix the flush_icache_range arguments in machine_kexec - netfilter: nft_set_rbtree: Introduce and use nft_rbtree_interval_start() - IB/mlx4: Test return value of calls to ib_get_cached_pkey - ALSA: hda/realtek - Limit int mic boost for Thinkpad T530 - ALSA: rawmidi: Fix racy buffer resize under concurrent accesses - ALSA: usb-audio: Add control message quirk delay for Kingston HyperX headset - usb: core: hub: limit HUB_QUIRK_DISABLE_AUTOSUSPEND to USB5534B - [arm64,armhf] usb: host: xhci-plat: keep runtime active when removing host - usb: xhci: Fix NULL pointer dereference when enqueuing trbs from urb sg list - cifs: fix leaked reference on requeued write - exec: Move would_dump into flush_old_exec - [arm64,armhf] clk: rockchip: fix incorrect configuration of rk3228 aclk_gpu* clocks - [arm64,armhf] dwc3: Remove check for HWO flag in dwc3_gadget_ep_reclaim_trb_sg() - Revert "ALSA: hda/realtek: Fix pop noise on ALC225" - clk: Unlink clock if failed to prepare or enable - [arm64] dts: rockchip: Replace RK805 PMIC node name with "pmic" on rk3328 boards - [x86] KVM: Fix off-by-one error in kvm_vcpu_ioctl_x86_setup_mce https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.125 - i2c: dev: Fix the race between the release of i2c_dev and cdev - fix multiplication overflow in copy_fdtable() - ubifs: remove broken lazytime support - [amd64] iommu/amd: Fix over-read of ACPI UID from IVRS table - ubi: Fix seq_file usage in detailed_erase_block_info debugfs file - HID: multitouch: add eGalaxTouch P80H84 support - HID: alps: Add AUI1657 device ID - HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead - scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV - scsi: qla2xxx: Delete all sessions before unregister local nvme port - configfs: fix config_item refcnt leak in configfs_rmdir() - vhost/vsock: fix packet delivery order to monitoring devices - [amd64] aquantia: Fix the media type of AQC100 ethernet controller in the driver - component: Silence bind error on -EPROBE_DEFER - [ppc64el] scsi: ibmvscsi: Fix WARN_ON during event pool release - HID: i2c-hid: reset Synaptics SYNA2393 on resume - [x86] apic: Move TSC deadline timer debug printk - gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() - HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A keyboard-dock - ceph: fix double unlock in handle_cap_export() - [arm64,armhf] stmmac: fix pointer check after utilization in stmmac_interrupt - USB: core: Fix misleading driver bug report - [x86] platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA - padata: Replace delayed timer with immediate workqueue in padata_reorder - padata: initialize pd->cpu with effective cpumask - padata: purge get_cpu and reorder_via_wq from padata_do_serial - ALSA: iec1712: Initialize STDSP24 properly when using the model=staudio option - ALSA: pcm: fix incorrect hw_base increase - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Xtreme - ALSA: hda/realtek - Add more fixup entries for Clevo machines - [armhf] drm/etnaviv: fix perfmon domain interation - apparmor: Fix use-after-free in aa_audit_rule_init - apparmor: fix potential label refcnt leak in aa_change_profile - apparmor: Fix aa_label refcnt leak in policy_update - [arm64] dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()' - [powerpc*] Remove STRICT_KERNEL_RWX incompatibility with RELOCATABLE - [powerpc*] 64s: Disable STRICT_KERNEL_RWX - [amd64,arm64] nfit: Add Hyper-V NVDIMM DSM command set to white list - [x86,arm64] libnvdimm/btt: Remove unnecessary code in btt_freelist_init - [x86,arm64] libnvdimm/btt: Fix LBA masking during 'free list' population - [x86] thunderbolt: Drop duplicated get_switch_at_route() - cxgb4: free mac_hlist properly - cxgb4/cxgb4vf: Fix mac_hlist initialization and free - brcmfmac: abort and release host after error - Revert "gfs2: Don't demote a glock until its revokes are written" - misc: rtsx: Add short delay after exit from ASPM - [x86] mei: release me_cl object reference - rxrpc: Fix a memory leak in rxkad_verify_response() - rxrpc: Trace discarded ACKs - rxrpc: Fix ack discard https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.126 - ax25: fix setsockopt(SO_BINDTODEVICE) - __netif_receive_skb_core: pass skb by reference - net: inet_csk: Fix so_reuseport bind-address cache in tb->fast* - net: ipip: fix wrong address family in init error path - net/mlx5: Add command entry handling completion - net: revert "net: get rid of an signed integer overflow in ip_idents_reserve()" - net sched: fix reporting the first-time use timestamp - r8152: support additional Microsoft Surface Ethernet Adapter variant - sctp: Don't add the shutdown timer if its already been added - sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and socket is closed - net/mlx5e: Update netdev txq on completions during closure - net/mlx5: Annotate mutex destroy for root ns - net: sun: fix missing release regions in cas_init_one(). - net/mlx4_core: fix a memory leak bug. - [armhf] dts: rockchip: fix phy nodename for rk3228-evb - [arm64] dts: rockchip: fix status for &gmac2phy in rk3328-evb.dts - [arm64,armhf] gpio: tegra: mask GPIO IRQs during IRQ shutdown - ALSA: usb-audio: add mapping for ASRock TRX40 Creator - gfs2: move privileged user check to gfs2_quota_lock_check - cachefiles: Fix race between read_waiter and read_copier involving op->to_do - [arm64] usb: dwc3: pci: Enable extcon driver for Intel Merrifield - usb: gadget: legacy: fix redundant initialization warnings - IB/i40iw: Remove bogus call to netdev_master_upper_dev_get() - cifs: Fix null pointer check in cifs_read - Input: usbtouchscreen - add support for BonXeon TP - Input: evdev - call input_flush_device() on release(), not flush() - Input: xpad - add custom init packet for Xbox One S controllers - Input: i8042 - add ThinkPad S230u to i8042 reset list - Input: synaptics-rmi4 - really fix attn_data use-after-free - Input: synaptics-rmi4 - fix error return code in rmi_driver_probe() - [armel,armhf] 8970/1: decompressor: increase tag size - [arm*] 8843/1: use unified assembler in headers - gpio: exar: Fix bad handling for ida_simple_get error path - IB/qib: Call kobject_put() when kobject_init_and_add() fails - [armhf] dts/imx6q-bx50v3: Set display interface clock parents - [armel,armhf] dts: bcm2835-rpi-zero-w: Fix led polarity - mmc: block: Fix use-after-free issue for rpmb - ALSA: hwdep: fix a left shifting 1 by 31 UB bug - ALSA: hda/realtek - Add a model for Thinkpad T570 without DAC workaround - ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC - exec: Always set cap_ambient in cap_bprm_set_creds - ALSA: usb-audio: Quirks for Gigabyte TRX40 Aorus Master onboard audio - ALSA: hda/realtek - Add new codec supported for ALC287 - libceph: ignore pool overlay and cache logic on redirects - IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode - mm: remove VM_BUG_ON(PageSlab()) from page_mapcount() - include/asm-generic/topology.h: guard cpumask_of_node() macro argument - iommu: Fix reference count leak in iommu_group_alloc. - mmc: core: Fix recursive locking issue in CQE recovery path - RDMA/core: Fix double destruction of uobject - mac80211: mesh: fix discovery timer re-arming issue / crash - [x86] dma: Fix max PFN arithmetic overflow on 32 bit systems - [x86] copy_xstate_to_kernel(): don't leave parts of destination uninitialized - xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input - xfrm: call xfrm_output_gso when inner_protocol is set in xfrm_output - xfrm interface: fix oops when deleting a x-netns interface - xfrm: fix a warning in xfrm_policy_insert_list - xfrm: fix a NULL-ptr deref in xfrm_local_error - xfrm: fix error in comment - vti4: eliminated some duplicate code. - ip_vti: receive ipip packet by calling ip_tunnel_rcv - netfilter: nft_reject_bridge: enable reject with bridge vlan - netfilter: ipset: Fix subcounter update skip - netfilter: nfnetlink_cthelper: unbreak userspace helper support - netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code - esp6: get the right proto for transport mode in esp6_gso_encap - bnxt_en: Fix accumulation of bp->net_stats_prev. - xsk: Add overflow check for u64 division, stored into u32 - qlcnic: fix missing release in qlcnic_83xx_interrupt_test. - bonding: Fix reference count leak in bond_sysfs_slave_add. - netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build - mm/vmalloc.c: don't dereference possible NULL pointer in __vunmap() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.127 - Revert "cgroup: Add memory barriers to plug cgroup_rstat_updated() race window" - libnvdimm: Fix endian conversion issues - HID: sony: Fix for broken buttons on DS3 USB dongles - HID: i2c-hid: add Schneider SCL142ALM to descriptor override - p54usb: add AirVasT USB stick device-id - mmc: fix compilation of user API - scsi: ufs: Release clock if DMA map fails - airo: Fix read overflows sending packets - [x86] drm/i915: fix port checks for MST support on gen >= 11 - [arm64] scsi: hisi_sas: Check sas_port before using it - [powerpc*] powernv: Avoid re-registration of imc debugfs directory - [s390x] ftrace: save traced function caller - drm/edid: Add Oculus Rift S to non-desktop list - [s390x] mm: fix set_huge_pte_at() for empty ptes - null_blk: return error for invalid zone size - [arm64] net: ethernet: stmmac: Enable interface clocks on probe for IPQ806x - [arm64,armhf] net: smsc911x: Fix runtime PM imbalance on error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.128 - devinet: fix memleak in inetdev_init() - l2tp: add sk_family checks to l2tp_validate_socket - l2tp: do not use inet_hash()/inet_unhash() - net: usb: qmi_wwan: add Telit LE910C1-EUX composition - vsock: fix timeout in vsock_accept() - net: check untrusted gso_size at kernel entry - USB: serial: qcserial: add DW5816e QDL support - USB: serial: usb_wwan: do not resubmit rx urb on fatal errors - USB: serial: option: add Telit LE910C1-EUX compositions - [arm64,armhf] usb: musb: start session in resume for host port - [arm64,armhf] usb: musb: Fix runtime PM imbalance on error - vt: keyboard: avoid signed integer overflow in k_ascii (CVE-2020-13974) - tty: hvc_console, fix crashes on parallel open/close - staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK - CDC-ACM: heed quirk also in error handling - [arm64] nvmem: qfprom: remove incorrect write support - uprobes: ensure that uprobe->offset and ->ref_ctr_offset are properly aligned - Revert "net/mlx5: Annotate mutex destroy for root ns" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.129 - ipv6: fix IPV6_ADDRFORM operation logic - net_failover: fixed rollback in net_failover_open() - bridge: Avoid infinite loop when suppressing NS messages with invalid options - vxlan: Avoid infinite loop when suppressing NS messages with invalid options - tun: correct header offsets in napi frags mode - make 'user_access_begin()' do 'access_ok()' (CVE-2018-20669) - [x86] uaccess: Inhibit speculation past access_ok() in user_access_begin() - lib: Reduce user_access_begin() boundaries in strncpy_from_user() and strnlen_user() - btrfs: merge btrfs_find_device and find_device (CVE-2019-18885) - btrfs: Detect unbalanced tree with empty leaf before crashing btree operations - [armel,armhf] 8977/1: ptrace: Fix mask for thumb breakpoint hook - sched/fair: Don't NUMA balance for kthreads - Input: synaptics - add a second working PNP_ID for Lenovo T470s - [powerpc*] xive: Clear the page tables for the ESB IO mapping - ath9k_htc: Silence undersized packet warnings - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated - [x86] cpu/amd: Make erratum #1054 a legacy erratum - perf probe: Accept the instance number of kretprobe event - mm: add kvfree_sensitive() for freeing sensitive data objects - aio: fix async fsync creds - btrfs: tree-checker: Check level for leaves and nodes - [x86] Fix jiffies ODR violation - [x86] PCI: Mark Intel C620 MROMs as having non-compliant BARs - [x86] speculation: Prevent rogue cross-process SSBD shutdown (CVE-2020-10766) - [x86] reboot/quirks: Add MacBook6,1 reboot quirk - efi/efivars: Add missing kobject_put() in sysfs entry creation error path - [i386] ALSA: es1688: Add the missed snd_card_free() - ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines - ALSA: usb-audio: Fix inconsistent card PM state after resume - ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt Dock - [arm64,x86] ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile() - [amd64,arm64] ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe() - [arm64] ACPI: GED: add support for _Exx / _Lxx handler methods - [arm64,x86] ACPI: PM: Avoid using power resources if there are none for D0 - cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages - nilfs2: fix null pointer dereference at nilfs_segctor_do_construct() - [arm*] spi: bcm2835aux: Fix controller unregister order - PM: runtime: clk: Fix clk_pm_runtime_get() error path - [arm64] crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated - ALSA: pcm: disallow linking stream to itself - [x86] {mce,mm}: Unmap the entire page if the whole page is affected and poisoned - [x86] KVM: Fix APIC page invalidation race - [x86] kvm: Fix L1TF mitigation for shadow MMU - [x86] KVM: x86/mmu: Consolidate "is MMIO SPTE" code - [x86] KVM: only do L1TF workaround on affected processors - [x86] speculation: Change misspelled STIPB to STIBP - [x86] speculation: Add support for STIBP always-on preferred mode - [x86] speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS. (CVE-2020-10767) - [x86] speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches. (CVE-2020-10768) - spi: No need to assign dummy value in spi_unregister_controller() - spi: Fix controller unregister order - [amd64] spi: pxa2xx: Fix controller unregister order - [arm*] spi: bcm2835: Fix controller unregister order - [amd64] spi: pxa2xx: Balance runtime PM enable/disable on error - [amd64] spi: pxa2xx: Fix runtime PM ref imbalance on probe error - crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req() - crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() - crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() - ovl: initialize error in ovl_copy_xattr - proc: Use new_inode not new_inode_pseudo - [x86] KVM: nSVM: fix condition for filtering async PF - [x86] KVM: nSVM: leave ASID aside in copy_vmcb_control_area - [x86] KVM: nVMX: Consult only the "basic" exit reason when routing nested exit - [arm64] KVM: Make vcpu_cp1x() work on Big Endian hosts - scsi: megaraid_sas: TM command refire leads to controller firmware crash - ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx - ath9k: Fix use-after-free Write in ath9k_htc_rx_msg - ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb - mm/slub: fix a memory leak in sysfs_slab_add() - fat: don't allow to mount if the FAT length == 0 - perf: Add cond_resched() to task_function_call() - [x86] agp/intel: Reinforce the barrier after GTT updates - [arm64] mmc: sdhci-msm: Clear tuning done flag while hs400 tuning - mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card() - xen/pvcalls-back: test for errors when calling backend_connect() - [arm64] KVM: Synchronize sysreg state on injecting an AArch32 exception - [arm64] ACPI: GED: use correct trigger type field in _Exx / _Lxx handling - [arm64] drm: bridge: adv7511: Extend list of audio sample rates - [x86] crypto: ccp -- don't "select" CONFIG_DMADEVICES - media: si2157: Better check for running tuner in init - [amd64] spi: pxa2xx: Apply CS clk quirk to BXT - [amd64] net: atlantic: make hw_get_regs optional - net: ena: fix error returning in ena_com_get_hash_function() - [arm64] insn: Fix two bugs in encoding 32-bit logical immediates - ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K - Bluetooth: Add SCO fallback for invalid LMP parameters error - [armhf] clocksource: dw_apb_timer: Make CPU-affiliation being optional - [armhf] clocksource: dw_apb_timer_of: Fix missing clockevent timers - btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums - batman-adv: Revert "disable ethtool link speed detection when auto negotiation off" - [armhf] mmc: meson-mx-sdio: trigger a soft reset after a timeout or CRC error - [x86] kvm/hyper-v: Explicitly align hcall param for kvm_hyperv_exit - [x86] net: vmxnet3: fix possible buffer overflow caused by bad DMA value in vmxnet3_get_rss() - brcmfmac: fix wrong location to get firmware feature - e1000: Distribute switch variables for initialization - dt-bindings: display: mediatek: control dpi pins mode to avoid leakage - audit: fix a net reference leak in audit_send_reply() - media: dvb: return -EREMOTEIO on i2c transfer failure. - [mips*] Make sparse_init() using top-down allocation - Bluetooth: btbcm: Add 2 missing models to subver tables - audit: fix a net reference leak in audit_list_rules_send() - netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported - exit: Move preemption fixup up, move blocking operations down - sched/core: Fix illegal RCU from offline CPUs - drivers/perf: hisi: Fix typo in events attribute array - [armhf] net: allwinner: Fix use correct return type for ndo_start_xmit() - xfs: clean up the error handling in xfs_swap_extents - Crypto/chcr: fix for ccm(aes) failed test - [mips*] cm: Fix an invalid error code of INTVN_*_ERR - xfs: reset buffer write failure state on successful completion - xfs: fix duplicate verification from xfs_qm_dqflush() - [x86] platform/x86: intel-vbtn: Use acpi_evaluate_integer() - [x86] platform/x86: intel-vbtn: Split keymap into buttons and switches parts - [x86] platform/x86: intel-vbtn: Do not advertise switches to userspace if they are not there - [x86] platform/x86: intel-vbtn: Also handle tablet-mode switch on "Detachable" and "Portable" chassis-types - nvme: refine the Qemu Identify CNS quirk - ath10k: Remove msdu from idr when management pkt send fails - [arm64] wcn36xx: Fix error handling path in 'wcn36xx_probe()' - net: qed*: Reduce RX and TX default ring count when running inside kdump kernel - mt76: avoid rx reorder buffer overflow - md: don't flush workqueue unconditionally in md_open - veth: Adjust hard_start offset on redirect XDP frames - net/mlx5e: IPoIB, Drop multicast packets that this interface sent - rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup() - mwifiex: Fix memory corruption in dump_station - [x86] boot: Correct relocation destination on old linkers - [x86] mm: Stop printing BRK addresses - btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a new qgroup - macvlan: Skip loopback packets in RX handler - PCI: Don't disable decoding when mmio_always_on is set - [mips*] Fix IRQ tracing when call handle_fpe() and handle_msa_fpe() - bcache: fix refcount underflow in bcache_device_free() - [arm64] mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk - mmc: via-sdmmc: Respect the cmd->busy_timeout from the mmc core - ixgbe: fix signed-integer-overflow warning - [armhf] mmc: sdhci-esdhc-imx: fix the mask for tuning start point - cpuidle: Fix three reference count leaks - [x86] platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32() - [x86] platform/x86: intel-hid: Add a quirk to support HP Spectre X2 (2015) - [x86] platform/x86: intel-vbtn: Only blacklist SW_TABLET_MODE on the 9 / "Laptop" chasis-type - btrfs: include non-missing as a qualifier for the latest_bdev - btrfs: send: emit file capabilities after chown - mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked() - mm: initialize deferred pages with interrupts enabled - ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max - ext4: fix error pointer dereference - ext4: fix race between ext4_sync_parent() and rename() - PCI: Avoid Pericom USB controller OHCI/EHCI PME# defect - PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0 - PCI: Avoid FLR for AMD Starship USB 3.0 - PCI: Add ACS quirk for iProc PAXB - PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints - PCI: Remove unused NFP32xx IDs - [x86] hwmon/k10temp, x86/amd_nb: Consolidate shared device IDs - [x86] amd_nb: Add PCI device IDs for family 17h, model 30h - PCI: add USR vendor id and use it in r8169 and w6692 driver - PCI: Move Synopsys HAPS platform device IDs - PCI: Move Rohm Vendor ID to generic list - misc: pci_endpoint_test: Add the layerscape EP device support - misc: pci_endpoint_test: Add support to test PCI EP in AM654x - PCI: Add Synopsys endpoint EDDA Device ID - PCI: Add NVIDIA GPU multi-function power dependencies - PCI: Enable NVIDIA HDA controllers - [x86] amd_nb: Add PCI device IDs for family 17h, model 70h - ALSA: lx6464es - add support for LX6464ESe pci express variant - PCI: Add Genesys Logic, Inc. Vendor ID - PCI: Add Amazon's Annapurna Labs vendor ID - PCI: vmd: Add device id for VMD device 8086:9A0B - [x86] amd_nb: Add Family 19h PCI IDs - PCI: Add Loongson vendor ID - serial: 8250_pci: Move Pericom IDs to pci_ids.h - PCI: Make ACS quirk implementations more uniform - PCI: Unify ACS quirk desired vs provided checking - PCI: Generalize multi-function power dependency device links - btrfs: fix error handling when submitting direct I/O bio - btrfs: fix wrong file range cleanup after an error filling dealloc range - PCI: Program MPS for RCiEP devices - e1000e: Disable TSO for buffer overrun workaround - e1000e: Relax condition to trigger reset for ME workaround - carl9170: remove P2P_GO support - media: go7007: fix a miss of snd_card_free (CVE-2019-20810) - Bluetooth: hci_bcm: fix freeing not-requested IRQ - b43legacy: Fix case where channel status is corrupted - b43: Fix connection problem with WPA3 - b43_legacy: Fix connection problem with WPA3 - igb: Report speed and duplex as unknown when device is runtime suspended - [arm64,armhf] power: vexpress: add suppress_bind_attrs to true - [armhf] pinctrl: samsung: Correct setting of eint wakeup mask on s5pv210 - [armhf] pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs - gnss: sirf: fix error return code in sirf_probe() - dm crypt: avoid truncating the logical block size - kernel/cpu_pm: Fix uninitted local in cpu_pm - [armhf] tegra: Correct PL310 Auxiliary Control Register initialization - [powerpc*] 64s: Don't let DT CPU features set FSCR_DSCR - [powerpc*] 64s: Save FSCR to init_task.thread.fscr after feature init - sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate registrations. - sunrpc: clean up properly in gss_mech_unregister() - [armhf] w1: omap-hdq: cleanup to add missing newline for some dev_dbg - perf probe: Do not show the skipped events - perf probe: Fix to check blacklist address correctly - perf probe: Check address correctness by map instead of _etext - perf symbols: Fix debuginfo search for Ubuntu https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.130 - [arm64,armhf] clk: sunxi: Fix incorrect usage of round_down() - [arm64,armhf] ASoC: tegra: tegra_wm8903: Support nvidia, headset property - i2c: piix4: Detect secondary SMBus controller on AMD AM4 chipsets - [x86] iio: pressure: bmp280: Tolerate IRQ before registering - [arm64] clk: qcom: msm8916: Fix the address location of pll->config_reg - [arm64] backlight: lp855x: Ensure regulators are disabled on probe failure - [armhf] ASoC: davinci-mcasp: Fix dma_chan refcnt leak when getting dma type - [armel] integrator: Add some Kconfig selections - scsi: qedi: Check for buffer overflow in qedi_set_path() - ALSA: hda/realtek - Introduce polarity for micmute LED GPIO - [i386] ALSA: isa/wavefront: prevent out of bounds write in ioctl - PCI: Allow pci_resize_resource() for devices on root bus - scsi: qla2xxx: Fix issue with adapter's stopping state - [x86] iio: bmp280: fix compensation of humidity - f2fs: report delalloc reserve as non-free in statfs for project quota - [x86] i2c: pxa: clear all master action bits in i2c_pxa_stop_message() - [armhf] clk: samsung: Mark top ISP and CAM clocks on Exynos542x as critical - usblp: poison URBs upon disconnect - serial: 8250: Fix max baud limit in generic 8250 port - dm mpath: switch paths in dm_blk_ioctl() code path - [arm64] PCI: aardvark: Don't blindly enable ASPM L0s and don't write to read-only register - vfio/pci: fix memory leaks in alloc_perm_bits() - RDMA/mlx5: Add init2init as a modify command - scsi: lpfc: Fix lpfc_nodelist leak when processing unsolicited event - [powerpc*] perf/hv-24x7: Fix inconsistent output values incase multiple hv-24x7 events run - nfsd: Fix svc_xprt refcnt leak when setup callback client failed - [amd64] PCI: vmd: Filter resource type bits from shadow register - [powerpc*] crashkernel: Take "mem=" option into account - yam: fix possible memory leak in yam_init_driver - apparmor: fix introspection of of task mode for unconfined tasks - apparmor: check/put label on apparmor_sk_clone_security() - scsi: sr: Fix sr_probe() missing deallocate of device minor - [powerpc*] scsi: ibmvscsi: Don't send host info in adapter info MAD after LPM - apparmor: fix nnp subset test for unconfined - [x86] purgatory: Disable various profiling and sanitizing options - scsi: qedi: Do not flush offload work if ARP not resolved - [armhf] dts: sun8i-h2-plus-bananapi-m2-zero: Fix led polarity - scsi: qedf: Fix crash when MFW calls for protocol stats while function is still probing - [arm64] firmware: qcom_scm: fix bogous abuse of dma-direct internals - ALSA: usb-audio: Improve frames size computation - ALSA: usb-audio: Fix racy list management in output queue - [s390x] qdio: put thinint indicator after early error - tty: hvc: Fix data abort due to race in hvc_open - [armhf] thermal/drivers/ti-soc-thermal: Avoid dereferencing ERR_PTR - [arm64,armhf] usb: dwc3: gadget: Properly handle failed kick_transfer - [mips64el,mipsel] staging: sm750fb: add missing case while setting FB_VISUAL - [arm64,i386] i2c: pxa: fix i2c_pxa_scream_blue_murder() debug output - [arm*] serial: amba-pl011: Make sure we initialize the port.lock spinlock - drivers: base: Fix NULL pointer exception in __platform_driver_probe() if a driver developer is foolish - PCI/ASPM: Allow ASPM on links to PCIe-to-PCI/PCI-X Bridges - scsi: qla2xxx: Fix warning after FC target reset - scsi: mpt3sas: Fix double free warnings - [arm64,armhf] pinctrl: rockchip: fix memleak in rockchip_dt_node_to_map - [armhf] clk: ti: composite: fix memory leak - PCI: Fix pci_register_host_bridge() device_register() error handling - [powerpc*] Don't initialise init_task->thread.regs - tty: n_gsm: Fix SOF skipping - tty: n_gsm: Fix waking up upper tty layer when room available - HID: Add quirks for Trust Panora Graphic Tablet - ipmi: use vzalloc instead of kmalloc for user creation - [powerpc*] pseries/ras: Fix FWNMI_VALID off by one - vfio-pci: Mask cap zero - usb/ohci-platform: Fix a warning when hibernating - [arm64] drm/msm/mdp5: Fix mdp5_init error path for failed mdp5_kms allocation - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT8-A tablet - [armhf] USB: host: ehci-mxc: Add error handling in ehci_mxc_drv_probe() - tty: n_gsm: Fix bogus i++ in gsm_data_kick - scsi: target: tcmu: Userspace must not complete queued commands - [powerpc*] 64s/pgtable: fix an undefined behaviour - dm zoned: return NULL if dmz_get_zone_for_reclaim() fails to find a zone - PCI/PTM: Inherit Switch Downstream Port PTM settings from Upstream Port - [arm64,armhf] PCI: dwc: Fix inner MSI IRQ domain registration - IB/cma: Fix ports memory leak in cma_configfs - [arm*] usb: dwc2: gadget: move gadget resume after the core is in L0 state - usb: gadget: Fix issue with config_ep_by_speed function - RDMA/iw_cxgb4: cleanup device debugfs entries on ULD remove - [x86] apic: Make TSC deadline timer detection message visible - scsi: target: tcmu: Fix a use after free in tcmu_check_expired_queue_cmd() - [arm*] clk: bcm2835: Fix return type of bcm2835_register_gate - [ppc64el] KVM: Book3S HV: Ignore kmemleak false positives - net: sunrpc: Fix off-by-one issues in 'rpc_ntop6' - NFSv4.1 fix rpc_call_done assignment for BIND_CONN_TO_SESSION - of: Fix a refcounting bug in __of_attach_node_sysfs() - rxrpc: Adjust /proc/net/rxrpc/calls to display call->debug_id not user_ID - gfs2: Allow lock_nolock mount to specify jid=X - scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj - scsi: ufs: Don't update urgent bkops level when toggling auto bkops - [armhf] pinctrl: freescale: imx: Fix an error handling path in 'imx_pinctrl_probe()' - geneve: change from tx_error to tx_dropped on missing metadata - lib/zlib: remove outdated and incorrect pre-increment optimization - blktrace: use errno instead of bi_status - blktrace: fix endianness in get_pdu_int() - blktrace: fix endianness for blk_log_remap() - gfs2: fix use-after-free on transaction ail lists - drivers/perf: hisi: Fix wrong value for all counters enable - afs: Fix memory leak in afs_put_sysnames() - ASoC: core: only convert non DPCM link to DPCM link - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT10-A tablet - ASoC: rt5645: Add platform-data for Asus T101HA - [arm64,armhf] drm/sun4i: hdmi ddc clk: Fix size of m divider - [x86] idt: Keep spurious entries unset in system_vectors - net/filter: Permit reading NET in load_bytes_relative when MAC not set - xdp: Fix xsk_generic_xmit errno - [arm64,armhf] usb/xhci-plat: Set PM runtime as active on resume - usb: host: ehci-platform: add a quirk to avoid stuck - usb/ehci-platform: Set PM runtime as active on resume - perf report: Fix NULL pointer dereference in hists__fprintf_nr_sample_events() - ext4: stop overwrite the errcode in ext4_setup_super - bcache: fix potential deadlock problem in btree_gc_coalesce (CVE-2020-12771) - afs: Fix non-setting of mtime when writing into mmap - afs: afs_write_end() should change i_size under the right lock - block: Fix use-after-free in blkdev_get() - [arm64] hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints - libata: Use per port sync for detach - drm: encoder_slave: fix refcouting error for modules - drm/dp_mst: Reformat drm_dp_check_act_status() a bit - drm/qxl: Use correct notify port address when creating cursor ring - selinux: fix double free - ext4: fix partial cluster initialization when splitting extent - ext4: avoid race conditions when remounting with options that change dax - drm/dp_mst: Increase ACT retry timeout to 3s - block: nr_sects_write(): Disable preemption on seqcount write - mtd: rawnand: Pass a nand_chip object to nand_scan() - mtd: rawnand: Pass a nand_chip object to nand_release() - mtd: rawnand: diskonchip: Fix the probe error path - [armel,armhf] mtd: rawnand: orion: Fix the probe error path - [s390x] fix syscall_get_error for compat processes - [x86] drm/i915: Whitelist context-local timestamp in the gen9 cmdparser - [x86] drm/i915/icl+: Fix hotplug interrupt disabling after storm detection - crypto: algif_skcipher - Cap recv SG list at ctx->used - crypto: algboss - don't wait during notifier callback - kprobes: Fix to protect kick_kprobe_optimizer() by kprobe_mutex - e1000e: Do not wake up the system via WOL if device wakeup is disabled - [mips*] net: octeon: mgmt: Repair filling of RX ring - kretprobe: Prevent triggering kretprobe from within kprobe_flush_task - sched/rt, net: Use CONFIG_PREEMPTION.patch - net: core: device_rename: Use rwsem instead of a seqcount - md: add feature flag MD_FEATURE_RAID0_LAYOUT - [x86] kvm: Move kvm_set_mmio_spte_mask() from x86.c to mmu.c - [x86] kvm: Fix reserved bits related calculation errors caused by MKTME - [x86] KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.131 - net: be more gentle about silly gso requests coming from user - block/bio-integrity: don't free 'buf' if bio_integrity_add_page() failed - fanotify: fix ignore mask logic for events on child and on dir - [armhf] mtd: rawnand: marvell: Fix the condition on a return code - net: sched: export __netdev_watchdog_up() - [x86] EDAC/amd64: Add Family 17h Model 30h PCI IDs - [arm64,armhf] i2c: tegra: Cleanup kerneldoc comments - [arm64,armhf] i2c: tegra: Add missing kerneldoc for some fields - [arm64,armhf] i2c: tegra: Fix Maximum transfer size - ALSA: hda/realtek - Enable the headset of ASUS B9450FA with ALC294 - ALSA: hda/realtek: Enable mute LED on an HP system - ALSA: hda/realtek - Enable micmute LED on and HP system - apparmor: don't try to replace stale label in ptraceme check (Closes: #963493) - [ppc64el] ibmveth: Fix max MTU limit - mld: fix memory leak in ipv6_mc_destroy_dev() - net: bridge: enfore alignment for ethernet address - net: fix memleak in register_netdevice() - net: place xmit recursion in softnet data - net: use correct this_cpu primitive in dev_recursion_level - net: increment xmit_recursion level in dev_direct_xmit() - net: usb: ax88179_178a: fix packet alignment padding - rxrpc: Fix notification call on completion of discarded calls - sctp: Don't advertise IPv4 addresses if ipv6only is set on the socket - tcp: don't ignore ECN CWR on pure ACK - tcp: grow window for OOO packets only for SACK flows - tg3: driver sleeps indefinitely when EEH errors exceed eeh_max_freezes - ip6_gre: fix use-after-free in ip6gre_tunnel_lookup() - net: phy: Check harder for errors in get_phy_id() - ip_tunnel: fix use-after-free in ip_tunnel_lookup() - sch_cake: don't try to reallocate or unshare skb unconditionally - sch_cake: fix a few style nits - tcp_cubic: fix spurious HYSTART_DELAY exit upon drop in min RTT - sch_cake: don't call diffserv parsing code when it is not needed - net: Fix the arp error in some cases - net: Do not clear the sock TX queue in sk_set_socket() - net: core: reduce recursion limit value - [arm*] usb: dwc2: Postponed gadget registration to the udc class driver - usb: add USB_QUIRK_DELAY_INIT for Logitech C922 - USB: ehci: reopen solution for Synopsys HC bug - xhci: Poll for U0 after disabling USB2 LPM - [armhf] usb: host: ehci-exynos: Fix error check in exynos_ehci_probe() - ALSA: usb-audio: add quirk for Denon DCD-1500RE - ALSA: usb-audio: add quirk for Samsung USBC Headset (AKG) - ALSA: usb-audio: Fix OOB access of mixer element list - [s390x] scsi: zfcp: Fix panic on ERP timeout for previously dismissed ERP action - xhci: Fix incorrect EP_STATE_MASK - xhci: Fix enumeration issue when setting max packet size for FS devices. - xhci: Return if xHCI doesn't support LPM - cdc-acm: Add DISABLE_ECHO quirk for Microchip/SMSC chip - loop: replace kill_bdev with invalidate_bdev - IB/mad: Fix use after free when destroying MAD agent - cifs/smb3: Fix data inconsistent when punch hole - cifs/smb3: Fix data inconsistent when zero file range - xfrm: Fix double ESP trailer insertion in IPsec crypto offload. - efi/esrt: Fix reference count leak in esre_create_sysfs_entry. - [armhf] regualtor: pfuze100: correct sw1a/sw2 on pfuze3000 - [armhf] ASoC: fsl_ssi: Fix bclk calculation for mono channel - [armhf] dts: Fix duovero smsc interrupt for suspend - regmap: Fix memory leak from regmap_register_patch - rxrpc: Fix handling of rwind from an ACK packet - RDMA/qedr: Fix KASAN: use-after-free in ucma_event_handler+0x532 - RDMA/cma: Protect bind_list and listen_list while finding matching cm id - RDMA/mad: Fix possible memory leak in ib_mad_post_receive_mads() - net: qed: fix left elements count calculation - net: qed: fix NVMe login fails over VFs - net: qed: fix excessive QM ILT lines consumption - cxgb4: move handling L2T ARP failures to caller - [armhf] imx5: add missing put_device() call in imx_suspend_alloc_ocram() - netfilter: ipset: fix unaligned atomic access - i2c: core: check returned size of emulated smbus block read - sched/deadline: Initialize ->dl_boosted - sched/core: Fix PI boosting between RT and DEADLINE tasks - ata/libata: Fix usage of page address by page_address in ata_scsi_mode_select_xlat function - net: alx: fix race condition in alx_remove - [s390x] ptrace: fix setting syscall number - [s390x] vdso: fix vDSO clock_getres() - kbuild: improve cc-option to clean up all temporary files - blktrace: break out of blktrace setup on concurrent calls - ALSA: hda: Add NVIDIA codec IDs 9a & 9d through a0 to patch table - ALSA: hda/realtek - Add quirk for MSI GE63 laptop - [x86,arm64] ACPI: sysfs: Fix pm_profile_attr type - [x86] KVM: Fix MSR range of APIC registers in X2APIC mode - [x86] KVM: nVMX: Plumb L2 GPA through to PML emulation - [amd64] x86/asm/64: Align start of __clear_user() loop to 16-bytes - btrfs: fix data block group relocation failure due to concurrent scrub - btrfs: fix failure of RWF_NOWAIT write into prealloc extent beyond eof - mm/slab: use memzero_explicit() in kzfree() - ocfs2: avoid inode removal while nfsd is accessing it - ocfs2: load global_inode_alloc - ocfs2: fix value of OCFS2_INVALID_SLOT - ocfs2: fix panic on nfs server over ocfs2 - [arm64] perf: Report the PC value in REGS_ABI_32 mode - tracing: Fix event trigger to accept redundant spaces - ring-buffer: Zero out time extend if it is nested and not absolute - drm/radeon: fix fb_div check in ni_init_smc_spll_table() - [x86,arm64] Staging: rtl8723bs: prevent buffer overflow in update_sta_support_rate() - sunrpc: fixed rollback in rpc_gssd_dummy_populate() - SUNRPC: Properly set the @subbuf parameter of xdr_buf_subsegment() - pNFS/flexfiles: Fix list corruption if the mirror count changes - NFSv4 fix CLOSE not waiting for direct IO compeletion - dm writecache: correct uncommitted_block when discarding uncommitted entry - dm writecache: add cond_resched to loop in persistent_memory_claim() - xfs: add agf freeblocks verify in xfs_agf_verify (CVE-2020-12655) - Revert "tty: hvc: Fix data abort due to race in hvc_open" . [ Salvatore Bonaccorso ] * [rt] Add new signing key for Tom Zanussi * nfsd: apply umask on fs without ACL support (Closes: #962254) * [rt] Update to 4.19.120-rt52: - tasklet: Address a race resulting in double-enqueue - hrtimer: fix logic for when grabbing softirq_expiry_lock can be elided * [rt] Update to 4.19.124-rt53 * [rt] Update to 4.19.127-rt55: - fs/dcache: Include swait.h header - mm: slub: Always flush the delayed empty slubs in flush_all() - tasklet: Fix UP case for tasklet CHAINED state * usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect (CVE-2020-15393) . [ Ben Hutchings ] * [rt] Update "net: move xmit_recursion to per-task variable on -RT" to apply on top of "net: place xmit recursion in softnet data" * [rt] Drop "net: Add a mutex around devnet_rename_seq", redundant with "net: Introduce net_rwsem to protect net_namespace_list" * [rt] Drop idle task related parts of "sched: Move mmdrop to RCU on RT", redundant with "sched/core: Fix illegal RCU from offline CPUs" * Bump ABI to 10 . [ YunQiang Su ] * [mips*]: Do not enable MIPS_O32_FP64_SUPPORT, since golang hasn't been migrated to FPXX yet and this breaks the golang packages on Octeon hardware. In turns this disables MSA on 32-bit kernels. . [ Luca Boccassi ] * [cloud] Enable INFINIBAND configs for HyperV/Azure (Closes: #958300) linux (4.19.118-2+deb10u1) buster-security; urgency=high . [ Salvatore Bonaccorso ] * selinux: properly handle multiple messages in selinux_netlink_send() (CVE-2020-10751) * fs/namespace.c: fix mountpoint reference counter race (CVE-2020-12114) * USB: core: Fix free-while-in-use bug in the USB S-Glibrary (CVE-2020-12464) * [x86] KVM: SVM: Fix potential memory leak in svm_cpu_init() (CVE-2020-12768) * scsi: sg: add sg_remove_request in sg_write (CVE-2020-12770) * USB: gadget: fix illegal array access in binding with UDC (CVE-2020-13143) * netlabel: cope with NULL catmap (CVE-2020-10711) * fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() (CVE-2020-10732) * kernel/relay.c: handle alloc_percpu returning NULL in relay_open (CVE-2019-19462) * mm: Fix mremap not considering huge pmd devmap (CVE-2020-10757) * [x86] KVM: nVMX: Always sync GUEST_BNDCFGS when it comes from vmcs01 * KVM: Introduce a new guest mapping API * [arm64] kvm: fix compilation on aarch64 * [s390x] kvm: fix compilation on s390 * [s390x] kvm: fix compile on s390 part 2 * KVM: Properly check if "page" is valid in kvm_vcpu_unmap * [x86] kvm: Introduce kvm_(un)map_gfn() (CVE-2019-3016) * [x86] kvm: Cache gfn to pfn translation (CVE-2019-3016) * [x86] KVM: Make sure KVM_VCPU_FLUSH_TLB flag is not missed (CVE-2019-3016) * [x86] KVM: Clean up host's steal time structure (CVE-2019-3016) * include/uapi/linux/swab.h: fix userspace breakage, use __BITS_PER_LONG for swap (Closes: #960271) . [ Ben Hutchings ] * propagate_one(): mnt_set_mountpoint() needs mount_lock * [x86] Add support for mitigation of Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543): - x86/cpu: Add 'table' argument to cpu_matches() - x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation - x86/speculation: Add SRBDS vulnerability and mitigation documentation - x86/speculation: Add Ivy Bridge to affected list * [x86] speculation: Do not match steppings, to avoid an ABI change linux (4.19.118-2+deb10u1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports; no further changes required . linux (4.19.118-2+deb10u1) buster-security; urgency=high . [ Salvatore Bonaccorso ] * selinux: properly handle multiple messages in selinux_netlink_send() (CVE-2020-10751) * fs/namespace.c: fix mountpoint reference counter race (CVE-2020-12114) * USB: core: Fix free-while-in-use bug in the USB S-Glibrary (CVE-2020-12464) * [x86] KVM: SVM: Fix potential memory leak in svm_cpu_init() (CVE-2020-12768) * scsi: sg: add sg_remove_request in sg_write (CVE-2020-12770) * USB: gadget: fix illegal array access in binding with UDC (CVE-2020-13143) * netlabel: cope with NULL catmap (CVE-2020-10711) * fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() (CVE-2020-10732) * kernel/relay.c: handle alloc_percpu returning NULL in relay_open (CVE-2019-19462) * mm: Fix mremap not considering huge pmd devmap (CVE-2020-10757) * [x86] KVM: nVMX: Always sync GUEST_BNDCFGS when it comes from vmcs01 * KVM: Introduce a new guest mapping API * [arm64] kvm: fix compilation on aarch64 * [s390x] kvm: fix compilation on s390 * [s390x] kvm: fix compile on s390 part 2 * KVM: Properly check if "page" is valid in kvm_vcpu_unmap * [x86] kvm: Introduce kvm_(un)map_gfn() (CVE-2019-3016) * [x86] kvm: Cache gfn to pfn translation (CVE-2019-3016) * [x86] KVM: Make sure KVM_VCPU_FLUSH_TLB flag is not missed (CVE-2019-3016) * [x86] KVM: Clean up host's steal time structure (CVE-2019-3016) * include/uapi/linux/swab.h: fix userspace breakage, use __BITS_PER_LONG for swap (Closes: #960271) . [ Ben Hutchings ] * propagate_one(): mnt_set_mountpoint() needs mount_lock * [x86] Add support for mitigation of Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543): - x86/cpu: Add 'table' argument to cpu_matches() - x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation - x86/speculation: Add SRBDS vulnerability and mitigation documentation - x86/speculation: Add Ivy Bridge to affected list * [x86] speculation: Do not match steppings, to avoid an ABI change linux-latest (105+deb10u5) buster; urgency=medium . * Update to 4.19.0-10 linux-signed-amd64 (4.19.132+1) buster; urgency=medium . * Sign kernel from linux 4.19.132-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.132 - btrfs: fix a block group ref counter leak after failure to remove block group - mm: fix swap cache node allocation mask - [x86] EDAC/amd64: Read back the scrub rate PCI register on F15h - usbnet: smsc95xx: Fix use-after-free after removal - mm/slub.c: fix corrupted freechain in deactivate_slab() - mm/slub: fix stack overruns with SLUB_STATS - [s390x] debug: avoid kernel warning on too large number of pages - nvme-multipath: set bdi capabilities once - nvme-multipath: fix deadlock between ana_work and scan_work - crypto: af_alg - fix use-after-free in af_alg_accept() due to bh_lock_sock() - [arm64] drm/msm/dpu: fix error return code in dpu_encoder_init - cxgb4: use unaligned conversion for fetching timestamp - cxgb4: parse TC-U32 key values and masks natively - cxgb4: use correct type for all-mask IP address comparison - cxgb4: fix SGE queue dump destination buffer context - [x86] hwmon: (acpi_power_meter) Fix potential memory leak in acpi_power_meter_add() - [arm64,armhf] drm: sun4i: hdmi: Remove extra HPD polling - virtio-blk: free vblk-vqs in error path of virtblk_probe() - SMB3: Honor 'posix' flag for multiuser mounts - nvme: fix a crash in nvme_mpath_add_disk - i2c: algo-pca: Add 0x78 as SCL stuck low status for PCA9665 - Revert "ALSA: usb-audio: Improve frames size computation" - SMB3: Honor 'seal' flag for multiuser mounts - SMB3: Honor persistent/resilient handle flags for multiuser mounts - SMB3: Honor lease disabling for multiuser mounts - cifs: Fix the target file was deleted when rename failed. - [mips*] Add missing EHB in mtc0 -> mfc0 sequence for DSPen - [arm64,armhf] irqchip/gic: Atomically update affinity - dm zoned: assign max_io_len correctly - efi: Make it possible to disable efivar_ssdt entirely . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.132-rt59 * Revert "ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb" (Closes: #964153, #964480) * efi: Restrict efivar_ssdt_load when the kernel is locked down (CVE-2019-20908) * certs: Rotate to use the Debian Secure Boot Signer 2020 certificate * e1000e: Add support for Comet Lake (Closes: #965365) linux-signed-amd64 (4.19.131+2) buster; urgency=medium . * Sign kernel from linux 4.19.131-2 . [ Aurelien Jarno ] * Revert "mips: Add udelay lpj numbers adjustment", since it causes the build to fail with CONFIG_CPU_FREQ=y. linux-signed-amd64 (4.19.131+1) buster; urgency=medium . * Sign kernel from linux 4.19.131-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.119 - ext4: fix extent_status fragmentation for plain files - [arm64] drm/msm: Use the correct dma_sync calls harder - vti4: removed duplicate log message. - [arm64] Add part number for Neoverse N1 - [arm64] errata: Hide CTR_EL0.DIC on systems affected by Neoverse-N1 #1542419 - [arm64] Fake the IminLine size on systems affected by Neoverse-N1 #1542419 - [arm64] compat: Workaround Neoverse-N1 #1542419 for compat user-space - watchdog: reset last_hw_keepalive time at start - scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login - scsi: lpfc: Fix crash in target side cable pulls hitting WAIT_FOR_UNREG - ceph: return ceph_mdsc_do_request() errors from __get_parent() - ceph: don't skip updating wanted caps when cap is stale - scsi: iscsi: Report unbind session event when the target has been removed - [x86] ASoC: Intel: atom: Take the drv->lock mutex before calling sst_send_slot_map() - nvme: fix deadlock caused by ANA update wrong locking - ipc/util.c: sysvipc_find_ipc() should increase position index - [s390x] cio: avoid duplicated 'ADD' uevents - loop: Better discard support for block devices - [powerpc*] Revert "powerpc/64: irq_work avoid interrupt when called with hardware irqs enabled" - [arm*] pwm: bcm2835: Dynamically allocate base - perf/core: Disable page faults when getting phys address - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN MPWIN895CL tablet - xhci: Ensure link state is U3 after setting USB_SS_PORT_LS_U3 - virtio-blk: improve virtqueue error to BLK_STS - scsi: smartpqi: fix call trace in device discovery - PCI/ASPM: Allow re-enabling Clock PM - [x86] KVM: VMX: Zero out *all* general purpose registers after VM-Exit - cxgb4: fix adapter crash due to wrong MC size - cxgb4: fix large delays in PTP synchronization - ipv6: fix restrict IPV6_ADDRFORM operation - macsec: avoid to set wrong mtu - macvlan: fix null dereference in macvlan_device_event() - net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node - [arm64,armhf] net: stmmac: dwmac-meson8b: Add missing boundary to RGMII TX clock array - sched: etf: do not assume all sockets are full blown - tcp: cache line align MAX_TCP_HEADER - team: fix hang in team_mode_get() - vrf: Fix IPv6 with qdisc and xfrm - [armhf] net: dsa: b53: Lookup VID in ARL searches when VLAN is enabled - [armhf] net: dsa: b53: Fix ARL register definitions - [armhf] net: dsa: b53: Rework ARL bin logic - [armhf] net: dsa: b53: b53_arl_rw_op() needs to select IVL or SVL - xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish - vrf: Check skb for XFRM_TRANSFORMED flag - KEYS: Avoid false positive ENOMEM error on key read - ALSA: hda: Remove ASUS ROG Zenith from the blacklist - ALSA: usb-audio: Add static mapping table for ALC1220-VB-based mobos - ALSA: usb-audio: Add connector notifier delegation - [armhf] iio: st_sensors: rely on odr mask to know if odr can be set - USB: sisusbvga: Change port variable from signed to unsigned - USB: Add USB_QUIRK_DELAY_CTRL_MSG and USB_QUIRK_DELAY_INIT for Corsair K70 RGB RAPIDFIRE - USB: early: Handle AMD's spec-compliant identifiers, too - USB: hub: Fix handling of connect changes during sleep - vmalloc: fix remap_vmalloc_range() bounds checks - mm/hugetlb: fix a addressing exception caused by huge_pte_offset - mm/ksm: fix NULL pointer dereference when KSM zero page is enabled - ALSA: hda/realtek - Fix unexpected init_amp override - ALSA: hda/realtek - Add new codec supported for ALC245 - ALSA: usb-audio: Fix usb audio refcnt leak when getting spdif - ALSA: usb-audio: Filter out unsupported sample rates on Focusrite devices - tpm/tpm_tis: Free IRQ if probing fails - [s390x] KVM: Return last valid slot if approx index is out-of-bounds - KVM: Check validity of resolved slot when searching memslots - [x86] KVM: VMX: Enable machine check support for 32bit targets - tty: hvc: fix buffer overflow during hvc_alloc(). - [x86] tty: rocket, avoid OOB access - usb-storage: Add unusual_devs entry for JMicron JMS566 - audit: check the length of userspace generated audit records - ASoC: dapm: fixup dapm kcontrol widget - iwlwifi: pcie: actually release queue memory in TVQM - iwlwifi: mvm: beacon statistics shouldn't go backwards - [armel,armhf] ARM: imx: provide v7_cpu_resume() only on ARM_CPU_SUSPEND=y - [powerpc*] setup_64: Set cache-line-size based on cache-block-size - [i386] staging: comedi: dt2815: fix writing hi byte of analog output - [x86] staging: comedi: Fix comedi_device refcnt leak in comedi_open - vt: don't hardcode the mem allocation upper bound - vt: don't use kmalloc() for the unicode screen buffer - [x86] staging: vt6656: Don't set RCR_MULTICAST or RCR_BROADCAST by default. - [x86] staging: vt6656: Fix calling conditions of vnt_set_bss_mode - [x86] staging: vt6656: Fix drivers TBTT timing counter. - [x86] staging: vt6656: Fix pairwise key entry save. - [x86] staging: vt6656: Power save stop wake_up_count wrap around. - cdc-acm: close race betrween suspend() and acm_softint - cdc-acm: introduce a cool down - UAS: no use logging any details in case of ENODEV - UAS: fix deadlock in error handling and PM flushing work - [arm64,armhf] usb: dwc3: gadget: Fix request completion check - usb: f_fs: Clear OS Extended descriptor counts to zero in ffs_data_reset() - xhci: prevent bus suspend if a roothub port detected a over-current condition - xfs: Fix deadlock between AGI and AGF with RENAME_WHITEOUT https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.120 - mtd: cfi: fix deadloop in cfi_cmdset_0002.c do_write_buffer - [arm*] binder: take read mode of mmap_sem in binder_alloc_free_page() - [arm64,armhf] usb: dwc3: gadget: Do link recovery for SS and SSP - nfsd: memory corruption in nfsd4_lock() - rxrpc: Fix DATA Tx to disable nofrag for UDP on AF_INET6 socket - net/cxgb4: Check the return from t4_query_params properly - xfs: acquire superblock freeze protection on eofblocks scans - svcrdma: Fix trace point use-after-free race - svcrdma: Fix leak of svc_rdma_recv_ctxt objects - PCI: Avoid ASMedia XHCI USB PME# from D0 defect - [s390x] net/mlx5: Fix failing fw tracer allocation on s390 - perf/core: fix parent pid/tid in task exit events - [i386] bpf, x86_32: Fix incorrect encoding in BPF_LDX zero-extension - mm: shmem: disable interrupt when acquiring info->lock in userfaultfd_copy path - xfs: clear PF_MEMALLOC before exiting xfsaild thread - [x86] bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B - [armhf] net: fec: set GPR bit on suspend by DT configuration. - [x86] hyperv: report value of misc_features - xfs: fix partially uninitialized structure in xfs_reflink_remap_extent - ALSA: hda: Keep the controller initialization even if no codecs found - ALSA: hda: Explicitly permit using autosuspend if runtime PM is supported - scsi: target: fix PR IN / READ FULL STATUS for FC - scsi: target: tcmu: reset_ring should reset TCMU_DEV_BIT_BROKEN - xen/xenbus: ensure xenbus_map_ring_valloc() returns proper grant status - ALSA: hda: call runtime_allow() for all hda controllers - [arm64] Delete the space separator in __emit_inst - ext4: use matching invalidatepage in ext4_writepage - ext4: increase wait time needed before reuse of deleted inode numbers - ext4: convert BUG_ON's to WARN_ON's in mballoc.c - hwmon: (jc42) Fix name to have no illegal characters - [i386] bpf, x86_32: Fix clobbering of dst for BPF_JSET - qed: Fix use after free in qed_chain_free - ext4: check for non-zero journal inum in ext4_calculate_overhead https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.121 - drm/edid: Fix off-by-one in DispID DTD pixel clock - drm/qxl: qxl_release leak in qxl_draw_dirty_fb() - drm/qxl: qxl_release leak in qxl_hw_surface_alloc() - drm/qxl: qxl_release use after free - btrfs: fix block group leak when removing fails - ALSA: hda/realtek - Two front mics on a Lenovo ThinkCenter - ALSA: usb-audio: Correct a typo of NuPrime DAC-10 USB ID - ALSA: hda/hdmi: fix without unlocked before return - ALSA: pcm: oss: Place the plugin buffer overflow checks correctly (Closes: #960493) - PM: ACPI: Output correct message on target power state - PM: hibernate: Freeze kernel threads in software_resume() - dm writecache: fix data corruption when reloading the target - dm multipath: use updated MPATHF_QUEUE_IO on mapping for bio-based mpath - scsi: qla2xxx: set UNLOADING before waiting for session deletion - scsi: qla2xxx: check UNLOADING before posting async work - RDMA/mlx5: Set GRH fields in query QP on RoCE - RDMA/mlx4: Initialize ib_spec on the stack - RDMA/core: Prevent mixed use of FDs between shared ufiles - RDMA/core: Fix race between destroy and release FD object - [amd64,arm64] vfio: avoid possible overflow in vfio_iommu_type1_pin_pages - [amd64,arm64] vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() - [arm64] iommu/qcom: Fix local_base status check - scsi: target/iblock: fix WRITE SAME zeroing - [amd64] iommu/amd: Fix legacy interrupt remapping for x2APIC-enabled system - nfs: Fix potential posix_acl refcnt leak in nfs3_set_acl - btrfs: fix partial loss of prealloc extent past i_size after fsync - btrfs: transaction: Avoid deadlock due to bad initialization timing of fs_info::journal_info - mmc: cqhci: Avoid false "cqhci: CQE stuck on" by not open-coding timeout loop - [arm64] mmc: sdhci-xenon: fix annoying 1.8V regulator warning - mmc: sdhci-pci: Fix eMMC driver strength for BYT-based controllers - [arm64] mmc: sdhci-msm: Enable host capabilities pertains to R1b response - [armhf] mmc: meson-mx-sdio: Set MMC_CAP_WAIT_WHILE_BUSY - [armhf] mmc: meson-mx-sdio: remove the broken ->card_busy() op https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.122 - vhost: vsock: kick send_pkt worker once device is started - [powerpc*] pci/of: Parse unassigned resources - [x86] ASoC: topology: Check return value of pcm_new_ver - [armhf] ASoC: sgtl5000: Fix VAG power-on handling - [arm64,armhf] usb: dwc3: gadget: Properly set maxpacket limit - [x86] ASoC: codecs: hdac_hdmi: Fix incorrect use of list_for_each_entry - wimax/i2400m: Fix potential urb refcnt leak - [armhf] net: stmmac: fix enabling socfpga's ptp_ref_clock - [armhf] net: stmmac: Fix sub-second increment - cifs: protect updating server->dstaddr with a spinlock - [s390x] ftrace: fix potential crashes when switching tracers - sctp: Fix SHUTDOWN CTSN Ack in the peer restart case - drm/amdgpu: Fix oops when pp_funcs is unset in ACPI event - lib: devres: add a helper function for ioremap_uc - [x86] mfd: intel-lpss: Use devm_ioremap_uc for MMIO - ALSA: hda: Match both PCI ID and SSID for driver blacklist - [x86] platform: GPD pocket fan: Fix error message when temp-limits are out of range - mac80211: add ieee80211_is_any_nullfunc() - cgroup, netclassid: remove double cond_resched - drm/atomic: Take the atomic toys away from X https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.123 - USB: serial: qcserial: Add DW5816e support - tracing/kprobes: Fix a double initialization typo - vt: fix unicode console freeing with a common interface - fq_codel: fix TCA_FQ_CODEL_DROP_BATCH_SIZE sanity checks - net: macsec: preserve ingress frame ordering - net/mlx4_core: Fix use of ENOSPC around mlx4_counter_alloc() - net_sched: sch_skbprio: add message validation to skbprio_change() - net: usb: qmi_wwan: add support for DW5816e - sch_choke: avoid potential panic in choke_reset() - sch_sfq: validate silly quantum values - tipc: fix partial topology connection closure - bnxt_en: Fix VLAN acceleration handling in bnxt_fix_features(). - net/mlx5: Fix forced completion access non initialized command entry - net/mlx5: Fix command entry leak in Internal Error State - bnxt_en: Improve AER slot reset. - bnxt_en: Fix VF anti-spoof filter setup. - net: stricter validation of untrusted gso packets - HID: wacom: Read HID_DG_CONTACTMAX directly for non-generic devices - sctp: Fix bundling of SHUTDOWN with COOKIE-ACK - HID: usbhid: Fix race between usbhid_close() and usbhid_stop() - USB: uas: add quirk for LaCie 2Big Quadra - USB: serial: garmin_gps: add sanity checking for data length - tracing: Add a vmalloc_sync_mappings() for safe measure - [arm64,armhf] KVM: vgic: Fix limit condition when writing to GICD_I[CS]ACTIVER - [arm64] KVM: Fix 32bit PC wrap-around - [arm64] hugetlb: avoid potential NULL dereference - mm/page_alloc: fix watchdog soft lockups during set_zone_contiguous() - [x86] KVM: VMX: Explicitly reference RCX as the vmx_vcpu pointer in asm blobs - [x86] KVM: VMX: Mark RCX, RDX and RSI as clobbered in vmx_vcpu_run()'s asm blob - batman-adv: fix batadv_nc_random_weight_tq - batman-adv: Fix refcnt leak in batadv_show_throughput_override - batman-adv: Fix refcnt leak in batadv_store_throughput_override - batman-adv: Fix refcnt leak in batadv_v_ogm_process - [amd64] x86/entry/64: Fix unwind hints in register clearing code - [amd64] x86/entry/64: Fix unwind hints in kernel exit path - [amd64] x86/entry/64: Fix unwind hints in rewind_stack_do_exit() - [amd64] x86/unwind/orc: Don't skip the first frame for inactive tasks - [amd64] x86/unwind/orc: Prevent unwinding before ORC initialization - [amd64] x86/unwind/orc: Fix error path for bad ORC entry type - [amd64] x86/unwind/orc: Fix premature unwind stoppage due to IRET frames - netfilter: nat: never update the UDP checksum when it's 0 - netfilter: nf_osf: avoid passing pointer to local var - scripts/decodecode: fix trapping instruction formatting - ipc/mqueue.c: change __do_notify() to bypass check_kill_permission() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.124 - [arm64,armhf] net: dsa: Do not make user port errors fatal - shmem: fix possible deadlocks on shmlock_user_lock - virtio-blk: handle block_device_operations callbacks after hot unplug - mmc: sdhci-acpi: Add SDHCI_QUIRK2_BROKEN_64_BIT_DMA for AMDI0040 - net: fix a potential recursive NETDEV_FEAT_CHANGE - net: phy: fix aneg restart in phy_ethtool_set_eee - pppoe: only process PADT targeted at local interfaces - Revert "ipv6: add mtu lock check in __ip6_rt_update_pmtu" - tcp: fix error recovery in tcp_zerocopy_receive() - virtio_net: fix lockdep warning on 32 bit - [x86,arm64] hinic: fix a bug of ndo_stop - net: ipv4: really enforce backoff for redirects - netprio_cgroup: Fix unlimited memory leak of v2 cgroups - net: tcp: fix rx timestamp behavior for tcp_recvmsg - tcp: fix SO_RCVLOWAT hangs with fat skbs - [i386] dmaengine: pch_dma.c: Avoid data race between probe and irq handler - [x86] cpufreq: intel_pstate: Only mention the BIOS disabling turbo mode once - ALSA: hda/hdmi: fix race in monitor detection during probe - drm/qxl: lost qxl_bo_kunmap_atomic_page in qxl_image_init_helper() - ipc/util.c: sysvipc_find_ipc() incorrectly updates position index - ALSA: hda/realtek - Fix S3 pop noise on Dell Wyse - gfs2: Another gfs2_walk_metadata fix - [x86] pinctrl: baytrail: Enable pin configuration setting for GPIO chip - [x86] pinctrl: cherryview: Add missing spinlock usage in chv_gpio_irq_handler - i40iw: Fix error handling in i40iw_manage_arp_cache() - mmc: core: Check request type before completing the request - mmc: block: Fix request completion in the CQE timeout path - NFS: Fix fscache super_cookie index_key from changing after umount - nfs: fscache: use timespec64 in inode auxdata - NFSv4: Fix fscache cookie aux_data to ensure change_attr is included - [arm64] fix the flush_icache_range arguments in machine_kexec - netfilter: nft_set_rbtree: Introduce and use nft_rbtree_interval_start() - IB/mlx4: Test return value of calls to ib_get_cached_pkey - ALSA: hda/realtek - Limit int mic boost for Thinkpad T530 - ALSA: rawmidi: Fix racy buffer resize under concurrent accesses - ALSA: usb-audio: Add control message quirk delay for Kingston HyperX headset - usb: core: hub: limit HUB_QUIRK_DISABLE_AUTOSUSPEND to USB5534B - [arm64,armhf] usb: host: xhci-plat: keep runtime active when removing host - usb: xhci: Fix NULL pointer dereference when enqueuing trbs from urb sg list - cifs: fix leaked reference on requeued write - exec: Move would_dump into flush_old_exec - [arm64,armhf] clk: rockchip: fix incorrect configuration of rk3228 aclk_gpu* clocks - [arm64,armhf] dwc3: Remove check for HWO flag in dwc3_gadget_ep_reclaim_trb_sg() - Revert "ALSA: hda/realtek: Fix pop noise on ALC225" - clk: Unlink clock if failed to prepare or enable - [arm64] dts: rockchip: Replace RK805 PMIC node name with "pmic" on rk3328 boards - [x86] KVM: Fix off-by-one error in kvm_vcpu_ioctl_x86_setup_mce https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.125 - i2c: dev: Fix the race between the release of i2c_dev and cdev - fix multiplication overflow in copy_fdtable() - ubifs: remove broken lazytime support - [amd64] iommu/amd: Fix over-read of ACPI UID from IVRS table - ubi: Fix seq_file usage in detailed_erase_block_info debugfs file - HID: multitouch: add eGalaxTouch P80H84 support - HID: alps: Add AUI1657 device ID - HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead - scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV - scsi: qla2xxx: Delete all sessions before unregister local nvme port - configfs: fix config_item refcnt leak in configfs_rmdir() - vhost/vsock: fix packet delivery order to monitoring devices - [amd64] aquantia: Fix the media type of AQC100 ethernet controller in the driver - component: Silence bind error on -EPROBE_DEFER - [ppc64el] scsi: ibmvscsi: Fix WARN_ON during event pool release - HID: i2c-hid: reset Synaptics SYNA2393 on resume - [x86] apic: Move TSC deadline timer debug printk - gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() - HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A keyboard-dock - ceph: fix double unlock in handle_cap_export() - [arm64,armhf] stmmac: fix pointer check after utilization in stmmac_interrupt - USB: core: Fix misleading driver bug report - [x86] platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA - padata: Replace delayed timer with immediate workqueue in padata_reorder - padata: initialize pd->cpu with effective cpumask - padata: purge get_cpu and reorder_via_wq from padata_do_serial - ALSA: iec1712: Initialize STDSP24 properly when using the model=staudio option - ALSA: pcm: fix incorrect hw_base increase - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Xtreme - ALSA: hda/realtek - Add more fixup entries for Clevo machines - [armhf] drm/etnaviv: fix perfmon domain interation - apparmor: Fix use-after-free in aa_audit_rule_init - apparmor: fix potential label refcnt leak in aa_change_profile - apparmor: Fix aa_label refcnt leak in policy_update - [arm64] dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()' - [powerpc*] Remove STRICT_KERNEL_RWX incompatibility with RELOCATABLE - [powerpc*] 64s: Disable STRICT_KERNEL_RWX - [amd64,arm64] nfit: Add Hyper-V NVDIMM DSM command set to white list - [x86,arm64] libnvdimm/btt: Remove unnecessary code in btt_freelist_init - [x86,arm64] libnvdimm/btt: Fix LBA masking during 'free list' population - [x86] thunderbolt: Drop duplicated get_switch_at_route() - cxgb4: free mac_hlist properly - cxgb4/cxgb4vf: Fix mac_hlist initialization and free - brcmfmac: abort and release host after error - Revert "gfs2: Don't demote a glock until its revokes are written" - misc: rtsx: Add short delay after exit from ASPM - [x86] mei: release me_cl object reference - rxrpc: Fix a memory leak in rxkad_verify_response() - rxrpc: Trace discarded ACKs - rxrpc: Fix ack discard https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.126 - ax25: fix setsockopt(SO_BINDTODEVICE) - __netif_receive_skb_core: pass skb by reference - net: inet_csk: Fix so_reuseport bind-address cache in tb->fast* - net: ipip: fix wrong address family in init error path - net/mlx5: Add command entry handling completion - net: revert "net: get rid of an signed integer overflow in ip_idents_reserve()" - net sched: fix reporting the first-time use timestamp - r8152: support additional Microsoft Surface Ethernet Adapter variant - sctp: Don't add the shutdown timer if its already been added - sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and socket is closed - net/mlx5e: Update netdev txq on completions during closure - net/mlx5: Annotate mutex destroy for root ns - net: sun: fix missing release regions in cas_init_one(). - net/mlx4_core: fix a memory leak bug. - [armhf] dts: rockchip: fix phy nodename for rk3228-evb - [arm64] dts: rockchip: fix status for &gmac2phy in rk3328-evb.dts - [arm64,armhf] gpio: tegra: mask GPIO IRQs during IRQ shutdown - ALSA: usb-audio: add mapping for ASRock TRX40 Creator - gfs2: move privileged user check to gfs2_quota_lock_check - cachefiles: Fix race between read_waiter and read_copier involving op->to_do - [arm64] usb: dwc3: pci: Enable extcon driver for Intel Merrifield - usb: gadget: legacy: fix redundant initialization warnings - IB/i40iw: Remove bogus call to netdev_master_upper_dev_get() - cifs: Fix null pointer check in cifs_read - Input: usbtouchscreen - add support for BonXeon TP - Input: evdev - call input_flush_device() on release(), not flush() - Input: xpad - add custom init packet for Xbox One S controllers - Input: i8042 - add ThinkPad S230u to i8042 reset list - Input: synaptics-rmi4 - really fix attn_data use-after-free - Input: synaptics-rmi4 - fix error return code in rmi_driver_probe() - [armel,armhf] 8970/1: decompressor: increase tag size - [arm*] 8843/1: use unified assembler in headers - gpio: exar: Fix bad handling for ida_simple_get error path - IB/qib: Call kobject_put() when kobject_init_and_add() fails - [armhf] dts/imx6q-bx50v3: Set display interface clock parents - [armel,armhf] dts: bcm2835-rpi-zero-w: Fix led polarity - mmc: block: Fix use-after-free issue for rpmb - ALSA: hwdep: fix a left shifting 1 by 31 UB bug - ALSA: hda/realtek - Add a model for Thinkpad T570 without DAC workaround - ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC - exec: Always set cap_ambient in cap_bprm_set_creds - ALSA: usb-audio: Quirks for Gigabyte TRX40 Aorus Master onboard audio - ALSA: hda/realtek - Add new codec supported for ALC287 - libceph: ignore pool overlay and cache logic on redirects - IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode - mm: remove VM_BUG_ON(PageSlab()) from page_mapcount() - include/asm-generic/topology.h: guard cpumask_of_node() macro argument - iommu: Fix reference count leak in iommu_group_alloc. - mmc: core: Fix recursive locking issue in CQE recovery path - RDMA/core: Fix double destruction of uobject - mac80211: mesh: fix discovery timer re-arming issue / crash - [x86] dma: Fix max PFN arithmetic overflow on 32 bit systems - [x86] copy_xstate_to_kernel(): don't leave parts of destination uninitialized - xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input - xfrm: call xfrm_output_gso when inner_protocol is set in xfrm_output - xfrm interface: fix oops when deleting a x-netns interface - xfrm: fix a warning in xfrm_policy_insert_list - xfrm: fix a NULL-ptr deref in xfrm_local_error - xfrm: fix error in comment - vti4: eliminated some duplicate code. - ip_vti: receive ipip packet by calling ip_tunnel_rcv - netfilter: nft_reject_bridge: enable reject with bridge vlan - netfilter: ipset: Fix subcounter update skip - netfilter: nfnetlink_cthelper: unbreak userspace helper support - netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code - esp6: get the right proto for transport mode in esp6_gso_encap - bnxt_en: Fix accumulation of bp->net_stats_prev. - xsk: Add overflow check for u64 division, stored into u32 - qlcnic: fix missing release in qlcnic_83xx_interrupt_test. - bonding: Fix reference count leak in bond_sysfs_slave_add. - netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build - mm/vmalloc.c: don't dereference possible NULL pointer in __vunmap() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.127 - Revert "cgroup: Add memory barriers to plug cgroup_rstat_updated() race window" - libnvdimm: Fix endian conversion issues - HID: sony: Fix for broken buttons on DS3 USB dongles - HID: i2c-hid: add Schneider SCL142ALM to descriptor override - p54usb: add AirVasT USB stick device-id - mmc: fix compilation of user API - scsi: ufs: Release clock if DMA map fails - airo: Fix read overflows sending packets - [x86] drm/i915: fix port checks for MST support on gen >= 11 - [arm64] scsi: hisi_sas: Check sas_port before using it - [powerpc*] powernv: Avoid re-registration of imc debugfs directory - [s390x] ftrace: save traced function caller - drm/edid: Add Oculus Rift S to non-desktop list - [s390x] mm: fix set_huge_pte_at() for empty ptes - null_blk: return error for invalid zone size - [arm64] net: ethernet: stmmac: Enable interface clocks on probe for IPQ806x - [arm64,armhf] net: smsc911x: Fix runtime PM imbalance on error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.128 - devinet: fix memleak in inetdev_init() - l2tp: add sk_family checks to l2tp_validate_socket - l2tp: do not use inet_hash()/inet_unhash() - net: usb: qmi_wwan: add Telit LE910C1-EUX composition - vsock: fix timeout in vsock_accept() - net: check untrusted gso_size at kernel entry - USB: serial: qcserial: add DW5816e QDL support - USB: serial: usb_wwan: do not resubmit rx urb on fatal errors - USB: serial: option: add Telit LE910C1-EUX compositions - [arm64,armhf] usb: musb: start session in resume for host port - [arm64,armhf] usb: musb: Fix runtime PM imbalance on error - vt: keyboard: avoid signed integer overflow in k_ascii (CVE-2020-13974) - tty: hvc_console, fix crashes on parallel open/close - staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK - CDC-ACM: heed quirk also in error handling - [arm64] nvmem: qfprom: remove incorrect write support - uprobes: ensure that uprobe->offset and ->ref_ctr_offset are properly aligned - Revert "net/mlx5: Annotate mutex destroy for root ns" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.129 - ipv6: fix IPV6_ADDRFORM operation logic - net_failover: fixed rollback in net_failover_open() - bridge: Avoid infinite loop when suppressing NS messages with invalid options - vxlan: Avoid infinite loop when suppressing NS messages with invalid options - tun: correct header offsets in napi frags mode - make 'user_access_begin()' do 'access_ok()' (CVE-2018-20669) - [x86] uaccess: Inhibit speculation past access_ok() in user_access_begin() - lib: Reduce user_access_begin() boundaries in strncpy_from_user() and strnlen_user() - btrfs: merge btrfs_find_device and find_device (CVE-2019-18885) - btrfs: Detect unbalanced tree with empty leaf before crashing btree operations - [armel,armhf] 8977/1: ptrace: Fix mask for thumb breakpoint hook - sched/fair: Don't NUMA balance for kthreads - Input: synaptics - add a second working PNP_ID for Lenovo T470s - [powerpc*] xive: Clear the page tables for the ESB IO mapping - ath9k_htc: Silence undersized packet warnings - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated - [x86] cpu/amd: Make erratum #1054 a legacy erratum - perf probe: Accept the instance number of kretprobe event - mm: add kvfree_sensitive() for freeing sensitive data objects - aio: fix async fsync creds - btrfs: tree-checker: Check level for leaves and nodes - [x86] Fix jiffies ODR violation - [x86] PCI: Mark Intel C620 MROMs as having non-compliant BARs - [x86] speculation: Prevent rogue cross-process SSBD shutdown (CVE-2020-10766) - [x86] reboot/quirks: Add MacBook6,1 reboot quirk - efi/efivars: Add missing kobject_put() in sysfs entry creation error path - [i386] ALSA: es1688: Add the missed snd_card_free() - ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines - ALSA: usb-audio: Fix inconsistent card PM state after resume - ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt Dock - [arm64,x86] ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile() - [amd64,arm64] ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe() - [arm64] ACPI: GED: add support for _Exx / _Lxx handler methods - [arm64,x86] ACPI: PM: Avoid using power resources if there are none for D0 - cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages - nilfs2: fix null pointer dereference at nilfs_segctor_do_construct() - [arm*] spi: bcm2835aux: Fix controller unregister order - PM: runtime: clk: Fix clk_pm_runtime_get() error path - [arm64] crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated - ALSA: pcm: disallow linking stream to itself - [x86] {mce,mm}: Unmap the entire page if the whole page is affected and poisoned - [x86] KVM: Fix APIC page invalidation race - [x86] kvm: Fix L1TF mitigation for shadow MMU - [x86] KVM: x86/mmu: Consolidate "is MMIO SPTE" code - [x86] KVM: only do L1TF workaround on affected processors - [x86] speculation: Change misspelled STIPB to STIBP - [x86] speculation: Add support for STIBP always-on preferred mode - [x86] speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS. (CVE-2020-10767) - [x86] speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches. (CVE-2020-10768) - spi: No need to assign dummy value in spi_unregister_controller() - spi: Fix controller unregister order - [amd64] spi: pxa2xx: Fix controller unregister order - [arm*] spi: bcm2835: Fix controller unregister order - [amd64] spi: pxa2xx: Balance runtime PM enable/disable on error - [amd64] spi: pxa2xx: Fix runtime PM ref imbalance on probe error - crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req() - crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() - crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() - ovl: initialize error in ovl_copy_xattr - proc: Use new_inode not new_inode_pseudo - [x86] KVM: nSVM: fix condition for filtering async PF - [x86] KVM: nSVM: leave ASID aside in copy_vmcb_control_area - [x86] KVM: nVMX: Consult only the "basic" exit reason when routing nested exit - [arm64] KVM: Make vcpu_cp1x() work on Big Endian hosts - scsi: megaraid_sas: TM command refire leads to controller firmware crash - ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx - ath9k: Fix use-after-free Write in ath9k_htc_rx_msg - ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb - mm/slub: fix a memory leak in sysfs_slab_add() - fat: don't allow to mount if the FAT length == 0 - perf: Add cond_resched() to task_function_call() - [x86] agp/intel: Reinforce the barrier after GTT updates - [arm64] mmc: sdhci-msm: Clear tuning done flag while hs400 tuning - mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card() - xen/pvcalls-back: test for errors when calling backend_connect() - [arm64] KVM: Synchronize sysreg state on injecting an AArch32 exception - [arm64] ACPI: GED: use correct trigger type field in _Exx / _Lxx handling - [arm64] drm: bridge: adv7511: Extend list of audio sample rates - [x86] crypto: ccp -- don't "select" CONFIG_DMADEVICES - media: si2157: Better check for running tuner in init - [amd64] spi: pxa2xx: Apply CS clk quirk to BXT - [amd64] net: atlantic: make hw_get_regs optional - net: ena: fix error returning in ena_com_get_hash_function() - [arm64] insn: Fix two bugs in encoding 32-bit logical immediates - ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K - Bluetooth: Add SCO fallback for invalid LMP parameters error - [armhf] clocksource: dw_apb_timer: Make CPU-affiliation being optional - [armhf] clocksource: dw_apb_timer_of: Fix missing clockevent timers - btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums - batman-adv: Revert "disable ethtool link speed detection when auto negotiation off" - [armhf] mmc: meson-mx-sdio: trigger a soft reset after a timeout or CRC error - [x86] kvm/hyper-v: Explicitly align hcall param for kvm_hyperv_exit - [x86] net: vmxnet3: fix possible buffer overflow caused by bad DMA value in vmxnet3_get_rss() - brcmfmac: fix wrong location to get firmware feature - e1000: Distribute switch variables for initialization - dt-bindings: display: mediatek: control dpi pins mode to avoid leakage - audit: fix a net reference leak in audit_send_reply() - media: dvb: return -EREMOTEIO on i2c transfer failure. - [mips*] Make sparse_init() using top-down allocation - Bluetooth: btbcm: Add 2 missing models to subver tables - audit: fix a net reference leak in audit_list_rules_send() - netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported - exit: Move preemption fixup up, move blocking operations down - sched/core: Fix illegal RCU from offline CPUs - drivers/perf: hisi: Fix typo in events attribute array - [armhf] net: allwinner: Fix use correct return type for ndo_start_xmit() - xfs: clean up the error handling in xfs_swap_extents - Crypto/chcr: fix for ccm(aes) failed test - [mips*] cm: Fix an invalid error code of INTVN_*_ERR - xfs: reset buffer write failure state on successful completion - xfs: fix duplicate verification from xfs_qm_dqflush() - [x86] platform/x86: intel-vbtn: Use acpi_evaluate_integer() - [x86] platform/x86: intel-vbtn: Split keymap into buttons and switches parts - [x86] platform/x86: intel-vbtn: Do not advertise switches to userspace if they are not there - [x86] platform/x86: intel-vbtn: Also handle tablet-mode switch on "Detachable" and "Portable" chassis-types - nvme: refine the Qemu Identify CNS quirk - ath10k: Remove msdu from idr when management pkt send fails - [arm64] wcn36xx: Fix error handling path in 'wcn36xx_probe()' - net: qed*: Reduce RX and TX default ring count when running inside kdump kernel - mt76: avoid rx reorder buffer overflow - md: don't flush workqueue unconditionally in md_open - veth: Adjust hard_start offset on redirect XDP frames - net/mlx5e: IPoIB, Drop multicast packets that this interface sent - rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup() - mwifiex: Fix memory corruption in dump_station - [x86] boot: Correct relocation destination on old linkers - [x86] mm: Stop printing BRK addresses - btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a new qgroup - macvlan: Skip loopback packets in RX handler - PCI: Don't disable decoding when mmio_always_on is set - [mips*] Fix IRQ tracing when call handle_fpe() and handle_msa_fpe() - bcache: fix refcount underflow in bcache_device_free() - [arm64] mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk - mmc: via-sdmmc: Respect the cmd->busy_timeout from the mmc core - ixgbe: fix signed-integer-overflow warning - [armhf] mmc: sdhci-esdhc-imx: fix the mask for tuning start point - cpuidle: Fix three reference count leaks - [x86] platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32() - [x86] platform/x86: intel-hid: Add a quirk to support HP Spectre X2 (2015) - [x86] platform/x86: intel-vbtn: Only blacklist SW_TABLET_MODE on the 9 / "Laptop" chasis-type - btrfs: include non-missing as a qualifier for the latest_bdev - btrfs: send: emit file capabilities after chown - mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked() - mm: initialize deferred pages with interrupts enabled - ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max - ext4: fix error pointer dereference - ext4: fix race between ext4_sync_parent() and rename() - PCI: Avoid Pericom USB controller OHCI/EHCI PME# defect - PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0 - PCI: Avoid FLR for AMD Starship USB 3.0 - PCI: Add ACS quirk for iProc PAXB - PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints - PCI: Remove unused NFP32xx IDs - [x86] hwmon/k10temp, x86/amd_nb: Consolidate shared device IDs - [x86] amd_nb: Add PCI device IDs for family 17h, model 30h - PCI: add USR vendor id and use it in r8169 and w6692 driver - PCI: Move Synopsys HAPS platform device IDs - PCI: Move Rohm Vendor ID to generic list - misc: pci_endpoint_test: Add the layerscape EP device support - misc: pci_endpoint_test: Add support to test PCI EP in AM654x - PCI: Add Synopsys endpoint EDDA Device ID - PCI: Add NVIDIA GPU multi-function power dependencies - PCI: Enable NVIDIA HDA controllers - [x86] amd_nb: Add PCI device IDs for family 17h, model 70h - ALSA: lx6464es - add support for LX6464ESe pci express variant - PCI: Add Genesys Logic, Inc. Vendor ID - PCI: Add Amazon's Annapurna Labs vendor ID - PCI: vmd: Add device id for VMD device 8086:9A0B - [x86] amd_nb: Add Family 19h PCI IDs - PCI: Add Loongson vendor ID - serial: 8250_pci: Move Pericom IDs to pci_ids.h - PCI: Make ACS quirk implementations more uniform - PCI: Unify ACS quirk desired vs provided checking - PCI: Generalize multi-function power dependency device links - btrfs: fix error handling when submitting direct I/O bio - btrfs: fix wrong file range cleanup after an error filling dealloc range - PCI: Program MPS for RCiEP devices - e1000e: Disable TSO for buffer overrun workaround - e1000e: Relax condition to trigger reset for ME workaround - carl9170: remove P2P_GO support - media: go7007: fix a miss of snd_card_free (CVE-2019-20810) - Bluetooth: hci_bcm: fix freeing not-requested IRQ - b43legacy: Fix case where channel status is corrupted - b43: Fix connection problem with WPA3 - b43_legacy: Fix connection problem with WPA3 - igb: Report speed and duplex as unknown when device is runtime suspended - [arm64,armhf] power: vexpress: add suppress_bind_attrs to true - [armhf] pinctrl: samsung: Correct setting of eint wakeup mask on s5pv210 - [armhf] pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs - gnss: sirf: fix error return code in sirf_probe() - dm crypt: avoid truncating the logical block size - kernel/cpu_pm: Fix uninitted local in cpu_pm - [armhf] tegra: Correct PL310 Auxiliary Control Register initialization - [powerpc*] 64s: Don't let DT CPU features set FSCR_DSCR - [powerpc*] 64s: Save FSCR to init_task.thread.fscr after feature init - sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate registrations. - sunrpc: clean up properly in gss_mech_unregister() - [armhf] w1: omap-hdq: cleanup to add missing newline for some dev_dbg - perf probe: Do not show the skipped events - perf probe: Fix to check blacklist address correctly - perf probe: Check address correctness by map instead of _etext - perf symbols: Fix debuginfo search for Ubuntu https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.130 - [arm64,armhf] clk: sunxi: Fix incorrect usage of round_down() - [arm64,armhf] ASoC: tegra: tegra_wm8903: Support nvidia, headset property - i2c: piix4: Detect secondary SMBus controller on AMD AM4 chipsets - [x86] iio: pressure: bmp280: Tolerate IRQ before registering - [arm64] clk: qcom: msm8916: Fix the address location of pll->config_reg - [arm64] backlight: lp855x: Ensure regulators are disabled on probe failure - [armhf] ASoC: davinci-mcasp: Fix dma_chan refcnt leak when getting dma type - [armel] integrator: Add some Kconfig selections - scsi: qedi: Check for buffer overflow in qedi_set_path() - ALSA: hda/realtek - Introduce polarity for micmute LED GPIO - [i386] ALSA: isa/wavefront: prevent out of bounds write in ioctl - PCI: Allow pci_resize_resource() for devices on root bus - scsi: qla2xxx: Fix issue with adapter's stopping state - [x86] iio: bmp280: fix compensation of humidity - f2fs: report delalloc reserve as non-free in statfs for project quota - [x86] i2c: pxa: clear all master action bits in i2c_pxa_stop_message() - [armhf] clk: samsung: Mark top ISP and CAM clocks on Exynos542x as critical - usblp: poison URBs upon disconnect - serial: 8250: Fix max baud limit in generic 8250 port - dm mpath: switch paths in dm_blk_ioctl() code path - [arm64] PCI: aardvark: Don't blindly enable ASPM L0s and don't write to read-only register - vfio/pci: fix memory leaks in alloc_perm_bits() - RDMA/mlx5: Add init2init as a modify command - scsi: lpfc: Fix lpfc_nodelist leak when processing unsolicited event - [powerpc*] perf/hv-24x7: Fix inconsistent output values incase multiple hv-24x7 events run - nfsd: Fix svc_xprt refcnt leak when setup callback client failed - [amd64] PCI: vmd: Filter resource type bits from shadow register - [powerpc*] crashkernel: Take "mem=" option into account - yam: fix possible memory leak in yam_init_driver - apparmor: fix introspection of of task mode for unconfined tasks - apparmor: check/put label on apparmor_sk_clone_security() - scsi: sr: Fix sr_probe() missing deallocate of device minor - [powerpc*] scsi: ibmvscsi: Don't send host info in adapter info MAD after LPM - apparmor: fix nnp subset test for unconfined - [x86] purgatory: Disable various profiling and sanitizing options - scsi: qedi: Do not flush offload work if ARP not resolved - [armhf] dts: sun8i-h2-plus-bananapi-m2-zero: Fix led polarity - scsi: qedf: Fix crash when MFW calls for protocol stats while function is still probing - [arm64] firmware: qcom_scm: fix bogous abuse of dma-direct internals - ALSA: usb-audio: Improve frames size computation - ALSA: usb-audio: Fix racy list management in output queue - [s390x] qdio: put thinint indicator after early error - tty: hvc: Fix data abort due to race in hvc_open - [armhf] thermal/drivers/ti-soc-thermal: Avoid dereferencing ERR_PTR - [arm64,armhf] usb: dwc3: gadget: Properly handle failed kick_transfer - [mips64el,mipsel] staging: sm750fb: add missing case while setting FB_VISUAL - [arm64,i386] i2c: pxa: fix i2c_pxa_scream_blue_murder() debug output - [arm*] serial: amba-pl011: Make sure we initialize the port.lock spinlock - drivers: base: Fix NULL pointer exception in __platform_driver_probe() if a driver developer is foolish - PCI/ASPM: Allow ASPM on links to PCIe-to-PCI/PCI-X Bridges - scsi: qla2xxx: Fix warning after FC target reset - scsi: mpt3sas: Fix double free warnings - [arm64,armhf] pinctrl: rockchip: fix memleak in rockchip_dt_node_to_map - [armhf] clk: ti: composite: fix memory leak - PCI: Fix pci_register_host_bridge() device_register() error handling - [powerpc*] Don't initialise init_task->thread.regs - tty: n_gsm: Fix SOF skipping - tty: n_gsm: Fix waking up upper tty layer when room available - HID: Add quirks for Trust Panora Graphic Tablet - ipmi: use vzalloc instead of kmalloc for user creation - [powerpc*] pseries/ras: Fix FWNMI_VALID off by one - vfio-pci: Mask cap zero - usb/ohci-platform: Fix a warning when hibernating - [arm64] drm/msm/mdp5: Fix mdp5_init error path for failed mdp5_kms allocation - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT8-A tablet - [armhf] USB: host: ehci-mxc: Add error handling in ehci_mxc_drv_probe() - tty: n_gsm: Fix bogus i++ in gsm_data_kick - scsi: target: tcmu: Userspace must not complete queued commands - [powerpc*] 64s/pgtable: fix an undefined behaviour - dm zoned: return NULL if dmz_get_zone_for_reclaim() fails to find a zone - PCI/PTM: Inherit Switch Downstream Port PTM settings from Upstream Port - [arm64,armhf] PCI: dwc: Fix inner MSI IRQ domain registration - IB/cma: Fix ports memory leak in cma_configfs - [arm*] usb: dwc2: gadget: move gadget resume after the core is in L0 state - usb: gadget: Fix issue with config_ep_by_speed function - RDMA/iw_cxgb4: cleanup device debugfs entries on ULD remove - [x86] apic: Make TSC deadline timer detection message visible - scsi: target: tcmu: Fix a use after free in tcmu_check_expired_queue_cmd() - [arm*] clk: bcm2835: Fix return type of bcm2835_register_gate - [ppc64el] KVM: Book3S HV: Ignore kmemleak false positives - net: sunrpc: Fix off-by-one issues in 'rpc_ntop6' - NFSv4.1 fix rpc_call_done assignment for BIND_CONN_TO_SESSION - of: Fix a refcounting bug in __of_attach_node_sysfs() - rxrpc: Adjust /proc/net/rxrpc/calls to display call->debug_id not user_ID - gfs2: Allow lock_nolock mount to specify jid=X - scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj - scsi: ufs: Don't update urgent bkops level when toggling auto bkops - [armhf] pinctrl: freescale: imx: Fix an error handling path in 'imx_pinctrl_probe()' - geneve: change from tx_error to tx_dropped on missing metadata - lib/zlib: remove outdated and incorrect pre-increment optimization - blktrace: use errno instead of bi_status - blktrace: fix endianness in get_pdu_int() - blktrace: fix endianness for blk_log_remap() - gfs2: fix use-after-free on transaction ail lists - drivers/perf: hisi: Fix wrong value for all counters enable - afs: Fix memory leak in afs_put_sysnames() - ASoC: core: only convert non DPCM link to DPCM link - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT10-A tablet - ASoC: rt5645: Add platform-data for Asus T101HA - [arm64,armhf] drm/sun4i: hdmi ddc clk: Fix size of m divider - [x86] idt: Keep spurious entries unset in system_vectors - net/filter: Permit reading NET in load_bytes_relative when MAC not set - xdp: Fix xsk_generic_xmit errno - [arm64,armhf] usb/xhci-plat: Set PM runtime as active on resume - usb: host: ehci-platform: add a quirk to avoid stuck - usb/ehci-platform: Set PM runtime as active on resume - perf report: Fix NULL pointer dereference in hists__fprintf_nr_sample_events() - ext4: stop overwrite the errcode in ext4_setup_super - bcache: fix potential deadlock problem in btree_gc_coalesce (CVE-2020-12771) - afs: Fix non-setting of mtime when writing into mmap - afs: afs_write_end() should change i_size under the right lock - block: Fix use-after-free in blkdev_get() - [arm64] hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints - libata: Use per port sync for detach - drm: encoder_slave: fix refcouting error for modules - drm/dp_mst: Reformat drm_dp_check_act_status() a bit - drm/qxl: Use correct notify port address when creating cursor ring - selinux: fix double free - ext4: fix partial cluster initialization when splitting extent - ext4: avoid race conditions when remounting with options that change dax - drm/dp_mst: Increase ACT retry timeout to 3s - block: nr_sects_write(): Disable preemption on seqcount write - mtd: rawnand: Pass a nand_chip object to nand_scan() - mtd: rawnand: Pass a nand_chip object to nand_release() - mtd: rawnand: diskonchip: Fix the probe error path - [armel,armhf] mtd: rawnand: orion: Fix the probe error path - [s390x] fix syscall_get_error for compat processes - [x86] drm/i915: Whitelist context-local timestamp in the gen9 cmdparser - [x86] drm/i915/icl+: Fix hotplug interrupt disabling after storm detection - crypto: algif_skcipher - Cap recv SG list at ctx->used - crypto: algboss - don't wait during notifier callback - kprobes: Fix to protect kick_kprobe_optimizer() by kprobe_mutex - e1000e: Do not wake up the system via WOL if device wakeup is disabled - [mips*] net: octeon: mgmt: Repair filling of RX ring - kretprobe: Prevent triggering kretprobe from within kprobe_flush_task - sched/rt, net: Use CONFIG_PREEMPTION.patch - net: core: device_rename: Use rwsem instead of a seqcount - md: add feature flag MD_FEATURE_RAID0_LAYOUT - [x86] kvm: Move kvm_set_mmio_spte_mask() from x86.c to mmu.c - [x86] kvm: Fix reserved bits related calculation errors caused by MKTME - [x86] KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.131 - net: be more gentle about silly gso requests coming from user - block/bio-integrity: don't free 'buf' if bio_integrity_add_page() failed - fanotify: fix ignore mask logic for events on child and on dir - [armhf] mtd: rawnand: marvell: Fix the condition on a return code - net: sched: export __netdev_watchdog_up() - [x86] EDAC/amd64: Add Family 17h Model 30h PCI IDs - [arm64,armhf] i2c: tegra: Cleanup kerneldoc comments - [arm64,armhf] i2c: tegra: Add missing kerneldoc for some fields - [arm64,armhf] i2c: tegra: Fix Maximum transfer size - ALSA: hda/realtek - Enable the headset of ASUS B9450FA with ALC294 - ALSA: hda/realtek: Enable mute LED on an HP system - ALSA: hda/realtek - Enable micmute LED on and HP system - apparmor: don't try to replace stale label in ptraceme check (Closes: #963493) - [ppc64el] ibmveth: Fix max MTU limit - mld: fix memory leak in ipv6_mc_destroy_dev() - net: bridge: enfore alignment for ethernet address - net: fix memleak in register_netdevice() - net: place xmit recursion in softnet data - net: use correct this_cpu primitive in dev_recursion_level - net: increment xmit_recursion level in dev_direct_xmit() - net: usb: ax88179_178a: fix packet alignment padding - rxrpc: Fix notification call on completion of discarded calls - sctp: Don't advertise IPv4 addresses if ipv6only is set on the socket - tcp: don't ignore ECN CWR on pure ACK - tcp: grow window for OOO packets only for SACK flows - tg3: driver sleeps indefinitely when EEH errors exceed eeh_max_freezes - ip6_gre: fix use-after-free in ip6gre_tunnel_lookup() - net: phy: Check harder for errors in get_phy_id() - ip_tunnel: fix use-after-free in ip_tunnel_lookup() - sch_cake: don't try to reallocate or unshare skb unconditionally - sch_cake: fix a few style nits - tcp_cubic: fix spurious HYSTART_DELAY exit upon drop in min RTT - sch_cake: don't call diffserv parsing code when it is not needed - net: Fix the arp error in some cases - net: Do not clear the sock TX queue in sk_set_socket() - net: core: reduce recursion limit value - [arm*] usb: dwc2: Postponed gadget registration to the udc class driver - usb: add USB_QUIRK_DELAY_INIT for Logitech C922 - USB: ehci: reopen solution for Synopsys HC bug - xhci: Poll for U0 after disabling USB2 LPM - [armhf] usb: host: ehci-exynos: Fix error check in exynos_ehci_probe() - ALSA: usb-audio: add quirk for Denon DCD-1500RE - ALSA: usb-audio: add quirk for Samsung USBC Headset (AKG) - ALSA: usb-audio: Fix OOB access of mixer element list - [s390x] scsi: zfcp: Fix panic on ERP timeout for previously dismissed ERP action - xhci: Fix incorrect EP_STATE_MASK - xhci: Fix enumeration issue when setting max packet size for FS devices. - xhci: Return if xHCI doesn't support LPM - cdc-acm: Add DISABLE_ECHO quirk for Microchip/SMSC chip - loop: replace kill_bdev with invalidate_bdev - IB/mad: Fix use after free when destroying MAD agent - cifs/smb3: Fix data inconsistent when punch hole - cifs/smb3: Fix data inconsistent when zero file range - xfrm: Fix double ESP trailer insertion in IPsec crypto offload. - efi/esrt: Fix reference count leak in esre_create_sysfs_entry. - [armhf] regualtor: pfuze100: correct sw1a/sw2 on pfuze3000 - [armhf] ASoC: fsl_ssi: Fix bclk calculation for mono channel - [armhf] dts: Fix duovero smsc interrupt for suspend - regmap: Fix memory leak from regmap_register_patch - rxrpc: Fix handling of rwind from an ACK packet - RDMA/qedr: Fix KASAN: use-after-free in ucma_event_handler+0x532 - RDMA/cma: Protect bind_list and listen_list while finding matching cm id - RDMA/mad: Fix possible memory leak in ib_mad_post_receive_mads() - net: qed: fix left elements count calculation - net: qed: fix NVMe login fails over VFs - net: qed: fix excessive QM ILT lines consumption - cxgb4: move handling L2T ARP failures to caller - [armhf] imx5: add missing put_device() call in imx_suspend_alloc_ocram() - netfilter: ipset: fix unaligned atomic access - i2c: core: check returned size of emulated smbus block read - sched/deadline: Initialize ->dl_boosted - sched/core: Fix PI boosting between RT and DEADLINE tasks - ata/libata: Fix usage of page address by page_address in ata_scsi_mode_select_xlat function - net: alx: fix race condition in alx_remove - [s390x] ptrace: fix setting syscall number - [s390x] vdso: fix vDSO clock_getres() - kbuild: improve cc-option to clean up all temporary files - blktrace: break out of blktrace setup on concurrent calls - ALSA: hda: Add NVIDIA codec IDs 9a & 9d through a0 to patch table - ALSA: hda/realtek - Add quirk for MSI GE63 laptop - [x86,arm64] ACPI: sysfs: Fix pm_profile_attr type - [x86] KVM: Fix MSR range of APIC registers in X2APIC mode - [x86] KVM: nVMX: Plumb L2 GPA through to PML emulation - [amd64] x86/asm/64: Align start of __clear_user() loop to 16-bytes - btrfs: fix data block group relocation failure due to concurrent scrub - btrfs: fix failure of RWF_NOWAIT write into prealloc extent beyond eof - mm/slab: use memzero_explicit() in kzfree() - ocfs2: avoid inode removal while nfsd is accessing it - ocfs2: load global_inode_alloc - ocfs2: fix value of OCFS2_INVALID_SLOT - ocfs2: fix panic on nfs server over ocfs2 - [arm64] perf: Report the PC value in REGS_ABI_32 mode - tracing: Fix event trigger to accept redundant spaces - ring-buffer: Zero out time extend if it is nested and not absolute - drm/radeon: fix fb_div check in ni_init_smc_spll_table() - [x86,arm64] Staging: rtl8723bs: prevent buffer overflow in update_sta_support_rate() - sunrpc: fixed rollback in rpc_gssd_dummy_populate() - SUNRPC: Properly set the @subbuf parameter of xdr_buf_subsegment() - pNFS/flexfiles: Fix list corruption if the mirror count changes - NFSv4 fix CLOSE not waiting for direct IO compeletion - dm writecache: correct uncommitted_block when discarding uncommitted entry - dm writecache: add cond_resched to loop in persistent_memory_claim() - xfs: add agf freeblocks verify in xfs_agf_verify (CVE-2020-12655) - Revert "tty: hvc: Fix data abort due to race in hvc_open" . [ Salvatore Bonaccorso ] * [rt] Add new signing key for Tom Zanussi * nfsd: apply umask on fs without ACL support (Closes: #962254) * [rt] Update to 4.19.120-rt52: - tasklet: Address a race resulting in double-enqueue - hrtimer: fix logic for when grabbing softirq_expiry_lock can be elided * [rt] Update to 4.19.124-rt53 * [rt] Update to 4.19.127-rt55: - fs/dcache: Include swait.h header - mm: slub: Always flush the delayed empty slubs in flush_all() - tasklet: Fix UP case for tasklet CHAINED state * usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect (CVE-2020-15393) . [ Ben Hutchings ] * [rt] Update "net: move xmit_recursion to per-task variable on -RT" to apply on top of "net: place xmit recursion in softnet data" * [rt] Drop "net: Add a mutex around devnet_rename_seq", redundant with "net: Introduce net_rwsem to protect net_namespace_list" * [rt] Drop idle task related parts of "sched: Move mmdrop to RCU on RT", redundant with "sched/core: Fix illegal RCU from offline CPUs" * Bump ABI to 10 . [ YunQiang Su ] * [mips*]: Do not enable MIPS_O32_FP64_SUPPORT, since golang hasn't been migrated to FPXX yet and this breaks the golang packages on Octeon hardware. In turns this disables MSA on 32-bit kernels. . [ Luca Boccassi ] * [cloud] Enable INFINIBAND configs for HyperV/Azure (Closes: #958300) linux-signed-amd64 (4.19.118+2+deb10u1) buster-security; urgency=high . * Sign kernel from linux 4.19.118-2+deb10u1 . [ Salvatore Bonaccorso ] * selinux: properly handle multiple messages in selinux_netlink_send() (CVE-2020-10751) * fs/namespace.c: fix mountpoint reference counter race (CVE-2020-12114) * USB: core: Fix free-while-in-use bug in the USB S-Glibrary (CVE-2020-12464) * [x86] KVM: SVM: Fix potential memory leak in svm_cpu_init() (CVE-2020-12768) * scsi: sg: add sg_remove_request in sg_write (CVE-2020-12770) * USB: gadget: fix illegal array access in binding with UDC (CVE-2020-13143) * netlabel: cope with NULL catmap (CVE-2020-10711) * fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() (CVE-2020-10732) * kernel/relay.c: handle alloc_percpu returning NULL in relay_open (CVE-2019-19462) * mm: Fix mremap not considering huge pmd devmap (CVE-2020-10757) * [x86] KVM: nVMX: Always sync GUEST_BNDCFGS when it comes from vmcs01 * KVM: Introduce a new guest mapping API * [arm64] kvm: fix compilation on aarch64 * [s390x] kvm: fix compilation on s390 * [s390x] kvm: fix compile on s390 part 2 * KVM: Properly check if "page" is valid in kvm_vcpu_unmap * [x86] kvm: Introduce kvm_(un)map_gfn() (CVE-2019-3016) * [x86] kvm: Cache gfn to pfn translation (CVE-2019-3016) * [x86] KVM: Make sure KVM_VCPU_FLUSH_TLB flag is not missed (CVE-2019-3016) * [x86] KVM: Clean up host's steal time structure (CVE-2019-3016) * include/uapi/linux/swab.h: fix userspace breakage, use __BITS_PER_LONG for swap (Closes: #960271) . [ Ben Hutchings ] * propagate_one(): mnt_set_mountpoint() needs mount_lock * [x86] Add support for mitigation of Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543): - x86/cpu: Add 'table' argument to cpu_matches() - x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation - x86/speculation: Add SRBDS vulnerability and mitigation documentation - x86/speculation: Add Ivy Bridge to affected list * [x86] speculation: Do not match steppings, to avoid an ABI change linux-signed-amd64 (4.19.118+2+deb10u1~bpo9+1) stretch-backports; urgency=medium . * Sign kernel from linux 4.19.118-2+deb10u1~bpo9+1 . * Rebuild for stretch-backports; no further changes required linux-signed-arm64 (4.19.132+1) buster; urgency=medium . * Sign kernel from linux 4.19.132-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.132 - btrfs: fix a block group ref counter leak after failure to remove block group - mm: fix swap cache node allocation mask - [x86] EDAC/amd64: Read back the scrub rate PCI register on F15h - usbnet: smsc95xx: Fix use-after-free after removal - mm/slub.c: fix corrupted freechain in deactivate_slab() - mm/slub: fix stack overruns with SLUB_STATS - [s390x] debug: avoid kernel warning on too large number of pages - nvme-multipath: set bdi capabilities once - nvme-multipath: fix deadlock between ana_work and scan_work - crypto: af_alg - fix use-after-free in af_alg_accept() due to bh_lock_sock() - [arm64] drm/msm/dpu: fix error return code in dpu_encoder_init - cxgb4: use unaligned conversion for fetching timestamp - cxgb4: parse TC-U32 key values and masks natively - cxgb4: use correct type for all-mask IP address comparison - cxgb4: fix SGE queue dump destination buffer context - [x86] hwmon: (acpi_power_meter) Fix potential memory leak in acpi_power_meter_add() - [arm64,armhf] drm: sun4i: hdmi: Remove extra HPD polling - virtio-blk: free vblk-vqs in error path of virtblk_probe() - SMB3: Honor 'posix' flag for multiuser mounts - nvme: fix a crash in nvme_mpath_add_disk - i2c: algo-pca: Add 0x78 as SCL stuck low status for PCA9665 - Revert "ALSA: usb-audio: Improve frames size computation" - SMB3: Honor 'seal' flag for multiuser mounts - SMB3: Honor persistent/resilient handle flags for multiuser mounts - SMB3: Honor lease disabling for multiuser mounts - cifs: Fix the target file was deleted when rename failed. - [mips*] Add missing EHB in mtc0 -> mfc0 sequence for DSPen - [arm64,armhf] irqchip/gic: Atomically update affinity - dm zoned: assign max_io_len correctly - efi: Make it possible to disable efivar_ssdt entirely . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.132-rt59 * Revert "ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb" (Closes: #964153, #964480) * efi: Restrict efivar_ssdt_load when the kernel is locked down (CVE-2019-20908) * certs: Rotate to use the Debian Secure Boot Signer 2020 certificate * e1000e: Add support for Comet Lake (Closes: #965365) linux-signed-arm64 (4.19.131+2) buster; urgency=medium . * Sign kernel from linux 4.19.131-2 . [ Aurelien Jarno ] * Revert "mips: Add udelay lpj numbers adjustment", since it causes the build to fail with CONFIG_CPU_FREQ=y. linux-signed-arm64 (4.19.131+1) buster; urgency=medium . * Sign kernel from linux 4.19.131-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.119 - ext4: fix extent_status fragmentation for plain files - [arm64] drm/msm: Use the correct dma_sync calls harder - vti4: removed duplicate log message. - [arm64] Add part number for Neoverse N1 - [arm64] errata: Hide CTR_EL0.DIC on systems affected by Neoverse-N1 #1542419 - [arm64] Fake the IminLine size on systems affected by Neoverse-N1 #1542419 - [arm64] compat: Workaround Neoverse-N1 #1542419 for compat user-space - watchdog: reset last_hw_keepalive time at start - scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login - scsi: lpfc: Fix crash in target side cable pulls hitting WAIT_FOR_UNREG - ceph: return ceph_mdsc_do_request() errors from __get_parent() - ceph: don't skip updating wanted caps when cap is stale - scsi: iscsi: Report unbind session event when the target has been removed - [x86] ASoC: Intel: atom: Take the drv->lock mutex before calling sst_send_slot_map() - nvme: fix deadlock caused by ANA update wrong locking - ipc/util.c: sysvipc_find_ipc() should increase position index - [s390x] cio: avoid duplicated 'ADD' uevents - loop: Better discard support for block devices - [powerpc*] Revert "powerpc/64: irq_work avoid interrupt when called with hardware irqs enabled" - [arm*] pwm: bcm2835: Dynamically allocate base - perf/core: Disable page faults when getting phys address - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN MPWIN895CL tablet - xhci: Ensure link state is U3 after setting USB_SS_PORT_LS_U3 - virtio-blk: improve virtqueue error to BLK_STS - scsi: smartpqi: fix call trace in device discovery - PCI/ASPM: Allow re-enabling Clock PM - [x86] KVM: VMX: Zero out *all* general purpose registers after VM-Exit - cxgb4: fix adapter crash due to wrong MC size - cxgb4: fix large delays in PTP synchronization - ipv6: fix restrict IPV6_ADDRFORM operation - macsec: avoid to set wrong mtu - macvlan: fix null dereference in macvlan_device_event() - net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node - [arm64,armhf] net: stmmac: dwmac-meson8b: Add missing boundary to RGMII TX clock array - sched: etf: do not assume all sockets are full blown - tcp: cache line align MAX_TCP_HEADER - team: fix hang in team_mode_get() - vrf: Fix IPv6 with qdisc and xfrm - [armhf] net: dsa: b53: Lookup VID in ARL searches when VLAN is enabled - [armhf] net: dsa: b53: Fix ARL register definitions - [armhf] net: dsa: b53: Rework ARL bin logic - [armhf] net: dsa: b53: b53_arl_rw_op() needs to select IVL or SVL - xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish - vrf: Check skb for XFRM_TRANSFORMED flag - KEYS: Avoid false positive ENOMEM error on key read - ALSA: hda: Remove ASUS ROG Zenith from the blacklist - ALSA: usb-audio: Add static mapping table for ALC1220-VB-based mobos - ALSA: usb-audio: Add connector notifier delegation - [armhf] iio: st_sensors: rely on odr mask to know if odr can be set - USB: sisusbvga: Change port variable from signed to unsigned - USB: Add USB_QUIRK_DELAY_CTRL_MSG and USB_QUIRK_DELAY_INIT for Corsair K70 RGB RAPIDFIRE - USB: early: Handle AMD's spec-compliant identifiers, too - USB: hub: Fix handling of connect changes during sleep - vmalloc: fix remap_vmalloc_range() bounds checks - mm/hugetlb: fix a addressing exception caused by huge_pte_offset - mm/ksm: fix NULL pointer dereference when KSM zero page is enabled - ALSA: hda/realtek - Fix unexpected init_amp override - ALSA: hda/realtek - Add new codec supported for ALC245 - ALSA: usb-audio: Fix usb audio refcnt leak when getting spdif - ALSA: usb-audio: Filter out unsupported sample rates on Focusrite devices - tpm/tpm_tis: Free IRQ if probing fails - [s390x] KVM: Return last valid slot if approx index is out-of-bounds - KVM: Check validity of resolved slot when searching memslots - [x86] KVM: VMX: Enable machine check support for 32bit targets - tty: hvc: fix buffer overflow during hvc_alloc(). - [x86] tty: rocket, avoid OOB access - usb-storage: Add unusual_devs entry for JMicron JMS566 - audit: check the length of userspace generated audit records - ASoC: dapm: fixup dapm kcontrol widget - iwlwifi: pcie: actually release queue memory in TVQM - iwlwifi: mvm: beacon statistics shouldn't go backwards - [armel,armhf] ARM: imx: provide v7_cpu_resume() only on ARM_CPU_SUSPEND=y - [powerpc*] setup_64: Set cache-line-size based on cache-block-size - [i386] staging: comedi: dt2815: fix writing hi byte of analog output - [x86] staging: comedi: Fix comedi_device refcnt leak in comedi_open - vt: don't hardcode the mem allocation upper bound - vt: don't use kmalloc() for the unicode screen buffer - [x86] staging: vt6656: Don't set RCR_MULTICAST or RCR_BROADCAST by default. - [x86] staging: vt6656: Fix calling conditions of vnt_set_bss_mode - [x86] staging: vt6656: Fix drivers TBTT timing counter. - [x86] staging: vt6656: Fix pairwise key entry save. - [x86] staging: vt6656: Power save stop wake_up_count wrap around. - cdc-acm: close race betrween suspend() and acm_softint - cdc-acm: introduce a cool down - UAS: no use logging any details in case of ENODEV - UAS: fix deadlock in error handling and PM flushing work - [arm64,armhf] usb: dwc3: gadget: Fix request completion check - usb: f_fs: Clear OS Extended descriptor counts to zero in ffs_data_reset() - xhci: prevent bus suspend if a roothub port detected a over-current condition - xfs: Fix deadlock between AGI and AGF with RENAME_WHITEOUT https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.120 - mtd: cfi: fix deadloop in cfi_cmdset_0002.c do_write_buffer - [arm*] binder: take read mode of mmap_sem in binder_alloc_free_page() - [arm64,armhf] usb: dwc3: gadget: Do link recovery for SS and SSP - nfsd: memory corruption in nfsd4_lock() - rxrpc: Fix DATA Tx to disable nofrag for UDP on AF_INET6 socket - net/cxgb4: Check the return from t4_query_params properly - xfs: acquire superblock freeze protection on eofblocks scans - svcrdma: Fix trace point use-after-free race - svcrdma: Fix leak of svc_rdma_recv_ctxt objects - PCI: Avoid ASMedia XHCI USB PME# from D0 defect - [s390x] net/mlx5: Fix failing fw tracer allocation on s390 - perf/core: fix parent pid/tid in task exit events - [i386] bpf, x86_32: Fix incorrect encoding in BPF_LDX zero-extension - mm: shmem: disable interrupt when acquiring info->lock in userfaultfd_copy path - xfs: clear PF_MEMALLOC before exiting xfsaild thread - [x86] bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B - [armhf] net: fec: set GPR bit on suspend by DT configuration. - [x86] hyperv: report value of misc_features - xfs: fix partially uninitialized structure in xfs_reflink_remap_extent - ALSA: hda: Keep the controller initialization even if no codecs found - ALSA: hda: Explicitly permit using autosuspend if runtime PM is supported - scsi: target: fix PR IN / READ FULL STATUS for FC - scsi: target: tcmu: reset_ring should reset TCMU_DEV_BIT_BROKEN - xen/xenbus: ensure xenbus_map_ring_valloc() returns proper grant status - ALSA: hda: call runtime_allow() for all hda controllers - [arm64] Delete the space separator in __emit_inst - ext4: use matching invalidatepage in ext4_writepage - ext4: increase wait time needed before reuse of deleted inode numbers - ext4: convert BUG_ON's to WARN_ON's in mballoc.c - hwmon: (jc42) Fix name to have no illegal characters - [i386] bpf, x86_32: Fix clobbering of dst for BPF_JSET - qed: Fix use after free in qed_chain_free - ext4: check for non-zero journal inum in ext4_calculate_overhead https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.121 - drm/edid: Fix off-by-one in DispID DTD pixel clock - drm/qxl: qxl_release leak in qxl_draw_dirty_fb() - drm/qxl: qxl_release leak in qxl_hw_surface_alloc() - drm/qxl: qxl_release use after free - btrfs: fix block group leak when removing fails - ALSA: hda/realtek - Two front mics on a Lenovo ThinkCenter - ALSA: usb-audio: Correct a typo of NuPrime DAC-10 USB ID - ALSA: hda/hdmi: fix without unlocked before return - ALSA: pcm: oss: Place the plugin buffer overflow checks correctly (Closes: #960493) - PM: ACPI: Output correct message on target power state - PM: hibernate: Freeze kernel threads in software_resume() - dm writecache: fix data corruption when reloading the target - dm multipath: use updated MPATHF_QUEUE_IO on mapping for bio-based mpath - scsi: qla2xxx: set UNLOADING before waiting for session deletion - scsi: qla2xxx: check UNLOADING before posting async work - RDMA/mlx5: Set GRH fields in query QP on RoCE - RDMA/mlx4: Initialize ib_spec on the stack - RDMA/core: Prevent mixed use of FDs between shared ufiles - RDMA/core: Fix race between destroy and release FD object - [amd64,arm64] vfio: avoid possible overflow in vfio_iommu_type1_pin_pages - [amd64,arm64] vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() - [arm64] iommu/qcom: Fix local_base status check - scsi: target/iblock: fix WRITE SAME zeroing - [amd64] iommu/amd: Fix legacy interrupt remapping for x2APIC-enabled system - nfs: Fix potential posix_acl refcnt leak in nfs3_set_acl - btrfs: fix partial loss of prealloc extent past i_size after fsync - btrfs: transaction: Avoid deadlock due to bad initialization timing of fs_info::journal_info - mmc: cqhci: Avoid false "cqhci: CQE stuck on" by not open-coding timeout loop - [arm64] mmc: sdhci-xenon: fix annoying 1.8V regulator warning - mmc: sdhci-pci: Fix eMMC driver strength for BYT-based controllers - [arm64] mmc: sdhci-msm: Enable host capabilities pertains to R1b response - [armhf] mmc: meson-mx-sdio: Set MMC_CAP_WAIT_WHILE_BUSY - [armhf] mmc: meson-mx-sdio: remove the broken ->card_busy() op https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.122 - vhost: vsock: kick send_pkt worker once device is started - [powerpc*] pci/of: Parse unassigned resources - [x86] ASoC: topology: Check return value of pcm_new_ver - [armhf] ASoC: sgtl5000: Fix VAG power-on handling - [arm64,armhf] usb: dwc3: gadget: Properly set maxpacket limit - [x86] ASoC: codecs: hdac_hdmi: Fix incorrect use of list_for_each_entry - wimax/i2400m: Fix potential urb refcnt leak - [armhf] net: stmmac: fix enabling socfpga's ptp_ref_clock - [armhf] net: stmmac: Fix sub-second increment - cifs: protect updating server->dstaddr with a spinlock - [s390x] ftrace: fix potential crashes when switching tracers - sctp: Fix SHUTDOWN CTSN Ack in the peer restart case - drm/amdgpu: Fix oops when pp_funcs is unset in ACPI event - lib: devres: add a helper function for ioremap_uc - [x86] mfd: intel-lpss: Use devm_ioremap_uc for MMIO - ALSA: hda: Match both PCI ID and SSID for driver blacklist - [x86] platform: GPD pocket fan: Fix error message when temp-limits are out of range - mac80211: add ieee80211_is_any_nullfunc() - cgroup, netclassid: remove double cond_resched - drm/atomic: Take the atomic toys away from X https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.123 - USB: serial: qcserial: Add DW5816e support - tracing/kprobes: Fix a double initialization typo - vt: fix unicode console freeing with a common interface - fq_codel: fix TCA_FQ_CODEL_DROP_BATCH_SIZE sanity checks - net: macsec: preserve ingress frame ordering - net/mlx4_core: Fix use of ENOSPC around mlx4_counter_alloc() - net_sched: sch_skbprio: add message validation to skbprio_change() - net: usb: qmi_wwan: add support for DW5816e - sch_choke: avoid potential panic in choke_reset() - sch_sfq: validate silly quantum values - tipc: fix partial topology connection closure - bnxt_en: Fix VLAN acceleration handling in bnxt_fix_features(). - net/mlx5: Fix forced completion access non initialized command entry - net/mlx5: Fix command entry leak in Internal Error State - bnxt_en: Improve AER slot reset. - bnxt_en: Fix VF anti-spoof filter setup. - net: stricter validation of untrusted gso packets - HID: wacom: Read HID_DG_CONTACTMAX directly for non-generic devices - sctp: Fix bundling of SHUTDOWN with COOKIE-ACK - HID: usbhid: Fix race between usbhid_close() and usbhid_stop() - USB: uas: add quirk for LaCie 2Big Quadra - USB: serial: garmin_gps: add sanity checking for data length - tracing: Add a vmalloc_sync_mappings() for safe measure - [arm64,armhf] KVM: vgic: Fix limit condition when writing to GICD_I[CS]ACTIVER - [arm64] KVM: Fix 32bit PC wrap-around - [arm64] hugetlb: avoid potential NULL dereference - mm/page_alloc: fix watchdog soft lockups during set_zone_contiguous() - [x86] KVM: VMX: Explicitly reference RCX as the vmx_vcpu pointer in asm blobs - [x86] KVM: VMX: Mark RCX, RDX and RSI as clobbered in vmx_vcpu_run()'s asm blob - batman-adv: fix batadv_nc_random_weight_tq - batman-adv: Fix refcnt leak in batadv_show_throughput_override - batman-adv: Fix refcnt leak in batadv_store_throughput_override - batman-adv: Fix refcnt leak in batadv_v_ogm_process - [amd64] x86/entry/64: Fix unwind hints in register clearing code - [amd64] x86/entry/64: Fix unwind hints in kernel exit path - [amd64] x86/entry/64: Fix unwind hints in rewind_stack_do_exit() - [amd64] x86/unwind/orc: Don't skip the first frame for inactive tasks - [amd64] x86/unwind/orc: Prevent unwinding before ORC initialization - [amd64] x86/unwind/orc: Fix error path for bad ORC entry type - [amd64] x86/unwind/orc: Fix premature unwind stoppage due to IRET frames - netfilter: nat: never update the UDP checksum when it's 0 - netfilter: nf_osf: avoid passing pointer to local var - scripts/decodecode: fix trapping instruction formatting - ipc/mqueue.c: change __do_notify() to bypass check_kill_permission() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.124 - [arm64,armhf] net: dsa: Do not make user port errors fatal - shmem: fix possible deadlocks on shmlock_user_lock - virtio-blk: handle block_device_operations callbacks after hot unplug - mmc: sdhci-acpi: Add SDHCI_QUIRK2_BROKEN_64_BIT_DMA for AMDI0040 - net: fix a potential recursive NETDEV_FEAT_CHANGE - net: phy: fix aneg restart in phy_ethtool_set_eee - pppoe: only process PADT targeted at local interfaces - Revert "ipv6: add mtu lock check in __ip6_rt_update_pmtu" - tcp: fix error recovery in tcp_zerocopy_receive() - virtio_net: fix lockdep warning on 32 bit - [x86,arm64] hinic: fix a bug of ndo_stop - net: ipv4: really enforce backoff for redirects - netprio_cgroup: Fix unlimited memory leak of v2 cgroups - net: tcp: fix rx timestamp behavior for tcp_recvmsg - tcp: fix SO_RCVLOWAT hangs with fat skbs - [i386] dmaengine: pch_dma.c: Avoid data race between probe and irq handler - [x86] cpufreq: intel_pstate: Only mention the BIOS disabling turbo mode once - ALSA: hda/hdmi: fix race in monitor detection during probe - drm/qxl: lost qxl_bo_kunmap_atomic_page in qxl_image_init_helper() - ipc/util.c: sysvipc_find_ipc() incorrectly updates position index - ALSA: hda/realtek - Fix S3 pop noise on Dell Wyse - gfs2: Another gfs2_walk_metadata fix - [x86] pinctrl: baytrail: Enable pin configuration setting for GPIO chip - [x86] pinctrl: cherryview: Add missing spinlock usage in chv_gpio_irq_handler - i40iw: Fix error handling in i40iw_manage_arp_cache() - mmc: core: Check request type before completing the request - mmc: block: Fix request completion in the CQE timeout path - NFS: Fix fscache super_cookie index_key from changing after umount - nfs: fscache: use timespec64 in inode auxdata - NFSv4: Fix fscache cookie aux_data to ensure change_attr is included - [arm64] fix the flush_icache_range arguments in machine_kexec - netfilter: nft_set_rbtree: Introduce and use nft_rbtree_interval_start() - IB/mlx4: Test return value of calls to ib_get_cached_pkey - ALSA: hda/realtek - Limit int mic boost for Thinkpad T530 - ALSA: rawmidi: Fix racy buffer resize under concurrent accesses - ALSA: usb-audio: Add control message quirk delay for Kingston HyperX headset - usb: core: hub: limit HUB_QUIRK_DISABLE_AUTOSUSPEND to USB5534B - [arm64,armhf] usb: host: xhci-plat: keep runtime active when removing host - usb: xhci: Fix NULL pointer dereference when enqueuing trbs from urb sg list - cifs: fix leaked reference on requeued write - exec: Move would_dump into flush_old_exec - [arm64,armhf] clk: rockchip: fix incorrect configuration of rk3228 aclk_gpu* clocks - [arm64,armhf] dwc3: Remove check for HWO flag in dwc3_gadget_ep_reclaim_trb_sg() - Revert "ALSA: hda/realtek: Fix pop noise on ALC225" - clk: Unlink clock if failed to prepare or enable - [arm64] dts: rockchip: Replace RK805 PMIC node name with "pmic" on rk3328 boards - [x86] KVM: Fix off-by-one error in kvm_vcpu_ioctl_x86_setup_mce https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.125 - i2c: dev: Fix the race between the release of i2c_dev and cdev - fix multiplication overflow in copy_fdtable() - ubifs: remove broken lazytime support - [amd64] iommu/amd: Fix over-read of ACPI UID from IVRS table - ubi: Fix seq_file usage in detailed_erase_block_info debugfs file - HID: multitouch: add eGalaxTouch P80H84 support - HID: alps: Add AUI1657 device ID - HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead - scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV - scsi: qla2xxx: Delete all sessions before unregister local nvme port - configfs: fix config_item refcnt leak in configfs_rmdir() - vhost/vsock: fix packet delivery order to monitoring devices - [amd64] aquantia: Fix the media type of AQC100 ethernet controller in the driver - component: Silence bind error on -EPROBE_DEFER - [ppc64el] scsi: ibmvscsi: Fix WARN_ON during event pool release - HID: i2c-hid: reset Synaptics SYNA2393 on resume - [x86] apic: Move TSC deadline timer debug printk - gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() - HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A keyboard-dock - ceph: fix double unlock in handle_cap_export() - [arm64,armhf] stmmac: fix pointer check after utilization in stmmac_interrupt - USB: core: Fix misleading driver bug report - [x86] platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA - padata: Replace delayed timer with immediate workqueue in padata_reorder - padata: initialize pd->cpu with effective cpumask - padata: purge get_cpu and reorder_via_wq from padata_do_serial - ALSA: iec1712: Initialize STDSP24 properly when using the model=staudio option - ALSA: pcm: fix incorrect hw_base increase - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Xtreme - ALSA: hda/realtek - Add more fixup entries for Clevo machines - [armhf] drm/etnaviv: fix perfmon domain interation - apparmor: Fix use-after-free in aa_audit_rule_init - apparmor: fix potential label refcnt leak in aa_change_profile - apparmor: Fix aa_label refcnt leak in policy_update - [arm64] dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()' - [powerpc*] Remove STRICT_KERNEL_RWX incompatibility with RELOCATABLE - [powerpc*] 64s: Disable STRICT_KERNEL_RWX - [amd64,arm64] nfit: Add Hyper-V NVDIMM DSM command set to white list - [x86,arm64] libnvdimm/btt: Remove unnecessary code in btt_freelist_init - [x86,arm64] libnvdimm/btt: Fix LBA masking during 'free list' population - [x86] thunderbolt: Drop duplicated get_switch_at_route() - cxgb4: free mac_hlist properly - cxgb4/cxgb4vf: Fix mac_hlist initialization and free - brcmfmac: abort and release host after error - Revert "gfs2: Don't demote a glock until its revokes are written" - misc: rtsx: Add short delay after exit from ASPM - [x86] mei: release me_cl object reference - rxrpc: Fix a memory leak in rxkad_verify_response() - rxrpc: Trace discarded ACKs - rxrpc: Fix ack discard https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.126 - ax25: fix setsockopt(SO_BINDTODEVICE) - __netif_receive_skb_core: pass skb by reference - net: inet_csk: Fix so_reuseport bind-address cache in tb->fast* - net: ipip: fix wrong address family in init error path - net/mlx5: Add command entry handling completion - net: revert "net: get rid of an signed integer overflow in ip_idents_reserve()" - net sched: fix reporting the first-time use timestamp - r8152: support additional Microsoft Surface Ethernet Adapter variant - sctp: Don't add the shutdown timer if its already been added - sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and socket is closed - net/mlx5e: Update netdev txq on completions during closure - net/mlx5: Annotate mutex destroy for root ns - net: sun: fix missing release regions in cas_init_one(). - net/mlx4_core: fix a memory leak bug. - [armhf] dts: rockchip: fix phy nodename for rk3228-evb - [arm64] dts: rockchip: fix status for &gmac2phy in rk3328-evb.dts - [arm64,armhf] gpio: tegra: mask GPIO IRQs during IRQ shutdown - ALSA: usb-audio: add mapping for ASRock TRX40 Creator - gfs2: move privileged user check to gfs2_quota_lock_check - cachefiles: Fix race between read_waiter and read_copier involving op->to_do - [arm64] usb: dwc3: pci: Enable extcon driver for Intel Merrifield - usb: gadget: legacy: fix redundant initialization warnings - IB/i40iw: Remove bogus call to netdev_master_upper_dev_get() - cifs: Fix null pointer check in cifs_read - Input: usbtouchscreen - add support for BonXeon TP - Input: evdev - call input_flush_device() on release(), not flush() - Input: xpad - add custom init packet for Xbox One S controllers - Input: i8042 - add ThinkPad S230u to i8042 reset list - Input: synaptics-rmi4 - really fix attn_data use-after-free - Input: synaptics-rmi4 - fix error return code in rmi_driver_probe() - [armel,armhf] 8970/1: decompressor: increase tag size - [arm*] 8843/1: use unified assembler in headers - gpio: exar: Fix bad handling for ida_simple_get error path - IB/qib: Call kobject_put() when kobject_init_and_add() fails - [armhf] dts/imx6q-bx50v3: Set display interface clock parents - [armel,armhf] dts: bcm2835-rpi-zero-w: Fix led polarity - mmc: block: Fix use-after-free issue for rpmb - ALSA: hwdep: fix a left shifting 1 by 31 UB bug - ALSA: hda/realtek - Add a model for Thinkpad T570 without DAC workaround - ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC - exec: Always set cap_ambient in cap_bprm_set_creds - ALSA: usb-audio: Quirks for Gigabyte TRX40 Aorus Master onboard audio - ALSA: hda/realtek - Add new codec supported for ALC287 - libceph: ignore pool overlay and cache logic on redirects - IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode - mm: remove VM_BUG_ON(PageSlab()) from page_mapcount() - include/asm-generic/topology.h: guard cpumask_of_node() macro argument - iommu: Fix reference count leak in iommu_group_alloc. - mmc: core: Fix recursive locking issue in CQE recovery path - RDMA/core: Fix double destruction of uobject - mac80211: mesh: fix discovery timer re-arming issue / crash - [x86] dma: Fix max PFN arithmetic overflow on 32 bit systems - [x86] copy_xstate_to_kernel(): don't leave parts of destination uninitialized - xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input - xfrm: call xfrm_output_gso when inner_protocol is set in xfrm_output - xfrm interface: fix oops when deleting a x-netns interface - xfrm: fix a warning in xfrm_policy_insert_list - xfrm: fix a NULL-ptr deref in xfrm_local_error - xfrm: fix error in comment - vti4: eliminated some duplicate code. - ip_vti: receive ipip packet by calling ip_tunnel_rcv - netfilter: nft_reject_bridge: enable reject with bridge vlan - netfilter: ipset: Fix subcounter update skip - netfilter: nfnetlink_cthelper: unbreak userspace helper support - netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code - esp6: get the right proto for transport mode in esp6_gso_encap - bnxt_en: Fix accumulation of bp->net_stats_prev. - xsk: Add overflow check for u64 division, stored into u32 - qlcnic: fix missing release in qlcnic_83xx_interrupt_test. - bonding: Fix reference count leak in bond_sysfs_slave_add. - netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build - mm/vmalloc.c: don't dereference possible NULL pointer in __vunmap() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.127 - Revert "cgroup: Add memory barriers to plug cgroup_rstat_updated() race window" - libnvdimm: Fix endian conversion issues - HID: sony: Fix for broken buttons on DS3 USB dongles - HID: i2c-hid: add Schneider SCL142ALM to descriptor override - p54usb: add AirVasT USB stick device-id - mmc: fix compilation of user API - scsi: ufs: Release clock if DMA map fails - airo: Fix read overflows sending packets - [x86] drm/i915: fix port checks for MST support on gen >= 11 - [arm64] scsi: hisi_sas: Check sas_port before using it - [powerpc*] powernv: Avoid re-registration of imc debugfs directory - [s390x] ftrace: save traced function caller - drm/edid: Add Oculus Rift S to non-desktop list - [s390x] mm: fix set_huge_pte_at() for empty ptes - null_blk: return error for invalid zone size - [arm64] net: ethernet: stmmac: Enable interface clocks on probe for IPQ806x - [arm64,armhf] net: smsc911x: Fix runtime PM imbalance on error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.128 - devinet: fix memleak in inetdev_init() - l2tp: add sk_family checks to l2tp_validate_socket - l2tp: do not use inet_hash()/inet_unhash() - net: usb: qmi_wwan: add Telit LE910C1-EUX composition - vsock: fix timeout in vsock_accept() - net: check untrusted gso_size at kernel entry - USB: serial: qcserial: add DW5816e QDL support - USB: serial: usb_wwan: do not resubmit rx urb on fatal errors - USB: serial: option: add Telit LE910C1-EUX compositions - [arm64,armhf] usb: musb: start session in resume for host port - [arm64,armhf] usb: musb: Fix runtime PM imbalance on error - vt: keyboard: avoid signed integer overflow in k_ascii (CVE-2020-13974) - tty: hvc_console, fix crashes on parallel open/close - staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK - CDC-ACM: heed quirk also in error handling - [arm64] nvmem: qfprom: remove incorrect write support - uprobes: ensure that uprobe->offset and ->ref_ctr_offset are properly aligned - Revert "net/mlx5: Annotate mutex destroy for root ns" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.129 - ipv6: fix IPV6_ADDRFORM operation logic - net_failover: fixed rollback in net_failover_open() - bridge: Avoid infinite loop when suppressing NS messages with invalid options - vxlan: Avoid infinite loop when suppressing NS messages with invalid options - tun: correct header offsets in napi frags mode - make 'user_access_begin()' do 'access_ok()' (CVE-2018-20669) - [x86] uaccess: Inhibit speculation past access_ok() in user_access_begin() - lib: Reduce user_access_begin() boundaries in strncpy_from_user() and strnlen_user() - btrfs: merge btrfs_find_device and find_device (CVE-2019-18885) - btrfs: Detect unbalanced tree with empty leaf before crashing btree operations - [armel,armhf] 8977/1: ptrace: Fix mask for thumb breakpoint hook - sched/fair: Don't NUMA balance for kthreads - Input: synaptics - add a second working PNP_ID for Lenovo T470s - [powerpc*] xive: Clear the page tables for the ESB IO mapping - ath9k_htc: Silence undersized packet warnings - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated - [x86] cpu/amd: Make erratum #1054 a legacy erratum - perf probe: Accept the instance number of kretprobe event - mm: add kvfree_sensitive() for freeing sensitive data objects - aio: fix async fsync creds - btrfs: tree-checker: Check level for leaves and nodes - [x86] Fix jiffies ODR violation - [x86] PCI: Mark Intel C620 MROMs as having non-compliant BARs - [x86] speculation: Prevent rogue cross-process SSBD shutdown (CVE-2020-10766) - [x86] reboot/quirks: Add MacBook6,1 reboot quirk - efi/efivars: Add missing kobject_put() in sysfs entry creation error path - [i386] ALSA: es1688: Add the missed snd_card_free() - ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines - ALSA: usb-audio: Fix inconsistent card PM state after resume - ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt Dock - [arm64,x86] ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile() - [amd64,arm64] ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe() - [arm64] ACPI: GED: add support for _Exx / _Lxx handler methods - [arm64,x86] ACPI: PM: Avoid using power resources if there are none for D0 - cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages - nilfs2: fix null pointer dereference at nilfs_segctor_do_construct() - [arm*] spi: bcm2835aux: Fix controller unregister order - PM: runtime: clk: Fix clk_pm_runtime_get() error path - [arm64] crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated - ALSA: pcm: disallow linking stream to itself - [x86] {mce,mm}: Unmap the entire page if the whole page is affected and poisoned - [x86] KVM: Fix APIC page invalidation race - [x86] kvm: Fix L1TF mitigation for shadow MMU - [x86] KVM: x86/mmu: Consolidate "is MMIO SPTE" code - [x86] KVM: only do L1TF workaround on affected processors - [x86] speculation: Change misspelled STIPB to STIBP - [x86] speculation: Add support for STIBP always-on preferred mode - [x86] speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS. (CVE-2020-10767) - [x86] speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches. (CVE-2020-10768) - spi: No need to assign dummy value in spi_unregister_controller() - spi: Fix controller unregister order - [amd64] spi: pxa2xx: Fix controller unregister order - [arm*] spi: bcm2835: Fix controller unregister order - [amd64] spi: pxa2xx: Balance runtime PM enable/disable on error - [amd64] spi: pxa2xx: Fix runtime PM ref imbalance on probe error - crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req() - crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() - crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() - ovl: initialize error in ovl_copy_xattr - proc: Use new_inode not new_inode_pseudo - [x86] KVM: nSVM: fix condition for filtering async PF - [x86] KVM: nSVM: leave ASID aside in copy_vmcb_control_area - [x86] KVM: nVMX: Consult only the "basic" exit reason when routing nested exit - [arm64] KVM: Make vcpu_cp1x() work on Big Endian hosts - scsi: megaraid_sas: TM command refire leads to controller firmware crash - ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx - ath9k: Fix use-after-free Write in ath9k_htc_rx_msg - ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb - mm/slub: fix a memory leak in sysfs_slab_add() - fat: don't allow to mount if the FAT length == 0 - perf: Add cond_resched() to task_function_call() - [x86] agp/intel: Reinforce the barrier after GTT updates - [arm64] mmc: sdhci-msm: Clear tuning done flag while hs400 tuning - mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card() - xen/pvcalls-back: test for errors when calling backend_connect() - [arm64] KVM: Synchronize sysreg state on injecting an AArch32 exception - [arm64] ACPI: GED: use correct trigger type field in _Exx / _Lxx handling - [arm64] drm: bridge: adv7511: Extend list of audio sample rates - [x86] crypto: ccp -- don't "select" CONFIG_DMADEVICES - media: si2157: Better check for running tuner in init - [amd64] spi: pxa2xx: Apply CS clk quirk to BXT - [amd64] net: atlantic: make hw_get_regs optional - net: ena: fix error returning in ena_com_get_hash_function() - [arm64] insn: Fix two bugs in encoding 32-bit logical immediates - ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K - Bluetooth: Add SCO fallback for invalid LMP parameters error - [armhf] clocksource: dw_apb_timer: Make CPU-affiliation being optional - [armhf] clocksource: dw_apb_timer_of: Fix missing clockevent timers - btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums - batman-adv: Revert "disable ethtool link speed detection when auto negotiation off" - [armhf] mmc: meson-mx-sdio: trigger a soft reset after a timeout or CRC error - [x86] kvm/hyper-v: Explicitly align hcall param for kvm_hyperv_exit - [x86] net: vmxnet3: fix possible buffer overflow caused by bad DMA value in vmxnet3_get_rss() - brcmfmac: fix wrong location to get firmware feature - e1000: Distribute switch variables for initialization - dt-bindings: display: mediatek: control dpi pins mode to avoid leakage - audit: fix a net reference leak in audit_send_reply() - media: dvb: return -EREMOTEIO on i2c transfer failure. - [mips*] Make sparse_init() using top-down allocation - Bluetooth: btbcm: Add 2 missing models to subver tables - audit: fix a net reference leak in audit_list_rules_send() - netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported - exit: Move preemption fixup up, move blocking operations down - sched/core: Fix illegal RCU from offline CPUs - drivers/perf: hisi: Fix typo in events attribute array - [armhf] net: allwinner: Fix use correct return type for ndo_start_xmit() - xfs: clean up the error handling in xfs_swap_extents - Crypto/chcr: fix for ccm(aes) failed test - [mips*] cm: Fix an invalid error code of INTVN_*_ERR - xfs: reset buffer write failure state on successful completion - xfs: fix duplicate verification from xfs_qm_dqflush() - [x86] platform/x86: intel-vbtn: Use acpi_evaluate_integer() - [x86] platform/x86: intel-vbtn: Split keymap into buttons and switches parts - [x86] platform/x86: intel-vbtn: Do not advertise switches to userspace if they are not there - [x86] platform/x86: intel-vbtn: Also handle tablet-mode switch on "Detachable" and "Portable" chassis-types - nvme: refine the Qemu Identify CNS quirk - ath10k: Remove msdu from idr when management pkt send fails - [arm64] wcn36xx: Fix error handling path in 'wcn36xx_probe()' - net: qed*: Reduce RX and TX default ring count when running inside kdump kernel - mt76: avoid rx reorder buffer overflow - md: don't flush workqueue unconditionally in md_open - veth: Adjust hard_start offset on redirect XDP frames - net/mlx5e: IPoIB, Drop multicast packets that this interface sent - rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup() - mwifiex: Fix memory corruption in dump_station - [x86] boot: Correct relocation destination on old linkers - [x86] mm: Stop printing BRK addresses - btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a new qgroup - macvlan: Skip loopback packets in RX handler - PCI: Don't disable decoding when mmio_always_on is set - [mips*] Fix IRQ tracing when call handle_fpe() and handle_msa_fpe() - bcache: fix refcount underflow in bcache_device_free() - [arm64] mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk - mmc: via-sdmmc: Respect the cmd->busy_timeout from the mmc core - ixgbe: fix signed-integer-overflow warning - [armhf] mmc: sdhci-esdhc-imx: fix the mask for tuning start point - cpuidle: Fix three reference count leaks - [x86] platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32() - [x86] platform/x86: intel-hid: Add a quirk to support HP Spectre X2 (2015) - [x86] platform/x86: intel-vbtn: Only blacklist SW_TABLET_MODE on the 9 / "Laptop" chasis-type - btrfs: include non-missing as a qualifier for the latest_bdev - btrfs: send: emit file capabilities after chown - mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked() - mm: initialize deferred pages with interrupts enabled - ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max - ext4: fix error pointer dereference - ext4: fix race between ext4_sync_parent() and rename() - PCI: Avoid Pericom USB controller OHCI/EHCI PME# defect - PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0 - PCI: Avoid FLR for AMD Starship USB 3.0 - PCI: Add ACS quirk for iProc PAXB - PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints - PCI: Remove unused NFP32xx IDs - [x86] hwmon/k10temp, x86/amd_nb: Consolidate shared device IDs - [x86] amd_nb: Add PCI device IDs for family 17h, model 30h - PCI: add USR vendor id and use it in r8169 and w6692 driver - PCI: Move Synopsys HAPS platform device IDs - PCI: Move Rohm Vendor ID to generic list - misc: pci_endpoint_test: Add the layerscape EP device support - misc: pci_endpoint_test: Add support to test PCI EP in AM654x - PCI: Add Synopsys endpoint EDDA Device ID - PCI: Add NVIDIA GPU multi-function power dependencies - PCI: Enable NVIDIA HDA controllers - [x86] amd_nb: Add PCI device IDs for family 17h, model 70h - ALSA: lx6464es - add support for LX6464ESe pci express variant - PCI: Add Genesys Logic, Inc. Vendor ID - PCI: Add Amazon's Annapurna Labs vendor ID - PCI: vmd: Add device id for VMD device 8086:9A0B - [x86] amd_nb: Add Family 19h PCI IDs - PCI: Add Loongson vendor ID - serial: 8250_pci: Move Pericom IDs to pci_ids.h - PCI: Make ACS quirk implementations more uniform - PCI: Unify ACS quirk desired vs provided checking - PCI: Generalize multi-function power dependency device links - btrfs: fix error handling when submitting direct I/O bio - btrfs: fix wrong file range cleanup after an error filling dealloc range - PCI: Program MPS for RCiEP devices - e1000e: Disable TSO for buffer overrun workaround - e1000e: Relax condition to trigger reset for ME workaround - carl9170: remove P2P_GO support - media: go7007: fix a miss of snd_card_free (CVE-2019-20810) - Bluetooth: hci_bcm: fix freeing not-requested IRQ - b43legacy: Fix case where channel status is corrupted - b43: Fix connection problem with WPA3 - b43_legacy: Fix connection problem with WPA3 - igb: Report speed and duplex as unknown when device is runtime suspended - [arm64,armhf] power: vexpress: add suppress_bind_attrs to true - [armhf] pinctrl: samsung: Correct setting of eint wakeup mask on s5pv210 - [armhf] pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs - gnss: sirf: fix error return code in sirf_probe() - dm crypt: avoid truncating the logical block size - kernel/cpu_pm: Fix uninitted local in cpu_pm - [armhf] tegra: Correct PL310 Auxiliary Control Register initialization - [powerpc*] 64s: Don't let DT CPU features set FSCR_DSCR - [powerpc*] 64s: Save FSCR to init_task.thread.fscr after feature init - sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate registrations. - sunrpc: clean up properly in gss_mech_unregister() - [armhf] w1: omap-hdq: cleanup to add missing newline for some dev_dbg - perf probe: Do not show the skipped events - perf probe: Fix to check blacklist address correctly - perf probe: Check address correctness by map instead of _etext - perf symbols: Fix debuginfo search for Ubuntu https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.130 - [arm64,armhf] clk: sunxi: Fix incorrect usage of round_down() - [arm64,armhf] ASoC: tegra: tegra_wm8903: Support nvidia, headset property - i2c: piix4: Detect secondary SMBus controller on AMD AM4 chipsets - [x86] iio: pressure: bmp280: Tolerate IRQ before registering - [arm64] clk: qcom: msm8916: Fix the address location of pll->config_reg - [arm64] backlight: lp855x: Ensure regulators are disabled on probe failure - [armhf] ASoC: davinci-mcasp: Fix dma_chan refcnt leak when getting dma type - [armel] integrator: Add some Kconfig selections - scsi: qedi: Check for buffer overflow in qedi_set_path() - ALSA: hda/realtek - Introduce polarity for micmute LED GPIO - [i386] ALSA: isa/wavefront: prevent out of bounds write in ioctl - PCI: Allow pci_resize_resource() for devices on root bus - scsi: qla2xxx: Fix issue with adapter's stopping state - [x86] iio: bmp280: fix compensation of humidity - f2fs: report delalloc reserve as non-free in statfs for project quota - [x86] i2c: pxa: clear all master action bits in i2c_pxa_stop_message() - [armhf] clk: samsung: Mark top ISP and CAM clocks on Exynos542x as critical - usblp: poison URBs upon disconnect - serial: 8250: Fix max baud limit in generic 8250 port - dm mpath: switch paths in dm_blk_ioctl() code path - [arm64] PCI: aardvark: Don't blindly enable ASPM L0s and don't write to read-only register - vfio/pci: fix memory leaks in alloc_perm_bits() - RDMA/mlx5: Add init2init as a modify command - scsi: lpfc: Fix lpfc_nodelist leak when processing unsolicited event - [powerpc*] perf/hv-24x7: Fix inconsistent output values incase multiple hv-24x7 events run - nfsd: Fix svc_xprt refcnt leak when setup callback client failed - [amd64] PCI: vmd: Filter resource type bits from shadow register - [powerpc*] crashkernel: Take "mem=" option into account - yam: fix possible memory leak in yam_init_driver - apparmor: fix introspection of of task mode for unconfined tasks - apparmor: check/put label on apparmor_sk_clone_security() - scsi: sr: Fix sr_probe() missing deallocate of device minor - [powerpc*] scsi: ibmvscsi: Don't send host info in adapter info MAD after LPM - apparmor: fix nnp subset test for unconfined - [x86] purgatory: Disable various profiling and sanitizing options - scsi: qedi: Do not flush offload work if ARP not resolved - [armhf] dts: sun8i-h2-plus-bananapi-m2-zero: Fix led polarity - scsi: qedf: Fix crash when MFW calls for protocol stats while function is still probing - [arm64] firmware: qcom_scm: fix bogous abuse of dma-direct internals - ALSA: usb-audio: Improve frames size computation - ALSA: usb-audio: Fix racy list management in output queue - [s390x] qdio: put thinint indicator after early error - tty: hvc: Fix data abort due to race in hvc_open - [armhf] thermal/drivers/ti-soc-thermal: Avoid dereferencing ERR_PTR - [arm64,armhf] usb: dwc3: gadget: Properly handle failed kick_transfer - [mips64el,mipsel] staging: sm750fb: add missing case while setting FB_VISUAL - [arm64,i386] i2c: pxa: fix i2c_pxa_scream_blue_murder() debug output - [arm*] serial: amba-pl011: Make sure we initialize the port.lock spinlock - drivers: base: Fix NULL pointer exception in __platform_driver_probe() if a driver developer is foolish - PCI/ASPM: Allow ASPM on links to PCIe-to-PCI/PCI-X Bridges - scsi: qla2xxx: Fix warning after FC target reset - scsi: mpt3sas: Fix double free warnings - [arm64,armhf] pinctrl: rockchip: fix memleak in rockchip_dt_node_to_map - [armhf] clk: ti: composite: fix memory leak - PCI: Fix pci_register_host_bridge() device_register() error handling - [powerpc*] Don't initialise init_task->thread.regs - tty: n_gsm: Fix SOF skipping - tty: n_gsm: Fix waking up upper tty layer when room available - HID: Add quirks for Trust Panora Graphic Tablet - ipmi: use vzalloc instead of kmalloc for user creation - [powerpc*] pseries/ras: Fix FWNMI_VALID off by one - vfio-pci: Mask cap zero - usb/ohci-platform: Fix a warning when hibernating - [arm64] drm/msm/mdp5: Fix mdp5_init error path for failed mdp5_kms allocation - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT8-A tablet - [armhf] USB: host: ehci-mxc: Add error handling in ehci_mxc_drv_probe() - tty: n_gsm: Fix bogus i++ in gsm_data_kick - scsi: target: tcmu: Userspace must not complete queued commands - [powerpc*] 64s/pgtable: fix an undefined behaviour - dm zoned: return NULL if dmz_get_zone_for_reclaim() fails to find a zone - PCI/PTM: Inherit Switch Downstream Port PTM settings from Upstream Port - [arm64,armhf] PCI: dwc: Fix inner MSI IRQ domain registration - IB/cma: Fix ports memory leak in cma_configfs - [arm*] usb: dwc2: gadget: move gadget resume after the core is in L0 state - usb: gadget: Fix issue with config_ep_by_speed function - RDMA/iw_cxgb4: cleanup device debugfs entries on ULD remove - [x86] apic: Make TSC deadline timer detection message visible - scsi: target: tcmu: Fix a use after free in tcmu_check_expired_queue_cmd() - [arm*] clk: bcm2835: Fix return type of bcm2835_register_gate - [ppc64el] KVM: Book3S HV: Ignore kmemleak false positives - net: sunrpc: Fix off-by-one issues in 'rpc_ntop6' - NFSv4.1 fix rpc_call_done assignment for BIND_CONN_TO_SESSION - of: Fix a refcounting bug in __of_attach_node_sysfs() - rxrpc: Adjust /proc/net/rxrpc/calls to display call->debug_id not user_ID - gfs2: Allow lock_nolock mount to specify jid=X - scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj - scsi: ufs: Don't update urgent bkops level when toggling auto bkops - [armhf] pinctrl: freescale: imx: Fix an error handling path in 'imx_pinctrl_probe()' - geneve: change from tx_error to tx_dropped on missing metadata - lib/zlib: remove outdated and incorrect pre-increment optimization - blktrace: use errno instead of bi_status - blktrace: fix endianness in get_pdu_int() - blktrace: fix endianness for blk_log_remap() - gfs2: fix use-after-free on transaction ail lists - drivers/perf: hisi: Fix wrong value for all counters enable - afs: Fix memory leak in afs_put_sysnames() - ASoC: core: only convert non DPCM link to DPCM link - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT10-A tablet - ASoC: rt5645: Add platform-data for Asus T101HA - [arm64,armhf] drm/sun4i: hdmi ddc clk: Fix size of m divider - [x86] idt: Keep spurious entries unset in system_vectors - net/filter: Permit reading NET in load_bytes_relative when MAC not set - xdp: Fix xsk_generic_xmit errno - [arm64,armhf] usb/xhci-plat: Set PM runtime as active on resume - usb: host: ehci-platform: add a quirk to avoid stuck - usb/ehci-platform: Set PM runtime as active on resume - perf report: Fix NULL pointer dereference in hists__fprintf_nr_sample_events() - ext4: stop overwrite the errcode in ext4_setup_super - bcache: fix potential deadlock problem in btree_gc_coalesce (CVE-2020-12771) - afs: Fix non-setting of mtime when writing into mmap - afs: afs_write_end() should change i_size under the right lock - block: Fix use-after-free in blkdev_get() - [arm64] hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints - libata: Use per port sync for detach - drm: encoder_slave: fix refcouting error for modules - drm/dp_mst: Reformat drm_dp_check_act_status() a bit - drm/qxl: Use correct notify port address when creating cursor ring - selinux: fix double free - ext4: fix partial cluster initialization when splitting extent - ext4: avoid race conditions when remounting with options that change dax - drm/dp_mst: Increase ACT retry timeout to 3s - block: nr_sects_write(): Disable preemption on seqcount write - mtd: rawnand: Pass a nand_chip object to nand_scan() - mtd: rawnand: Pass a nand_chip object to nand_release() - mtd: rawnand: diskonchip: Fix the probe error path - [armel,armhf] mtd: rawnand: orion: Fix the probe error path - [s390x] fix syscall_get_error for compat processes - [x86] drm/i915: Whitelist context-local timestamp in the gen9 cmdparser - [x86] drm/i915/icl+: Fix hotplug interrupt disabling after storm detection - crypto: algif_skcipher - Cap recv SG list at ctx->used - crypto: algboss - don't wait during notifier callback - kprobes: Fix to protect kick_kprobe_optimizer() by kprobe_mutex - e1000e: Do not wake up the system via WOL if device wakeup is disabled - [mips*] net: octeon: mgmt: Repair filling of RX ring - kretprobe: Prevent triggering kretprobe from within kprobe_flush_task - sched/rt, net: Use CONFIG_PREEMPTION.patch - net: core: device_rename: Use rwsem instead of a seqcount - md: add feature flag MD_FEATURE_RAID0_LAYOUT - [x86] kvm: Move kvm_set_mmio_spte_mask() from x86.c to mmu.c - [x86] kvm: Fix reserved bits related calculation errors caused by MKTME - [x86] KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.131 - net: be more gentle about silly gso requests coming from user - block/bio-integrity: don't free 'buf' if bio_integrity_add_page() failed - fanotify: fix ignore mask logic for events on child and on dir - [armhf] mtd: rawnand: marvell: Fix the condition on a return code - net: sched: export __netdev_watchdog_up() - [x86] EDAC/amd64: Add Family 17h Model 30h PCI IDs - [arm64,armhf] i2c: tegra: Cleanup kerneldoc comments - [arm64,armhf] i2c: tegra: Add missing kerneldoc for some fields - [arm64,armhf] i2c: tegra: Fix Maximum transfer size - ALSA: hda/realtek - Enable the headset of ASUS B9450FA with ALC294 - ALSA: hda/realtek: Enable mute LED on an HP system - ALSA: hda/realtek - Enable micmute LED on and HP system - apparmor: don't try to replace stale label in ptraceme check (Closes: #963493) - [ppc64el] ibmveth: Fix max MTU limit - mld: fix memory leak in ipv6_mc_destroy_dev() - net: bridge: enfore alignment for ethernet address - net: fix memleak in register_netdevice() - net: place xmit recursion in softnet data - net: use correct this_cpu primitive in dev_recursion_level - net: increment xmit_recursion level in dev_direct_xmit() - net: usb: ax88179_178a: fix packet alignment padding - rxrpc: Fix notification call on completion of discarded calls - sctp: Don't advertise IPv4 addresses if ipv6only is set on the socket - tcp: don't ignore ECN CWR on pure ACK - tcp: grow window for OOO packets only for SACK flows - tg3: driver sleeps indefinitely when EEH errors exceed eeh_max_freezes - ip6_gre: fix use-after-free in ip6gre_tunnel_lookup() - net: phy: Check harder for errors in get_phy_id() - ip_tunnel: fix use-after-free in ip_tunnel_lookup() - sch_cake: don't try to reallocate or unshare skb unconditionally - sch_cake: fix a few style nits - tcp_cubic: fix spurious HYSTART_DELAY exit upon drop in min RTT - sch_cake: don't call diffserv parsing code when it is not needed - net: Fix the arp error in some cases - net: Do not clear the sock TX queue in sk_set_socket() - net: core: reduce recursion limit value - [arm*] usb: dwc2: Postponed gadget registration to the udc class driver - usb: add USB_QUIRK_DELAY_INIT for Logitech C922 - USB: ehci: reopen solution for Synopsys HC bug - xhci: Poll for U0 after disabling USB2 LPM - [armhf] usb: host: ehci-exynos: Fix error check in exynos_ehci_probe() - ALSA: usb-audio: add quirk for Denon DCD-1500RE - ALSA: usb-audio: add quirk for Samsung USBC Headset (AKG) - ALSA: usb-audio: Fix OOB access of mixer element list - [s390x] scsi: zfcp: Fix panic on ERP timeout for previously dismissed ERP action - xhci: Fix incorrect EP_STATE_MASK - xhci: Fix enumeration issue when setting max packet size for FS devices. - xhci: Return if xHCI doesn't support LPM - cdc-acm: Add DISABLE_ECHO quirk for Microchip/SMSC chip - loop: replace kill_bdev with invalidate_bdev - IB/mad: Fix use after free when destroying MAD agent - cifs/smb3: Fix data inconsistent when punch hole - cifs/smb3: Fix data inconsistent when zero file range - xfrm: Fix double ESP trailer insertion in IPsec crypto offload. - efi/esrt: Fix reference count leak in esre_create_sysfs_entry. - [armhf] regualtor: pfuze100: correct sw1a/sw2 on pfuze3000 - [armhf] ASoC: fsl_ssi: Fix bclk calculation for mono channel - [armhf] dts: Fix duovero smsc interrupt for suspend - regmap: Fix memory leak from regmap_register_patch - rxrpc: Fix handling of rwind from an ACK packet - RDMA/qedr: Fix KASAN: use-after-free in ucma_event_handler+0x532 - RDMA/cma: Protect bind_list and listen_list while finding matching cm id - RDMA/mad: Fix possible memory leak in ib_mad_post_receive_mads() - net: qed: fix left elements count calculation - net: qed: fix NVMe login fails over VFs - net: qed: fix excessive QM ILT lines consumption - cxgb4: move handling L2T ARP failures to caller - [armhf] imx5: add missing put_device() call in imx_suspend_alloc_ocram() - netfilter: ipset: fix unaligned atomic access - i2c: core: check returned size of emulated smbus block read - sched/deadline: Initialize ->dl_boosted - sched/core: Fix PI boosting between RT and DEADLINE tasks - ata/libata: Fix usage of page address by page_address in ata_scsi_mode_select_xlat function - net: alx: fix race condition in alx_remove - [s390x] ptrace: fix setting syscall number - [s390x] vdso: fix vDSO clock_getres() - kbuild: improve cc-option to clean up all temporary files - blktrace: break out of blktrace setup on concurrent calls - ALSA: hda: Add NVIDIA codec IDs 9a & 9d through a0 to patch table - ALSA: hda/realtek - Add quirk for MSI GE63 laptop - [x86,arm64] ACPI: sysfs: Fix pm_profile_attr type - [x86] KVM: Fix MSR range of APIC registers in X2APIC mode - [x86] KVM: nVMX: Plumb L2 GPA through to PML emulation - [amd64] x86/asm/64: Align start of __clear_user() loop to 16-bytes - btrfs: fix data block group relocation failure due to concurrent scrub - btrfs: fix failure of RWF_NOWAIT write into prealloc extent beyond eof - mm/slab: use memzero_explicit() in kzfree() - ocfs2: avoid inode removal while nfsd is accessing it - ocfs2: load global_inode_alloc - ocfs2: fix value of OCFS2_INVALID_SLOT - ocfs2: fix panic on nfs server over ocfs2 - [arm64] perf: Report the PC value in REGS_ABI_32 mode - tracing: Fix event trigger to accept redundant spaces - ring-buffer: Zero out time extend if it is nested and not absolute - drm/radeon: fix fb_div check in ni_init_smc_spll_table() - [x86,arm64] Staging: rtl8723bs: prevent buffer overflow in update_sta_support_rate() - sunrpc: fixed rollback in rpc_gssd_dummy_populate() - SUNRPC: Properly set the @subbuf parameter of xdr_buf_subsegment() - pNFS/flexfiles: Fix list corruption if the mirror count changes - NFSv4 fix CLOSE not waiting for direct IO compeletion - dm writecache: correct uncommitted_block when discarding uncommitted entry - dm writecache: add cond_resched to loop in persistent_memory_claim() - xfs: add agf freeblocks verify in xfs_agf_verify (CVE-2020-12655) - Revert "tty: hvc: Fix data abort due to race in hvc_open" . [ Salvatore Bonaccorso ] * [rt] Add new signing key for Tom Zanussi * nfsd: apply umask on fs without ACL support (Closes: #962254) * [rt] Update to 4.19.120-rt52: - tasklet: Address a race resulting in double-enqueue - hrtimer: fix logic for when grabbing softirq_expiry_lock can be elided * [rt] Update to 4.19.124-rt53 * [rt] Update to 4.19.127-rt55: - fs/dcache: Include swait.h header - mm: slub: Always flush the delayed empty slubs in flush_all() - tasklet: Fix UP case for tasklet CHAINED state * usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect (CVE-2020-15393) . [ Ben Hutchings ] * [rt] Update "net: move xmit_recursion to per-task variable on -RT" to apply on top of "net: place xmit recursion in softnet data" * [rt] Drop "net: Add a mutex around devnet_rename_seq", redundant with "net: Introduce net_rwsem to protect net_namespace_list" * [rt] Drop idle task related parts of "sched: Move mmdrop to RCU on RT", redundant with "sched/core: Fix illegal RCU from offline CPUs" * Bump ABI to 10 . [ YunQiang Su ] * [mips*]: Do not enable MIPS_O32_FP64_SUPPORT, since golang hasn't been migrated to FPXX yet and this breaks the golang packages on Octeon hardware. In turns this disables MSA on 32-bit kernels. . [ Luca Boccassi ] * [cloud] Enable INFINIBAND configs for HyperV/Azure (Closes: #958300) linux-signed-arm64 (4.19.118+2+deb10u1) buster-security; urgency=high . * Sign kernel from linux 4.19.118-2+deb10u1 . [ Salvatore Bonaccorso ] * selinux: properly handle multiple messages in selinux_netlink_send() (CVE-2020-10751) * fs/namespace.c: fix mountpoint reference counter race (CVE-2020-12114) * USB: core: Fix free-while-in-use bug in the USB S-Glibrary (CVE-2020-12464) * [x86] KVM: SVM: Fix potential memory leak in svm_cpu_init() (CVE-2020-12768) * scsi: sg: add sg_remove_request in sg_write (CVE-2020-12770) * USB: gadget: fix illegal array access in binding with UDC (CVE-2020-13143) * netlabel: cope with NULL catmap (CVE-2020-10711) * fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() (CVE-2020-10732) * kernel/relay.c: handle alloc_percpu returning NULL in relay_open (CVE-2019-19462) * mm: Fix mremap not considering huge pmd devmap (CVE-2020-10757) * [x86] KVM: nVMX: Always sync GUEST_BNDCFGS when it comes from vmcs01 * KVM: Introduce a new guest mapping API * [arm64] kvm: fix compilation on aarch64 * [s390x] kvm: fix compilation on s390 * [s390x] kvm: fix compile on s390 part 2 * KVM: Properly check if "page" is valid in kvm_vcpu_unmap * [x86] kvm: Introduce kvm_(un)map_gfn() (CVE-2019-3016) * [x86] kvm: Cache gfn to pfn translation (CVE-2019-3016) * [x86] KVM: Make sure KVM_VCPU_FLUSH_TLB flag is not missed (CVE-2019-3016) * [x86] KVM: Clean up host's steal time structure (CVE-2019-3016) * include/uapi/linux/swab.h: fix userspace breakage, use __BITS_PER_LONG for swap (Closes: #960271) . [ Ben Hutchings ] * propagate_one(): mnt_set_mountpoint() needs mount_lock * [x86] Add support for mitigation of Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543): - x86/cpu: Add 'table' argument to cpu_matches() - x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation - x86/speculation: Add SRBDS vulnerability and mitigation documentation - x86/speculation: Add Ivy Bridge to affected list * [x86] speculation: Do not match steppings, to avoid an ABI change linux-signed-arm64 (4.19.118+2+deb10u1~bpo9+1) stretch-backports; urgency=medium . * Sign kernel from linux 4.19.118-2+deb10u1~bpo9+1 . * Rebuild for stretch-backports; no further changes required linux-signed-i386 (4.19.132+1) buster; urgency=medium . * Sign kernel from linux 4.19.132-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.132 - btrfs: fix a block group ref counter leak after failure to remove block group - mm: fix swap cache node allocation mask - [x86] EDAC/amd64: Read back the scrub rate PCI register on F15h - usbnet: smsc95xx: Fix use-after-free after removal - mm/slub.c: fix corrupted freechain in deactivate_slab() - mm/slub: fix stack overruns with SLUB_STATS - [s390x] debug: avoid kernel warning on too large number of pages - nvme-multipath: set bdi capabilities once - nvme-multipath: fix deadlock between ana_work and scan_work - crypto: af_alg - fix use-after-free in af_alg_accept() due to bh_lock_sock() - [arm64] drm/msm/dpu: fix error return code in dpu_encoder_init - cxgb4: use unaligned conversion for fetching timestamp - cxgb4: parse TC-U32 key values and masks natively - cxgb4: use correct type for all-mask IP address comparison - cxgb4: fix SGE queue dump destination buffer context - [x86] hwmon: (acpi_power_meter) Fix potential memory leak in acpi_power_meter_add() - [arm64,armhf] drm: sun4i: hdmi: Remove extra HPD polling - virtio-blk: free vblk-vqs in error path of virtblk_probe() - SMB3: Honor 'posix' flag for multiuser mounts - nvme: fix a crash in nvme_mpath_add_disk - i2c: algo-pca: Add 0x78 as SCL stuck low status for PCA9665 - Revert "ALSA: usb-audio: Improve frames size computation" - SMB3: Honor 'seal' flag for multiuser mounts - SMB3: Honor persistent/resilient handle flags for multiuser mounts - SMB3: Honor lease disabling for multiuser mounts - cifs: Fix the target file was deleted when rename failed. - [mips*] Add missing EHB in mtc0 -> mfc0 sequence for DSPen - [arm64,armhf] irqchip/gic: Atomically update affinity - dm zoned: assign max_io_len correctly - efi: Make it possible to disable efivar_ssdt entirely . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.132-rt59 * Revert "ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb" (Closes: #964153, #964480) * efi: Restrict efivar_ssdt_load when the kernel is locked down (CVE-2019-20908) * certs: Rotate to use the Debian Secure Boot Signer 2020 certificate * e1000e: Add support for Comet Lake (Closes: #965365) linux-signed-i386 (4.19.131+2) buster; urgency=medium . * Sign kernel from linux 4.19.131-2 . [ Aurelien Jarno ] * Revert "mips: Add udelay lpj numbers adjustment", since it causes the build to fail with CONFIG_CPU_FREQ=y. linux-signed-i386 (4.19.131+1) buster; urgency=medium . * Sign kernel from linux 4.19.131-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.119 - ext4: fix extent_status fragmentation for plain files - [arm64] drm/msm: Use the correct dma_sync calls harder - vti4: removed duplicate log message. - [arm64] Add part number for Neoverse N1 - [arm64] errata: Hide CTR_EL0.DIC on systems affected by Neoverse-N1 #1542419 - [arm64] Fake the IminLine size on systems affected by Neoverse-N1 #1542419 - [arm64] compat: Workaround Neoverse-N1 #1542419 for compat user-space - watchdog: reset last_hw_keepalive time at start - scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login - scsi: lpfc: Fix crash in target side cable pulls hitting WAIT_FOR_UNREG - ceph: return ceph_mdsc_do_request() errors from __get_parent() - ceph: don't skip updating wanted caps when cap is stale - scsi: iscsi: Report unbind session event when the target has been removed - [x86] ASoC: Intel: atom: Take the drv->lock mutex before calling sst_send_slot_map() - nvme: fix deadlock caused by ANA update wrong locking - ipc/util.c: sysvipc_find_ipc() should increase position index - [s390x] cio: avoid duplicated 'ADD' uevents - loop: Better discard support for block devices - [powerpc*] Revert "powerpc/64: irq_work avoid interrupt when called with hardware irqs enabled" - [arm*] pwm: bcm2835: Dynamically allocate base - perf/core: Disable page faults when getting phys address - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN MPWIN895CL tablet - xhci: Ensure link state is U3 after setting USB_SS_PORT_LS_U3 - virtio-blk: improve virtqueue error to BLK_STS - scsi: smartpqi: fix call trace in device discovery - PCI/ASPM: Allow re-enabling Clock PM - [x86] KVM: VMX: Zero out *all* general purpose registers after VM-Exit - cxgb4: fix adapter crash due to wrong MC size - cxgb4: fix large delays in PTP synchronization - ipv6: fix restrict IPV6_ADDRFORM operation - macsec: avoid to set wrong mtu - macvlan: fix null dereference in macvlan_device_event() - net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node - [arm64,armhf] net: stmmac: dwmac-meson8b: Add missing boundary to RGMII TX clock array - sched: etf: do not assume all sockets are full blown - tcp: cache line align MAX_TCP_HEADER - team: fix hang in team_mode_get() - vrf: Fix IPv6 with qdisc and xfrm - [armhf] net: dsa: b53: Lookup VID in ARL searches when VLAN is enabled - [armhf] net: dsa: b53: Fix ARL register definitions - [armhf] net: dsa: b53: Rework ARL bin logic - [armhf] net: dsa: b53: b53_arl_rw_op() needs to select IVL or SVL - xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish - vrf: Check skb for XFRM_TRANSFORMED flag - KEYS: Avoid false positive ENOMEM error on key read - ALSA: hda: Remove ASUS ROG Zenith from the blacklist - ALSA: usb-audio: Add static mapping table for ALC1220-VB-based mobos - ALSA: usb-audio: Add connector notifier delegation - [armhf] iio: st_sensors: rely on odr mask to know if odr can be set - USB: sisusbvga: Change port variable from signed to unsigned - USB: Add USB_QUIRK_DELAY_CTRL_MSG and USB_QUIRK_DELAY_INIT for Corsair K70 RGB RAPIDFIRE - USB: early: Handle AMD's spec-compliant identifiers, too - USB: hub: Fix handling of connect changes during sleep - vmalloc: fix remap_vmalloc_range() bounds checks - mm/hugetlb: fix a addressing exception caused by huge_pte_offset - mm/ksm: fix NULL pointer dereference when KSM zero page is enabled - ALSA: hda/realtek - Fix unexpected init_amp override - ALSA: hda/realtek - Add new codec supported for ALC245 - ALSA: usb-audio: Fix usb audio refcnt leak when getting spdif - ALSA: usb-audio: Filter out unsupported sample rates on Focusrite devices - tpm/tpm_tis: Free IRQ if probing fails - [s390x] KVM: Return last valid slot if approx index is out-of-bounds - KVM: Check validity of resolved slot when searching memslots - [x86] KVM: VMX: Enable machine check support for 32bit targets - tty: hvc: fix buffer overflow during hvc_alloc(). - [x86] tty: rocket, avoid OOB access - usb-storage: Add unusual_devs entry for JMicron JMS566 - audit: check the length of userspace generated audit records - ASoC: dapm: fixup dapm kcontrol widget - iwlwifi: pcie: actually release queue memory in TVQM - iwlwifi: mvm: beacon statistics shouldn't go backwards - [armel,armhf] ARM: imx: provide v7_cpu_resume() only on ARM_CPU_SUSPEND=y - [powerpc*] setup_64: Set cache-line-size based on cache-block-size - [i386] staging: comedi: dt2815: fix writing hi byte of analog output - [x86] staging: comedi: Fix comedi_device refcnt leak in comedi_open - vt: don't hardcode the mem allocation upper bound - vt: don't use kmalloc() for the unicode screen buffer - [x86] staging: vt6656: Don't set RCR_MULTICAST or RCR_BROADCAST by default. - [x86] staging: vt6656: Fix calling conditions of vnt_set_bss_mode - [x86] staging: vt6656: Fix drivers TBTT timing counter. - [x86] staging: vt6656: Fix pairwise key entry save. - [x86] staging: vt6656: Power save stop wake_up_count wrap around. - cdc-acm: close race betrween suspend() and acm_softint - cdc-acm: introduce a cool down - UAS: no use logging any details in case of ENODEV - UAS: fix deadlock in error handling and PM flushing work - [arm64,armhf] usb: dwc3: gadget: Fix request completion check - usb: f_fs: Clear OS Extended descriptor counts to zero in ffs_data_reset() - xhci: prevent bus suspend if a roothub port detected a over-current condition - xfs: Fix deadlock between AGI and AGF with RENAME_WHITEOUT https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.120 - mtd: cfi: fix deadloop in cfi_cmdset_0002.c do_write_buffer - [arm*] binder: take read mode of mmap_sem in binder_alloc_free_page() - [arm64,armhf] usb: dwc3: gadget: Do link recovery for SS and SSP - nfsd: memory corruption in nfsd4_lock() - rxrpc: Fix DATA Tx to disable nofrag for UDP on AF_INET6 socket - net/cxgb4: Check the return from t4_query_params properly - xfs: acquire superblock freeze protection on eofblocks scans - svcrdma: Fix trace point use-after-free race - svcrdma: Fix leak of svc_rdma_recv_ctxt objects - PCI: Avoid ASMedia XHCI USB PME# from D0 defect - [s390x] net/mlx5: Fix failing fw tracer allocation on s390 - perf/core: fix parent pid/tid in task exit events - [i386] bpf, x86_32: Fix incorrect encoding in BPF_LDX zero-extension - mm: shmem: disable interrupt when acquiring info->lock in userfaultfd_copy path - xfs: clear PF_MEMALLOC before exiting xfsaild thread - [x86] bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B - [armhf] net: fec: set GPR bit on suspend by DT configuration. - [x86] hyperv: report value of misc_features - xfs: fix partially uninitialized structure in xfs_reflink_remap_extent - ALSA: hda: Keep the controller initialization even if no codecs found - ALSA: hda: Explicitly permit using autosuspend if runtime PM is supported - scsi: target: fix PR IN / READ FULL STATUS for FC - scsi: target: tcmu: reset_ring should reset TCMU_DEV_BIT_BROKEN - xen/xenbus: ensure xenbus_map_ring_valloc() returns proper grant status - ALSA: hda: call runtime_allow() for all hda controllers - [arm64] Delete the space separator in __emit_inst - ext4: use matching invalidatepage in ext4_writepage - ext4: increase wait time needed before reuse of deleted inode numbers - ext4: convert BUG_ON's to WARN_ON's in mballoc.c - hwmon: (jc42) Fix name to have no illegal characters - [i386] bpf, x86_32: Fix clobbering of dst for BPF_JSET - qed: Fix use after free in qed_chain_free - ext4: check for non-zero journal inum in ext4_calculate_overhead https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.121 - drm/edid: Fix off-by-one in DispID DTD pixel clock - drm/qxl: qxl_release leak in qxl_draw_dirty_fb() - drm/qxl: qxl_release leak in qxl_hw_surface_alloc() - drm/qxl: qxl_release use after free - btrfs: fix block group leak when removing fails - ALSA: hda/realtek - Two front mics on a Lenovo ThinkCenter - ALSA: usb-audio: Correct a typo of NuPrime DAC-10 USB ID - ALSA: hda/hdmi: fix without unlocked before return - ALSA: pcm: oss: Place the plugin buffer overflow checks correctly (Closes: #960493) - PM: ACPI: Output correct message on target power state - PM: hibernate: Freeze kernel threads in software_resume() - dm writecache: fix data corruption when reloading the target - dm multipath: use updated MPATHF_QUEUE_IO on mapping for bio-based mpath - scsi: qla2xxx: set UNLOADING before waiting for session deletion - scsi: qla2xxx: check UNLOADING before posting async work - RDMA/mlx5: Set GRH fields in query QP on RoCE - RDMA/mlx4: Initialize ib_spec on the stack - RDMA/core: Prevent mixed use of FDs between shared ufiles - RDMA/core: Fix race between destroy and release FD object - [amd64,arm64] vfio: avoid possible overflow in vfio_iommu_type1_pin_pages - [amd64,arm64] vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() - [arm64] iommu/qcom: Fix local_base status check - scsi: target/iblock: fix WRITE SAME zeroing - [amd64] iommu/amd: Fix legacy interrupt remapping for x2APIC-enabled system - nfs: Fix potential posix_acl refcnt leak in nfs3_set_acl - btrfs: fix partial loss of prealloc extent past i_size after fsync - btrfs: transaction: Avoid deadlock due to bad initialization timing of fs_info::journal_info - mmc: cqhci: Avoid false "cqhci: CQE stuck on" by not open-coding timeout loop - [arm64] mmc: sdhci-xenon: fix annoying 1.8V regulator warning - mmc: sdhci-pci: Fix eMMC driver strength for BYT-based controllers - [arm64] mmc: sdhci-msm: Enable host capabilities pertains to R1b response - [armhf] mmc: meson-mx-sdio: Set MMC_CAP_WAIT_WHILE_BUSY - [armhf] mmc: meson-mx-sdio: remove the broken ->card_busy() op https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.122 - vhost: vsock: kick send_pkt worker once device is started - [powerpc*] pci/of: Parse unassigned resources - [x86] ASoC: topology: Check return value of pcm_new_ver - [armhf] ASoC: sgtl5000: Fix VAG power-on handling - [arm64,armhf] usb: dwc3: gadget: Properly set maxpacket limit - [x86] ASoC: codecs: hdac_hdmi: Fix incorrect use of list_for_each_entry - wimax/i2400m: Fix potential urb refcnt leak - [armhf] net: stmmac: fix enabling socfpga's ptp_ref_clock - [armhf] net: stmmac: Fix sub-second increment - cifs: protect updating server->dstaddr with a spinlock - [s390x] ftrace: fix potential crashes when switching tracers - sctp: Fix SHUTDOWN CTSN Ack in the peer restart case - drm/amdgpu: Fix oops when pp_funcs is unset in ACPI event - lib: devres: add a helper function for ioremap_uc - [x86] mfd: intel-lpss: Use devm_ioremap_uc for MMIO - ALSA: hda: Match both PCI ID and SSID for driver blacklist - [x86] platform: GPD pocket fan: Fix error message when temp-limits are out of range - mac80211: add ieee80211_is_any_nullfunc() - cgroup, netclassid: remove double cond_resched - drm/atomic: Take the atomic toys away from X https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.123 - USB: serial: qcserial: Add DW5816e support - tracing/kprobes: Fix a double initialization typo - vt: fix unicode console freeing with a common interface - fq_codel: fix TCA_FQ_CODEL_DROP_BATCH_SIZE sanity checks - net: macsec: preserve ingress frame ordering - net/mlx4_core: Fix use of ENOSPC around mlx4_counter_alloc() - net_sched: sch_skbprio: add message validation to skbprio_change() - net: usb: qmi_wwan: add support for DW5816e - sch_choke: avoid potential panic in choke_reset() - sch_sfq: validate silly quantum values - tipc: fix partial topology connection closure - bnxt_en: Fix VLAN acceleration handling in bnxt_fix_features(). - net/mlx5: Fix forced completion access non initialized command entry - net/mlx5: Fix command entry leak in Internal Error State - bnxt_en: Improve AER slot reset. - bnxt_en: Fix VF anti-spoof filter setup. - net: stricter validation of untrusted gso packets - HID: wacom: Read HID_DG_CONTACTMAX directly for non-generic devices - sctp: Fix bundling of SHUTDOWN with COOKIE-ACK - HID: usbhid: Fix race between usbhid_close() and usbhid_stop() - USB: uas: add quirk for LaCie 2Big Quadra - USB: serial: garmin_gps: add sanity checking for data length - tracing: Add a vmalloc_sync_mappings() for safe measure - [arm64,armhf] KVM: vgic: Fix limit condition when writing to GICD_I[CS]ACTIVER - [arm64] KVM: Fix 32bit PC wrap-around - [arm64] hugetlb: avoid potential NULL dereference - mm/page_alloc: fix watchdog soft lockups during set_zone_contiguous() - [x86] KVM: VMX: Explicitly reference RCX as the vmx_vcpu pointer in asm blobs - [x86] KVM: VMX: Mark RCX, RDX and RSI as clobbered in vmx_vcpu_run()'s asm blob - batman-adv: fix batadv_nc_random_weight_tq - batman-adv: Fix refcnt leak in batadv_show_throughput_override - batman-adv: Fix refcnt leak in batadv_store_throughput_override - batman-adv: Fix refcnt leak in batadv_v_ogm_process - [amd64] x86/entry/64: Fix unwind hints in register clearing code - [amd64] x86/entry/64: Fix unwind hints in kernel exit path - [amd64] x86/entry/64: Fix unwind hints in rewind_stack_do_exit() - [amd64] x86/unwind/orc: Don't skip the first frame for inactive tasks - [amd64] x86/unwind/orc: Prevent unwinding before ORC initialization - [amd64] x86/unwind/orc: Fix error path for bad ORC entry type - [amd64] x86/unwind/orc: Fix premature unwind stoppage due to IRET frames - netfilter: nat: never update the UDP checksum when it's 0 - netfilter: nf_osf: avoid passing pointer to local var - scripts/decodecode: fix trapping instruction formatting - ipc/mqueue.c: change __do_notify() to bypass check_kill_permission() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.124 - [arm64,armhf] net: dsa: Do not make user port errors fatal - shmem: fix possible deadlocks on shmlock_user_lock - virtio-blk: handle block_device_operations callbacks after hot unplug - mmc: sdhci-acpi: Add SDHCI_QUIRK2_BROKEN_64_BIT_DMA for AMDI0040 - net: fix a potential recursive NETDEV_FEAT_CHANGE - net: phy: fix aneg restart in phy_ethtool_set_eee - pppoe: only process PADT targeted at local interfaces - Revert "ipv6: add mtu lock check in __ip6_rt_update_pmtu" - tcp: fix error recovery in tcp_zerocopy_receive() - virtio_net: fix lockdep warning on 32 bit - [x86,arm64] hinic: fix a bug of ndo_stop - net: ipv4: really enforce backoff for redirects - netprio_cgroup: Fix unlimited memory leak of v2 cgroups - net: tcp: fix rx timestamp behavior for tcp_recvmsg - tcp: fix SO_RCVLOWAT hangs with fat skbs - [i386] dmaengine: pch_dma.c: Avoid data race between probe and irq handler - [x86] cpufreq: intel_pstate: Only mention the BIOS disabling turbo mode once - ALSA: hda/hdmi: fix race in monitor detection during probe - drm/qxl: lost qxl_bo_kunmap_atomic_page in qxl_image_init_helper() - ipc/util.c: sysvipc_find_ipc() incorrectly updates position index - ALSA: hda/realtek - Fix S3 pop noise on Dell Wyse - gfs2: Another gfs2_walk_metadata fix - [x86] pinctrl: baytrail: Enable pin configuration setting for GPIO chip - [x86] pinctrl: cherryview: Add missing spinlock usage in chv_gpio_irq_handler - i40iw: Fix error handling in i40iw_manage_arp_cache() - mmc: core: Check request type before completing the request - mmc: block: Fix request completion in the CQE timeout path - NFS: Fix fscache super_cookie index_key from changing after umount - nfs: fscache: use timespec64 in inode auxdata - NFSv4: Fix fscache cookie aux_data to ensure change_attr is included - [arm64] fix the flush_icache_range arguments in machine_kexec - netfilter: nft_set_rbtree: Introduce and use nft_rbtree_interval_start() - IB/mlx4: Test return value of calls to ib_get_cached_pkey - ALSA: hda/realtek - Limit int mic boost for Thinkpad T530 - ALSA: rawmidi: Fix racy buffer resize under concurrent accesses - ALSA: usb-audio: Add control message quirk delay for Kingston HyperX headset - usb: core: hub: limit HUB_QUIRK_DISABLE_AUTOSUSPEND to USB5534B - [arm64,armhf] usb: host: xhci-plat: keep runtime active when removing host - usb: xhci: Fix NULL pointer dereference when enqueuing trbs from urb sg list - cifs: fix leaked reference on requeued write - exec: Move would_dump into flush_old_exec - [arm64,armhf] clk: rockchip: fix incorrect configuration of rk3228 aclk_gpu* clocks - [arm64,armhf] dwc3: Remove check for HWO flag in dwc3_gadget_ep_reclaim_trb_sg() - Revert "ALSA: hda/realtek: Fix pop noise on ALC225" - clk: Unlink clock if failed to prepare or enable - [arm64] dts: rockchip: Replace RK805 PMIC node name with "pmic" on rk3328 boards - [x86] KVM: Fix off-by-one error in kvm_vcpu_ioctl_x86_setup_mce https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.125 - i2c: dev: Fix the race between the release of i2c_dev and cdev - fix multiplication overflow in copy_fdtable() - ubifs: remove broken lazytime support - [amd64] iommu/amd: Fix over-read of ACPI UID from IVRS table - ubi: Fix seq_file usage in detailed_erase_block_info debugfs file - HID: multitouch: add eGalaxTouch P80H84 support - HID: alps: Add AUI1657 device ID - HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead - scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV - scsi: qla2xxx: Delete all sessions before unregister local nvme port - configfs: fix config_item refcnt leak in configfs_rmdir() - vhost/vsock: fix packet delivery order to monitoring devices - [amd64] aquantia: Fix the media type of AQC100 ethernet controller in the driver - component: Silence bind error on -EPROBE_DEFER - [ppc64el] scsi: ibmvscsi: Fix WARN_ON during event pool release - HID: i2c-hid: reset Synaptics SYNA2393 on resume - [x86] apic: Move TSC deadline timer debug printk - gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() - HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A keyboard-dock - ceph: fix double unlock in handle_cap_export() - [arm64,armhf] stmmac: fix pointer check after utilization in stmmac_interrupt - USB: core: Fix misleading driver bug report - [x86] platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA - padata: Replace delayed timer with immediate workqueue in padata_reorder - padata: initialize pd->cpu with effective cpumask - padata: purge get_cpu and reorder_via_wq from padata_do_serial - ALSA: iec1712: Initialize STDSP24 properly when using the model=staudio option - ALSA: pcm: fix incorrect hw_base increase - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Xtreme - ALSA: hda/realtek - Add more fixup entries for Clevo machines - [armhf] drm/etnaviv: fix perfmon domain interation - apparmor: Fix use-after-free in aa_audit_rule_init - apparmor: fix potential label refcnt leak in aa_change_profile - apparmor: Fix aa_label refcnt leak in policy_update - [arm64] dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()' - [powerpc*] Remove STRICT_KERNEL_RWX incompatibility with RELOCATABLE - [powerpc*] 64s: Disable STRICT_KERNEL_RWX - [amd64,arm64] nfit: Add Hyper-V NVDIMM DSM command set to white list - [x86,arm64] libnvdimm/btt: Remove unnecessary code in btt_freelist_init - [x86,arm64] libnvdimm/btt: Fix LBA masking during 'free list' population - [x86] thunderbolt: Drop duplicated get_switch_at_route() - cxgb4: free mac_hlist properly - cxgb4/cxgb4vf: Fix mac_hlist initialization and free - brcmfmac: abort and release host after error - Revert "gfs2: Don't demote a glock until its revokes are written" - misc: rtsx: Add short delay after exit from ASPM - [x86] mei: release me_cl object reference - rxrpc: Fix a memory leak in rxkad_verify_response() - rxrpc: Trace discarded ACKs - rxrpc: Fix ack discard https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.126 - ax25: fix setsockopt(SO_BINDTODEVICE) - __netif_receive_skb_core: pass skb by reference - net: inet_csk: Fix so_reuseport bind-address cache in tb->fast* - net: ipip: fix wrong address family in init error path - net/mlx5: Add command entry handling completion - net: revert "net: get rid of an signed integer overflow in ip_idents_reserve()" - net sched: fix reporting the first-time use timestamp - r8152: support additional Microsoft Surface Ethernet Adapter variant - sctp: Don't add the shutdown timer if its already been added - sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and socket is closed - net/mlx5e: Update netdev txq on completions during closure - net/mlx5: Annotate mutex destroy for root ns - net: sun: fix missing release regions in cas_init_one(). - net/mlx4_core: fix a memory leak bug. - [armhf] dts: rockchip: fix phy nodename for rk3228-evb - [arm64] dts: rockchip: fix status for &gmac2phy in rk3328-evb.dts - [arm64,armhf] gpio: tegra: mask GPIO IRQs during IRQ shutdown - ALSA: usb-audio: add mapping for ASRock TRX40 Creator - gfs2: move privileged user check to gfs2_quota_lock_check - cachefiles: Fix race between read_waiter and read_copier involving op->to_do - [arm64] usb: dwc3: pci: Enable extcon driver for Intel Merrifield - usb: gadget: legacy: fix redundant initialization warnings - IB/i40iw: Remove bogus call to netdev_master_upper_dev_get() - cifs: Fix null pointer check in cifs_read - Input: usbtouchscreen - add support for BonXeon TP - Input: evdev - call input_flush_device() on release(), not flush() - Input: xpad - add custom init packet for Xbox One S controllers - Input: i8042 - add ThinkPad S230u to i8042 reset list - Input: synaptics-rmi4 - really fix attn_data use-after-free - Input: synaptics-rmi4 - fix error return code in rmi_driver_probe() - [armel,armhf] 8970/1: decompressor: increase tag size - [arm*] 8843/1: use unified assembler in headers - gpio: exar: Fix bad handling for ida_simple_get error path - IB/qib: Call kobject_put() when kobject_init_and_add() fails - [armhf] dts/imx6q-bx50v3: Set display interface clock parents - [armel,armhf] dts: bcm2835-rpi-zero-w: Fix led polarity - mmc: block: Fix use-after-free issue for rpmb - ALSA: hwdep: fix a left shifting 1 by 31 UB bug - ALSA: hda/realtek - Add a model for Thinkpad T570 without DAC workaround - ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC - exec: Always set cap_ambient in cap_bprm_set_creds - ALSA: usb-audio: Quirks for Gigabyte TRX40 Aorus Master onboard audio - ALSA: hda/realtek - Add new codec supported for ALC287 - libceph: ignore pool overlay and cache logic on redirects - IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode - mm: remove VM_BUG_ON(PageSlab()) from page_mapcount() - include/asm-generic/topology.h: guard cpumask_of_node() macro argument - iommu: Fix reference count leak in iommu_group_alloc. - mmc: core: Fix recursive locking issue in CQE recovery path - RDMA/core: Fix double destruction of uobject - mac80211: mesh: fix discovery timer re-arming issue / crash - [x86] dma: Fix max PFN arithmetic overflow on 32 bit systems - [x86] copy_xstate_to_kernel(): don't leave parts of destination uninitialized - xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input - xfrm: call xfrm_output_gso when inner_protocol is set in xfrm_output - xfrm interface: fix oops when deleting a x-netns interface - xfrm: fix a warning in xfrm_policy_insert_list - xfrm: fix a NULL-ptr deref in xfrm_local_error - xfrm: fix error in comment - vti4: eliminated some duplicate code. - ip_vti: receive ipip packet by calling ip_tunnel_rcv - netfilter: nft_reject_bridge: enable reject with bridge vlan - netfilter: ipset: Fix subcounter update skip - netfilter: nfnetlink_cthelper: unbreak userspace helper support - netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code - esp6: get the right proto for transport mode in esp6_gso_encap - bnxt_en: Fix accumulation of bp->net_stats_prev. - xsk: Add overflow check for u64 division, stored into u32 - qlcnic: fix missing release in qlcnic_83xx_interrupt_test. - bonding: Fix reference count leak in bond_sysfs_slave_add. - netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build - mm/vmalloc.c: don't dereference possible NULL pointer in __vunmap() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.127 - Revert "cgroup: Add memory barriers to plug cgroup_rstat_updated() race window" - libnvdimm: Fix endian conversion issues - HID: sony: Fix for broken buttons on DS3 USB dongles - HID: i2c-hid: add Schneider SCL142ALM to descriptor override - p54usb: add AirVasT USB stick device-id - mmc: fix compilation of user API - scsi: ufs: Release clock if DMA map fails - airo: Fix read overflows sending packets - [x86] drm/i915: fix port checks for MST support on gen >= 11 - [arm64] scsi: hisi_sas: Check sas_port before using it - [powerpc*] powernv: Avoid re-registration of imc debugfs directory - [s390x] ftrace: save traced function caller - drm/edid: Add Oculus Rift S to non-desktop list - [s390x] mm: fix set_huge_pte_at() for empty ptes - null_blk: return error for invalid zone size - [arm64] net: ethernet: stmmac: Enable interface clocks on probe for IPQ806x - [arm64,armhf] net: smsc911x: Fix runtime PM imbalance on error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.128 - devinet: fix memleak in inetdev_init() - l2tp: add sk_family checks to l2tp_validate_socket - l2tp: do not use inet_hash()/inet_unhash() - net: usb: qmi_wwan: add Telit LE910C1-EUX composition - vsock: fix timeout in vsock_accept() - net: check untrusted gso_size at kernel entry - USB: serial: qcserial: add DW5816e QDL support - USB: serial: usb_wwan: do not resubmit rx urb on fatal errors - USB: serial: option: add Telit LE910C1-EUX compositions - [arm64,armhf] usb: musb: start session in resume for host port - [arm64,armhf] usb: musb: Fix runtime PM imbalance on error - vt: keyboard: avoid signed integer overflow in k_ascii (CVE-2020-13974) - tty: hvc_console, fix crashes on parallel open/close - staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK - CDC-ACM: heed quirk also in error handling - [arm64] nvmem: qfprom: remove incorrect write support - uprobes: ensure that uprobe->offset and ->ref_ctr_offset are properly aligned - Revert "net/mlx5: Annotate mutex destroy for root ns" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.129 - ipv6: fix IPV6_ADDRFORM operation logic - net_failover: fixed rollback in net_failover_open() - bridge: Avoid infinite loop when suppressing NS messages with invalid options - vxlan: Avoid infinite loop when suppressing NS messages with invalid options - tun: correct header offsets in napi frags mode - make 'user_access_begin()' do 'access_ok()' (CVE-2018-20669) - [x86] uaccess: Inhibit speculation past access_ok() in user_access_begin() - lib: Reduce user_access_begin() boundaries in strncpy_from_user() and strnlen_user() - btrfs: merge btrfs_find_device and find_device (CVE-2019-18885) - btrfs: Detect unbalanced tree with empty leaf before crashing btree operations - [armel,armhf] 8977/1: ptrace: Fix mask for thumb breakpoint hook - sched/fair: Don't NUMA balance for kthreads - Input: synaptics - add a second working PNP_ID for Lenovo T470s - [powerpc*] xive: Clear the page tables for the ESB IO mapping - ath9k_htc: Silence undersized packet warnings - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated - [x86] cpu/amd: Make erratum #1054 a legacy erratum - perf probe: Accept the instance number of kretprobe event - mm: add kvfree_sensitive() for freeing sensitive data objects - aio: fix async fsync creds - btrfs: tree-checker: Check level for leaves and nodes - [x86] Fix jiffies ODR violation - [x86] PCI: Mark Intel C620 MROMs as having non-compliant BARs - [x86] speculation: Prevent rogue cross-process SSBD shutdown (CVE-2020-10766) - [x86] reboot/quirks: Add MacBook6,1 reboot quirk - efi/efivars: Add missing kobject_put() in sysfs entry creation error path - [i386] ALSA: es1688: Add the missed snd_card_free() - ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines - ALSA: usb-audio: Fix inconsistent card PM state after resume - ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt Dock - [arm64,x86] ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile() - [amd64,arm64] ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe() - [arm64] ACPI: GED: add support for _Exx / _Lxx handler methods - [arm64,x86] ACPI: PM: Avoid using power resources if there are none for D0 - cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages - nilfs2: fix null pointer dereference at nilfs_segctor_do_construct() - [arm*] spi: bcm2835aux: Fix controller unregister order - PM: runtime: clk: Fix clk_pm_runtime_get() error path - [arm64] crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated - ALSA: pcm: disallow linking stream to itself - [x86] {mce,mm}: Unmap the entire page if the whole page is affected and poisoned - [x86] KVM: Fix APIC page invalidation race - [x86] kvm: Fix L1TF mitigation for shadow MMU - [x86] KVM: x86/mmu: Consolidate "is MMIO SPTE" code - [x86] KVM: only do L1TF workaround on affected processors - [x86] speculation: Change misspelled STIPB to STIBP - [x86] speculation: Add support for STIBP always-on preferred mode - [x86] speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS. (CVE-2020-10767) - [x86] speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches. (CVE-2020-10768) - spi: No need to assign dummy value in spi_unregister_controller() - spi: Fix controller unregister order - [amd64] spi: pxa2xx: Fix controller unregister order - [arm*] spi: bcm2835: Fix controller unregister order - [amd64] spi: pxa2xx: Balance runtime PM enable/disable on error - [amd64] spi: pxa2xx: Fix runtime PM ref imbalance on probe error - crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req() - crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() - crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() - ovl: initialize error in ovl_copy_xattr - proc: Use new_inode not new_inode_pseudo - [x86] KVM: nSVM: fix condition for filtering async PF - [x86] KVM: nSVM: leave ASID aside in copy_vmcb_control_area - [x86] KVM: nVMX: Consult only the "basic" exit reason when routing nested exit - [arm64] KVM: Make vcpu_cp1x() work on Big Endian hosts - scsi: megaraid_sas: TM command refire leads to controller firmware crash - ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx - ath9k: Fix use-after-free Write in ath9k_htc_rx_msg - ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb - mm/slub: fix a memory leak in sysfs_slab_add() - fat: don't allow to mount if the FAT length == 0 - perf: Add cond_resched() to task_function_call() - [x86] agp/intel: Reinforce the barrier after GTT updates - [arm64] mmc: sdhci-msm: Clear tuning done flag while hs400 tuning - mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card() - xen/pvcalls-back: test for errors when calling backend_connect() - [arm64] KVM: Synchronize sysreg state on injecting an AArch32 exception - [arm64] ACPI: GED: use correct trigger type field in _Exx / _Lxx handling - [arm64] drm: bridge: adv7511: Extend list of audio sample rates - [x86] crypto: ccp -- don't "select" CONFIG_DMADEVICES - media: si2157: Better check for running tuner in init - [amd64] spi: pxa2xx: Apply CS clk quirk to BXT - [amd64] net: atlantic: make hw_get_regs optional - net: ena: fix error returning in ena_com_get_hash_function() - [arm64] insn: Fix two bugs in encoding 32-bit logical immediates - ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K - Bluetooth: Add SCO fallback for invalid LMP parameters error - [armhf] clocksource: dw_apb_timer: Make CPU-affiliation being optional - [armhf] clocksource: dw_apb_timer_of: Fix missing clockevent timers - btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums - batman-adv: Revert "disable ethtool link speed detection when auto negotiation off" - [armhf] mmc: meson-mx-sdio: trigger a soft reset after a timeout or CRC error - [x86] kvm/hyper-v: Explicitly align hcall param for kvm_hyperv_exit - [x86] net: vmxnet3: fix possible buffer overflow caused by bad DMA value in vmxnet3_get_rss() - brcmfmac: fix wrong location to get firmware feature - e1000: Distribute switch variables for initialization - dt-bindings: display: mediatek: control dpi pins mode to avoid leakage - audit: fix a net reference leak in audit_send_reply() - media: dvb: return -EREMOTEIO on i2c transfer failure. - [mips*] Make sparse_init() using top-down allocation - Bluetooth: btbcm: Add 2 missing models to subver tables - audit: fix a net reference leak in audit_list_rules_send() - netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported - exit: Move preemption fixup up, move blocking operations down - sched/core: Fix illegal RCU from offline CPUs - drivers/perf: hisi: Fix typo in events attribute array - [armhf] net: allwinner: Fix use correct return type for ndo_start_xmit() - xfs: clean up the error handling in xfs_swap_extents - Crypto/chcr: fix for ccm(aes) failed test - [mips*] cm: Fix an invalid error code of INTVN_*_ERR - xfs: reset buffer write failure state on successful completion - xfs: fix duplicate verification from xfs_qm_dqflush() - [x86] platform/x86: intel-vbtn: Use acpi_evaluate_integer() - [x86] platform/x86: intel-vbtn: Split keymap into buttons and switches parts - [x86] platform/x86: intel-vbtn: Do not advertise switches to userspace if they are not there - [x86] platform/x86: intel-vbtn: Also handle tablet-mode switch on "Detachable" and "Portable" chassis-types - nvme: refine the Qemu Identify CNS quirk - ath10k: Remove msdu from idr when management pkt send fails - [arm64] wcn36xx: Fix error handling path in 'wcn36xx_probe()' - net: qed*: Reduce RX and TX default ring count when running inside kdump kernel - mt76: avoid rx reorder buffer overflow - md: don't flush workqueue unconditionally in md_open - veth: Adjust hard_start offset on redirect XDP frames - net/mlx5e: IPoIB, Drop multicast packets that this interface sent - rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup() - mwifiex: Fix memory corruption in dump_station - [x86] boot: Correct relocation destination on old linkers - [x86] mm: Stop printing BRK addresses - btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a new qgroup - macvlan: Skip loopback packets in RX handler - PCI: Don't disable decoding when mmio_always_on is set - [mips*] Fix IRQ tracing when call handle_fpe() and handle_msa_fpe() - bcache: fix refcount underflow in bcache_device_free() - [arm64] mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk - mmc: via-sdmmc: Respect the cmd->busy_timeout from the mmc core - ixgbe: fix signed-integer-overflow warning - [armhf] mmc: sdhci-esdhc-imx: fix the mask for tuning start point - cpuidle: Fix three reference count leaks - [x86] platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32() - [x86] platform/x86: intel-hid: Add a quirk to support HP Spectre X2 (2015) - [x86] platform/x86: intel-vbtn: Only blacklist SW_TABLET_MODE on the 9 / "Laptop" chasis-type - btrfs: include non-missing as a qualifier for the latest_bdev - btrfs: send: emit file capabilities after chown - mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked() - mm: initialize deferred pages with interrupts enabled - ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max - ext4: fix error pointer dereference - ext4: fix race between ext4_sync_parent() and rename() - PCI: Avoid Pericom USB controller OHCI/EHCI PME# defect - PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0 - PCI: Avoid FLR for AMD Starship USB 3.0 - PCI: Add ACS quirk for iProc PAXB - PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints - PCI: Remove unused NFP32xx IDs - [x86] hwmon/k10temp, x86/amd_nb: Consolidate shared device IDs - [x86] amd_nb: Add PCI device IDs for family 17h, model 30h - PCI: add USR vendor id and use it in r8169 and w6692 driver - PCI: Move Synopsys HAPS platform device IDs - PCI: Move Rohm Vendor ID to generic list - misc: pci_endpoint_test: Add the layerscape EP device support - misc: pci_endpoint_test: Add support to test PCI EP in AM654x - PCI: Add Synopsys endpoint EDDA Device ID - PCI: Add NVIDIA GPU multi-function power dependencies - PCI: Enable NVIDIA HDA controllers - [x86] amd_nb: Add PCI device IDs for family 17h, model 70h - ALSA: lx6464es - add support for LX6464ESe pci express variant - PCI: Add Genesys Logic, Inc. Vendor ID - PCI: Add Amazon's Annapurna Labs vendor ID - PCI: vmd: Add device id for VMD device 8086:9A0B - [x86] amd_nb: Add Family 19h PCI IDs - PCI: Add Loongson vendor ID - serial: 8250_pci: Move Pericom IDs to pci_ids.h - PCI: Make ACS quirk implementations more uniform - PCI: Unify ACS quirk desired vs provided checking - PCI: Generalize multi-function power dependency device links - btrfs: fix error handling when submitting direct I/O bio - btrfs: fix wrong file range cleanup after an error filling dealloc range - PCI: Program MPS for RCiEP devices - e1000e: Disable TSO for buffer overrun workaround - e1000e: Relax condition to trigger reset for ME workaround - carl9170: remove P2P_GO support - media: go7007: fix a miss of snd_card_free (CVE-2019-20810) - Bluetooth: hci_bcm: fix freeing not-requested IRQ - b43legacy: Fix case where channel status is corrupted - b43: Fix connection problem with WPA3 - b43_legacy: Fix connection problem with WPA3 - igb: Report speed and duplex as unknown when device is runtime suspended - [arm64,armhf] power: vexpress: add suppress_bind_attrs to true - [armhf] pinctrl: samsung: Correct setting of eint wakeup mask on s5pv210 - [armhf] pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs - gnss: sirf: fix error return code in sirf_probe() - dm crypt: avoid truncating the logical block size - kernel/cpu_pm: Fix uninitted local in cpu_pm - [armhf] tegra: Correct PL310 Auxiliary Control Register initialization - [powerpc*] 64s: Don't let DT CPU features set FSCR_DSCR - [powerpc*] 64s: Save FSCR to init_task.thread.fscr after feature init - sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate registrations. - sunrpc: clean up properly in gss_mech_unregister() - [armhf] w1: omap-hdq: cleanup to add missing newline for some dev_dbg - perf probe: Do not show the skipped events - perf probe: Fix to check blacklist address correctly - perf probe: Check address correctness by map instead of _etext - perf symbols: Fix debuginfo search for Ubuntu https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.130 - [arm64,armhf] clk: sunxi: Fix incorrect usage of round_down() - [arm64,armhf] ASoC: tegra: tegra_wm8903: Support nvidia, headset property - i2c: piix4: Detect secondary SMBus controller on AMD AM4 chipsets - [x86] iio: pressure: bmp280: Tolerate IRQ before registering - [arm64] clk: qcom: msm8916: Fix the address location of pll->config_reg - [arm64] backlight: lp855x: Ensure regulators are disabled on probe failure - [armhf] ASoC: davinci-mcasp: Fix dma_chan refcnt leak when getting dma type - [armel] integrator: Add some Kconfig selections - scsi: qedi: Check for buffer overflow in qedi_set_path() - ALSA: hda/realtek - Introduce polarity for micmute LED GPIO - [i386] ALSA: isa/wavefront: prevent out of bounds write in ioctl - PCI: Allow pci_resize_resource() for devices on root bus - scsi: qla2xxx: Fix issue with adapter's stopping state - [x86] iio: bmp280: fix compensation of humidity - f2fs: report delalloc reserve as non-free in statfs for project quota - [x86] i2c: pxa: clear all master action bits in i2c_pxa_stop_message() - [armhf] clk: samsung: Mark top ISP and CAM clocks on Exynos542x as critical - usblp: poison URBs upon disconnect - serial: 8250: Fix max baud limit in generic 8250 port - dm mpath: switch paths in dm_blk_ioctl() code path - [arm64] PCI: aardvark: Don't blindly enable ASPM L0s and don't write to read-only register - vfio/pci: fix memory leaks in alloc_perm_bits() - RDMA/mlx5: Add init2init as a modify command - scsi: lpfc: Fix lpfc_nodelist leak when processing unsolicited event - [powerpc*] perf/hv-24x7: Fix inconsistent output values incase multiple hv-24x7 events run - nfsd: Fix svc_xprt refcnt leak when setup callback client failed - [amd64] PCI: vmd: Filter resource type bits from shadow register - [powerpc*] crashkernel: Take "mem=" option into account - yam: fix possible memory leak in yam_init_driver - apparmor: fix introspection of of task mode for unconfined tasks - apparmor: check/put label on apparmor_sk_clone_security() - scsi: sr: Fix sr_probe() missing deallocate of device minor - [powerpc*] scsi: ibmvscsi: Don't send host info in adapter info MAD after LPM - apparmor: fix nnp subset test for unconfined - [x86] purgatory: Disable various profiling and sanitizing options - scsi: qedi: Do not flush offload work if ARP not resolved - [armhf] dts: sun8i-h2-plus-bananapi-m2-zero: Fix led polarity - scsi: qedf: Fix crash when MFW calls for protocol stats while function is still probing - [arm64] firmware: qcom_scm: fix bogous abuse of dma-direct internals - ALSA: usb-audio: Improve frames size computation - ALSA: usb-audio: Fix racy list management in output queue - [s390x] qdio: put thinint indicator after early error - tty: hvc: Fix data abort due to race in hvc_open - [armhf] thermal/drivers/ti-soc-thermal: Avoid dereferencing ERR_PTR - [arm64,armhf] usb: dwc3: gadget: Properly handle failed kick_transfer - [mips64el,mipsel] staging: sm750fb: add missing case while setting FB_VISUAL - [arm64,i386] i2c: pxa: fix i2c_pxa_scream_blue_murder() debug output - [arm*] serial: amba-pl011: Make sure we initialize the port.lock spinlock - drivers: base: Fix NULL pointer exception in __platform_driver_probe() if a driver developer is foolish - PCI/ASPM: Allow ASPM on links to PCIe-to-PCI/PCI-X Bridges - scsi: qla2xxx: Fix warning after FC target reset - scsi: mpt3sas: Fix double free warnings - [arm64,armhf] pinctrl: rockchip: fix memleak in rockchip_dt_node_to_map - [armhf] clk: ti: composite: fix memory leak - PCI: Fix pci_register_host_bridge() device_register() error handling - [powerpc*] Don't initialise init_task->thread.regs - tty: n_gsm: Fix SOF skipping - tty: n_gsm: Fix waking up upper tty layer when room available - HID: Add quirks for Trust Panora Graphic Tablet - ipmi: use vzalloc instead of kmalloc for user creation - [powerpc*] pseries/ras: Fix FWNMI_VALID off by one - vfio-pci: Mask cap zero - usb/ohci-platform: Fix a warning when hibernating - [arm64] drm/msm/mdp5: Fix mdp5_init error path for failed mdp5_kms allocation - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT8-A tablet - [armhf] USB: host: ehci-mxc: Add error handling in ehci_mxc_drv_probe() - tty: n_gsm: Fix bogus i++ in gsm_data_kick - scsi: target: tcmu: Userspace must not complete queued commands - [powerpc*] 64s/pgtable: fix an undefined behaviour - dm zoned: return NULL if dmz_get_zone_for_reclaim() fails to find a zone - PCI/PTM: Inherit Switch Downstream Port PTM settings from Upstream Port - [arm64,armhf] PCI: dwc: Fix inner MSI IRQ domain registration - IB/cma: Fix ports memory leak in cma_configfs - [arm*] usb: dwc2: gadget: move gadget resume after the core is in L0 state - usb: gadget: Fix issue with config_ep_by_speed function - RDMA/iw_cxgb4: cleanup device debugfs entries on ULD remove - [x86] apic: Make TSC deadline timer detection message visible - scsi: target: tcmu: Fix a use after free in tcmu_check_expired_queue_cmd() - [arm*] clk: bcm2835: Fix return type of bcm2835_register_gate - [ppc64el] KVM: Book3S HV: Ignore kmemleak false positives - net: sunrpc: Fix off-by-one issues in 'rpc_ntop6' - NFSv4.1 fix rpc_call_done assignment for BIND_CONN_TO_SESSION - of: Fix a refcounting bug in __of_attach_node_sysfs() - rxrpc: Adjust /proc/net/rxrpc/calls to display call->debug_id not user_ID - gfs2: Allow lock_nolock mount to specify jid=X - scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj - scsi: ufs: Don't update urgent bkops level when toggling auto bkops - [armhf] pinctrl: freescale: imx: Fix an error handling path in 'imx_pinctrl_probe()' - geneve: change from tx_error to tx_dropped on missing metadata - lib/zlib: remove outdated and incorrect pre-increment optimization - blktrace: use errno instead of bi_status - blktrace: fix endianness in get_pdu_int() - blktrace: fix endianness for blk_log_remap() - gfs2: fix use-after-free on transaction ail lists - drivers/perf: hisi: Fix wrong value for all counters enable - afs: Fix memory leak in afs_put_sysnames() - ASoC: core: only convert non DPCM link to DPCM link - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT10-A tablet - ASoC: rt5645: Add platform-data for Asus T101HA - [arm64,armhf] drm/sun4i: hdmi ddc clk: Fix size of m divider - [x86] idt: Keep spurious entries unset in system_vectors - net/filter: Permit reading NET in load_bytes_relative when MAC not set - xdp: Fix xsk_generic_xmit errno - [arm64,armhf] usb/xhci-plat: Set PM runtime as active on resume - usb: host: ehci-platform: add a quirk to avoid stuck - usb/ehci-platform: Set PM runtime as active on resume - perf report: Fix NULL pointer dereference in hists__fprintf_nr_sample_events() - ext4: stop overwrite the errcode in ext4_setup_super - bcache: fix potential deadlock problem in btree_gc_coalesce (CVE-2020-12771) - afs: Fix non-setting of mtime when writing into mmap - afs: afs_write_end() should change i_size under the right lock - block: Fix use-after-free in blkdev_get() - [arm64] hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints - libata: Use per port sync for detach - drm: encoder_slave: fix refcouting error for modules - drm/dp_mst: Reformat drm_dp_check_act_status() a bit - drm/qxl: Use correct notify port address when creating cursor ring - selinux: fix double free - ext4: fix partial cluster initialization when splitting extent - ext4: avoid race conditions when remounting with options that change dax - drm/dp_mst: Increase ACT retry timeout to 3s - block: nr_sects_write(): Disable preemption on seqcount write - mtd: rawnand: Pass a nand_chip object to nand_scan() - mtd: rawnand: Pass a nand_chip object to nand_release() - mtd: rawnand: diskonchip: Fix the probe error path - [armel,armhf] mtd: rawnand: orion: Fix the probe error path - [s390x] fix syscall_get_error for compat processes - [x86] drm/i915: Whitelist context-local timestamp in the gen9 cmdparser - [x86] drm/i915/icl+: Fix hotplug interrupt disabling after storm detection - crypto: algif_skcipher - Cap recv SG list at ctx->used - crypto: algboss - don't wait during notifier callback - kprobes: Fix to protect kick_kprobe_optimizer() by kprobe_mutex - e1000e: Do not wake up the system via WOL if device wakeup is disabled - [mips*] net: octeon: mgmt: Repair filling of RX ring - kretprobe: Prevent triggering kretprobe from within kprobe_flush_task - sched/rt, net: Use CONFIG_PREEMPTION.patch - net: core: device_rename: Use rwsem instead of a seqcount - md: add feature flag MD_FEATURE_RAID0_LAYOUT - [x86] kvm: Move kvm_set_mmio_spte_mask() from x86.c to mmu.c - [x86] kvm: Fix reserved bits related calculation errors caused by MKTME - [x86] KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.131 - net: be more gentle about silly gso requests coming from user - block/bio-integrity: don't free 'buf' if bio_integrity_add_page() failed - fanotify: fix ignore mask logic for events on child and on dir - [armhf] mtd: rawnand: marvell: Fix the condition on a return code - net: sched: export __netdev_watchdog_up() - [x86] EDAC/amd64: Add Family 17h Model 30h PCI IDs - [arm64,armhf] i2c: tegra: Cleanup kerneldoc comments - [arm64,armhf] i2c: tegra: Add missing kerneldoc for some fields - [arm64,armhf] i2c: tegra: Fix Maximum transfer size - ALSA: hda/realtek - Enable the headset of ASUS B9450FA with ALC294 - ALSA: hda/realtek: Enable mute LED on an HP system - ALSA: hda/realtek - Enable micmute LED on and HP system - apparmor: don't try to replace stale label in ptraceme check (Closes: #963493) - [ppc64el] ibmveth: Fix max MTU limit - mld: fix memory leak in ipv6_mc_destroy_dev() - net: bridge: enfore alignment for ethernet address - net: fix memleak in register_netdevice() - net: place xmit recursion in softnet data - net: use correct this_cpu primitive in dev_recursion_level - net: increment xmit_recursion level in dev_direct_xmit() - net: usb: ax88179_178a: fix packet alignment padding - rxrpc: Fix notification call on completion of discarded calls - sctp: Don't advertise IPv4 addresses if ipv6only is set on the socket - tcp: don't ignore ECN CWR on pure ACK - tcp: grow window for OOO packets only for SACK flows - tg3: driver sleeps indefinitely when EEH errors exceed eeh_max_freezes - ip6_gre: fix use-after-free in ip6gre_tunnel_lookup() - net: phy: Check harder for errors in get_phy_id() - ip_tunnel: fix use-after-free in ip_tunnel_lookup() - sch_cake: don't try to reallocate or unshare skb unconditionally - sch_cake: fix a few style nits - tcp_cubic: fix spurious HYSTART_DELAY exit upon drop in min RTT - sch_cake: don't call diffserv parsing code when it is not needed - net: Fix the arp error in some cases - net: Do not clear the sock TX queue in sk_set_socket() - net: core: reduce recursion limit value - [arm*] usb: dwc2: Postponed gadget registration to the udc class driver - usb: add USB_QUIRK_DELAY_INIT for Logitech C922 - USB: ehci: reopen solution for Synopsys HC bug - xhci: Poll for U0 after disabling USB2 LPM - [armhf] usb: host: ehci-exynos: Fix error check in exynos_ehci_probe() - ALSA: usb-audio: add quirk for Denon DCD-1500RE - ALSA: usb-audio: add quirk for Samsung USBC Headset (AKG) - ALSA: usb-audio: Fix OOB access of mixer element list - [s390x] scsi: zfcp: Fix panic on ERP timeout for previously dismissed ERP action - xhci: Fix incorrect EP_STATE_MASK - xhci: Fix enumeration issue when setting max packet size for FS devices. - xhci: Return if xHCI doesn't support LPM - cdc-acm: Add DISABLE_ECHO quirk for Microchip/SMSC chip - loop: replace kill_bdev with invalidate_bdev - IB/mad: Fix use after free when destroying MAD agent - cifs/smb3: Fix data inconsistent when punch hole - cifs/smb3: Fix data inconsistent when zero file range - xfrm: Fix double ESP trailer insertion in IPsec crypto offload. - efi/esrt: Fix reference count leak in esre_create_sysfs_entry. - [armhf] regualtor: pfuze100: correct sw1a/sw2 on pfuze3000 - [armhf] ASoC: fsl_ssi: Fix bclk calculation for mono channel - [armhf] dts: Fix duovero smsc interrupt for suspend - regmap: Fix memory leak from regmap_register_patch - rxrpc: Fix handling of rwind from an ACK packet - RDMA/qedr: Fix KASAN: use-after-free in ucma_event_handler+0x532 - RDMA/cma: Protect bind_list and listen_list while finding matching cm id - RDMA/mad: Fix possible memory leak in ib_mad_post_receive_mads() - net: qed: fix left elements count calculation - net: qed: fix NVMe login fails over VFs - net: qed: fix excessive QM ILT lines consumption - cxgb4: move handling L2T ARP failures to caller - [armhf] imx5: add missing put_device() call in imx_suspend_alloc_ocram() - netfilter: ipset: fix unaligned atomic access - i2c: core: check returned size of emulated smbus block read - sched/deadline: Initialize ->dl_boosted - sched/core: Fix PI boosting between RT and DEADLINE tasks - ata/libata: Fix usage of page address by page_address in ata_scsi_mode_select_xlat function - net: alx: fix race condition in alx_remove - [s390x] ptrace: fix setting syscall number - [s390x] vdso: fix vDSO clock_getres() - kbuild: improve cc-option to clean up all temporary files - blktrace: break out of blktrace setup on concurrent calls - ALSA: hda: Add NVIDIA codec IDs 9a & 9d through a0 to patch table - ALSA: hda/realtek - Add quirk for MSI GE63 laptop - [x86,arm64] ACPI: sysfs: Fix pm_profile_attr type - [x86] KVM: Fix MSR range of APIC registers in X2APIC mode - [x86] KVM: nVMX: Plumb L2 GPA through to PML emulation - [amd64] x86/asm/64: Align start of __clear_user() loop to 16-bytes - btrfs: fix data block group relocation failure due to concurrent scrub - btrfs: fix failure of RWF_NOWAIT write into prealloc extent beyond eof - mm/slab: use memzero_explicit() in kzfree() - ocfs2: avoid inode removal while nfsd is accessing it - ocfs2: load global_inode_alloc - ocfs2: fix value of OCFS2_INVALID_SLOT - ocfs2: fix panic on nfs server over ocfs2 - [arm64] perf: Report the PC value in REGS_ABI_32 mode - tracing: Fix event trigger to accept redundant spaces - ring-buffer: Zero out time extend if it is nested and not absolute - drm/radeon: fix fb_div check in ni_init_smc_spll_table() - [x86,arm64] Staging: rtl8723bs: prevent buffer overflow in update_sta_support_rate() - sunrpc: fixed rollback in rpc_gssd_dummy_populate() - SUNRPC: Properly set the @subbuf parameter of xdr_buf_subsegment() - pNFS/flexfiles: Fix list corruption if the mirror count changes - NFSv4 fix CLOSE not waiting for direct IO compeletion - dm writecache: correct uncommitted_block when discarding uncommitted entry - dm writecache: add cond_resched to loop in persistent_memory_claim() - xfs: add agf freeblocks verify in xfs_agf_verify (CVE-2020-12655) - Revert "tty: hvc: Fix data abort due to race in hvc_open" . [ Salvatore Bonaccorso ] * [rt] Add new signing key for Tom Zanussi * nfsd: apply umask on fs without ACL support (Closes: #962254) * [rt] Update to 4.19.120-rt52: - tasklet: Address a race resulting in double-enqueue - hrtimer: fix logic for when grabbing softirq_expiry_lock can be elided * [rt] Update to 4.19.124-rt53 * [rt] Update to 4.19.127-rt55: - fs/dcache: Include swait.h header - mm: slub: Always flush the delayed empty slubs in flush_all() - tasklet: Fix UP case for tasklet CHAINED state * usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect (CVE-2020-15393) . [ Ben Hutchings ] * [rt] Update "net: move xmit_recursion to per-task variable on -RT" to apply on top of "net: place xmit recursion in softnet data" * [rt] Drop "net: Add a mutex around devnet_rename_seq", redundant with "net: Introduce net_rwsem to protect net_namespace_list" * [rt] Drop idle task related parts of "sched: Move mmdrop to RCU on RT", redundant with "sched/core: Fix illegal RCU from offline CPUs" * Bump ABI to 10 . [ YunQiang Su ] * [mips*]: Do not enable MIPS_O32_FP64_SUPPORT, since golang hasn't been migrated to FPXX yet and this breaks the golang packages on Octeon hardware. In turns this disables MSA on 32-bit kernels. . [ Luca Boccassi ] * [cloud] Enable INFINIBAND configs for HyperV/Azure (Closes: #958300) linux-signed-i386 (4.19.118+2+deb10u1) buster-security; urgency=high . * Sign kernel from linux 4.19.118-2+deb10u1 . [ Salvatore Bonaccorso ] * selinux: properly handle multiple messages in selinux_netlink_send() (CVE-2020-10751) * fs/namespace.c: fix mountpoint reference counter race (CVE-2020-12114) * USB: core: Fix free-while-in-use bug in the USB S-Glibrary (CVE-2020-12464) * [x86] KVM: SVM: Fix potential memory leak in svm_cpu_init() (CVE-2020-12768) * scsi: sg: add sg_remove_request in sg_write (CVE-2020-12770) * USB: gadget: fix illegal array access in binding with UDC (CVE-2020-13143) * netlabel: cope with NULL catmap (CVE-2020-10711) * fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() (CVE-2020-10732) * kernel/relay.c: handle alloc_percpu returning NULL in relay_open (CVE-2019-19462) * mm: Fix mremap not considering huge pmd devmap (CVE-2020-10757) * [x86] KVM: nVMX: Always sync GUEST_BNDCFGS when it comes from vmcs01 * KVM: Introduce a new guest mapping API * [arm64] kvm: fix compilation on aarch64 * [s390x] kvm: fix compilation on s390 * [s390x] kvm: fix compile on s390 part 2 * KVM: Properly check if "page" is valid in kvm_vcpu_unmap * [x86] kvm: Introduce kvm_(un)map_gfn() (CVE-2019-3016) * [x86] kvm: Cache gfn to pfn translation (CVE-2019-3016) * [x86] KVM: Make sure KVM_VCPU_FLUSH_TLB flag is not missed (CVE-2019-3016) * [x86] KVM: Clean up host's steal time structure (CVE-2019-3016) * include/uapi/linux/swab.h: fix userspace breakage, use __BITS_PER_LONG for swap (Closes: #960271) . [ Ben Hutchings ] * propagate_one(): mnt_set_mountpoint() needs mount_lock * [x86] Add support for mitigation of Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543): - x86/cpu: Add 'table' argument to cpu_matches() - x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation - x86/speculation: Add SRBDS vulnerability and mitigation documentation - x86/speculation: Add Ivy Bridge to affected list * [x86] speculation: Do not match steppings, to avoid an ABI change linux-signed-i386 (4.19.118+2+deb10u1~bpo9+1) stretch-backports; urgency=medium . * Sign kernel from linux 4.19.118-2+deb10u1~bpo9+1 . * Rebuild for stretch-backports; no further changes required lirc (0.10.1-6.2~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster. * Disable patches for Raspbian (0.10.1-6) and python3.8 (0.10.1-6.1). . lirc (0.10.1-6.2) unstable; urgency=medium . * Non-maintainer upload. * Revert "Revert "Do not install conffiles in a dummy location"" (0.10.1-5.2). (Closes: #932779, #851618) * d/lirc.maintscript: rm_conffile /etc/lirc/*.dist because they are most likely unmodified, don't mv_conffile them to =~ s/\.dist// to avoid clashes with existing and possibly modified configuration files. * d/lirc.preinst: Remove unmodified configuration files that are unknown to dpkg to avoid prompting when replacing them with conffiles. . lirc (0.10.1-6.1) unstable; urgency=medium . * Non-maintainer upload. * Fix time.clock usage. Closes: #949835. . lirc (0.10.1-6) unstable; urgency=medium . * Team upload * debian/patches/lirc-gpio-ir-0.10.patch: - fix for kernel 4.19 (Closes: #931078, 930485). lirc (0.10.1-6.1) unstable; urgency=medium . * Non-maintainer upload. * Fix time.clock usage. Closes: #949835. lirc (0.10.1-6) unstable; urgency=medium . * Team upload * debian/patches/lirc-gpio-ir-0.10.patch: - fix for kernel 4.19 (Closes: #931078, 930485). mailutils (1:3.5-4) buster; urgency=medium . * [CVE-2019-18862] Add patch from Sergey to have maidag drop setuid privileges for all delivery operations but mda (closes: #944265). Note that this security issue only affects systems that install maidag setuid, which is not the default in Debian. mariadb-10.3 (1:10.3.23-0+deb10u1) buster; urgency=high . * SECURITY UPDATE: New upstream version 10.3.23. Includes fixes for the following security vulnerabilities (Closes: #961849): - CVE-2020-2752 - CVE-2020-2760 - CVE-2020-2812 - CVE-2020-2814 - CVE-2020-13249 * Backport upstream patch to fix regression in RocksDB ZSTD detection which prevents a serious bug and also autopkgtest detectable regression. * Update libmariadb symbols for upstream release 3.1.8. Upstream added one new symbol and it needs to be tracked in the symbols file. mariadb-10.3 (1:10.3.22-1) unstable; urgency=medium . [ Otto Kekäläinen ] * New upstream version 10.3.22. Includes security fixes for: - CVE-2020-2574 * Update conflicts/breaks/replaces for MySQL 8.0 * Add Rules-Requires-Root definition to control file * Activate NO_UPDATE_BUILD_VERSION to make RocksDB build reproducible * Strip path from Mroonga to make the build reproducible * Update Debian Policy version * Simplify and extend Gitlab-CI testing by using more of Salsa-CI features * Prefer salsa-ci.yml naming over gitlab-ci.yml since we inherit Salsa-CI * Add Breaks/Replaces for mysql-client-5.7 that ships myisam_ftdump . [ Christian Göttsche ] * Set correct SELinux contexts on package installation (Closes: #948424) mod-gnutls (0.9.0-1.1~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster. . mod-gnutls (0.9.0-1.1) unstable; urgency=medium . * Non-maintainer upload. * Backported patches to fix test failures with the apache CVE-2019-10092 fix. (Closes: #950300) * Disable a test that fails with GnuTLS >= 3.6.11. (Closes: #950301) * Backported a fix for a possible segfault on failed TLS handshake. multipath-tools (0.7.9-3+deb10u1) buster; urgency=medium . * [775fe68] kpartx: use correct path to partx in udev rule (Closes: #959727) mutt (1.10.1-2.1+deb10u3) buster; urgency=medium . * debian/patches: + added imap-preauth-and-ssh-tunnel.patch from upstream, which does not check IMAP preauth in SSH tunnels (Closes: 963970) mutt (1.10.1-2.1+deb10u2) buster-security; urgency=high . * debian/patches: + added security/CVE-not-yet-released.patch to fix a possible MITM response injection attack when using STARTTLS with IMAP, POP3 and SMTP. mutt (1.10.1-2.1+deb10u1) buster-security; urgency=high . * debian/patches: + added security/CVE-2020-14093.patch to fix the relevant CVE related to IMAP MITM attack via a PREAUTH response + added security/CVE-2020-14154.patch to fix the relevant CVE where mutt proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate. mydumper (0.9.5-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Link mydumper against libm. (Closes: #956020) neomutt (20180716+dfsg.1-1+deb10u1) buster-security; urgency=high . * debian/patches: + security/CVE-2020-14093.patch: handle the relevant CVE by removing a potential MITM attack with IMAP. + security/handle-startts.patch: fixes a not yet published CVE where the socket was not completely cleared after STARTTLS netqmail (1.06-6.2~deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Rebuild for buster-security . netqmail (1.06-6.2) unstable; urgency=high . * Address CVE-2005-1513, CVE-2005-1514, CVE-2005-1515, CVE-2020-3811 and CVE-2020-3812 (Closes: #961060) . netqmail (1.06-6.1) unstable; urgency=medium . * Non-maintainer upload. * [fdc8794a] Setup Gitlab continous integration * [73e52807] Fix quotation in postinst (Closes: #866038) * [2fc47776] Make package piupart-clean (Closes: #672155) netqmail (1.06-6.2~deb9u1) stretch-security; urgency=high . * Non-maintainer upload by the Security Team. * Rebuild for stretch-security . netqmail (1.06-6.2) unstable; urgency=high . * Address CVE-2005-1513, CVE-2005-1514, CVE-2005-1515, CVE-2020-3811 and CVE-2020-3812 (Closes: #961060) . netqmail (1.06-6.1) unstable; urgency=medium . * Non-maintainer upload. * [fdc8794a] Setup Gitlab continous integration * [73e52807] Fix quotation in postinst (Closes: #866038) * [2fc47776] Make package piupart-clean (Closes: #672155) netqmail (1.06-6.1) unstable; urgency=medium . * Non-maintainer upload. * [fdc8794a] Setup Gitlab continous integration * [73e52807] Fix quotation in postinst (Closes: #866038) * [2fc47776] Make package piupart-clean (Closes: #672155) nfs-utils (1:1.3.4-2.5+deb10u1) buster; urgency=medium . * statd: take user-id from /var/lib/nfs/sm (CVE-2019-3689) (Closes: #940848) * Don't make /var/lib/nfs owned by statd. Only sm and sm.bak need to be accessible by statd or sm-notify after they drop privileges. * debian/control: Point Vcs URLs to kernel-team namespace repository nginx (1.14.2-2+deb10u2) buster; urgency=medium . * Handle CVE-2019-20372, error page request smuggling (Closes: #948579) nmap (7.70+dfsg1-6+deb10u1) buster; urgency=medium . * d/p/ncat-ssl-key-default-size.patch: Backport patch to fix openssl incompatibility (closes: #940284) node-dot-prop (4.1.1-1+deb10u2) buster; urgency=medium . * Fix regression introduced in CVE-2020-8116 fix (Closes: #960283) node-handlebars (3:4.1.0-1+deb10u2) buster; urgency=medium . * Fix regression introduced in 3:4.1.0-1+deb10u1 node-handlebars (3:4.1.0-1+deb10u1) buster; urgency=medium . * Team upload * Disallow calling "helperMissing" and "blockHelperMissing" directly (Closes: CVE-2019-19919) node-minimist (1.2.0-1+deb10u1) buster; urgency=medium . * Team upload * Fix prototype pollution (Closes: #953762, CVE-2020-7598) nodejs (10.21.0~dfsg-1~deb10u1) buster-security; urgency=medium . * New upstream version 10.21.0~dfsg. Closes: #962145. * Security fixes: + CVE-2020-11080 + CVE-2020-8172 + CVE-2020-8174 nodejs (10.20.1~dfsg-1) unstable; urgency=medium . * New upstream version 10.20.1~dfsg * watch: use xz version * copyright: replace tabs nodejs (10.20.0~dfsg-1) unstable; urgency=medium . * New upstream version 10.20.0~dfsg * Exclude brotli from deps, use system-installed one * Drop ssl111e patch, applied upstream nss (2:3.42.1-1+deb10u3) buster-security; urgency=medium . * CVE-2019-17006 CVE-2019-17023 CVE-2020-12399 CVE-2020-12402 nvidia-graphics-drivers (418.152.00-1) buster; urgency=medium . * New upstream Tesla release 418.152.00 (2020-06-24). * Fixed CVE-2020-5963, CVE-2020-5967. (Closes: #963766) https://nvidia.custhelp.com/app/answers/detail/a_id/5031 . [ Andreas Beckmann ] * Use amd64 Tesla releases for buster. * Refresh patches. * Update lintian overrides. * Upload to buster. . nvidia-graphics-drivers (418.126.02-1) UNRELEASED; urgency=medium . * New upstream Tesla release 418.126.02 (2020-02-28). - Added support for the following GPU: Quadro T2000 with Max-Q Design. . [ Andreas Beckmann ] * Import drmP.patch from Fedora and port it from 390.xx to 418.xx to fix kernel module build for Linux 5.5. (Closes: #951091) * Backport nv_ioremap_nocache changes from 440.64 and nv_proc_ops_t and nv_timeval changes from 440.82 to fix kernel module build for Linux 5.6. (Closes: #956458) * Fix #includes in conftest.sh to fix kernel module build for Linux 5.7, thanks to Jiri Palecek. (Closes: #960735) . nvidia-graphics-drivers (418.116.00-1) UNRELEASED; urgency=medium . * New upstream Tesla release 418.116.00 (2019-12-09). nvidia-graphics-drivers (418.152.00-1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. . nvidia-graphics-drivers (418.152.00-1) buster; urgency=medium . * New upstream Tesla release 418.152.00 (2020-06-24). * Fixed CVE-2020-5963, CVE-2020-5967. (Closes: #963766) https://nvidia.custhelp.com/app/answers/detail/a_id/5031 . [ Andreas Beckmann ] * Use amd64 Tesla releases for buster. * Refresh patches. * Update lintian overrides. * Upload to buster. . nvidia-graphics-drivers (418.126.02-1) UNRELEASED; urgency=medium . * New upstream Tesla release 418.126.02 (2020-02-28). - Added support for the following GPU: Quadro T2000 with Max-Q Design. . [ Andreas Beckmann ] * Import drmP.patch from Fedora and port it from 390.xx to 418.xx to fix kernel module build for Linux 5.5. (Closes: #951091) * Backport nv_ioremap_nocache changes from 440.64 and nv_proc_ops_t and nv_timeval changes from 440.82 to fix kernel module build for Linux 5.6. (Closes: #956458) * Fix #includes in conftest.sh to fix kernel module build for Linux 5.7, thanks to Jiri Palecek. (Closes: #960735) . nvidia-graphics-drivers (418.116.00-1) UNRELEASED; urgency=medium . * New upstream Tesla release 418.116.00 (2019-12-09). . nvidia-graphics-drivers (418.113-1) buster; urgency=medium . * New upstream long lived branch release 418.113 (2019-11-05). - Updated the Module.symvers sanity check, which is part of the NVIDIA kernel module build process, to accommodate the recent addition of a new field in the Module.symvers file format. This fixes the error "The Module.symvers file is missing [...]" seen during driver installation or DKMS rebuilds with Linux 5.4 RC kernels. - Fixed a bug that prevented NVIDIA GPUs from entering the low-power D3 state when entering suspend-to-idle (s2idle). Note that on some systems this may expose an existing timing issue in the Linux kernel; see the "Known Issues and Workarounds" section of the "Configuring Power Management Support" chapter of the README for more details. . [ Andreas Beckmann ] * Update nv-readme.ids. * Refresh patches. * debian/gen-control.pl: Support substitutions in the Architecture field and skip packages with empty or commented Architecture field (430.50-2). * Prepare infrastructure for packaging Tesla 418 driver releases (available for amd64 (including some i386 libs) and ppc64el) (430.50-2). * Create and commit tarball symlinks for legacy branches (430.64-1). * nvidia-detect: Add PCI ID list for 418.74 in buster (430.64-2). * nvidia-detect: Add support for Tesla 418 drivers (430.64-2). * nvidia-detect: The 340xx legacy driver will not be in bullseye (430.64-5). * Allow alternative libnvidia-{tesla,legacy-*}-ml1 packages to substitute libnvidia-ml1 (430.64-2). - Add Provides: libnvidia-ml.so.1 (= ${nvidia:Version}). - Generate alternative versioned dependency on libnvidia-ml.so.1 through the symbols file. * Allow alternative libnvidia-{tesla,legacy-*}-cuda1 packages to substitute libcuda1 in third-party packages (430.64-3). - Add Provides: libcuda.so.1 (= ${nvidia:Version}). - Generate alternative versioned dependency on libcuda.so.1 through the symbols file. * Use substitution to keep Standards-Version in sync (430.64-5). * Insert '-' between suffix ending with digit and SOVERSION (435.21-3). * Rename "legacy" variables to more generic "variant" (440.44-2). * bug-control: Report information about more (virtual) packages (440.64-2). * Prepare infrastructure for packaging Tesla 440 driver releases (available for amd64 (including some i386 libs) and ppc64el) (440.64-2). * Bump Standards-Version to 4.5.0. No changes needed. * Update lintian overrides. * Upload to buster. . nvidia-graphics-drivers (418.88-1) unstable; urgency=medium . * New upstream long lived branch release 418.88 (2019-07-29). * Improved compatibility with recent Linux kernels. (Closes: #934290, #934344, #934648) . [ Andreas Beckmann ] * Bump Standards-Version to 4.4.0. No changes needed. . nvidia-graphics-drivers (418.87.01-1) UNRELEASED; urgency=medium . * New upstream Tesla release 418.87.01 (2019-10-03). * New upstream Tesla release 418.87.00 (2019-08-13). - Added support for the following GPUs: Quadro P520, Quadro RTX 3000, Quadro RTX 3000 with Max-Q Design, Quadro RTX 4000 with Max-Q Design, Quadro RTX 5000 with Max-Q Design, Quadro T1000, Quadro T2000. - Fixed a bug, introduced in 415.13, that caused audio over DisplayPort to not work in some configurations. . [ Andreas Beckmann ] * Update nv-readme.ids. * Backport fixes for Linux 5.2/5.3 from 418.88. nvidia-graphics-drivers-legacy-390xx (390.138-1~deb10u1) buster; urgency=medium . * Rebuild for buster. . nvidia-graphics-drivers-legacy-390xx (390.138-1) unstable; urgency=medium . * New upstream legacy branch release 390.138 (2020-06-24). * Fixed CVE-2020-5963, CVE-2020-5967. (Closes: #963908) https://nvidia.custhelp.com/app/answers/detail/a_id/5031 - Fixed a driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "implicit declaration of function 'timespec_to_ns'". - Fixed a driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "implicit declaration of function 'getrawmonotonic'". - Fixed a driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "implicit declaration of function 'getnstimeofday'". - Fixed a driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "dereferencing pointer to incomplete type 'struct timeval'". - Fixed a driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "implicit declaration of function 'jiffies_to_timespec'". - Fixed driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "passing argument 4 of 'proc_create_data' from incompatible pointer type". - Fixed driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "implicit declaration of function 'ioremap_nocache'". - Fixed driver installation failure on Oracle Linux 7.7 systems, where the NVIDIA kernel module failed to build with error "unknown type name 'vm_fault_t'". - Add PRIME Synchronization support for Linux kernel 5.4 and newer. . [ Andreas Beckmann ] * Refresh patches. * Update lintian overrides. . nvidia-graphics-drivers-legacy-390xx (390.132-5) unstable; urgency=medium . * Fix #includes in conftest.sh to fix kernel module build for Linux 5.7, thanks to Jiri Palecek. (Closes: #960735) . nvidia-graphics-drivers-legacy-390xx (390.132-4) unstable; urgency=medium . * Backport nv_ioremap_nocache changes from 440.64 and nv_proc_ops_t and nv_timeval changes from 440.82 to fix kernel module build for Linux 5.6. (Closes: #956458) nvidia-graphics-drivers-legacy-390xx (390.138-1~deb10u1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. . nvidia-graphics-drivers-legacy-390xx (390.138-1~deb10u1) buster; urgency=medium . * Rebuild for buster. . nvidia-graphics-drivers-legacy-390xx (390.138-1) unstable; urgency=medium . * New upstream legacy branch release 390.138 (2020-06-24). * Fixed CVE-2020-5963, CVE-2020-5967. (Closes: #963908) https://nvidia.custhelp.com/app/answers/detail/a_id/5031 - Fixed a driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "implicit declaration of function 'timespec_to_ns'". - Fixed a driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "implicit declaration of function 'getrawmonotonic'". - Fixed a driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "implicit declaration of function 'getnstimeofday'". - Fixed a driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "dereferencing pointer to incomplete type 'struct timeval'". - Fixed a driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "implicit declaration of function 'jiffies_to_timespec'". - Fixed driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "passing argument 4 of 'proc_create_data' from incompatible pointer type". - Fixed driver installation failure on Linux kernel 5.6 release candidates, where the NVIDIA kernel module failed to build with error "implicit declaration of function 'ioremap_nocache'". - Fixed driver installation failure on Oracle Linux 7.7 systems, where the NVIDIA kernel module failed to build with error "unknown type name 'vm_fault_t'". - Add PRIME Synchronization support for Linux kernel 5.4 and newer. . [ Andreas Beckmann ] * Refresh patches. * Update lintian overrides. . nvidia-graphics-drivers-legacy-390xx (390.132-5) unstable; urgency=medium . * Fix #includes in conftest.sh to fix kernel module build for Linux 5.7, thanks to Jiri Palecek. (Closes: #960735) . nvidia-graphics-drivers-legacy-390xx (390.132-4) unstable; urgency=medium . * Backport nv_ioremap_nocache changes from 440.64 and nv_proc_ops_t and nv_timeval changes from 440.82 to fix kernel module build for Linux 5.6. (Closes: #956458) . nvidia-graphics-drivers-legacy-390xx (390.132-3~deb10u1) buster; urgency=medium . * Rebuild for buster. . nvidia-graphics-drivers-legacy-390xx (390.132-3) unstable; urgency=medium . [ Andreas Beckmann ] * bug-control: Report information about more (virtual) packages (440.64-2). * Update lintian overrides. . [ Luca Boccassi ] * Import drmP.patch from Fedora to fix kernel module build failure for Linux 5.5 and newer. (Closes: #951091) . nvidia-graphics-drivers-legacy-390xx (390.132-2) unstable; urgency=medium . * Create and commit tarball symlinks for legacy branches (430.64-1). * Allow alternative libnvidia-{tesla,legacy-*}-ml1 packages to substitute libnvidia-ml1 (430.64-2). - Add Provides: libnvidia-ml.so.1 (= ${nvidia:Version}). - Generate alternative versioned dependency on libnvidia-ml.so.1 through the symbols file. * Allow alternative libnvidia-{tesla,legacy-*}-cuda1 packages to substitute libcuda1 in third-party packages (430.64-3). - Add Provides: libcuda.so.1 (= ${nvidia:Version}). - Generate alternative versioned dependency on libcuda.so.1 through the symbols file. * Use substitution to keep Standards-Version in sync (430.64-5). * Insert '-' between suffix ending with digit and SOVERSION (435.21-3). * Rename "legacy" variables to more generic "variant" (440.44-2). * Bump Standards-Version to 4.5.0. No changes needed. . nvidia-graphics-drivers-legacy-390xx (390.132-1) unstable; urgency=medium . * New upstream legacy branch release 390.132 (2019-11-08). - Fixed kernel module build problems with Linux kernel 5.4.0 release candidates. - Updated nvidia-bug-report.sh to collect information about X server crashes from coredumpctl, when available. . [ Andreas Beckmann ] * Refresh patches. . nvidia-graphics-drivers-legacy-390xx (390.129-2) unstable; urgency=medium . * Add mobile Kepler GPUs to supported EoL models. The are dropped from the mainline driver in the 430 series. https://nvidia.custhelp.com/app/answers/detail/a_id/4779 https://nvidia.custhelp.com/app/answers/detail/a_id/4788 * debian/gen-control.pl: Support substitutions in the Architecture field and skip packages with empty or commented Architecture field (430.50-2). * Bump Standards-Version to 4.4.1. No changes needed. . nvidia-graphics-drivers-legacy-390xx (390.129-1) unstable; urgency=medium . * New upstream legacy branch release 390.129 (2019-07-29). - Improved nvidia-bug-report.sh to grab the output of the `vulkaninfo` command when it is available. * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Bump Standards-Version to 4.4.0. No changes needed. . nvidia-graphics-drivers-legacy-390xx (390.116-2) unstable; urgency=medium . [ Kevin Locke ] * Backport changes from 418.74 and 430.14 to support building the module for Linux 5.1 and 5.2. (Closes: #928634) nvidia-graphics-drivers-legacy-390xx (390.132-5) unstable; urgency=medium . * Fix #includes in conftest.sh to fix kernel module build for Linux 5.7, thanks to Jiri Palecek. (Closes: #960735) nvidia-graphics-drivers-legacy-390xx (390.132-4) unstable; urgency=medium . * Backport nv_ioremap_nocache changes from 440.64 and nv_proc_ops_t and nv_timeval changes from 440.82 to fix kernel module build for Linux 5.6. (Closes: #956458) nvidia-graphics-drivers-legacy-390xx (390.132-3) unstable; urgency=medium . [ Andreas Beckmann ] * bug-control: Report information about more (virtual) packages (440.64-2). * Update lintian overrides. . [ Luca Boccassi ] * Import drmP.patch from Fedora to fix kernel module build failure for Linux 5.5 and newer. (Closes: #951091) openstack-debian-images (1.36+deb10u1) buster; urgency=medium . * Add the resolvconf if installing cloud-init, needed in case a VM gets the DNS configuration from configdrive instead of DHCP. More on this can be found here: https://bugs.launchpad.net/cloud-init/+bug/1850310. pagekite (0.5.9.3-2+deb10u1) buster; urgency=medium . [ Sunil Mohan Adapa ] * Fix issue with expired internal certificates. Use Debian certificates instead of internal certificate. (Closes: #961984) pdfchain (1:0.4.4.2-1+deb10u1) buster; urgency=medium . * Fix crash at startup. (LP: #1685778) (Closes: #725859) pdns-recursor (4.1.11-1+deb10u1) buster-security; urgency=high . * Fix security issues CVE-2020-10995 CVE-2020-12244 CVE-2020-10030 perl (5.28.1-6+deb10u1) buster; urgency=medium . * Multiple regexp security fixes (Closes: #962005) + [SECURITY] CVE-2020-10543: Buffer overflow caused by a crafted regular expression + [SECURITY] CVE-2020-10878: Integer overflow via malformed bytecode produced by a crafted regular expression + [SECURITY] CVE-2020-12723: Buffer overflow caused by a crafted regular expression * Fix FTBFS with IPv6-only host (Closes: #962019) php-horde (5.2.20+debian0-1+deb10u2) buster; urgency=medium . * CVE-2020-8035: Don't allow to view images inline if opened directly. * debian/patches/0001-Fix-rewrite-base.patch: Trivial rebase. php-horde-gollem (3.0.12-3+deb10u1) buster; urgency=medium . * debian/patches: + Add CVE-2020-8034.patch. Fix XSS vulnerability in breadcrumb output (Reported by: polict of Shielder). (Closes: #961649, CVE-2020-8034). php7.3 (7.3.19-1~deb10u1) buster-security; urgency=high . * New upstream version 7.3.15 + Fixed bug #79082 (Files added to tar with Phar::buildFromIterator have all-access permissions). (CVE-2020-7063) + Fixed bug #79171 (heap-buffer-overflow in phar_extract_file). (CVE-2020-7061) + Fixed bug #79221 (Null Pointer Dereference in PHP Session Upload Progress). (CVE-2020-7062) * New upstream version 7.3.16 + Fixed bug #79371 (mb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full). (CVE-2020-7065) + Fixed bug #79329 (get_headers() silently truncates after a null byte). (CVE-2020-7066) * New upstream version 7.3.17 + Fixed bug #79465 (OOB Read in urldecode()). (CVE-2020-7067) * New upstream version 7.3.18 + Fixed bug #78875 (Long filenames cause OOM and temp files are not cleaned). (CVE-2019-11048) + Fixed bug #78876 (Long variables in multipart/form-data cause OOM and temp files are not cleaned). (CVE-2019-11048) * New upstream version 7.3.19 * php-fpm has to depend on procps due kill usage in systemd service file (Closes: #861855) php7.3 (7.3.15-3) unstable; urgency=medium . * Remove /etc/init/php@PHP_VERSION@-fpm.conf, not /etc/init/php@PHP_VERSION@.conf php7.3 (7.3.15-2) unstable; urgency=medium . * Remove the PIDFile= setting from systemd unit file (it should not be needed with Type=notify) * Use php-fpm-socket-helper from php-common >= 1:73 to update the default socket * Fixup upstart removal (missing prepare-files update) (Closes: #951745) php7.3 (7.3.15-1) unstable; urgency=medium . * Remove upstart support, use systemd-tmpfiles to create tmpfiles (Closes: #923032) * New upstream version 7.3.15 php7.3 (7.3.14-1~deb10u1) buster-security; urgency=medium . * New upstream version 7.3.14 * Disable MySQL X Plugin in the tests * Use mysqld --initialize-insecure for MySQL 8.0 (for Ubuntu 19.10) * Remove --skip-grant-tables to fix FTBFS with MySQL 8.0 * Remove --without-mysqlx from MySQL 5.7 php7.3 (7.3.12-1) unstable; urgency=medium . * Use mysqld --initialize-insecure for MySQL 8.0 (for Ubuntu 19.10) * Disable MySQL X Plugin in the tests * Remove --skip-grant-tables to fix FTBFS with MySQL 8.0 * Remove --without-mysqlx from MySQL 5.7 * New upstream version 7.3.12 pillow (5.4.1-2+deb10u2) buster; urgency=medium . * CVE-2020-11538 CVE-2020-10378 CVE-2020-10177 policyd-rate-limit (1.0.1.1-0+deb10u1) buster; urgency=medium . * Team upload * New upstream release 1.0.1.1 - Fixes issues in accounting due to socket reuse (Closes: #960792) - Fixes undeclared variable issue * Updated upstream's signing key postfix (3.4.14-0+deb10u1) buster; urgency=medium . [Cody Brownstein] . * README.Debian corrections: - Fix instructions wrt SMTP generic mapping - Fix authentication configuration example . [Scott Kitterman] . * Updated debian/watch to track postfix 3.4 series for stable updates * Check GPG signature when downloading new versions via uscan . [Wietse Venema] . * 3.4.11 - No changes that affect Debian 10 (Buster) . * 3.4.12 - Bugfix: segfault in the tlsproxy client role when the server role was disabled. This typically happens on systems that do not receive mail, after configuring connection reuse for outbound TLS. Found during program maintenance. File: tlsproxy/tlsproxy.c. . - Bugfix (introduced: Postfix 3.4): maillog_file_rotate_suffix default value used the minute instead of the month. Reported by Larry Stone. Files: conf/postfix-tls-script, proto/MAILLOG_README.html, proto/postconf.proto. global/mail_params.h, postfix/postfix.c. . - Bitrot: avoid U_FILE_ACCESS_ERROR after chroot(), by initializing the ICU library before making the chroot() call. Files: util/midna_domain.[hc], global/mail_params.c. . - Noise suppression: avoid "SSL_Shutdown:shutdown while in init" warnings. File: tls/tls_session.c. . - Bugfix (introduced: Postfix 2.2): a TLS error for a PostgreSQL client caused a false 'lost connection' error for an SMTP over TLS session in the same Postfix process. Reported by Alexander Vasarab, diagnosed by Viktor Dukhovni. File: tls/tls_bio_ops.c. . - Bugfix (introduced: Postfix 2.8): a TLS error for one TLS session may cause a false 'lost connection' error for a concurrent TLS session in the same tlsproxy process. File: tlsproxy/tlsproxy.c. . * 3.4.13 - Bugfix (introduced: Postfix 3.1): "postfix tls deploy-server-cert" did not handle a missing optional argument. File: conf/postfix-tls-script. . - Bugfix (introduced: Postfix 3.4): in the Postfix SMTP server, the SNI callback reported an error when it was called a second time. This happened after the server-side TLS engine sent a TLSv1.3 HelloRetryRequest (HRR) to a remote SMTP client. Reported by Ján Máté, fixed by Viktor Dukhovni. File: tls/tls_misc.c. . * 3.4.14 - Bugfix (introduced: Postfix 3.4): the connection_reuse attribute in smtp_tls_policy_maps resulted in an "invalid attribute name" error. Fix by Thorsten Habich. File: smtp/smtp_tls_policy.c. . - Bugfix (introduced: Postfix 3.4): SMTP over TLS connection reuse was broken for configurations that use explicit trust anchors. Reported by Thorsten Habich. Cause: the tlsproxy client was sending a zero certificate length. File: tls/tls_proxy_client_print.c. . - Bugfix (introduced: Postfix 3.4): SMTP over TLS connection reuse was broken for configurations that use explicit trust anchors. Reported by Thorsten Habich. Fixed by calling DANE initialization unconditionally (WTF). File: tlsproxy/tlsproxy.c. . - Bugfix (introduced: Postfix 2.11): The Postfix smtp(8) client did not send the right SNI name when the TLSA base domain was a secure CNAME expansion of the MX hostname (or non-MX nexthop domain). Domains with CNAME expanded MX hosts are not conformant with RFC5321, and so are rare. Even more rare are MX hosts with TLSA records for their CNAME expansion. For this to matter, the remote SMTP server would also have to select its certificate based on the SNI name in such a way that the original MX host would yield a different certificate. Among the ~2 million hosts in the DANE survey, none meet the conditions for returning a different certificate for the expanded CNAME. Therefore, sending the correct SNI name should not break existing mail flows. Fixed by Viktor Dukhovni. File: src/tls/tls_client.c. postfix (3.4.10-1) unstable; urgency=medium . [Scott Kitterman] . * Update postfix.postinst text to refer to systemctl vice service . [Wietse Venema] . * 3.4.10 python-django (1:1.11.29-1~deb10u1) buster-security; urgency=high . * New upstream security release (postponed from March 2020): . - CVE-2020-9402: Potential SQL injection via tolerance parameter in GIS functions and aggregates on Oracle . Note that Django 1.11.x left upstream's extended security support on April 1st 2020. For more information, please see: . https://www.djangoproject.com/download/ . * This upload also fixes the following security issues: . - CVE-2020-13254: Potential a data leakage via malformed memcached keys. . In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage. In order to avoid this vulnerability, key validation is added to the memcached cache backends. . - CVE-2020-13596: Possible XSS via admin ForeignKeyRawIdWidget. . Query parameters to the admin ForeignKeyRawIdWidget were not properly URL encoded, posing an XSS attack vector. ForeignKeyRawIdWidget now ensures query parameters are correctly URL encoded. python-markdown2 (2.3.7-2+deb10u1) buster; urgency=medium . * Add d/p/0001 To fix CVE-2020-11888, thanks to Gareth Simpson Closes: #959445 * Add a d/gbp.conf file to ease-up gbp's mind python3.7 (3.7.3-2+deb10u2) buster; urgency=medium . * CVE-2019-20907 * CVE-2020-14422 * CVE-2020-8492 qdirstat (1.5-1+deb10u1) buster; urgency=medium . * Add upstream patch 01-mime-categories-save to fix a bug where user configured MIME categories are not saved. qemu (1:3.1+dfsg-8+deb10u7) buster-security; urgency=medium . * acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch replace acpi-tmr-allow-2-byte-reads.patch with a more complete patch Closes: #964793 * xhci-fix-valid.max_access_size-to-access-address-registers.patch This is another issue revealed after the CVE-2020-13754 fix * slirp-tcp_emu-fix-unsafe-snprintf-usages-CVE-2020-8608.patch (and a preparational patch, slirp-add-fmt-helpers.patch) Closes: CVE-2020-8608 qemu (1:3.1+dfsg-8+deb10u6) buster-security; urgency=high . * revert-memory-accept-mismatching-sizes-in-memory_region_access_valid...patch Closes: CVE-2020-13754, possible OOB memory accesses in a bunch of qemu devices which uses min_access_size and max_access_size Memory API fields. Also closes: CVE-2020-13791 * acpi-tmr-allow-2-byte-reads.patch - fix an issue in MacOS exposed by the previous "revert-.." change (#964247) * exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch CVE-2020-13659: address_space_map in exec.c can trigger a NULL pointer dereference related to BounceBuffer * megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch Closes: #961887, CVE-2020-13362, megasas_lookup_frame in hw/scsi/megasas.c has an OOB read via a crafted reply_queue_head field from a guest OS user * megasas-use-unsigned-type-for-positive-numeric-fields.patch fix other possible cases like in CVE-2020-13362 (#961887) * megasas-fix-possible-out-of-bounds-array-access.patch Some tracepoints use a guest-controlled value as an index into the mfi_frame_desc[] array. Thus a malicious guest could cause a very low impact OOB errors here * es1370-check-total-frame-count-against-current-frame-CVE-2020-13361.patch Closes: #961888, CVE-2020-13361, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation * slirp-drop-bogus-IPv6-messages-CVE-2020-10756.patch Closes: CVE-2020-10756, possible OOB read in icmp6_send_echoreply() raspi3-firmware (1.20190215-1+deb10u4) buster; urgency=medium . * Fixes ugly typo that _still_ caused unbootable systems :-( Thanks to Thorsten Glaser for a sharp set of eyes! (Closes: #961377) * Updated Vcs-Git, Vcs-Browser redis (5:5.0.3-4+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix integer overflow in embedded lua_struct.c (CVE-2020-14147) resource-agents (1:4.2.0-2+deb10u2) buster; urgency=medium . * debian/patches: add ipsrcaddr-proto.patch (Closes: #963691) roundcube (1.3.14+dfsg.1-1~deb10u1) buster-security; urgency=high . * New upstream release, with security fix for CVE-2020-15562: Cross-Site Scripting (XSS) vulnerability via HTML messages with malicious svg/namespace (Closes: #964355) roundcube (1.3.13+dfsg.1-1~deb10u1) buster-security; urgency=high . * New security upstream release, with fixes for: - CVE-2020-13964: Cross-Site Scripting (XSS) vulnerability in template object 'username' (Closes: #962124) - CVE-2020-13965: Cross-Site Scripting (XSS) vulnerability via malicious XML messages (Closes: #962123) roundcube (1.3.11+dfsg.1-1~deb10u1) buster-security; urgency=high . * New security upstream release, with fixes for: - CVE-2020-12625: Cross-Site Scripting (XSS) vulnerability via malicious HTML messages (closes: #959140) - CVE-2020-12626: CSRF attack can cause an authenticated user to be logged out (closes: #959142) roundcube (1.3.10+dfsg.1-1) unstable; urgency=medium . * New upstream release: (Closes: #927713) - Fixes CVE-2019-10740 . [ Guilhem Moulin ] * Backport fix for CVE-2018-1000071: Insecure Permissions vulnerability in enigma plugin that can result in exfiltration of gpg private key. https://github.com/roundcube/roundcubemail/issues/6173 (Closes: #897014) * New upstream release (1.3.9). (Closes: #898068) * d/roundcube-core.config: Honor debconf setting roundcube/language, by skipping the relevant part at pre-configure stage. (Closes: #923142) * d/roundcube-core.postinst: Create temporary configuration file atomically. * d/upstream/signing-key.asc: Minimize OpenPGP certificate. * Add new plugins to roundcube-plugins: 'attachment_reminder' (closes: #918126), 'example_addressbook', 'identicon', 'identity_select' and 'redundant_attachments'. * d/control: Bump Standards-Version to 4.3.0 (no changes needed). ruby-json (2.1.0+dfsg-2+deb10u1) buster; urgency=high . * Add patch to fix unsafe object creation vulnerability. (Fixes: CVE-2020-10663) ruby-sanitize (4.6.6-2.1~deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Rebuild for buster-security . ruby-sanitize (4.6.6-2.1) unstable; urgency=medium . * Non-maintainer upload. * fix: Don't treat :remove_contents as `true` when it's an Array * feat: Remove useless filtered element content by default * Fix sanitization bypass in HTML foreign content (CVE-2020-4054) (Closes: #963808) ruby2.5 (2.5.5-3+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Add patch to fix: - CVE-2020-10663: unsafe object creation vulnerability in JSON. - CVE-2020-10933: do not return uninitialized buffer. salt (2018.3.4+dfsg1-6+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix CVE-2020-11651: Resolve issue which allows access to un-intended methods in the ClearFuncs class of the salt-master process (Closes: #959684) * Fix CVE-2020-11652: Sanitize paths in ClearFuncs methods provided by salt-master (Closes: #959684) * Add note about log messages to hardening salt docs * salt-api NET API with the ssh client enabled is vulnerable to command injection (CVE-2019-17361) (Closes: #949222) shim (15+1533136590.3beb971-7+deb10u1) buster; urgency=medium . [ Steve McIntyre ] * Minimal-change upload to pick up rotated Debian signing keys * In the -helpers-ARCH-signed packages, change the version dependency on shim-unsigned to be >= and not =. This will allow for installation to still work in the window while we wait for the template package to do its second trip through the archive. Closes: #955356 shim-helpers-amd64-signed (1+15+1533136590.3beb971+7+deb10u1) buster; urgency=medium . * Update to shim 15+1533136590.3beb971-7+deb10u1 shim-helpers-arm64-signed (1+15+1533136590.3beb971+7+deb10u1) buster; urgency=medium . * Update to shim 15+1533136590.3beb971-7+deb10u1 shim-helpers-i386-signed (1+15+1533136590.3beb971+7+deb10u1) buster; urgency=medium . * Update to shim 15+1533136590.3beb971-7+deb10u1 speedtest-cli (2.0.2-1+deb10u1) buster; urgency=medium . * Pass correct headers to fix upload speed test (Closes: #940165) squid (4.6-1+deb10u3) buster-security; urgency=medium . * CVE-2019-18860 * CVE-2020-1504 squid (4.6-1+deb10u2) buster-security; urgency=high . [ Amos Jeffries <amosjeffries@squid-cache.org> ] * debian/patches/ - Multiple Issues in HTTP Request processing (CVE-2019-12520) (CVE-2019-12524) - Heap Overflow issue in URN processing (CVE-2019-12526) - Multiple issues in URI processing (CVE-2019-12523) (CVE-2019-18676) - Cross-Site Request Forgery issue in HTTP Request processing (CVE-2019-18677) - HTTP Request Splitting issue in HTTP message processing (CVE-2019-18678) - Information Disclosure issue in HTTP Digest Authentication (CVE-2019-18679) - Multiple issues in ESI Response processing (CVE-2019-12519) (CVE-2019-12521) - Improper Input Validation issues in HTTP Request processing (CVE-2020-8449) (CVE-2020-8450) - Information Disclosure issue in FTP Gateway (CVE-2019-12528) - Multiple issues in HTTP Digest authentication (CVE-2020-11945) ssvnc (1.0.29-4+deb10u1) buster; urgency=medium . * Non-maintainer upload by the LTS team. * Porting of libvncclient security patches (Closes: #945827): - CVE-2018-20020: heap out-of-bound write vulnerability inside structure in VNC client code. - CVE-2018-20021: CWE-835: Infinite loop vulnerability in VNC client code. - CVE-2018-20022: CWE-665: Improper Initialization vulnerability. - CVE-2018-20024: null pointer dereference that can result DoS. storebackup (3.2.1-2~deb10u1) buster; urgency=medium . * QA upload. * Rebuild for buster. . storebackup (3.2.1-2) unstable; urgency=medium . * QA upload. * Set maintainer to Debian QA Group. (see #856299) * Add patch to change the way the lockfile is opened in the Perl code. (Fixes: CVE-2020-7040) (Closes: #949393) storebackup (3.2.1-2~deb9u1) stretch; urgency=medium . * QA upload. * Rebuild for stretch. . storebackup (3.2.1-2) unstable; urgency=medium . * QA upload. * Set maintainer to Debian QA Group. (see #856299) * Add patch to change the way the lockfile is opened in the Perl code. (Fixes: CVE-2020-7040) (Closes: #949393) suricata (1:4.1.2-2+deb10u1) buster; urgency=medium . * Include patch for issue fixed upstream, see bug report below. Closes: #951181 thunderbird (1:68.10.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security thunderbird (1:68.10.0-1~deb9u1) stretch-security; urgency=medium . * Rebuild for stretch-security thunderbird (1:68.9.0-1) unstable; urgency=medium . [ intrigeri ] * [fd13825] AppArmor: update profile from upstream at commit 860d2d9 (Closes: #960465) . [ Carsten Schoenert ] * [c310c40] New upstream version 68.9.0 Fixed CVE issues in upstream version 68.9.0 (MFSA 2020-22): CVE-2020-12399: Timing attack on DSA signatures in NSS library CVE-2020-12405: Use-after-free in SharedWorkerService CVE-2020-12406: JavaScript Type confusion with NativeTypes CVE-2020-12410: Memory safety bugs fixed in Thunderbird 68.9.0 CVE-2020-12398: Security downgrade with IMAP STARTTLS leads to information leakage thunderbird (1:68.9.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security (Closes: #960465) thunderbird (1:68.9.0-1~deb9u1) stretch-security; urgency=medium . * Rebuild for stretch-security (Closes: #960465) thunderbird (1:68.8.1-1) unstable; urgency=medium . * [7495e7a] New upstream version 68.8.1 thunderbird (1:68.8.0-1) unstable; urgency=medium . * [9b5ae46] New upstream version 68.8.0 Fixed CVE issues in upstream version 68.8.0 (MFSA 2020-18): CVE-2020-12397: Sender Email Address Spoofing using encoded Unicode characters CVE-2020-12387: Use-after-free during worker shutdown CVE-2020-6831: Buffer overflow in SCTP chunk input validation CVE-2020-12392: Arbitrary local file access with 'Copy as cURL' CVE-2020-12393: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection CVE-2020-12395: Memory safety bugs fixed in Thunderbird 68.8.0 thunderbird (1:68.8.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security thunderbird (1:68.8.0-1~deb9u1) stretch-security; urgency=medium . * Rebuild for stretch-security thunderbird (1:68.7.0-1) unstable; urgency=medium . * [c0052af] New upstream version 68.7.0 Fixed CVE issues in upstream version 68.7.0 (MFSA 2020-14): CVE-2020-6819: Use-after-free while running the nsDocShell destructor CVE-2020-6820: Use-after-free when handling a ReadableStream CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage method CVE-2020-6822: Out of bounds write in GMPDecodeData when processing large images CVE-2020-6825: Memory safety bugs fixed in Thunderbird 68.7 tigervnc (1.9.0+dfsg-3+deb10u2) buster; urgency=medium . [ Joachim Falk ] * Don't use libunwind for armel, armhf, and arm64 as this library is buggy (bug #923962) on those architectures (Closes: #932499). tomcat9 (9.0.31-1~deb10u2) buster-security; urgency=high . * Team upload. . [ Emmanuel Bourg ] * Fixed CVE-2020-13935: WebSocket Denial of Service. The payload length in a WebSocket frame was not correctly validated. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service. * Fixed CVE-2020-13934: HTTP/2 Denial of Service. An h2c direct connection did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service. . [ Markus Koschany ] * Fix CVE-2020-9484: When using Apache Tomcat an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassNameFilter="null" (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be deserialized; and d) the attacker knows the relative file path from the storage location used by FileStore to the file the attacker has control over; then, using a specifically crafted request, the attacker will be able to trigger remote code execution via deserialization of the file under their control. Note that all of conditions a) to d) must be true for the attack to succeed. * Fix CVE-2020-11996: A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive. tomcat9 (9.0.31-1~deb10u1) buster-security; urgency=high . * Team upload. * Backport 9.0.31-1 to Buster to fix CVE-2020-1938, CVE-2020-1935, CVE-2019-17569, CVE-2019-17563, CVE-2019-12418 and CVE-2019-10072. The fix for CVE-2020-1938 may require configuration changes when Tomcat is used with the AJP protocol, e.g. in combination with libapache-mod-jk. For instance the attribute secretRequired is set to true by default now. Server admins should carefully investigate the impact of the changes before upgrading. See also https://tomcat.apache.org/tomcat-9.0-doc/config/ajp.html tomcat9 (9.0.31-1~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. tomcat9 (9.0.27-1) unstable; urgency=medium . * New upstream release - Refreshed the patches * Standards-Version updated to 4.4.1 tomcat9 (9.0.24-1) unstable; urgency=medium . * New upstream release - Refreshed the patches tomcat9 (9.0.22-1) unstable; urgency=medium . * New upstream release - Refreshed the patches * Track and download the new releases from GitHub * Standards-Version updated to 4.4.0 tomcat9 (9.0.16-5) experimental; urgency=low . * Team upload. * Upload to experimental to get wider testing and availability * debian/logging.properties: Add commented-out non-systemd configuration * Make tomcat9 installable without systemd: - Readd logic to create the system user via adduser - Add sysvinit script, for init independence (Closes: #925473) * debian/README.Debian: Document non-systemd risks * Do not read /etc/default/tomcat9 twice trafficserver (8.0.2+ds-1+deb10u3) buster-security; urgency=high . * Add fix from upstream for CVE-2020-9494 (Closes: #963629) transmission (2.94-2+deb10u1) buster; urgency=medium . * CVE-2018-10756 (Closes: #961461) unbound (1.9.0-2+deb10u2) buster-security; urgency=high . * Apply NLnet Labs patch for CVE-2020-12662, CVE-2020-12663 vlc (3.0.11-0+deb10u1) buster-security; urgency=high . * New upstream release - Fix heap-based buffer overflow in hxxx_nal (CVE-2020-13428) vlc (3.0.11-0+deb9u1) stretch-security; urgency=high . * New upstream release - Fix heap-based buffer overflow in hxxx_nal (CVE-2020-13428) * debian/patches: Drop patches integrated upstream vlc (3.0.10-2) unstable; urgency=medium . * debian/: - Bump debhleper compat to 13 - Disable srt until the package is fixed - Build omxil plugin only on Raspbian (Closes: #957915) vlc (3.0.10-1) unstable; urgency=medium . * New upstream release wav2cdr (2.3.4-2+deb10u1) buster; urgency=medium . * QA upload. * Use C99 fixed-size integer types to fix runtime assertion on 64bit architectures other than amd64 and alpha. (Closes: #956927) * Stop linking to the dead Homepage. webkit2gtk (2.28.3-2~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. webkit2gtk (2.28.3-1) unstable; urgency=high . * New upstream release. * debian/rules: + Remove disabling of openjpeg on Ubuntu, it's in main now (thanks, Sebastien Bacher) * debian/patches/dont-fallback-to-libwpe.patch: + Drop this patch. * debian/copyright: + Update copyright information of all files. webkit2gtk (2.28.2-2) unstable; urgency=high . * debian/patches/dont-fallback-to-libwpe.patch: + Fix crash when DISPLAY is unset (Closes: #956219). webkit2gtk (2.28.2-2~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. webkit2gtk (2.28.2-2~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. webkit2gtk (2.28.2-1) unstable; urgency=high . * New upstream release (Closes: #956837). * debian/patches/fix-ftbfs-mips64el.patch: + Drop this patch. * debian/rules: + Don't set -Wall or -Wl,--as-needed, these are already used by default. Fixes the debian-rules-uses-as-needed-linker-flag lintian warning. + Include /usr/share/dpkg/buildflags.mk instead of setting the build flags manually. * debian/source/lintian-overrides: + Override mailing-list-obsolete-in-debian-infrastructure. webkit2gtk (2.28.1-2) unstable; urgency=high . * The WebKitGTK security advisory WSA-2020-0004 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2020-11793 (fixed in 2.28.1). * fix-ftbfs-mips64el.patch: + Fix a FTBFS in mipsel64. webkit2gtk (2.28.1-2~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. webkit2gtk (2.28.1-1) unstable; urgency=medium . * New upstream release (Closes: #956219, #954026). * debian/control: + Remove build dependency on libx11-xcb-dev now that gstreamer depends on it (see #948143). * debian/patches/use-python3.patch: + Drop patch, this is now upstream. webkit2gtk (2.28.0-2) unstable; urgency=high . * The WebKitGTK security advisory WSA-2020-0003 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2020-10018 (fixed in 2.28.0). * debian/rules: + Disable the WPE renderer on Ubuntu since the required backend is in universe (thanks, Sebastien Bacher). * debian/gbp.conf: + Update upstream branch name. webkit2gtk (2.28.0-2~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. webkit2gtk (2.28.0-1) experimental; urgency=medium . * New upstream release. * debian/watch: + Scan stable releases only. webkit2gtk (2.27.91-1) experimental; urgency=medium . * New upstream development release. * Refresh debian/patches/dont-detect-sse2.patch. * debian/rules: + Use -mlra -fno-move-loop-invariants in sh3 and sh4 builds (thanks, Adrian Glaubitz) (Closes: #952482). + Use jdupes to remove duplicate files in libwebkit2gtk-4.0-doc. * debian/control: + Add build dependency on jdupes. + Update Standards-Version to 4.5.0 (no changes). * debian/WebKitWebDriver.1: + Fix grammar. * debian/copyright: + Update copyright information of all files. webkit2gtk (2.27.90-1) experimental; urgency=medium . * New upstream development release. * debian/patches/use-python3.patch: + The unversioned python interpreter (i.e. Python 2) is not installed by default anymore, so use Python 3 instead (Closes: #948839). * debian/control: + Drop build dependency on python. + Mark libwebkit2gtk-4.0-doc and libwebkit2gtk-4.0-37-gtk2 as Multi-Arch: foreign. * debian/rules: + Don't use the Gold linker on powerpc (Closes: #949618). + Run dh with --builddirectory=build. Some source files are generated inside this directory and are later referenced from the .gir files so their path names should be independent from the architecture. * Refresh all patches. * debian/patches/reduce-memory-overheads.patch: + Reduce memory usage when not using the Gold linker (Closes: #949621). * debian/patches/fix-ftbfs-m68k.patch: + Bring the patch from the unstable branch. * Add debian/upstream/metadata. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. webkit2gtk (2.27.4-1) experimental; urgency=medium . * New upstream development release. * debian/control: + Switch build dependency from libenchant-dev to libenchant-2-dev (Closes: #948106). + Add build dependency on libx11-xcb-dev. + Add Rules-Requires-Root: no. * debian/source/lintian-overrides: + Update source-is-missing override. * debian/copyright: + Update copyright years. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. + Add Build-Depends-Package field. webkit2gtk (2.27.3-1) experimental; urgency=medium . * New upstream development release. * Build without the bubblewrap sandbox if the required dependencies are not available: + debian/rules: - Pass -DENABLE_BUBBLEWRAP_SANDBOX depending on whether libseccomp is installed. - Add runtime dependencies on bubblewrap and xdg-dbus-proxy conditionally to the status of ENABLE_BUBBLEWRAP_SANDBOX. + debian/control: - Don't require bubblewrap, xdg-dbus-proxy or libseccomp-dev in alpha, ia64, m68k, riscv64, sh4 or sparc64. * Enable USE_WPE_RENDERER: + debian/control: - Add build dependency on libwpebackend-fdo-1.0-dev. + debian/rules: - Set USE_WPE_RENDERER depending on whether wpebackend-fdo is available or not (this allows disabling it by simply removing the build dependency). * debian/rules: + Use -g1 in all builds. The webkit2gtk debug packages are huge and I'm not convinced that they have been very useful for reporting bugs. Using -g1 is enough for a basic backtrace and it makes the packages easier to handle. + Install the NEWS file using debian/libwebkit2gtk-4.0-37.docs. * debian/patches/detect-woff.patch: + Refresh. * debian/control: + Add build dependency on python. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. webkit2gtk (2.27.2-1) experimental; urgency=medium . * New upstream development release. * debian/control: + Require bubblewrap >= 0.3.1. + Update Standards-Version to 4.4.1 (no changes). + Add Breaks for Evolution < 3.34.1 (see WebKit bug #201033). * debian/rules: + Stop building with -O1 for armhf and friends, the build seems to work just fine with -O2 now. * Drop fix-ftbfs-m68k.patch, we are not building for m68k anyway. * debian/source/lintian-overrides: + Update source-is-missing override. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. webkit2gtk (2.27.1-1) experimental; urgency=medium . * New upstream development release. * debian/watch, debian/gbp.conf: + Update for 2.27.x packages in experimental. * Refresh all patches. + Use -DWTF_CPU_ARM64_CORTEXA53=OFF to fix the arm64 build. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. webkit2gtk (2.26.4-1) unstable; urgency=high . * New upstream release. * The WebKitGTK security advisory WSA-2020-0001 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2019-8835, CVE-2019-8844, CVE-2019-8846 (fixed in 2.26.3) * The WebKitGTK security advisory WSA-2020-0002 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868 (fixed in 2.26.4) * debian/rules: + Don't use the Gold linker on powerpc (Closes: #949618). + Run dh with --builddirectory=build. Some source files are generated inside this directory and are later referenced from the .gir files so their path names should be independent from the architecture. * debian/control: + Mark libwebkit2gtk-4.0-doc and libwebkit2gtk-4.0-37-gtk2 as Multi-Arch: foreign. + Update Standards-Version to 4.5.0 (no changes). * debian/patches/reduce-memory-overheads.patch: + Reduce memory usage when not using the Gold linker (Closes: #949621). * debian/patches/fix-ftbfs-m68k.patch: + Update to make it work with the current release (Closes: #949660). * debian/patches/detect-woff.patch: + Refresh. * Add debian/upstream/metadata. wordpress (5.0.10+dfsg1-0+deb10u1) buster-security; urgency=medium . * Security release, fixes 6 security bugs Closes: #962685 - CVE-2020-4046 Authenticated XSS through embed block - CVE-2020-4047 Authenticated XSS via media attachment page - CVE-2020-4048 Open redirect in wp_validate_redirect() - CVE-2020-4049 Authenticated self-XSS via theme uploads - CVE-2020-4050 'set-screen-option' filter misuse by plugins leading to privilege escalation * Prevent unmoderated comments from search engine indexation wordpress (5.0.4+dfsg1-1+deb10u2) buster-security; urgency=medium . * Import of 5.4.1/5.0.9 security release Closes: #959391 - CVE-2020-11025 XSS vulnerability in the navigation section of Customizer allows JavaScript code to be executed. - CVE-2020-11026 uploaded files to Media section to lead to script execution - CVE-2020-11027 Password reset link does not expire - CVE-2020-11028 Private posts can be found through searching by date - CVE-2020-11029 XSS in stats() method in class-wp-object-cache - CVE-2020-11030 Special payload can execute scripts in block editor xen (4.11.4+24-gddaaccbbab-1~deb10u1) buster-security; urgency=high . * Rebuild as Buster security update. xen (4.11.4-1) unstable; urgency=medium . * Update to new upstream version 4.11.4, which also contains security fixes for the following issues: - arm: a CPU may speculate past the ERET instruction XSA-312 (no CVE yet) - multiple xenoprof issues XSA-313 CVE-2020-11740 CVE-2020-11741 - Missing memory barriers in read-write unlock paths XSA-314 CVE-2020-11739 - Bad error path in GNTTABOP_map_grant XSA-316 CVE-2020-11743 - Bad continuation handling in GNTTABOP_copy XSA-318 CVE-2020-11742 * xen-utils and xen-utils-common maint scripts: Replace the previous fix in the xen init script with a better fix in the xen-utils package instead, to prevent calling the init script stop action (resulting in a disappeared xenconsoled) when removing a xen-utils package that belongs to a previous (not currently runing) Xen version. Also prevent the xen-utils-common package from inadvertently calling stop and start actions because dh_installinit would add code for that. (Closes: #932759) * debian/NEWS: Mention fixing #932759 and how to deal with the bug xen (4.11.3+24-g14b62ab3e5-1) unstable; urgency=high . * Update to new upstream version 4.11.3+24-g14b62ab3e5, which also contains the following security fixes: (Closes: #947944) - Unlimited Arm Atomics Operations XSA-295 CVE-2019-17349 CVE-2019-17350 - VCPUOP_initialise DoS XSA-296 CVE-2019-18420 - missing descriptor table limit checking in x86 PV emulation XSA-298 CVE-2019-18425 - Issues with restartable PV type change operations XSA-299 CVE-2019-18421 - add-to-physmap can be abused to DoS Arm hosts XSA-301 CVE-2019-18423 - passed through PCI devices may corrupt host memory after deassignment XSA-302 CVE-2019-18424 - ARM: Interrupts are unconditionally unmasked in exception handlers XSA-303 CVE-2019-18422 - x86: Machine Check Error on Page Size Change DoS XSA-304 CVE-2018-12207 - TSX Asynchronous Abort speculative side channel XSA-305 CVE-2019-11135 - Device quarantine for alternate pci assignment methods XSA-306 CVE-2019-19579 - find_next_bit() issues XSA-307 CVE-2019-19581 CVE-2019-19582 - VMX: VMentry failure with debug exceptions and blocked states XSA-308 CVE-2019-19583 - Linear pagetable use / entry miscounts XSA-309 CVE-2019-19578 - Further issues with restartable PV type change operations XSA-310 CVE-2019-19580 - Bugs in dynamic height handling for AMD IOMMU pagetables XSA-311 CVE-2019-19577 * Add missing CVE numbers to previous changelog entries zipios++ (0.1.5.9+cvs.2007.04.28-10+deb10u1) buster; urgency=high . * fix CVE-2019-13453 for Buster (Closes: #932556) ====================================== Sat, 09 May 2020 - Debian 10.4 released ====================================== ========================================================================= [Date: Sat, 09 May 2020 08:42:51 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: python3-ownet | 3.2p3+dfsg1-2 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by owfs - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:43:49 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: python3-ow | 3.2p3+dfsg1-2+b1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by owfs - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:47:05 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-8-all-amd64 | 4.19.98-1 | amd64 linux-headers-4.19.0-8-amd64 | 4.19.98-1 | amd64 linux-headers-4.19.0-8-cloud-amd64 | 4.19.98-1 | amd64 linux-headers-4.19.0-8-rt-amd64 | 4.19.98-1 | amd64 linux-image-4.19.0-8-amd64-dbg | 4.19.98-1 | amd64 linux-image-4.19.0-8-amd64-unsigned | 4.19.98-1 | amd64 linux-image-4.19.0-8-cloud-amd64-dbg | 4.19.98-1 | amd64 linux-image-4.19.0-8-cloud-amd64-unsigned | 4.19.98-1 | amd64 linux-image-4.19.0-8-rt-amd64-dbg | 4.19.98-1 | amd64 linux-image-4.19.0-8-rt-amd64-unsigned | 4.19.98-1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:47:24 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel ata-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel btrfs-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel cdrom-core-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel compress-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel crc-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel crypto-dm-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel crypto-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel event-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel ext4-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel fat-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel fb-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel firewire-core-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel fuse-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel hfs-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel input-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel isofs-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel jfs-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel kernel-image-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel linux-headers-4.19.0-8-loongson-3 | 4.19.98-1 | mips64el, mipsel linux-image-4.19.0-8-loongson-3 | 4.19.98-1 | mips64el, mipsel linux-image-4.19.0-8-loongson-3-dbg | 4.19.98-1 | mips64el, mipsel loop-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel md-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel minix-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel mtd-core-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel multipath-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel nbd-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel nfs-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel nic-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel nic-shared-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel nic-usb-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel nic-wireless-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel pata-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel ppp-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel sata-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel scsi-core-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel scsi-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel scsi-nic-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel sound-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel speakup-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel squashfs-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel udf-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel usb-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel usb-serial-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel usb-storage-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel xfs-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel zlib-modules-4.19.0-8-loongson-3-di | 4.19.98-1 | mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:47:36 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-8-all-mipsel | 4.19.98-1 | mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:48:00 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el btrfs-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el cdrom-core-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el compress-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el crc-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el crypto-dm-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el crypto-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el event-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el ext4-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el fancontrol-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el fat-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el fb-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el firewire-core-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el fuse-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el hypervisor-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el i2c-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el input-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el isofs-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el jfs-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el kernel-image-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el linux-headers-4.19.0-8-all-ppc64el | 4.19.98-1 | ppc64el linux-headers-4.19.0-8-powerpc64le | 4.19.98-1 | ppc64el linux-image-4.19.0-8-powerpc64le | 4.19.98-1 | ppc64el linux-image-4.19.0-8-powerpc64le-dbg | 4.19.98-1 | ppc64el loop-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el md-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el mouse-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el mtd-core-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el multipath-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el nbd-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el nic-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el nic-shared-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el nic-usb-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el nic-wireless-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el ppp-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el sata-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el scsi-core-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el scsi-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el scsi-nic-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el serial-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el squashfs-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el udf-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el uinput-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el usb-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el usb-serial-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el usb-storage-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el xfs-modules-4.19.0-8-powerpc64le-di | 4.19.98-1 | ppc64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:48:30 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: btrfs-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x cdrom-core-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x compress-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x crc-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x crypto-dm-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x crypto-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x dasd-extra-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x dasd-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x ext4-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x fat-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x fuse-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x isofs-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x kernel-image-4.19.0-8-s390x-di | 4.19.98-1 | s390x linux-headers-4.19.0-8-all-s390x | 4.19.98-1 | s390x linux-headers-4.19.0-8-s390x | 4.19.98-1 | s390x linux-image-4.19.0-8-s390x | 4.19.98-1 | s390x linux-image-4.19.0-8-s390x-dbg | 4.19.98-1 | s390x loop-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x md-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x mtd-core-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x multipath-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x nbd-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x nic-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x scsi-core-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x scsi-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x udf-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x xfs-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x zlib-modules-4.19.0-8-s390x-di | 4.19.98-1 | s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:48:54 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-8-all | 4.19.98-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:49:12 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-8-all-arm64 | 4.19.98-1 | arm64 linux-headers-4.19.0-8-arm64 | 4.19.98-1 | arm64 linux-headers-4.19.0-8-rt-arm64 | 4.19.98-1 | arm64 linux-image-4.19.0-8-arm64-dbg | 4.19.98-1 | arm64 linux-image-4.19.0-8-arm64-unsigned | 4.19.98-1 | arm64 linux-image-4.19.0-8-rt-arm64-dbg | 4.19.98-1 | arm64 linux-image-4.19.0-8-rt-arm64-unsigned | 4.19.98-1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:49:23 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: btrfs-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel cdrom-core-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel compress-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel crc-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel crypto-dm-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel crypto-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel event-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel ext4-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel fat-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel fb-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel fuse-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel input-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel ipv6-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel isofs-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel jffs2-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel jfs-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel kernel-image-4.19.0-8-marvell-di | 4.19.98-1 | armel leds-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel linux-headers-4.19.0-8-all-armel | 4.19.98-1 | armel linux-headers-4.19.0-8-marvell | 4.19.98-1 | armel linux-headers-4.19.0-8-rpi | 4.19.98-1 | armel linux-image-4.19.0-8-marvell | 4.19.98-1 | armel linux-image-4.19.0-8-marvell-dbg | 4.19.98-1 | armel linux-image-4.19.0-8-rpi | 4.19.98-1 | armel linux-image-4.19.0-8-rpi-dbg | 4.19.98-1 | armel loop-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel md-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel minix-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel mmc-core-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel mmc-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel mouse-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel mtd-core-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel mtd-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel multipath-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel nbd-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel nic-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel nic-shared-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel nic-usb-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel ppp-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel sata-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel scsi-core-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel squashfs-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel udf-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel uinput-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel usb-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel usb-serial-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel usb-storage-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel zlib-modules-4.19.0-8-marvell-di | 4.19.98-1 | armel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:49:36 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf btrfs-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf cdrom-core-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf compress-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf crc-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf crypto-dm-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf crypto-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf efi-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf event-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf ext4-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf fat-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf fb-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf fuse-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf i2c-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf input-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf isofs-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf jfs-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf kernel-image-4.19.0-8-armmp-di | 4.19.98-1 | armhf leds-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf linux-headers-4.19.0-8-all-armhf | 4.19.98-1 | armhf linux-headers-4.19.0-8-armmp | 4.19.98-1 | armhf linux-headers-4.19.0-8-armmp-lpae | 4.19.98-1 | armhf linux-headers-4.19.0-8-rt-armmp | 4.19.98-1 | armhf linux-image-4.19.0-8-armmp | 4.19.98-1 | armhf linux-image-4.19.0-8-armmp-dbg | 4.19.98-1 | armhf linux-image-4.19.0-8-armmp-lpae | 4.19.98-1 | armhf linux-image-4.19.0-8-armmp-lpae-dbg | 4.19.98-1 | armhf linux-image-4.19.0-8-rt-armmp | 4.19.98-1 | armhf linux-image-4.19.0-8-rt-armmp-dbg | 4.19.98-1 | armhf loop-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf md-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf mmc-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf mtd-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf multipath-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf nbd-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf nic-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf nic-shared-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf nic-usb-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf nic-wireless-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf pata-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf ppp-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf sata-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf scsi-core-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf scsi-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf scsi-nic-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf squashfs-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf udf-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf uinput-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf usb-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf usb-serial-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf usb-storage-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf zlib-modules-4.19.0-8-armmp-di | 4.19.98-1 | armhf ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:49:48 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-8-686 | 4.19.98-1 | i386 linux-headers-4.19.0-8-686-pae | 4.19.98-1 | i386 linux-headers-4.19.0-8-all-i386 | 4.19.98-1 | i386 linux-headers-4.19.0-8-rt-686-pae | 4.19.98-1 | i386 linux-image-4.19.0-8-686-dbg | 4.19.98-1 | i386 linux-image-4.19.0-8-686-pae-dbg | 4.19.98-1 | i386 linux-image-4.19.0-8-686-pae-unsigned | 4.19.98-1 | i386 linux-image-4.19.0-8-686-unsigned | 4.19.98-1 | i386 linux-image-4.19.0-8-rt-686-pae-dbg | 4.19.98-1 | i386 linux-image-4.19.0-8-rt-686-pae-unsigned | 4.19.98-1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:49:56 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-8-all-mips | 4.19.98-1 | mips ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:50:26 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel btrfs-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel cdrom-core-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel compress-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel crc-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel crypto-dm-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel crypto-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel event-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel ext4-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel fat-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel fuse-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel hfs-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel input-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel isofs-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel jfs-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel kernel-image-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel linux-headers-4.19.0-8-5kc-malta | 4.19.98-1 | mips, mips64el, mipsel linux-headers-4.19.0-8-octeon | 4.19.98-1 | mips, mips64el, mipsel linux-image-4.19.0-8-5kc-malta | 4.19.98-1 | mips, mips64el, mipsel linux-image-4.19.0-8-5kc-malta-dbg | 4.19.98-1 | mips, mips64el, mipsel linux-image-4.19.0-8-octeon | 4.19.98-1 | mips, mips64el, mipsel linux-image-4.19.0-8-octeon-dbg | 4.19.98-1 | mips, mips64el, mipsel loop-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel md-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel minix-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel multipath-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel nbd-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel nic-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel nic-shared-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel nic-usb-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel nic-wireless-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel pata-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel ppp-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel rtc-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel sata-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel scsi-core-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel scsi-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel scsi-nic-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel sound-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel squashfs-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel udf-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel usb-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel usb-serial-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel usb-storage-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel xfs-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel zlib-modules-4.19.0-8-octeon-di | 4.19.98-1 | mips, mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:50:39 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel ata-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel btrfs-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel cdrom-core-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel compress-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel crc-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel crypto-dm-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel crypto-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel event-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel ext4-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel fat-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel fb-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel fuse-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel hfs-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel i2c-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel input-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel isofs-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel jfs-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel kernel-image-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel linux-headers-4.19.0-8-4kc-malta | 4.19.98-1 | mips, mipsel linux-image-4.19.0-8-4kc-malta | 4.19.98-1 | mips, mipsel linux-image-4.19.0-8-4kc-malta-dbg | 4.19.98-1 | mips, mipsel loop-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel md-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel minix-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel mmc-core-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel mmc-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel mouse-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel mtd-core-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel multipath-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel nbd-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel nic-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel nic-shared-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel nic-usb-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel nic-wireless-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel pata-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel ppp-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel sata-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel scsi-core-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel scsi-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel scsi-nic-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel sound-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel squashfs-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel udf-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel usb-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel usb-serial-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel usb-storage-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel xfs-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel zlib-modules-4.19.0-8-4kc-malta-di | 4.19.98-1 | mips, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:50:53 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el ata-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el btrfs-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el cdrom-core-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el compress-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el crc-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el crypto-dm-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el crypto-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el event-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el ext4-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el fat-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el fb-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el fuse-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el hfs-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el i2c-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el input-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el isofs-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el jfs-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el kernel-image-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el linux-headers-4.19.0-8-all-mips64el | 4.19.98-1 | mips64el loop-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el md-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el minix-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el mmc-core-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el mmc-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el mouse-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el mtd-core-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el multipath-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el nbd-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el nic-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el nic-shared-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el nic-usb-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el nic-wireless-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el pata-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el ppp-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el sata-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el scsi-core-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el scsi-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el scsi-nic-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el sound-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el squashfs-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el udf-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el usb-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el usb-serial-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el usb-storage-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el xfs-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el zlib-modules-4.19.0-8-5kc-malta-di | 4.19.98-1 | mips64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:51:05 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: acpi-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 ata-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 btrfs-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 cdrom-core-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 compress-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 crc-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 crypto-dm-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 crypto-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 efi-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 event-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 ext4-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 fat-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 fb-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 firewire-core-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 fuse-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 i2c-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 input-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 isofs-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 jfs-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 kernel-image-4.19.0-8-amd64-di | 4.19.98-1 | amd64 linux-image-4.19.0-8-amd64 | 4.19.98-1 | amd64 linux-image-4.19.0-8-cloud-amd64 | 4.19.98-1 | amd64 linux-image-4.19.0-8-rt-amd64 | 4.19.98-1 | amd64 loop-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 md-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 mmc-core-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 mmc-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 mouse-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 mtd-core-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 multipath-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 nbd-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 nic-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 nic-pcmcia-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 nic-shared-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 nic-usb-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 nic-wireless-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 pata-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 pcmcia-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 pcmcia-storage-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 ppp-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 sata-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 scsi-core-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 scsi-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 scsi-nic-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 serial-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 sound-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 speakup-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 squashfs-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 udf-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 uinput-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 usb-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 usb-serial-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 usb-storage-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 xfs-modules-4.19.0-8-amd64-di | 4.19.98-1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-amd64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:51:17 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 btrfs-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 cdrom-core-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 compress-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 crc-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 crypto-dm-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 crypto-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 efi-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 event-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 ext4-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 fat-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 fb-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 fuse-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 i2c-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 input-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 isofs-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 jfs-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 kernel-image-4.19.0-8-arm64-di | 4.19.98-1 | arm64 leds-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 linux-image-4.19.0-8-arm64 | 4.19.98-1 | arm64 linux-image-4.19.0-8-rt-arm64 | 4.19.98-1 | arm64 loop-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 md-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 mmc-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 mtd-core-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 multipath-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 nbd-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 nic-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 nic-shared-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 nic-usb-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 nic-wireless-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 ppp-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 sata-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 scsi-core-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 scsi-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 scsi-nic-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 squashfs-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 udf-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 uinput-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 usb-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 usb-serial-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 usb-storage-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 xfs-modules-4.19.0-8-arm64-di | 4.19.98-1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-arm64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:51:30 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: acpi-modules-4.19.0-8-686-di | 4.19.98-1 | i386 acpi-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 ata-modules-4.19.0-8-686-di | 4.19.98-1 | i386 ata-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 btrfs-modules-4.19.0-8-686-di | 4.19.98-1 | i386 btrfs-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 cdrom-core-modules-4.19.0-8-686-di | 4.19.98-1 | i386 cdrom-core-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 compress-modules-4.19.0-8-686-di | 4.19.98-1 | i386 compress-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 crc-modules-4.19.0-8-686-di | 4.19.98-1 | i386 crc-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 crypto-dm-modules-4.19.0-8-686-di | 4.19.98-1 | i386 crypto-dm-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 crypto-modules-4.19.0-8-686-di | 4.19.98-1 | i386 crypto-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 efi-modules-4.19.0-8-686-di | 4.19.98-1 | i386 efi-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 event-modules-4.19.0-8-686-di | 4.19.98-1 | i386 event-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 ext4-modules-4.19.0-8-686-di | 4.19.98-1 | i386 ext4-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 fat-modules-4.19.0-8-686-di | 4.19.98-1 | i386 fat-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 fb-modules-4.19.0-8-686-di | 4.19.98-1 | i386 fb-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 firewire-core-modules-4.19.0-8-686-di | 4.19.98-1 | i386 firewire-core-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 fuse-modules-4.19.0-8-686-di | 4.19.98-1 | i386 fuse-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 i2c-modules-4.19.0-8-686-di | 4.19.98-1 | i386 i2c-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 input-modules-4.19.0-8-686-di | 4.19.98-1 | i386 input-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 isofs-modules-4.19.0-8-686-di | 4.19.98-1 | i386 isofs-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 jfs-modules-4.19.0-8-686-di | 4.19.98-1 | i386 jfs-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 kernel-image-4.19.0-8-686-di | 4.19.98-1 | i386 kernel-image-4.19.0-8-686-pae-di | 4.19.98-1 | i386 linux-image-4.19.0-8-686 | 4.19.98-1 | i386 linux-image-4.19.0-8-686-pae | 4.19.98-1 | i386 linux-image-4.19.0-8-rt-686-pae | 4.19.98-1 | i386 loop-modules-4.19.0-8-686-di | 4.19.98-1 | i386 loop-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 md-modules-4.19.0-8-686-di | 4.19.98-1 | i386 md-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 mmc-core-modules-4.19.0-8-686-di | 4.19.98-1 | i386 mmc-core-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 mmc-modules-4.19.0-8-686-di | 4.19.98-1 | i386 mmc-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 mouse-modules-4.19.0-8-686-di | 4.19.98-1 | i386 mouse-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 mtd-core-modules-4.19.0-8-686-di | 4.19.98-1 | i386 mtd-core-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 multipath-modules-4.19.0-8-686-di | 4.19.98-1 | i386 multipath-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 nbd-modules-4.19.0-8-686-di | 4.19.98-1 | i386 nbd-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 nic-modules-4.19.0-8-686-di | 4.19.98-1 | i386 nic-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 nic-pcmcia-modules-4.19.0-8-686-di | 4.19.98-1 | i386 nic-pcmcia-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 nic-shared-modules-4.19.0-8-686-di | 4.19.98-1 | i386 nic-shared-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 nic-usb-modules-4.19.0-8-686-di | 4.19.98-1 | i386 nic-usb-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 nic-wireless-modules-4.19.0-8-686-di | 4.19.98-1 | i386 nic-wireless-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 pata-modules-4.19.0-8-686-di | 4.19.98-1 | i386 pata-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 pcmcia-modules-4.19.0-8-686-di | 4.19.98-1 | i386 pcmcia-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 pcmcia-storage-modules-4.19.0-8-686-di | 4.19.98-1 | i386 pcmcia-storage-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 ppp-modules-4.19.0-8-686-di | 4.19.98-1 | i386 ppp-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 sata-modules-4.19.0-8-686-di | 4.19.98-1 | i386 sata-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 scsi-core-modules-4.19.0-8-686-di | 4.19.98-1 | i386 scsi-core-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 scsi-modules-4.19.0-8-686-di | 4.19.98-1 | i386 scsi-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 scsi-nic-modules-4.19.0-8-686-di | 4.19.98-1 | i386 scsi-nic-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 serial-modules-4.19.0-8-686-di | 4.19.98-1 | i386 serial-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 sound-modules-4.19.0-8-686-di | 4.19.98-1 | i386 sound-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 speakup-modules-4.19.0-8-686-di | 4.19.98-1 | i386 speakup-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 squashfs-modules-4.19.0-8-686-di | 4.19.98-1 | i386 squashfs-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 udf-modules-4.19.0-8-686-di | 4.19.98-1 | i386 udf-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 uinput-modules-4.19.0-8-686-di | 4.19.98-1 | i386 uinput-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 usb-modules-4.19.0-8-686-di | 4.19.98-1 | i386 usb-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 usb-serial-modules-4.19.0-8-686-di | 4.19.98-1 | i386 usb-serial-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 usb-storage-modules-4.19.0-8-686-di | 4.19.98-1 | i386 usb-storage-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 xfs-modules-4.19.0-8-686-di | 4.19.98-1 | i386 xfs-modules-4.19.0-8-686-pae-di | 4.19.98-1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-i386) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:52:01 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-8-common | 4.19.98-1 | all linux-headers-4.19.0-8-common-rt | 4.19.98-1 | all linux-support-4.19.0-8 | 4.19.98-1 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:22:36 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ugene | 1.31.1+dfsg-1 | source, amd64 ugene-data | 1.31.1+dfsg-1 | all Closed bugs: 933334 ------------------- Reason ------------------- RoM; non-free; fails to build ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:23:10 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: libperlspeak-perl | 2.01-2 | source, all Closed bugs: 954298 ------------------- Reason ------------------- RoST; unmaintained; security issues ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:23:26 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: lambda-align2 | 2.0.0-6 | arm64, armel, armhf, i386, mips64el, ppc64el, s390x Closed bugs: 955717 ------------------- Reason ------------------- RoM; broken on non-amd64 architectures ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:23:47 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: gplaycli | 3.25+ds-1 | source, all Closed bugs: 958231 ------------------- Reason ------------------- RoM; broken by Google API changes ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:24:06 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: yahoo2mbox | 0.24-2 | source, all Closed bugs: 958572 ------------------- Reason ------------------- RoQA; unusable since 2013 ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:24:26 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: kerneloops | 0.12+git20140509-6 | source, amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x kerneloops-applet | 0.12+git20140509-6 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x Closed bugs: 958575 ------------------- Reason ------------------- RoQA; service http://oops.kernel.org no longer available ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:24:50 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: quotecolors | 0.3-6 | source xul-ext-quotecolors | 0.3-6 | all Closed bugs: 958922 ------------------- Reason ------------------- RoM; incompatible with newer Thunderbird versions ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:25:10 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: torbirdy | 0.2.6-1 | source xul-ext-torbirdy | 0.2.6-1 | all Closed bugs: 959376 ------------------- Reason ------------------- RoQA; incompatible with newer Thunderbird versions ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:25:33 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: libmicrodns | 0.0.10-1 | source libmicrodns-dev | 0.0.10-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x libmicrodns0 | 0.0.10-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x Closed bugs: 959429 ------------------- Reason ------------------- RoM; security issues ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 09 May 2020 08:26:06 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: getlive | 2.4+cvs20120801-1 | source, all Closed bugs: 959491 ------------------- Reason ------------------- RoQA; Upstream Dead; Not Working Anymore ---------------------------------------------- ========================================================================= apt-cacher-ng (3.2.1-1) buster; urgency=medium . * Minor bugfix upstream release + (CVE-2020-5202) Enforce secured call to the server in maint job triggering + Allow .zst compression for tarballs (closes: Bug#948259, thanks to Arnaud Rebillout) + Upstreaming fix from #928957 and adding workaround of build failure on mips(64)el (no multithreading with gold linker) apt-cacher-ng (3.2-3) unstable; urgency=medium . * Increase decompression line buffer size (closes: #942634) apt-cacher-ng (3.2-3~bpo10+1) buster-backports; urgency=medium . * Straight rebuild for buster-backports apt-cacher-ng (3.2-3~bpo9+1) stretch-backports-sloppy; urgency=medium . * Straight rebuild for stretch-backports-sloppy awl (0.60-1+deb10u1) buster-security; urgency=high . * Fix two security vulnerablilites (closes: #956650) + CVE-2020-11728 "Session::__construct() allows use of the current time as a session key" + CVE-2020-11729 "LSIDLogin() is insecure and can allow user impersonation" awl (0.60-1+deb10u1~bpo9+1) stretch-backports; urgency=high . * Rebuild for stretch-backports. . awl (0.60-1+deb10u1) buster-security; urgency=high . * Fix two security vulnerablilites (closes: #956650) + CVE-2020-11728 "Session::__construct() allows use of the current time as a session key" + CVE-2020-11729 "LSIDLogin() is insecure and can allow user impersonation" . awl (0.60-1) unstable; urgency=medium . * New upstream release (closes: #890313) * Update debian/watch to changed Gitlab directory layout * Update copyright years * Declare compliance with Debian Policy 4.3.0 backuppc (3.3.2-2+deb10u1) buster; urgency=medium . * 07-reload-user.patch: pass the username to start-stop-daemon when reloading. This prevents reload failures and subsequent init system games (Closes: #944611) base-files (10.3+deb10u4) buster; urgency=medium . * Change /etc/debian_version to 10.4, for Debian 10.4 point release. bluez (5.50-1.2~deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Rebuild for buster-security. . bluez (5.50-1.2) unstable; urgency=medium . * Non-maintainer upload. * input: hog: Attempt to set security level if not bonded * input: Add LEAutoSecurity setting to input.conf . bluez (5.50-1.1) unstable; urgency=high . * Non-maintainer upload. * Address INTEL-SA-00352 (CVE-2020-0556) (Closes: #953770) - HOGP must only accept data from bonded devices - HID accepts bonded device connections only bluez (5.50-1.1) unstable; urgency=high . * Non-maintainer upload. * Address INTEL-SA-00352 (CVE-2020-0556) (Closes: #953770) - HOGP must only accept data from bonded devices - HID accepts bonded device connections only brltty (5.6-10+deb10u1) buster; urgency=medium . * patches/log-spam: Avoid spamming log with recent Orca which tries to reconnect periodically. brltty (5.6-10+deb10u1~bpo9+1) stretch-backports; urgency=medium . * Upload to stretch-backports. checkstyle (8.15-1+deb10u1) buster; urgency=medium . * Team upload. * Fix CVE-2019-9658 and CVE-2019-10782: Security researchers from Snyk discovered that the fix for CVE-2019-9658 was incomplete. Checkstyle, a development tool to help programmers write Java code that adheres to a coding standard, was still vulnerable to XML External Entity (XXE) injection. (Closes: #924598) choose-mirror (2.99+deb10u1) buster; urgency=medium . * Update Mirrors.masterlist. chromium (80.0.3987.162-1~deb10u1) buster-security; urgency=medium . * New upstream security release. - CVE-2020-6450: Use after free in WebAudio. Reported by Man Yue Mo - CVE-2020-6451: Use after free in WebAudio. Reported by Man Yue Mo - CVE-2020-6452: Heap buffer overflow in media. Reported by asnine chromium (80.0.3987.149-1) unstable; urgency=medium . * New upstream security release. - CVE-2019-20503: Out of bounds read in usersctplib. Reported by Natalie Silvanovich - CVE-2020-6422: Use after free in WebGL. Reported by David Manouchehri - CVE-2020-6424: Use after free in media. Reported by Sergei Glazunov - CVE-2020-6425: Insufficient policy enforcement in extensions. Reported by Sergei Glazunov - CVE-2020-6426: Inappropriate implementation in V8. Reported by Avihay Cohen - CVE-2020-6427: Use after free in audio. Reported by Man Yue Mo - CVE-2020-6428: Use after free in audio. Reported by Man Yue Mo - CVE-2020-6429: Use after free in audio. Reported by Man Yue Mo - CVE-2020-6449: Use after free in audio. Reported by Man Yue Mo chromium (80.0.3987.149-1~deb10u1) buster-security; urgency=medium . * New upstream security release. - CVE-2019-20503: Out of bounds read in usersctplib. Reported by Natalie Silvanovich - CVE-2020-6422: Use after free in WebGL. Reported by David Manouchehri - CVE-2020-6424: Use after free in media. Reported by Sergei Glazunov - CVE-2020-6425: Insufficient policy enforcement in extensions. Reported by Sergei Glazunov - CVE-2020-6426: Inappropriate implementation in V8. Reported by Avihay Cohen - CVE-2020-6427: Use after free in audio. Reported by Man Yue Mo - CVE-2020-6428: Use after free in audio. Reported by Man Yue Mo - CVE-2020-6429: Use after free in audio. Reported by Man Yue Mo - CVE-2020-6449: Use after free in audio. Reported by Man Yue Mo chromium (80.0.3987.132-1) unstable; urgency=medium . * New upstream security release. - CVE-2020-6420: Insufficient policy enforcement in media. Reported by Taras Uzdenov chromium (80.0.3987.132-1~deb10u1) buster-security; urgency=medium . * New upstream security release. - CVE-2019-19923: Out of bounds memory access in SQLite. Reported by Richard Lorenz - CVE-2019-19925: Vulnerability in SQLite. Reported by Richard Lorenz - CVE-2019-19926: Inappropriate implementation in SQLite. Reported by Richard Lorenz - CVE-2019-19880: Vulnerability in SQLite. Reported by Richard Lorenz - CVE-2020-6381: Integer overflow in JavaScript. Reported by The UK's National Cyber Security Centre - CVE-2020-6382: Type Confusion in JavaScript. Reported by Soyeon Park and Wen Xu - CVE-2020-6383: Type confusion in V8. Reported by Sergei Glazunov - CVE-2020-6384: Use after free in WebAudio. Reported by David Manouchehri - CVE-2020-6385: Insufficient policy enforcement in storage. Reported by Sergei Glazunov - CVE-2020-6386: Use after free in speech. Reported by Zhe Jin - CVE-2020-6387: Out of bounds write in WebRTC. Reported by Natalie Silvanovich - CVE-2020-6388: Out of bounds memory access in WebAudio. Reported by Sergei Glazunov - CVE-2020-6389: Out of bounds write in WebRTC. Reported by Natalie Silvanovich - CVE-2020-6390: Out of bounds memory access in streams. Reported by Sergei Glazunov - CVE-2020-6391: Insufficient validation of untrusted input in Blink. Reported by MichaÅ‚ Bentkowski - CVE-2020-6392: Insufficient policy enforcement in extensions. Reported by Microsoft Edge Team - CVE-2020-6393: Insufficient policy enforcement in Blink. Reported by Mark Amery - CVE-2020-6394: Insufficient policy enforcement in Blink. Reported by Phil Freo - CVE-2020-6395: Out of bounds read in JavaScript. Reported by Pierre Langlois - CVE-2020-6396: Inappropriate implementation in Skia. Reported by William Luc Ritchie - CVE-2020-6397: Incorrect security UI in sharing. Reported by Khalil Zhani - CVE-2020-6398: Uninitialized use in PDFium. Reported by pdknsk - CVE-2020-6399: Insufficient policy enforcement in AppCache. Reported by Luan Herrera - CVE-2020-6400: Inappropriate implementation in CORS. Reported by Takashi Yoneuchi - CVE-2020-6401: Insufficient validation of untrusted input in Omnibox. Reported by Tzachy Horesh - CVE-2020-6402: Insufficient policy enforcement in downloads. Reported by Vladimir Metnew - CVE-2020-6403: Incorrect security UI in Omnibox. Reported by Khalil Zhani - CVE-2020-6404: Inappropriate implementation in Blink. Reported by kanchi - CVE-2020-6405: Out of bounds read in SQLite. Reported by Yongheng Chen and Rui Zhong - CVE-2020-6406: Use after free in audio. Reported by Sergei Glazunov - CVE-2020-6407: Out of bounds memory access in streams. Reported by Sergei Glazunov - CVE-2020-6408: Insufficient policy enforcement in CORS. Reported by Zhong Zhaochen - CVE-2020-6409: Inappropriate implementation in Omnibox. Reported by Divagar S and Bharathi V - CVE-2020-6410: Insufficient policy enforcement in navigation. Reported by evi1m0 - CVE-2020-6411: Insufficient validation of untrusted input in Omnibox. Reported by Khalil Zhani - CVE-2020-6412: Insufficient validation of untrusted input in Omnibox. Reported by Zihan Zheng - CVE-2020-6413: Inappropriate implementation in Blink. Reported by MichaÅ‚ Bentkowski - CVE-2020-6414: Insufficient policy enforcement in Safe Browsing. Reported by Lijo A.T - CVE-2020-6415: Inappropriate implementation in JavaScript. Reported by Avihay Cohen - CVE-2020-6416: Insufficient data validation in streams. Reported by Woojin Oh - CVE-2020-6417: Inappropriate implementation in installer. Reported by Renato Moraes and Altieres Rohr - CVE-2020-6418: Type confusion in V8. Reported by Clement Lecigne - CVE-2020-6420: Insufficient policy enforcement in media. Reported by Taras Uzdenov chromium (80.0.3987.122-2) unstable; urgency=medium . * Reduce debugging symbols to avoid memory exhaustion while linking. chromium (80.0.3987.122-1) unstable; urgency=medium . * New upstream security release. - CVE-2020-6407: Out of bounds memory access in streams. Reported by Sergei Glazunov - CVE-2020-6418: Type confusion in V8. Reported by Clement Lecigne chromium (80.0.3987.116-1) unstable; urgency=medium . * New upstream security release. - CVE-2020-6383: Type confusion in V8. Reported by Sergei Glazunov - CVE-2020-6384: Use after free in WebAudio. Reported by David Manouchehri - CVE-2020-6386: Use after free in speech. Reported by Zhe Jin chromium (80.0.3987.106-1) unstable; urgency=medium . * New upstream stable release. - CVE-2019-19923: Out of bounds memory access in SQLite. Reported by Richard Lorenz - CVE-2019-19925: Vulnerability in SQLite. Reported by Richard Lorenz - CVE-2019-19926: Inappropriate implementation in SQLite. Reported by Richard Lorenz - CVE-2019-19880: Vulnerability in SQLite. Reported by Richard Lorenz - CVE-2020-6381: Integer overflow in JavaScript. Reported by The UK's National Cyber Security Centre - CVE-2020-6382: Type Confusion in JavaScript. Reported by Soyeon Park and Wen Xu - CVE-2020-6385: Insufficient policy enforcement in storage. Reported by Sergei Glazunov - CVE-2020-6387: Out of bounds write in WebRTC. Reported by Natalie Silvanovich - CVE-2020-6388: Out of bounds memory access in WebAudio. Reported by Sergei Glazunov - CVE-2020-6389: Out of bounds write in WebRTC. Reported by Natalie Silvanovich - CVE-2020-6390: Out of bounds memory access in streams. Reported by Sergei Glazunov - CVE-2020-6391: Insufficient validation of untrusted input in Blink. Reported by MichaÅ‚ Bentkowski - CVE-2020-6392: Insufficient policy enforcement in extensions. Reported by Microsoft Edge Team - CVE-2020-6393: Insufficient policy enforcement in Blink. Reported by Mark Amery - CVE-2020-6394: Insufficient policy enforcement in Blink. Reported by Phil Freo - CVE-2020-6395: Out of bounds read in JavaScript. Reported by Pierre Langlois - CVE-2020-6396: Inappropriate implementation in Skia. Reported by William Luc Ritchie - CVE-2020-6397: Incorrect security UI in sharing. Reported by Khalil Zhani - CVE-2020-6398: Uninitialized use in PDFium. Reported by pdknsk - CVE-2020-6399: Insufficient policy enforcement in AppCache. Reported by Luan Herrera - CVE-2020-6400: Inappropriate implementation in CORS. Reported by Takashi Yoneuchi - CVE-2020-6401: Insufficient validation of untrusted input in Omnibox. Reported by Tzachy Horesh - CVE-2020-6402: Insufficient policy enforcement in downloads. Reported by Vladimir Metnew - CVE-2020-6403: Incorrect security UI in Omnibox. Reported by Khalil Zhani - CVE-2020-6404: Inappropriate implementation in Blink. Reported by kanchi - CVE-2020-6405: Out of bounds read in SQLite. Reported by Yongheng Chen and Rui Zhong - CVE-2020-6406: Use after free in audio. Reported by Sergei Glazunov - CVE-2020-6408: Insufficient policy enforcement in CORS. Reported by Zhong Zhaochen - CVE-2020-6409: Inappropriate implementation in Omnibox. Reported by Divagar S and Bharathi V - CVE-2020-6410: Insufficient policy enforcement in navigation. Reported by evi1m0 - CVE-2020-6411: Insufficient validation of untrusted input in Omnibox. Reported by Khalil Zhani - CVE-2020-6412: Insufficient validation of untrusted input in Omnibox. Reported by Zihan Zheng - CVE-2020-6413: Inappropriate implementation in Blink. Reported by MichaÅ‚ Bentkowski - CVE-2020-6414: Insufficient policy enforcement in Safe Browsing. Reported by Lijo A.T - CVE-2020-6415: Inappropriate implementation in JavaScript. Reported by Avihay Cohen - CVE-2020-6416: Insufficient data validation in streams. Reported by Woojin Oh - CVE-2020-6417: Inappropriate implementation in installer. Reported by Renato Moraes and Altieres Rohr * Remove --ignore-gpu-blacklist from the default flags (closes: #947207). * Update standards version to 4.5.0. * Build with clang instead of gcc. chromium (79.0.3945.130-2) unstable; urgency=medium . * Add libx11-xcb-dev as a build dependency. chromium (79.0.3945.130-1) unstable; urgency=medium . * New upstream security release. - CVE-2020-6377: Use after free in audio. Reported by Zhe Jin - CVE-2020-6378: Use-after-free in speech recognizer. Reported by Antti Levomäki and Christian Jalio - CVE-2020-6379: Use-after-free in speech recognizer. Reported by Guang Gong - CVE-2020-6380: Extension message verification error. Reported by Sergei Glazunov - CVE-2019-13767: Use after free in media picker. Reported by Sergei Glazunov * Fix memory instrumentation singleton initialization errors caused by tracing patch included in the previous upload (closes: #945920). clamav (0.102.2+dfsg-0+deb10u1) buster; urgency=medium . * Import 0.102.2 - CVE-2020-3123 (DoS may occur in the optional DLP feature) (Closes: 950944). * Update symbol file. * Set ReceiveTimeout to 0 which is upstream default. * Add a patch to let freshclam consider CURL_CA_BUNDLE environment variable to set the CA bundle (like curl does) (Closes: #951057). * Recommend ca-certificates, new freshclash uses https by default. clamav (0.102.2+dfsg-0~deb9u1) stretch; urgency=medium . * Import 0.102.2 - CVE-2020-3123 (DoS may occur in the optional DLP feature) (Closes: 950944). * Update symbol file. * Set ReceiveTimeout to 0 which is upstream default. * Add a patch to let freshclam consider CURL_CA_BUNDLE environment variable to set the CA bundle (like curl does) (Closes: #951057). * Recommend ca-certificates, new freshclash uses https by default. clamav (0.102.1+dfsg-3) unstable; urgency=medium . * clamav-daemon: Do not cause an error on start if /run/clamav already exists * clamav-daemon: Correct error from ScanOnAccess option removal so that setting LogFile options via DebConf works again (Closes: #950296) (LP: #1861497) clamav (0.102.1+dfsg-2) unstable; urgency=medium . * Add the clamonacc binary to the clamav-daemon package. * Drop ScanOnAccess option. The clamonacc provides this functionality. clamav (0.102.1+dfsg-1) unstable; urgency=medium . * Import 0.102.1 (Closes: #945265) - CVE-2019-15961 (A Denial-of-Service as a result of excessively long scan times). - Let freshclam show progress during download (Closes: #690789). * Update symbol file. * Add libfreshclam to the libclamav9 package. corosync (3.0.1-2+deb10u1) buster; urgency=medium . * [c7ca027] New patch: totemsrp: Reduce MTU to left room second mcast. Thanks to Jan Friesse (Closes: #950476) corosync-qdevice (3.0.0-4+deb10u1) buster; urgency=medium . * [8de35d1] Set Default-Start runlevels for corosync-qdevice (Closes: #932346) csync2 (2.0-22-gce67c55-1+deb10u1) buster; urgency=medium . * Add patch for CVE-2019-15522 (Closes: #955445) cups (2.2.10-6+deb10u3) buster; urgency=medium . * Backport upstream security fixes: - CVE-2020-3898: heap-buffer-overflow in libcups’s ppdFindOption() function in ppd-mark.c - CVE-2019-8842: The `ippReadIO` function may under-read an extension field curl (7.64.0-4+deb10u1) buster-security; urgency=high . * Fix FTP-KRB double-free as per CVE-2019-5481 (Closes: #940009) https://curl.haxx.se/docs/CVE-2019-5481.html * Fix TFTP small blocksize heap buffer overflow as per CVE-2019-5482 (Closes: #940010) https://curl.haxx.se/docs/CVE-2019-5482.html dav4tbsync (1.9-1~deb10u1) buster; urgency=medium . * Changed versioning dav4tbsync (1.8-1) unstable; urgency=medium . * [813a05f] New upstream version 1.8 dav4tbsync (1.7-1) unstable; urgency=medium . [ Carsten Schoenert ] * [2f77473] d/control: correct depending versions . [ Mechtilde Stehmann ] * [959372e] New upstream version 1.7 * [63d213e] d/upstream/metadata: added * [908b0f5] d/copyright: add recent year * [d462321] d/control: bump standard version to 4.5 - no changes needed dav4tbsync (1.6-1) unstable; urgency=medium . * Prepared for unstable dav4tbsync (1.6-1~exp3) experimental; urgency=medium . [ Carsten Schoenert ] * [673ef7d] webext-dav4tbsync.install: install more needed files * [b0a4adb] webext-dav4tbsync.links: correct linking . [ Mechtilde Stehmann ] * [5f75a84] Completed docs dav4tbsync (1.6-1~exp2) experimental; urgency=medium . * Prepared for unstable * [3e3de7c] Removed old xul stuff * [a3323c6] Removed xpi dependency * [194a239] Added *.install and *.links for manuall installation dav4tbsync (1.6-1~exp1) experimental; urgency=medium . * [8ed4ba4] New upstream version 1.6 * [d1ec579] Updated version of dependencies * [55be96f] Deactivate verbosity in debian/rules dav4tbsync (1.4-1~exp1) experimental; urgency=medium . * [c22d7c2] New upstream version 1.4 * [0b2772b] Use debhelper-compat for choosing compat level * [93ae506] Bumped to standard version 4.4.1 -no changes needed * [ddcb0ce] Added Rules-Requires-Root: no * [c93f523] Adapt to new version scheme * [cce26d0] Added copyright for debian/ dav4tbsync (1.2-1) experimental; urgency=medium . [ Mechtilde ] * New upstream version 1.2 * bump standard version to 4.4.0 - no changes needed * bump uscan version to 4 - no changes needed * added debian/salsa-ci.yml * adapt rules to webext * deleted debian/source/lintian-overrides file content/sync.js removed * add some more entries to debian/webext-dav4tbsync.docs debian-edu-config (2.10.65+deb10u5) buster; urgency=medium . [ Wolfgang Schweer ] * Add policies files for Firefox-ESR and Thunderbird to fix the TLS/SSL setup. This makes sure that the Debian-Edu_rootCA.crt file gets installed as trusted certificate for Firefox-ESR and Thunderbird. (Already fixed in Bullseye.) - Add share/firefox-esr/distribution/policies.json (Closes: #944450). - Add lib/thunderbird/distribution/policies.json (Closes: #955978). - Adjust Makefile accordingly. debian-installer (20190702+deb10u4) buster; urgency=medium . * Bump Linux ABI to 4.19.0-9. debian-installer-netboot-images (20190702+deb10u4) buster; urgency=medium . * Update to 20190702+deb10u3, from buster-proposed-updates. debian-security-support (2020.04.16~deb10u2) buster; urgency=medium . * Re-upload for buster. . debian-security-support (2020.04.16) unstable; urgency=medium . * Add tor to security-support-ended.deb8 as well, see DSA 4644-1. * Add libperlspeak-perl to security-support-ended.deb(8|9|10), because of CVE-2020-10674 (#954238), also see #954297, #954298 and #954299. . debian-security-support (2020.03.22) unstable; urgency=medium . [ Salvatore Bonaccorso ] * Add tor to security-support-ended.deb9, see DSA 4644-1. . debian-security-support (2020.03.15) unstable; urgency=medium . [ Dmitry Smirnov ] * security-support-limited/zoneminder: declare limited support behind an authenticated HTTP zone (see #922724). . [ Daniel Shahaf ] * Revert unintentional output change in #951874 4/4. Closes: #953732. . debian-security-support (2020.03.05) unstable; urgency=medium . [ Bastian Blank ] * Add xen to security-support-ended.deb8. . [ Holger Levsen ] * Correct bug closure for #951874 in 2020.02.25 changelog entry. #951772 was already closed in 2020.02.21. . debian-security-support (2020.02.25) unstable; urgency=medium . [ Daniel Shahaf ] * Miscellaneous sh fixes, Closes: #951874. - avoid implementation-defined behaviour. - fix --version output, use defined variable. - print errors and warnings to stderr. - clarify an error message. . [ Holger Levsen ] * postinst and check-support-status.hook: drop workaround for upgrades from releases before 2016-03-30. * check-support-status.in: - drop code needed for supporting dpkg-query from squeeze. - set DEB_LOWEST_VER_ID=8 as we dropped security-support-ended.deb7 in the last upload. - Don't exit gracefully if the detected Debian version is not supported, instead issue a warning and continue, to both do the checks that can be done and to not fail the package installation. Closes: #952383. * po/debian-security-support.pot: drop removed string. * Update all .po files for changed strings in the English original. * Add "package-uses-old-debhelper-compat-version 11" to source/lintian-overrides. The package shall be trivially buildable on stable. . debian-security-support (2020.02.21) unstable; urgency=medium . [ Holger Levsen ] * Drop security-support-ended.deb7, we don't support wheezy anymore. (eLTS is maintained outside Debian.) * Add nodejs to security-support-ended.deb8 and .deb9. * Use runuser instead of su. Closes: #890862. Thanks to Jakobus Schürz. * Wrap long lines in changelog entries: 2015.04.04, thanks lintian-brush. * Fix day-of-week for changelog entry 2015.04.04, thanks lintian-brush. . [ Daniel Shahaf ] * Allow one to exclude specific packages from the check. Closes: #951442. * Prefix "check-support-status: " to error messages. Closes: #951772. . debian-security-support (2020.01.21) unstable; urgency=medium . [ Abhijith PA ] * Add nethack to security-support-ended.deb8. . [ Salvatore Bonaccorso ] * Mark xen as end-of-life for Stretch (DSA 4602-1). . [ Holger Levsen ] * Improve describe of binutils' status in security-support-limited. Thanks to Daniel Shahaf for the patch. Closes: #948634. * Bump standards version to 4.5.0, no changes needed. debian-security-support (2020.03.22) unstable; urgency=medium . [ Salvatore Bonaccorso ] * Add tor to security-support-ended.deb9, see DSA 4644-1. debian-security-support (2020.03.15) unstable; urgency=medium . [ Dmitry Smirnov ] * security-support-limited/zoneminder: declare limited support behind an authenticated HTTP zone (see #922724). . [ Daniel Shahaf ] * Revert unintentional output change in #951874 4/4. Closes: #953732. debian-security-support (2020.03.05) unstable; urgency=medium . [ Bastian Blank ] * Add xen to security-support-ended.deb8. . [ Holger Levsen ] * Correct bug closure for #951874 in 2020.02.25 changelog entry. #951772 was already closed in 2020.02.21. debian-security-support (2020.02.25) unstable; urgency=medium . [ Daniel Shahaf ] * Miscellaneous sh fixes, Closes: #951772. - avoid implementation-defined behaviour. - fix --version output, use defined variable. - print errors and warnings to stderr. - clarify an error message. . [ Holger Levsen ] * postinst and check-support-status.hook: drop workaround for upgrades from releases before 2016-03-30. * check-support-status.in: - drop code needed for supporting dpkg-query from squeeze. - set DEB_LOWEST_VER_ID=8 as we dropped security-support-ended.deb7 in the last upload. - Don't exit gracefully if the detected Debian version is not supported, instead issue a warning and continue, to both do the checks that can be done and to not fail the package installation. Closes: #952383. * po/debian-security-support.pot: drop removed string. * Update all .po files for changed strings in the English original. * Add "package-uses-old-debhelper-compat-version 11" to source/lintian-overrides. The package shall be trivially buildable on stable. debian-security-support (2020.02.21) unstable; urgency=medium . [ Holger Levsen ] * Drop security-support-ended.deb7, we don't support wheezy anymore. (eLTS is maintained outside Debian.) * Add nodejs to security-support-ended.deb8 and .deb9. * Use runuser instead of su. Closes: #890862. Thanks to Jakobus Schürz. * Wrap long lines in changelog entries: 2015.04.04, thanks lintian-brush. * Fix day-of-week for changelog entry 2015.04.04, thanks lintian-brush. . [ Daniel Shahaf ] * Allow one to exclude specific packages from the check. Closes: #951442. * Prefix "check-support-status: " to error messages. Closes: #951772. debian-security-support (2020.01.21) unstable; urgency=medium . [ Abhijith PA ] * Add nethack to security-support-ended.deb8. . [ Salvatore Bonaccorso ] * Mark xen as end-of-life for Stretch (DSA 4602-1). . [ Holger Levsen ] * Improve describe of binutils' status in security-support-limited. Thanks to Daniel Shahaf for the patch. Closes: #948634. * Bump standards version to 4.5.0, no changes needed. debian-security-support (2019.12.12) unstable; urgency=medium . * security-support-limited: point to https://www.debian.org/releases/ \ buster/amd64/release-notes/ch-information.en.html#golang-static-linking for golang* packages. distro-info-data (0.41+deb10u2) buster; urgency=medium . * Update data to 0.44: - Add Ubuntu 20.10, Groovy Gorilla. - Add a guessed EOL date for Debian Stretch. dojo (1.14.2+dfsg1-1+deb10u1) buster; urgency=medium . * Team upload * Cleanup improper regex usage (Closes: #952771, CVE-2019-10785) dpdk (18.11.6-1~deb10u1) buster; urgency=medium . * Merge tag 'debian/18.11.6-1' into buster. . dpdk (18.11.6-1) unstable; urgency=medium . [ Luca Boccassi ] * New upstream version 18.11.6; For a list of changes see http://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html * Drop avoid-as-needed-as-it-causes-overlinking.patch, merged upstream. * Refresh remaining patches to remove fuzz from 18.11.6. * Add patch to avoid changing stable symbol version, breaking ABI. * Update librte-eal18.11.symbols with new experimental symbol from 18.11.6 . [ Christian Ehrhardt ] * d/*.lintian-overrides: add overrides for a few known but accepted deficiencies . [ Luca Boccassi ] * Use chrpath to strip RPATH from dpdk-test binary * Add missing librte-gro symbols file dpdk (18.11.5-1) unstable; urgency=medium . * New upstream version 18.11.5; For a list of changes see http://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html * Refresh 0004-build-bump-minimum-Meson-version-to-0.47.1.patch to remove fuzz from 18.11.5 dtv-scan-tables (0+git20190925.6d01903-0.1~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster. . dtv-scan-tables (0+git20190925.6d01903-0.1) unstable; urgency=medium . * Non-maintainer upload. * New upstream snapshot. * Adds a list of all current German DVB-T2 muxes. (Closes: #901842) * Adds the Eutelsat-5-West-A satellite. (Closes: #940936) eas4tbsync (1.12-1~deb10u1) buster; urgency=medium . * changed versioning eas4tbsync (1.11-1) unstable; urgency=medium . [ Carsten Schoenert ] * [efdc483] d/control: correct depending versions . [ Mechtilde Stehmann ] * [19cb20a] New upstream version 1.11 * [ea60111] d/upstream/metadata: added d/copyright: add recent year d/control: bump standard version to 4.5 - no changes needed eas4tbsync (1.9-1) unstable; urgency=medium . * Prepared for unstable eas4tbsync (1.9-1~exp3) experimental; urgency=medium . [ Carsten Schoenert ] * [2df6c8c] webext-eas4tbsync.install: install more needed files * [eb81b22] webext-eas4tbsync.links: correct linking . [ Mechtilde Stehmann ] * [99cae94] Added _locales/Readme.txt eas4tbsync (1.9-1~exp2) experimental; urgency=medium . * [ad86a1b] Removed old xul stuff * [34315f3] Remove xpi dependencies * [423a9cc] Added *.install and *.links for manuall installation * [46eb3a3] Corrected typos * [d5cb20e] Add one doc file to improve for lintian eas4tbsync (1.9-1~exp1) experimental; urgency=medium . * [d248851] New upstream version 1.9 eas4tbsync (1.8-1~exp1) experimental; urgency=medium . * [0c1d562] New upstream version 1.8 * [43b864c] Update version of dependencies * [74699d2] Deactivated verbosity of debian/rules eas4tbsync (1.6-1~exp1) experimental; urgency=medium . * [d7f4483] New upstream version 1.6 * [1bf8cf6] Use debhelper-compat for choosing compat level * [d25074c] Adapt to new version scheme * [7ec3dbf] Bump to new standard version 4.4.1 * [5704493] Added Rules-Requires-Root: no * [3d36412] Added copyright for debian/ eas4tbsync (1.2-1) experimental; urgency=medium . [ Mechtilde ] * New upstream version 1.2 * changed debian/control bump standard version to 4.4.0 changed thunderbird version to >=68 changed webext-tbsync version to 2.3 * changed debian/watch to version 4 * added debian/salsa-ci.yml to get this package ready for salsa-ci * simpified debian/rules for using webext * corrected debian/copyright edk2 (0~20181115.85588389-3+deb10u1) buster; urgency=medium . * Fix numeric truncation in S3BootScript[Save]*() API. (CVE-2019-14563) * Fix use-after-free in PcdHiiOsRuntimeSupport. (CVE-2019-14586) * Clear memory before free to avoid potential password leak. (CVE-2019-14558) * Fix double-unmap in SdMmcCreateTrb(). This did not impact any of the images built from this package. (CVE-2019-14587) * Fix memory leak in ArpOnFrameRcvdDpc(). (CVE-2019-14559) * Fix issue that could allow an efi image with a blacklisted hash in the dbx to be loaded. (CVE-2019-14575) (Closes: 952935) * Fix a memory leak in the ARP handler. (CVE-2019-14559) (Closes: #952926) el-api (3.0.0-2+deb10u1) buster; urgency=medium . * Team upload. * Change Breaks and Replaces for libservlet3.1-java to << 9 and fix dpkg error when upgrading tomcat 8 from Stretch to Buster. evince (3.30.2-3+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * tiff: Handle failure from TIFFReadRGBAImageOriented (CVE-2019-11459) (Closes: #927820) fex (20160919-2~deb10u1) buster; urgency=high . * Security fix for fexsrv. fex (20160919-2~deb9u1) stretch; urgency=high . * Security fix for fexsrv. filezilla (3.39.0-2+deb10u1) buster; urgency=medium . * Non-maintainer upload * Added: 02_untrusted_search_path.patch - CVE-2019-5429. (Closes: #928282) firefox-esr (68.7.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release * Fixes for mfsa2020-13, also known as: CVE-2020-6821, CVE-2020-6822, CVE-2020-6825. firefox-esr (68.7.0esr-1~deb9u1) stretch-security; urgency=medium . * New upstream release * Fixes for mfsa2020-13, also known as: CVE-2020-6821, CVE-2020-6822, CVE-2020-6825. firefox-esr (68.6.1esr-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-11, also known as: CVE-2020-6819, CVE-2020-6820. firefox-esr (68.6.1esr-1~deb10u1) buster-security; urgency=medium . * New upstream release * Fixes for mfsa2020-11, also known as: CVE-2020-6819, CVE-2020-6820. firefox-esr (68.6.1esr-1~deb9u1) stretch-security; urgency=medium . * New upstream release * Fixes for mfsa2020-11, also known as: CVE-2020-6819, CVE-2020-6820. firefox-esr (68.6.0esr-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-09, also known as: CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6811, CVE-2019-20503, CVE-2020-6812, CVE-2020-6814. firefox-esr (68.6.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release * Fixes for mfsa2020-09, also known as: CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6811, CVE-2019-20503, CVE-2020-6812, CVE-2020-6814. firefox-esr (68.6.0esr-1~deb9u1) stretch-security; urgency=medium . * New upstream release * Fixes for mfsa2020-09, also known as: CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6811, CVE-2019-20503, CVE-2020-6812, CVE-2020-6814. firefox-esr (68.5.0esr-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-06, also known as: CVE-2020-6796, CVE-2020-6798, CVE-2020-6800. firefox-esr (68.5.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release * Fixes for mfsa2020-06, also known as: CVE-2020-6796, CVE-2020-6798, CVE-2020-6800. firefox-esr (68.5.0esr-1~deb9u1) stretch-security; urgency=medium . * New upstream release * Fixes for mfsa2020-06, also known as: CVE-2020-6796, CVE-2020-6798, CVE-2020-6800. firefox-esr (68.4.2esr-1) unstable; urgency=medium . * New upstream release. firefox-esr (68.4.1esr-1) unstable; urgency=medium . * New upstream release. * Fix for mfsa2020-03, also known as CVE-2019-17026. frr (6.0.2-2+deb10u1) buster; urgency=medium . * extended next hop capability not working: add upstream patches: - Add_peer_action_for_PEER_FLAG_IFPEER_V6ONLY_flag.patch. - interface_based_peers_should_automatically_override_it_s_peer_group.patch fuse (2.9.9-1+deb10u1) buster; urgency=medium . * Drop outdated udevadm commands from postinst (closes: #934457, #935496). * Don't explicitly remove fuse.conf on purge (closes: #953222). fuse3 (3.4.1-1+deb10u1) buster; urgency=medium . * Drop outdated udevadm commands from postinst (closes: #934293). * Don't explicitly remove fuse.conf on purge (closes: #953223). * Backport fix of memory leak in fuse_session_new() . git (1:2.20.1-2+deb10u3) buster-security; urgency=high . * new upstream point release (see RelNotes/2.20.4.txt). * Addresses the security issue CVE-2020-11008. . With a crafted URL that contains a newline or empty host, or lacks a scheme, the credential helper machinery can be fooled into providing credential information that is not appropriate for the protocol in use and host being contacted. . Unlike the vulnerability fixed in 1:2.20.1-2+deb10u2, the credentials are not for a host of the attacker's choosing. Instead, they are for an unspecified host, based on how the configured credential helper handles an absent "host" parameter. . The attack has been made impossible by refusing to work with underspecified credential patterns. . Thanks to Carlo Arenas for reporting that Git was still vulnerable, Felix Wilhelm for providing the proof of concept demonstrating this issue, and Jeff King for promptly providing a corrected fix. . Tested using the proof of concept at https://crbug.com/project-zero/2021. git (1:2.20.1-2+deb10u2) buster-security; urgency=high . [ Salvatore Bonaccorso ] * new upstream point release (see RelNotes/2.20.3.txt). * Addresses the security issue CVE-2020-5260. . With a crafted URL that contains a newline, the credential helper machinery can be fooled to supply credential information for the wrong host. The attack has been made impossible by forbidding a newline character in any value passed via the credential protocol. . Thanks to Felix Wilhelm of Google Project Zero for finding this vulnerability and Jeff King for fixing it. gnutls28 (3.6.7-4+deb10u3) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * GNUTLS-SA-2020-03-31: dtls client hello: fix zeroed random (CVE-2020-11501) Fix a DTLS-protocol regression (caused by TLS1.3 support), since 3.6.3. The DTLS client would not contribute any randomness to the DTLS negotiation, breaking the security guarantees of the DTLS protocol. (Closes: #955556) golang-github-prometheus-common (0+git20181119.b36ad28-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport upstream patch "config: extend validity of testdata certs": As the previous test certificates were set to expire on 2019-07-13, causing TestNewClientFromConfig to fail after that date. See https://github.com/prometheus/common/pull/186 (Closes: #949189) gosa (2.7.4+reloaded3-8+deb10u2) buster; urgency=medium . * debian/patches: + Add 1047_CVE-2019-14466-{1,2}_replace_unserialize_with_json_encode+json_ decode.patch: Replace (un)serialize with json_encode/json_decode to mitigate PHP object injection. graphicsmagick (1.4~hg15978-1+deb10u1) unstable; urgency=medium . * Non-maintainer upload by the LTS Team. * CVE-2019-19953 heap-based buffer over-read in the function EncodeImage * CVE-2019-19951 heap-based buffer overflow in the function ImportRLEPixels * CVE-2019-19950 use-after-free in ThrowException and ThrowLoggedException haproxy (1.8.19-1+deb10u2) buster-security; urgency=medium . * Apply one patch to fix an overflow in HTTP/2 header handling. Fix CVE-2020-11100. haproxy (1.8.19-1+deb10u2~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. hbci4java (3.1.29+dfsg-1+deb10u1) buster; urgency=medium . * New upstream version 3.1.29+dfsg hbci4java (3.1.29+dfsg-1) unstable; urgency=medium . * New upstream version 3.1.29+dfsg hbci4java (3.1.24+dfsg-1) unstable; urgency=medium . * New upstream version 3.1.24+dfsg hbci4java (3.1.22+dfsg-1) unstable; urgency=medium . * New upstream version 3.1.22+dfsg * simplify d/watch hbci4java (3.1.21+dfsg-1) unstable; urgency=medium . * New upstream version 3.1.21+dfsg hbci4java (3.1.19+dfsg-1) unstable; urgency=medium . * New upstream version 3.1.19+dfsg hbci4java (3.1.18+dfsg-1) unstable; urgency=medium . * New upstream version 3.1.18+dfsg * Bump policy version (no changes) hbci4java (3.1.17+dfsg-1) unstable; urgency=medium . * New upstream version 3.1.17+dfsg hbci4java (3.1.15+dfsg-1) unstable; urgency=medium . * New upstream version 3.1.15+dfsg hbci4java (3.1.13+dfsg-1) unstable; urgency=medium . * New upstream version 3.1.13+dfsg hbci4java (3.1.9+dfsg-1) unstable; urgency=medium . * New upstream version 3.1.9+dfsg hbci4java (3.1.5+dfsg-1) unstable; urgency=medium . * New upstream version 3.1.5+dfsg hbci4java (3.1.4+dfsg-1) unstable; urgency=medium . * New upstream version 3.1.4+dfsg hbci4java (3.1.2+dfsg-1) unstable; urgency=medium . * New upstream version 3.1.2+dfsg hbci4java (3.0.24+dfsg-1) unstable; urgency=medium . * New upstream version 3.0.24+dfsg * Bump policy version (no changes) * switch to debhelper-compat and debhelper 12 * add Salsa CI hibiscus (2.8.21+dfsg-1+deb10u1) buster; urgency=medium . * New upstream version 2.8.21+dfsg (Closes: #946794) * Update copyright * Depend on new hbci4java version hibiscus (2.8.21+dfsg-1) unstable; urgency=medium . * simplify d/watch * New upstream version 2.8.21+dfsg * Rebase patches * Bump policy versions (no changes) hibiscus (2.8.18+dfsg-2) unstable; urgency=medium . * Add patch for version check hibiscus (2.8.18+dfsg-1) unstable; urgency=medium . * New upstream version 2.8.18+dfsg hibiscus (2.8.16+dfsg-1) unstable; urgency=medium . * New upstream version 2.8.16+dfsg hibiscus (2.8.15+dfsg-1) unstable; urgency=medium . * Update build deps * New upstream version 2.8.15+dfsg * Fix documentation. Thanks to Daniele Forsi (Closes: #939732) hibiscus (2.8.14+dfsg-1) unstable; urgency=medium . * New upstream version 2.8.14+dfsg hibiscus (2.8.13+dfsg-2) unstable; urgency=medium . * {Build-,}Depends on the new hbci4java release hibiscus (2.8.13+dfsg-1) unstable; urgency=medium . * New upstream version 2.8.13+dfsg * Update copyright * Bump policy version (no changes) * switch to debhelper-compat and debhelper 12 * add Salsa CI icu (63.1-6+deb10u1) buster-security; urgency=high . * Backport upstream security fix for CVE-2020-10531: SEGV_MAPERR in UnicodeString::doAppend() (closes: #953747). iputils (3:20180629-2+deb10u1) buster; urgency=medium . * Incorporate patches from Benjamin Poirier <benjamin.poirier@gmail.com> to correct an issue in which ping would improperly exit with a failure code when there were untried addresses still available in the getaddrinfo() library call return value. (Closes: #947921) ircd-hybrid (1:8.2.24+dfsg.1-1+deb10u1) buster; urgency=medium . * Use dhparam.pem to avoid segfault on startup (Closes: #932774) jekyll (3.8.3+dfsg-4+deb10u1) buster; urgency=medium . * Team upload. * d/control (Vcs-Git): Add branch information. * d/patches/0017-allow-jekyll-to-run-with-ruby-i18n-1.x.patch: Add patch. - Allow ruby-i18n 0.x and 1.x (closes: #948215). * d/patches/series: Add patch. jsp-api (2.3.4-2+deb10u1) buster; urgency=medium . * Team upload. * Change Breaks and Replaces for libservlet3.1-java to << 9 and fix dpkg error when upgrading tomcat 8 from Stretch to Buster. lemonldap-ng (2.0.2+ds-7+deb10u3) buster; urgency=medium . * Fix default configuration to prevent unwanted access to admin endpoints (Closes: CVE-2019-19791) * Fix the GrantSession plugin which could not prohibit logon when a 2FA was used * Fix for OIDC: any redirection where allowed when relaying party was configured without redirect_uri * Update debian/NEWS libdatetime-timezone-perl (1:2.23-1+2020a) buster; urgency=medium . * Update to Olson database version 2020a. This update contains contemporary changes for Morocco and the Yukon. libexif (0.6.21-5.1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix out of bound write in exif-data.c (CVE-2019-9278) (Closes: #945948) libpam-krb5 (4.8-2+deb10u1) buster-security; urgency=high . * SECURITY: Fix potential one-byte buffer overflow when the underlying Kerberos library initiates prompting (such as for PKINIT or when the no_prompt PAM option is set). (CVE-2020-10595) libreoffice (1:6.1.5-3+deb10u6) buster; urgency=medium . * debian/patches/glm-0.9.9-ctor.diff: add from master, fix opengl slide transitions with glm >= 0.9.9 (closes: #917927) libssh (0.8.7-1+deb10u1) buster; urgency=medium . * Fix possible DoS in client and server when handling AES-CTR keys with OpenSSL, cherry-picked from upstream (Closes: #956308 CVE-2020-1730) libvncserver (0.9.11+dfsg-1.3+deb10u3) buster; urgency=medium . [ Antoni Villalonga ] * debian/patches: + Add CVE-2019-15690 patch. libvncclient/cursor: limit width/height input values. Avoids a possible heap overflow reported by Pavel Cheremushkin. (Closes: #954163). libxmlrpc3-java (3.1.3-9+deb10u1) buster-security; urgency=high . * Team upload. * Fix CVE-2019-17570: An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. . Clients that expect to get server-side exceptions need to set the enabledForExceptions property to true in order to process serialized exception messages. (Closes: #949089) linux (4.19.118-2) buster; urgency=medium . * Merge changes from 4.19.67-2+deb10u2 to include all security fixes from DSA 4667-1. linux (4.19.118-1) buster; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.99 - Revert "efi: Fix debugobjects warning on 'efi_rts_work'" - xfs: Sanity check flags of Q_XQUOTARM call - [x86] mfd: intel-lpss: Add default I2C device properties for Gemini Lake - SUNRPC: Fix svcauth_gss_proxy_init() - [powerpc*] pseries: Enable support for ibm,drc-info property - tipc: update mon's self addr when node addr generated - tipc: fix wrong timeout input for tipc_wait_for_cond() - mt7601u: fix bbp version check in mt7601u_wait_bbp_ready - [armhf] crypto: sun4i-ss - fix big endian issues - perf map: No need to adjust the long name of modules - ipmi: Fix memory leak in __ipmi_bmc_register (CVE-2019-19046) - ixgbe: don't clear IPsec sa counters on HW clearing - drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() - iio: fix position relative kernel version - apparmor: Fix network performance issue in aa_label_sk_perm - ALSA: hda: fix unused variable warning - apparmor: don't try to replace stale label in ptrace access check - firmware: coreboot: Let OF core populate platform device - bridge: br_arp_nd_proxy: set icmp6_router if neigh has NTF_ROUTER - [arm64] drm/hisilicon: hibmc: Don't overwrite fb helper surface depth - IB/rxe: replace kvfree with vfree - [amd64] IB/hfi1: Add mtu check for operational data VLs - genirq/debugfs: Reinstate full OF path for domain name - [arm64] usb: dwc3: add EXTCON dependency for qcom - cfg80211: regulatory: make initialization more robust - [x86] mei: replace POLL* with EPOLL* for write queues. - [arm64] drm/msm: fix unsigned comparison with less than zero - ALSA: usb-audio: update quirk for B&W PX to remove microphone - iwlwifi: nvm: get num of hw addresses from firmware - netfilter: nft_osf: usage from output path is not valid - [x86] pwm: lpss: Release runtime-pm reference from the driver's remove callback - [powerpc*] pseries/memory-hotplug: Fix return value type of find_aa_index - rtlwifi: rtl8821ae: replace _rtl8821ae_mrate_idx_to_arfr_id with generic version - netfilter: nf_flow_table: do not remove offload when other netns's interface is down - tipc: eliminate message disordering during binding table update - [arm64] net: socionext: Add dummy PHY register read in phy_write() - [arm64,armhf] drm/sun4i: hdmi: Fix double flag assignation - [arm64] net: hns3: add error handler for hns3_nic_init_vector_data() - pcrypt: use format specifier in kobject_add - [armhf] ASoC: sun8i-codec: add missing route for ADC - [arm64] pinctrl: meson-gxl: remove invalid GPIOX tsin_a pins - [armhf] bus: ti-sysc: Add mcasp optional clocks flag - exportfs: fix 'passing zero to ERR_PTR()' warning - net: always initialize pagedlen - net: phy: Fix not to call phy_resume() if PHY is not attached - [amd64] IB/hfi1: Correctly process FECN and BECN in packets - IB/rxe: Fix incorrect cache cleanup in error flow - ipv6: add missing tx timestamping on IPPROTO_RAW - [arm64] net: hns3: fix error handling int the hns3_get_vector_ring_chain - vxlan: changelink: Fix handling of default remotes - fork,memcg: fix crash in free_thread_stack on memcg charge fail - [armhf] clk: highbank: fix refcount leak in hb_clk_init() - [armhf] clk: ti: fix refcount leak in ti_dt_clocks_register() - [armhf] clk: socfpga: fix refcount leak - [armhf] clk: samsung: exynos4: fix refcount leak in exynos4_get_xom() - [armhf] clk: imx6q: fix refcount leak in imx6q_clocks_init() - [armhf] clk: imx6sx: fix refcount leak in imx6sx_clocks_init() - [armhf] clk: armada-370: fix refcount leak in a370_clk_init() - [armel] clk: kirkwood: fix refcount leak in kirkwood_clk_init() - [armhf] clk: armada-xp: fix refcount leak in axp_clk_init() - [armhf] clk: mv98dx3236: fix refcount leak in mv98dx3236_clk_init() - [armhf] clk: dove: fix refcount leak in dove_clk_init() - drm: Fix error handling in drm_legacy_addctx - [armhf] drm/etnaviv: fix some off by one bugs - drm/fb-helper: generic: Fix setup error path - fork, memcg: fix cached_stacks case - [amd64] IB/usnic: Fix out of bounds index check in query pkey - RDMA/ocrdma: Fix out of bounds index check in query pkey - RDMA/qedr: Fix out of bounds index check in query pkey - RDMA/iw_cxgb4: Fix the unchecked ep dereference - net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ9031 - [armhf] memory: tegra: Don't invoke Tegra30+ specific memory timing setup on Tegra20 - [armhf] drm/etnaviv: NULL vs IS_ERR() buf in etnaviv_core_dump() - kbuild: mark prepare0 as PHONY to fix external module build - crypto: tgr192 - fix unaligned memory access - [armhf] ASoC: imx-sgtl5000: put of nodes if finding codec fails - IB/iser: Pass the correct number of entries for dma mapped SGL - [arm64] net: hns3: fix wrong combined count returned by ethtool -l - IB/mlx5: Don't override existing ip_protocol - rtc: cmos: ignore bogus century byte - [i386] spi/topcliff_pch: Fix potential NULL dereference on allocation error - [arm64] net: hns3: fix bug of ethtool_ops.get_channels for VF - [armhf] clk: sunxi-ng: sun8i-a23: Enable PLL-MIPI LDOs when ungating it - iwlwifi: mvm: avoid possible access out of array. - net/mlx5: Take lock with IRQs disabled to avoid deadlock - ip_tunnel: Fix route fl4 init in ip_md_tunnel_xmit - iwlwifi: mvm: fix A-MPDU reference assignment - [armhf] bus: ti-sysc: Fix timer handling with drop pm_runtime_irq_safe() - [x86] tty: ipwireless: Fix potential NULL pointer dereference - driver: uio: fix possible memory leak in __uio_register_device - driver: uio: fix possible use-after-free in __uio_register_device - driver core: Fix DL_FLAG_AUTOREMOVE_SUPPLIER device link flag handling - driver core: Avoid careless re-use of existing device links - driver core: Do not resume suppliers under device_links_write_lock() - driver core: Fix handling of runtime PM flags in device_link_add() - driver core: Do not call rpm_put_suppliers() in pm_runtime_drop_link() - drm/xen-front: Fix mmap attributes for display buffers - iwlwifi: mvm: fix RSS config command - [mips*] rtc: ds1672: fix unintended sign extension - ath10k: fix dma unmap direction for management frames - net: phy: fixed_phy: Fix fixed_phy not checking GPIO - rtc: ds1307: rx8130: Fix alarm handling - net/smc: original socket family in inet_sock_diag - [arm64] rtc: pm8xxx: fix unintended sign extension - iw_cxgb4: use tos when importing the endpoint - iw_cxgb4: use tos when finding ipv6 routes - xsk: add missing smp_rmb() in xsk_mmap - [armhf] drm/etnaviv: potential NULL dereference - RDMA/mlx5: Fix memory leak in case we fail to add an IB device - driver core: Fix possible supplier PM-usage counter imbalance - [armhf] usb: phy: twl6030-usb: fix possible use-after-free on remove - block: don't use bio->bi_vcnt to figure out segment number - keys: Timestamp new keys - [armhf] net: dsa: b53: Fix default VLAN ID - [armhf] net: dsa: b53: Properly account for VLAN filtering - [armhf] net: dsa: b53: Do not program CPU port's PVID - mt76: usb: fix possible memory leak in mt76u_buf_free - vfio_pci: Enable memory accesses before calling pci_map_rom - mdio_bus: Fix PTR_ERR() usage after initialization to constant - [powerpc*] KVM: Release all hardware TCE tables attached to a group - [x86] staging: r8822be: check kzalloc return or bail - [arm*] dmaengine: mv_xor: Use correct device for DMA API - cdc-wdm: pass return value of recover_from_urb_loss - brcmfmac: create debugfs files for bus-specific layer - net/mlx5: Delete unused FPGA QPN variable - drm/nouveau/bios/ramcfg: fix missing parentheses when calculating RON - drm/nouveau/pmu: don't print reply values if exec is false - drm/nouveau: fix missing break in switch statement - driver core: Fix PM-runtime for links added during consumer probe - [arm64] ASoC: qcom: Fix of-node refcount unbalance in apq8016_sbc_parse_of() - [arm64,armhf] net: dsa: fix unintended change of bridge interface STP state - fs/nfs: Fix nfs_parse_devname to not modify it's argument - [x86] staging: rtlwifi: Use proper enum for return in halmac_parse_psd_data_88xx - [ppc64el] 64s: Fix logic when handling unknown CPU features - NFS: Fix a soft lockup in the delegation recovery code - perf: Copy parent's address filter offsets on clone - perf, pt, coresight: Fix address filters for vmas with non-zero offset - [armhf] clocksource/drivers/sun5i: Fail gracefully when clock rate is unavailable - [armhf] clocksource/drivers/exynos_mct: Fix error path in timer resources initialization - [x86] platform/x86: wmi: fix potential null pointer dereference - NFS/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount - ath10k: Fix length of wmi tlv command for protected mgmt frames - netfilter: nft_set_hash: fix lookups with fixed size hash on big endian - netfilter: nft_set_hash: bogus element self comparison from deactivation path - net: sched: act_csum: Fix csum calc for tagged packets - [arm*] hwrng: bcm2835 - fix probe as platform device - [amd64] iommu/vt-d: Fix NULL pointer reference in intel_svm_bind_mm() - NFS: Add missing encode / decode sequence_maxsz to v4.2 operations - NFSv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE() - [amd64] net: aquantia: fixed instack structure overflow - media: dvb/earth-pt1: fix wrong initialization for demod blocks - rbd: clear ->xferred on error from rbd_obj_issue_copyup() - PCI: Fix "try" semantics of bus and slot reset - scsi: megaraid_sas: reduce module load time - xen, cpu_hotplug: Prevent an out of bounds access - net/mlx5: Fix multiple updates of steering rules in parallel - net/mlx5e: IPoIB, Fix RX checksum statistics update - [arm64,armhf] soc: amlogic: gx-socinfo: Add mask for each SoC packages - media: ivtv: update *pos correctly in ivtv_read_pos() - media: cx18: update *pos correctly in cx18_read_pos() - [armhf] media: wl128x: Fix an error code in fm_download_firmware() - media: cx23885: check allocation return - jfs: fix bogus variable self-initialization - [armhf] dts: sun9i: optimus: Fix fixed-regulators - net: phy: don't clear BMCR in genphy_soft_reset - [armhf] OMAP2+: Fix potentially uninitialized return value for _setup_reset() - [arm64,armhf] net: dsa: Avoid null pointer when failing to connect to PHY - media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame - [arm64,armhf] spi: tegra114: clear packed bit for unpacked mode - [arm64,armhf] spi: tegra114: fix for unpacked mode transfers - [arm64,armhf] spi: tegra114: terminate dma and reset on transfer timeout - [arm64,armhf] spi: tegra114: flush fifos - [arm64,armhf] spi: tegra114: configure dma burst size to fifo trig level - [armhf] bus: ti-sysc: Fix sysc_unprepare() when no clocks have been allocated - [arm*] spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios - drm/fb-helper: generic: Call drm_client_add() after setup is done - [arm64] vdso: don't leak kernel addresses - rtc: Fix timestamp value for RTC_TIMESTAMP_BEGIN_1900 - bpf: Add missed newline in verifier verbose log - [x86] drm/vmwgfx: Remove set but not used variable 'restart' - scsi: qla2xxx: Unregister chrdev if module initialization fails - net/sched: cbs: fix port_rate miscalculation - ACPI: button: reinitialize button state upon resume - [arm64,armhf] firmware: arm_scmi: fix of_node leak in scmi_mailbox_check - rxrpc: Fix detection of out of order acks - scsi: target/core: Fix a race condition in the LUN lookup code - brcmfmac: fix leak of mypkt on error return path - [arm64] net: hns3: fix for vport->bw_limit overflow problem - [x86] hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses - perf/core: Fix the address filtering fix - [arm64,armhf] soc: amlogic: meson-gx-pwrc-vpu: Fix power on/off register bitmask - [x86] platform/x86: alienware-wmi: fix kfree on potentially uninitialized pointer - tipc: set sysctl_tipc_rmem and named_timeout right range - usb: typec: tcpm: Notify the tcpc to start connection-detection for SRPs - [arm64] net: hns3: fix loop condition of hns3_get_tx_timeo_queue_info() - 6lowpan: Off by one handling ->nexthdr - ALSA: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() - afs: Fix AFS file locking to allow fine grained locks - afs: Further fix file locking - NFS: Don't interrupt file writeout due to fatal errors - scsi: qla2xxx: Fix a format specifier - scsi: qla2xxx: Fix error handling in qlt_alloc_qfull_cmd() - scsi: qla2xxx: Avoid that qlt_send_resp_ctio() corrupts memory - [ppc64el] KVM: PPC: Book3S HV: Fix lockdep warning when entering the guest - netfilter: nft_flow_offload: add entry to flowtable after confirmation - packet: in recvmsg msg_name return at least sizeof sockaddr_ll - ASoC: fix valid stream condition - [arm*] dwc2: gadget: Fix completed transfer size calculation in DDMA - IB/mlx5: Add missing XRC options to QP optional params mask - RDMA/rxe: Consider skb reserve space based on netdev of GID - [amd64] iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU - [arm64] dmaengine: tegra210-adma: restore channel status - mmc: core: fix possible use after free of host - ath10k: Fix encoding for protected management frames - afs: Fix the afs.cell and afs.volume xattr handlers - l2tp: Fix possible NULL pointer dereference - [x86] platform/x86: alienware-wmi: printing the wrong error code - netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule - [arm64,armhf] pwm: meson: Consider 128 a valid pre-divider - [arm64,armhf] pwm: meson: Don't disable PWM when setting duty repeatedly - nfp: bpf: fix static check error through tightening shift amount adjustment - netfilter: nf_tables: correct NFT_LOGLEVEL_MAX value - [arm*] thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power - EDAC/mc: Fix edac_mc_find() in case no device is found - afs: Fix key leak in afs_release() and afs_evict_inode() - afs: Don't invalidate callback if AFS_VNODE_DIR_VALID not set - afs: Fix lock-wait/callback-break double locking - afs: Fix double inc of vnode->cb_break - [armhf] dts: sun8i-h3: Fix wifi in Beelink X2 DT - [arm64] clk: meson: gxbb: no spread spectrum on mpll0 - [arm64] clk: meson: axg: spread spectrum is on mpll2 - [arm64] dmaengine: tegra210-adma: Fix crash during probe - [arm64] dts: meson: libretech-cc: set eMMC as removable - RDMA/qedr: Fix incorrect device rate. - [x86] crypto: ccp - fix AES CFB error exposed by new test vectors - [x86] crypto: ccp - Fix 3DES complaint from ccp-crypto module - iommu: Add missing new line for dma type - iommu: Use right function to get group for device - signal/cifs: Fix cifs_put_tcp_session to call send_sig instead of force_sig - inet: frags: call inet_frags_fini() after unregister_pernet_subsys() - [arm64] net: hns3: fix a memory leak issue for hclge_map_unmap_ring_to_vf_vector - [x86] netvsc: unshare skb in VF rx handler - net: core: support XDP generic on stacked devices. - RDMA/uverbs: check for allocation failure in uapi_add_elm() - net: don't clear sock->sk early to avoid trouble in strparser - [arm64] phy: qcom-qusb2: fix missing assignment of ret when calling clk_prepare_enable - [arm64] clk: sunxi-ng: sun50i-h6-r: Fix incorrect W1 clock gate register - media: vivid: fix incorrect assignment operation when setting video mode - [arm64] crypto: inside-secure - fix zeroing of the request in ahash_exit_inv - [arm64] crypto: inside-secure - fix queued len computation - mpls: fix warning with multi-label encap - [arm64] dts: meson-gxm-khadas-vim2: fix gpio-keys-polled node - [arm64] dts: meson-gxm-khadas-vim2: fix Bluetooth support - [amd64] iommu/vt-d: Duplicate iommu_resv_region objects per device list - qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state - qed: iWARP - fix uninitialized callback - [powerpc*] cacheinfo: add cacheinfo_teardown, cacheinfo_rebuild - [powerpc*] pseries/mobility: rebuild cacheinfo hierarchy post-migration - bpf: fix the check that forwarding is enabled in bpf_ipv6_fib_lookup - [amd64] IB/hfi1: Handle port down properly in pio - [arm64] drm/msm/mdp5: Fix mdp5_cfg_init error return - net: netem: fix backlog accounting for corrupted GSO frames - net/udp_gso: Allow TX timestamp with UDP GSO - [s390x] net/af_iucv: build proper skbs for HiperTransport - [s390x] net/af_iucv: always register net_device notifier - [armhf] ASoC: ti: davinci-mcasp: Fix slot mask settings when using multiple AXRs - rtc: pcf8563: Fix interrupt trigger method - rtc: pcf8563: Clear event flags and disable interrupts before requesting irq - net/sched: cbs: Fix error path of cbs_module_init - [arm64] drm/msm/a3xx: remove TPL1 regs from snapshot - ip6_fib: Don't discard nodes with valid routing information in fib6_locate_1() - perf/ioctl: Add check for the sample_period value - [x86] dmaengine: hsu: Revert "set HSU_CH_MTSR to memory width" - tools: bpftool: use correct argument in cgroup errors - fork,memcg: alloc_thread_stack_node needs to set tsk->stack - bnxt_en: Fix ethtool selftest crash under error conditions. - bnxt_en: Suppress error messages when querying DSCP DCB capabilities. - [amd64] iommu: Make iommu_disable safer - [x86] mfd: intel-lpss: Release IDA resources - rxrpc: Fix uninitialized error code in rxrpc_send_data_packet() - xprtrdma: Fix use-after-free in rpcrdma_post_recvs - PM: ACPI/PCI: Resume all devices during hibernation - ACPI: PM: Simplify and fix PM domain hibernation callbacks - ACPI: PM: Introduce "poweroff" callbacks for ACPI PM domain and LPSS - devres: allow const resource arguments - [arm64] RDMA/hns: Fixs hw access invalid dma memory error - ceph: fix "ceph.dir.rctime" vxattr value - xdp: fix possible cq entry leak - scsi: libfc: fix null pointer dereference on a null lport - xfrm interface: ifname may be wrong in logs - [armhf] clk: sunxi-ng: v3s: add the missing PLL_DDR1 - PM: sleep: Fix possible overflow in pm_system_cancel_wakeup() - libertas_tf: Use correct channel range in lbtf_geo_init - qed: reduce maximum stack frame size - usb: host: xhci-hub: fix extra endianness conversion - [x86] crypto: ccp - Reduce maximum stack usage - tipc: reduce risk of wakeup queue starvation - net/mlx5: Fix mlx5_ifc_query_lag_out_bits - cifs: fix rmmod regression in cifs.ko caused by force_sig changes - net: fix bpf_xdp_adjust_head regression for generic-XDP - cxgb4: smt: Add lock for atomic_dec_and_test - ext4: set error return correctly when ext4_htree_store_dirent fails - [arm64] RDMA/hns: Bugfix for slab-out-of-bounds when unloading hip08 driver - [arm64] RDMA/hns: bugfix for slab-out-of-bounds when loading hip08 driver - net/rds: Add a few missing rds_stat_names entries - tools: bpftool: fix arguments for p_err() in do_event_pipe() - tools: bpftool: fix format strings and arguments for jsonw_printf() - bnxt_en: Fix handling FRAG_ERR when NVM_INSTALL_UPDATE cmd fails - signal: Allow cifs and drbd to receive their terminating signals - [ppc64el] 64s/radix: Fix memory hot-unplug page table split - [x86] dmaengine: dw: platform: Switch to acpi_dma_controller_register() - mac80211: minstrel_ht: fix per-group max throughput rate initialization - i40e: reduce stack usage in i40e_set_fc - [armhf] 8896/1: VDSO: Don't leak kernel addresses - [mips*] avoid explicit UB in assignment of mips_io_port_base - media: em28xx: Fix exception handling in em28xx_alloc_urbs() - ahci: Do not export local variable ahci_em_messages - rxrpc: Fix lack of conn cleanup when local endpoint is cleaned up - Partially revert "kfifo: fix kfifo_alloc() and kfifo_init()" - hwmon: (lm75) Fix write operations for negative temperatures - net/sched: cbs: Set default link speed to 10 Mbps in cbs_set_port_rate - power: supply: Init device wakeup after device_add() - [x86] perf: Fix the dependency of the x86 insn decoder selftest - irqdomain: Add the missing assignment of domain->fwnode for named fwnode - bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA - bcache: Fix an error code in bch_dump_read() - netfilter: ctnetlink: honor IPS_OFFLOAD flag - [arm64] wcn36xx: use dynamic allocation for large variables - xsk: avoid store-tearing when assigning queues - xsk: avoid store-tearing when assigning umem - led: triggers: Fix dereferencing of null pointer - [arm64] net: hns3: fix error VF index when setting VLAN offload - rtlwifi: Fix file release memory leak - f2fs: fix wrong error injection path in inc_valid_block_count() - f2fs: fix error path of f2fs_convert_inline_page() - [x86] scsi: fnic: fix msix interrupt allocation - Btrfs: fix hang when loading existing inode cache off disk - Btrfs: fix inode cache waiters hanging on failure to start caching thread - Btrfs: fix inode cache waiters hanging on path allocation failure - btrfs: use correct count in btrfs_file_write_iter() - ixgbe: sync the first fragment unconditionally - ath10k: adjust skb length in ath10k_sdio_mbox_rx_packet - RDMA/cma: Fix false error message - net/rds: Fix 'ib_evt_handler_call' element in 'rds_ib_stat_names' - bnxt_en: Increase timeout for HWRM_DBG_COREDUMP_XX commands - f2fs: fix to avoid accessing uninitialized field of inode page in is_alive() - [powerpc*] mm/mce: Keep irqs disabled during lockless page table walk - bpf: fix BTF limits - [amd64] iommu: Wait for completion of IOTLB flush in attach_device - [amd64] net: aquantia: Fix aq_vec_isr_legacy() return value - cxgb4: Signedness bug in init_one() - [arm64] net: hisilicon: Fix signedness bug in hix5hd2_dev_probe() - [arm64] net: netsec: Fix signedness bug in netsec_probe() - [arm64,armhf] net: stmmac: dwmac-meson8b: Fix signedness bug in probe - of: mdio: Fix a signedness bug in of_phy_get_and_connect() - [arm64] net: ethernet: stmmac: Fix signedness bug in ipq806x_gmac_of_parse() - net: sched: cbs: Avoid division by zero when calculating the port rate - nvme: retain split access workaround for capability reads - [arm64,armhf] net: stmmac: gmac4+: Not all Unicast addresses may be available - rxrpc: Fix trace-after-put looking at the put connection record - mac80211: accept deauth frames in IBSS mode - llc: fix another potential sk_buff leak in llc_ui_sendmsg() - llc: fix sk_buff refcounting in llc_conn_state_process() - ip6erspan: remove the incorrect mtu limit for ip6erspan - [arm64,armhf] net: stmmac: fix length of PTP clock's name string - [arm64,armhf] net: stmmac: fix disabling flexible PPS output - sctp: add chunks to sk_backlog when the newsk sk_socket is not set - [s390x] qeth: Fix error handling during VNICC initialization - [s390x] qeth: Fix initialization of vnicc cmd masks during set online - act_mirred: Fix mirred_init_module error handling - net: avoid possible false sharing in sk_leave_memory_pressure() - net: add {READ|WRITE}_ONCE() annotations on ->rskq_accept_head - tcp: annotate lockless access to tcp_memory_pressure - net/smc: receive returns without data - net/smc: receive pending data after RCV_SHUTDOWN - [arm64] drm/msm/dsi: Implement reset correctly - [armhf] dmaengine: imx-sdma: fix size check for sdma script_number - [arm64] hibernate: check pgd table allocation - net: netem: fix error path for corrupted GSO frames - net: netem: correct the parent's backlog when corrupted packet was dropped - xsk: Fix registration of Rx-only sockets - bpf, offload: Unlock on error in bpf_offload_dev_create() - afs: Fix missing timeout reset - [x86] hv_netvsc: Fix offset usage in netvsc_send_table() - [x86] hv_netvsc: Fix send_table offset in case of a host bug - afs: Fix large file support - [armhf] hwrng: omap3-rom - Fix missing clock by probing with device tree - [mips64el,mipsel] Loongson: Fix return value of loongson_hwmon_init - [x86] hv_netvsc: flag software created hash value - net: neigh: use long type to store jiffies delta - packet: fix data-race in fanout_flow_is_huge() - affs: fix a memory leak in affs_remount - afs: Remove set but not used variables 'before', 'after' - [armhf] dmaengine: ti: edma: fix missed failure handling - drm/radeon: fix bad DMA from INTERRUPT_CNTL2 - [arm64] dts: meson-gxm-khadas-vim2: fix uart_A bluetooth node https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.100 - can, slip: Protect tty->disc_data in write_wakeup and close with RCU - [x86] firestream: fix memory leaks - gtp: make sure only SOCK_DGRAM UDP sockets are accepted - ipv6: sr: remove SKB_GSO_IPXIP6 on End.D* actions - net: cxgb3_main: Add CAP_NET_ADMIN check to CHELSIO_GET_MEM - net: ip6_gre: fix moving ip6gre between namespaces - net, ip6_tunnel: fix namespaces move - net, ip_tunnel: fix namespaces move - net: rtnetlink: validate IFLA_MTU attribute in rtnl_create_link() - net_sched: fix datalen for ematch - net-sysfs: Fix reference count leak in rx|netdev_queue_add_kobject - net-sysfs: fix netdev_queue_add_kobject() breakage - net-sysfs: Call dev_hold always in netdev_queue_add_kobject - net-sysfs: Call dev_hold always in rx_queue_add_kobject - net-sysfs: Fix reference count leak - net: usb: lan78xx: Add .ndo_features_check - Revert "udp: do rmem bulk free even if the rx sk queue is empty" - tcp_bbr: improve arithmetic division in bbr_update_bw() - tcp: do not leave dangling pointers in tp->highest_sack - tun: add mutex_unlock() call and napi.skb clearing in tun_get_user() - afs: Fix characters allowed into cell names - hwmon: (adt7475) Make volt2reg return same reg as reg2volt input - hwmon: (core) Do not use device managed functions for memory allocations - PCI: Mark AMD Navi14 GPU rev 0xc5 ATS as broken - tracing: trigger: Replace unneeded RCU-list traversals - Input: keyspan-remote - fix control-message timeouts - [x86] Revert "Input: synaptics-rmi4 - don't increment rmiaddr for SMBus transfers" - [arm64,armhf] mmc: tegra: fix SDR50 tuning override - mmc: sdhci: fix minimum clock rate for v3 controller - [arm64] Documentation: Document arm64 kpti control - Input: sur40 - fix interface sanity checks - Input: gtco - fix endpoint sanity check - Input: aiptek - fix endpoint sanity check - Input: pegasus_notetaker - fix endpoint sanity check - [armhf] Input: sun4i-ts - add a check for devm_thermal_zone_of_sensor_register - netfilter: nft_osf: add missing check for DREG attribute - hwmon: (nct7802) Fix voltage limits to wrong registers - do_last(): fetch directory ->i_mode and ->i_uid before it's too late (CVE-2020-8428) - sd: Fix REQ_OP_ZONE_REPORT completion handling - [i386] crypto: geode-aes - switch to skcipher for cbc(aes) fallback - media: v4l2-ioctl.c: zero reserved fields for S/TRY_FMT - scsi: iscsi: Avoid potential deadlock in iscsi_if_rx func - netfilter: ipset: use bitmap infrastructure completely - netfilter: nf_tables: add __nft_chain_type_get() - mm/memory_hotplug: make remove_memory() take the device_hotplug_lock - mm, sparse: drop pgdat_resize_lock in sparse_add/remove_one_section() - mm, sparse: pass nid instead of pgdat to sparse_add_one_section() - drivers/base/memory.c: remove an unnecessary check on NR_MEM_SECTIONS - mm, memory_hotplug: add nid parameter to arch_remove_memory - mm/memory_hotplug: release memory resource after arch_remove_memory() - drivers/base/memory.c: clean up relics in function parameters - mm, memory_hotplug: update a comment in unregister_memory() - mm/memory_hotplug: make unregister_memory_section() never fail - mm/memory_hotplug: make __remove_section() never fail - [powerpc*] mm: Fix section mismatch warning - mm/memory_hotplug: make __remove_pages() and arch_remove_memory() never fail - [s390x] mm: implement arch_remove_memory() - mm/memory_hotplug: allow arch_remove_memory() without CONFIG_MEMORY_HOTREMOVE - drivers/base/memory: pass a block_id to init_memory_block() - mm/memory_hotplug: create memory block devices after arch_add_memory() - mm/memory_hotplug: remove memory block devices before arch_remove_memory() - mm/memory_hotplug: make unregister_memory_block_under_nodes() never fail - mm/memory_hotplug: remove "zone" parameter from sparse_remove_one_section - mm/hotplug: kill is_dev_zone() usage in __remove_pages() - drivers/base/node.c: simplify unregister_memory_block_under_nodes() - mm/memunmap: don't access uninitialized memmap in memunmap_pages() - mm/memory_hotplug: fix try_offline_node() - mm/memory_hotplug: shrink zones when offlining memory https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.101 - orinoco_usb: fix interface sanity check - rsi_91x_usb: fix interface sanity check - USB: serial: ir-usb: add missing endpoint sanity check - USB: serial: ir-usb: fix link-speed handling - USB: serial: ir-usb: fix IrLAP framing - [arm64,armhf] usb: dwc3: turn off VBUS when leaving host mode - staging: wlan-ng: ensure error return is actually returned - [x86] staging: vt6656: correct packet types for CTS protect, mode. - [x86] staging: vt6656: use NULLFUCTION stack on mac80211 - [x86] staging: vt6656: Fix false Tx excessive retries reporting. - [arm64,armel] serial: 8250_bcm2835aux: Fix line mismatch on driver unbind - component: do not dereference opaque pointer in debugfs - [x86] mei: me: add comet point (lake) H device ids - crypto: chelsio - fix writing tfm flags to wrong place - cifs: Fix memory allocation in __smb2_handle_cancelled_cmd() - ath9k: fix storage endpoint lookup - brcmfmac: fix interface sanity check - rtl8xxxu: fix interface sanity check - zd1211rw: fix storage endpoint lookup - net_sched: ematch: reject invalid TCF_EM_SIMPLE - net_sched: fix ops->bind_class() implementations - HID: multitouch: Add LG MELF0410 I2C touchscreen support - HID: Add quirk for Xin-Mo Dual Controller - HID: ite: Add USB id match for Acer SW5-012 keyboard dock - [x86] HID: Add quirk for incorrect input length on Lenovo Y720 - drivers/hid/hid-multitouch.c: fix a possible null pointer access. - [arm64] phy: qcom-qmp: Increase PHY ready timeout - drivers/net/b44: Change to non-atomic bit operations on pwol_mask - [i386] net: wan: sdla: Fix cast from pointer to integer of different size - [arm64] gpio: max77620: Add missing dependency on GPIOLIB_IRQCHIP - atm: eni: fix uninitialized variable warning - HID: steam: Fix input device disappearing - [x86] platform/x86: dell-laptop: disable kbd backlight on Inspiron 10xx - [amd64] PCI: Add DMA alias quirk for Intel VCA NTB - [amd64] iommu: Support multiple PCI DMA aliases in IRQ Remapping - usb-storage: Disable UAS on JMicron SATA enclosure - sched/fair: Add tmp_alone_branch assertion - sched/fair: Fix insertion in rq->leaf_cfs_rq_list - rsi: fix use-after-free on probe errors - rsi: fix memory leak on failed URB submission - rsi: fix non-atomic allocation in completion handler - crypto: af_alg - Use bh_lock_sock in sk_destruct - block: cleanup __blkdev_issue_discard() - block: fix 32 bit overflow in __blkdev_issue_discard() - [arm64] KVM: Write arch.mdcr_el2 changes since last vcpu_load on VHE https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.102 - vfs: fix do_last() regression - crypto: pcrypt - Fix user-after-free on module unload - perf c2c: Fix return type for histogram sorting comparision functions - PM / devfreq: Add new name attribute for sysfs - tools lib: Fix builds when glibc contains strlcpy() - ext4: validate the debug_want_extra_isize mount option at parse time - mm/mempolicy.c: fix out of bounds write in mpol_parse_str() - reiserfs: Fix memory leak of journal device string - media: digitv: don't continue if remote control state can't be read - media: af9005: uninitialized variable printked - media: vp7045: do not read uninitialized values if usb transfer fails - media: gspca: zero usb_buf - media: dvb-usb/dvb-usb-urb.c: initialize actlen to 0 - tomoyo: Use atomic_t for statistics counter - ttyprintk: fix a potential deadlock in interrupt context issue - Bluetooth: Fix race condition in hci_release_sock() - cgroup: Prevent double killing of css when enabling threaded cgroup - [armhf] dts: sun8i: a83t: Correct USB3503 GPIOs polarity - [armhf] dts: am57xx-beagle-x15/am57xx-idk: Remove "gpios" for endpoint dt nodes - [armhf] dts: beagle-x15-common: Model 5V0 regulator - [arm64] clk: sunxi-ng: h6-r: Fix AR100/R_APB2 parent order - mac80211: mesh: restrict airtime metric to peered established plinks - ASoC: rt5640: Fix NULL dereference on module unload - ixgbevf: Remove limit of 10 entries for unicast filter list - ixgbe: Fix calculation of queue with VFs and flow director on interface flap - igb: Fix SGMII SFP module discovery for 100FX/LX. - [x86] platform/x86: GPD pocket fan: Allow somewhat lower/higher temperature limits - qmi_wwan: Add support for Quectel RM500Q - wireless: fix enabling channel 12 for custom regulatory domain - cfg80211: Fix radar event during another phy CAC - mac80211: Fix TKIP replay protection immediately after key setup - netfilter: nft_tunnel: ERSPAN_VERSION must not be null - [armhf] net: dsa: bcm_sf2: Configure IMP port for 2Gb/sec - bnxt_en: Fix ipv6 RFS filter matching logic. - iwlwifi: Don't ignore the cap field upon mcc update - [armhf] dts: am335x-boneblack-common: fix memory size - vti[6]: fix packet tx through bpf_redirect() - xfrm interface: fix packet tx through bpf_redirect() - xfrm: interface: do not confirm neighbor when do pmtu update - scsi: fnic: do not queue commands during fwreset - [armhf] 8955/1: virt: Relax arch timer version check during early boot - [arm64] tee: optee: Fix compilation issue with nommu - airo: Fix possible info leak in AIROOLDIOCTL/SIOCDEVPRIVATE - airo: Add missing CAP_NET_ADMIN check in AIROOLDIOCTL/SIOCDEVPRIVATE - r8152: get default setting of WOL before initializing - qlcnic: Fix CPU soft lockup while collecting firmware dump - seq_tab_next() should increase position index - l2t_seq_next should increase position index - net: Fix skb->csum update in inet_proto_csum_replace16(). - btrfs: do not zero f_bavail if we have available space - perf report: Fix no libunwind compiled warning break s390 issue - mm/migrate.c: also overwrite error when it is bigger than zero https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.103 - [armhf] Revert "drm/sun4i: dsi: Change the start delay calculation" - ovl: fix lseek overflow on 32bit - kernel/module: Fix memleak in module_add_modinfo_attrs() - media: iguanair: fix endpoint sanity check - ocfs2: fix oops when writing cloned file - [x86] cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR - udf: Allow writing to 'Rewritable' partitions - printk: fix exclusive_console replaying - iwlwifi: mvm: fix NVM check for 3168 devices - gtp: use __GFP_NOWARN to avoid memalloc warning - l2tp: Allow duplicate session creation with UDP - net_sched: fix an OOB access in cls_tcindex - [arm64,armhf] net: stmmac: Delete txtimer in suspend() - bnxt_en: Fix TC queue mapping. - tcp: clear tp->total_retrans in tcp_disconnect() - tcp: clear tp->delivered in tcp_disconnect() - tcp: clear tp->data_segs{in|out} in tcp_disconnect() - tcp: clear tp->segs_{in|out} in tcp_disconnect() - rxrpc: Fix use-after-free in rxrpc_put_local() - rxrpc: Fix insufficient receive notification generation - rxrpc: Fix missing active use pinning of rxrpc_local object - rxrpc: Fix NULL pointer deref due to call->conn being cleared on disconnect - media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors - ipc/msg.c: consolidate all xxxctl_down() functions - tracing: Fix sched switch start/stop refcount racy updates - rcu: Avoid data-race in rcu_gp_fqs_check_wake() - brcmfmac: Fix memory leak in brcmf_usbdev_qinit - usb: gadget: f_ncm: Use atomic_t to track in-flight request - usb: gadget: f_ecm: Use atomic_t to track in-flight request - ALSA: usb-audio: Fix endianess in descriptor validation - ALSA: dummy: Fix PCM format loop in proc output - mm/memory_hotplug: fix remove_memory() lockdep splat - mm: move_pages: report the number of non-attempted pages - media/v4l2-core: set pages dirty upon releasing DMA buffers - media: v4l2-core: compat: ignore native command codes - media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments - irqdomain: Fix a memory leak in irq_domain_push_irq() - [x86] platform/x86: intel_scu_ipc: Fix interrupt support - [x86] ALSA: hda: Add Clevo W65_67SB the power_save blacklist - [arm64] KVM: Correct PSTATE on exception entry - [arm64,armhf] KVM: Correct CPSR on exception entry - [arm64,armhf] KVM: Correct AArch32 SPSR on exception entry - [arm64] KVM: Only sign-extend MMIO up to register width - [s390x] mm: fix dynamic pagetable upgrade for hugetlbfs - [powerpc*] pseries: Advance pfn if section is not present in lmb_is_removable() - smb3: fix signing verification of large reads - [arm64,armhf] PCI: tegra: Fix return value check of pm_runtime_get_sync() - [arm64,armhf] mmc: spi: Toggle SPI polarity, do not hardcode it - [x86] ACPI: video: Do not export a non working backlight interface on MSI MS-7721 boards - [x86] ACPI / battery: Deal with design or full capacity being reported as -1 - [x86] ACPI / battery: Use design-cap for capacity calculations if full-cap is not available - [x86] ACPI / battery: Deal better with neither design nor full capacity not being reported - alarmtimer: Unregister wakeup source when module get fails - ubifs: Reject unsupported ioctl flags explicitly - ubifs: don't trigger assertion on invalid no-key filename - ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag - ubifs: Fix deadlock in concurrent bulk-read and writepage - [i386] crypto: geode-aes - convert to skcipher API and make thread-safe - [x86] hv_balloon: Balloon up according to request page number - mfd: axp20x: Mark AXP20X_VBUS_IPSOUT_MGMT as volatile - crypto: api - Check spawn->alg under lock in crypto_drop_spawn - scsi: qla2xxx: Fix mtcp dump collection failure - ovl: fix wrong WARN_ON() in ovl_cache_update_ino() - f2fs: choose hardlimit when softlimit is larger than hardlimit in f2fs_statfs_project() - f2fs: fix miscounted block limit in f2fs_statfs_project() - f2fs: code cleanup for f2fs_statfs_project() - PM: core: Fix handling of devices deleted during system-wide resume - dm zoned: support zone sizes smaller than 128MiB - dm space map common: fix to ensure new block isn't already in use - dm crypt: fix benbi IV constructor crash if used in authenticated mode - dm: fix potential for q->make_request_fn NULL pointer - dm writecache: fix incorrect flush sequence when doing SSD mode commit - padata: Remove broken queue flushing - tracing: Annotate ftrace_graph_hash pointer with __rcu - tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu - ftrace: Add comment to why rcu_dereference_sched() is open coded - ftrace: Protect ftrace_graph_hash with ftrace_sync - [x86] crypto: ccp - set max RSA modulus size for v3 platform devices as well - crypto: pcrypt - Do not clear MAY_SLEEP flag in original request - crypto: api - Fix race condition in crypto_spawn_alg - scsi: qla2xxx: Fix unbound NVME response length - NFS: Fix memory leaks and corruption in readdir - NFS: Directory page cache pages need to be locked when read - jbd2_seq_info_next should increase position index - Btrfs: fix missing hole after hole punching and fsync when using NO_HOLES - btrfs: set trans->drity in btrfs_commit_transaction - Btrfs: fix race between adding and putting tree mod seq elements and nodes - [armhf] tegra: Enable PLLP bypass during Tegra124 LP1 - iwlwifi: don't throw error when trying to remove IGTK - mwifiex: fix unbalanced locking in mwifiex_process_country_ie() - sunrpc: expiry_time should be seconds not timeval - gfs2: move setting current->backing_dev_info - gfs2: fix O_SYNC write handling - drm/rect: Avoid division by zero - media: rc: ensure lirc is initialized before registering input device - xen/balloon: Support xend-based toolstack take two - watchdog: fix UAF in reboot notifier handling in watchdog core code - bcache: add readahead cache policy options via sysfs interface - eventfd: track eventfd_signal() recursion depth - aio: prevent potential eventfd recursion on poll - [x86] KVM: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks - [x86] KVM: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks - [x86] KVM: Protect pmu_intel.c from Spectre-v1/L1TF attacks - [x86] KVM: Protect DR-based index computations from Spectre-v1/L1TF attacks - [x86] KVM: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks - [x86] KVM: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF attacks - [x86] KVM: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks - [x86] KVM: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF attacks - [x86] KVM: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks - [x86] KVM: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c - [x86] KVM: Protect x86_decode_insn from Spectre-v1/L1TF attacks - [x86] KVM: Protect MSR-based index computations in fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks - [x86] KVM: Fix potential put_fpu() w/o load_fpu() on MPX platform - [ppc64el] KVM: Book3S HV: Uninit vCPU if vcore creation fails - [ppc64el] KVM: Book3S PR: Free shared page if mmu initialization fails - [x86] kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit (CVE-2019-3016) - [x86] KVM: Don't let userspace set host-reserved cr4 bits - [x86] KVM: Free wbinvd_dirty_mask if vCPU creation fails - [s390x] KVM: do not clobber registers during guest reset/store status - [arm64,armhf] clk: tegra: Mark fuse clock as critical - percpu: Separate decrypted varaibles anytime encryption can be enabled - scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type - scsi: csiostor: Adjust indentation in csio_device_reset - scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free - scsi: ufs: Recheck bkops level if bkops is disabled - [arm64] phy: qualcomm: Adjust indentation in read_poll_timeout - ext2: Adjust indentation in ext2_fill_super - [arm64] drm: msm: mdp4: Adjust indentation in mdp4_dsi_encoder_enable - IB/mlx5: Fix outstanding_pi index for GSI qps - IB/core: Fix ODP get user pages flow - nfsd: fix delay timer on 32-bit architectures - nfsd: fix jiffies/time_t mixup in LRU list - nfsd: Return the correct number of bytes written to the file - ubi: fastmap: Fix inverted logic in seen selfcheck - ubi: Fix an error pointer dereference in error handling code - bonding/alb: properly access headers in bond_alb_xmit() - [armhf] net: dsa: bcm_sf2: Only 7278 supports 2Gb/sec IMP port - [arm64,armhf] net: mvneta: move rx_dropped and rx_errors in per-cpu stats - net_sched: fix a resource leak in tcindex_set_parms() - net/mlx5: IPsec, Fix esp modify function attribute - net/mlx5: IPsec, fix memory leak at mlx5_fpga_ipsec_delete_sa_ctx - [arm64] net: macb: Remove unnecessary alignment check for TSO - [arm64] net: macb: Limit maximum GEM TX length in TSO - [armhf] net: dsa: b53: Always use dev->vlan_enabled in b53_configure_vlan() - ext4: fix deadlock allocating crypto bounce page from mempool - btrfs: use bool argument in free_root_pointers() - btrfs: free block groups after free'ing fs trees - btrfs: flush write bio if we loop in extent_write_cache_pages - [x86] KVM: mmu: Apply max PA check for MMIO sptes to 32-bit KVM - [x86] KVM: Use gpa_t for cr2/gpa to fix TDP support on 32-bit KVM - [x86] KVM: nVMX: vmread should not set rflags to specify success in case of #PF - KVM: Use vcpu-specific gva->hva translation when querying host page size - KVM: Play nice with read-only memslots when querying host page size - mm: zero remaining unavailable struct pages - mm: return zero_resv_unavail optimization - mm/page_alloc.c: fix uninitialized memmaps on a partially populated last section - cifs: fail i/o on soft mounts if sessionsetup errors out - [x86] apic/msi: Plug non-maskable MSI affinity race - clocksource: Prevent double add_timer_on() for watchdog_timer - perf/core: Fix mlock accounting in perf_mmap() - rxrpc: Fix service call disconnection https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.104 - ASoC: pcm: update FE/BE trigger order based on the command - [x86] hv_sock: Remove the accept port restriction - IB/mlx4: Fix memory leak in add_gid error flow - RDMA/netlink: Do not always generate an ACK for some netlink operations - RDMA/core: Fix locking in ib_uverbs_event_read - scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails - PCI/IOV: Fix memory leak in pci_iov_add_virtfn() - ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe - PCI: Don't disable bridge BARs when assigning bus resources - nfs: NFS_SWAP should depend on SWAP - NFS: Revalidate the file size on a fatal write error - NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes() - NFSv4: try lease recovery on NFS4ERR_EXPIRED - [arm64] serial: uartps: Add a timeout to the tx empty wait - [arm64] gpio: zynq: Report gpio direction at boot - spi: spi-mem: Add extra sanity checks on the op param - spi: spi-mem: Fix inverted logic in op sanity check - rtc: cmos: Stop using shared IRQ - [x86] platform/x86: intel_mid_powerbtn: Take a copy of ddata - [powerpc*] pseries/vio: Fix iommu_table use-after-free refcount warning - [powerpc*] pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW - [arm64] iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA - [arm64,armhf] KVM: vgic-its: Fix restoration of unmapped collections - [armel,armhf] 8949/1: mm: mark free_memmap as __init - [arm64] cpufeature: Fix the type of no FP/SIMD capability - [arm64] ptrace: nofpsimd: Fail FP/SIMD regset operations - [arm64,armhf] KVM: Fix young bit from mmu notifier - [arm64,armhf] KVM: Fix DFSR setting for non-LPAE aarch32 guests - [arm64,armhf] KVM: Make inject_abt32() inject an external abort instead - [arm64] KVM: pmu: Don't increment SW_INCR if PMCR.E is unset - mtd: onenand_base: Adjust indentation in onenand_read_ops_nolock - mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() - mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() - libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held - libertas: make lbs_ibss_join_existing() return error code on rates overflow - scsi: megaraid_sas: Do not initiate OCR if controller is not in ready state - [x86] stackframe: Move ENCODE_FRAME_POINTER to asm/frame.h - [x86] x86/stackframe, x86/ftrace: Add pt_regs frame annotations - [arm64] serial: uartps: Move the spinlock after the read of the tx empty - padata: fix null pointer deref of pd->pinst https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.105 - Input: synaptics - switch T470s to RMI4 by default - Input: synaptics - enable SMBus on ThinkPad L470 - Input: synaptics - remove the LEN0049 dmi id from topbuttonpad list - ALSA: usb-audio: Fix UAC2/3 effect unit parsing - ALSA: hda/realtek - Fix silent output on MSI-GL73 - ALSA: usb-audio: Apply sample rate quirk for Audioengine D1 - [arm64] cpufeature: Set the FP/SIMD compat HWCAP bits properly - [arm64] nofpsmid: Handle TIF_FOREIGN_FPSTATE flag cleanly - ALSA: usb-audio: sound: usb: usb true/false for bool return type - ALSA: usb-audio: Add clock validity quirk for Denon MC7000/MCX8000 - ext4: don't assume that mmp_nodename/bdevname have NUL - ext4: fix support for inode sizes > 1024 bytes - ext4: fix checksum errors with indexed dirs - ext4: add cond_resched() to ext4_protect_reserved_inode (CVE-2020-8992) - ext4: improve explanation of a mount failure caused by a misconfigured kernel - Btrfs: fix race between using extent maps and merging them - btrfs: ref-verify: fix memory leaks - btrfs: print message when tree-log replay starts - btrfs: log message when rw remount is attempted with unclean tree-log - [arm64] ssbs: Fix context-switch when SSBS is present on all CPUs - [x86] perf/x86/amd: Add missing L2 misses event spec to AMD Family 17h's event map - nvme: fix the parameter order for nvme_get_log in nvme_get_fw_slot_info - [amd64] IB/hfi1: Acquire lock to release TID entries when user file is closed - [amd64] IB/hfi1: Close window for pq and request coliding - IB/rdmavt: Reset all QPs when the device is shut down - RDMA/core: Fix invalid memory access in spec_filter_size - [amd64] RDMA/hfi1: Fix memory leak in _dev_comp_vect_mappings_create - RDMA/rxe: Fix soft lockup problem due to using tasklets in softirq - RDMA/core: Fix protection fault in get_pkey_idx_qp_list - [s390x] time: Fix clk type in get_tod_clock - [x86] perf/x86/intel: Fix inaccurate period in context switch for auto- reload - NFSv4.1 make cachethis=no for writes - jbd2: move the clearing of b_modified flag to the journal_unmap_buffer() - jbd2: do not clear the BH_Mapped flag when forgetting a metadata buffer - [x86] KVM: mmu: Fix struct guest_walker arrays for 5-level paging https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.106 - core: Don't skip generic XDP program execution for cloned SKBs - enic: prevent waking up stopped tx queues over watchdog reset - net/smc: fix leak of kernel memory to user space - net/sched: matchall: add missing validation of TCA_MATCHALL_FLAGS - net/sched: flower: add missing validation of TCA_FLOWER_FLAGS - [x86] KVM: nVMX: Use correct root level for nested EPT shadow page tables - [x86] drm/gma500: Fixup fbdev stolen size usage evaluation - cpu/hotplug, stop_machine: Fix stop_machine vs hotplug order - brcmfmac: Fix use after free in brcmf_sdio_readframes() - ext4: fix ext4_dax_read/write inode locking sequence for IOCB_NOWAIT - ALSA: ctl: allow TLV read operation for callback type of element in locked case - [powerpc*] powernv/iov: Ensure the pdn for VFs always contains a valid PE number - [amd64] iommu/vt-d: Fix off-by-one in PASID allocation - [x86] pinctrl: baytrail: Do not clear IRQ flags on direct-irq enabled pins - [x86] efi: Map the entire EFI vendor string before copying it - [mips64el,mipsel] Loongson: Fix potential NULL dereference in loongson3_platform_init() - [arm*] usb: dwc2: Fix IN FIFO allocation - [armel,armhf] clocksource/drivers/bcm2835_timer: Fix memory leak of timer - jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info when load journal - [armhf] pwm: omap-dmtimer: Simplify error handling - [s390x] pci: Fix possible deadlock in recover_store() - [powerpc*] iov: Move VF pdev fixup into pcibios_fixup_iov() - tracing: Fix tracing_stat return values in error handling paths - tracing: Fix very unlikely race of registering two stat tracers - ext4, jbd2: ensure panic when aborting with zero errno - ath10k: Correct the DMA direction for management tx buffers - nbd: add a flush_workqueue in nbd_start_device - [s390x] KVM: ENOTSUPP -> EOPNOTSUPP fixups - [arm64] clk: qcom: rcg2: Don't crash if our parent can't be found; return an error - drm/amdgpu: remove 4 set but not used variable in amdgpu_atombios_get_connector_info_from_object_table - [arm64,armhf] regulator: rk808: Lower log level on optional GPIOs being not available - NFC: port100: Convert cpu_to_le16(le16_to_cpu(E1) + E2) to use le16_add_cpu(). - selinux: fall back to ref-walk if audit is required - selinux: ensure we cleanup the internal AVC counters on error in avc_insert() - media: cx23885: Add support for AVerMedia CE310B - PCI: Add generic quirk for increasing D3hot delay - PCI: Increase D3 delay for AMD Ryzen5/7 XHCI controllers - media: v4l2-device.h: Explicitly compare grp{id,mask} to zero in v4l2_device macros - reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling - fore200e: Fix incorrect checks of NULL pointer dereference - netfilter: nft_tunnel: add the missing ERSPAN_VERSION nla_policy - ALSA: usx2y: Adjust indentation in snd_usX2Y_hwdep_dsp_status - orinoco: avoid assertion in case of NULL pointer - ACPICA: Disassembler: create buffer fields in ACPI_PARSE_LOAD_PASS1 - scsi: ufs: Complete pending requests in host reset and restore path - scsi: aic7xxx: Adjust indentation in ahc_find_syncrate - selinux: ensure we cleanup the internal AVC counters on error in avc_update() - dmaengine: Store module owner in dma_device struct - [arm64] clk: sunxi-ng: add mux and pll notifiers for A64 CPU clock - tools lib api fs: Fix gcc9 stringop-truncation compilation error - [x86] ACPI: button: Add DMI quirk for Razer Blade Stealth 13 late 2019 lid switch - mlx5: work around high stack usage with gcc - drm: remove the newline for CRC source name. - usbip: Fix unsafe unaligned pointer usage - udf: Fix free space reporting for metadata and virtual partitions - staging: rtl8188: avoid excessive stack usage - [amd64] IB/hfi1: Add software counter for ctxt0 seq drop - [armhf] soc/tegra: fuse: Correct straps' address for older Tegra124 device trees - [x86] efi: Don't panic or BUG() on non-critical error conditions - rcu: Use WRITE_ONCE() for assignments to ->pprev for hlist_nulls - [x86] nmi: Remove irq_work from the long duration NMI handler - driver core: platform: Prevent resouce overflow from causing infinite loops - driver core: Print device when resources present in really_probe() - bpf: Return -EBADRQC for invalid map type in __bpf_tx_xdp_map - drm/nouveau/secboot/gm20b: initialize pointer in gm20b_secboot_new() - drm/nouveau/gr/gk20a,gm200-: add terminators to method lists read from fw - drm/nouveau: Fix copy-paste error in nouveau_fence_wait_uevent_handler - drm/nouveau/fault/gv100-: fix memory leak on module unload - [x86] drm/vmwgfx: prevent memory leak in vmw_cmdbuf_res_add - [armhf] usb: musb: omap2430: Get rid of musb .set_vbus for omap2430 glue - [arm64] iommu/arm-smmu-v3: Use WRITE_ONCE() when changing validity of an STE - f2fs: set I_LINKABLE early to avoid wrong access by vfs - f2fs: free sysfs kobject - scsi: iscsi: Don't destroy session if there are outstanding connections - watchdog/softlockup: Enforce that timestamp is valid on boot - f2fs: fix memleak of kobject - [x86] mm: Fix NX bit clearing issue in kernel_map_pages_in_pgd - [armhf] pwm: omap-dmtimer: Remove PWM chip in .remove before making it unfunctional - btrfs: fix possible NULL-pointer dereference in integrity checks - btrfs: safely advance counter when looking up bio csums - btrfs: device stats, log when stats are zeroed - module: avoid setting info->name early in case we can fall back to info->mod->name - ALSA: hda/hdmi - add retry logic to parse_intel_hdmi() - driver core: platform: fix u32 greater or equal to zero comparison - ALSA: hda - Add docking station support for Lenovo Thinkpad T420s - drm/nouveau/mmu: fix comptag memory leak - [powerpc*] sriov: Remove VF eeh_dev state when disabling SR-IOV - bcache: cached_dev_free needs to put the sb page - [amd64] iommu/vt-d: Remove unnecessary WARN_ON_ONCE() - jbd2: switch to use jbd2_journal_abort() when failed to submit the commit record - jbd2: make sure ESHUTDOWN to be recorded in the journal superblock - iwlegacy: ensure loop counter addr does not wrap and cause an infinite loop - cifs: fix NULL dereference in match_prepath - bpf: map_seq_next should always increase position index - ceph: check availability of mds cluster on mount after wait timeout - [arm64,armhf] irqchip/gic-v3: Only provision redistributors that are enabled in ACPI - drm/nouveau/disp/nv50-: prevent oops when no channel method map provided - ftrace: fpid_next() should increase position index - trigger_next should increase position index - radeon: insert 10ms sleep in dce5_crtc_load_lut - ocfs2: fix a NULL pointer dereference when call ocfs2_update_inode_fsync_trans() - reiserfs: prevent NULL pointer dereference in reiserfs_insert_item() - bcache: explicity type cast in bset_bkey_last() - [arm64,armhf] irqchip/gic-v3-its: Reference to its_invall_cmd descriptor when building INVALL - iwlwifi: mvm: Fix thermal zone registration - brd: check and limit max_part par - NFS: Fix memory leaks - help_next should increase position index - cifs: log warning message (once) if out of disk space - virtio_balloon: prevent pfn array overflow https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.107 - [arm64] iommu/qcom: Fix bogus detach logic - ALSA: hda: Use scnprintf() for printing texts for sysfs/procfs - [x86] ALSA: hda/realtek - Apply quirk for MSI GP63, too - [x86] ALSA: hda/realtek - Apply quirk for yet another MSI laptop - [armhf] ASoC: sun8i-codec: Fix setting DAI data format - ecryptfs: fix a memory leak bug in parse_tag_1_packet() - ecryptfs: fix a memory leak bug in ecryptfs_init_messaging() - [x86] thunderbolt: Prevent crash if non-active NVMem file is read - USB: misc: iowarrior: add support for 2 OEMed devices - USB: misc: iowarrior: add support for the 28 and 28L devices - USB: misc: iowarrior: add support for the 100 device - floppy: check FDC index for errors before assigning it (CVE-2020-9383) - vt: fix scrollback flushing on background consoles - vt: selection, handle pending signals in paste_selection - vt: vt_ioctl: fix race in VT_RESIZEX - [arm*] staging: android: ashmem: Disallow ashmem memory from being remapped (CVE-2020-0009) - [x86] staging: vt6656: fix sign of rx_dbm to bb_pre_ed_rssi. - xhci: Force Maximum Packet size for Full-speed bulk devices to valid range. - xhci: fix runtime pm enabling for quirky Intel hosts - xhci: Fix memory leak when caching protocol extended capability PSI tables - take 2 - usb: host: xhci: update event ring dequeue pointer on purpose - USB: core: add endpoint-blacklist quirk - USB: quirks: blacklist duplicate ep on Sound Devices USBPre2 - usb: uas: fix a plug & unplug racing - USB: Fix novation SourceControl XL after suspend - USB: hub: Don't record a connect-change event during reset-resume - USB: hub: Fix the broken detection of USB3 device in SMSC hub - [arm*] usb: dwc2: Fix SET/CLEAR_FEATURE and GET_STATUS flows - [arm64,armhf] usb: dwc3: gadget: Check for IOC/LST bit in TRB->ctrl fields - staging: rtl8188eu: Fix potential security hole - staging: rtl8188eu: Fix potential overuse of kernel memory - staging: rtl8723bs: Fix potential security hole - staging: rtl8723bs: Fix potential overuse of kernel memory - [powerpc*] tm: Fix clearing MSR[TS] in current when reclaiming on signal delivery - jbd2: fix ocfs2 corrupt when clearing block group bits - [x86] mce/amd: Publish the bank pointer only after setup has succeeded - [x86] mce/amd: Fix kobject lifetime - [x86] cpu/amd: Enable the fixed Instructions Retired counter IRPERF - serial: 8250: Check UPF_IRQ_SHARED in advance - [armhf] tty: serial: imx: setup the correct sg entry for tx dma - serdev: ttyport: restore client ops on deregistration - Revert "ipc,sem: remove uneeded sem_undo_list lock usage in exit_sem()" - mm/memcontrol.c: lost css_put in memcg_expand_shrinker_maps() - nvme-multipath: Fix memory leak with ana_log_buf - genirq/irqdomain: Make sure all irq domain flags are distinct - mm/vmscan.c: don't round up scan size for online memory cgroup - drm/amdgpu/soc15: fix xclk for raven - [x86] xhci: apply XHCI_PME_STUCK_QUIRK to Intel Comet Lake platforms - [x86] KVM: nVMX: Don't emulate instructions in guest mode (CVE-2020-2732) - [x86] KVM: don't notify userspace IOAPIC on edge-triggered interrupt EOI - drm/nouveau/kms/gv100-: Re-set LUT after clearing for modesets - ext4: fix a data race in EXT4_I(inode)->i_disksize - ext4: add cond_resched() to __ext4_find_entry() - ext4: fix potential race between online resizing and write operations - ext4: fix potential race between s_group_info online resizing and access - ext4: fix potential race between s_flex_groups online resizing and access - ext4: fix mount failure with quota configured as module - ext4: rename s_journal_flag_rwsem to s_writepages_rwsem - ext4: fix race between writepages and enabling EXT4_EXTENTS_FL - [x86] KVM: nVMX: Refactor IO bitmap checks into helper function - [x86] KVM: nVMX: Check IO instruction VM-exit conditions - [x86] KVM: nVMX: handle nested posted interrupts when apicv is disabled for L1 - [x86] KVM: apic: avoid calculating pending eoi from an uninitialized val - btrfs: fix bytes_may_use underflow in prealloc error condtition - btrfs: reset fs_root to NULL on error in open_ctree - btrfs: do not check delayed items are empty for single transaction cleanup - Btrfs: fix btrfs_wait_ordered_range() so that it waits for all ordered extents - scsi: Revert "target: iscsi: Wait for all commands to finish before freeing a session" - usb: gadget: composite: Fix bMaxPower for SuperSpeedPlus - [arm*] usb: dwc2: Fix in ISOC request length checking - staging: rtl8723bs: fix copy of overlapping memory - ecryptfs: replace BUG_ON with error handling code - genirq/proc: Reject invalid affinity masks (again) - bpf, offload: Replace bitwise AND by logical AND in bpf_prog_offload_info_fill - ALSA: seq: Avoid concurrent access to queue flags - ALSA: seq: Fix concurrent access to queue current tick/time - netfilter: xt_hashlimit: limit the max size of hashtable - rxrpc: Fix call RCU cleanup using non-bh-safe locks - ata: ahci: Add shutdown to freeze hardware resources of ahci - xen: Enable interrupts when calling _cond_resched() - [s390x] mm: Explicitly compare PAGE_DEFAULT_KEY against zero in storage_key_init_range https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.108 - [arm64,armhf] irqchip/gic-v3-its: Fix misuse of GENMASK macro - iwlwifi: pcie: fix rb_allocator workqueue allocation - ipmi:ssif: Handle a possible NULL pointer reference - [arm64] drm/msm: Set dma maximum segment size for mdss - dax: pass NOWAIT flag to iomap_apply - mac80211: consider more elements in parsing CRC - cfg80211: check wiphy driver existence for drvinfo report - [s390x] zcrypt: fix card and queue total counter wrap - qmi_wwan: re-add DW5821e pre-production variant - qmi_wwan: unconditionally reject 2 ep interfaces - [arm64] soc/tegra: fuse: Fix build with Tegra194 configuration - net: ena: fix potential crash when rxfh key is NULL - net: ena: fix uses of round_jiffies() - net: ena: add missing ethtool TX timestamping indication - net: ena: fix incorrect default RSS key - net: ena: rss: fix failure to get indirection table - net: ena: rss: store hash function as values and not bits - net: ena: fix incorrectly saving queue numbers when setting RSS indirection table - net: ena: ethtool: use correct value for crc32 hash - net: ena: ena-com.c: prevent NULL pointer dereference - cifs: Fix mode output in debugging statements - cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE - sysrq: Restore original console_loglevel when sysrq disabled - sysrq: Remove duplicated sysrq message - net: fib_rules: Correctly set table field when table number exceeds 8 bits - net: sched: correct flower port blocking - sctp: move the format error check out of __sctp_sf_do_9_1_abort - ipv6: Fix route replacement with dev-only route - ipv6: Fix nlmsg_flags when splitting a multipath route - qede: Fix race between rdma destroy workqueue and link change event - ext4: potential crash on allocation error in ext4_alloc_flex_bg_array() - audit: fix error handling in audit_data_to_entry() - ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro - [arm64,x86] ACPI: watchdog: Fix gas->access_width usage - [x86] KVM: VMX: check descriptor table exits on instruction emulation - HID: ite: Only bind to keyboard USB interface on Acer SW5-012 keyboard dock - HID: core: fix off-by-one memset in hid_report_raw_event() - HID: core: increase HID report buffer size to 8KiB - tracing: Disable trace_printk() on post poned tests - Revert "PM / devfreq: Modify the device name as devfreq(X) for sysfs" - amdgpu/gmc_v9: save/restore sdpif regs during S3 - vhost: Check docket sk_family instead of call getname (CVE-2020-10942) - HID: alps: Fix an error handling path in 'alps_input_configured()' - HID: hiddev: Fix race in in hiddev_disconnect() - [x86] hv_netvsc: Fix unwanted wakeup in netvsc_attach() - [s390x] qeth: vnicc Fix EOPNOTSUPP precedence - net: netlink: cap max groups which will be considered in netlink_bind() - [amd64] net: atlantic: fix use after free kasan warn - [amd64] net: atlantic: fix potential error handling - net/smc: no peer ID in CLC decline for SMCD - net: ena: make ena rxfh support ETH_RSS_HASH_NO_CHANGE - namei: only return -ECHILD from follow_dotdot_rcu() - mwifiex: drop most magic numbers from mwifiex_process_tdls_action_frame() - [x86] KVM: SVM: Override default MMIO mask if memory encryption is enabled - KVM: Check for a bad hva before dropping into the ghc slow path - sched/fair: Optimize update_blocked_averages() - sched/fair: Fix O(nr_cgroups) in the load balancing path - perf stat: Use perf_evsel__is_clocki() for clock events - perf stat: Fix shadow stats for clock events - [arm64] drivers: net: xgene: Fix the order of the arguments of 'alloc_etherdev_mqs()' - kprobes: Set unoptimized flag after unoptimizing code - [armhf] pwm: omap-dmtimer: put_device() after of_find_device_by_node() - perf hists browser: Restore ESC as "Zoom out" of DSO/thread/etc - [x86] KVM: Remove spurious kvm_mmu_unload() from vcpu destruction path - [x86] KVM: Remove spurious clearing of async #PF MSR - netfilter: nft_tunnel: no need to call htons() when dumping ports - mm/huge_memory.c: use head to check huge zero page - mm, thp: fix defrag setting if newline is not used - audit: always check the netlink payload length in audit_receive_msg() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.109 - [x86] EDAC/amd64: Set grain per DIMM - ALSA: hda/realtek - Fix a regression for mute led on Lenovo Carbon X1 - [armhf] net: dsa: bcm_sf2: Forcibly configure IMP port for 1Gb/sec - kprobes: Fix optimize_kprobe()/unoptimize_kprobe() cancellation logic - [x86] ALSA: hda: do not override bus codec_mask in link_get() - usb: gadget: composite: Support more than 500mA MaxPower - usb: gadget: ffs: ffs_aio_cancel(): Save/restore IRQ flags - usb: gadget: serial: fix Tx stall after buffer overflow - [arm64] drm/msm/mdp5: rate limit pp done timeout warnings - [arm64] drm: msm: Fix return type of dsi_mgr_connector_mode_valid for kCFI - scsi: megaraid_sas: silence a warning - [arm64] drm/msm/dsi: save pll state before dsi host is powered off - [arm64] drm/msm/dsi/pll: call vco set rate explicitly - [armhf] net: dsa: b53: Ensure the default VID is untagged - [s390x] cio: cio_ignore_proc_seq_next should increase position index - [s390x] qdio: fill SL with absolute addresses - ice: Don't tell the OS that link is going down - [arm64] net: thunderx: workaround BGX TX Underflow issue - ALSA: hda/realtek - Add Headset Mic supported - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master - cifs: don't leak -EAGAIN for stat() during reconnect - usb: storage: Add quirk for Samsung Fit flash - usb: quirks: add NO_LPM quirk for Logitech Screen Share - [arm64,armhf] usb: dwc3: gadget: Update chain bit correctly when using sg list - usb: core: hub: fix unhandled return by employing a void function - usb: core: hub: do error out if usb_autopm_get_interface() fails - usb: core: port: do error out if usb_autopm_get_interface() fails - vgacon: Fix a UAF in vgacon_invert_region (CVE-2020-8647, CVE-2020-8649) - mm, numa: fix bad pmd by atomically check for pmd_trans_huge when marking page tables prot_numa - mm: fix possible PMD dirty bit lost in set_pmd_migration_entry() - fat: fix uninit-memory access for partial initialized inode - [arm64] tty:serial:mvebu-uart:fix a wrong return - serial: 8250_exar: add support for ACCES cards - vt: selection, close sel_buffer race (CVE-2020-8648) - vt: selection, push console lock down - vt: selection, push sel_lock up - [arm64,armhf] media: v4l2-mem2mem.c: fix broken links - [x86] pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes - [arm64,armhf] dmaengine: tegra-apb: Fix use-after-free - [arm64,armhf] dmaengine: tegra-apb: Prevent race conditions of tasklet vs free list - dm cache: fix a crash due to incorrect work item cancelling - dm: report suspended device during destroy - dm writecache: verify watermark during resume - [x86] ASoC: topology: Fix memleak in soc_tplg_link_elems_load() - [x86] ASoC: topology: Fix memleak in soc_tplg_manifest_load() - [x86] ASoC: intel: skl: Fix pin debug prints - [x86] ASoC: intel: skl: Fix possible buffer overflow in debug outputs - [armhf] dmaengine: imx-sdma: remove dma_slave_config direction usage and leave sdma_event_enable() - ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output - ASoC: dapm: Correct DAPM handling of active widgets during shutdown - [armhf] drm/sun4i: Fix DE2 VI layer format support - [armhf] drm/sun4i: de2/de3: Remove unsupported VI layer formats - RDMA/iwcm: Fix iwcm work deallocation - RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen() - [amd64] IB/hfi1, qib: Ensure RCU is locked when accessing list - [armhf] ARM: imx: build v7_cpu_resume() unconditionally - hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT() - [powerpc*] fix hardware PMU exception bug on PowerVM compatibility mode systems - [amd64] efi/x86: Align GUIDs to their size in the mixed mode runtime wrapper - [amd64] efi/x86: Handle by-ref arguments covering multiple pages in mixed mode - dm integrity: fix a deadlock due to offloading to an incorrect workqueue - scsi: pm80xx: Fixed kernel panic during error recovery for SATA drive https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.110 - [x86] KVM: SVM: fix up incorrect backport https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.111 - phy: Revert toggling reset changes. - net: phy: Avoid multiple suspends - cgroup, netclassid: periodically release file_lock on classid updating - gre: fix uninit-value in __iptunnel_pull_header - inet_diag: return classid for all socket types - ipv6/addrconf: call ipv6_mc_up() for non-Ethernet interface - ipvlan: add cond_resched_rcu() while processing muticast backlog - ipvlan: do not add hardware address of master to its unicast filter list - ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast() - ipvlan: don't deref eth hdr before checking it's set - net/ipv6: use configured metric when add peer route - netlink: Use netlink header as base to calculate bad attribute offset - net: macsec: update SCI upon MAC address change. - net: nfc: fix bounds checking bugs on "pipe" - net/packet: tpacket_rcv: do not increment ring index on drop - [arm64,armhf] net: stmmac: dwmac1000: Disable ACS if enhanced descs are not used - r8152: check disconnect status after long sleep - sfc: detach from cb_page in efx_copy_channel() - bnxt_en: reinitialize IRQs when MTU is modified - cgroup: memcg: net: do not associate sock with unrelated cgroup - net: memcg: late association of sock to memcg - net: memcg: fix lockdep splat in inet_csk_accept() - devlink: validate length of param values - nl802154: add missing attribute validation - nl802154: add missing attribute validation for dev_type - can: add missing attribute validation for termination - macsec: add missing attribute validation for port - net: fq: add missing attribute validation for orphan mask - team: add missing attribute validation for port ifindex - team: add missing attribute validation for array index - nfc: add missing attribute validation for SE API - nfc: add missing attribute validation for deactivate target - nfc: add missing attribute validation for vendor subcommand - net: phy: fix MDIO bus PM PHY resuming - net/ipv6: need update peer route when modify metric - net/ipv6: remove the old peer route if change it to a new one - tipc: add missing attribute validation for MTU property - devlink: validate length of region addr/len - bonding/alb: make sure arp header is pulled before accessing it - slip: make slhc_compress() more robust against malicious packets - [armhf] net: fec: validate the new settings in fec_enet_set_coalesce() - macvlan: add cond_resched() during multicast processing - cgroup: cgroup_procs_next should increase position index - cgroup: Iterate tasks that did not finish do_exit() - iwlwifi: mvm: Do not require PHY_SKU NVM section for 3168 devices - virtio-blk: fix hw_queue stopped on arbitrary error - [amd64] iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn + add_taint - netfilter: nf_conntrack: ct_cpu_seq_next should increase position index - netfilter: synproxy: synproxy_cpu_seq_next should increase position index - netfilter: xt_recent: recent_seq_next should increase position index - netfilter: x_tables: xt_mttg_seq_next should increase position index - workqueue: don't use wq_select_unbound_cpu() for bound works - drm/amd/display: remove duplicated assignment to grph_obj_type - cifs_atomic_open(): fix double-put on late allocation failure - gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache - [x86] KVM: clear stale x86_emulate_ctxt->intercept value - efi: Fix a race and a buffer overflow while reading efivars via sysfs - efi: Make efi_rts_work accessible to efi page fault handler - mt76: fix array overflow on receiving too many fragments for a packet - [x86] mce: Fix logic and comments around MSR_PPIN_CTL - [arm64] iommu/dma: Fix MSI reservation allocation - [amd64] iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint - [amd64] iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page - batman-adv: Don't schedule OGM for disabled interface - [arm64] pinctrl: meson-gxl: fix GPIOX sdio pins - pinctrl: core: Remove extra kref_get which blocks hogs being freed - [arm64,armhf] i2c: gpio: suppress error on probe defer - nl80211: add missing attribute validation for critical protocol indication - nl80211: add missing attribute validation for beacon report scanning - nl80211: add missing attribute validation for channel switch - perf bench futex-wake: Restore thread count default to online CPU count - netfilter: cthelper: add missing attribute validation for cthelper - netfilter: nft_payload: add missing attribute validation for payload csum flags - netfilter: nft_tunnel: add missing attribute validation for tunnels - [amd64] iommu/vt-d: Fix the wrong printing in RHSA parsing - [amd64] iommu/vt-d: Ignore devices with out-of-spec domain number - [arm64,x86] i2c: acpi: put device when verifying client fails - ipv6: restrict IPV6_ADDRFORM operation - net/smc: check for valid ib_client_data - net/smc: cancel event worker during device removal - efi: Add a sanity check to efivar_store_raw() - batman-adv: Avoid free/alloc race when handling OGM2 buffer https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.112 - [x86] perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT flag - [armhf] mmc: sdhci-omap: Add platform specific reset callback - [armhf] mmc: sdhci-omap: Workaround errata regarding SDR104/HS200 tuning failures (i929) - ACPI: watchdog: Allow disabling WDAT at boot - HID: apple: Add support for recent firmware on Magic Keyboards - [x86] HID: i2c-hid: add Trekstor Surfbook E11B to descriptor override - cfg80211: check reg_rule for NULL in handle_channel_custom() - scsi: libfc: free response frame from GPN_ID - net: usb: qmi_wwan: restore mtu min/max values after raw_ip switch - mac80211: rx: avoid RCU list traversal under mutex - signal: avoid double atomic counter increments for user accounting - slip: not call free_netdev before rtnl_unlock in slip_open - [x86,arm64] hinic: fix a irq affinity bug - [x86,arm64] hinic: fix a bug of setting hw_ioctxt - sfc: fix timestamp reconstruction at 16-bit rollover points - jbd2: fix data races at struct journal_head - [armhf] mmc: sdhci-omap: Don't finish_mrq() on a command error during tuning - [armhf] mmc: sdhci-omap: Fix Tuning procedure for temperatures < -20C - driver core: Remove the link if there is no driver with AUTO flag - driver core: Fix adding device links to probing suppliers - driver core: Make driver core own stateful device links - driver core: Add device link flag DL_FLAG_AUTOPROBE_CONSUMER - driver core: Remove device link creation limitation - driver core: Fix creation of device links with PM-runtime flags - mm: slub: add missing TID bump in kmem_cache_alloc_bulk() - efi: Fix debugobjects warning on 'efi_rts_work' https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.113 - [arm64] spi: qup: call spi_qup_pm_resume_runtime before suspending - [amd64] spi: pxa2xx: Add CS control clock quirk - [armhf] drm/exynos: dsi: fix workaround for the legacy clock name - [arm64] drivers/perf: arm_pmu_acpi: Fix incorrect checking of gicc pointer - dm bio record: save/restore bi_end_io and bi_integrity - dm integrity: use dm_bio_record and dm_bio_restore - xenbus: req->body should be updated before req->state - xenbus: req->err should be updated before req->state - block, bfq: fix overwrite of bfq_group pointer in bfq_find_set_group() - USB: Disable LPM on WD19's Realtek Hub - usb: quirks: add NO_LPM quirk for RTL8153 based ethernet adapters - USB: serial: option: add ME910G1 ECM composition 0x110b - [arm64,armhf] usb: host: xhci-plat: add a shutdown - USB: serial: pl2303: add device-id for HP LD381 - [x86] usb: xhci: apply XHCI_SUSPEND_DELAY to AMD XHCI controller 1022:145c - ALSA: line6: Fix endless MIDI read loop - ALSA: seq: virmidi: Fix running status after receiving sysex - ALSA: seq: oss: Fix running status after receiving sysex - ALSA: pcm: oss: Avoid plugin buffer overflow - ALSA: pcm: oss: Remove WARNING from snd_pcm_plug_alloc() checks - [armhf] iio: st_sensors: remap SMO8840 to LIS2DH12 - mmc: rtsx_pci: Fix support for speed-modes that relies on tuning - staging: rtl8188eu: Add device id for MERCUSYS MW150US v2 - staging/speakup: fix get_word non-space look-ahead - [x86] intel_th: Fix user-visible error codes - [x86] intel_th: pci: Add Elkhart Lake CPU support - xhci: Do not open code __print_symbolic() in xhci trace events - btrfs: fix log context list corruption after rename whiteout error - drm/amd/amdgpu: Fix GPR read from debugfs (v2) - drm/lease: fix WARNING in idr_destroy - memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event - mm: slub: be more careful about the double cmpxchg of freelist - mm, slub: prevent kmalloc_node crashes and memory leaks - page-flags: fix a crash at SetPageError(THP_SWAP) - [x86] mm: split vmalloc_sync_all() (Closes: #953017) - USB: cdc-acm: fix close_delay and closing_wait units in TIOCSSERIAL - USB: cdc-acm: fix rounding error in TIOCSSERIAL - futex: Fix inode life-time issue - futex: Unbreak futex hashing - Revert "vrf: mark skb for multicast or link-local as enslaved to VRF" - Revert "ipv6: Fix handling of LLA with VRF and sockets bound to VRF" - ALSA: hda/realtek: Fix pop noise on ALC225 - [arm64] smp: fix smp_send_stop() behaviour - [arm64] smp: fix crash_smp_send_stop() behaviour - [arm64,armhf] drm/bridge: dw-hdmi: fix AVI frame colorimetry https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.114 - mmc: core: Allow host controllers to require R1B for CMD6 - mmc: core: Respect MMC_CAP_NEED_RSP_BUSY for erase/trim/discard - mmc: core: Respect MMC_CAP_NEED_RSP_BUSY for eMMC sleep command - [armhf] mmc: sdhci-omap: Fix busy detection by enabling MMC_CAP_NEED_RSP_BUSY - [arm64,armhf] mmc: sdhci-tegra: Fix busy detection by enabling MMC_CAP_NEED_RSP_BUSY - geneve: move debug check after netdev unregister - macsec: restrict to ethernet devices - net: cbs: Fix software cbs to consider packet sending time - [armhf] net: dsa: Fix duplicate frames flooded by learning - [arm64,armhf] net: mvneta: Fix the case where the last poll did not process all rx - net/packet: tpacket_rcv: avoid a producer race condition - net: qmi_wwan: add support for ASKEY WWHC050 - net_sched: cls_route: remove the right filter from hashtable - net_sched: keep alloc_hash updated after hash allocation - [arm64,armhf] net: stmmac: dwmac-rk: fix error path in rk_gmac_probe - slcan: not call free_netdev before rtnl_unlock in slcan_open - bnxt_en: fix memory leaks in bnxt_dcbnl_ieee_getets() - bnxt_en: Reset rings if ring reservation fails during open() - net: ip_gre: Separate ERSPAN newlink / changelink callbacks - net: ip_gre: Accept IFLA_INFO_DATA-less configuration - r8169: re-enable MSI on RTL8168c - tcp: repair: fix TCP_QUEUE_SEQ implementation - vxlan: check return value of gro_cells_init() - cgroup-v1: cgroup_pidlist_next should update position index - nfs: add minor version to nfs_server_key for fscache - drivers/of/of_mdio.c:fix of_mdiobus_register() - cgroup1: don't call release_agent when it is "" - [s390x] qeth: handle error when backing RX buffer - scsi: ipr: Fix softlockup when rescanning devices in petitboot - mac80211: Do not send mesh HWMP PREQ if HWMP is disabled - [x86] ftrace: Anotate text_mutex split between ftrace_arch_code_modify_post_process() and ftrace_arch_code_modify_prepare() - [x86] Input: synaptics - enable RMI on HP Envy 13-ad105ng - Input: avoid BIT() macro usage in the serio.h UAPI header - ceph: check POOL_FLAG_FULL/NEARFULL in addition to OSDMAP_FULL/NEARFULL - perf probe: Do not depend on dwfl_module_addrsym() - scsi: sd: Fix optimal I/O size for devices that change reported values - nl80211: fix NL80211_ATTR_CHANNEL_WIDTH attribute type - mac80211: mark station unauthorized before key removal - [x86] gpiolib: acpi: Correct comment for HP x2 10 honor_wakeup quirk - gpiolib: acpi: Rework honor_wakeup option into an ignore_wake option - [x86] gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 BYT + AXP288 model - genirq: Fix reference leaks on irq affinity notifiers - xfrm: handle NETDEV_UNREGISTER for xfrm device - vti[6]: fix packet tx through bpf_redirect() in XinY cases - RDMA/mlx5: Block delay drop to unprivileged users - xfrm: fix uctx len check in verify_sec_ctx_len - xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire - xfrm: policy: Fix doulbe free in xfrm_policy_timer - afs: Fix some tracing details - netfilter: flowtable: reload ip{v6}h in nf_flow_tuple_ip{v6} - netfilter: nft_fwd_netdev: validate family and chain type - bpf/btf: Fix BTF verification of enum members in struct/union - vti6: Fix memory leak of skb if input policy check fails - mac80211: add option for setting control flags - mac80211: set IEEE80211_TX_CTRL_PORT_CTRL_PROTO for nl80211 TX - USB: serial: option: add support for ASKEY WWHC050 - USB: serial: option: add BroadMobi BM806U - USB: serial: option: add Wistron Neweb D19Q1 - USB: cdc-acm: restore capability check order - USB: serial: io_edgeport: fix slab-out-of-bounds read in edge_interrupt_callback - [arm64,armhf] usb: musb: fix crash with highmen PIO and usbmon - media: flexcop-usb: fix endpoint sanity check - media: usbtv: fix control-message timeouts - staging: rtl8188eu: Add ASUS USB-N10 Nano B1 to device table - [x86] ahci: Add Intel Comet Lake H RAID PCI ID - libfs: fix infoleak in simple_attr_read() - media: ov519: add missing endpoint sanity checks (CVE-2020-11608) - media: dib0700: fix rc endpoint lookup - media: stv06xx: add missing descriptor sanity checks (CVE-2020-11609) - media: xirlink_cit: add missing descriptor sanity checks (CVE-2020-11668) - mac80211: Check port authorization in the ieee80211_tx_dequeue() case - mac80211: fix authentication with iwlwifi/mvm - vt: selection, introduce vc_is_sel - vt: ioctl, switch VT_IS_IN_USE and VT_BUSY to inlines - vt: switch vt_dont_switch to bool - vt: vt_ioctl: remove unnecessary console allocation checks - vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console - vt: vt_ioctl: fix use-after-free in vt_in_use() - [x86] platform: pmc_atom: Add Lex 2I385SW to critclk_systems DMI table - bpf: Explicitly memset the bpf_attr structure - bpf: Explicitly memset some bpf info structures declared on the stack - [x86] gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 CHT + AXP288 model - perf map: Fix off by one in strncpy() size argument - [armel] bcm2835-rpi-zero-w: Add missing pinctrl name - [armhf] dts: N900: fix onenand timings https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.115 - ipv4: fix a RCU-list lock in fib_triestat_seq_show - net, ip_tunnel: fix interface lookup with no key - sctp: fix refcount bug in sctp_wfree - sctp: fix possibly using a bad saddr with a given dst - nvme-rdma: Avoid double freeing of async event data - drm/bochs: downgrade pci_request_region failure from error to warning - drm/amdgpu: fix typo for vcn1 idle check - [x86] tools/power turbostat: Fix gcc build warnings - [x86] tools/power turbostat: Fix missing SYS_LPI counter on some Chromebooks - [armhf] drm/etnaviv: replace MMU flush marker with flush sequence - media: rc: IR signal for Panasonic air conditioner too long - misc: rtsx: set correct pcr_ops for rts522A - [x86] mei: me: add cedar fork device ids - ALSA: hda/ca0132 - Add Recon3Di quirk to handle integrated sound on EVGA X99 Classified motherboard - rxrpc: Fix sendmsg(MSG_WAITALL) handling - net: Fix Tx hash bound checking - padata: always acquire cpu_hotplug_lock before pinst->lock - mm: mempolicy: require at least one nodeid for MPOL_PREFERRED (CVE-2020-11565) - ipv6: don't auto-add link-local address to lag ports - [armhf] net: dsa: bcm_sf2: Do not register slave MDIO bus with OF - [armhf] net: dsa: bcm_sf2: Ensure correct sub-node is parsed - net: phy: micrel: kszphy_resume(): add delay after genphy_resume() before accessing PHY registers - [arm64,armhf] net: stmmac: dwmac1000: fix out-of-bounds mac address reg setting - slcan: Don't transmit uninitialized stack data in padding (CVE-2020-11494) - random: always use batched entropy for get_random_u{32,64} - [arm64,armhf] usb: dwc3: gadget: Wrap around when skip TRBs - [armhf] hwrng: imx-rngc - fix an error path - [amd64] IB/hfi1: Call kobject_put() when kobject_init_and_add() fails - [amd64] IB/hfi1: Fix memory leaks in sysfs registration and unregistration - ceph: remove the extra slashes in the server path - ceph: canonicalize server path in place - RDMA/ucma: Put a lock around every call to the rdma_cm layer - RDMA/cma: Teach lockdep about the order of rtnl and lock - Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl - RDMA/cm: Update num_paths in cma_resolve_iboe_route error flow - fbcon: fix null-ptr-deref in fbcon_switch - [arm64] clk: qcom: rcg: Return failure for RCG update - [arm64] drm/msm: stop abusing dma_map/unmap for cache - [arm64] Fix size of __early_cpu_boot_status - [arm64] rpmsg: glink: Remove chunk size word align warning - [arm64,armhf] usb: dwc3: don't set gadget->is_otg flag - drm_dp_mst_topology: fix broken drm_dp_sideband_parse_remote_dpcd_read() - [arm64] drm/msm: Use the correct dma_sync calls in msm_gem https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.116 - [armhf] dts: sun8i-a83t-tbs-a711: HM5065 doesn't like such a high voltage - [arm64,armhf] bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads - [x86,arm64] hinic: fix a bug of waitting for IO stopped - [x86,arm64] hinic: fix wrong para of wait_for_completion_timeout - cxgb4/ptp: pass the sign of offset delta in FW CMD - qlcnic: Fix bad kzalloc null test - [armhf] cpufreq: imx6q: Fixes unwanted cpu overclocking on i.MX6ULL - [arm64] media: venus: hfi_parser: Ignore HEVC encoding for V1 - null_blk: Fix the null_add_dev() error path - null_blk: Handle null_add_dev() failures properly - null_blk: fix spurious IO errors after failed past-wp access - xhci: bail out early if driver can't accress host in resume - [x86] Don't let pgprot_modify() change the page encryption bit - block: keep bdi->io_pages in sync with max_sectors_kb for stacked devices - sched: Avoid scale real weight down to zero - libata: Remove extra scsi_host_put() in ata_scsi_add_hosts() - [amd64,x86] pstore/platform: fix potential mem leak if pstore_init_fs failed - gfs2: Don't demote a glock until its revokes are written - [i386] efi/x86: Ignore the memory attributes table on i386 - genirq/irqdomain: Check pointer in irq_domain_alloc_irqs_hierarchy() - block: Fix use-after-free issue accessing struct io_cq - [arm64,armhf] usb: dwc3: core: add support for disabling SS instances in park mode - [arm64,armhf] irqchip/gic-v4: Provide irq_retrigger to avoid circular locking dependency - md: check arrays is suspended in mddev_detach before call quiesce operations - firmware: fix a double abort case with fw_load_sysfs_fallback - block, bfq: fix use-after-free in bfq_idle_slice_timer_body - btrfs: qgroup: ensure qgroup_rescan_running is only set when the worker is at least queued - btrfs: remove a BUG_ON() from merge_reloc_roots() - btrfs: track reloc roots based on their commit root bytenr - IB/mlx5: Replace tunnel mpls capability bits for tunnel_offloads - uapi: rename ext2_swab() to swab() and share globally in swab.h - slub: improve bit diffusion for freelist ptr obfuscation - ASoC: fix regwmask - ASoC: dapm: connect virtual mux with default value - ASoC: dpcm: allow start or stop during pause for backend - [x86] ASoC: topology: use name_prefix for new kcontrol - usb: gadget: f_fs: Fix use after free issue as part of queue failure - usb: gadget: composite: Inform controller driver of self-powered - ALSA: hda: Add driver blacklist - ALSA: hda: Fix potential access overflow in beep helper - ALSA: ice1724: Fix invalid access for enumerated ctl items - ALSA: pcm: oss: Fix regression by buffer overflow fix - ALSA: doc: Document PC Beep Hidden Register on Realtek ALC256 - ALSA: hda/realtek - Set principled PC Beep configuration for ALC256 - [x86] ALSA: hda/realtek - Remove now-unnecessary XPS 13 headphone noise fixups - [x86] ALSA: hda/realtek - Add quirk for MSI GL63 - [x86] acpi: ignore unspecified bit positions in the ACPI global lock field - nvme-fc: Revert "add module to ops template to allow module references" - nvme: Treat discovery subsystems as unique subsystems - PCI: pciehp: Fix indefinite wait on sysfs requests - PCI/ASPM: Clear the correct bits when enabling L1 substates - PCI: Add boot interrupt quirk mechanism for Xeon chipsets - tpm: Don't make log failures fatal - tpm: tpm1_bios_measurements_next should increase position index - tpm: tpm2_bios_measurements_next should increase position index - KEYS: reaching the keys quotas correctly - [amd64,x86] pstore: pstore_ftrace_seq_next should increase position index - [mips*el] tlbex: Fix LDDIR usage in setup_pw() for Loongson-3 - [mips*/octeon] irq: Fix potential NULL pointer dereference - ath9k: Handle txpower changes even when TPC is disabled - signal: Extend exec_id to 64bits - [i386] x86/entry/32: Add missing ASM_CLAC to general_protection entry - [x86] KVM: nVMX: Properly handle userspace interrupt window request - [s390x] KVM: vsie: Fix region 1 ASCE sanity shadow address checks - [s390x] KVM: vsie: Fix delivery of addressing exceptions - [x86] KVM: Allocate new rmap and large page tracking when moving memslot - [x86] KVM: VMX: Always VMCLEAR in-use VMCSes during crash with kexec support - [x86] KVM: Gracefully handle __vmalloc() failure during VM allocation - [x86] KVM: VMX: fix crash cleanup when KVM wasn't used - CIFS: Fix bug which the return value by asynchronous read is error - Btrfs: fix crash during unmount due to race with delayed inode workers - btrfs: set update the uuid generation as soon as possible - btrfs: drop block from cache on error in relocation - btrfs: fix missing file extent item for hole after ranged fsync - btrfs: fix missing semaphore unlock in btrfs_sync_file - [powerpc*] pseries: Drop pointless static qualifier in vpa_debugfs_init() - [x86] speculation: Remove redundant arch_smt_update() invocation - mm: Use fixed constant in page_frag_alloc instead of size + 1 - dm writecache: add cond_resched to avoid CPU hangs - [s390x] scsi: zfcp: fix missing erp_lock in port recovery trigger for point-to-point - [arm64] armv8_deprecated: Fix undef_hook mask for thumb setend - [armhf] drm/etnaviv: rework perfmon query infrastructure - [powerpc*] pseries: Avoid NULL pointer dereference when drmem is unavailable - NFS: Fix a page leak in nfs_destroy_unlinked_subrequests() - ext4: fix a data race at inode->i_blocks - fs/filesystems.c: downgrade user-reachable WARN_ONCE() to pr_warn_once() - ocfs2: no need try to truncate file beyond i_size - [s390x] diag: fix display of diagnose call statistics - [x86] Input: i8042 - add Acer Aspire 5738z to nomux list - kmod: make request_module() return an error when autoloading is disabled - [powerpc*] cpufreq: powernv: Fix use-after-free - hfsplus: fix crash and filesystem corruption when deleting files - libata: Return correct status in sata_pmp_eh_recover_pm() when ATA_DFLAG_DETACH is set - ipmi: fix hung processes in __get_guid() - xen/blkfront: fix memory allocation flags in blkfront_setup_indirect() - [powerpc*] powernv/idle: Restore AMR/UAMOR/AMOR after idle (CVE-2020-11669) - [powerpc*] 64/tm: Don't let userspace set regs->trap via sigreturn - [powerpc*] hash64/devmap: Use H_PAGE_THP_HUGE when setting up huge devmap PTE entries - [powerpc*] xive: Use XIVE_BAD_IRQ instead of zero to catch non configured IPIs - [powerpc*] kprobes: Ignore traps that happened in real mode - scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug - [powerpc*] Add attributes for setjmp/longjmp - [powerpc*] Make setjmp/longjmp signature standard - btrfs: use nofs allocations for running delayed items - dm zoned: remove duplicate nr_rnd_zones increase in dmz_init_zone() - drm/dp_mst: Fix clearing payload state on topology disable - drm: Remove PageReserved manipulation from drm_pci_alloc - ftrace/kprobe: Show the maxactive number on kprobe_events - [armhf] etnaviv: perfmon: fix total and idle HI cyleces readout - [amd64] efi/x86: Fix the deletion of variables in mixed mode https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.117 - [amd64,arm64] amd-xgbe: Use __napi_schedule() in BH context - net: ipv6: do not consider routes via gateways for anycast address check - net: revert default NAPI poll timeout to 2 jiffies - [arm64,armhf] net: stmmac: dwmac-sunxi: Provide TX and RX fifo sizes - ovl: fix value of i_ino for lower hardlink corner case - scsi: ufs: Fix ufshcd_hold() caused scheduling while atomic - jbd2: improve comments about freeing data buffers whose page mapping is NULL - ext4: fix incorrect group count in ext4_fill_super error message - ext4: fix incorrect inodes per group in error message - [x86] ASoC: Intel: mrfld: fix incorrect check on p->sink - [x86] ASoC: Intel: mrfld: return error codes when an error occurs - ALSA: usb-audio: Filter error from connector kctl ops, too - ALSA: usb-audio: Don't override ignore_ctl_error value from the map - ALSA: usb-audio: Don't create jack controls for PCM terminals - ALSA: usb-audio: Check mapping at creating connector controls, too - keys: Fix proc_keys_next to increase position index - tracing: Fix the race between registering 'snapshot' event trigger and triggering 'snapshot' operation - btrfs: check commit root generation in should_ignore_root - mac80211_hwsim: Use kstrndup() in place of kasprintf() - [arm64,armhf] usb: dwc3: gadget: don't enable interrupt when disabling endpoint - [arm64,armhf] usb: dwc3: gadget: Don't clear flags before transfer ended - ext4: do not zeroout extents beyond i_disksize - [x86] kvm: Host feature SSBD doesn't imply guest feature SPEC_CTRL_SSBD - scsi: target: fix hang when multiple threads try to destroy the same iscsi session - [x86] microcode/AMD: Increase microcode PATCH_MAX_SIZE - wil6210: check rx_buff_mgmt before accessing it - wil6210: ignore HALP ICR if already handled - wil6210: add general initialization/size checks - wil6210: make sure Rx ring sizes are correlated - wil6210: remove reset file from debugfs - mm/vmalloc.c: move 'area->pages' after if statement https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.118 - [armel,armhf] bpf: Fix offset overflow for BPF_MEM BPF_DW - scsi: sg: add sg_remove_request in sg_common_write - ext4: use non-movable memory for superblock readahead - [arm64,armhf] watchdog: sp805: fix restart handler - [armel,armhf] arm, bpf: Fix bugs with ALU64 {RSH, ARSH} BPF_K shift by 0 - netfilter: nf_tables: report EOPNOTSUPP on unsupported flags/object type - [arm64] irqchip/mbigen: Free msi_desc on device teardown - ALSA: hda: Don't release card at firmware loading error - of: overlay: kmemleak in dup_and_fixup_symbol_prop() - [x86] Hyper-V: Report crash register data or kmsg before running crash kernel - rbd: avoid a deadlock on header_rwsem when flushing notifies - rbd: call rbd_dev_unprobe() after unwatching and flushing notifies - xsk: Add missing check on user supplied headroom size - [x86] Hyper-V: Unload vmbus channel in hv panic callback - [x86] Hyper-V: Free hv_panic_page when fail to register kmsg dump - [x86] Hyper-V: Trigger crash enlightenment only once during system crash. - [x86] Hyper-V: Report crash register data when sysctl_record_panic_msg is not set - [x86] Hyper-V: Report crash data in die() when panic_on_oops is set - power: supply: bq27xxx_battery: Silence deferred-probe error - [arm64,armhf] clk: tegra: Fix Tegra PMC clock out parents - [armhf] soc: imx: gpc: fix power up sequencing - NFSv4/pnfs: Return valid stateids in nfs_layout_find_inode_by_stateid() - NFS: direct.c: Fix memory leak of dreq when nfs_get_lock_context fails - [s390x] cpuinfo: fix wrong output when CPU0 is offline - [s390x] cpum_sf: Fix wrong page count in error message - ext4: do not commit super on read-only bdev - cifs: Allocate encryption header through kmalloc - include/linux/swapops.h: correct guards for non_swap_entry() - percpu_counter: fix a data race at vm_committed_as - [s390x] KVM: vsie: Fix possible race when shadowing region 3 tables - [x86] ACPI: fix CPU hotplug deadlock - [amd64] drm/amdkfd: kfree the wrong pointer - NFS: Fix memory leaks in nfs_pageio_stop_mirroring() - f2fs: fix NULL pointer dereference in f2fs_write_begin() - [arm*] drm/vc4: Fix HDMI mode validation - [amd64] iommu/vt-d: Fix mm reference leak - power: supply: axp288_fuel_gauge: Broaden vendor check for Intel Compute Sticks. - libnvdimm: Out of bounds read in __nd_ioctl() - f2fs: fix to wait all node page writeback - [armhf] net: dsa: bcm_sf2: Fix overflow checks - fbdev: potential information leak in do_fb_ioctl() - mtd: lpddr: Fix a double free in probe() - mtd: phram: fix a double free issue in error path - KEYS: Don't write out to userspace while holding key semaphore - bpf: fix buggy r0 retval refinement for tracing helpers . [ Salvatore Bonaccorso ] * Refresh "Revert "objtool: Fix CONFIG_STACK_VALIDATION=y warning for out-of-tree modules"" for context changes in 4.19.99 * Refresh "ARM: dts: bcm283x: Correct vchiq compatible string" for context changes in 4.19.99 * Drop "tools/lib/api/fs/fs.c: Fix misuse of strncpy()" * Refresh "net: ena: add MAX_QUEUES_EXT get feature admin command" for context changes in 4.19.108 * [rt] Update to 4.19.115-rt48: - Revert "genirq: Do not invoke the affinity callback via a workqueue on RT" * [rt] Refresh "pci/switchtec: Don't use completion's wait queue" for context changes in 4.19.116 * Refresh "firmware: Remove redundant log messages from drivers" for context changes in 4.19.118 * f2fs: fix to avoid memory leakage in f2fs_listxattr (CVE-2020-0067) * net: ipv6: add net argument to ip6_dst_lookup_flow * net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup (CVE-2020-1749) * blktrace: Protect q->blk_trace with RCU (CVE-2019-19768) * blktrace: fix dereference after null check . [ Ben Hutchings ] * [x86] Drop "Add a SysRq option to lift kernel lockdown" (Closes: #947021) - This patch allowed remotely disabling lockdown using usbip - Lockdown can be disabled by running "mokutil --disable-validation", rebooting, and confirming the change when prompted * debian/README.source: Refer to upload checklist in kernel-team.git * Bump ABI to 9 . [ YunQiang Su ] * [mips*] enable CONFIG_MIPS_O32_FP64_SUPPORT. * [mips*] enable CONFIG_CPU_HAS_MSA except octeon. . [ Steve McIntyre ] * [arm64] Include the Hisilicon Hibmc drm driver in fb-modules (Closes: #951274) . [ Noah Meyerhans ] * [cloud] Enable CONFIG_KSM (Closes: #955366) linux-latest (105+deb10u4) buster; urgency=medium . * Update to 4.19.0-9 linux-signed-amd64 (4.19.118+2) buster; urgency=medium . * Sign kernel from linux 4.19.118-2 . * Merge changes from 4.19.67-2+deb10u2 to include all security fixes from DSA 4667-1. linux-signed-amd64 (4.19.118+1) buster; urgency=medium . * Sign kernel from linux 4.19.118-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.99 - Revert "efi: Fix debugobjects warning on 'efi_rts_work'" - xfs: Sanity check flags of Q_XQUOTARM call - [x86] mfd: intel-lpss: Add default I2C device properties for Gemini Lake - SUNRPC: Fix svcauth_gss_proxy_init() - [powerpc*] pseries: Enable support for ibm,drc-info property - tipc: update mon's self addr when node addr generated - tipc: fix wrong timeout input for tipc_wait_for_cond() - mt7601u: fix bbp version check in mt7601u_wait_bbp_ready - [armhf] crypto: sun4i-ss - fix big endian issues - perf map: No need to adjust the long name of modules - ipmi: Fix memory leak in __ipmi_bmc_register (CVE-2019-19046) - ixgbe: don't clear IPsec sa counters on HW clearing - drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() - iio: fix position relative kernel version - apparmor: Fix network performance issue in aa_label_sk_perm - ALSA: hda: fix unused variable warning - apparmor: don't try to replace stale label in ptrace access check - firmware: coreboot: Let OF core populate platform device - bridge: br_arp_nd_proxy: set icmp6_router if neigh has NTF_ROUTER - [arm64] drm/hisilicon: hibmc: Don't overwrite fb helper surface depth - IB/rxe: replace kvfree with vfree - [amd64] IB/hfi1: Add mtu check for operational data VLs - genirq/debugfs: Reinstate full OF path for domain name - [arm64] usb: dwc3: add EXTCON dependency for qcom - cfg80211: regulatory: make initialization more robust - [x86] mei: replace POLL* with EPOLL* for write queues. - [arm64] drm/msm: fix unsigned comparison with less than zero - ALSA: usb-audio: update quirk for B&W PX to remove microphone - iwlwifi: nvm: get num of hw addresses from firmware - netfilter: nft_osf: usage from output path is not valid - [x86] pwm: lpss: Release runtime-pm reference from the driver's remove callback - [powerpc*] pseries/memory-hotplug: Fix return value type of find_aa_index - rtlwifi: rtl8821ae: replace _rtl8821ae_mrate_idx_to_arfr_id with generic version - netfilter: nf_flow_table: do not remove offload when other netns's interface is down - tipc: eliminate message disordering during binding table update - [arm64] net: socionext: Add dummy PHY register read in phy_write() - [arm64,armhf] drm/sun4i: hdmi: Fix double flag assignation - [arm64] net: hns3: add error handler for hns3_nic_init_vector_data() - pcrypt: use format specifier in kobject_add - [armhf] ASoC: sun8i-codec: add missing route for ADC - [arm64] pinctrl: meson-gxl: remove invalid GPIOX tsin_a pins - [armhf] bus: ti-sysc: Add mcasp optional clocks flag - exportfs: fix 'passing zero to ERR_PTR()' warning - net: always initialize pagedlen - net: phy: Fix not to call phy_resume() if PHY is not attached - [amd64] IB/hfi1: Correctly process FECN and BECN in packets - IB/rxe: Fix incorrect cache cleanup in error flow - ipv6: add missing tx timestamping on IPPROTO_RAW - [arm64] net: hns3: fix error handling int the hns3_get_vector_ring_chain - vxlan: changelink: Fix handling of default remotes - fork,memcg: fix crash in free_thread_stack on memcg charge fail - [armhf] clk: highbank: fix refcount leak in hb_clk_init() - [armhf] clk: ti: fix refcount leak in ti_dt_clocks_register() - [armhf] clk: socfpga: fix refcount leak - [armhf] clk: samsung: exynos4: fix refcount leak in exynos4_get_xom() - [armhf] clk: imx6q: fix refcount leak in imx6q_clocks_init() - [armhf] clk: imx6sx: fix refcount leak in imx6sx_clocks_init() - [armhf] clk: armada-370: fix refcount leak in a370_clk_init() - [armel] clk: kirkwood: fix refcount leak in kirkwood_clk_init() - [armhf] clk: armada-xp: fix refcount leak in axp_clk_init() - [armhf] clk: mv98dx3236: fix refcount leak in mv98dx3236_clk_init() - [armhf] clk: dove: fix refcount leak in dove_clk_init() - drm: Fix error handling in drm_legacy_addctx - [armhf] drm/etnaviv: fix some off by one bugs - drm/fb-helper: generic: Fix setup error path - fork, memcg: fix cached_stacks case - [amd64] IB/usnic: Fix out of bounds index check in query pkey - RDMA/ocrdma: Fix out of bounds index check in query pkey - RDMA/qedr: Fix out of bounds index check in query pkey - RDMA/iw_cxgb4: Fix the unchecked ep dereference - net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ9031 - [armhf] memory: tegra: Don't invoke Tegra30+ specific memory timing setup on Tegra20 - [armhf] drm/etnaviv: NULL vs IS_ERR() buf in etnaviv_core_dump() - kbuild: mark prepare0 as PHONY to fix external module build - crypto: tgr192 - fix unaligned memory access - [armhf] ASoC: imx-sgtl5000: put of nodes if finding codec fails - IB/iser: Pass the correct number of entries for dma mapped SGL - [arm64] net: hns3: fix wrong combined count returned by ethtool -l - IB/mlx5: Don't override existing ip_protocol - rtc: cmos: ignore bogus century byte - [i386] spi/topcliff_pch: Fix potential NULL dereference on allocation error - [arm64] net: hns3: fix bug of ethtool_ops.get_channels for VF - [armhf] clk: sunxi-ng: sun8i-a23: Enable PLL-MIPI LDOs when ungating it - iwlwifi: mvm: avoid possible access out of array. - net/mlx5: Take lock with IRQs disabled to avoid deadlock - ip_tunnel: Fix route fl4 init in ip_md_tunnel_xmit - iwlwifi: mvm: fix A-MPDU reference assignment - [armhf] bus: ti-sysc: Fix timer handling with drop pm_runtime_irq_safe() - [x86] tty: ipwireless: Fix potential NULL pointer dereference - driver: uio: fix possible memory leak in __uio_register_device - driver: uio: fix possible use-after-free in __uio_register_device - driver core: Fix DL_FLAG_AUTOREMOVE_SUPPLIER device link flag handling - driver core: Avoid careless re-use of existing device links - driver core: Do not resume suppliers under device_links_write_lock() - driver core: Fix handling of runtime PM flags in device_link_add() - driver core: Do not call rpm_put_suppliers() in pm_runtime_drop_link() - drm/xen-front: Fix mmap attributes for display buffers - iwlwifi: mvm: fix RSS config command - [mips*] rtc: ds1672: fix unintended sign extension - ath10k: fix dma unmap direction for management frames - net: phy: fixed_phy: Fix fixed_phy not checking GPIO - rtc: ds1307: rx8130: Fix alarm handling - net/smc: original socket family in inet_sock_diag - [arm64] rtc: pm8xxx: fix unintended sign extension - iw_cxgb4: use tos when importing the endpoint - iw_cxgb4: use tos when finding ipv6 routes - xsk: add missing smp_rmb() in xsk_mmap - [armhf] drm/etnaviv: potential NULL dereference - RDMA/mlx5: Fix memory leak in case we fail to add an IB device - driver core: Fix possible supplier PM-usage counter imbalance - [armhf] usb: phy: twl6030-usb: fix possible use-after-free on remove - block: don't use bio->bi_vcnt to figure out segment number - keys: Timestamp new keys - [armhf] net: dsa: b53: Fix default VLAN ID - [armhf] net: dsa: b53: Properly account for VLAN filtering - [armhf] net: dsa: b53: Do not program CPU port's PVID - mt76: usb: fix possible memory leak in mt76u_buf_free - vfio_pci: Enable memory accesses before calling pci_map_rom - mdio_bus: Fix PTR_ERR() usage after initialization to constant - [powerpc*] KVM: Release all hardware TCE tables attached to a group - [x86] staging: r8822be: check kzalloc return or bail - [arm*] dmaengine: mv_xor: Use correct device for DMA API - cdc-wdm: pass return value of recover_from_urb_loss - brcmfmac: create debugfs files for bus-specific layer - net/mlx5: Delete unused FPGA QPN variable - drm/nouveau/bios/ramcfg: fix missing parentheses when calculating RON - drm/nouveau/pmu: don't print reply values if exec is false - drm/nouveau: fix missing break in switch statement - driver core: Fix PM-runtime for links added during consumer probe - [arm64] ASoC: qcom: Fix of-node refcount unbalance in apq8016_sbc_parse_of() - [arm64,armhf] net: dsa: fix unintended change of bridge interface STP state - fs/nfs: Fix nfs_parse_devname to not modify it's argument - [x86] staging: rtlwifi: Use proper enum for return in halmac_parse_psd_data_88xx - [ppc64el] 64s: Fix logic when handling unknown CPU features - NFS: Fix a soft lockup in the delegation recovery code - perf: Copy parent's address filter offsets on clone - perf, pt, coresight: Fix address filters for vmas with non-zero offset - [armhf] clocksource/drivers/sun5i: Fail gracefully when clock rate is unavailable - [armhf] clocksource/drivers/exynos_mct: Fix error path in timer resources initialization - [x86] platform/x86: wmi: fix potential null pointer dereference - NFS/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount - ath10k: Fix length of wmi tlv command for protected mgmt frames - netfilter: nft_set_hash: fix lookups with fixed size hash on big endian - netfilter: nft_set_hash: bogus element self comparison from deactivation path - net: sched: act_csum: Fix csum calc for tagged packets - [arm*] hwrng: bcm2835 - fix probe as platform device - [amd64] iommu/vt-d: Fix NULL pointer reference in intel_svm_bind_mm() - NFS: Add missing encode / decode sequence_maxsz to v4.2 operations - NFSv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE() - [amd64] net: aquantia: fixed instack structure overflow - media: dvb/earth-pt1: fix wrong initialization for demod blocks - rbd: clear ->xferred on error from rbd_obj_issue_copyup() - PCI: Fix "try" semantics of bus and slot reset - scsi: megaraid_sas: reduce module load time - xen, cpu_hotplug: Prevent an out of bounds access - net/mlx5: Fix multiple updates of steering rules in parallel - net/mlx5e: IPoIB, Fix RX checksum statistics update - [arm64,armhf] soc: amlogic: gx-socinfo: Add mask for each SoC packages - media: ivtv: update *pos correctly in ivtv_read_pos() - media: cx18: update *pos correctly in cx18_read_pos() - [armhf] media: wl128x: Fix an error code in fm_download_firmware() - media: cx23885: check allocation return - jfs: fix bogus variable self-initialization - [armhf] dts: sun9i: optimus: Fix fixed-regulators - net: phy: don't clear BMCR in genphy_soft_reset - [armhf] OMAP2+: Fix potentially uninitialized return value for _setup_reset() - [arm64,armhf] net: dsa: Avoid null pointer when failing to connect to PHY - media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame - [arm64,armhf] spi: tegra114: clear packed bit for unpacked mode - [arm64,armhf] spi: tegra114: fix for unpacked mode transfers - [arm64,armhf] spi: tegra114: terminate dma and reset on transfer timeout - [arm64,armhf] spi: tegra114: flush fifos - [arm64,armhf] spi: tegra114: configure dma burst size to fifo trig level - [armhf] bus: ti-sysc: Fix sysc_unprepare() when no clocks have been allocated - [arm*] spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios - drm/fb-helper: generic: Call drm_client_add() after setup is done - [arm64] vdso: don't leak kernel addresses - rtc: Fix timestamp value for RTC_TIMESTAMP_BEGIN_1900 - bpf: Add missed newline in verifier verbose log - [x86] drm/vmwgfx: Remove set but not used variable 'restart' - scsi: qla2xxx: Unregister chrdev if module initialization fails - net/sched: cbs: fix port_rate miscalculation - ACPI: button: reinitialize button state upon resume - [arm64,armhf] firmware: arm_scmi: fix of_node leak in scmi_mailbox_check - rxrpc: Fix detection of out of order acks - scsi: target/core: Fix a race condition in the LUN lookup code - brcmfmac: fix leak of mypkt on error return path - [arm64] net: hns3: fix for vport->bw_limit overflow problem - [x86] hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses - perf/core: Fix the address filtering fix - [arm64,armhf] soc: amlogic: meson-gx-pwrc-vpu: Fix power on/off register bitmask - [x86] platform/x86: alienware-wmi: fix kfree on potentially uninitialized pointer - tipc: set sysctl_tipc_rmem and named_timeout right range - usb: typec: tcpm: Notify the tcpc to start connection-detection for SRPs - [arm64] net: hns3: fix loop condition of hns3_get_tx_timeo_queue_info() - 6lowpan: Off by one handling ->nexthdr - ALSA: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() - afs: Fix AFS file locking to allow fine grained locks - afs: Further fix file locking - NFS: Don't interrupt file writeout due to fatal errors - scsi: qla2xxx: Fix a format specifier - scsi: qla2xxx: Fix error handling in qlt_alloc_qfull_cmd() - scsi: qla2xxx: Avoid that qlt_send_resp_ctio() corrupts memory - [ppc64el] KVM: PPC: Book3S HV: Fix lockdep warning when entering the guest - netfilter: nft_flow_offload: add entry to flowtable after confirmation - packet: in recvmsg msg_name return at least sizeof sockaddr_ll - ASoC: fix valid stream condition - [arm*] dwc2: gadget: Fix completed transfer size calculation in DDMA - IB/mlx5: Add missing XRC options to QP optional params mask - RDMA/rxe: Consider skb reserve space based on netdev of GID - [amd64] iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU - [arm64] dmaengine: tegra210-adma: restore channel status - mmc: core: fix possible use after free of host - ath10k: Fix encoding for protected management frames - afs: Fix the afs.cell and afs.volume xattr handlers - l2tp: Fix possible NULL pointer dereference - [x86] platform/x86: alienware-wmi: printing the wrong error code - netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule - [arm64,armhf] pwm: meson: Consider 128 a valid pre-divider - [arm64,armhf] pwm: meson: Don't disable PWM when setting duty repeatedly - nfp: bpf: fix static check error through tightening shift amount adjustment - netfilter: nf_tables: correct NFT_LOGLEVEL_MAX value - [arm*] thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power - EDAC/mc: Fix edac_mc_find() in case no device is found - afs: Fix key leak in afs_release() and afs_evict_inode() - afs: Don't invalidate callback if AFS_VNODE_DIR_VALID not set - afs: Fix lock-wait/callback-break double locking - afs: Fix double inc of vnode->cb_break - [armhf] dts: sun8i-h3: Fix wifi in Beelink X2 DT - [arm64] clk: meson: gxbb: no spread spectrum on mpll0 - [arm64] clk: meson: axg: spread spectrum is on mpll2 - [arm64] dmaengine: tegra210-adma: Fix crash during probe - [arm64] dts: meson: libretech-cc: set eMMC as removable - RDMA/qedr: Fix incorrect device rate. - [x86] crypto: ccp - fix AES CFB error exposed by new test vectors - [x86] crypto: ccp - Fix 3DES complaint from ccp-crypto module - iommu: Add missing new line for dma type - iommu: Use right function to get group for device - signal/cifs: Fix cifs_put_tcp_session to call send_sig instead of force_sig - inet: frags: call inet_frags_fini() after unregister_pernet_subsys() - [arm64] net: hns3: fix a memory leak issue for hclge_map_unmap_ring_to_vf_vector - [x86] netvsc: unshare skb in VF rx handler - net: core: support XDP generic on stacked devices. - RDMA/uverbs: check for allocation failure in uapi_add_elm() - net: don't clear sock->sk early to avoid trouble in strparser - [arm64] phy: qcom-qusb2: fix missing assignment of ret when calling clk_prepare_enable - [arm64] clk: sunxi-ng: sun50i-h6-r: Fix incorrect W1 clock gate register - media: vivid: fix incorrect assignment operation when setting video mode - [arm64] crypto: inside-secure - fix zeroing of the request in ahash_exit_inv - [arm64] crypto: inside-secure - fix queued len computation - mpls: fix warning with multi-label encap - [arm64] dts: meson-gxm-khadas-vim2: fix gpio-keys-polled node - [arm64] dts: meson-gxm-khadas-vim2: fix Bluetooth support - [amd64] iommu/vt-d: Duplicate iommu_resv_region objects per device list - qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state - qed: iWARP - fix uninitialized callback - [powerpc*] cacheinfo: add cacheinfo_teardown, cacheinfo_rebuild - [powerpc*] pseries/mobility: rebuild cacheinfo hierarchy post-migration - bpf: fix the check that forwarding is enabled in bpf_ipv6_fib_lookup - [amd64] IB/hfi1: Handle port down properly in pio - [arm64] drm/msm/mdp5: Fix mdp5_cfg_init error return - net: netem: fix backlog accounting for corrupted GSO frames - net/udp_gso: Allow TX timestamp with UDP GSO - [s390x] net/af_iucv: build proper skbs for HiperTransport - [s390x] net/af_iucv: always register net_device notifier - [armhf] ASoC: ti: davinci-mcasp: Fix slot mask settings when using multiple AXRs - rtc: pcf8563: Fix interrupt trigger method - rtc: pcf8563: Clear event flags and disable interrupts before requesting irq - net/sched: cbs: Fix error path of cbs_module_init - [arm64] drm/msm/a3xx: remove TPL1 regs from snapshot - ip6_fib: Don't discard nodes with valid routing information in fib6_locate_1() - perf/ioctl: Add check for the sample_period value - [x86] dmaengine: hsu: Revert "set HSU_CH_MTSR to memory width" - tools: bpftool: use correct argument in cgroup errors - fork,memcg: alloc_thread_stack_node needs to set tsk->stack - bnxt_en: Fix ethtool selftest crash under error conditions. - bnxt_en: Suppress error messages when querying DSCP DCB capabilities. - [amd64] iommu: Make iommu_disable safer - [x86] mfd: intel-lpss: Release IDA resources - rxrpc: Fix uninitialized error code in rxrpc_send_data_packet() - xprtrdma: Fix use-after-free in rpcrdma_post_recvs - PM: ACPI/PCI: Resume all devices during hibernation - ACPI: PM: Simplify and fix PM domain hibernation callbacks - ACPI: PM: Introduce "poweroff" callbacks for ACPI PM domain and LPSS - devres: allow const resource arguments - [arm64] RDMA/hns: Fixs hw access invalid dma memory error - ceph: fix "ceph.dir.rctime" vxattr value - xdp: fix possible cq entry leak - scsi: libfc: fix null pointer dereference on a null lport - xfrm interface: ifname may be wrong in logs - [armhf] clk: sunxi-ng: v3s: add the missing PLL_DDR1 - PM: sleep: Fix possible overflow in pm_system_cancel_wakeup() - libertas_tf: Use correct channel range in lbtf_geo_init - qed: reduce maximum stack frame size - usb: host: xhci-hub: fix extra endianness conversion - [x86] crypto: ccp - Reduce maximum stack usage - tipc: reduce risk of wakeup queue starvation - net/mlx5: Fix mlx5_ifc_query_lag_out_bits - cifs: fix rmmod regression in cifs.ko caused by force_sig changes - net: fix bpf_xdp_adjust_head regression for generic-XDP - cxgb4: smt: Add lock for atomic_dec_and_test - ext4: set error return correctly when ext4_htree_store_dirent fails - [arm64] RDMA/hns: Bugfix for slab-out-of-bounds when unloading hip08 driver - [arm64] RDMA/hns: bugfix for slab-out-of-bounds when loading hip08 driver - net/rds: Add a few missing rds_stat_names entries - tools: bpftool: fix arguments for p_err() in do_event_pipe() - tools: bpftool: fix format strings and arguments for jsonw_printf() - bnxt_en: Fix handling FRAG_ERR when NVM_INSTALL_UPDATE cmd fails - signal: Allow cifs and drbd to receive their terminating signals - [ppc64el] 64s/radix: Fix memory hot-unplug page table split - [x86] dmaengine: dw: platform: Switch to acpi_dma_controller_register() - mac80211: minstrel_ht: fix per-group max throughput rate initialization - i40e: reduce stack usage in i40e_set_fc - [armhf] 8896/1: VDSO: Don't leak kernel addresses - [mips*] avoid explicit UB in assignment of mips_io_port_base - media: em28xx: Fix exception handling in em28xx_alloc_urbs() - ahci: Do not export local variable ahci_em_messages - rxrpc: Fix lack of conn cleanup when local endpoint is cleaned up - Partially revert "kfifo: fix kfifo_alloc() and kfifo_init()" - hwmon: (lm75) Fix write operations for negative temperatures - net/sched: cbs: Set default link speed to 10 Mbps in cbs_set_port_rate - power: supply: Init device wakeup after device_add() - [x86] perf: Fix the dependency of the x86 insn decoder selftest - irqdomain: Add the missing assignment of domain->fwnode for named fwnode - bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA - bcache: Fix an error code in bch_dump_read() - netfilter: ctnetlink: honor IPS_OFFLOAD flag - [arm64] wcn36xx: use dynamic allocation for large variables - xsk: avoid store-tearing when assigning queues - xsk: avoid store-tearing when assigning umem - led: triggers: Fix dereferencing of null pointer - [arm64] net: hns3: fix error VF index when setting VLAN offload - rtlwifi: Fix file release memory leak - f2fs: fix wrong error injection path in inc_valid_block_count() - f2fs: fix error path of f2fs_convert_inline_page() - [x86] scsi: fnic: fix msix interrupt allocation - Btrfs: fix hang when loading existing inode cache off disk - Btrfs: fix inode cache waiters hanging on failure to start caching thread - Btrfs: fix inode cache waiters hanging on path allocation failure - btrfs: use correct count in btrfs_file_write_iter() - ixgbe: sync the first fragment unconditionally - ath10k: adjust skb length in ath10k_sdio_mbox_rx_packet - RDMA/cma: Fix false error message - net/rds: Fix 'ib_evt_handler_call' element in 'rds_ib_stat_names' - bnxt_en: Increase timeout for HWRM_DBG_COREDUMP_XX commands - f2fs: fix to avoid accessing uninitialized field of inode page in is_alive() - [powerpc*] mm/mce: Keep irqs disabled during lockless page table walk - bpf: fix BTF limits - [amd64] iommu: Wait for completion of IOTLB flush in attach_device - [amd64] net: aquantia: Fix aq_vec_isr_legacy() return value - cxgb4: Signedness bug in init_one() - [arm64] net: hisilicon: Fix signedness bug in hix5hd2_dev_probe() - [arm64] net: netsec: Fix signedness bug in netsec_probe() - [arm64,armhf] net: stmmac: dwmac-meson8b: Fix signedness bug in probe - of: mdio: Fix a signedness bug in of_phy_get_and_connect() - [arm64] net: ethernet: stmmac: Fix signedness bug in ipq806x_gmac_of_parse() - net: sched: cbs: Avoid division by zero when calculating the port rate - nvme: retain split access workaround for capability reads - [arm64,armhf] net: stmmac: gmac4+: Not all Unicast addresses may be available - rxrpc: Fix trace-after-put looking at the put connection record - mac80211: accept deauth frames in IBSS mode - llc: fix another potential sk_buff leak in llc_ui_sendmsg() - llc: fix sk_buff refcounting in llc_conn_state_process() - ip6erspan: remove the incorrect mtu limit for ip6erspan - [arm64,armhf] net: stmmac: fix length of PTP clock's name string - [arm64,armhf] net: stmmac: fix disabling flexible PPS output - sctp: add chunks to sk_backlog when the newsk sk_socket is not set - [s390x] qeth: Fix error handling during VNICC initialization - [s390x] qeth: Fix initialization of vnicc cmd masks during set online - act_mirred: Fix mirred_init_module error handling - net: avoid possible false sharing in sk_leave_memory_pressure() - net: add {READ|WRITE}_ONCE() annotations on ->rskq_accept_head - tcp: annotate lockless access to tcp_memory_pressure - net/smc: receive returns without data - net/smc: receive pending data after RCV_SHUTDOWN - [arm64] drm/msm/dsi: Implement reset correctly - [armhf] dmaengine: imx-sdma: fix size check for sdma script_number - [arm64] hibernate: check pgd table allocation - net: netem: fix error path for corrupted GSO frames - net: netem: correct the parent's backlog when corrupted packet was dropped - xsk: Fix registration of Rx-only sockets - bpf, offload: Unlock on error in bpf_offload_dev_create() - afs: Fix missing timeout reset - [x86] hv_netvsc: Fix offset usage in netvsc_send_table() - [x86] hv_netvsc: Fix send_table offset in case of a host bug - afs: Fix large file support - [armhf] hwrng: omap3-rom - Fix missing clock by probing with device tree - [mips64el,mipsel] Loongson: Fix return value of loongson_hwmon_init - [x86] hv_netvsc: flag software created hash value - net: neigh: use long type to store jiffies delta - packet: fix data-race in fanout_flow_is_huge() - affs: fix a memory leak in affs_remount - afs: Remove set but not used variables 'before', 'after' - [armhf] dmaengine: ti: edma: fix missed failure handling - drm/radeon: fix bad DMA from INTERRUPT_CNTL2 - [arm64] dts: meson-gxm-khadas-vim2: fix uart_A bluetooth node https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.100 - can, slip: Protect tty->disc_data in write_wakeup and close with RCU - [x86] firestream: fix memory leaks - gtp: make sure only SOCK_DGRAM UDP sockets are accepted - ipv6: sr: remove SKB_GSO_IPXIP6 on End.D* actions - net: cxgb3_main: Add CAP_NET_ADMIN check to CHELSIO_GET_MEM - net: ip6_gre: fix moving ip6gre between namespaces - net, ip6_tunnel: fix namespaces move - net, ip_tunnel: fix namespaces move - net: rtnetlink: validate IFLA_MTU attribute in rtnl_create_link() - net_sched: fix datalen for ematch - net-sysfs: Fix reference count leak in rx|netdev_queue_add_kobject - net-sysfs: fix netdev_queue_add_kobject() breakage - net-sysfs: Call dev_hold always in netdev_queue_add_kobject - net-sysfs: Call dev_hold always in rx_queue_add_kobject - net-sysfs: Fix reference count leak - net: usb: lan78xx: Add .ndo_features_check - Revert "udp: do rmem bulk free even if the rx sk queue is empty" - tcp_bbr: improve arithmetic division in bbr_update_bw() - tcp: do not leave dangling pointers in tp->highest_sack - tun: add mutex_unlock() call and napi.skb clearing in tun_get_user() - afs: Fix characters allowed into cell names - hwmon: (adt7475) Make volt2reg return same reg as reg2volt input - hwmon: (core) Do not use device managed functions for memory allocations - PCI: Mark AMD Navi14 GPU rev 0xc5 ATS as broken - tracing: trigger: Replace unneeded RCU-list traversals - Input: keyspan-remote - fix control-message timeouts - [x86] Revert "Input: synaptics-rmi4 - don't increment rmiaddr for SMBus transfers" - [arm64,armhf] mmc: tegra: fix SDR50 tuning override - mmc: sdhci: fix minimum clock rate for v3 controller - [arm64] Documentation: Document arm64 kpti control - Input: sur40 - fix interface sanity checks - Input: gtco - fix endpoint sanity check - Input: aiptek - fix endpoint sanity check - Input: pegasus_notetaker - fix endpoint sanity check - [armhf] Input: sun4i-ts - add a check for devm_thermal_zone_of_sensor_register - netfilter: nft_osf: add missing check for DREG attribute - hwmon: (nct7802) Fix voltage limits to wrong registers - do_last(): fetch directory ->i_mode and ->i_uid before it's too late (CVE-2020-8428) - sd: Fix REQ_OP_ZONE_REPORT completion handling - [i386] crypto: geode-aes - switch to skcipher for cbc(aes) fallback - media: v4l2-ioctl.c: zero reserved fields for S/TRY_FMT - scsi: iscsi: Avoid potential deadlock in iscsi_if_rx func - netfilter: ipset: use bitmap infrastructure completely - netfilter: nf_tables: add __nft_chain_type_get() - mm/memory_hotplug: make remove_memory() take the device_hotplug_lock - mm, sparse: drop pgdat_resize_lock in sparse_add/remove_one_section() - mm, sparse: pass nid instead of pgdat to sparse_add_one_section() - drivers/base/memory.c: remove an unnecessary check on NR_MEM_SECTIONS - mm, memory_hotplug: add nid parameter to arch_remove_memory - mm/memory_hotplug: release memory resource after arch_remove_memory() - drivers/base/memory.c: clean up relics in function parameters - mm, memory_hotplug: update a comment in unregister_memory() - mm/memory_hotplug: make unregister_memory_section() never fail - mm/memory_hotplug: make __remove_section() never fail - [powerpc*] mm: Fix section mismatch warning - mm/memory_hotplug: make __remove_pages() and arch_remove_memory() never fail - [s390x] mm: implement arch_remove_memory() - mm/memory_hotplug: allow arch_remove_memory() without CONFIG_MEMORY_HOTREMOVE - drivers/base/memory: pass a block_id to init_memory_block() - mm/memory_hotplug: create memory block devices after arch_add_memory() - mm/memory_hotplug: remove memory block devices before arch_remove_memory() - mm/memory_hotplug: make unregister_memory_block_under_nodes() never fail - mm/memory_hotplug: remove "zone" parameter from sparse_remove_one_section - mm/hotplug: kill is_dev_zone() usage in __remove_pages() - drivers/base/node.c: simplify unregister_memory_block_under_nodes() - mm/memunmap: don't access uninitialized memmap in memunmap_pages() - mm/memory_hotplug: fix try_offline_node() - mm/memory_hotplug: shrink zones when offlining memory https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.101 - orinoco_usb: fix interface sanity check - rsi_91x_usb: fix interface sanity check - USB: serial: ir-usb: add missing endpoint sanity check - USB: serial: ir-usb: fix link-speed handling - USB: serial: ir-usb: fix IrLAP framing - [arm64,armhf] usb: dwc3: turn off VBUS when leaving host mode - staging: wlan-ng: ensure error return is actually returned - [x86] staging: vt6656: correct packet types for CTS protect, mode. - [x86] staging: vt6656: use NULLFUCTION stack on mac80211 - [x86] staging: vt6656: Fix false Tx excessive retries reporting. - [arm64,armel] serial: 8250_bcm2835aux: Fix line mismatch on driver unbind - component: do not dereference opaque pointer in debugfs - [x86] mei: me: add comet point (lake) H device ids - crypto: chelsio - fix writing tfm flags to wrong place - cifs: Fix memory allocation in __smb2_handle_cancelled_cmd() - ath9k: fix storage endpoint lookup - brcmfmac: fix interface sanity check - rtl8xxxu: fix interface sanity check - zd1211rw: fix storage endpoint lookup - net_sched: ematch: reject invalid TCF_EM_SIMPLE - net_sched: fix ops->bind_class() implementations - HID: multitouch: Add LG MELF0410 I2C touchscreen support - HID: Add quirk for Xin-Mo Dual Controller - HID: ite: Add USB id match for Acer SW5-012 keyboard dock - [x86] HID: Add quirk for incorrect input length on Lenovo Y720 - drivers/hid/hid-multitouch.c: fix a possible null pointer access. - [arm64] phy: qcom-qmp: Increase PHY ready timeout - drivers/net/b44: Change to non-atomic bit operations on pwol_mask - [i386] net: wan: sdla: Fix cast from pointer to integer of different size - [arm64] gpio: max77620: Add missing dependency on GPIOLIB_IRQCHIP - atm: eni: fix uninitialized variable warning - HID: steam: Fix input device disappearing - [x86] platform/x86: dell-laptop: disable kbd backlight on Inspiron 10xx - [amd64] PCI: Add DMA alias quirk for Intel VCA NTB - [amd64] iommu: Support multiple PCI DMA aliases in IRQ Remapping - usb-storage: Disable UAS on JMicron SATA enclosure - sched/fair: Add tmp_alone_branch assertion - sched/fair: Fix insertion in rq->leaf_cfs_rq_list - rsi: fix use-after-free on probe errors - rsi: fix memory leak on failed URB submission - rsi: fix non-atomic allocation in completion handler - crypto: af_alg - Use bh_lock_sock in sk_destruct - block: cleanup __blkdev_issue_discard() - block: fix 32 bit overflow in __blkdev_issue_discard() - [arm64] KVM: Write arch.mdcr_el2 changes since last vcpu_load on VHE https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.102 - vfs: fix do_last() regression - crypto: pcrypt - Fix user-after-free on module unload - perf c2c: Fix return type for histogram sorting comparision functions - PM / devfreq: Add new name attribute for sysfs - tools lib: Fix builds when glibc contains strlcpy() - ext4: validate the debug_want_extra_isize mount option at parse time - mm/mempolicy.c: fix out of bounds write in mpol_parse_str() - reiserfs: Fix memory leak of journal device string - media: digitv: don't continue if remote control state can't be read - media: af9005: uninitialized variable printked - media: vp7045: do not read uninitialized values if usb transfer fails - media: gspca: zero usb_buf - media: dvb-usb/dvb-usb-urb.c: initialize actlen to 0 - tomoyo: Use atomic_t for statistics counter - ttyprintk: fix a potential deadlock in interrupt context issue - Bluetooth: Fix race condition in hci_release_sock() - cgroup: Prevent double killing of css when enabling threaded cgroup - [armhf] dts: sun8i: a83t: Correct USB3503 GPIOs polarity - [armhf] dts: am57xx-beagle-x15/am57xx-idk: Remove "gpios" for endpoint dt nodes - [armhf] dts: beagle-x15-common: Model 5V0 regulator - [arm64] clk: sunxi-ng: h6-r: Fix AR100/R_APB2 parent order - mac80211: mesh: restrict airtime metric to peered established plinks - ASoC: rt5640: Fix NULL dereference on module unload - ixgbevf: Remove limit of 10 entries for unicast filter list - ixgbe: Fix calculation of queue with VFs and flow director on interface flap - igb: Fix SGMII SFP module discovery for 100FX/LX. - [x86] platform/x86: GPD pocket fan: Allow somewhat lower/higher temperature limits - qmi_wwan: Add support for Quectel RM500Q - wireless: fix enabling channel 12 for custom regulatory domain - cfg80211: Fix radar event during another phy CAC - mac80211: Fix TKIP replay protection immediately after key setup - netfilter: nft_tunnel: ERSPAN_VERSION must not be null - [armhf] net: dsa: bcm_sf2: Configure IMP port for 2Gb/sec - bnxt_en: Fix ipv6 RFS filter matching logic. - iwlwifi: Don't ignore the cap field upon mcc update - [armhf] dts: am335x-boneblack-common: fix memory size - vti[6]: fix packet tx through bpf_redirect() - xfrm interface: fix packet tx through bpf_redirect() - xfrm: interface: do not confirm neighbor when do pmtu update - scsi: fnic: do not queue commands during fwreset - [armhf] 8955/1: virt: Relax arch timer version check during early boot - [arm64] tee: optee: Fix compilation issue with nommu - airo: Fix possible info leak in AIROOLDIOCTL/SIOCDEVPRIVATE - airo: Add missing CAP_NET_ADMIN check in AIROOLDIOCTL/SIOCDEVPRIVATE - r8152: get default setting of WOL before initializing - qlcnic: Fix CPU soft lockup while collecting firmware dump - seq_tab_next() should increase position index - l2t_seq_next should increase position index - net: Fix skb->csum update in inet_proto_csum_replace16(). - btrfs: do not zero f_bavail if we have available space - perf report: Fix no libunwind compiled warning break s390 issue - mm/migrate.c: also overwrite error when it is bigger than zero https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.103 - [armhf] Revert "drm/sun4i: dsi: Change the start delay calculation" - ovl: fix lseek overflow on 32bit - kernel/module: Fix memleak in module_add_modinfo_attrs() - media: iguanair: fix endpoint sanity check - ocfs2: fix oops when writing cloned file - [x86] cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR - udf: Allow writing to 'Rewritable' partitions - printk: fix exclusive_console replaying - iwlwifi: mvm: fix NVM check for 3168 devices - gtp: use __GFP_NOWARN to avoid memalloc warning - l2tp: Allow duplicate session creation with UDP - net_sched: fix an OOB access in cls_tcindex - [arm64,armhf] net: stmmac: Delete txtimer in suspend() - bnxt_en: Fix TC queue mapping. - tcp: clear tp->total_retrans in tcp_disconnect() - tcp: clear tp->delivered in tcp_disconnect() - tcp: clear tp->data_segs{in|out} in tcp_disconnect() - tcp: clear tp->segs_{in|out} in tcp_disconnect() - rxrpc: Fix use-after-free in rxrpc_put_local() - rxrpc: Fix insufficient receive notification generation - rxrpc: Fix missing active use pinning of rxrpc_local object - rxrpc: Fix NULL pointer deref due to call->conn being cleared on disconnect - media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors - ipc/msg.c: consolidate all xxxctl_down() functions - tracing: Fix sched switch start/stop refcount racy updates - rcu: Avoid data-race in rcu_gp_fqs_check_wake() - brcmfmac: Fix memory leak in brcmf_usbdev_qinit - usb: gadget: f_ncm: Use atomic_t to track in-flight request - usb: gadget: f_ecm: Use atomic_t to track in-flight request - ALSA: usb-audio: Fix endianess in descriptor validation - ALSA: dummy: Fix PCM format loop in proc output - mm/memory_hotplug: fix remove_memory() lockdep splat - mm: move_pages: report the number of non-attempted pages - media/v4l2-core: set pages dirty upon releasing DMA buffers - media: v4l2-core: compat: ignore native command codes - media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments - irqdomain: Fix a memory leak in irq_domain_push_irq() - [x86] platform/x86: intel_scu_ipc: Fix interrupt support - [x86] ALSA: hda: Add Clevo W65_67SB the power_save blacklist - [arm64] KVM: Correct PSTATE on exception entry - [arm64,armhf] KVM: Correct CPSR on exception entry - [arm64,armhf] KVM: Correct AArch32 SPSR on exception entry - [arm64] KVM: Only sign-extend MMIO up to register width - [s390x] mm: fix dynamic pagetable upgrade for hugetlbfs - [powerpc*] pseries: Advance pfn if section is not present in lmb_is_removable() - smb3: fix signing verification of large reads - [arm64,armhf] PCI: tegra: Fix return value check of pm_runtime_get_sync() - [arm64,armhf] mmc: spi: Toggle SPI polarity, do not hardcode it - [x86] ACPI: video: Do not export a non working backlight interface on MSI MS-7721 boards - [x86] ACPI / battery: Deal with design or full capacity being reported as -1 - [x86] ACPI / battery: Use design-cap for capacity calculations if full-cap is not available - [x86] ACPI / battery: Deal better with neither design nor full capacity not being reported - alarmtimer: Unregister wakeup source when module get fails - ubifs: Reject unsupported ioctl flags explicitly - ubifs: don't trigger assertion on invalid no-key filename - ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag - ubifs: Fix deadlock in concurrent bulk-read and writepage - [i386] crypto: geode-aes - convert to skcipher API and make thread-safe - [x86] hv_balloon: Balloon up according to request page number - mfd: axp20x: Mark AXP20X_VBUS_IPSOUT_MGMT as volatile - crypto: api - Check spawn->alg under lock in crypto_drop_spawn - scsi: qla2xxx: Fix mtcp dump collection failure - ovl: fix wrong WARN_ON() in ovl_cache_update_ino() - f2fs: choose hardlimit when softlimit is larger than hardlimit in f2fs_statfs_project() - f2fs: fix miscounted block limit in f2fs_statfs_project() - f2fs: code cleanup for f2fs_statfs_project() - PM: core: Fix handling of devices deleted during system-wide resume - dm zoned: support zone sizes smaller than 128MiB - dm space map common: fix to ensure new block isn't already in use - dm crypt: fix benbi IV constructor crash if used in authenticated mode - dm: fix potential for q->make_request_fn NULL pointer - dm writecache: fix incorrect flush sequence when doing SSD mode commit - padata: Remove broken queue flushing - tracing: Annotate ftrace_graph_hash pointer with __rcu - tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu - ftrace: Add comment to why rcu_dereference_sched() is open coded - ftrace: Protect ftrace_graph_hash with ftrace_sync - [x86] crypto: ccp - set max RSA modulus size for v3 platform devices as well - crypto: pcrypt - Do not clear MAY_SLEEP flag in original request - crypto: api - Fix race condition in crypto_spawn_alg - scsi: qla2xxx: Fix unbound NVME response length - NFS: Fix memory leaks and corruption in readdir - NFS: Directory page cache pages need to be locked when read - jbd2_seq_info_next should increase position index - Btrfs: fix missing hole after hole punching and fsync when using NO_HOLES - btrfs: set trans->drity in btrfs_commit_transaction - Btrfs: fix race between adding and putting tree mod seq elements and nodes - [armhf] tegra: Enable PLLP bypass during Tegra124 LP1 - iwlwifi: don't throw error when trying to remove IGTK - mwifiex: fix unbalanced locking in mwifiex_process_country_ie() - sunrpc: expiry_time should be seconds not timeval - gfs2: move setting current->backing_dev_info - gfs2: fix O_SYNC write handling - drm/rect: Avoid division by zero - media: rc: ensure lirc is initialized before registering input device - xen/balloon: Support xend-based toolstack take two - watchdog: fix UAF in reboot notifier handling in watchdog core code - bcache: add readahead cache policy options via sysfs interface - eventfd: track eventfd_signal() recursion depth - aio: prevent potential eventfd recursion on poll - [x86] KVM: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks - [x86] KVM: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks - [x86] KVM: Protect pmu_intel.c from Spectre-v1/L1TF attacks - [x86] KVM: Protect DR-based index computations from Spectre-v1/L1TF attacks - [x86] KVM: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks - [x86] KVM: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF attacks - [x86] KVM: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks - [x86] KVM: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF attacks - [x86] KVM: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks - [x86] KVM: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c - [x86] KVM: Protect x86_decode_insn from Spectre-v1/L1TF attacks - [x86] KVM: Protect MSR-based index computations in fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks - [x86] KVM: Fix potential put_fpu() w/o load_fpu() on MPX platform - [ppc64el] KVM: Book3S HV: Uninit vCPU if vcore creation fails - [ppc64el] KVM: Book3S PR: Free shared page if mmu initialization fails - [x86] kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit (CVE-2019-3016) - [x86] KVM: Don't let userspace set host-reserved cr4 bits - [x86] KVM: Free wbinvd_dirty_mask if vCPU creation fails - [s390x] KVM: do not clobber registers during guest reset/store status - [arm64,armhf] clk: tegra: Mark fuse clock as critical - percpu: Separate decrypted varaibles anytime encryption can be enabled - scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type - scsi: csiostor: Adjust indentation in csio_device_reset - scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free - scsi: ufs: Recheck bkops level if bkops is disabled - [arm64] phy: qualcomm: Adjust indentation in read_poll_timeout - ext2: Adjust indentation in ext2_fill_super - [arm64] drm: msm: mdp4: Adjust indentation in mdp4_dsi_encoder_enable - IB/mlx5: Fix outstanding_pi index for GSI qps - IB/core: Fix ODP get user pages flow - nfsd: fix delay timer on 32-bit architectures - nfsd: fix jiffies/time_t mixup in LRU list - nfsd: Return the correct number of bytes written to the file - ubi: fastmap: Fix inverted logic in seen selfcheck - ubi: Fix an error pointer dereference in error handling code - bonding/alb: properly access headers in bond_alb_xmit() - [armhf] net: dsa: bcm_sf2: Only 7278 supports 2Gb/sec IMP port - [arm64,armhf] net: mvneta: move rx_dropped and rx_errors in per-cpu stats - net_sched: fix a resource leak in tcindex_set_parms() - net/mlx5: IPsec, Fix esp modify function attribute - net/mlx5: IPsec, fix memory leak at mlx5_fpga_ipsec_delete_sa_ctx - [arm64] net: macb: Remove unnecessary alignment check for TSO - [arm64] net: macb: Limit maximum GEM TX length in TSO - [armhf] net: dsa: b53: Always use dev->vlan_enabled in b53_configure_vlan() - ext4: fix deadlock allocating crypto bounce page from mempool - btrfs: use bool argument in free_root_pointers() - btrfs: free block groups after free'ing fs trees - btrfs: flush write bio if we loop in extent_write_cache_pages - [x86] KVM: mmu: Apply max PA check for MMIO sptes to 32-bit KVM - [x86] KVM: Use gpa_t for cr2/gpa to fix TDP support on 32-bit KVM - [x86] KVM: nVMX: vmread should not set rflags to specify success in case of #PF - KVM: Use vcpu-specific gva->hva translation when querying host page size - KVM: Play nice with read-only memslots when querying host page size - mm: zero remaining unavailable struct pages - mm: return zero_resv_unavail optimization - mm/page_alloc.c: fix uninitialized memmaps on a partially populated last section - cifs: fail i/o on soft mounts if sessionsetup errors out - [x86] apic/msi: Plug non-maskable MSI affinity race - clocksource: Prevent double add_timer_on() for watchdog_timer - perf/core: Fix mlock accounting in perf_mmap() - rxrpc: Fix service call disconnection https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.104 - ASoC: pcm: update FE/BE trigger order based on the command - [x86] hv_sock: Remove the accept port restriction - IB/mlx4: Fix memory leak in add_gid error flow - RDMA/netlink: Do not always generate an ACK for some netlink operations - RDMA/core: Fix locking in ib_uverbs_event_read - scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails - PCI/IOV: Fix memory leak in pci_iov_add_virtfn() - ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe - PCI: Don't disable bridge BARs when assigning bus resources - nfs: NFS_SWAP should depend on SWAP - NFS: Revalidate the file size on a fatal write error - NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes() - NFSv4: try lease recovery on NFS4ERR_EXPIRED - [arm64] serial: uartps: Add a timeout to the tx empty wait - [arm64] gpio: zynq: Report gpio direction at boot - spi: spi-mem: Add extra sanity checks on the op param - spi: spi-mem: Fix inverted logic in op sanity check - rtc: cmos: Stop using shared IRQ - [x86] platform/x86: intel_mid_powerbtn: Take a copy of ddata - [powerpc*] pseries/vio: Fix iommu_table use-after-free refcount warning - [powerpc*] pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW - [arm64] iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA - [arm64,armhf] KVM: vgic-its: Fix restoration of unmapped collections - [armel,armhf] 8949/1: mm: mark free_memmap as __init - [arm64] cpufeature: Fix the type of no FP/SIMD capability - [arm64] ptrace: nofpsimd: Fail FP/SIMD regset operations - [arm64,armhf] KVM: Fix young bit from mmu notifier - [arm64,armhf] KVM: Fix DFSR setting for non-LPAE aarch32 guests - [arm64,armhf] KVM: Make inject_abt32() inject an external abort instead - [arm64] KVM: pmu: Don't increment SW_INCR if PMCR.E is unset - mtd: onenand_base: Adjust indentation in onenand_read_ops_nolock - mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() - mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() - libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held - libertas: make lbs_ibss_join_existing() return error code on rates overflow - scsi: megaraid_sas: Do not initiate OCR if controller is not in ready state - [x86] stackframe: Move ENCODE_FRAME_POINTER to asm/frame.h - [x86] x86/stackframe, x86/ftrace: Add pt_regs frame annotations - [arm64] serial: uartps: Move the spinlock after the read of the tx empty - padata: fix null pointer deref of pd->pinst https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.105 - Input: synaptics - switch T470s to RMI4 by default - Input: synaptics - enable SMBus on ThinkPad L470 - Input: synaptics - remove the LEN0049 dmi id from topbuttonpad list - ALSA: usb-audio: Fix UAC2/3 effect unit parsing - ALSA: hda/realtek - Fix silent output on MSI-GL73 - ALSA: usb-audio: Apply sample rate quirk for Audioengine D1 - [arm64] cpufeature: Set the FP/SIMD compat HWCAP bits properly - [arm64] nofpsmid: Handle TIF_FOREIGN_FPSTATE flag cleanly - ALSA: usb-audio: sound: usb: usb true/false for bool return type - ALSA: usb-audio: Add clock validity quirk for Denon MC7000/MCX8000 - ext4: don't assume that mmp_nodename/bdevname have NUL - ext4: fix support for inode sizes > 1024 bytes - ext4: fix checksum errors with indexed dirs - ext4: add cond_resched() to ext4_protect_reserved_inode (CVE-2020-8992) - ext4: improve explanation of a mount failure caused by a misconfigured kernel - Btrfs: fix race between using extent maps and merging them - btrfs: ref-verify: fix memory leaks - btrfs: print message when tree-log replay starts - btrfs: log message when rw remount is attempted with unclean tree-log - [arm64] ssbs: Fix context-switch when SSBS is present on all CPUs - [x86] perf/x86/amd: Add missing L2 misses event spec to AMD Family 17h's event map - nvme: fix the parameter order for nvme_get_log in nvme_get_fw_slot_info - [amd64] IB/hfi1: Acquire lock to release TID entries when user file is closed - [amd64] IB/hfi1: Close window for pq and request coliding - IB/rdmavt: Reset all QPs when the device is shut down - RDMA/core: Fix invalid memory access in spec_filter_size - [amd64] RDMA/hfi1: Fix memory leak in _dev_comp_vect_mappings_create - RDMA/rxe: Fix soft lockup problem due to using tasklets in softirq - RDMA/core: Fix protection fault in get_pkey_idx_qp_list - [s390x] time: Fix clk type in get_tod_clock - [x86] perf/x86/intel: Fix inaccurate period in context switch for auto- reload - NFSv4.1 make cachethis=no for writes - jbd2: move the clearing of b_modified flag to the journal_unmap_buffer() - jbd2: do not clear the BH_Mapped flag when forgetting a metadata buffer - [x86] KVM: mmu: Fix struct guest_walker arrays for 5-level paging https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.106 - core: Don't skip generic XDP program execution for cloned SKBs - enic: prevent waking up stopped tx queues over watchdog reset - net/smc: fix leak of kernel memory to user space - net/sched: matchall: add missing validation of TCA_MATCHALL_FLAGS - net/sched: flower: add missing validation of TCA_FLOWER_FLAGS - [x86] KVM: nVMX: Use correct root level for nested EPT shadow page tables - [x86] drm/gma500: Fixup fbdev stolen size usage evaluation - cpu/hotplug, stop_machine: Fix stop_machine vs hotplug order - brcmfmac: Fix use after free in brcmf_sdio_readframes() - ext4: fix ext4_dax_read/write inode locking sequence for IOCB_NOWAIT - ALSA: ctl: allow TLV read operation for callback type of element in locked case - [powerpc*] powernv/iov: Ensure the pdn for VFs always contains a valid PE number - [amd64] iommu/vt-d: Fix off-by-one in PASID allocation - [x86] pinctrl: baytrail: Do not clear IRQ flags on direct-irq enabled pins - [x86] efi: Map the entire EFI vendor string before copying it - [mips64el,mipsel] Loongson: Fix potential NULL dereference in loongson3_platform_init() - [arm*] usb: dwc2: Fix IN FIFO allocation - [armel,armhf] clocksource/drivers/bcm2835_timer: Fix memory leak of timer - jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info when load journal - [armhf] pwm: omap-dmtimer: Simplify error handling - [s390x] pci: Fix possible deadlock in recover_store() - [powerpc*] iov: Move VF pdev fixup into pcibios_fixup_iov() - tracing: Fix tracing_stat return values in error handling paths - tracing: Fix very unlikely race of registering two stat tracers - ext4, jbd2: ensure panic when aborting with zero errno - ath10k: Correct the DMA direction for management tx buffers - nbd: add a flush_workqueue in nbd_start_device - [s390x] KVM: ENOTSUPP -> EOPNOTSUPP fixups - [arm64] clk: qcom: rcg2: Don't crash if our parent can't be found; return an error - drm/amdgpu: remove 4 set but not used variable in amdgpu_atombios_get_connector_info_from_object_table - [arm64,armhf] regulator: rk808: Lower log level on optional GPIOs being not available - NFC: port100: Convert cpu_to_le16(le16_to_cpu(E1) + E2) to use le16_add_cpu(). - selinux: fall back to ref-walk if audit is required - selinux: ensure we cleanup the internal AVC counters on error in avc_insert() - media: cx23885: Add support for AVerMedia CE310B - PCI: Add generic quirk for increasing D3hot delay - PCI: Increase D3 delay for AMD Ryzen5/7 XHCI controllers - media: v4l2-device.h: Explicitly compare grp{id,mask} to zero in v4l2_device macros - reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling - fore200e: Fix incorrect checks of NULL pointer dereference - netfilter: nft_tunnel: add the missing ERSPAN_VERSION nla_policy - ALSA: usx2y: Adjust indentation in snd_usX2Y_hwdep_dsp_status - orinoco: avoid assertion in case of NULL pointer - ACPICA: Disassembler: create buffer fields in ACPI_PARSE_LOAD_PASS1 - scsi: ufs: Complete pending requests in host reset and restore path - scsi: aic7xxx: Adjust indentation in ahc_find_syncrate - selinux: ensure we cleanup the internal AVC counters on error in avc_update() - dmaengine: Store module owner in dma_device struct - [arm64] clk: sunxi-ng: add mux and pll notifiers for A64 CPU clock - tools lib api fs: Fix gcc9 stringop-truncation compilation error - [x86] ACPI: button: Add DMI quirk for Razer Blade Stealth 13 late 2019 lid switch - mlx5: work around high stack usage with gcc - drm: remove the newline for CRC source name. - usbip: Fix unsafe unaligned pointer usage - udf: Fix free space reporting for metadata and virtual partitions - staging: rtl8188: avoid excessive stack usage - [amd64] IB/hfi1: Add software counter for ctxt0 seq drop - [armhf] soc/tegra: fuse: Correct straps' address for older Tegra124 device trees - [x86] efi: Don't panic or BUG() on non-critical error conditions - rcu: Use WRITE_ONCE() for assignments to ->pprev for hlist_nulls - [x86] nmi: Remove irq_work from the long duration NMI handler - driver core: platform: Prevent resouce overflow from causing infinite loops - driver core: Print device when resources present in really_probe() - bpf: Return -EBADRQC for invalid map type in __bpf_tx_xdp_map - drm/nouveau/secboot/gm20b: initialize pointer in gm20b_secboot_new() - drm/nouveau/gr/gk20a,gm200-: add terminators to method lists read from fw - drm/nouveau: Fix copy-paste error in nouveau_fence_wait_uevent_handler - drm/nouveau/fault/gv100-: fix memory leak on module unload - [x86] drm/vmwgfx: prevent memory leak in vmw_cmdbuf_res_add - [armhf] usb: musb: omap2430: Get rid of musb .set_vbus for omap2430 glue - [arm64] iommu/arm-smmu-v3: Use WRITE_ONCE() when changing validity of an STE - f2fs: set I_LINKABLE early to avoid wrong access by vfs - f2fs: free sysfs kobject - scsi: iscsi: Don't destroy session if there are outstanding connections - watchdog/softlockup: Enforce that timestamp is valid on boot - f2fs: fix memleak of kobject - [x86] mm: Fix NX bit clearing issue in kernel_map_pages_in_pgd - [armhf] pwm: omap-dmtimer: Remove PWM chip in .remove before making it unfunctional - btrfs: fix possible NULL-pointer dereference in integrity checks - btrfs: safely advance counter when looking up bio csums - btrfs: device stats, log when stats are zeroed - module: avoid setting info->name early in case we can fall back to info->mod->name - ALSA: hda/hdmi - add retry logic to parse_intel_hdmi() - driver core: platform: fix u32 greater or equal to zero comparison - ALSA: hda - Add docking station support for Lenovo Thinkpad T420s - drm/nouveau/mmu: fix comptag memory leak - [powerpc*] sriov: Remove VF eeh_dev state when disabling SR-IOV - bcache: cached_dev_free needs to put the sb page - [amd64] iommu/vt-d: Remove unnecessary WARN_ON_ONCE() - jbd2: switch to use jbd2_journal_abort() when failed to submit the commit record - jbd2: make sure ESHUTDOWN to be recorded in the journal superblock - iwlegacy: ensure loop counter addr does not wrap and cause an infinite loop - cifs: fix NULL dereference in match_prepath - bpf: map_seq_next should always increase position index - ceph: check availability of mds cluster on mount after wait timeout - [arm64,armhf] irqchip/gic-v3: Only provision redistributors that are enabled in ACPI - drm/nouveau/disp/nv50-: prevent oops when no channel method map provided - ftrace: fpid_next() should increase position index - trigger_next should increase position index - radeon: insert 10ms sleep in dce5_crtc_load_lut - ocfs2: fix a NULL pointer dereference when call ocfs2_update_inode_fsync_trans() - reiserfs: prevent NULL pointer dereference in reiserfs_insert_item() - bcache: explicity type cast in bset_bkey_last() - [arm64,armhf] irqchip/gic-v3-its: Reference to its_invall_cmd descriptor when building INVALL - iwlwifi: mvm: Fix thermal zone registration - brd: check and limit max_part par - NFS: Fix memory leaks - help_next should increase position index - cifs: log warning message (once) if out of disk space - virtio_balloon: prevent pfn array overflow https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.107 - [arm64] iommu/qcom: Fix bogus detach logic - ALSA: hda: Use scnprintf() for printing texts for sysfs/procfs - [x86] ALSA: hda/realtek - Apply quirk for MSI GP63, too - [x86] ALSA: hda/realtek - Apply quirk for yet another MSI laptop - [armhf] ASoC: sun8i-codec: Fix setting DAI data format - ecryptfs: fix a memory leak bug in parse_tag_1_packet() - ecryptfs: fix a memory leak bug in ecryptfs_init_messaging() - [x86] thunderbolt: Prevent crash if non-active NVMem file is read - USB: misc: iowarrior: add support for 2 OEMed devices - USB: misc: iowarrior: add support for the 28 and 28L devices - USB: misc: iowarrior: add support for the 100 device - floppy: check FDC index for errors before assigning it (CVE-2020-9383) - vt: fix scrollback flushing on background consoles - vt: selection, handle pending signals in paste_selection - vt: vt_ioctl: fix race in VT_RESIZEX - [arm*] staging: android: ashmem: Disallow ashmem memory from being remapped (CVE-2020-0009) - [x86] staging: vt6656: fix sign of rx_dbm to bb_pre_ed_rssi. - xhci: Force Maximum Packet size for Full-speed bulk devices to valid range. - xhci: fix runtime pm enabling for quirky Intel hosts - xhci: Fix memory leak when caching protocol extended capability PSI tables - take 2 - usb: host: xhci: update event ring dequeue pointer on purpose - USB: core: add endpoint-blacklist quirk - USB: quirks: blacklist duplicate ep on Sound Devices USBPre2 - usb: uas: fix a plug & unplug racing - USB: Fix novation SourceControl XL after suspend - USB: hub: Don't record a connect-change event during reset-resume - USB: hub: Fix the broken detection of USB3 device in SMSC hub - [arm*] usb: dwc2: Fix SET/CLEAR_FEATURE and GET_STATUS flows - [arm64,armhf] usb: dwc3: gadget: Check for IOC/LST bit in TRB->ctrl fields - staging: rtl8188eu: Fix potential security hole - staging: rtl8188eu: Fix potential overuse of kernel memory - staging: rtl8723bs: Fix potential security hole - staging: rtl8723bs: Fix potential overuse of kernel memory - [powerpc*] tm: Fix clearing MSR[TS] in current when reclaiming on signal delivery - jbd2: fix ocfs2 corrupt when clearing block group bits - [x86] mce/amd: Publish the bank pointer only after setup has succeeded - [x86] mce/amd: Fix kobject lifetime - [x86] cpu/amd: Enable the fixed Instructions Retired counter IRPERF - serial: 8250: Check UPF_IRQ_SHARED in advance - [armhf] tty: serial: imx: setup the correct sg entry for tx dma - serdev: ttyport: restore client ops on deregistration - Revert "ipc,sem: remove uneeded sem_undo_list lock usage in exit_sem()" - mm/memcontrol.c: lost css_put in memcg_expand_shrinker_maps() - nvme-multipath: Fix memory leak with ana_log_buf - genirq/irqdomain: Make sure all irq domain flags are distinct - mm/vmscan.c: don't round up scan size for online memory cgroup - drm/amdgpu/soc15: fix xclk for raven - [x86] xhci: apply XHCI_PME_STUCK_QUIRK to Intel Comet Lake platforms - [x86] KVM: nVMX: Don't emulate instructions in guest mode (CVE-2020-2732) - [x86] KVM: don't notify userspace IOAPIC on edge-triggered interrupt EOI - drm/nouveau/kms/gv100-: Re-set LUT after clearing for modesets - ext4: fix a data race in EXT4_I(inode)->i_disksize - ext4: add cond_resched() to __ext4_find_entry() - ext4: fix potential race between online resizing and write operations - ext4: fix potential race between s_group_info online resizing and access - ext4: fix potential race between s_flex_groups online resizing and access - ext4: fix mount failure with quota configured as module - ext4: rename s_journal_flag_rwsem to s_writepages_rwsem - ext4: fix race between writepages and enabling EXT4_EXTENTS_FL - [x86] KVM: nVMX: Refactor IO bitmap checks into helper function - [x86] KVM: nVMX: Check IO instruction VM-exit conditions - [x86] KVM: nVMX: handle nested posted interrupts when apicv is disabled for L1 - [x86] KVM: apic: avoid calculating pending eoi from an uninitialized val - btrfs: fix bytes_may_use underflow in prealloc error condtition - btrfs: reset fs_root to NULL on error in open_ctree - btrfs: do not check delayed items are empty for single transaction cleanup - Btrfs: fix btrfs_wait_ordered_range() so that it waits for all ordered extents - scsi: Revert "target: iscsi: Wait for all commands to finish before freeing a session" - usb: gadget: composite: Fix bMaxPower for SuperSpeedPlus - [arm*] usb: dwc2: Fix in ISOC request length checking - staging: rtl8723bs: fix copy of overlapping memory - ecryptfs: replace BUG_ON with error handling code - genirq/proc: Reject invalid affinity masks (again) - bpf, offload: Replace bitwise AND by logical AND in bpf_prog_offload_info_fill - ALSA: seq: Avoid concurrent access to queue flags - ALSA: seq: Fix concurrent access to queue current tick/time - netfilter: xt_hashlimit: limit the max size of hashtable - rxrpc: Fix call RCU cleanup using non-bh-safe locks - ata: ahci: Add shutdown to freeze hardware resources of ahci - xen: Enable interrupts when calling _cond_resched() - [s390x] mm: Explicitly compare PAGE_DEFAULT_KEY against zero in storage_key_init_range https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.108 - [arm64,armhf] irqchip/gic-v3-its: Fix misuse of GENMASK macro - iwlwifi: pcie: fix rb_allocator workqueue allocation - ipmi:ssif: Handle a possible NULL pointer reference - [arm64] drm/msm: Set dma maximum segment size for mdss - dax: pass NOWAIT flag to iomap_apply - mac80211: consider more elements in parsing CRC - cfg80211: check wiphy driver existence for drvinfo report - [s390x] zcrypt: fix card and queue total counter wrap - qmi_wwan: re-add DW5821e pre-production variant - qmi_wwan: unconditionally reject 2 ep interfaces - [arm64] soc/tegra: fuse: Fix build with Tegra194 configuration - net: ena: fix potential crash when rxfh key is NULL - net: ena: fix uses of round_jiffies() - net: ena: add missing ethtool TX timestamping indication - net: ena: fix incorrect default RSS key - net: ena: rss: fix failure to get indirection table - net: ena: rss: store hash function as values and not bits - net: ena: fix incorrectly saving queue numbers when setting RSS indirection table - net: ena: ethtool: use correct value for crc32 hash - net: ena: ena-com.c: prevent NULL pointer dereference - cifs: Fix mode output in debugging statements - cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE - sysrq: Restore original console_loglevel when sysrq disabled - sysrq: Remove duplicated sysrq message - net: fib_rules: Correctly set table field when table number exceeds 8 bits - net: sched: correct flower port blocking - sctp: move the format error check out of __sctp_sf_do_9_1_abort - ipv6: Fix route replacement with dev-only route - ipv6: Fix nlmsg_flags when splitting a multipath route - qede: Fix race between rdma destroy workqueue and link change event - ext4: potential crash on allocation error in ext4_alloc_flex_bg_array() - audit: fix error handling in audit_data_to_entry() - ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro - [arm64,x86] ACPI: watchdog: Fix gas->access_width usage - [x86] KVM: VMX: check descriptor table exits on instruction emulation - HID: ite: Only bind to keyboard USB interface on Acer SW5-012 keyboard dock - HID: core: fix off-by-one memset in hid_report_raw_event() - HID: core: increase HID report buffer size to 8KiB - tracing: Disable trace_printk() on post poned tests - Revert "PM / devfreq: Modify the device name as devfreq(X) for sysfs" - amdgpu/gmc_v9: save/restore sdpif regs during S3 - vhost: Check docket sk_family instead of call getname (CVE-2020-10942) - HID: alps: Fix an error handling path in 'alps_input_configured()' - HID: hiddev: Fix race in in hiddev_disconnect() - [x86] hv_netvsc: Fix unwanted wakeup in netvsc_attach() - [s390x] qeth: vnicc Fix EOPNOTSUPP precedence - net: netlink: cap max groups which will be considered in netlink_bind() - [amd64] net: atlantic: fix use after free kasan warn - [amd64] net: atlantic: fix potential error handling - net/smc: no peer ID in CLC decline for SMCD - net: ena: make ena rxfh support ETH_RSS_HASH_NO_CHANGE - namei: only return -ECHILD from follow_dotdot_rcu() - mwifiex: drop most magic numbers from mwifiex_process_tdls_action_frame() - [x86] KVM: SVM: Override default MMIO mask if memory encryption is enabled - KVM: Check for a bad hva before dropping into the ghc slow path - sched/fair: Optimize update_blocked_averages() - sched/fair: Fix O(nr_cgroups) in the load balancing path - perf stat: Use perf_evsel__is_clocki() for clock events - perf stat: Fix shadow stats for clock events - [arm64] drivers: net: xgene: Fix the order of the arguments of 'alloc_etherdev_mqs()' - kprobes: Set unoptimized flag after unoptimizing code - [armhf] pwm: omap-dmtimer: put_device() after of_find_device_by_node() - perf hists browser: Restore ESC as "Zoom out" of DSO/thread/etc - [x86] KVM: Remove spurious kvm_mmu_unload() from vcpu destruction path - [x86] KVM: Remove spurious clearing of async #PF MSR - netfilter: nft_tunnel: no need to call htons() when dumping ports - mm/huge_memory.c: use head to check huge zero page - mm, thp: fix defrag setting if newline is not used - audit: always check the netlink payload length in audit_receive_msg() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.109 - [x86] EDAC/amd64: Set grain per DIMM - ALSA: hda/realtek - Fix a regression for mute led on Lenovo Carbon X1 - [armhf] net: dsa: bcm_sf2: Forcibly configure IMP port for 1Gb/sec - kprobes: Fix optimize_kprobe()/unoptimize_kprobe() cancellation logic - [x86] ALSA: hda: do not override bus codec_mask in link_get() - usb: gadget: composite: Support more than 500mA MaxPower - usb: gadget: ffs: ffs_aio_cancel(): Save/restore IRQ flags - usb: gadget: serial: fix Tx stall after buffer overflow - [arm64] drm/msm/mdp5: rate limit pp done timeout warnings - [arm64] drm: msm: Fix return type of dsi_mgr_connector_mode_valid for kCFI - scsi: megaraid_sas: silence a warning - [arm64] drm/msm/dsi: save pll state before dsi host is powered off - [arm64] drm/msm/dsi/pll: call vco set rate explicitly - [armhf] net: dsa: b53: Ensure the default VID is untagged - [s390x] cio: cio_ignore_proc_seq_next should increase position index - [s390x] qdio: fill SL with absolute addresses - ice: Don't tell the OS that link is going down - [arm64] net: thunderx: workaround BGX TX Underflow issue - ALSA: hda/realtek - Add Headset Mic supported - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master - cifs: don't leak -EAGAIN for stat() during reconnect - usb: storage: Add quirk for Samsung Fit flash - usb: quirks: add NO_LPM quirk for Logitech Screen Share - [arm64,armhf] usb: dwc3: gadget: Update chain bit correctly when using sg list - usb: core: hub: fix unhandled return by employing a void function - usb: core: hub: do error out if usb_autopm_get_interface() fails - usb: core: port: do error out if usb_autopm_get_interface() fails - vgacon: Fix a UAF in vgacon_invert_region (CVE-2020-8647, CVE-2020-8649) - mm, numa: fix bad pmd by atomically check for pmd_trans_huge when marking page tables prot_numa - mm: fix possible PMD dirty bit lost in set_pmd_migration_entry() - fat: fix uninit-memory access for partial initialized inode - [arm64] tty:serial:mvebu-uart:fix a wrong return - serial: 8250_exar: add support for ACCES cards - vt: selection, close sel_buffer race (CVE-2020-8648) - vt: selection, push console lock down - vt: selection, push sel_lock up - [arm64,armhf] media: v4l2-mem2mem.c: fix broken links - [x86] pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes - [arm64,armhf] dmaengine: tegra-apb: Fix use-after-free - [arm64,armhf] dmaengine: tegra-apb: Prevent race conditions of tasklet vs free list - dm cache: fix a crash due to incorrect work item cancelling - dm: report suspended device during destroy - dm writecache: verify watermark during resume - [x86] ASoC: topology: Fix memleak in soc_tplg_link_elems_load() - [x86] ASoC: topology: Fix memleak in soc_tplg_manifest_load() - [x86] ASoC: intel: skl: Fix pin debug prints - [x86] ASoC: intel: skl: Fix possible buffer overflow in debug outputs - [armhf] dmaengine: imx-sdma: remove dma_slave_config direction usage and leave sdma_event_enable() - ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output - ASoC: dapm: Correct DAPM handling of active widgets during shutdown - [armhf] drm/sun4i: Fix DE2 VI layer format support - [armhf] drm/sun4i: de2/de3: Remove unsupported VI layer formats - RDMA/iwcm: Fix iwcm work deallocation - RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen() - [amd64] IB/hfi1, qib: Ensure RCU is locked when accessing list - [armhf] ARM: imx: build v7_cpu_resume() unconditionally - hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT() - [powerpc*] fix hardware PMU exception bug on PowerVM compatibility mode systems - [amd64] efi/x86: Align GUIDs to their size in the mixed mode runtime wrapper - [amd64] efi/x86: Handle by-ref arguments covering multiple pages in mixed mode - dm integrity: fix a deadlock due to offloading to an incorrect workqueue - scsi: pm80xx: Fixed kernel panic during error recovery for SATA drive https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.110 - [x86] KVM: SVM: fix up incorrect backport https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.111 - phy: Revert toggling reset changes. - net: phy: Avoid multiple suspends - cgroup, netclassid: periodically release file_lock on classid updating - gre: fix uninit-value in __iptunnel_pull_header - inet_diag: return classid for all socket types - ipv6/addrconf: call ipv6_mc_up() for non-Ethernet interface - ipvlan: add cond_resched_rcu() while processing muticast backlog - ipvlan: do not add hardware address of master to its unicast filter list - ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast() - ipvlan: don't deref eth hdr before checking it's set - net/ipv6: use configured metric when add peer route - netlink: Use netlink header as base to calculate bad attribute offset - net: macsec: update SCI upon MAC address change. - net: nfc: fix bounds checking bugs on "pipe" - net/packet: tpacket_rcv: do not increment ring index on drop - [arm64,armhf] net: stmmac: dwmac1000: Disable ACS if enhanced descs are not used - r8152: check disconnect status after long sleep - sfc: detach from cb_page in efx_copy_channel() - bnxt_en: reinitialize IRQs when MTU is modified - cgroup: memcg: net: do not associate sock with unrelated cgroup - net: memcg: late association of sock to memcg - net: memcg: fix lockdep splat in inet_csk_accept() - devlink: validate length of param values - nl802154: add missing attribute validation - nl802154: add missing attribute validation for dev_type - can: add missing attribute validation for termination - macsec: add missing attribute validation for port - net: fq: add missing attribute validation for orphan mask - team: add missing attribute validation for port ifindex - team: add missing attribute validation for array index - nfc: add missing attribute validation for SE API - nfc: add missing attribute validation for deactivate target - nfc: add missing attribute validation for vendor subcommand - net: phy: fix MDIO bus PM PHY resuming - net/ipv6: need update peer route when modify metric - net/ipv6: remove the old peer route if change it to a new one - tipc: add missing attribute validation for MTU property - devlink: validate length of region addr/len - bonding/alb: make sure arp header is pulled before accessing it - slip: make slhc_compress() more robust against malicious packets - [armhf] net: fec: validate the new settings in fec_enet_set_coalesce() - macvlan: add cond_resched() during multicast processing - cgroup: cgroup_procs_next should increase position index - cgroup: Iterate tasks that did not finish do_exit() - iwlwifi: mvm: Do not require PHY_SKU NVM section for 3168 devices - virtio-blk: fix hw_queue stopped on arbitrary error - [amd64] iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn + add_taint - netfilter: nf_conntrack: ct_cpu_seq_next should increase position index - netfilter: synproxy: synproxy_cpu_seq_next should increase position index - netfilter: xt_recent: recent_seq_next should increase position index - netfilter: x_tables: xt_mttg_seq_next should increase position index - workqueue: don't use wq_select_unbound_cpu() for bound works - drm/amd/display: remove duplicated assignment to grph_obj_type - cifs_atomic_open(): fix double-put on late allocation failure - gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache - [x86] KVM: clear stale x86_emulate_ctxt->intercept value - efi: Fix a race and a buffer overflow while reading efivars via sysfs - efi: Make efi_rts_work accessible to efi page fault handler - mt76: fix array overflow on receiving too many fragments for a packet - [x86] mce: Fix logic and comments around MSR_PPIN_CTL - [arm64] iommu/dma: Fix MSI reservation allocation - [amd64] iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint - [amd64] iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page - batman-adv: Don't schedule OGM for disabled interface - [arm64] pinctrl: meson-gxl: fix GPIOX sdio pins - pinctrl: core: Remove extra kref_get which blocks hogs being freed - [arm64,armhf] i2c: gpio: suppress error on probe defer - nl80211: add missing attribute validation for critical protocol indication - nl80211: add missing attribute validation for beacon report scanning - nl80211: add missing attribute validation for channel switch - perf bench futex-wake: Restore thread count default to online CPU count - netfilter: cthelper: add missing attribute validation for cthelper - netfilter: nft_payload: add missing attribute validation for payload csum flags - netfilter: nft_tunnel: add missing attribute validation for tunnels - [amd64] iommu/vt-d: Fix the wrong printing in RHSA parsing - [amd64] iommu/vt-d: Ignore devices with out-of-spec domain number - [arm64,x86] i2c: acpi: put device when verifying client fails - ipv6: restrict IPV6_ADDRFORM operation - net/smc: check for valid ib_client_data - net/smc: cancel event worker during device removal - efi: Add a sanity check to efivar_store_raw() - batman-adv: Avoid free/alloc race when handling OGM2 buffer https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.112 - [x86] perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT flag - [armhf] mmc: sdhci-omap: Add platform specific reset callback - [armhf] mmc: sdhci-omap: Workaround errata regarding SDR104/HS200 tuning failures (i929) - ACPI: watchdog: Allow disabling WDAT at boot - HID: apple: Add support for recent firmware on Magic Keyboards - [x86] HID: i2c-hid: add Trekstor Surfbook E11B to descriptor override - cfg80211: check reg_rule for NULL in handle_channel_custom() - scsi: libfc: free response frame from GPN_ID - net: usb: qmi_wwan: restore mtu min/max values after raw_ip switch - mac80211: rx: avoid RCU list traversal under mutex - signal: avoid double atomic counter increments for user accounting - slip: not call free_netdev before rtnl_unlock in slip_open - [x86,arm64] hinic: fix a irq affinity bug - [x86,arm64] hinic: fix a bug of setting hw_ioctxt - sfc: fix timestamp reconstruction at 16-bit rollover points - jbd2: fix data races at struct journal_head - [armhf] mmc: sdhci-omap: Don't finish_mrq() on a command error during tuning - [armhf] mmc: sdhci-omap: Fix Tuning procedure for temperatures < -20C - driver core: Remove the link if there is no driver with AUTO flag - driver core: Fix adding device links to probing suppliers - driver core: Make driver core own stateful device links - driver core: Add device link flag DL_FLAG_AUTOPROBE_CONSUMER - driver core: Remove device link creation limitation - driver core: Fix creation of device links with PM-runtime flags - mm: slub: add missing TID bump in kmem_cache_alloc_bulk() - efi: Fix debugobjects warning on 'efi_rts_work' https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.113 - [arm64] spi: qup: call spi_qup_pm_resume_runtime before suspending - [amd64] spi: pxa2xx: Add CS control clock quirk - [armhf] drm/exynos: dsi: fix workaround for the legacy clock name - [arm64] drivers/perf: arm_pmu_acpi: Fix incorrect checking of gicc pointer - dm bio record: save/restore bi_end_io and bi_integrity - dm integrity: use dm_bio_record and dm_bio_restore - xenbus: req->body should be updated before req->state - xenbus: req->err should be updated before req->state - block, bfq: fix overwrite of bfq_group pointer in bfq_find_set_group() - USB: Disable LPM on WD19's Realtek Hub - usb: quirks: add NO_LPM quirk for RTL8153 based ethernet adapters - USB: serial: option: add ME910G1 ECM composition 0x110b - [arm64,armhf] usb: host: xhci-plat: add a shutdown - USB: serial: pl2303: add device-id for HP LD381 - [x86] usb: xhci: apply XHCI_SUSPEND_DELAY to AMD XHCI controller 1022:145c - ALSA: line6: Fix endless MIDI read loop - ALSA: seq: virmidi: Fix running status after receiving sysex - ALSA: seq: oss: Fix running status after receiving sysex - ALSA: pcm: oss: Avoid plugin buffer overflow - ALSA: pcm: oss: Remove WARNING from snd_pcm_plug_alloc() checks - [armhf] iio: st_sensors: remap SMO8840 to LIS2DH12 - mmc: rtsx_pci: Fix support for speed-modes that relies on tuning - staging: rtl8188eu: Add device id for MERCUSYS MW150US v2 - staging/speakup: fix get_word non-space look-ahead - [x86] intel_th: Fix user-visible error codes - [x86] intel_th: pci: Add Elkhart Lake CPU support - xhci: Do not open code __print_symbolic() in xhci trace events - btrfs: fix log context list corruption after rename whiteout error - drm/amd/amdgpu: Fix GPR read from debugfs (v2) - drm/lease: fix WARNING in idr_destroy - memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event - mm: slub: be more careful about the double cmpxchg of freelist - mm, slub: prevent kmalloc_node crashes and memory leaks - page-flags: fix a crash at SetPageError(THP_SWAP) - [x86] mm: split vmalloc_sync_all() (Closes: #953017) - USB: cdc-acm: fix close_delay and closing_wait units in TIOCSSERIAL - USB: cdc-acm: fix rounding error in TIOCSSERIAL - futex: Fix inode life-time issue - futex: Unbreak futex hashing - Revert "vrf: mark skb for multicast or link-local as enslaved to VRF" - Revert "ipv6: Fix handling of LLA with VRF and sockets bound to VRF" - ALSA: hda/realtek: Fix pop noise on ALC225 - [arm64] smp: fix smp_send_stop() behaviour - [arm64] smp: fix crash_smp_send_stop() behaviour - [arm64,armhf] drm/bridge: dw-hdmi: fix AVI frame colorimetry https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.114 - mmc: core: Allow host controllers to require R1B for CMD6 - mmc: core: Respect MMC_CAP_NEED_RSP_BUSY for erase/trim/discard - mmc: core: Respect MMC_CAP_NEED_RSP_BUSY for eMMC sleep command - [armhf] mmc: sdhci-omap: Fix busy detection by enabling MMC_CAP_NEED_RSP_BUSY - [arm64,armhf] mmc: sdhci-tegra: Fix busy detection by enabling MMC_CAP_NEED_RSP_BUSY - geneve: move debug check after netdev unregister - macsec: restrict to ethernet devices - net: cbs: Fix software cbs to consider packet sending time - [armhf] net: dsa: Fix duplicate frames flooded by learning - [arm64,armhf] net: mvneta: Fix the case where the last poll did not process all rx - net/packet: tpacket_rcv: avoid a producer race condition - net: qmi_wwan: add support for ASKEY WWHC050 - net_sched: cls_route: remove the right filter from hashtable - net_sched: keep alloc_hash updated after hash allocation - [arm64,armhf] net: stmmac: dwmac-rk: fix error path in rk_gmac_probe - slcan: not call free_netdev before rtnl_unlock in slcan_open - bnxt_en: fix memory leaks in bnxt_dcbnl_ieee_getets() - bnxt_en: Reset rings if ring reservation fails during open() - net: ip_gre: Separate ERSPAN newlink / changelink callbacks - net: ip_gre: Accept IFLA_INFO_DATA-less configuration - r8169: re-enable MSI on RTL8168c - tcp: repair: fix TCP_QUEUE_SEQ implementation - vxlan: check return value of gro_cells_init() - cgroup-v1: cgroup_pidlist_next should update position index - nfs: add minor version to nfs_server_key for fscache - drivers/of/of_mdio.c:fix of_mdiobus_register() - cgroup1: don't call release_agent when it is "" - [s390x] qeth: handle error when backing RX buffer - scsi: ipr: Fix softlockup when rescanning devices in petitboot - mac80211: Do not send mesh HWMP PREQ if HWMP is disabled - [x86] ftrace: Anotate text_mutex split between ftrace_arch_code_modify_post_process() and ftrace_arch_code_modify_prepare() - [x86] Input: synaptics - enable RMI on HP Envy 13-ad105ng - Input: avoid BIT() macro usage in the serio.h UAPI header - ceph: check POOL_FLAG_FULL/NEARFULL in addition to OSDMAP_FULL/NEARFULL - perf probe: Do not depend on dwfl_module_addrsym() - scsi: sd: Fix optimal I/O size for devices that change reported values - nl80211: fix NL80211_ATTR_CHANNEL_WIDTH attribute type - mac80211: mark station unauthorized before key removal - [x86] gpiolib: acpi: Correct comment for HP x2 10 honor_wakeup quirk - gpiolib: acpi: Rework honor_wakeup option into an ignore_wake option - [x86] gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 BYT + AXP288 model - genirq: Fix reference leaks on irq affinity notifiers - xfrm: handle NETDEV_UNREGISTER for xfrm device - vti[6]: fix packet tx through bpf_redirect() in XinY cases - RDMA/mlx5: Block delay drop to unprivileged users - xfrm: fix uctx len check in verify_sec_ctx_len - xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire - xfrm: policy: Fix doulbe free in xfrm_policy_timer - afs: Fix some tracing details - netfilter: flowtable: reload ip{v6}h in nf_flow_tuple_ip{v6} - netfilter: nft_fwd_netdev: validate family and chain type - bpf/btf: Fix BTF verification of enum members in struct/union - vti6: Fix memory leak of skb if input policy check fails - mac80211: add option for setting control flags - mac80211: set IEEE80211_TX_CTRL_PORT_CTRL_PROTO for nl80211 TX - USB: serial: option: add support for ASKEY WWHC050 - USB: serial: option: add BroadMobi BM806U - USB: serial: option: add Wistron Neweb D19Q1 - USB: cdc-acm: restore capability check order - USB: serial: io_edgeport: fix slab-out-of-bounds read in edge_interrupt_callback - [arm64,armhf] usb: musb: fix crash with highmen PIO and usbmon - media: flexcop-usb: fix endpoint sanity check - media: usbtv: fix control-message timeouts - staging: rtl8188eu: Add ASUS USB-N10 Nano B1 to device table - [x86] ahci: Add Intel Comet Lake H RAID PCI ID - libfs: fix infoleak in simple_attr_read() - media: ov519: add missing endpoint sanity checks (CVE-2020-11608) - media: dib0700: fix rc endpoint lookup - media: stv06xx: add missing descriptor sanity checks (CVE-2020-11609) - media: xirlink_cit: add missing descriptor sanity checks (CVE-2020-11668) - mac80211: Check port authorization in the ieee80211_tx_dequeue() case - mac80211: fix authentication with iwlwifi/mvm - vt: selection, introduce vc_is_sel - vt: ioctl, switch VT_IS_IN_USE and VT_BUSY to inlines - vt: switch vt_dont_switch to bool - vt: vt_ioctl: remove unnecessary console allocation checks - vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console - vt: vt_ioctl: fix use-after-free in vt_in_use() - [x86] platform: pmc_atom: Add Lex 2I385SW to critclk_systems DMI table - bpf: Explicitly memset the bpf_attr structure - bpf: Explicitly memset some bpf info structures declared on the stack - [x86] gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 CHT + AXP288 model - perf map: Fix off by one in strncpy() size argument - [armel] bcm2835-rpi-zero-w: Add missing pinctrl name - [armhf] dts: N900: fix onenand timings https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.115 - ipv4: fix a RCU-list lock in fib_triestat_seq_show - net, ip_tunnel: fix interface lookup with no key - sctp: fix refcount bug in sctp_wfree - sctp: fix possibly using a bad saddr with a given dst - nvme-rdma: Avoid double freeing of async event data - drm/bochs: downgrade pci_request_region failure from error to warning - drm/amdgpu: fix typo for vcn1 idle check - [x86] tools/power turbostat: Fix gcc build warnings - [x86] tools/power turbostat: Fix missing SYS_LPI counter on some Chromebooks - [armhf] drm/etnaviv: replace MMU flush marker with flush sequence - media: rc: IR signal for Panasonic air conditioner too long - misc: rtsx: set correct pcr_ops for rts522A - [x86] mei: me: add cedar fork device ids - ALSA: hda/ca0132 - Add Recon3Di quirk to handle integrated sound on EVGA X99 Classified motherboard - rxrpc: Fix sendmsg(MSG_WAITALL) handling - net: Fix Tx hash bound checking - padata: always acquire cpu_hotplug_lock before pinst->lock - mm: mempolicy: require at least one nodeid for MPOL_PREFERRED (CVE-2020-11565) - ipv6: don't auto-add link-local address to lag ports - [armhf] net: dsa: bcm_sf2: Do not register slave MDIO bus with OF - [armhf] net: dsa: bcm_sf2: Ensure correct sub-node is parsed - net: phy: micrel: kszphy_resume(): add delay after genphy_resume() before accessing PHY registers - [arm64,armhf] net: stmmac: dwmac1000: fix out-of-bounds mac address reg setting - slcan: Don't transmit uninitialized stack data in padding (CVE-2020-11494) - random: always use batched entropy for get_random_u{32,64} - [arm64,armhf] usb: dwc3: gadget: Wrap around when skip TRBs - [armhf] hwrng: imx-rngc - fix an error path - [amd64] IB/hfi1: Call kobject_put() when kobject_init_and_add() fails - [amd64] IB/hfi1: Fix memory leaks in sysfs registration and unregistration - ceph: remove the extra slashes in the server path - ceph: canonicalize server path in place - RDMA/ucma: Put a lock around every call to the rdma_cm layer - RDMA/cma: Teach lockdep about the order of rtnl and lock - Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl - RDMA/cm: Update num_paths in cma_resolve_iboe_route error flow - fbcon: fix null-ptr-deref in fbcon_switch - [arm64] clk: qcom: rcg: Return failure for RCG update - [arm64] drm/msm: stop abusing dma_map/unmap for cache - [arm64] Fix size of __early_cpu_boot_status - [arm64] rpmsg: glink: Remove chunk size word align warning - [arm64,armhf] usb: dwc3: don't set gadget->is_otg flag - drm_dp_mst_topology: fix broken drm_dp_sideband_parse_remote_dpcd_read() - [arm64] drm/msm: Use the correct dma_sync calls in msm_gem https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.116 - [armhf] dts: sun8i-a83t-tbs-a711: HM5065 doesn't like such a high voltage - [arm64,armhf] bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads - [x86,arm64] hinic: fix a bug of waitting for IO stopped - [x86,arm64] hinic: fix wrong para of wait_for_completion_timeout - cxgb4/ptp: pass the sign of offset delta in FW CMD - qlcnic: Fix bad kzalloc null test - [armhf] cpufreq: imx6q: Fixes unwanted cpu overclocking on i.MX6ULL - [arm64] media: venus: hfi_parser: Ignore HEVC encoding for V1 - null_blk: Fix the null_add_dev() error path - null_blk: Handle null_add_dev() failures properly - null_blk: fix spurious IO errors after failed past-wp access - xhci: bail out early if driver can't accress host in resume - [x86] Don't let pgprot_modify() change the page encryption bit - block: keep bdi->io_pages in sync with max_sectors_kb for stacked devices - sched: Avoid scale real weight down to zero - libata: Remove extra scsi_host_put() in ata_scsi_add_hosts() - [amd64,x86] pstore/platform: fix potential mem leak if pstore_init_fs failed - gfs2: Don't demote a glock until its revokes are written - [i386] efi/x86: Ignore the memory attributes table on i386 - genirq/irqdomain: Check pointer in irq_domain_alloc_irqs_hierarchy() - block: Fix use-after-free issue accessing struct io_cq - [arm64,armhf] usb: dwc3: core: add support for disabling SS instances in park mode - [arm64,armhf] irqchip/gic-v4: Provide irq_retrigger to avoid circular locking dependency - md: check arrays is suspended in mddev_detach before call quiesce operations - firmware: fix a double abort case with fw_load_sysfs_fallback - block, bfq: fix use-after-free in bfq_idle_slice_timer_body - btrfs: qgroup: ensure qgroup_rescan_running is only set when the worker is at least queued - btrfs: remove a BUG_ON() from merge_reloc_roots() - btrfs: track reloc roots based on their commit root bytenr - IB/mlx5: Replace tunnel mpls capability bits for tunnel_offloads - uapi: rename ext2_swab() to swab() and share globally in swab.h - slub: improve bit diffusion for freelist ptr obfuscation - ASoC: fix regwmask - ASoC: dapm: connect virtual mux with default value - ASoC: dpcm: allow start or stop during pause for backend - [x86] ASoC: topology: use name_prefix for new kcontrol - usb: gadget: f_fs: Fix use after free issue as part of queue failure - usb: gadget: composite: Inform controller driver of self-powered - ALSA: hda: Add driver blacklist - ALSA: hda: Fix potential access overflow in beep helper - ALSA: ice1724: Fix invalid access for enumerated ctl items - ALSA: pcm: oss: Fix regression by buffer overflow fix - ALSA: doc: Document PC Beep Hidden Register on Realtek ALC256 - ALSA: hda/realtek - Set principled PC Beep configuration for ALC256 - [x86] ALSA: hda/realtek - Remove now-unnecessary XPS 13 headphone noise fixups - [x86] ALSA: hda/realtek - Add quirk for MSI GL63 - [x86] acpi: ignore unspecified bit positions in the ACPI global lock field - nvme-fc: Revert "add module to ops template to allow module references" - nvme: Treat discovery subsystems as unique subsystems - PCI: pciehp: Fix indefinite wait on sysfs requests - PCI/ASPM: Clear the correct bits when enabling L1 substates - PCI: Add boot interrupt quirk mechanism for Xeon chipsets - tpm: Don't make log failures fatal - tpm: tpm1_bios_measurements_next should increase position index - tpm: tpm2_bios_measurements_next should increase position index - KEYS: reaching the keys quotas correctly - [amd64,x86] pstore: pstore_ftrace_seq_next should increase position index - [mips*el] tlbex: Fix LDDIR usage in setup_pw() for Loongson-3 - [mips*/octeon] irq: Fix potential NULL pointer dereference - ath9k: Handle txpower changes even when TPC is disabled - signal: Extend exec_id to 64bits - [i386] x86/entry/32: Add missing ASM_CLAC to general_protection entry - [x86] KVM: nVMX: Properly handle userspace interrupt window request - [s390x] KVM: vsie: Fix region 1 ASCE sanity shadow address checks - [s390x] KVM: vsie: Fix delivery of addressing exceptions - [x86] KVM: Allocate new rmap and large page tracking when moving memslot - [x86] KVM: VMX: Always VMCLEAR in-use VMCSes during crash with kexec support - [x86] KVM: Gracefully handle __vmalloc() failure during VM allocation - [x86] KVM: VMX: fix crash cleanup when KVM wasn't used - CIFS: Fix bug which the return value by asynchronous read is error - Btrfs: fix crash during unmount due to race with delayed inode workers - btrfs: set update the uuid generation as soon as possible - btrfs: drop block from cache on error in relocation - btrfs: fix missing file extent item for hole after ranged fsync - btrfs: fix missing semaphore unlock in btrfs_sync_file - [powerpc*] pseries: Drop pointless static qualifier in vpa_debugfs_init() - [x86] speculation: Remove redundant arch_smt_update() invocation - mm: Use fixed constant in page_frag_alloc instead of size + 1 - dm writecache: add cond_resched to avoid CPU hangs - [s390x] scsi: zfcp: fix missing erp_lock in port recovery trigger for point-to-point - [arm64] armv8_deprecated: Fix undef_hook mask for thumb setend - [armhf] drm/etnaviv: rework perfmon query infrastructure - [powerpc*] pseries: Avoid NULL pointer dereference when drmem is unavailable - NFS: Fix a page leak in nfs_destroy_unlinked_subrequests() - ext4: fix a data race at inode->i_blocks - fs/filesystems.c: downgrade user-reachable WARN_ONCE() to pr_warn_once() - ocfs2: no need try to truncate file beyond i_size - [s390x] diag: fix display of diagnose call statistics - [x86] Input: i8042 - add Acer Aspire 5738z to nomux list - kmod: make request_module() return an error when autoloading is disabled - [powerpc*] cpufreq: powernv: Fix use-after-free - hfsplus: fix crash and filesystem corruption when deleting files - libata: Return correct status in sata_pmp_eh_recover_pm() when ATA_DFLAG_DETACH is set - ipmi: fix hung processes in __get_guid() - xen/blkfront: fix memory allocation flags in blkfront_setup_indirect() - [powerpc*] powernv/idle: Restore AMR/UAMOR/AMOR after idle (CVE-2020-11669) - [powerpc*] 64/tm: Don't let userspace set regs->trap via sigreturn - [powerpc*] hash64/devmap: Use H_PAGE_THP_HUGE when setting up huge devmap PTE entries - [powerpc*] xive: Use XIVE_BAD_IRQ instead of zero to catch non configured IPIs - [powerpc*] kprobes: Ignore traps that happened in real mode - scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug - [powerpc*] Add attributes for setjmp/longjmp - [powerpc*] Make setjmp/longjmp signature standard - btrfs: use nofs allocations for running delayed items - dm zoned: remove duplicate nr_rnd_zones increase in dmz_init_zone() - drm/dp_mst: Fix clearing payload state on topology disable - drm: Remove PageReserved manipulation from drm_pci_alloc - ftrace/kprobe: Show the maxactive number on kprobe_events - [armhf] etnaviv: perfmon: fix total and idle HI cyleces readout - [amd64] efi/x86: Fix the deletion of variables in mixed mode https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.117 - [amd64,arm64] amd-xgbe: Use __napi_schedule() in BH context - net: ipv6: do not consider routes via gateways for anycast address check - net: revert default NAPI poll timeout to 2 jiffies - [arm64,armhf] net: stmmac: dwmac-sunxi: Provide TX and RX fifo sizes - ovl: fix value of i_ino for lower hardlink corner case - scsi: ufs: Fix ufshcd_hold() caused scheduling while atomic - jbd2: improve comments about freeing data buffers whose page mapping is NULL - ext4: fix incorrect group count in ext4_fill_super error message - ext4: fix incorrect inodes per group in error message - [x86] ASoC: Intel: mrfld: fix incorrect check on p->sink - [x86] ASoC: Intel: mrfld: return error codes when an error occurs - ALSA: usb-audio: Filter error from connector kctl ops, too - ALSA: usb-audio: Don't override ignore_ctl_error value from the map - ALSA: usb-audio: Don't create jack controls for PCM terminals - ALSA: usb-audio: Check mapping at creating connector controls, too - keys: Fix proc_keys_next to increase position index - tracing: Fix the race between registering 'snapshot' event trigger and triggering 'snapshot' operation - btrfs: check commit root generation in should_ignore_root - mac80211_hwsim: Use kstrndup() in place of kasprintf() - [arm64,armhf] usb: dwc3: gadget: don't enable interrupt when disabling endpoint - [arm64,armhf] usb: dwc3: gadget: Don't clear flags before transfer ended - ext4: do not zeroout extents beyond i_disksize - [x86] kvm: Host feature SSBD doesn't imply guest feature SPEC_CTRL_SSBD - scsi: target: fix hang when multiple threads try to destroy the same iscsi session - [x86] microcode/AMD: Increase microcode PATCH_MAX_SIZE - wil6210: check rx_buff_mgmt before accessing it - wil6210: ignore HALP ICR if already handled - wil6210: add general initialization/size checks - wil6210: make sure Rx ring sizes are correlated - wil6210: remove reset file from debugfs - mm/vmalloc.c: move 'area->pages' after if statement https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.118 - [armel,armhf] bpf: Fix offset overflow for BPF_MEM BPF_DW - scsi: sg: add sg_remove_request in sg_common_write - ext4: use non-movable memory for superblock readahead - [arm64,armhf] watchdog: sp805: fix restart handler - [armel,armhf] arm, bpf: Fix bugs with ALU64 {RSH, ARSH} BPF_K shift by 0 - netfilter: nf_tables: report EOPNOTSUPP on unsupported flags/object type - [arm64] irqchip/mbigen: Free msi_desc on device teardown - ALSA: hda: Don't release card at firmware loading error - of: overlay: kmemleak in dup_and_fixup_symbol_prop() - [x86] Hyper-V: Report crash register data or kmsg before running crash kernel - rbd: avoid a deadlock on header_rwsem when flushing notifies - rbd: call rbd_dev_unprobe() after unwatching and flushing notifies - xsk: Add missing check on user supplied headroom size - [x86] Hyper-V: Unload vmbus channel in hv panic callback - [x86] Hyper-V: Free hv_panic_page when fail to register kmsg dump - [x86] Hyper-V: Trigger crash enlightenment only once during system crash. - [x86] Hyper-V: Report crash register data when sysctl_record_panic_msg is not set - [x86] Hyper-V: Report crash data in die() when panic_on_oops is set - power: supply: bq27xxx_battery: Silence deferred-probe error - [arm64,armhf] clk: tegra: Fix Tegra PMC clock out parents - [armhf] soc: imx: gpc: fix power up sequencing - NFSv4/pnfs: Return valid stateids in nfs_layout_find_inode_by_stateid() - NFS: direct.c: Fix memory leak of dreq when nfs_get_lock_context fails - [s390x] cpuinfo: fix wrong output when CPU0 is offline - [s390x] cpum_sf: Fix wrong page count in error message - ext4: do not commit super on read-only bdev - cifs: Allocate encryption header through kmalloc - include/linux/swapops.h: correct guards for non_swap_entry() - percpu_counter: fix a data race at vm_committed_as - [s390x] KVM: vsie: Fix possible race when shadowing region 3 tables - [x86] ACPI: fix CPU hotplug deadlock - [amd64] drm/amdkfd: kfree the wrong pointer - NFS: Fix memory leaks in nfs_pageio_stop_mirroring() - f2fs: fix NULL pointer dereference in f2fs_write_begin() - [arm*] drm/vc4: Fix HDMI mode validation - [amd64] iommu/vt-d: Fix mm reference leak - power: supply: axp288_fuel_gauge: Broaden vendor check for Intel Compute Sticks. - libnvdimm: Out of bounds read in __nd_ioctl() - f2fs: fix to wait all node page writeback - [armhf] net: dsa: bcm_sf2: Fix overflow checks - fbdev: potential information leak in do_fb_ioctl() - mtd: lpddr: Fix a double free in probe() - mtd: phram: fix a double free issue in error path - KEYS: Don't write out to userspace while holding key semaphore - bpf: fix buggy r0 retval refinement for tracing helpers . [ Salvatore Bonaccorso ] * Refresh "Revert "objtool: Fix CONFIG_STACK_VALIDATION=y warning for out-of-tree modules"" for context changes in 4.19.99 * Refresh "ARM: dts: bcm283x: Correct vchiq compatible string" for context changes in 4.19.99 * Drop "tools/lib/api/fs/fs.c: Fix misuse of strncpy()" * Refresh "net: ena: add MAX_QUEUES_EXT get feature admin command" for context changes in 4.19.108 * [rt] Update to 4.19.115-rt48: - Revert "genirq: Do not invoke the affinity callback via a workqueue on RT" * [rt] Refresh "pci/switchtec: Don't use completion's wait queue" for context changes in 4.19.116 * Refresh "firmware: Remove redundant log messages from drivers" for context changes in 4.19.118 * f2fs: fix to avoid memory leakage in f2fs_listxattr (CVE-2020-0067) * net: ipv6: add net argument to ip6_dst_lookup_flow * net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup (CVE-2020-1749) * blktrace: Protect q->blk_trace with RCU (CVE-2019-19768) * blktrace: fix dereference after null check . [ Ben Hutchings ] * [x86] Drop "Add a SysRq option to lift kernel lockdown" (Closes: #947021) - This patch allowed remotely disabling lockdown using usbip - Lockdown can be disabled by running "mokutil --disable-validation", rebooting, and confirming the change when prompted * debian/README.source: Refer to upload checklist in kernel-team.git * Bump ABI to 9 . [ YunQiang Su ] * [mips*] enable CONFIG_MIPS_O32_FP64_SUPPORT. * [mips*] enable CONFIG_CPU_HAS_MSA except octeon. . [ Steve McIntyre ] * [arm64] Include the Hisilicon Hibmc drm driver in fb-modules (Closes: #951274) . [ Noah Meyerhans ] * [cloud] Enable CONFIG_KSM (Closes: #955366) linux-signed-amd64 (4.19.98+1+deb10u1) buster-security; urgency=high . * Sign kernel from linux 4.19.98-1+deb10u1 . * [x86] KVM: nVMX: Don't emulate instructions in guest mode (CVE-2020-2732) * do_last(): fetch directory ->i_mode and ->i_uid before it's too late (CVE-2020-8428) * vfs: fix do_last() regression * vhost: Check docket sk_family instead of call getname (CVE-2020-10942) * mm: mempolicy: require at least one nodeid for MPOL_PREFERRED (CVE-2020-11565) * [s390x] mm: fix page table upgrade vs 2ndary address mode accesses (CVE-2020-11884) linux-signed-arm64 (4.19.118+2) buster; urgency=medium . * Sign kernel from linux 4.19.118-2 . * Merge changes from 4.19.67-2+deb10u2 to include all security fixes from DSA 4667-1. linux-signed-arm64 (4.19.118+1) buster; urgency=medium . * Sign kernel from linux 4.19.118-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.99 - Revert "efi: Fix debugobjects warning on 'efi_rts_work'" - xfs: Sanity check flags of Q_XQUOTARM call - [x86] mfd: intel-lpss: Add default I2C device properties for Gemini Lake - SUNRPC: Fix svcauth_gss_proxy_init() - [powerpc*] pseries: Enable support for ibm,drc-info property - tipc: update mon's self addr when node addr generated - tipc: fix wrong timeout input for tipc_wait_for_cond() - mt7601u: fix bbp version check in mt7601u_wait_bbp_ready - [armhf] crypto: sun4i-ss - fix big endian issues - perf map: No need to adjust the long name of modules - ipmi: Fix memory leak in __ipmi_bmc_register (CVE-2019-19046) - ixgbe: don't clear IPsec sa counters on HW clearing - drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() - iio: fix position relative kernel version - apparmor: Fix network performance issue in aa_label_sk_perm - ALSA: hda: fix unused variable warning - apparmor: don't try to replace stale label in ptrace access check - firmware: coreboot: Let OF core populate platform device - bridge: br_arp_nd_proxy: set icmp6_router if neigh has NTF_ROUTER - [arm64] drm/hisilicon: hibmc: Don't overwrite fb helper surface depth - IB/rxe: replace kvfree with vfree - [amd64] IB/hfi1: Add mtu check for operational data VLs - genirq/debugfs: Reinstate full OF path for domain name - [arm64] usb: dwc3: add EXTCON dependency for qcom - cfg80211: regulatory: make initialization more robust - [x86] mei: replace POLL* with EPOLL* for write queues. - [arm64] drm/msm: fix unsigned comparison with less than zero - ALSA: usb-audio: update quirk for B&W PX to remove microphone - iwlwifi: nvm: get num of hw addresses from firmware - netfilter: nft_osf: usage from output path is not valid - [x86] pwm: lpss: Release runtime-pm reference from the driver's remove callback - [powerpc*] pseries/memory-hotplug: Fix return value type of find_aa_index - rtlwifi: rtl8821ae: replace _rtl8821ae_mrate_idx_to_arfr_id with generic version - netfilter: nf_flow_table: do not remove offload when other netns's interface is down - tipc: eliminate message disordering during binding table update - [arm64] net: socionext: Add dummy PHY register read in phy_write() - [arm64,armhf] drm/sun4i: hdmi: Fix double flag assignation - [arm64] net: hns3: add error handler for hns3_nic_init_vector_data() - pcrypt: use format specifier in kobject_add - [armhf] ASoC: sun8i-codec: add missing route for ADC - [arm64] pinctrl: meson-gxl: remove invalid GPIOX tsin_a pins - [armhf] bus: ti-sysc: Add mcasp optional clocks flag - exportfs: fix 'passing zero to ERR_PTR()' warning - net: always initialize pagedlen - net: phy: Fix not to call phy_resume() if PHY is not attached - [amd64] IB/hfi1: Correctly process FECN and BECN in packets - IB/rxe: Fix incorrect cache cleanup in error flow - ipv6: add missing tx timestamping on IPPROTO_RAW - [arm64] net: hns3: fix error handling int the hns3_get_vector_ring_chain - vxlan: changelink: Fix handling of default remotes - fork,memcg: fix crash in free_thread_stack on memcg charge fail - [armhf] clk: highbank: fix refcount leak in hb_clk_init() - [armhf] clk: ti: fix refcount leak in ti_dt_clocks_register() - [armhf] clk: socfpga: fix refcount leak - [armhf] clk: samsung: exynos4: fix refcount leak in exynos4_get_xom() - [armhf] clk: imx6q: fix refcount leak in imx6q_clocks_init() - [armhf] clk: imx6sx: fix refcount leak in imx6sx_clocks_init() - [armhf] clk: armada-370: fix refcount leak in a370_clk_init() - [armel] clk: kirkwood: fix refcount leak in kirkwood_clk_init() - [armhf] clk: armada-xp: fix refcount leak in axp_clk_init() - [armhf] clk: mv98dx3236: fix refcount leak in mv98dx3236_clk_init() - [armhf] clk: dove: fix refcount leak in dove_clk_init() - drm: Fix error handling in drm_legacy_addctx - [armhf] drm/etnaviv: fix some off by one bugs - drm/fb-helper: generic: Fix setup error path - fork, memcg: fix cached_stacks case - [amd64] IB/usnic: Fix out of bounds index check in query pkey - RDMA/ocrdma: Fix out of bounds index check in query pkey - RDMA/qedr: Fix out of bounds index check in query pkey - RDMA/iw_cxgb4: Fix the unchecked ep dereference - net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ9031 - [armhf] memory: tegra: Don't invoke Tegra30+ specific memory timing setup on Tegra20 - [armhf] drm/etnaviv: NULL vs IS_ERR() buf in etnaviv_core_dump() - kbuild: mark prepare0 as PHONY to fix external module build - crypto: tgr192 - fix unaligned memory access - [armhf] ASoC: imx-sgtl5000: put of nodes if finding codec fails - IB/iser: Pass the correct number of entries for dma mapped SGL - [arm64] net: hns3: fix wrong combined count returned by ethtool -l - IB/mlx5: Don't override existing ip_protocol - rtc: cmos: ignore bogus century byte - [i386] spi/topcliff_pch: Fix potential NULL dereference on allocation error - [arm64] net: hns3: fix bug of ethtool_ops.get_channels for VF - [armhf] clk: sunxi-ng: sun8i-a23: Enable PLL-MIPI LDOs when ungating it - iwlwifi: mvm: avoid possible access out of array. - net/mlx5: Take lock with IRQs disabled to avoid deadlock - ip_tunnel: Fix route fl4 init in ip_md_tunnel_xmit - iwlwifi: mvm: fix A-MPDU reference assignment - [armhf] bus: ti-sysc: Fix timer handling with drop pm_runtime_irq_safe() - [x86] tty: ipwireless: Fix potential NULL pointer dereference - driver: uio: fix possible memory leak in __uio_register_device - driver: uio: fix possible use-after-free in __uio_register_device - driver core: Fix DL_FLAG_AUTOREMOVE_SUPPLIER device link flag handling - driver core: Avoid careless re-use of existing device links - driver core: Do not resume suppliers under device_links_write_lock() - driver core: Fix handling of runtime PM flags in device_link_add() - driver core: Do not call rpm_put_suppliers() in pm_runtime_drop_link() - drm/xen-front: Fix mmap attributes for display buffers - iwlwifi: mvm: fix RSS config command - [mips*] rtc: ds1672: fix unintended sign extension - ath10k: fix dma unmap direction for management frames - net: phy: fixed_phy: Fix fixed_phy not checking GPIO - rtc: ds1307: rx8130: Fix alarm handling - net/smc: original socket family in inet_sock_diag - [arm64] rtc: pm8xxx: fix unintended sign extension - iw_cxgb4: use tos when importing the endpoint - iw_cxgb4: use tos when finding ipv6 routes - xsk: add missing smp_rmb() in xsk_mmap - [armhf] drm/etnaviv: potential NULL dereference - RDMA/mlx5: Fix memory leak in case we fail to add an IB device - driver core: Fix possible supplier PM-usage counter imbalance - [armhf] usb: phy: twl6030-usb: fix possible use-after-free on remove - block: don't use bio->bi_vcnt to figure out segment number - keys: Timestamp new keys - [armhf] net: dsa: b53: Fix default VLAN ID - [armhf] net: dsa: b53: Properly account for VLAN filtering - [armhf] net: dsa: b53: Do not program CPU port's PVID - mt76: usb: fix possible memory leak in mt76u_buf_free - vfio_pci: Enable memory accesses before calling pci_map_rom - mdio_bus: Fix PTR_ERR() usage after initialization to constant - [powerpc*] KVM: Release all hardware TCE tables attached to a group - [x86] staging: r8822be: check kzalloc return or bail - [arm*] dmaengine: mv_xor: Use correct device for DMA API - cdc-wdm: pass return value of recover_from_urb_loss - brcmfmac: create debugfs files for bus-specific layer - net/mlx5: Delete unused FPGA QPN variable - drm/nouveau/bios/ramcfg: fix missing parentheses when calculating RON - drm/nouveau/pmu: don't print reply values if exec is false - drm/nouveau: fix missing break in switch statement - driver core: Fix PM-runtime for links added during consumer probe - [arm64] ASoC: qcom: Fix of-node refcount unbalance in apq8016_sbc_parse_of() - [arm64,armhf] net: dsa: fix unintended change of bridge interface STP state - fs/nfs: Fix nfs_parse_devname to not modify it's argument - [x86] staging: rtlwifi: Use proper enum for return in halmac_parse_psd_data_88xx - [ppc64el] 64s: Fix logic when handling unknown CPU features - NFS: Fix a soft lockup in the delegation recovery code - perf: Copy parent's address filter offsets on clone - perf, pt, coresight: Fix address filters for vmas with non-zero offset - [armhf] clocksource/drivers/sun5i: Fail gracefully when clock rate is unavailable - [armhf] clocksource/drivers/exynos_mct: Fix error path in timer resources initialization - [x86] platform/x86: wmi: fix potential null pointer dereference - NFS/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount - ath10k: Fix length of wmi tlv command for protected mgmt frames - netfilter: nft_set_hash: fix lookups with fixed size hash on big endian - netfilter: nft_set_hash: bogus element self comparison from deactivation path - net: sched: act_csum: Fix csum calc for tagged packets - [arm*] hwrng: bcm2835 - fix probe as platform device - [amd64] iommu/vt-d: Fix NULL pointer reference in intel_svm_bind_mm() - NFS: Add missing encode / decode sequence_maxsz to v4.2 operations - NFSv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE() - [amd64] net: aquantia: fixed instack structure overflow - media: dvb/earth-pt1: fix wrong initialization for demod blocks - rbd: clear ->xferred on error from rbd_obj_issue_copyup() - PCI: Fix "try" semantics of bus and slot reset - scsi: megaraid_sas: reduce module load time - xen, cpu_hotplug: Prevent an out of bounds access - net/mlx5: Fix multiple updates of steering rules in parallel - net/mlx5e: IPoIB, Fix RX checksum statistics update - [arm64,armhf] soc: amlogic: gx-socinfo: Add mask for each SoC packages - media: ivtv: update *pos correctly in ivtv_read_pos() - media: cx18: update *pos correctly in cx18_read_pos() - [armhf] media: wl128x: Fix an error code in fm_download_firmware() - media: cx23885: check allocation return - jfs: fix bogus variable self-initialization - [armhf] dts: sun9i: optimus: Fix fixed-regulators - net: phy: don't clear BMCR in genphy_soft_reset - [armhf] OMAP2+: Fix potentially uninitialized return value for _setup_reset() - [arm64,armhf] net: dsa: Avoid null pointer when failing to connect to PHY - media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame - [arm64,armhf] spi: tegra114: clear packed bit for unpacked mode - [arm64,armhf] spi: tegra114: fix for unpacked mode transfers - [arm64,armhf] spi: tegra114: terminate dma and reset on transfer timeout - [arm64,armhf] spi: tegra114: flush fifos - [arm64,armhf] spi: tegra114: configure dma burst size to fifo trig level - [armhf] bus: ti-sysc: Fix sysc_unprepare() when no clocks have been allocated - [arm*] spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios - drm/fb-helper: generic: Call drm_client_add() after setup is done - [arm64] vdso: don't leak kernel addresses - rtc: Fix timestamp value for RTC_TIMESTAMP_BEGIN_1900 - bpf: Add missed newline in verifier verbose log - [x86] drm/vmwgfx: Remove set but not used variable 'restart' - scsi: qla2xxx: Unregister chrdev if module initialization fails - net/sched: cbs: fix port_rate miscalculation - ACPI: button: reinitialize button state upon resume - [arm64,armhf] firmware: arm_scmi: fix of_node leak in scmi_mailbox_check - rxrpc: Fix detection of out of order acks - scsi: target/core: Fix a race condition in the LUN lookup code - brcmfmac: fix leak of mypkt on error return path - [arm64] net: hns3: fix for vport->bw_limit overflow problem - [x86] hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses - perf/core: Fix the address filtering fix - [arm64,armhf] soc: amlogic: meson-gx-pwrc-vpu: Fix power on/off register bitmask - [x86] platform/x86: alienware-wmi: fix kfree on potentially uninitialized pointer - tipc: set sysctl_tipc_rmem and named_timeout right range - usb: typec: tcpm: Notify the tcpc to start connection-detection for SRPs - [arm64] net: hns3: fix loop condition of hns3_get_tx_timeo_queue_info() - 6lowpan: Off by one handling ->nexthdr - ALSA: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() - afs: Fix AFS file locking to allow fine grained locks - afs: Further fix file locking - NFS: Don't interrupt file writeout due to fatal errors - scsi: qla2xxx: Fix a format specifier - scsi: qla2xxx: Fix error handling in qlt_alloc_qfull_cmd() - scsi: qla2xxx: Avoid that qlt_send_resp_ctio() corrupts memory - [ppc64el] KVM: PPC: Book3S HV: Fix lockdep warning when entering the guest - netfilter: nft_flow_offload: add entry to flowtable after confirmation - packet: in recvmsg msg_name return at least sizeof sockaddr_ll - ASoC: fix valid stream condition - [arm*] dwc2: gadget: Fix completed transfer size calculation in DDMA - IB/mlx5: Add missing XRC options to QP optional params mask - RDMA/rxe: Consider skb reserve space based on netdev of GID - [amd64] iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU - [arm64] dmaengine: tegra210-adma: restore channel status - mmc: core: fix possible use after free of host - ath10k: Fix encoding for protected management frames - afs: Fix the afs.cell and afs.volume xattr handlers - l2tp: Fix possible NULL pointer dereference - [x86] platform/x86: alienware-wmi: printing the wrong error code - netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule - [arm64,armhf] pwm: meson: Consider 128 a valid pre-divider - [arm64,armhf] pwm: meson: Don't disable PWM when setting duty repeatedly - nfp: bpf: fix static check error through tightening shift amount adjustment - netfilter: nf_tables: correct NFT_LOGLEVEL_MAX value - [arm*] thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power - EDAC/mc: Fix edac_mc_find() in case no device is found - afs: Fix key leak in afs_release() and afs_evict_inode() - afs: Don't invalidate callback if AFS_VNODE_DIR_VALID not set - afs: Fix lock-wait/callback-break double locking - afs: Fix double inc of vnode->cb_break - [armhf] dts: sun8i-h3: Fix wifi in Beelink X2 DT - [arm64] clk: meson: gxbb: no spread spectrum on mpll0 - [arm64] clk: meson: axg: spread spectrum is on mpll2 - [arm64] dmaengine: tegra210-adma: Fix crash during probe - [arm64] dts: meson: libretech-cc: set eMMC as removable - RDMA/qedr: Fix incorrect device rate. - [x86] crypto: ccp - fix AES CFB error exposed by new test vectors - [x86] crypto: ccp - Fix 3DES complaint from ccp-crypto module - iommu: Add missing new line for dma type - iommu: Use right function to get group for device - signal/cifs: Fix cifs_put_tcp_session to call send_sig instead of force_sig - inet: frags: call inet_frags_fini() after unregister_pernet_subsys() - [arm64] net: hns3: fix a memory leak issue for hclge_map_unmap_ring_to_vf_vector - [x86] netvsc: unshare skb in VF rx handler - net: core: support XDP generic on stacked devices. - RDMA/uverbs: check for allocation failure in uapi_add_elm() - net: don't clear sock->sk early to avoid trouble in strparser - [arm64] phy: qcom-qusb2: fix missing assignment of ret when calling clk_prepare_enable - [arm64] clk: sunxi-ng: sun50i-h6-r: Fix incorrect W1 clock gate register - media: vivid: fix incorrect assignment operation when setting video mode - [arm64] crypto: inside-secure - fix zeroing of the request in ahash_exit_inv - [arm64] crypto: inside-secure - fix queued len computation - mpls: fix warning with multi-label encap - [arm64] dts: meson-gxm-khadas-vim2: fix gpio-keys-polled node - [arm64] dts: meson-gxm-khadas-vim2: fix Bluetooth support - [amd64] iommu/vt-d: Duplicate iommu_resv_region objects per device list - qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state - qed: iWARP - fix uninitialized callback - [powerpc*] cacheinfo: add cacheinfo_teardown, cacheinfo_rebuild - [powerpc*] pseries/mobility: rebuild cacheinfo hierarchy post-migration - bpf: fix the check that forwarding is enabled in bpf_ipv6_fib_lookup - [amd64] IB/hfi1: Handle port down properly in pio - [arm64] drm/msm/mdp5: Fix mdp5_cfg_init error return - net: netem: fix backlog accounting for corrupted GSO frames - net/udp_gso: Allow TX timestamp with UDP GSO - [s390x] net/af_iucv: build proper skbs for HiperTransport - [s390x] net/af_iucv: always register net_device notifier - [armhf] ASoC: ti: davinci-mcasp: Fix slot mask settings when using multiple AXRs - rtc: pcf8563: Fix interrupt trigger method - rtc: pcf8563: Clear event flags and disable interrupts before requesting irq - net/sched: cbs: Fix error path of cbs_module_init - [arm64] drm/msm/a3xx: remove TPL1 regs from snapshot - ip6_fib: Don't discard nodes with valid routing information in fib6_locate_1() - perf/ioctl: Add check for the sample_period value - [x86] dmaengine: hsu: Revert "set HSU_CH_MTSR to memory width" - tools: bpftool: use correct argument in cgroup errors - fork,memcg: alloc_thread_stack_node needs to set tsk->stack - bnxt_en: Fix ethtool selftest crash under error conditions. - bnxt_en: Suppress error messages when querying DSCP DCB capabilities. - [amd64] iommu: Make iommu_disable safer - [x86] mfd: intel-lpss: Release IDA resources - rxrpc: Fix uninitialized error code in rxrpc_send_data_packet() - xprtrdma: Fix use-after-free in rpcrdma_post_recvs - PM: ACPI/PCI: Resume all devices during hibernation - ACPI: PM: Simplify and fix PM domain hibernation callbacks - ACPI: PM: Introduce "poweroff" callbacks for ACPI PM domain and LPSS - devres: allow const resource arguments - [arm64] RDMA/hns: Fixs hw access invalid dma memory error - ceph: fix "ceph.dir.rctime" vxattr value - xdp: fix possible cq entry leak - scsi: libfc: fix null pointer dereference on a null lport - xfrm interface: ifname may be wrong in logs - [armhf] clk: sunxi-ng: v3s: add the missing PLL_DDR1 - PM: sleep: Fix possible overflow in pm_system_cancel_wakeup() - libertas_tf: Use correct channel range in lbtf_geo_init - qed: reduce maximum stack frame size - usb: host: xhci-hub: fix extra endianness conversion - [x86] crypto: ccp - Reduce maximum stack usage - tipc: reduce risk of wakeup queue starvation - net/mlx5: Fix mlx5_ifc_query_lag_out_bits - cifs: fix rmmod regression in cifs.ko caused by force_sig changes - net: fix bpf_xdp_adjust_head regression for generic-XDP - cxgb4: smt: Add lock for atomic_dec_and_test - ext4: set error return correctly when ext4_htree_store_dirent fails - [arm64] RDMA/hns: Bugfix for slab-out-of-bounds when unloading hip08 driver - [arm64] RDMA/hns: bugfix for slab-out-of-bounds when loading hip08 driver - net/rds: Add a few missing rds_stat_names entries - tools: bpftool: fix arguments for p_err() in do_event_pipe() - tools: bpftool: fix format strings and arguments for jsonw_printf() - bnxt_en: Fix handling FRAG_ERR when NVM_INSTALL_UPDATE cmd fails - signal: Allow cifs and drbd to receive their terminating signals - [ppc64el] 64s/radix: Fix memory hot-unplug page table split - [x86] dmaengine: dw: platform: Switch to acpi_dma_controller_register() - mac80211: minstrel_ht: fix per-group max throughput rate initialization - i40e: reduce stack usage in i40e_set_fc - [armhf] 8896/1: VDSO: Don't leak kernel addresses - [mips*] avoid explicit UB in assignment of mips_io_port_base - media: em28xx: Fix exception handling in em28xx_alloc_urbs() - ahci: Do not export local variable ahci_em_messages - rxrpc: Fix lack of conn cleanup when local endpoint is cleaned up - Partially revert "kfifo: fix kfifo_alloc() and kfifo_init()" - hwmon: (lm75) Fix write operations for negative temperatures - net/sched: cbs: Set default link speed to 10 Mbps in cbs_set_port_rate - power: supply: Init device wakeup after device_add() - [x86] perf: Fix the dependency of the x86 insn decoder selftest - irqdomain: Add the missing assignment of domain->fwnode for named fwnode - bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA - bcache: Fix an error code in bch_dump_read() - netfilter: ctnetlink: honor IPS_OFFLOAD flag - [arm64] wcn36xx: use dynamic allocation for large variables - xsk: avoid store-tearing when assigning queues - xsk: avoid store-tearing when assigning umem - led: triggers: Fix dereferencing of null pointer - [arm64] net: hns3: fix error VF index when setting VLAN offload - rtlwifi: Fix file release memory leak - f2fs: fix wrong error injection path in inc_valid_block_count() - f2fs: fix error path of f2fs_convert_inline_page() - [x86] scsi: fnic: fix msix interrupt allocation - Btrfs: fix hang when loading existing inode cache off disk - Btrfs: fix inode cache waiters hanging on failure to start caching thread - Btrfs: fix inode cache waiters hanging on path allocation failure - btrfs: use correct count in btrfs_file_write_iter() - ixgbe: sync the first fragment unconditionally - ath10k: adjust skb length in ath10k_sdio_mbox_rx_packet - RDMA/cma: Fix false error message - net/rds: Fix 'ib_evt_handler_call' element in 'rds_ib_stat_names' - bnxt_en: Increase timeout for HWRM_DBG_COREDUMP_XX commands - f2fs: fix to avoid accessing uninitialized field of inode page in is_alive() - [powerpc*] mm/mce: Keep irqs disabled during lockless page table walk - bpf: fix BTF limits - [amd64] iommu: Wait for completion of IOTLB flush in attach_device - [amd64] net: aquantia: Fix aq_vec_isr_legacy() return value - cxgb4: Signedness bug in init_one() - [arm64] net: hisilicon: Fix signedness bug in hix5hd2_dev_probe() - [arm64] net: netsec: Fix signedness bug in netsec_probe() - [arm64,armhf] net: stmmac: dwmac-meson8b: Fix signedness bug in probe - of: mdio: Fix a signedness bug in of_phy_get_and_connect() - [arm64] net: ethernet: stmmac: Fix signedness bug in ipq806x_gmac_of_parse() - net: sched: cbs: Avoid division by zero when calculating the port rate - nvme: retain split access workaround for capability reads - [arm64,armhf] net: stmmac: gmac4+: Not all Unicast addresses may be available - rxrpc: Fix trace-after-put looking at the put connection record - mac80211: accept deauth frames in IBSS mode - llc: fix another potential sk_buff leak in llc_ui_sendmsg() - llc: fix sk_buff refcounting in llc_conn_state_process() - ip6erspan: remove the incorrect mtu limit for ip6erspan - [arm64,armhf] net: stmmac: fix length of PTP clock's name string - [arm64,armhf] net: stmmac: fix disabling flexible PPS output - sctp: add chunks to sk_backlog when the newsk sk_socket is not set - [s390x] qeth: Fix error handling during VNICC initialization - [s390x] qeth: Fix initialization of vnicc cmd masks during set online - act_mirred: Fix mirred_init_module error handling - net: avoid possible false sharing in sk_leave_memory_pressure() - net: add {READ|WRITE}_ONCE() annotations on ->rskq_accept_head - tcp: annotate lockless access to tcp_memory_pressure - net/smc: receive returns without data - net/smc: receive pending data after RCV_SHUTDOWN - [arm64] drm/msm/dsi: Implement reset correctly - [armhf] dmaengine: imx-sdma: fix size check for sdma script_number - [arm64] hibernate: check pgd table allocation - net: netem: fix error path for corrupted GSO frames - net: netem: correct the parent's backlog when corrupted packet was dropped - xsk: Fix registration of Rx-only sockets - bpf, offload: Unlock on error in bpf_offload_dev_create() - afs: Fix missing timeout reset - [x86] hv_netvsc: Fix offset usage in netvsc_send_table() - [x86] hv_netvsc: Fix send_table offset in case of a host bug - afs: Fix large file support - [armhf] hwrng: omap3-rom - Fix missing clock by probing with device tree - [mips64el,mipsel] Loongson: Fix return value of loongson_hwmon_init - [x86] hv_netvsc: flag software created hash value - net: neigh: use long type to store jiffies delta - packet: fix data-race in fanout_flow_is_huge() - affs: fix a memory leak in affs_remount - afs: Remove set but not used variables 'before', 'after' - [armhf] dmaengine: ti: edma: fix missed failure handling - drm/radeon: fix bad DMA from INTERRUPT_CNTL2 - [arm64] dts: meson-gxm-khadas-vim2: fix uart_A bluetooth node https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.100 - can, slip: Protect tty->disc_data in write_wakeup and close with RCU - [x86] firestream: fix memory leaks - gtp: make sure only SOCK_DGRAM UDP sockets are accepted - ipv6: sr: remove SKB_GSO_IPXIP6 on End.D* actions - net: cxgb3_main: Add CAP_NET_ADMIN check to CHELSIO_GET_MEM - net: ip6_gre: fix moving ip6gre between namespaces - net, ip6_tunnel: fix namespaces move - net, ip_tunnel: fix namespaces move - net: rtnetlink: validate IFLA_MTU attribute in rtnl_create_link() - net_sched: fix datalen for ematch - net-sysfs: Fix reference count leak in rx|netdev_queue_add_kobject - net-sysfs: fix netdev_queue_add_kobject() breakage - net-sysfs: Call dev_hold always in netdev_queue_add_kobject - net-sysfs: Call dev_hold always in rx_queue_add_kobject - net-sysfs: Fix reference count leak - net: usb: lan78xx: Add .ndo_features_check - Revert "udp: do rmem bulk free even if the rx sk queue is empty" - tcp_bbr: improve arithmetic division in bbr_update_bw() - tcp: do not leave dangling pointers in tp->highest_sack - tun: add mutex_unlock() call and napi.skb clearing in tun_get_user() - afs: Fix characters allowed into cell names - hwmon: (adt7475) Make volt2reg return same reg as reg2volt input - hwmon: (core) Do not use device managed functions for memory allocations - PCI: Mark AMD Navi14 GPU rev 0xc5 ATS as broken - tracing: trigger: Replace unneeded RCU-list traversals - Input: keyspan-remote - fix control-message timeouts - [x86] Revert "Input: synaptics-rmi4 - don't increment rmiaddr for SMBus transfers" - [arm64,armhf] mmc: tegra: fix SDR50 tuning override - mmc: sdhci: fix minimum clock rate for v3 controller - [arm64] Documentation: Document arm64 kpti control - Input: sur40 - fix interface sanity checks - Input: gtco - fix endpoint sanity check - Input: aiptek - fix endpoint sanity check - Input: pegasus_notetaker - fix endpoint sanity check - [armhf] Input: sun4i-ts - add a check for devm_thermal_zone_of_sensor_register - netfilter: nft_osf: add missing check for DREG attribute - hwmon: (nct7802) Fix voltage limits to wrong registers - do_last(): fetch directory ->i_mode and ->i_uid before it's too late (CVE-2020-8428) - sd: Fix REQ_OP_ZONE_REPORT completion handling - [i386] crypto: geode-aes - switch to skcipher for cbc(aes) fallback - media: v4l2-ioctl.c: zero reserved fields for S/TRY_FMT - scsi: iscsi: Avoid potential deadlock in iscsi_if_rx func - netfilter: ipset: use bitmap infrastructure completely - netfilter: nf_tables: add __nft_chain_type_get() - mm/memory_hotplug: make remove_memory() take the device_hotplug_lock - mm, sparse: drop pgdat_resize_lock in sparse_add/remove_one_section() - mm, sparse: pass nid instead of pgdat to sparse_add_one_section() - drivers/base/memory.c: remove an unnecessary check on NR_MEM_SECTIONS - mm, memory_hotplug: add nid parameter to arch_remove_memory - mm/memory_hotplug: release memory resource after arch_remove_memory() - drivers/base/memory.c: clean up relics in function parameters - mm, memory_hotplug: update a comment in unregister_memory() - mm/memory_hotplug: make unregister_memory_section() never fail - mm/memory_hotplug: make __remove_section() never fail - [powerpc*] mm: Fix section mismatch warning - mm/memory_hotplug: make __remove_pages() and arch_remove_memory() never fail - [s390x] mm: implement arch_remove_memory() - mm/memory_hotplug: allow arch_remove_memory() without CONFIG_MEMORY_HOTREMOVE - drivers/base/memory: pass a block_id to init_memory_block() - mm/memory_hotplug: create memory block devices after arch_add_memory() - mm/memory_hotplug: remove memory block devices before arch_remove_memory() - mm/memory_hotplug: make unregister_memory_block_under_nodes() never fail - mm/memory_hotplug: remove "zone" parameter from sparse_remove_one_section - mm/hotplug: kill is_dev_zone() usage in __remove_pages() - drivers/base/node.c: simplify unregister_memory_block_under_nodes() - mm/memunmap: don't access uninitialized memmap in memunmap_pages() - mm/memory_hotplug: fix try_offline_node() - mm/memory_hotplug: shrink zones when offlining memory https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.101 - orinoco_usb: fix interface sanity check - rsi_91x_usb: fix interface sanity check - USB: serial: ir-usb: add missing endpoint sanity check - USB: serial: ir-usb: fix link-speed handling - USB: serial: ir-usb: fix IrLAP framing - [arm64,armhf] usb: dwc3: turn off VBUS when leaving host mode - staging: wlan-ng: ensure error return is actually returned - [x86] staging: vt6656: correct packet types for CTS protect, mode. - [x86] staging: vt6656: use NULLFUCTION stack on mac80211 - [x86] staging: vt6656: Fix false Tx excessive retries reporting. - [arm64,armel] serial: 8250_bcm2835aux: Fix line mismatch on driver unbind - component: do not dereference opaque pointer in debugfs - [x86] mei: me: add comet point (lake) H device ids - crypto: chelsio - fix writing tfm flags to wrong place - cifs: Fix memory allocation in __smb2_handle_cancelled_cmd() - ath9k: fix storage endpoint lookup - brcmfmac: fix interface sanity check - rtl8xxxu: fix interface sanity check - zd1211rw: fix storage endpoint lookup - net_sched: ematch: reject invalid TCF_EM_SIMPLE - net_sched: fix ops->bind_class() implementations - HID: multitouch: Add LG MELF0410 I2C touchscreen support - HID: Add quirk for Xin-Mo Dual Controller - HID: ite: Add USB id match for Acer SW5-012 keyboard dock - [x86] HID: Add quirk for incorrect input length on Lenovo Y720 - drivers/hid/hid-multitouch.c: fix a possible null pointer access. - [arm64] phy: qcom-qmp: Increase PHY ready timeout - drivers/net/b44: Change to non-atomic bit operations on pwol_mask - [i386] net: wan: sdla: Fix cast from pointer to integer of different size - [arm64] gpio: max77620: Add missing dependency on GPIOLIB_IRQCHIP - atm: eni: fix uninitialized variable warning - HID: steam: Fix input device disappearing - [x86] platform/x86: dell-laptop: disable kbd backlight on Inspiron 10xx - [amd64] PCI: Add DMA alias quirk for Intel VCA NTB - [amd64] iommu: Support multiple PCI DMA aliases in IRQ Remapping - usb-storage: Disable UAS on JMicron SATA enclosure - sched/fair: Add tmp_alone_branch assertion - sched/fair: Fix insertion in rq->leaf_cfs_rq_list - rsi: fix use-after-free on probe errors - rsi: fix memory leak on failed URB submission - rsi: fix non-atomic allocation in completion handler - crypto: af_alg - Use bh_lock_sock in sk_destruct - block: cleanup __blkdev_issue_discard() - block: fix 32 bit overflow in __blkdev_issue_discard() - [arm64] KVM: Write arch.mdcr_el2 changes since last vcpu_load on VHE https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.102 - vfs: fix do_last() regression - crypto: pcrypt - Fix user-after-free on module unload - perf c2c: Fix return type for histogram sorting comparision functions - PM / devfreq: Add new name attribute for sysfs - tools lib: Fix builds when glibc contains strlcpy() - ext4: validate the debug_want_extra_isize mount option at parse time - mm/mempolicy.c: fix out of bounds write in mpol_parse_str() - reiserfs: Fix memory leak of journal device string - media: digitv: don't continue if remote control state can't be read - media: af9005: uninitialized variable printked - media: vp7045: do not read uninitialized values if usb transfer fails - media: gspca: zero usb_buf - media: dvb-usb/dvb-usb-urb.c: initialize actlen to 0 - tomoyo: Use atomic_t for statistics counter - ttyprintk: fix a potential deadlock in interrupt context issue - Bluetooth: Fix race condition in hci_release_sock() - cgroup: Prevent double killing of css when enabling threaded cgroup - [armhf] dts: sun8i: a83t: Correct USB3503 GPIOs polarity - [armhf] dts: am57xx-beagle-x15/am57xx-idk: Remove "gpios" for endpoint dt nodes - [armhf] dts: beagle-x15-common: Model 5V0 regulator - [arm64] clk: sunxi-ng: h6-r: Fix AR100/R_APB2 parent order - mac80211: mesh: restrict airtime metric to peered established plinks - ASoC: rt5640: Fix NULL dereference on module unload - ixgbevf: Remove limit of 10 entries for unicast filter list - ixgbe: Fix calculation of queue with VFs and flow director on interface flap - igb: Fix SGMII SFP module discovery for 100FX/LX. - [x86] platform/x86: GPD pocket fan: Allow somewhat lower/higher temperature limits - qmi_wwan: Add support for Quectel RM500Q - wireless: fix enabling channel 12 for custom regulatory domain - cfg80211: Fix radar event during another phy CAC - mac80211: Fix TKIP replay protection immediately after key setup - netfilter: nft_tunnel: ERSPAN_VERSION must not be null - [armhf] net: dsa: bcm_sf2: Configure IMP port for 2Gb/sec - bnxt_en: Fix ipv6 RFS filter matching logic. - iwlwifi: Don't ignore the cap field upon mcc update - [armhf] dts: am335x-boneblack-common: fix memory size - vti[6]: fix packet tx through bpf_redirect() - xfrm interface: fix packet tx through bpf_redirect() - xfrm: interface: do not confirm neighbor when do pmtu update - scsi: fnic: do not queue commands during fwreset - [armhf] 8955/1: virt: Relax arch timer version check during early boot - [arm64] tee: optee: Fix compilation issue with nommu - airo: Fix possible info leak in AIROOLDIOCTL/SIOCDEVPRIVATE - airo: Add missing CAP_NET_ADMIN check in AIROOLDIOCTL/SIOCDEVPRIVATE - r8152: get default setting of WOL before initializing - qlcnic: Fix CPU soft lockup while collecting firmware dump - seq_tab_next() should increase position index - l2t_seq_next should increase position index - net: Fix skb->csum update in inet_proto_csum_replace16(). - btrfs: do not zero f_bavail if we have available space - perf report: Fix no libunwind compiled warning break s390 issue - mm/migrate.c: also overwrite error when it is bigger than zero https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.103 - [armhf] Revert "drm/sun4i: dsi: Change the start delay calculation" - ovl: fix lseek overflow on 32bit - kernel/module: Fix memleak in module_add_modinfo_attrs() - media: iguanair: fix endpoint sanity check - ocfs2: fix oops when writing cloned file - [x86] cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR - udf: Allow writing to 'Rewritable' partitions - printk: fix exclusive_console replaying - iwlwifi: mvm: fix NVM check for 3168 devices - gtp: use __GFP_NOWARN to avoid memalloc warning - l2tp: Allow duplicate session creation with UDP - net_sched: fix an OOB access in cls_tcindex - [arm64,armhf] net: stmmac: Delete txtimer in suspend() - bnxt_en: Fix TC queue mapping. - tcp: clear tp->total_retrans in tcp_disconnect() - tcp: clear tp->delivered in tcp_disconnect() - tcp: clear tp->data_segs{in|out} in tcp_disconnect() - tcp: clear tp->segs_{in|out} in tcp_disconnect() - rxrpc: Fix use-after-free in rxrpc_put_local() - rxrpc: Fix insufficient receive notification generation - rxrpc: Fix missing active use pinning of rxrpc_local object - rxrpc: Fix NULL pointer deref due to call->conn being cleared on disconnect - media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors - ipc/msg.c: consolidate all xxxctl_down() functions - tracing: Fix sched switch start/stop refcount racy updates - rcu: Avoid data-race in rcu_gp_fqs_check_wake() - brcmfmac: Fix memory leak in brcmf_usbdev_qinit - usb: gadget: f_ncm: Use atomic_t to track in-flight request - usb: gadget: f_ecm: Use atomic_t to track in-flight request - ALSA: usb-audio: Fix endianess in descriptor validation - ALSA: dummy: Fix PCM format loop in proc output - mm/memory_hotplug: fix remove_memory() lockdep splat - mm: move_pages: report the number of non-attempted pages - media/v4l2-core: set pages dirty upon releasing DMA buffers - media: v4l2-core: compat: ignore native command codes - media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments - irqdomain: Fix a memory leak in irq_domain_push_irq() - [x86] platform/x86: intel_scu_ipc: Fix interrupt support - [x86] ALSA: hda: Add Clevo W65_67SB the power_save blacklist - [arm64] KVM: Correct PSTATE on exception entry - [arm64,armhf] KVM: Correct CPSR on exception entry - [arm64,armhf] KVM: Correct AArch32 SPSR on exception entry - [arm64] KVM: Only sign-extend MMIO up to register width - [s390x] mm: fix dynamic pagetable upgrade for hugetlbfs - [powerpc*] pseries: Advance pfn if section is not present in lmb_is_removable() - smb3: fix signing verification of large reads - [arm64,armhf] PCI: tegra: Fix return value check of pm_runtime_get_sync() - [arm64,armhf] mmc: spi: Toggle SPI polarity, do not hardcode it - [x86] ACPI: video: Do not export a non working backlight interface on MSI MS-7721 boards - [x86] ACPI / battery: Deal with design or full capacity being reported as -1 - [x86] ACPI / battery: Use design-cap for capacity calculations if full-cap is not available - [x86] ACPI / battery: Deal better with neither design nor full capacity not being reported - alarmtimer: Unregister wakeup source when module get fails - ubifs: Reject unsupported ioctl flags explicitly - ubifs: don't trigger assertion on invalid no-key filename - ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag - ubifs: Fix deadlock in concurrent bulk-read and writepage - [i386] crypto: geode-aes - convert to skcipher API and make thread-safe - [x86] hv_balloon: Balloon up according to request page number - mfd: axp20x: Mark AXP20X_VBUS_IPSOUT_MGMT as volatile - crypto: api - Check spawn->alg under lock in crypto_drop_spawn - scsi: qla2xxx: Fix mtcp dump collection failure - ovl: fix wrong WARN_ON() in ovl_cache_update_ino() - f2fs: choose hardlimit when softlimit is larger than hardlimit in f2fs_statfs_project() - f2fs: fix miscounted block limit in f2fs_statfs_project() - f2fs: code cleanup for f2fs_statfs_project() - PM: core: Fix handling of devices deleted during system-wide resume - dm zoned: support zone sizes smaller than 128MiB - dm space map common: fix to ensure new block isn't already in use - dm crypt: fix benbi IV constructor crash if used in authenticated mode - dm: fix potential for q->make_request_fn NULL pointer - dm writecache: fix incorrect flush sequence when doing SSD mode commit - padata: Remove broken queue flushing - tracing: Annotate ftrace_graph_hash pointer with __rcu - tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu - ftrace: Add comment to why rcu_dereference_sched() is open coded - ftrace: Protect ftrace_graph_hash with ftrace_sync - [x86] crypto: ccp - set max RSA modulus size for v3 platform devices as well - crypto: pcrypt - Do not clear MAY_SLEEP flag in original request - crypto: api - Fix race condition in crypto_spawn_alg - scsi: qla2xxx: Fix unbound NVME response length - NFS: Fix memory leaks and corruption in readdir - NFS: Directory page cache pages need to be locked when read - jbd2_seq_info_next should increase position index - Btrfs: fix missing hole after hole punching and fsync when using NO_HOLES - btrfs: set trans->drity in btrfs_commit_transaction - Btrfs: fix race between adding and putting tree mod seq elements and nodes - [armhf] tegra: Enable PLLP bypass during Tegra124 LP1 - iwlwifi: don't throw error when trying to remove IGTK - mwifiex: fix unbalanced locking in mwifiex_process_country_ie() - sunrpc: expiry_time should be seconds not timeval - gfs2: move setting current->backing_dev_info - gfs2: fix O_SYNC write handling - drm/rect: Avoid division by zero - media: rc: ensure lirc is initialized before registering input device - xen/balloon: Support xend-based toolstack take two - watchdog: fix UAF in reboot notifier handling in watchdog core code - bcache: add readahead cache policy options via sysfs interface - eventfd: track eventfd_signal() recursion depth - aio: prevent potential eventfd recursion on poll - [x86] KVM: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks - [x86] KVM: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks - [x86] KVM: Protect pmu_intel.c from Spectre-v1/L1TF attacks - [x86] KVM: Protect DR-based index computations from Spectre-v1/L1TF attacks - [x86] KVM: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks - [x86] KVM: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF attacks - [x86] KVM: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks - [x86] KVM: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF attacks - [x86] KVM: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks - [x86] KVM: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c - [x86] KVM: Protect x86_decode_insn from Spectre-v1/L1TF attacks - [x86] KVM: Protect MSR-based index computations in fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks - [x86] KVM: Fix potential put_fpu() w/o load_fpu() on MPX platform - [ppc64el] KVM: Book3S HV: Uninit vCPU if vcore creation fails - [ppc64el] KVM: Book3S PR: Free shared page if mmu initialization fails - [x86] kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit (CVE-2019-3016) - [x86] KVM: Don't let userspace set host-reserved cr4 bits - [x86] KVM: Free wbinvd_dirty_mask if vCPU creation fails - [s390x] KVM: do not clobber registers during guest reset/store status - [arm64,armhf] clk: tegra: Mark fuse clock as critical - percpu: Separate decrypted varaibles anytime encryption can be enabled - scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type - scsi: csiostor: Adjust indentation in csio_device_reset - scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free - scsi: ufs: Recheck bkops level if bkops is disabled - [arm64] phy: qualcomm: Adjust indentation in read_poll_timeout - ext2: Adjust indentation in ext2_fill_super - [arm64] drm: msm: mdp4: Adjust indentation in mdp4_dsi_encoder_enable - IB/mlx5: Fix outstanding_pi index for GSI qps - IB/core: Fix ODP get user pages flow - nfsd: fix delay timer on 32-bit architectures - nfsd: fix jiffies/time_t mixup in LRU list - nfsd: Return the correct number of bytes written to the file - ubi: fastmap: Fix inverted logic in seen selfcheck - ubi: Fix an error pointer dereference in error handling code - bonding/alb: properly access headers in bond_alb_xmit() - [armhf] net: dsa: bcm_sf2: Only 7278 supports 2Gb/sec IMP port - [arm64,armhf] net: mvneta: move rx_dropped and rx_errors in per-cpu stats - net_sched: fix a resource leak in tcindex_set_parms() - net/mlx5: IPsec, Fix esp modify function attribute - net/mlx5: IPsec, fix memory leak at mlx5_fpga_ipsec_delete_sa_ctx - [arm64] net: macb: Remove unnecessary alignment check for TSO - [arm64] net: macb: Limit maximum GEM TX length in TSO - [armhf] net: dsa: b53: Always use dev->vlan_enabled in b53_configure_vlan() - ext4: fix deadlock allocating crypto bounce page from mempool - btrfs: use bool argument in free_root_pointers() - btrfs: free block groups after free'ing fs trees - btrfs: flush write bio if we loop in extent_write_cache_pages - [x86] KVM: mmu: Apply max PA check for MMIO sptes to 32-bit KVM - [x86] KVM: Use gpa_t for cr2/gpa to fix TDP support on 32-bit KVM - [x86] KVM: nVMX: vmread should not set rflags to specify success in case of #PF - KVM: Use vcpu-specific gva->hva translation when querying host page size - KVM: Play nice with read-only memslots when querying host page size - mm: zero remaining unavailable struct pages - mm: return zero_resv_unavail optimization - mm/page_alloc.c: fix uninitialized memmaps on a partially populated last section - cifs: fail i/o on soft mounts if sessionsetup errors out - [x86] apic/msi: Plug non-maskable MSI affinity race - clocksource: Prevent double add_timer_on() for watchdog_timer - perf/core: Fix mlock accounting in perf_mmap() - rxrpc: Fix service call disconnection https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.104 - ASoC: pcm: update FE/BE trigger order based on the command - [x86] hv_sock: Remove the accept port restriction - IB/mlx4: Fix memory leak in add_gid error flow - RDMA/netlink: Do not always generate an ACK for some netlink operations - RDMA/core: Fix locking in ib_uverbs_event_read - scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails - PCI/IOV: Fix memory leak in pci_iov_add_virtfn() - ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe - PCI: Don't disable bridge BARs when assigning bus resources - nfs: NFS_SWAP should depend on SWAP - NFS: Revalidate the file size on a fatal write error - NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes() - NFSv4: try lease recovery on NFS4ERR_EXPIRED - [arm64] serial: uartps: Add a timeout to the tx empty wait - [arm64] gpio: zynq: Report gpio direction at boot - spi: spi-mem: Add extra sanity checks on the op param - spi: spi-mem: Fix inverted logic in op sanity check - rtc: cmos: Stop using shared IRQ - [x86] platform/x86: intel_mid_powerbtn: Take a copy of ddata - [powerpc*] pseries/vio: Fix iommu_table use-after-free refcount warning - [powerpc*] pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW - [arm64] iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA - [arm64,armhf] KVM: vgic-its: Fix restoration of unmapped collections - [armel,armhf] 8949/1: mm: mark free_memmap as __init - [arm64] cpufeature: Fix the type of no FP/SIMD capability - [arm64] ptrace: nofpsimd: Fail FP/SIMD regset operations - [arm64,armhf] KVM: Fix young bit from mmu notifier - [arm64,armhf] KVM: Fix DFSR setting for non-LPAE aarch32 guests - [arm64,armhf] KVM: Make inject_abt32() inject an external abort instead - [arm64] KVM: pmu: Don't increment SW_INCR if PMCR.E is unset - mtd: onenand_base: Adjust indentation in onenand_read_ops_nolock - mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() - mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() - libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held - libertas: make lbs_ibss_join_existing() return error code on rates overflow - scsi: megaraid_sas: Do not initiate OCR if controller is not in ready state - [x86] stackframe: Move ENCODE_FRAME_POINTER to asm/frame.h - [x86] x86/stackframe, x86/ftrace: Add pt_regs frame annotations - [arm64] serial: uartps: Move the spinlock after the read of the tx empty - padata: fix null pointer deref of pd->pinst https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.105 - Input: synaptics - switch T470s to RMI4 by default - Input: synaptics - enable SMBus on ThinkPad L470 - Input: synaptics - remove the LEN0049 dmi id from topbuttonpad list - ALSA: usb-audio: Fix UAC2/3 effect unit parsing - ALSA: hda/realtek - Fix silent output on MSI-GL73 - ALSA: usb-audio: Apply sample rate quirk for Audioengine D1 - [arm64] cpufeature: Set the FP/SIMD compat HWCAP bits properly - [arm64] nofpsmid: Handle TIF_FOREIGN_FPSTATE flag cleanly - ALSA: usb-audio: sound: usb: usb true/false for bool return type - ALSA: usb-audio: Add clock validity quirk for Denon MC7000/MCX8000 - ext4: don't assume that mmp_nodename/bdevname have NUL - ext4: fix support for inode sizes > 1024 bytes - ext4: fix checksum errors with indexed dirs - ext4: add cond_resched() to ext4_protect_reserved_inode (CVE-2020-8992) - ext4: improve explanation of a mount failure caused by a misconfigured kernel - Btrfs: fix race between using extent maps and merging them - btrfs: ref-verify: fix memory leaks - btrfs: print message when tree-log replay starts - btrfs: log message when rw remount is attempted with unclean tree-log - [arm64] ssbs: Fix context-switch when SSBS is present on all CPUs - [x86] perf/x86/amd: Add missing L2 misses event spec to AMD Family 17h's event map - nvme: fix the parameter order for nvme_get_log in nvme_get_fw_slot_info - [amd64] IB/hfi1: Acquire lock to release TID entries when user file is closed - [amd64] IB/hfi1: Close window for pq and request coliding - IB/rdmavt: Reset all QPs when the device is shut down - RDMA/core: Fix invalid memory access in spec_filter_size - [amd64] RDMA/hfi1: Fix memory leak in _dev_comp_vect_mappings_create - RDMA/rxe: Fix soft lockup problem due to using tasklets in softirq - RDMA/core: Fix protection fault in get_pkey_idx_qp_list - [s390x] time: Fix clk type in get_tod_clock - [x86] perf/x86/intel: Fix inaccurate period in context switch for auto- reload - NFSv4.1 make cachethis=no for writes - jbd2: move the clearing of b_modified flag to the journal_unmap_buffer() - jbd2: do not clear the BH_Mapped flag when forgetting a metadata buffer - [x86] KVM: mmu: Fix struct guest_walker arrays for 5-level paging https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.106 - core: Don't skip generic XDP program execution for cloned SKBs - enic: prevent waking up stopped tx queues over watchdog reset - net/smc: fix leak of kernel memory to user space - net/sched: matchall: add missing validation of TCA_MATCHALL_FLAGS - net/sched: flower: add missing validation of TCA_FLOWER_FLAGS - [x86] KVM: nVMX: Use correct root level for nested EPT shadow page tables - [x86] drm/gma500: Fixup fbdev stolen size usage evaluation - cpu/hotplug, stop_machine: Fix stop_machine vs hotplug order - brcmfmac: Fix use after free in brcmf_sdio_readframes() - ext4: fix ext4_dax_read/write inode locking sequence for IOCB_NOWAIT - ALSA: ctl: allow TLV read operation for callback type of element in locked case - [powerpc*] powernv/iov: Ensure the pdn for VFs always contains a valid PE number - [amd64] iommu/vt-d: Fix off-by-one in PASID allocation - [x86] pinctrl: baytrail: Do not clear IRQ flags on direct-irq enabled pins - [x86] efi: Map the entire EFI vendor string before copying it - [mips64el,mipsel] Loongson: Fix potential NULL dereference in loongson3_platform_init() - [arm*] usb: dwc2: Fix IN FIFO allocation - [armel,armhf] clocksource/drivers/bcm2835_timer: Fix memory leak of timer - jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info when load journal - [armhf] pwm: omap-dmtimer: Simplify error handling - [s390x] pci: Fix possible deadlock in recover_store() - [powerpc*] iov: Move VF pdev fixup into pcibios_fixup_iov() - tracing: Fix tracing_stat return values in error handling paths - tracing: Fix very unlikely race of registering two stat tracers - ext4, jbd2: ensure panic when aborting with zero errno - ath10k: Correct the DMA direction for management tx buffers - nbd: add a flush_workqueue in nbd_start_device - [s390x] KVM: ENOTSUPP -> EOPNOTSUPP fixups - [arm64] clk: qcom: rcg2: Don't crash if our parent can't be found; return an error - drm/amdgpu: remove 4 set but not used variable in amdgpu_atombios_get_connector_info_from_object_table - [arm64,armhf] regulator: rk808: Lower log level on optional GPIOs being not available - NFC: port100: Convert cpu_to_le16(le16_to_cpu(E1) + E2) to use le16_add_cpu(). - selinux: fall back to ref-walk if audit is required - selinux: ensure we cleanup the internal AVC counters on error in avc_insert() - media: cx23885: Add support for AVerMedia CE310B - PCI: Add generic quirk for increasing D3hot delay - PCI: Increase D3 delay for AMD Ryzen5/7 XHCI controllers - media: v4l2-device.h: Explicitly compare grp{id,mask} to zero in v4l2_device macros - reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling - fore200e: Fix incorrect checks of NULL pointer dereference - netfilter: nft_tunnel: add the missing ERSPAN_VERSION nla_policy - ALSA: usx2y: Adjust indentation in snd_usX2Y_hwdep_dsp_status - orinoco: avoid assertion in case of NULL pointer - ACPICA: Disassembler: create buffer fields in ACPI_PARSE_LOAD_PASS1 - scsi: ufs: Complete pending requests in host reset and restore path - scsi: aic7xxx: Adjust indentation in ahc_find_syncrate - selinux: ensure we cleanup the internal AVC counters on error in avc_update() - dmaengine: Store module owner in dma_device struct - [arm64] clk: sunxi-ng: add mux and pll notifiers for A64 CPU clock - tools lib api fs: Fix gcc9 stringop-truncation compilation error - [x86] ACPI: button: Add DMI quirk for Razer Blade Stealth 13 late 2019 lid switch - mlx5: work around high stack usage with gcc - drm: remove the newline for CRC source name. - usbip: Fix unsafe unaligned pointer usage - udf: Fix free space reporting for metadata and virtual partitions - staging: rtl8188: avoid excessive stack usage - [amd64] IB/hfi1: Add software counter for ctxt0 seq drop - [armhf] soc/tegra: fuse: Correct straps' address for older Tegra124 device trees - [x86] efi: Don't panic or BUG() on non-critical error conditions - rcu: Use WRITE_ONCE() for assignments to ->pprev for hlist_nulls - [x86] nmi: Remove irq_work from the long duration NMI handler - driver core: platform: Prevent resouce overflow from causing infinite loops - driver core: Print device when resources present in really_probe() - bpf: Return -EBADRQC for invalid map type in __bpf_tx_xdp_map - drm/nouveau/secboot/gm20b: initialize pointer in gm20b_secboot_new() - drm/nouveau/gr/gk20a,gm200-: add terminators to method lists read from fw - drm/nouveau: Fix copy-paste error in nouveau_fence_wait_uevent_handler - drm/nouveau/fault/gv100-: fix memory leak on module unload - [x86] drm/vmwgfx: prevent memory leak in vmw_cmdbuf_res_add - [armhf] usb: musb: omap2430: Get rid of musb .set_vbus for omap2430 glue - [arm64] iommu/arm-smmu-v3: Use WRITE_ONCE() when changing validity of an STE - f2fs: set I_LINKABLE early to avoid wrong access by vfs - f2fs: free sysfs kobject - scsi: iscsi: Don't destroy session if there are outstanding connections - watchdog/softlockup: Enforce that timestamp is valid on boot - f2fs: fix memleak of kobject - [x86] mm: Fix NX bit clearing issue in kernel_map_pages_in_pgd - [armhf] pwm: omap-dmtimer: Remove PWM chip in .remove before making it unfunctional - btrfs: fix possible NULL-pointer dereference in integrity checks - btrfs: safely advance counter when looking up bio csums - btrfs: device stats, log when stats are zeroed - module: avoid setting info->name early in case we can fall back to info->mod->name - ALSA: hda/hdmi - add retry logic to parse_intel_hdmi() - driver core: platform: fix u32 greater or equal to zero comparison - ALSA: hda - Add docking station support for Lenovo Thinkpad T420s - drm/nouveau/mmu: fix comptag memory leak - [powerpc*] sriov: Remove VF eeh_dev state when disabling SR-IOV - bcache: cached_dev_free needs to put the sb page - [amd64] iommu/vt-d: Remove unnecessary WARN_ON_ONCE() - jbd2: switch to use jbd2_journal_abort() when failed to submit the commit record - jbd2: make sure ESHUTDOWN to be recorded in the journal superblock - iwlegacy: ensure loop counter addr does not wrap and cause an infinite loop - cifs: fix NULL dereference in match_prepath - bpf: map_seq_next should always increase position index - ceph: check availability of mds cluster on mount after wait timeout - [arm64,armhf] irqchip/gic-v3: Only provision redistributors that are enabled in ACPI - drm/nouveau/disp/nv50-: prevent oops when no channel method map provided - ftrace: fpid_next() should increase position index - trigger_next should increase position index - radeon: insert 10ms sleep in dce5_crtc_load_lut - ocfs2: fix a NULL pointer dereference when call ocfs2_update_inode_fsync_trans() - reiserfs: prevent NULL pointer dereference in reiserfs_insert_item() - bcache: explicity type cast in bset_bkey_last() - [arm64,armhf] irqchip/gic-v3-its: Reference to its_invall_cmd descriptor when building INVALL - iwlwifi: mvm: Fix thermal zone registration - brd: check and limit max_part par - NFS: Fix memory leaks - help_next should increase position index - cifs: log warning message (once) if out of disk space - virtio_balloon: prevent pfn array overflow https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.107 - [arm64] iommu/qcom: Fix bogus detach logic - ALSA: hda: Use scnprintf() for printing texts for sysfs/procfs - [x86] ALSA: hda/realtek - Apply quirk for MSI GP63, too - [x86] ALSA: hda/realtek - Apply quirk for yet another MSI laptop - [armhf] ASoC: sun8i-codec: Fix setting DAI data format - ecryptfs: fix a memory leak bug in parse_tag_1_packet() - ecryptfs: fix a memory leak bug in ecryptfs_init_messaging() - [x86] thunderbolt: Prevent crash if non-active NVMem file is read - USB: misc: iowarrior: add support for 2 OEMed devices - USB: misc: iowarrior: add support for the 28 and 28L devices - USB: misc: iowarrior: add support for the 100 device - floppy: check FDC index for errors before assigning it (CVE-2020-9383) - vt: fix scrollback flushing on background consoles - vt: selection, handle pending signals in paste_selection - vt: vt_ioctl: fix race in VT_RESIZEX - [arm*] staging: android: ashmem: Disallow ashmem memory from being remapped (CVE-2020-0009) - [x86] staging: vt6656: fix sign of rx_dbm to bb_pre_ed_rssi. - xhci: Force Maximum Packet size for Full-speed bulk devices to valid range. - xhci: fix runtime pm enabling for quirky Intel hosts - xhci: Fix memory leak when caching protocol extended capability PSI tables - take 2 - usb: host: xhci: update event ring dequeue pointer on purpose - USB: core: add endpoint-blacklist quirk - USB: quirks: blacklist duplicate ep on Sound Devices USBPre2 - usb: uas: fix a plug & unplug racing - USB: Fix novation SourceControl XL after suspend - USB: hub: Don't record a connect-change event during reset-resume - USB: hub: Fix the broken detection of USB3 device in SMSC hub - [arm*] usb: dwc2: Fix SET/CLEAR_FEATURE and GET_STATUS flows - [arm64,armhf] usb: dwc3: gadget: Check for IOC/LST bit in TRB->ctrl fields - staging: rtl8188eu: Fix potential security hole - staging: rtl8188eu: Fix potential overuse of kernel memory - staging: rtl8723bs: Fix potential security hole - staging: rtl8723bs: Fix potential overuse of kernel memory - [powerpc*] tm: Fix clearing MSR[TS] in current when reclaiming on signal delivery - jbd2: fix ocfs2 corrupt when clearing block group bits - [x86] mce/amd: Publish the bank pointer only after setup has succeeded - [x86] mce/amd: Fix kobject lifetime - [x86] cpu/amd: Enable the fixed Instructions Retired counter IRPERF - serial: 8250: Check UPF_IRQ_SHARED in advance - [armhf] tty: serial: imx: setup the correct sg entry for tx dma - serdev: ttyport: restore client ops on deregistration - Revert "ipc,sem: remove uneeded sem_undo_list lock usage in exit_sem()" - mm/memcontrol.c: lost css_put in memcg_expand_shrinker_maps() - nvme-multipath: Fix memory leak with ana_log_buf - genirq/irqdomain: Make sure all irq domain flags are distinct - mm/vmscan.c: don't round up scan size for online memory cgroup - drm/amdgpu/soc15: fix xclk for raven - [x86] xhci: apply XHCI_PME_STUCK_QUIRK to Intel Comet Lake platforms - [x86] KVM: nVMX: Don't emulate instructions in guest mode (CVE-2020-2732) - [x86] KVM: don't notify userspace IOAPIC on edge-triggered interrupt EOI - drm/nouveau/kms/gv100-: Re-set LUT after clearing for modesets - ext4: fix a data race in EXT4_I(inode)->i_disksize - ext4: add cond_resched() to __ext4_find_entry() - ext4: fix potential race between online resizing and write operations - ext4: fix potential race between s_group_info online resizing and access - ext4: fix potential race between s_flex_groups online resizing and access - ext4: fix mount failure with quota configured as module - ext4: rename s_journal_flag_rwsem to s_writepages_rwsem - ext4: fix race between writepages and enabling EXT4_EXTENTS_FL - [x86] KVM: nVMX: Refactor IO bitmap checks into helper function - [x86] KVM: nVMX: Check IO instruction VM-exit conditions - [x86] KVM: nVMX: handle nested posted interrupts when apicv is disabled for L1 - [x86] KVM: apic: avoid calculating pending eoi from an uninitialized val - btrfs: fix bytes_may_use underflow in prealloc error condtition - btrfs: reset fs_root to NULL on error in open_ctree - btrfs: do not check delayed items are empty for single transaction cleanup - Btrfs: fix btrfs_wait_ordered_range() so that it waits for all ordered extents - scsi: Revert "target: iscsi: Wait for all commands to finish before freeing a session" - usb: gadget: composite: Fix bMaxPower for SuperSpeedPlus - [arm*] usb: dwc2: Fix in ISOC request length checking - staging: rtl8723bs: fix copy of overlapping memory - ecryptfs: replace BUG_ON with error handling code - genirq/proc: Reject invalid affinity masks (again) - bpf, offload: Replace bitwise AND by logical AND in bpf_prog_offload_info_fill - ALSA: seq: Avoid concurrent access to queue flags - ALSA: seq: Fix concurrent access to queue current tick/time - netfilter: xt_hashlimit: limit the max size of hashtable - rxrpc: Fix call RCU cleanup using non-bh-safe locks - ata: ahci: Add shutdown to freeze hardware resources of ahci - xen: Enable interrupts when calling _cond_resched() - [s390x] mm: Explicitly compare PAGE_DEFAULT_KEY against zero in storage_key_init_range https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.108 - [arm64,armhf] irqchip/gic-v3-its: Fix misuse of GENMASK macro - iwlwifi: pcie: fix rb_allocator workqueue allocation - ipmi:ssif: Handle a possible NULL pointer reference - [arm64] drm/msm: Set dma maximum segment size for mdss - dax: pass NOWAIT flag to iomap_apply - mac80211: consider more elements in parsing CRC - cfg80211: check wiphy driver existence for drvinfo report - [s390x] zcrypt: fix card and queue total counter wrap - qmi_wwan: re-add DW5821e pre-production variant - qmi_wwan: unconditionally reject 2 ep interfaces - [arm64] soc/tegra: fuse: Fix build with Tegra194 configuration - net: ena: fix potential crash when rxfh key is NULL - net: ena: fix uses of round_jiffies() - net: ena: add missing ethtool TX timestamping indication - net: ena: fix incorrect default RSS key - net: ena: rss: fix failure to get indirection table - net: ena: rss: store hash function as values and not bits - net: ena: fix incorrectly saving queue numbers when setting RSS indirection table - net: ena: ethtool: use correct value for crc32 hash - net: ena: ena-com.c: prevent NULL pointer dereference - cifs: Fix mode output in debugging statements - cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE - sysrq: Restore original console_loglevel when sysrq disabled - sysrq: Remove duplicated sysrq message - net: fib_rules: Correctly set table field when table number exceeds 8 bits - net: sched: correct flower port blocking - sctp: move the format error check out of __sctp_sf_do_9_1_abort - ipv6: Fix route replacement with dev-only route - ipv6: Fix nlmsg_flags when splitting a multipath route - qede: Fix race between rdma destroy workqueue and link change event - ext4: potential crash on allocation error in ext4_alloc_flex_bg_array() - audit: fix error handling in audit_data_to_entry() - ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro - [arm64,x86] ACPI: watchdog: Fix gas->access_width usage - [x86] KVM: VMX: check descriptor table exits on instruction emulation - HID: ite: Only bind to keyboard USB interface on Acer SW5-012 keyboard dock - HID: core: fix off-by-one memset in hid_report_raw_event() - HID: core: increase HID report buffer size to 8KiB - tracing: Disable trace_printk() on post poned tests - Revert "PM / devfreq: Modify the device name as devfreq(X) for sysfs" - amdgpu/gmc_v9: save/restore sdpif regs during S3 - vhost: Check docket sk_family instead of call getname (CVE-2020-10942) - HID: alps: Fix an error handling path in 'alps_input_configured()' - HID: hiddev: Fix race in in hiddev_disconnect() - [x86] hv_netvsc: Fix unwanted wakeup in netvsc_attach() - [s390x] qeth: vnicc Fix EOPNOTSUPP precedence - net: netlink: cap max groups which will be considered in netlink_bind() - [amd64] net: atlantic: fix use after free kasan warn - [amd64] net: atlantic: fix potential error handling - net/smc: no peer ID in CLC decline for SMCD - net: ena: make ena rxfh support ETH_RSS_HASH_NO_CHANGE - namei: only return -ECHILD from follow_dotdot_rcu() - mwifiex: drop most magic numbers from mwifiex_process_tdls_action_frame() - [x86] KVM: SVM: Override default MMIO mask if memory encryption is enabled - KVM: Check for a bad hva before dropping into the ghc slow path - sched/fair: Optimize update_blocked_averages() - sched/fair: Fix O(nr_cgroups) in the load balancing path - perf stat: Use perf_evsel__is_clocki() for clock events - perf stat: Fix shadow stats for clock events - [arm64] drivers: net: xgene: Fix the order of the arguments of 'alloc_etherdev_mqs()' - kprobes: Set unoptimized flag after unoptimizing code - [armhf] pwm: omap-dmtimer: put_device() after of_find_device_by_node() - perf hists browser: Restore ESC as "Zoom out" of DSO/thread/etc - [x86] KVM: Remove spurious kvm_mmu_unload() from vcpu destruction path - [x86] KVM: Remove spurious clearing of async #PF MSR - netfilter: nft_tunnel: no need to call htons() when dumping ports - mm/huge_memory.c: use head to check huge zero page - mm, thp: fix defrag setting if newline is not used - audit: always check the netlink payload length in audit_receive_msg() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.109 - [x86] EDAC/amd64: Set grain per DIMM - ALSA: hda/realtek - Fix a regression for mute led on Lenovo Carbon X1 - [armhf] net: dsa: bcm_sf2: Forcibly configure IMP port for 1Gb/sec - kprobes: Fix optimize_kprobe()/unoptimize_kprobe() cancellation logic - [x86] ALSA: hda: do not override bus codec_mask in link_get() - usb: gadget: composite: Support more than 500mA MaxPower - usb: gadget: ffs: ffs_aio_cancel(): Save/restore IRQ flags - usb: gadget: serial: fix Tx stall after buffer overflow - [arm64] drm/msm/mdp5: rate limit pp done timeout warnings - [arm64] drm: msm: Fix return type of dsi_mgr_connector_mode_valid for kCFI - scsi: megaraid_sas: silence a warning - [arm64] drm/msm/dsi: save pll state before dsi host is powered off - [arm64] drm/msm/dsi/pll: call vco set rate explicitly - [armhf] net: dsa: b53: Ensure the default VID is untagged - [s390x] cio: cio_ignore_proc_seq_next should increase position index - [s390x] qdio: fill SL with absolute addresses - ice: Don't tell the OS that link is going down - [arm64] net: thunderx: workaround BGX TX Underflow issue - ALSA: hda/realtek - Add Headset Mic supported - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master - cifs: don't leak -EAGAIN for stat() during reconnect - usb: storage: Add quirk for Samsung Fit flash - usb: quirks: add NO_LPM quirk for Logitech Screen Share - [arm64,armhf] usb: dwc3: gadget: Update chain bit correctly when using sg list - usb: core: hub: fix unhandled return by employing a void function - usb: core: hub: do error out if usb_autopm_get_interface() fails - usb: core: port: do error out if usb_autopm_get_interface() fails - vgacon: Fix a UAF in vgacon_invert_region (CVE-2020-8647, CVE-2020-8649) - mm, numa: fix bad pmd by atomically check for pmd_trans_huge when marking page tables prot_numa - mm: fix possible PMD dirty bit lost in set_pmd_migration_entry() - fat: fix uninit-memory access for partial initialized inode - [arm64] tty:serial:mvebu-uart:fix a wrong return - serial: 8250_exar: add support for ACCES cards - vt: selection, close sel_buffer race (CVE-2020-8648) - vt: selection, push console lock down - vt: selection, push sel_lock up - [arm64,armhf] media: v4l2-mem2mem.c: fix broken links - [x86] pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes - [arm64,armhf] dmaengine: tegra-apb: Fix use-after-free - [arm64,armhf] dmaengine: tegra-apb: Prevent race conditions of tasklet vs free list - dm cache: fix a crash due to incorrect work item cancelling - dm: report suspended device during destroy - dm writecache: verify watermark during resume - [x86] ASoC: topology: Fix memleak in soc_tplg_link_elems_load() - [x86] ASoC: topology: Fix memleak in soc_tplg_manifest_load() - [x86] ASoC: intel: skl: Fix pin debug prints - [x86] ASoC: intel: skl: Fix possible buffer overflow in debug outputs - [armhf] dmaengine: imx-sdma: remove dma_slave_config direction usage and leave sdma_event_enable() - ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output - ASoC: dapm: Correct DAPM handling of active widgets during shutdown - [armhf] drm/sun4i: Fix DE2 VI layer format support - [armhf] drm/sun4i: de2/de3: Remove unsupported VI layer formats - RDMA/iwcm: Fix iwcm work deallocation - RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen() - [amd64] IB/hfi1, qib: Ensure RCU is locked when accessing list - [armhf] ARM: imx: build v7_cpu_resume() unconditionally - hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT() - [powerpc*] fix hardware PMU exception bug on PowerVM compatibility mode systems - [amd64] efi/x86: Align GUIDs to their size in the mixed mode runtime wrapper - [amd64] efi/x86: Handle by-ref arguments covering multiple pages in mixed mode - dm integrity: fix a deadlock due to offloading to an incorrect workqueue - scsi: pm80xx: Fixed kernel panic during error recovery for SATA drive https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.110 - [x86] KVM: SVM: fix up incorrect backport https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.111 - phy: Revert toggling reset changes. - net: phy: Avoid multiple suspends - cgroup, netclassid: periodically release file_lock on classid updating - gre: fix uninit-value in __iptunnel_pull_header - inet_diag: return classid for all socket types - ipv6/addrconf: call ipv6_mc_up() for non-Ethernet interface - ipvlan: add cond_resched_rcu() while processing muticast backlog - ipvlan: do not add hardware address of master to its unicast filter list - ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast() - ipvlan: don't deref eth hdr before checking it's set - net/ipv6: use configured metric when add peer route - netlink: Use netlink header as base to calculate bad attribute offset - net: macsec: update SCI upon MAC address change. - net: nfc: fix bounds checking bugs on "pipe" - net/packet: tpacket_rcv: do not increment ring index on drop - [arm64,armhf] net: stmmac: dwmac1000: Disable ACS if enhanced descs are not used - r8152: check disconnect status after long sleep - sfc: detach from cb_page in efx_copy_channel() - bnxt_en: reinitialize IRQs when MTU is modified - cgroup: memcg: net: do not associate sock with unrelated cgroup - net: memcg: late association of sock to memcg - net: memcg: fix lockdep splat in inet_csk_accept() - devlink: validate length of param values - nl802154: add missing attribute validation - nl802154: add missing attribute validation for dev_type - can: add missing attribute validation for termination - macsec: add missing attribute validation for port - net: fq: add missing attribute validation for orphan mask - team: add missing attribute validation for port ifindex - team: add missing attribute validation for array index - nfc: add missing attribute validation for SE API - nfc: add missing attribute validation for deactivate target - nfc: add missing attribute validation for vendor subcommand - net: phy: fix MDIO bus PM PHY resuming - net/ipv6: need update peer route when modify metric - net/ipv6: remove the old peer route if change it to a new one - tipc: add missing attribute validation for MTU property - devlink: validate length of region addr/len - bonding/alb: make sure arp header is pulled before accessing it - slip: make slhc_compress() more robust against malicious packets - [armhf] net: fec: validate the new settings in fec_enet_set_coalesce() - macvlan: add cond_resched() during multicast processing - cgroup: cgroup_procs_next should increase position index - cgroup: Iterate tasks that did not finish do_exit() - iwlwifi: mvm: Do not require PHY_SKU NVM section for 3168 devices - virtio-blk: fix hw_queue stopped on arbitrary error - [amd64] iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn + add_taint - netfilter: nf_conntrack: ct_cpu_seq_next should increase position index - netfilter: synproxy: synproxy_cpu_seq_next should increase position index - netfilter: xt_recent: recent_seq_next should increase position index - netfilter: x_tables: xt_mttg_seq_next should increase position index - workqueue: don't use wq_select_unbound_cpu() for bound works - drm/amd/display: remove duplicated assignment to grph_obj_type - cifs_atomic_open(): fix double-put on late allocation failure - gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache - [x86] KVM: clear stale x86_emulate_ctxt->intercept value - efi: Fix a race and a buffer overflow while reading efivars via sysfs - efi: Make efi_rts_work accessible to efi page fault handler - mt76: fix array overflow on receiving too many fragments for a packet - [x86] mce: Fix logic and comments around MSR_PPIN_CTL - [arm64] iommu/dma: Fix MSI reservation allocation - [amd64] iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint - [amd64] iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page - batman-adv: Don't schedule OGM for disabled interface - [arm64] pinctrl: meson-gxl: fix GPIOX sdio pins - pinctrl: core: Remove extra kref_get which blocks hogs being freed - [arm64,armhf] i2c: gpio: suppress error on probe defer - nl80211: add missing attribute validation for critical protocol indication - nl80211: add missing attribute validation for beacon report scanning - nl80211: add missing attribute validation for channel switch - perf bench futex-wake: Restore thread count default to online CPU count - netfilter: cthelper: add missing attribute validation for cthelper - netfilter: nft_payload: add missing attribute validation for payload csum flags - netfilter: nft_tunnel: add missing attribute validation for tunnels - [amd64] iommu/vt-d: Fix the wrong printing in RHSA parsing - [amd64] iommu/vt-d: Ignore devices with out-of-spec domain number - [arm64,x86] i2c: acpi: put device when verifying client fails - ipv6: restrict IPV6_ADDRFORM operation - net/smc: check for valid ib_client_data - net/smc: cancel event worker during device removal - efi: Add a sanity check to efivar_store_raw() - batman-adv: Avoid free/alloc race when handling OGM2 buffer https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.112 - [x86] perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT flag - [armhf] mmc: sdhci-omap: Add platform specific reset callback - [armhf] mmc: sdhci-omap: Workaround errata regarding SDR104/HS200 tuning failures (i929) - ACPI: watchdog: Allow disabling WDAT at boot - HID: apple: Add support for recent firmware on Magic Keyboards - [x86] HID: i2c-hid: add Trekstor Surfbook E11B to descriptor override - cfg80211: check reg_rule for NULL in handle_channel_custom() - scsi: libfc: free response frame from GPN_ID - net: usb: qmi_wwan: restore mtu min/max values after raw_ip switch - mac80211: rx: avoid RCU list traversal under mutex - signal: avoid double atomic counter increments for user accounting - slip: not call free_netdev before rtnl_unlock in slip_open - [x86,arm64] hinic: fix a irq affinity bug - [x86,arm64] hinic: fix a bug of setting hw_ioctxt - sfc: fix timestamp reconstruction at 16-bit rollover points - jbd2: fix data races at struct journal_head - [armhf] mmc: sdhci-omap: Don't finish_mrq() on a command error during tuning - [armhf] mmc: sdhci-omap: Fix Tuning procedure for temperatures < -20C - driver core: Remove the link if there is no driver with AUTO flag - driver core: Fix adding device links to probing suppliers - driver core: Make driver core own stateful device links - driver core: Add device link flag DL_FLAG_AUTOPROBE_CONSUMER - driver core: Remove device link creation limitation - driver core: Fix creation of device links with PM-runtime flags - mm: slub: add missing TID bump in kmem_cache_alloc_bulk() - efi: Fix debugobjects warning on 'efi_rts_work' https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.113 - [arm64] spi: qup: call spi_qup_pm_resume_runtime before suspending - [amd64] spi: pxa2xx: Add CS control clock quirk - [armhf] drm/exynos: dsi: fix workaround for the legacy clock name - [arm64] drivers/perf: arm_pmu_acpi: Fix incorrect checking of gicc pointer - dm bio record: save/restore bi_end_io and bi_integrity - dm integrity: use dm_bio_record and dm_bio_restore - xenbus: req->body should be updated before req->state - xenbus: req->err should be updated before req->state - block, bfq: fix overwrite of bfq_group pointer in bfq_find_set_group() - USB: Disable LPM on WD19's Realtek Hub - usb: quirks: add NO_LPM quirk for RTL8153 based ethernet adapters - USB: serial: option: add ME910G1 ECM composition 0x110b - [arm64,armhf] usb: host: xhci-plat: add a shutdown - USB: serial: pl2303: add device-id for HP LD381 - [x86] usb: xhci: apply XHCI_SUSPEND_DELAY to AMD XHCI controller 1022:145c - ALSA: line6: Fix endless MIDI read loop - ALSA: seq: virmidi: Fix running status after receiving sysex - ALSA: seq: oss: Fix running status after receiving sysex - ALSA: pcm: oss: Avoid plugin buffer overflow - ALSA: pcm: oss: Remove WARNING from snd_pcm_plug_alloc() checks - [armhf] iio: st_sensors: remap SMO8840 to LIS2DH12 - mmc: rtsx_pci: Fix support for speed-modes that relies on tuning - staging: rtl8188eu: Add device id for MERCUSYS MW150US v2 - staging/speakup: fix get_word non-space look-ahead - [x86] intel_th: Fix user-visible error codes - [x86] intel_th: pci: Add Elkhart Lake CPU support - xhci: Do not open code __print_symbolic() in xhci trace events - btrfs: fix log context list corruption after rename whiteout error - drm/amd/amdgpu: Fix GPR read from debugfs (v2) - drm/lease: fix WARNING in idr_destroy - memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event - mm: slub: be more careful about the double cmpxchg of freelist - mm, slub: prevent kmalloc_node crashes and memory leaks - page-flags: fix a crash at SetPageError(THP_SWAP) - [x86] mm: split vmalloc_sync_all() (Closes: #953017) - USB: cdc-acm: fix close_delay and closing_wait units in TIOCSSERIAL - USB: cdc-acm: fix rounding error in TIOCSSERIAL - futex: Fix inode life-time issue - futex: Unbreak futex hashing - Revert "vrf: mark skb for multicast or link-local as enslaved to VRF" - Revert "ipv6: Fix handling of LLA with VRF and sockets bound to VRF" - ALSA: hda/realtek: Fix pop noise on ALC225 - [arm64] smp: fix smp_send_stop() behaviour - [arm64] smp: fix crash_smp_send_stop() behaviour - [arm64,armhf] drm/bridge: dw-hdmi: fix AVI frame colorimetry https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.114 - mmc: core: Allow host controllers to require R1B for CMD6 - mmc: core: Respect MMC_CAP_NEED_RSP_BUSY for erase/trim/discard - mmc: core: Respect MMC_CAP_NEED_RSP_BUSY for eMMC sleep command - [armhf] mmc: sdhci-omap: Fix busy detection by enabling MMC_CAP_NEED_RSP_BUSY - [arm64,armhf] mmc: sdhci-tegra: Fix busy detection by enabling MMC_CAP_NEED_RSP_BUSY - geneve: move debug check after netdev unregister - macsec: restrict to ethernet devices - net: cbs: Fix software cbs to consider packet sending time - [armhf] net: dsa: Fix duplicate frames flooded by learning - [arm64,armhf] net: mvneta: Fix the case where the last poll did not process all rx - net/packet: tpacket_rcv: avoid a producer race condition - net: qmi_wwan: add support for ASKEY WWHC050 - net_sched: cls_route: remove the right filter from hashtable - net_sched: keep alloc_hash updated after hash allocation - [arm64,armhf] net: stmmac: dwmac-rk: fix error path in rk_gmac_probe - slcan: not call free_netdev before rtnl_unlock in slcan_open - bnxt_en: fix memory leaks in bnxt_dcbnl_ieee_getets() - bnxt_en: Reset rings if ring reservation fails during open() - net: ip_gre: Separate ERSPAN newlink / changelink callbacks - net: ip_gre: Accept IFLA_INFO_DATA-less configuration - r8169: re-enable MSI on RTL8168c - tcp: repair: fix TCP_QUEUE_SEQ implementation - vxlan: check return value of gro_cells_init() - cgroup-v1: cgroup_pidlist_next should update position index - nfs: add minor version to nfs_server_key for fscache - drivers/of/of_mdio.c:fix of_mdiobus_register() - cgroup1: don't call release_agent when it is "" - [s390x] qeth: handle error when backing RX buffer - scsi: ipr: Fix softlockup when rescanning devices in petitboot - mac80211: Do not send mesh HWMP PREQ if HWMP is disabled - [x86] ftrace: Anotate text_mutex split between ftrace_arch_code_modify_post_process() and ftrace_arch_code_modify_prepare() - [x86] Input: synaptics - enable RMI on HP Envy 13-ad105ng - Input: avoid BIT() macro usage in the serio.h UAPI header - ceph: check POOL_FLAG_FULL/NEARFULL in addition to OSDMAP_FULL/NEARFULL - perf probe: Do not depend on dwfl_module_addrsym() - scsi: sd: Fix optimal I/O size for devices that change reported values - nl80211: fix NL80211_ATTR_CHANNEL_WIDTH attribute type - mac80211: mark station unauthorized before key removal - [x86] gpiolib: acpi: Correct comment for HP x2 10 honor_wakeup quirk - gpiolib: acpi: Rework honor_wakeup option into an ignore_wake option - [x86] gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 BYT + AXP288 model - genirq: Fix reference leaks on irq affinity notifiers - xfrm: handle NETDEV_UNREGISTER for xfrm device - vti[6]: fix packet tx through bpf_redirect() in XinY cases - RDMA/mlx5: Block delay drop to unprivileged users - xfrm: fix uctx len check in verify_sec_ctx_len - xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire - xfrm: policy: Fix doulbe free in xfrm_policy_timer - afs: Fix some tracing details - netfilter: flowtable: reload ip{v6}h in nf_flow_tuple_ip{v6} - netfilter: nft_fwd_netdev: validate family and chain type - bpf/btf: Fix BTF verification of enum members in struct/union - vti6: Fix memory leak of skb if input policy check fails - mac80211: add option for setting control flags - mac80211: set IEEE80211_TX_CTRL_PORT_CTRL_PROTO for nl80211 TX - USB: serial: option: add support for ASKEY WWHC050 - USB: serial: option: add BroadMobi BM806U - USB: serial: option: add Wistron Neweb D19Q1 - USB: cdc-acm: restore capability check order - USB: serial: io_edgeport: fix slab-out-of-bounds read in edge_interrupt_callback - [arm64,armhf] usb: musb: fix crash with highmen PIO and usbmon - media: flexcop-usb: fix endpoint sanity check - media: usbtv: fix control-message timeouts - staging: rtl8188eu: Add ASUS USB-N10 Nano B1 to device table - [x86] ahci: Add Intel Comet Lake H RAID PCI ID - libfs: fix infoleak in simple_attr_read() - media: ov519: add missing endpoint sanity checks (CVE-2020-11608) - media: dib0700: fix rc endpoint lookup - media: stv06xx: add missing descriptor sanity checks (CVE-2020-11609) - media: xirlink_cit: add missing descriptor sanity checks (CVE-2020-11668) - mac80211: Check port authorization in the ieee80211_tx_dequeue() case - mac80211: fix authentication with iwlwifi/mvm - vt: selection, introduce vc_is_sel - vt: ioctl, switch VT_IS_IN_USE and VT_BUSY to inlines - vt: switch vt_dont_switch to bool - vt: vt_ioctl: remove unnecessary console allocation checks - vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console - vt: vt_ioctl: fix use-after-free in vt_in_use() - [x86] platform: pmc_atom: Add Lex 2I385SW to critclk_systems DMI table - bpf: Explicitly memset the bpf_attr structure - bpf: Explicitly memset some bpf info structures declared on the stack - [x86] gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 CHT + AXP288 model - perf map: Fix off by one in strncpy() size argument - [armel] bcm2835-rpi-zero-w: Add missing pinctrl name - [armhf] dts: N900: fix onenand timings https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.115 - ipv4: fix a RCU-list lock in fib_triestat_seq_show - net, ip_tunnel: fix interface lookup with no key - sctp: fix refcount bug in sctp_wfree - sctp: fix possibly using a bad saddr with a given dst - nvme-rdma: Avoid double freeing of async event data - drm/bochs: downgrade pci_request_region failure from error to warning - drm/amdgpu: fix typo for vcn1 idle check - [x86] tools/power turbostat: Fix gcc build warnings - [x86] tools/power turbostat: Fix missing SYS_LPI counter on some Chromebooks - [armhf] drm/etnaviv: replace MMU flush marker with flush sequence - media: rc: IR signal for Panasonic air conditioner too long - misc: rtsx: set correct pcr_ops for rts522A - [x86] mei: me: add cedar fork device ids - ALSA: hda/ca0132 - Add Recon3Di quirk to handle integrated sound on EVGA X99 Classified motherboard - rxrpc: Fix sendmsg(MSG_WAITALL) handling - net: Fix Tx hash bound checking - padata: always acquire cpu_hotplug_lock before pinst->lock - mm: mempolicy: require at least one nodeid for MPOL_PREFERRED (CVE-2020-11565) - ipv6: don't auto-add link-local address to lag ports - [armhf] net: dsa: bcm_sf2: Do not register slave MDIO bus with OF - [armhf] net: dsa: bcm_sf2: Ensure correct sub-node is parsed - net: phy: micrel: kszphy_resume(): add delay after genphy_resume() before accessing PHY registers - [arm64,armhf] net: stmmac: dwmac1000: fix out-of-bounds mac address reg setting - slcan: Don't transmit uninitialized stack data in padding (CVE-2020-11494) - random: always use batched entropy for get_random_u{32,64} - [arm64,armhf] usb: dwc3: gadget: Wrap around when skip TRBs - [armhf] hwrng: imx-rngc - fix an error path - [amd64] IB/hfi1: Call kobject_put() when kobject_init_and_add() fails - [amd64] IB/hfi1: Fix memory leaks in sysfs registration and unregistration - ceph: remove the extra slashes in the server path - ceph: canonicalize server path in place - RDMA/ucma: Put a lock around every call to the rdma_cm layer - RDMA/cma: Teach lockdep about the order of rtnl and lock - Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl - RDMA/cm: Update num_paths in cma_resolve_iboe_route error flow - fbcon: fix null-ptr-deref in fbcon_switch - [arm64] clk: qcom: rcg: Return failure for RCG update - [arm64] drm/msm: stop abusing dma_map/unmap for cache - [arm64] Fix size of __early_cpu_boot_status - [arm64] rpmsg: glink: Remove chunk size word align warning - [arm64,armhf] usb: dwc3: don't set gadget->is_otg flag - drm_dp_mst_topology: fix broken drm_dp_sideband_parse_remote_dpcd_read() - [arm64] drm/msm: Use the correct dma_sync calls in msm_gem https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.116 - [armhf] dts: sun8i-a83t-tbs-a711: HM5065 doesn't like such a high voltage - [arm64,armhf] bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads - [x86,arm64] hinic: fix a bug of waitting for IO stopped - [x86,arm64] hinic: fix wrong para of wait_for_completion_timeout - cxgb4/ptp: pass the sign of offset delta in FW CMD - qlcnic: Fix bad kzalloc null test - [armhf] cpufreq: imx6q: Fixes unwanted cpu overclocking on i.MX6ULL - [arm64] media: venus: hfi_parser: Ignore HEVC encoding for V1 - null_blk: Fix the null_add_dev() error path - null_blk: Handle null_add_dev() failures properly - null_blk: fix spurious IO errors after failed past-wp access - xhci: bail out early if driver can't accress host in resume - [x86] Don't let pgprot_modify() change the page encryption bit - block: keep bdi->io_pages in sync with max_sectors_kb for stacked devices - sched: Avoid scale real weight down to zero - libata: Remove extra scsi_host_put() in ata_scsi_add_hosts() - [amd64,x86] pstore/platform: fix potential mem leak if pstore_init_fs failed - gfs2: Don't demote a glock until its revokes are written - [i386] efi/x86: Ignore the memory attributes table on i386 - genirq/irqdomain: Check pointer in irq_domain_alloc_irqs_hierarchy() - block: Fix use-after-free issue accessing struct io_cq - [arm64,armhf] usb: dwc3: core: add support for disabling SS instances in park mode - [arm64,armhf] irqchip/gic-v4: Provide irq_retrigger to avoid circular locking dependency - md: check arrays is suspended in mddev_detach before call quiesce operations - firmware: fix a double abort case with fw_load_sysfs_fallback - block, bfq: fix use-after-free in bfq_idle_slice_timer_body - btrfs: qgroup: ensure qgroup_rescan_running is only set when the worker is at least queued - btrfs: remove a BUG_ON() from merge_reloc_roots() - btrfs: track reloc roots based on their commit root bytenr - IB/mlx5: Replace tunnel mpls capability bits for tunnel_offloads - uapi: rename ext2_swab() to swab() and share globally in swab.h - slub: improve bit diffusion for freelist ptr obfuscation - ASoC: fix regwmask - ASoC: dapm: connect virtual mux with default value - ASoC: dpcm: allow start or stop during pause for backend - [x86] ASoC: topology: use name_prefix for new kcontrol - usb: gadget: f_fs: Fix use after free issue as part of queue failure - usb: gadget: composite: Inform controller driver of self-powered - ALSA: hda: Add driver blacklist - ALSA: hda: Fix potential access overflow in beep helper - ALSA: ice1724: Fix invalid access for enumerated ctl items - ALSA: pcm: oss: Fix regression by buffer overflow fix - ALSA: doc: Document PC Beep Hidden Register on Realtek ALC256 - ALSA: hda/realtek - Set principled PC Beep configuration for ALC256 - [x86] ALSA: hda/realtek - Remove now-unnecessary XPS 13 headphone noise fixups - [x86] ALSA: hda/realtek - Add quirk for MSI GL63 - [x86] acpi: ignore unspecified bit positions in the ACPI global lock field - nvme-fc: Revert "add module to ops template to allow module references" - nvme: Treat discovery subsystems as unique subsystems - PCI: pciehp: Fix indefinite wait on sysfs requests - PCI/ASPM: Clear the correct bits when enabling L1 substates - PCI: Add boot interrupt quirk mechanism for Xeon chipsets - tpm: Don't make log failures fatal - tpm: tpm1_bios_measurements_next should increase position index - tpm: tpm2_bios_measurements_next should increase position index - KEYS: reaching the keys quotas correctly - [amd64,x86] pstore: pstore_ftrace_seq_next should increase position index - [mips*el] tlbex: Fix LDDIR usage in setup_pw() for Loongson-3 - [mips*/octeon] irq: Fix potential NULL pointer dereference - ath9k: Handle txpower changes even when TPC is disabled - signal: Extend exec_id to 64bits - [i386] x86/entry/32: Add missing ASM_CLAC to general_protection entry - [x86] KVM: nVMX: Properly handle userspace interrupt window request - [s390x] KVM: vsie: Fix region 1 ASCE sanity shadow address checks - [s390x] KVM: vsie: Fix delivery of addressing exceptions - [x86] KVM: Allocate new rmap and large page tracking when moving memslot - [x86] KVM: VMX: Always VMCLEAR in-use VMCSes during crash with kexec support - [x86] KVM: Gracefully handle __vmalloc() failure during VM allocation - [x86] KVM: VMX: fix crash cleanup when KVM wasn't used - CIFS: Fix bug which the return value by asynchronous read is error - Btrfs: fix crash during unmount due to race with delayed inode workers - btrfs: set update the uuid generation as soon as possible - btrfs: drop block from cache on error in relocation - btrfs: fix missing file extent item for hole after ranged fsync - btrfs: fix missing semaphore unlock in btrfs_sync_file - [powerpc*] pseries: Drop pointless static qualifier in vpa_debugfs_init() - [x86] speculation: Remove redundant arch_smt_update() invocation - mm: Use fixed constant in page_frag_alloc instead of size + 1 - dm writecache: add cond_resched to avoid CPU hangs - [s390x] scsi: zfcp: fix missing erp_lock in port recovery trigger for point-to-point - [arm64] armv8_deprecated: Fix undef_hook mask for thumb setend - [armhf] drm/etnaviv: rework perfmon query infrastructure - [powerpc*] pseries: Avoid NULL pointer dereference when drmem is unavailable - NFS: Fix a page leak in nfs_destroy_unlinked_subrequests() - ext4: fix a data race at inode->i_blocks - fs/filesystems.c: downgrade user-reachable WARN_ONCE() to pr_warn_once() - ocfs2: no need try to truncate file beyond i_size - [s390x] diag: fix display of diagnose call statistics - [x86] Input: i8042 - add Acer Aspire 5738z to nomux list - kmod: make request_module() return an error when autoloading is disabled - [powerpc*] cpufreq: powernv: Fix use-after-free - hfsplus: fix crash and filesystem corruption when deleting files - libata: Return correct status in sata_pmp_eh_recover_pm() when ATA_DFLAG_DETACH is set - ipmi: fix hung processes in __get_guid() - xen/blkfront: fix memory allocation flags in blkfront_setup_indirect() - [powerpc*] powernv/idle: Restore AMR/UAMOR/AMOR after idle (CVE-2020-11669) - [powerpc*] 64/tm: Don't let userspace set regs->trap via sigreturn - [powerpc*] hash64/devmap: Use H_PAGE_THP_HUGE when setting up huge devmap PTE entries - [powerpc*] xive: Use XIVE_BAD_IRQ instead of zero to catch non configured IPIs - [powerpc*] kprobes: Ignore traps that happened in real mode - scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug - [powerpc*] Add attributes for setjmp/longjmp - [powerpc*] Make setjmp/longjmp signature standard - btrfs: use nofs allocations for running delayed items - dm zoned: remove duplicate nr_rnd_zones increase in dmz_init_zone() - drm/dp_mst: Fix clearing payload state on topology disable - drm: Remove PageReserved manipulation from drm_pci_alloc - ftrace/kprobe: Show the maxactive number on kprobe_events - [armhf] etnaviv: perfmon: fix total and idle HI cyleces readout - [amd64] efi/x86: Fix the deletion of variables in mixed mode https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.117 - [amd64,arm64] amd-xgbe: Use __napi_schedule() in BH context - net: ipv6: do not consider routes via gateways for anycast address check - net: revert default NAPI poll timeout to 2 jiffies - [arm64,armhf] net: stmmac: dwmac-sunxi: Provide TX and RX fifo sizes - ovl: fix value of i_ino for lower hardlink corner case - scsi: ufs: Fix ufshcd_hold() caused scheduling while atomic - jbd2: improve comments about freeing data buffers whose page mapping is NULL - ext4: fix incorrect group count in ext4_fill_super error message - ext4: fix incorrect inodes per group in error message - [x86] ASoC: Intel: mrfld: fix incorrect check on p->sink - [x86] ASoC: Intel: mrfld: return error codes when an error occurs - ALSA: usb-audio: Filter error from connector kctl ops, too - ALSA: usb-audio: Don't override ignore_ctl_error value from the map - ALSA: usb-audio: Don't create jack controls for PCM terminals - ALSA: usb-audio: Check mapping at creating connector controls, too - keys: Fix proc_keys_next to increase position index - tracing: Fix the race between registering 'snapshot' event trigger and triggering 'snapshot' operation - btrfs: check commit root generation in should_ignore_root - mac80211_hwsim: Use kstrndup() in place of kasprintf() - [arm64,armhf] usb: dwc3: gadget: don't enable interrupt when disabling endpoint - [arm64,armhf] usb: dwc3: gadget: Don't clear flags before transfer ended - ext4: do not zeroout extents beyond i_disksize - [x86] kvm: Host feature SSBD doesn't imply guest feature SPEC_CTRL_SSBD - scsi: target: fix hang when multiple threads try to destroy the same iscsi session - [x86] microcode/AMD: Increase microcode PATCH_MAX_SIZE - wil6210: check rx_buff_mgmt before accessing it - wil6210: ignore HALP ICR if already handled - wil6210: add general initialization/size checks - wil6210: make sure Rx ring sizes are correlated - wil6210: remove reset file from debugfs - mm/vmalloc.c: move 'area->pages' after if statement https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.118 - [armel,armhf] bpf: Fix offset overflow for BPF_MEM BPF_DW - scsi: sg: add sg_remove_request in sg_common_write - ext4: use non-movable memory for superblock readahead - [arm64,armhf] watchdog: sp805: fix restart handler - [armel,armhf] arm, bpf: Fix bugs with ALU64 {RSH, ARSH} BPF_K shift by 0 - netfilter: nf_tables: report EOPNOTSUPP on unsupported flags/object type - [arm64] irqchip/mbigen: Free msi_desc on device teardown - ALSA: hda: Don't release card at firmware loading error - of: overlay: kmemleak in dup_and_fixup_symbol_prop() - [x86] Hyper-V: Report crash register data or kmsg before running crash kernel - rbd: avoid a deadlock on header_rwsem when flushing notifies - rbd: call rbd_dev_unprobe() after unwatching and flushing notifies - xsk: Add missing check on user supplied headroom size - [x86] Hyper-V: Unload vmbus channel in hv panic callback - [x86] Hyper-V: Free hv_panic_page when fail to register kmsg dump - [x86] Hyper-V: Trigger crash enlightenment only once during system crash. - [x86] Hyper-V: Report crash register data when sysctl_record_panic_msg is not set - [x86] Hyper-V: Report crash data in die() when panic_on_oops is set - power: supply: bq27xxx_battery: Silence deferred-probe error - [arm64,armhf] clk: tegra: Fix Tegra PMC clock out parents - [armhf] soc: imx: gpc: fix power up sequencing - NFSv4/pnfs: Return valid stateids in nfs_layout_find_inode_by_stateid() - NFS: direct.c: Fix memory leak of dreq when nfs_get_lock_context fails - [s390x] cpuinfo: fix wrong output when CPU0 is offline - [s390x] cpum_sf: Fix wrong page count in error message - ext4: do not commit super on read-only bdev - cifs: Allocate encryption header through kmalloc - include/linux/swapops.h: correct guards for non_swap_entry() - percpu_counter: fix a data race at vm_committed_as - [s390x] KVM: vsie: Fix possible race when shadowing region 3 tables - [x86] ACPI: fix CPU hotplug deadlock - [amd64] drm/amdkfd: kfree the wrong pointer - NFS: Fix memory leaks in nfs_pageio_stop_mirroring() - f2fs: fix NULL pointer dereference in f2fs_write_begin() - [arm*] drm/vc4: Fix HDMI mode validation - [amd64] iommu/vt-d: Fix mm reference leak - power: supply: axp288_fuel_gauge: Broaden vendor check for Intel Compute Sticks. - libnvdimm: Out of bounds read in __nd_ioctl() - f2fs: fix to wait all node page writeback - [armhf] net: dsa: bcm_sf2: Fix overflow checks - fbdev: potential information leak in do_fb_ioctl() - mtd: lpddr: Fix a double free in probe() - mtd: phram: fix a double free issue in error path - KEYS: Don't write out to userspace while holding key semaphore - bpf: fix buggy r0 retval refinement for tracing helpers . [ Salvatore Bonaccorso ] * Refresh "Revert "objtool: Fix CONFIG_STACK_VALIDATION=y warning for out-of-tree modules"" for context changes in 4.19.99 * Refresh "ARM: dts: bcm283x: Correct vchiq compatible string" for context changes in 4.19.99 * Drop "tools/lib/api/fs/fs.c: Fix misuse of strncpy()" * Refresh "net: ena: add MAX_QUEUES_EXT get feature admin command" for context changes in 4.19.108 * [rt] Update to 4.19.115-rt48: - Revert "genirq: Do not invoke the affinity callback via a workqueue on RT" * [rt] Refresh "pci/switchtec: Don't use completion's wait queue" for context changes in 4.19.116 * Refresh "firmware: Remove redundant log messages from drivers" for context changes in 4.19.118 * f2fs: fix to avoid memory leakage in f2fs_listxattr (CVE-2020-0067) * net: ipv6: add net argument to ip6_dst_lookup_flow * net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup (CVE-2020-1749) * blktrace: Protect q->blk_trace with RCU (CVE-2019-19768) * blktrace: fix dereference after null check . [ Ben Hutchings ] * [x86] Drop "Add a SysRq option to lift kernel lockdown" (Closes: #947021) - This patch allowed remotely disabling lockdown using usbip - Lockdown can be disabled by running "mokutil --disable-validation", rebooting, and confirming the change when prompted * debian/README.source: Refer to upload checklist in kernel-team.git * Bump ABI to 9 . [ YunQiang Su ] * [mips*] enable CONFIG_MIPS_O32_FP64_SUPPORT. * [mips*] enable CONFIG_CPU_HAS_MSA except octeon. . [ Steve McIntyre ] * [arm64] Include the Hisilicon Hibmc drm driver in fb-modules (Closes: #951274) . [ Noah Meyerhans ] * [cloud] Enable CONFIG_KSM (Closes: #955366) linux-signed-arm64 (4.19.98+1+deb10u1) buster-security; urgency=high . * Sign kernel from linux 4.19.98-1+deb10u1 . * [x86] KVM: nVMX: Don't emulate instructions in guest mode (CVE-2020-2732) * do_last(): fetch directory ->i_mode and ->i_uid before it's too late (CVE-2020-8428) * vfs: fix do_last() regression * vhost: Check docket sk_family instead of call getname (CVE-2020-10942) * mm: mempolicy: require at least one nodeid for MPOL_PREFERRED (CVE-2020-11565) * [s390x] mm: fix page table upgrade vs 2ndary address mode accesses (CVE-2020-11884) linux-signed-i386 (4.19.118+2) buster; urgency=medium . * Sign kernel from linux 4.19.118-2 . * Merge changes from 4.19.67-2+deb10u2 to include all security fixes from DSA 4667-1. linux-signed-i386 (4.19.118+1) buster; urgency=medium . * Sign kernel from linux 4.19.118-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.99 - Revert "efi: Fix debugobjects warning on 'efi_rts_work'" - xfs: Sanity check flags of Q_XQUOTARM call - [x86] mfd: intel-lpss: Add default I2C device properties for Gemini Lake - SUNRPC: Fix svcauth_gss_proxy_init() - [powerpc*] pseries: Enable support for ibm,drc-info property - tipc: update mon's self addr when node addr generated - tipc: fix wrong timeout input for tipc_wait_for_cond() - mt7601u: fix bbp version check in mt7601u_wait_bbp_ready - [armhf] crypto: sun4i-ss - fix big endian issues - perf map: No need to adjust the long name of modules - ipmi: Fix memory leak in __ipmi_bmc_register (CVE-2019-19046) - ixgbe: don't clear IPsec sa counters on HW clearing - drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() - iio: fix position relative kernel version - apparmor: Fix network performance issue in aa_label_sk_perm - ALSA: hda: fix unused variable warning - apparmor: don't try to replace stale label in ptrace access check - firmware: coreboot: Let OF core populate platform device - bridge: br_arp_nd_proxy: set icmp6_router if neigh has NTF_ROUTER - [arm64] drm/hisilicon: hibmc: Don't overwrite fb helper surface depth - IB/rxe: replace kvfree with vfree - [amd64] IB/hfi1: Add mtu check for operational data VLs - genirq/debugfs: Reinstate full OF path for domain name - [arm64] usb: dwc3: add EXTCON dependency for qcom - cfg80211: regulatory: make initialization more robust - [x86] mei: replace POLL* with EPOLL* for write queues. - [arm64] drm/msm: fix unsigned comparison with less than zero - ALSA: usb-audio: update quirk for B&W PX to remove microphone - iwlwifi: nvm: get num of hw addresses from firmware - netfilter: nft_osf: usage from output path is not valid - [x86] pwm: lpss: Release runtime-pm reference from the driver's remove callback - [powerpc*] pseries/memory-hotplug: Fix return value type of find_aa_index - rtlwifi: rtl8821ae: replace _rtl8821ae_mrate_idx_to_arfr_id with generic version - netfilter: nf_flow_table: do not remove offload when other netns's interface is down - tipc: eliminate message disordering during binding table update - [arm64] net: socionext: Add dummy PHY register read in phy_write() - [arm64,armhf] drm/sun4i: hdmi: Fix double flag assignation - [arm64] net: hns3: add error handler for hns3_nic_init_vector_data() - pcrypt: use format specifier in kobject_add - [armhf] ASoC: sun8i-codec: add missing route for ADC - [arm64] pinctrl: meson-gxl: remove invalid GPIOX tsin_a pins - [armhf] bus: ti-sysc: Add mcasp optional clocks flag - exportfs: fix 'passing zero to ERR_PTR()' warning - net: always initialize pagedlen - net: phy: Fix not to call phy_resume() if PHY is not attached - [amd64] IB/hfi1: Correctly process FECN and BECN in packets - IB/rxe: Fix incorrect cache cleanup in error flow - ipv6: add missing tx timestamping on IPPROTO_RAW - [arm64] net: hns3: fix error handling int the hns3_get_vector_ring_chain - vxlan: changelink: Fix handling of default remotes - fork,memcg: fix crash in free_thread_stack on memcg charge fail - [armhf] clk: highbank: fix refcount leak in hb_clk_init() - [armhf] clk: ti: fix refcount leak in ti_dt_clocks_register() - [armhf] clk: socfpga: fix refcount leak - [armhf] clk: samsung: exynos4: fix refcount leak in exynos4_get_xom() - [armhf] clk: imx6q: fix refcount leak in imx6q_clocks_init() - [armhf] clk: imx6sx: fix refcount leak in imx6sx_clocks_init() - [armhf] clk: armada-370: fix refcount leak in a370_clk_init() - [armel] clk: kirkwood: fix refcount leak in kirkwood_clk_init() - [armhf] clk: armada-xp: fix refcount leak in axp_clk_init() - [armhf] clk: mv98dx3236: fix refcount leak in mv98dx3236_clk_init() - [armhf] clk: dove: fix refcount leak in dove_clk_init() - drm: Fix error handling in drm_legacy_addctx - [armhf] drm/etnaviv: fix some off by one bugs - drm/fb-helper: generic: Fix setup error path - fork, memcg: fix cached_stacks case - [amd64] IB/usnic: Fix out of bounds index check in query pkey - RDMA/ocrdma: Fix out of bounds index check in query pkey - RDMA/qedr: Fix out of bounds index check in query pkey - RDMA/iw_cxgb4: Fix the unchecked ep dereference - net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ9031 - [armhf] memory: tegra: Don't invoke Tegra30+ specific memory timing setup on Tegra20 - [armhf] drm/etnaviv: NULL vs IS_ERR() buf in etnaviv_core_dump() - kbuild: mark prepare0 as PHONY to fix external module build - crypto: tgr192 - fix unaligned memory access - [armhf] ASoC: imx-sgtl5000: put of nodes if finding codec fails - IB/iser: Pass the correct number of entries for dma mapped SGL - [arm64] net: hns3: fix wrong combined count returned by ethtool -l - IB/mlx5: Don't override existing ip_protocol - rtc: cmos: ignore bogus century byte - [i386] spi/topcliff_pch: Fix potential NULL dereference on allocation error - [arm64] net: hns3: fix bug of ethtool_ops.get_channels for VF - [armhf] clk: sunxi-ng: sun8i-a23: Enable PLL-MIPI LDOs when ungating it - iwlwifi: mvm: avoid possible access out of array. - net/mlx5: Take lock with IRQs disabled to avoid deadlock - ip_tunnel: Fix route fl4 init in ip_md_tunnel_xmit - iwlwifi: mvm: fix A-MPDU reference assignment - [armhf] bus: ti-sysc: Fix timer handling with drop pm_runtime_irq_safe() - [x86] tty: ipwireless: Fix potential NULL pointer dereference - driver: uio: fix possible memory leak in __uio_register_device - driver: uio: fix possible use-after-free in __uio_register_device - driver core: Fix DL_FLAG_AUTOREMOVE_SUPPLIER device link flag handling - driver core: Avoid careless re-use of existing device links - driver core: Do not resume suppliers under device_links_write_lock() - driver core: Fix handling of runtime PM flags in device_link_add() - driver core: Do not call rpm_put_suppliers() in pm_runtime_drop_link() - drm/xen-front: Fix mmap attributes for display buffers - iwlwifi: mvm: fix RSS config command - [mips*] rtc: ds1672: fix unintended sign extension - ath10k: fix dma unmap direction for management frames - net: phy: fixed_phy: Fix fixed_phy not checking GPIO - rtc: ds1307: rx8130: Fix alarm handling - net/smc: original socket family in inet_sock_diag - [arm64] rtc: pm8xxx: fix unintended sign extension - iw_cxgb4: use tos when importing the endpoint - iw_cxgb4: use tos when finding ipv6 routes - xsk: add missing smp_rmb() in xsk_mmap - [armhf] drm/etnaviv: potential NULL dereference - RDMA/mlx5: Fix memory leak in case we fail to add an IB device - driver core: Fix possible supplier PM-usage counter imbalance - [armhf] usb: phy: twl6030-usb: fix possible use-after-free on remove - block: don't use bio->bi_vcnt to figure out segment number - keys: Timestamp new keys - [armhf] net: dsa: b53: Fix default VLAN ID - [armhf] net: dsa: b53: Properly account for VLAN filtering - [armhf] net: dsa: b53: Do not program CPU port's PVID - mt76: usb: fix possible memory leak in mt76u_buf_free - vfio_pci: Enable memory accesses before calling pci_map_rom - mdio_bus: Fix PTR_ERR() usage after initialization to constant - [powerpc*] KVM: Release all hardware TCE tables attached to a group - [x86] staging: r8822be: check kzalloc return or bail - [arm*] dmaengine: mv_xor: Use correct device for DMA API - cdc-wdm: pass return value of recover_from_urb_loss - brcmfmac: create debugfs files for bus-specific layer - net/mlx5: Delete unused FPGA QPN variable - drm/nouveau/bios/ramcfg: fix missing parentheses when calculating RON - drm/nouveau/pmu: don't print reply values if exec is false - drm/nouveau: fix missing break in switch statement - driver core: Fix PM-runtime for links added during consumer probe - [arm64] ASoC: qcom: Fix of-node refcount unbalance in apq8016_sbc_parse_of() - [arm64,armhf] net: dsa: fix unintended change of bridge interface STP state - fs/nfs: Fix nfs_parse_devname to not modify it's argument - [x86] staging: rtlwifi: Use proper enum for return in halmac_parse_psd_data_88xx - [ppc64el] 64s: Fix logic when handling unknown CPU features - NFS: Fix a soft lockup in the delegation recovery code - perf: Copy parent's address filter offsets on clone - perf, pt, coresight: Fix address filters for vmas with non-zero offset - [armhf] clocksource/drivers/sun5i: Fail gracefully when clock rate is unavailable - [armhf] clocksource/drivers/exynos_mct: Fix error path in timer resources initialization - [x86] platform/x86: wmi: fix potential null pointer dereference - NFS/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount - ath10k: Fix length of wmi tlv command for protected mgmt frames - netfilter: nft_set_hash: fix lookups with fixed size hash on big endian - netfilter: nft_set_hash: bogus element self comparison from deactivation path - net: sched: act_csum: Fix csum calc for tagged packets - [arm*] hwrng: bcm2835 - fix probe as platform device - [amd64] iommu/vt-d: Fix NULL pointer reference in intel_svm_bind_mm() - NFS: Add missing encode / decode sequence_maxsz to v4.2 operations - NFSv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE() - [amd64] net: aquantia: fixed instack structure overflow - media: dvb/earth-pt1: fix wrong initialization for demod blocks - rbd: clear ->xferred on error from rbd_obj_issue_copyup() - PCI: Fix "try" semantics of bus and slot reset - scsi: megaraid_sas: reduce module load time - xen, cpu_hotplug: Prevent an out of bounds access - net/mlx5: Fix multiple updates of steering rules in parallel - net/mlx5e: IPoIB, Fix RX checksum statistics update - [arm64,armhf] soc: amlogic: gx-socinfo: Add mask for each SoC packages - media: ivtv: update *pos correctly in ivtv_read_pos() - media: cx18: update *pos correctly in cx18_read_pos() - [armhf] media: wl128x: Fix an error code in fm_download_firmware() - media: cx23885: check allocation return - jfs: fix bogus variable self-initialization - [armhf] dts: sun9i: optimus: Fix fixed-regulators - net: phy: don't clear BMCR in genphy_soft_reset - [armhf] OMAP2+: Fix potentially uninitialized return value for _setup_reset() - [arm64,armhf] net: dsa: Avoid null pointer when failing to connect to PHY - media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame - [arm64,armhf] spi: tegra114: clear packed bit for unpacked mode - [arm64,armhf] spi: tegra114: fix for unpacked mode transfers - [arm64,armhf] spi: tegra114: terminate dma and reset on transfer timeout - [arm64,armhf] spi: tegra114: flush fifos - [arm64,armhf] spi: tegra114: configure dma burst size to fifo trig level - [armhf] bus: ti-sysc: Fix sysc_unprepare() when no clocks have been allocated - [arm*] spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios - drm/fb-helper: generic: Call drm_client_add() after setup is done - [arm64] vdso: don't leak kernel addresses - rtc: Fix timestamp value for RTC_TIMESTAMP_BEGIN_1900 - bpf: Add missed newline in verifier verbose log - [x86] drm/vmwgfx: Remove set but not used variable 'restart' - scsi: qla2xxx: Unregister chrdev if module initialization fails - net/sched: cbs: fix port_rate miscalculation - ACPI: button: reinitialize button state upon resume - [arm64,armhf] firmware: arm_scmi: fix of_node leak in scmi_mailbox_check - rxrpc: Fix detection of out of order acks - scsi: target/core: Fix a race condition in the LUN lookup code - brcmfmac: fix leak of mypkt on error return path - [arm64] net: hns3: fix for vport->bw_limit overflow problem - [x86] hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses - perf/core: Fix the address filtering fix - [arm64,armhf] soc: amlogic: meson-gx-pwrc-vpu: Fix power on/off register bitmask - [x86] platform/x86: alienware-wmi: fix kfree on potentially uninitialized pointer - tipc: set sysctl_tipc_rmem and named_timeout right range - usb: typec: tcpm: Notify the tcpc to start connection-detection for SRPs - [arm64] net: hns3: fix loop condition of hns3_get_tx_timeo_queue_info() - 6lowpan: Off by one handling ->nexthdr - ALSA: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() - afs: Fix AFS file locking to allow fine grained locks - afs: Further fix file locking - NFS: Don't interrupt file writeout due to fatal errors - scsi: qla2xxx: Fix a format specifier - scsi: qla2xxx: Fix error handling in qlt_alloc_qfull_cmd() - scsi: qla2xxx: Avoid that qlt_send_resp_ctio() corrupts memory - [ppc64el] KVM: PPC: Book3S HV: Fix lockdep warning when entering the guest - netfilter: nft_flow_offload: add entry to flowtable after confirmation - packet: in recvmsg msg_name return at least sizeof sockaddr_ll - ASoC: fix valid stream condition - [arm*] dwc2: gadget: Fix completed transfer size calculation in DDMA - IB/mlx5: Add missing XRC options to QP optional params mask - RDMA/rxe: Consider skb reserve space based on netdev of GID - [amd64] iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU - [arm64] dmaengine: tegra210-adma: restore channel status - mmc: core: fix possible use after free of host - ath10k: Fix encoding for protected management frames - afs: Fix the afs.cell and afs.volume xattr handlers - l2tp: Fix possible NULL pointer dereference - [x86] platform/x86: alienware-wmi: printing the wrong error code - netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule - [arm64,armhf] pwm: meson: Consider 128 a valid pre-divider - [arm64,armhf] pwm: meson: Don't disable PWM when setting duty repeatedly - nfp: bpf: fix static check error through tightening shift amount adjustment - netfilter: nf_tables: correct NFT_LOGLEVEL_MAX value - [arm*] thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power - EDAC/mc: Fix edac_mc_find() in case no device is found - afs: Fix key leak in afs_release() and afs_evict_inode() - afs: Don't invalidate callback if AFS_VNODE_DIR_VALID not set - afs: Fix lock-wait/callback-break double locking - afs: Fix double inc of vnode->cb_break - [armhf] dts: sun8i-h3: Fix wifi in Beelink X2 DT - [arm64] clk: meson: gxbb: no spread spectrum on mpll0 - [arm64] clk: meson: axg: spread spectrum is on mpll2 - [arm64] dmaengine: tegra210-adma: Fix crash during probe - [arm64] dts: meson: libretech-cc: set eMMC as removable - RDMA/qedr: Fix incorrect device rate. - [x86] crypto: ccp - fix AES CFB error exposed by new test vectors - [x86] crypto: ccp - Fix 3DES complaint from ccp-crypto module - iommu: Add missing new line for dma type - iommu: Use right function to get group for device - signal/cifs: Fix cifs_put_tcp_session to call send_sig instead of force_sig - inet: frags: call inet_frags_fini() after unregister_pernet_subsys() - [arm64] net: hns3: fix a memory leak issue for hclge_map_unmap_ring_to_vf_vector - [x86] netvsc: unshare skb in VF rx handler - net: core: support XDP generic on stacked devices. - RDMA/uverbs: check for allocation failure in uapi_add_elm() - net: don't clear sock->sk early to avoid trouble in strparser - [arm64] phy: qcom-qusb2: fix missing assignment of ret when calling clk_prepare_enable - [arm64] clk: sunxi-ng: sun50i-h6-r: Fix incorrect W1 clock gate register - media: vivid: fix incorrect assignment operation when setting video mode - [arm64] crypto: inside-secure - fix zeroing of the request in ahash_exit_inv - [arm64] crypto: inside-secure - fix queued len computation - mpls: fix warning with multi-label encap - [arm64] dts: meson-gxm-khadas-vim2: fix gpio-keys-polled node - [arm64] dts: meson-gxm-khadas-vim2: fix Bluetooth support - [amd64] iommu/vt-d: Duplicate iommu_resv_region objects per device list - qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state - qed: iWARP - fix uninitialized callback - [powerpc*] cacheinfo: add cacheinfo_teardown, cacheinfo_rebuild - [powerpc*] pseries/mobility: rebuild cacheinfo hierarchy post-migration - bpf: fix the check that forwarding is enabled in bpf_ipv6_fib_lookup - [amd64] IB/hfi1: Handle port down properly in pio - [arm64] drm/msm/mdp5: Fix mdp5_cfg_init error return - net: netem: fix backlog accounting for corrupted GSO frames - net/udp_gso: Allow TX timestamp with UDP GSO - [s390x] net/af_iucv: build proper skbs for HiperTransport - [s390x] net/af_iucv: always register net_device notifier - [armhf] ASoC: ti: davinci-mcasp: Fix slot mask settings when using multiple AXRs - rtc: pcf8563: Fix interrupt trigger method - rtc: pcf8563: Clear event flags and disable interrupts before requesting irq - net/sched: cbs: Fix error path of cbs_module_init - [arm64] drm/msm/a3xx: remove TPL1 regs from snapshot - ip6_fib: Don't discard nodes with valid routing information in fib6_locate_1() - perf/ioctl: Add check for the sample_period value - [x86] dmaengine: hsu: Revert "set HSU_CH_MTSR to memory width" - tools: bpftool: use correct argument in cgroup errors - fork,memcg: alloc_thread_stack_node needs to set tsk->stack - bnxt_en: Fix ethtool selftest crash under error conditions. - bnxt_en: Suppress error messages when querying DSCP DCB capabilities. - [amd64] iommu: Make iommu_disable safer - [x86] mfd: intel-lpss: Release IDA resources - rxrpc: Fix uninitialized error code in rxrpc_send_data_packet() - xprtrdma: Fix use-after-free in rpcrdma_post_recvs - PM: ACPI/PCI: Resume all devices during hibernation - ACPI: PM: Simplify and fix PM domain hibernation callbacks - ACPI: PM: Introduce "poweroff" callbacks for ACPI PM domain and LPSS - devres: allow const resource arguments - [arm64] RDMA/hns: Fixs hw access invalid dma memory error - ceph: fix "ceph.dir.rctime" vxattr value - xdp: fix possible cq entry leak - scsi: libfc: fix null pointer dereference on a null lport - xfrm interface: ifname may be wrong in logs - [armhf] clk: sunxi-ng: v3s: add the missing PLL_DDR1 - PM: sleep: Fix possible overflow in pm_system_cancel_wakeup() - libertas_tf: Use correct channel range in lbtf_geo_init - qed: reduce maximum stack frame size - usb: host: xhci-hub: fix extra endianness conversion - [x86] crypto: ccp - Reduce maximum stack usage - tipc: reduce risk of wakeup queue starvation - net/mlx5: Fix mlx5_ifc_query_lag_out_bits - cifs: fix rmmod regression in cifs.ko caused by force_sig changes - net: fix bpf_xdp_adjust_head regression for generic-XDP - cxgb4: smt: Add lock for atomic_dec_and_test - ext4: set error return correctly when ext4_htree_store_dirent fails - [arm64] RDMA/hns: Bugfix for slab-out-of-bounds when unloading hip08 driver - [arm64] RDMA/hns: bugfix for slab-out-of-bounds when loading hip08 driver - net/rds: Add a few missing rds_stat_names entries - tools: bpftool: fix arguments for p_err() in do_event_pipe() - tools: bpftool: fix format strings and arguments for jsonw_printf() - bnxt_en: Fix handling FRAG_ERR when NVM_INSTALL_UPDATE cmd fails - signal: Allow cifs and drbd to receive their terminating signals - [ppc64el] 64s/radix: Fix memory hot-unplug page table split - [x86] dmaengine: dw: platform: Switch to acpi_dma_controller_register() - mac80211: minstrel_ht: fix per-group max throughput rate initialization - i40e: reduce stack usage in i40e_set_fc - [armhf] 8896/1: VDSO: Don't leak kernel addresses - [mips*] avoid explicit UB in assignment of mips_io_port_base - media: em28xx: Fix exception handling in em28xx_alloc_urbs() - ahci: Do not export local variable ahci_em_messages - rxrpc: Fix lack of conn cleanup when local endpoint is cleaned up - Partially revert "kfifo: fix kfifo_alloc() and kfifo_init()" - hwmon: (lm75) Fix write operations for negative temperatures - net/sched: cbs: Set default link speed to 10 Mbps in cbs_set_port_rate - power: supply: Init device wakeup after device_add() - [x86] perf: Fix the dependency of the x86 insn decoder selftest - irqdomain: Add the missing assignment of domain->fwnode for named fwnode - bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA - bcache: Fix an error code in bch_dump_read() - netfilter: ctnetlink: honor IPS_OFFLOAD flag - [arm64] wcn36xx: use dynamic allocation for large variables - xsk: avoid store-tearing when assigning queues - xsk: avoid store-tearing when assigning umem - led: triggers: Fix dereferencing of null pointer - [arm64] net: hns3: fix error VF index when setting VLAN offload - rtlwifi: Fix file release memory leak - f2fs: fix wrong error injection path in inc_valid_block_count() - f2fs: fix error path of f2fs_convert_inline_page() - [x86] scsi: fnic: fix msix interrupt allocation - Btrfs: fix hang when loading existing inode cache off disk - Btrfs: fix inode cache waiters hanging on failure to start caching thread - Btrfs: fix inode cache waiters hanging on path allocation failure - btrfs: use correct count in btrfs_file_write_iter() - ixgbe: sync the first fragment unconditionally - ath10k: adjust skb length in ath10k_sdio_mbox_rx_packet - RDMA/cma: Fix false error message - net/rds: Fix 'ib_evt_handler_call' element in 'rds_ib_stat_names' - bnxt_en: Increase timeout for HWRM_DBG_COREDUMP_XX commands - f2fs: fix to avoid accessing uninitialized field of inode page in is_alive() - [powerpc*] mm/mce: Keep irqs disabled during lockless page table walk - bpf: fix BTF limits - [amd64] iommu: Wait for completion of IOTLB flush in attach_device - [amd64] net: aquantia: Fix aq_vec_isr_legacy() return value - cxgb4: Signedness bug in init_one() - [arm64] net: hisilicon: Fix signedness bug in hix5hd2_dev_probe() - [arm64] net: netsec: Fix signedness bug in netsec_probe() - [arm64,armhf] net: stmmac: dwmac-meson8b: Fix signedness bug in probe - of: mdio: Fix a signedness bug in of_phy_get_and_connect() - [arm64] net: ethernet: stmmac: Fix signedness bug in ipq806x_gmac_of_parse() - net: sched: cbs: Avoid division by zero when calculating the port rate - nvme: retain split access workaround for capability reads - [arm64,armhf] net: stmmac: gmac4+: Not all Unicast addresses may be available - rxrpc: Fix trace-after-put looking at the put connection record - mac80211: accept deauth frames in IBSS mode - llc: fix another potential sk_buff leak in llc_ui_sendmsg() - llc: fix sk_buff refcounting in llc_conn_state_process() - ip6erspan: remove the incorrect mtu limit for ip6erspan - [arm64,armhf] net: stmmac: fix length of PTP clock's name string - [arm64,armhf] net: stmmac: fix disabling flexible PPS output - sctp: add chunks to sk_backlog when the newsk sk_socket is not set - [s390x] qeth: Fix error handling during VNICC initialization - [s390x] qeth: Fix initialization of vnicc cmd masks during set online - act_mirred: Fix mirred_init_module error handling - net: avoid possible false sharing in sk_leave_memory_pressure() - net: add {READ|WRITE}_ONCE() annotations on ->rskq_accept_head - tcp: annotate lockless access to tcp_memory_pressure - net/smc: receive returns without data - net/smc: receive pending data after RCV_SHUTDOWN - [arm64] drm/msm/dsi: Implement reset correctly - [armhf] dmaengine: imx-sdma: fix size check for sdma script_number - [arm64] hibernate: check pgd table allocation - net: netem: fix error path for corrupted GSO frames - net: netem: correct the parent's backlog when corrupted packet was dropped - xsk: Fix registration of Rx-only sockets - bpf, offload: Unlock on error in bpf_offload_dev_create() - afs: Fix missing timeout reset - [x86] hv_netvsc: Fix offset usage in netvsc_send_table() - [x86] hv_netvsc: Fix send_table offset in case of a host bug - afs: Fix large file support - [armhf] hwrng: omap3-rom - Fix missing clock by probing with device tree - [mips64el,mipsel] Loongson: Fix return value of loongson_hwmon_init - [x86] hv_netvsc: flag software created hash value - net: neigh: use long type to store jiffies delta - packet: fix data-race in fanout_flow_is_huge() - affs: fix a memory leak in affs_remount - afs: Remove set but not used variables 'before', 'after' - [armhf] dmaengine: ti: edma: fix missed failure handling - drm/radeon: fix bad DMA from INTERRUPT_CNTL2 - [arm64] dts: meson-gxm-khadas-vim2: fix uart_A bluetooth node https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.100 - can, slip: Protect tty->disc_data in write_wakeup and close with RCU - [x86] firestream: fix memory leaks - gtp: make sure only SOCK_DGRAM UDP sockets are accepted - ipv6: sr: remove SKB_GSO_IPXIP6 on End.D* actions - net: cxgb3_main: Add CAP_NET_ADMIN check to CHELSIO_GET_MEM - net: ip6_gre: fix moving ip6gre between namespaces - net, ip6_tunnel: fix namespaces move - net, ip_tunnel: fix namespaces move - net: rtnetlink: validate IFLA_MTU attribute in rtnl_create_link() - net_sched: fix datalen for ematch - net-sysfs: Fix reference count leak in rx|netdev_queue_add_kobject - net-sysfs: fix netdev_queue_add_kobject() breakage - net-sysfs: Call dev_hold always in netdev_queue_add_kobject - net-sysfs: Call dev_hold always in rx_queue_add_kobject - net-sysfs: Fix reference count leak - net: usb: lan78xx: Add .ndo_features_check - Revert "udp: do rmem bulk free even if the rx sk queue is empty" - tcp_bbr: improve arithmetic division in bbr_update_bw() - tcp: do not leave dangling pointers in tp->highest_sack - tun: add mutex_unlock() call and napi.skb clearing in tun_get_user() - afs: Fix characters allowed into cell names - hwmon: (adt7475) Make volt2reg return same reg as reg2volt input - hwmon: (core) Do not use device managed functions for memory allocations - PCI: Mark AMD Navi14 GPU rev 0xc5 ATS as broken - tracing: trigger: Replace unneeded RCU-list traversals - Input: keyspan-remote - fix control-message timeouts - [x86] Revert "Input: synaptics-rmi4 - don't increment rmiaddr for SMBus transfers" - [arm64,armhf] mmc: tegra: fix SDR50 tuning override - mmc: sdhci: fix minimum clock rate for v3 controller - [arm64] Documentation: Document arm64 kpti control - Input: sur40 - fix interface sanity checks - Input: gtco - fix endpoint sanity check - Input: aiptek - fix endpoint sanity check - Input: pegasus_notetaker - fix endpoint sanity check - [armhf] Input: sun4i-ts - add a check for devm_thermal_zone_of_sensor_register - netfilter: nft_osf: add missing check for DREG attribute - hwmon: (nct7802) Fix voltage limits to wrong registers - do_last(): fetch directory ->i_mode and ->i_uid before it's too late (CVE-2020-8428) - sd: Fix REQ_OP_ZONE_REPORT completion handling - [i386] crypto: geode-aes - switch to skcipher for cbc(aes) fallback - media: v4l2-ioctl.c: zero reserved fields for S/TRY_FMT - scsi: iscsi: Avoid potential deadlock in iscsi_if_rx func - netfilter: ipset: use bitmap infrastructure completely - netfilter: nf_tables: add __nft_chain_type_get() - mm/memory_hotplug: make remove_memory() take the device_hotplug_lock - mm, sparse: drop pgdat_resize_lock in sparse_add/remove_one_section() - mm, sparse: pass nid instead of pgdat to sparse_add_one_section() - drivers/base/memory.c: remove an unnecessary check on NR_MEM_SECTIONS - mm, memory_hotplug: add nid parameter to arch_remove_memory - mm/memory_hotplug: release memory resource after arch_remove_memory() - drivers/base/memory.c: clean up relics in function parameters - mm, memory_hotplug: update a comment in unregister_memory() - mm/memory_hotplug: make unregister_memory_section() never fail - mm/memory_hotplug: make __remove_section() never fail - [powerpc*] mm: Fix section mismatch warning - mm/memory_hotplug: make __remove_pages() and arch_remove_memory() never fail - [s390x] mm: implement arch_remove_memory() - mm/memory_hotplug: allow arch_remove_memory() without CONFIG_MEMORY_HOTREMOVE - drivers/base/memory: pass a block_id to init_memory_block() - mm/memory_hotplug: create memory block devices after arch_add_memory() - mm/memory_hotplug: remove memory block devices before arch_remove_memory() - mm/memory_hotplug: make unregister_memory_block_under_nodes() never fail - mm/memory_hotplug: remove "zone" parameter from sparse_remove_one_section - mm/hotplug: kill is_dev_zone() usage in __remove_pages() - drivers/base/node.c: simplify unregister_memory_block_under_nodes() - mm/memunmap: don't access uninitialized memmap in memunmap_pages() - mm/memory_hotplug: fix try_offline_node() - mm/memory_hotplug: shrink zones when offlining memory https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.101 - orinoco_usb: fix interface sanity check - rsi_91x_usb: fix interface sanity check - USB: serial: ir-usb: add missing endpoint sanity check - USB: serial: ir-usb: fix link-speed handling - USB: serial: ir-usb: fix IrLAP framing - [arm64,armhf] usb: dwc3: turn off VBUS when leaving host mode - staging: wlan-ng: ensure error return is actually returned - [x86] staging: vt6656: correct packet types for CTS protect, mode. - [x86] staging: vt6656: use NULLFUCTION stack on mac80211 - [x86] staging: vt6656: Fix false Tx excessive retries reporting. - [arm64,armel] serial: 8250_bcm2835aux: Fix line mismatch on driver unbind - component: do not dereference opaque pointer in debugfs - [x86] mei: me: add comet point (lake) H device ids - crypto: chelsio - fix writing tfm flags to wrong place - cifs: Fix memory allocation in __smb2_handle_cancelled_cmd() - ath9k: fix storage endpoint lookup - brcmfmac: fix interface sanity check - rtl8xxxu: fix interface sanity check - zd1211rw: fix storage endpoint lookup - net_sched: ematch: reject invalid TCF_EM_SIMPLE - net_sched: fix ops->bind_class() implementations - HID: multitouch: Add LG MELF0410 I2C touchscreen support - HID: Add quirk for Xin-Mo Dual Controller - HID: ite: Add USB id match for Acer SW5-012 keyboard dock - [x86] HID: Add quirk for incorrect input length on Lenovo Y720 - drivers/hid/hid-multitouch.c: fix a possible null pointer access. - [arm64] phy: qcom-qmp: Increase PHY ready timeout - drivers/net/b44: Change to non-atomic bit operations on pwol_mask - [i386] net: wan: sdla: Fix cast from pointer to integer of different size - [arm64] gpio: max77620: Add missing dependency on GPIOLIB_IRQCHIP - atm: eni: fix uninitialized variable warning - HID: steam: Fix input device disappearing - [x86] platform/x86: dell-laptop: disable kbd backlight on Inspiron 10xx - [amd64] PCI: Add DMA alias quirk for Intel VCA NTB - [amd64] iommu: Support multiple PCI DMA aliases in IRQ Remapping - usb-storage: Disable UAS on JMicron SATA enclosure - sched/fair: Add tmp_alone_branch assertion - sched/fair: Fix insertion in rq->leaf_cfs_rq_list - rsi: fix use-after-free on probe errors - rsi: fix memory leak on failed URB submission - rsi: fix non-atomic allocation in completion handler - crypto: af_alg - Use bh_lock_sock in sk_destruct - block: cleanup __blkdev_issue_discard() - block: fix 32 bit overflow in __blkdev_issue_discard() - [arm64] KVM: Write arch.mdcr_el2 changes since last vcpu_load on VHE https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.102 - vfs: fix do_last() regression - crypto: pcrypt - Fix user-after-free on module unload - perf c2c: Fix return type for histogram sorting comparision functions - PM / devfreq: Add new name attribute for sysfs - tools lib: Fix builds when glibc contains strlcpy() - ext4: validate the debug_want_extra_isize mount option at parse time - mm/mempolicy.c: fix out of bounds write in mpol_parse_str() - reiserfs: Fix memory leak of journal device string - media: digitv: don't continue if remote control state can't be read - media: af9005: uninitialized variable printked - media: vp7045: do not read uninitialized values if usb transfer fails - media: gspca: zero usb_buf - media: dvb-usb/dvb-usb-urb.c: initialize actlen to 0 - tomoyo: Use atomic_t for statistics counter - ttyprintk: fix a potential deadlock in interrupt context issue - Bluetooth: Fix race condition in hci_release_sock() - cgroup: Prevent double killing of css when enabling threaded cgroup - [armhf] dts: sun8i: a83t: Correct USB3503 GPIOs polarity - [armhf] dts: am57xx-beagle-x15/am57xx-idk: Remove "gpios" for endpoint dt nodes - [armhf] dts: beagle-x15-common: Model 5V0 regulator - [arm64] clk: sunxi-ng: h6-r: Fix AR100/R_APB2 parent order - mac80211: mesh: restrict airtime metric to peered established plinks - ASoC: rt5640: Fix NULL dereference on module unload - ixgbevf: Remove limit of 10 entries for unicast filter list - ixgbe: Fix calculation of queue with VFs and flow director on interface flap - igb: Fix SGMII SFP module discovery for 100FX/LX. - [x86] platform/x86: GPD pocket fan: Allow somewhat lower/higher temperature limits - qmi_wwan: Add support for Quectel RM500Q - wireless: fix enabling channel 12 for custom regulatory domain - cfg80211: Fix radar event during another phy CAC - mac80211: Fix TKIP replay protection immediately after key setup - netfilter: nft_tunnel: ERSPAN_VERSION must not be null - [armhf] net: dsa: bcm_sf2: Configure IMP port for 2Gb/sec - bnxt_en: Fix ipv6 RFS filter matching logic. - iwlwifi: Don't ignore the cap field upon mcc update - [armhf] dts: am335x-boneblack-common: fix memory size - vti[6]: fix packet tx through bpf_redirect() - xfrm interface: fix packet tx through bpf_redirect() - xfrm: interface: do not confirm neighbor when do pmtu update - scsi: fnic: do not queue commands during fwreset - [armhf] 8955/1: virt: Relax arch timer version check during early boot - [arm64] tee: optee: Fix compilation issue with nommu - airo: Fix possible info leak in AIROOLDIOCTL/SIOCDEVPRIVATE - airo: Add missing CAP_NET_ADMIN check in AIROOLDIOCTL/SIOCDEVPRIVATE - r8152: get default setting of WOL before initializing - qlcnic: Fix CPU soft lockup while collecting firmware dump - seq_tab_next() should increase position index - l2t_seq_next should increase position index - net: Fix skb->csum update in inet_proto_csum_replace16(). - btrfs: do not zero f_bavail if we have available space - perf report: Fix no libunwind compiled warning break s390 issue - mm/migrate.c: also overwrite error when it is bigger than zero https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.103 - [armhf] Revert "drm/sun4i: dsi: Change the start delay calculation" - ovl: fix lseek overflow on 32bit - kernel/module: Fix memleak in module_add_modinfo_attrs() - media: iguanair: fix endpoint sanity check - ocfs2: fix oops when writing cloned file - [x86] cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR - udf: Allow writing to 'Rewritable' partitions - printk: fix exclusive_console replaying - iwlwifi: mvm: fix NVM check for 3168 devices - gtp: use __GFP_NOWARN to avoid memalloc warning - l2tp: Allow duplicate session creation with UDP - net_sched: fix an OOB access in cls_tcindex - [arm64,armhf] net: stmmac: Delete txtimer in suspend() - bnxt_en: Fix TC queue mapping. - tcp: clear tp->total_retrans in tcp_disconnect() - tcp: clear tp->delivered in tcp_disconnect() - tcp: clear tp->data_segs{in|out} in tcp_disconnect() - tcp: clear tp->segs_{in|out} in tcp_disconnect() - rxrpc: Fix use-after-free in rxrpc_put_local() - rxrpc: Fix insufficient receive notification generation - rxrpc: Fix missing active use pinning of rxrpc_local object - rxrpc: Fix NULL pointer deref due to call->conn being cleared on disconnect - media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors - ipc/msg.c: consolidate all xxxctl_down() functions - tracing: Fix sched switch start/stop refcount racy updates - rcu: Avoid data-race in rcu_gp_fqs_check_wake() - brcmfmac: Fix memory leak in brcmf_usbdev_qinit - usb: gadget: f_ncm: Use atomic_t to track in-flight request - usb: gadget: f_ecm: Use atomic_t to track in-flight request - ALSA: usb-audio: Fix endianess in descriptor validation - ALSA: dummy: Fix PCM format loop in proc output - mm/memory_hotplug: fix remove_memory() lockdep splat - mm: move_pages: report the number of non-attempted pages - media/v4l2-core: set pages dirty upon releasing DMA buffers - media: v4l2-core: compat: ignore native command codes - media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments - irqdomain: Fix a memory leak in irq_domain_push_irq() - [x86] platform/x86: intel_scu_ipc: Fix interrupt support - [x86] ALSA: hda: Add Clevo W65_67SB the power_save blacklist - [arm64] KVM: Correct PSTATE on exception entry - [arm64,armhf] KVM: Correct CPSR on exception entry - [arm64,armhf] KVM: Correct AArch32 SPSR on exception entry - [arm64] KVM: Only sign-extend MMIO up to register width - [s390x] mm: fix dynamic pagetable upgrade for hugetlbfs - [powerpc*] pseries: Advance pfn if section is not present in lmb_is_removable() - smb3: fix signing verification of large reads - [arm64,armhf] PCI: tegra: Fix return value check of pm_runtime_get_sync() - [arm64,armhf] mmc: spi: Toggle SPI polarity, do not hardcode it - [x86] ACPI: video: Do not export a non working backlight interface on MSI MS-7721 boards - [x86] ACPI / battery: Deal with design or full capacity being reported as -1 - [x86] ACPI / battery: Use design-cap for capacity calculations if full-cap is not available - [x86] ACPI / battery: Deal better with neither design nor full capacity not being reported - alarmtimer: Unregister wakeup source when module get fails - ubifs: Reject unsupported ioctl flags explicitly - ubifs: don't trigger assertion on invalid no-key filename - ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag - ubifs: Fix deadlock in concurrent bulk-read and writepage - [i386] crypto: geode-aes - convert to skcipher API and make thread-safe - [x86] hv_balloon: Balloon up according to request page number - mfd: axp20x: Mark AXP20X_VBUS_IPSOUT_MGMT as volatile - crypto: api - Check spawn->alg under lock in crypto_drop_spawn - scsi: qla2xxx: Fix mtcp dump collection failure - ovl: fix wrong WARN_ON() in ovl_cache_update_ino() - f2fs: choose hardlimit when softlimit is larger than hardlimit in f2fs_statfs_project() - f2fs: fix miscounted block limit in f2fs_statfs_project() - f2fs: code cleanup for f2fs_statfs_project() - PM: core: Fix handling of devices deleted during system-wide resume - dm zoned: support zone sizes smaller than 128MiB - dm space map common: fix to ensure new block isn't already in use - dm crypt: fix benbi IV constructor crash if used in authenticated mode - dm: fix potential for q->make_request_fn NULL pointer - dm writecache: fix incorrect flush sequence when doing SSD mode commit - padata: Remove broken queue flushing - tracing: Annotate ftrace_graph_hash pointer with __rcu - tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu - ftrace: Add comment to why rcu_dereference_sched() is open coded - ftrace: Protect ftrace_graph_hash with ftrace_sync - [x86] crypto: ccp - set max RSA modulus size for v3 platform devices as well - crypto: pcrypt - Do not clear MAY_SLEEP flag in original request - crypto: api - Fix race condition in crypto_spawn_alg - scsi: qla2xxx: Fix unbound NVME response length - NFS: Fix memory leaks and corruption in readdir - NFS: Directory page cache pages need to be locked when read - jbd2_seq_info_next should increase position index - Btrfs: fix missing hole after hole punching and fsync when using NO_HOLES - btrfs: set trans->drity in btrfs_commit_transaction - Btrfs: fix race between adding and putting tree mod seq elements and nodes - [armhf] tegra: Enable PLLP bypass during Tegra124 LP1 - iwlwifi: don't throw error when trying to remove IGTK - mwifiex: fix unbalanced locking in mwifiex_process_country_ie() - sunrpc: expiry_time should be seconds not timeval - gfs2: move setting current->backing_dev_info - gfs2: fix O_SYNC write handling - drm/rect: Avoid division by zero - media: rc: ensure lirc is initialized before registering input device - xen/balloon: Support xend-based toolstack take two - watchdog: fix UAF in reboot notifier handling in watchdog core code - bcache: add readahead cache policy options via sysfs interface - eventfd: track eventfd_signal() recursion depth - aio: prevent potential eventfd recursion on poll - [x86] KVM: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks - [x86] KVM: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks - [x86] KVM: Protect pmu_intel.c from Spectre-v1/L1TF attacks - [x86] KVM: Protect DR-based index computations from Spectre-v1/L1TF attacks - [x86] KVM: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks - [x86] KVM: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF attacks - [x86] KVM: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks - [x86] KVM: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF attacks - [x86] KVM: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks - [x86] KVM: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c - [x86] KVM: Protect x86_decode_insn from Spectre-v1/L1TF attacks - [x86] KVM: Protect MSR-based index computations in fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks - [x86] KVM: Fix potential put_fpu() w/o load_fpu() on MPX platform - [ppc64el] KVM: Book3S HV: Uninit vCPU if vcore creation fails - [ppc64el] KVM: Book3S PR: Free shared page if mmu initialization fails - [x86] kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit (CVE-2019-3016) - [x86] KVM: Don't let userspace set host-reserved cr4 bits - [x86] KVM: Free wbinvd_dirty_mask if vCPU creation fails - [s390x] KVM: do not clobber registers during guest reset/store status - [arm64,armhf] clk: tegra: Mark fuse clock as critical - percpu: Separate decrypted varaibles anytime encryption can be enabled - scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type - scsi: csiostor: Adjust indentation in csio_device_reset - scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free - scsi: ufs: Recheck bkops level if bkops is disabled - [arm64] phy: qualcomm: Adjust indentation in read_poll_timeout - ext2: Adjust indentation in ext2_fill_super - [arm64] drm: msm: mdp4: Adjust indentation in mdp4_dsi_encoder_enable - IB/mlx5: Fix outstanding_pi index for GSI qps - IB/core: Fix ODP get user pages flow - nfsd: fix delay timer on 32-bit architectures - nfsd: fix jiffies/time_t mixup in LRU list - nfsd: Return the correct number of bytes written to the file - ubi: fastmap: Fix inverted logic in seen selfcheck - ubi: Fix an error pointer dereference in error handling code - bonding/alb: properly access headers in bond_alb_xmit() - [armhf] net: dsa: bcm_sf2: Only 7278 supports 2Gb/sec IMP port - [arm64,armhf] net: mvneta: move rx_dropped and rx_errors in per-cpu stats - net_sched: fix a resource leak in tcindex_set_parms() - net/mlx5: IPsec, Fix esp modify function attribute - net/mlx5: IPsec, fix memory leak at mlx5_fpga_ipsec_delete_sa_ctx - [arm64] net: macb: Remove unnecessary alignment check for TSO - [arm64] net: macb: Limit maximum GEM TX length in TSO - [armhf] net: dsa: b53: Always use dev->vlan_enabled in b53_configure_vlan() - ext4: fix deadlock allocating crypto bounce page from mempool - btrfs: use bool argument in free_root_pointers() - btrfs: free block groups after free'ing fs trees - btrfs: flush write bio if we loop in extent_write_cache_pages - [x86] KVM: mmu: Apply max PA check for MMIO sptes to 32-bit KVM - [x86] KVM: Use gpa_t for cr2/gpa to fix TDP support on 32-bit KVM - [x86] KVM: nVMX: vmread should not set rflags to specify success in case of #PF - KVM: Use vcpu-specific gva->hva translation when querying host page size - KVM: Play nice with read-only memslots when querying host page size - mm: zero remaining unavailable struct pages - mm: return zero_resv_unavail optimization - mm/page_alloc.c: fix uninitialized memmaps on a partially populated last section - cifs: fail i/o on soft mounts if sessionsetup errors out - [x86] apic/msi: Plug non-maskable MSI affinity race - clocksource: Prevent double add_timer_on() for watchdog_timer - perf/core: Fix mlock accounting in perf_mmap() - rxrpc: Fix service call disconnection https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.104 - ASoC: pcm: update FE/BE trigger order based on the command - [x86] hv_sock: Remove the accept port restriction - IB/mlx4: Fix memory leak in add_gid error flow - RDMA/netlink: Do not always generate an ACK for some netlink operations - RDMA/core: Fix locking in ib_uverbs_event_read - scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails - PCI/IOV: Fix memory leak in pci_iov_add_virtfn() - ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe - PCI: Don't disable bridge BARs when assigning bus resources - nfs: NFS_SWAP should depend on SWAP - NFS: Revalidate the file size on a fatal write error - NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes() - NFSv4: try lease recovery on NFS4ERR_EXPIRED - [arm64] serial: uartps: Add a timeout to the tx empty wait - [arm64] gpio: zynq: Report gpio direction at boot - spi: spi-mem: Add extra sanity checks on the op param - spi: spi-mem: Fix inverted logic in op sanity check - rtc: cmos: Stop using shared IRQ - [x86] platform/x86: intel_mid_powerbtn: Take a copy of ddata - [powerpc*] pseries/vio: Fix iommu_table use-after-free refcount warning - [powerpc*] pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW - [arm64] iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA - [arm64,armhf] KVM: vgic-its: Fix restoration of unmapped collections - [armel,armhf] 8949/1: mm: mark free_memmap as __init - [arm64] cpufeature: Fix the type of no FP/SIMD capability - [arm64] ptrace: nofpsimd: Fail FP/SIMD regset operations - [arm64,armhf] KVM: Fix young bit from mmu notifier - [arm64,armhf] KVM: Fix DFSR setting for non-LPAE aarch32 guests - [arm64,armhf] KVM: Make inject_abt32() inject an external abort instead - [arm64] KVM: pmu: Don't increment SW_INCR if PMCR.E is unset - mtd: onenand_base: Adjust indentation in onenand_read_ops_nolock - mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() - mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() - libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held - libertas: make lbs_ibss_join_existing() return error code on rates overflow - scsi: megaraid_sas: Do not initiate OCR if controller is not in ready state - [x86] stackframe: Move ENCODE_FRAME_POINTER to asm/frame.h - [x86] x86/stackframe, x86/ftrace: Add pt_regs frame annotations - [arm64] serial: uartps: Move the spinlock after the read of the tx empty - padata: fix null pointer deref of pd->pinst https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.105 - Input: synaptics - switch T470s to RMI4 by default - Input: synaptics - enable SMBus on ThinkPad L470 - Input: synaptics - remove the LEN0049 dmi id from topbuttonpad list - ALSA: usb-audio: Fix UAC2/3 effect unit parsing - ALSA: hda/realtek - Fix silent output on MSI-GL73 - ALSA: usb-audio: Apply sample rate quirk for Audioengine D1 - [arm64] cpufeature: Set the FP/SIMD compat HWCAP bits properly - [arm64] nofpsmid: Handle TIF_FOREIGN_FPSTATE flag cleanly - ALSA: usb-audio: sound: usb: usb true/false for bool return type - ALSA: usb-audio: Add clock validity quirk for Denon MC7000/MCX8000 - ext4: don't assume that mmp_nodename/bdevname have NUL - ext4: fix support for inode sizes > 1024 bytes - ext4: fix checksum errors with indexed dirs - ext4: add cond_resched() to ext4_protect_reserved_inode (CVE-2020-8992) - ext4: improve explanation of a mount failure caused by a misconfigured kernel - Btrfs: fix race between using extent maps and merging them - btrfs: ref-verify: fix memory leaks - btrfs: print message when tree-log replay starts - btrfs: log message when rw remount is attempted with unclean tree-log - [arm64] ssbs: Fix context-switch when SSBS is present on all CPUs - [x86] perf/x86/amd: Add missing L2 misses event spec to AMD Family 17h's event map - nvme: fix the parameter order for nvme_get_log in nvme_get_fw_slot_info - [amd64] IB/hfi1: Acquire lock to release TID entries when user file is closed - [amd64] IB/hfi1: Close window for pq and request coliding - IB/rdmavt: Reset all QPs when the device is shut down - RDMA/core: Fix invalid memory access in spec_filter_size - [amd64] RDMA/hfi1: Fix memory leak in _dev_comp_vect_mappings_create - RDMA/rxe: Fix soft lockup problem due to using tasklets in softirq - RDMA/core: Fix protection fault in get_pkey_idx_qp_list - [s390x] time: Fix clk type in get_tod_clock - [x86] perf/x86/intel: Fix inaccurate period in context switch for auto- reload - NFSv4.1 make cachethis=no for writes - jbd2: move the clearing of b_modified flag to the journal_unmap_buffer() - jbd2: do not clear the BH_Mapped flag when forgetting a metadata buffer - [x86] KVM: mmu: Fix struct guest_walker arrays for 5-level paging https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.106 - core: Don't skip generic XDP program execution for cloned SKBs - enic: prevent waking up stopped tx queues over watchdog reset - net/smc: fix leak of kernel memory to user space - net/sched: matchall: add missing validation of TCA_MATCHALL_FLAGS - net/sched: flower: add missing validation of TCA_FLOWER_FLAGS - [x86] KVM: nVMX: Use correct root level for nested EPT shadow page tables - [x86] drm/gma500: Fixup fbdev stolen size usage evaluation - cpu/hotplug, stop_machine: Fix stop_machine vs hotplug order - brcmfmac: Fix use after free in brcmf_sdio_readframes() - ext4: fix ext4_dax_read/write inode locking sequence for IOCB_NOWAIT - ALSA: ctl: allow TLV read operation for callback type of element in locked case - [powerpc*] powernv/iov: Ensure the pdn for VFs always contains a valid PE number - [amd64] iommu/vt-d: Fix off-by-one in PASID allocation - [x86] pinctrl: baytrail: Do not clear IRQ flags on direct-irq enabled pins - [x86] efi: Map the entire EFI vendor string before copying it - [mips64el,mipsel] Loongson: Fix potential NULL dereference in loongson3_platform_init() - [arm*] usb: dwc2: Fix IN FIFO allocation - [armel,armhf] clocksource/drivers/bcm2835_timer: Fix memory leak of timer - jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info when load journal - [armhf] pwm: omap-dmtimer: Simplify error handling - [s390x] pci: Fix possible deadlock in recover_store() - [powerpc*] iov: Move VF pdev fixup into pcibios_fixup_iov() - tracing: Fix tracing_stat return values in error handling paths - tracing: Fix very unlikely race of registering two stat tracers - ext4, jbd2: ensure panic when aborting with zero errno - ath10k: Correct the DMA direction for management tx buffers - nbd: add a flush_workqueue in nbd_start_device - [s390x] KVM: ENOTSUPP -> EOPNOTSUPP fixups - [arm64] clk: qcom: rcg2: Don't crash if our parent can't be found; return an error - drm/amdgpu: remove 4 set but not used variable in amdgpu_atombios_get_connector_info_from_object_table - [arm64,armhf] regulator: rk808: Lower log level on optional GPIOs being not available - NFC: port100: Convert cpu_to_le16(le16_to_cpu(E1) + E2) to use le16_add_cpu(). - selinux: fall back to ref-walk if audit is required - selinux: ensure we cleanup the internal AVC counters on error in avc_insert() - media: cx23885: Add support for AVerMedia CE310B - PCI: Add generic quirk for increasing D3hot delay - PCI: Increase D3 delay for AMD Ryzen5/7 XHCI controllers - media: v4l2-device.h: Explicitly compare grp{id,mask} to zero in v4l2_device macros - reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling - fore200e: Fix incorrect checks of NULL pointer dereference - netfilter: nft_tunnel: add the missing ERSPAN_VERSION nla_policy - ALSA: usx2y: Adjust indentation in snd_usX2Y_hwdep_dsp_status - orinoco: avoid assertion in case of NULL pointer - ACPICA: Disassembler: create buffer fields in ACPI_PARSE_LOAD_PASS1 - scsi: ufs: Complete pending requests in host reset and restore path - scsi: aic7xxx: Adjust indentation in ahc_find_syncrate - selinux: ensure we cleanup the internal AVC counters on error in avc_update() - dmaengine: Store module owner in dma_device struct - [arm64] clk: sunxi-ng: add mux and pll notifiers for A64 CPU clock - tools lib api fs: Fix gcc9 stringop-truncation compilation error - [x86] ACPI: button: Add DMI quirk for Razer Blade Stealth 13 late 2019 lid switch - mlx5: work around high stack usage with gcc - drm: remove the newline for CRC source name. - usbip: Fix unsafe unaligned pointer usage - udf: Fix free space reporting for metadata and virtual partitions - staging: rtl8188: avoid excessive stack usage - [amd64] IB/hfi1: Add software counter for ctxt0 seq drop - [armhf] soc/tegra: fuse: Correct straps' address for older Tegra124 device trees - [x86] efi: Don't panic or BUG() on non-critical error conditions - rcu: Use WRITE_ONCE() for assignments to ->pprev for hlist_nulls - [x86] nmi: Remove irq_work from the long duration NMI handler - driver core: platform: Prevent resouce overflow from causing infinite loops - driver core: Print device when resources present in really_probe() - bpf: Return -EBADRQC for invalid map type in __bpf_tx_xdp_map - drm/nouveau/secboot/gm20b: initialize pointer in gm20b_secboot_new() - drm/nouveau/gr/gk20a,gm200-: add terminators to method lists read from fw - drm/nouveau: Fix copy-paste error in nouveau_fence_wait_uevent_handler - drm/nouveau/fault/gv100-: fix memory leak on module unload - [x86] drm/vmwgfx: prevent memory leak in vmw_cmdbuf_res_add - [armhf] usb: musb: omap2430: Get rid of musb .set_vbus for omap2430 glue - [arm64] iommu/arm-smmu-v3: Use WRITE_ONCE() when changing validity of an STE - f2fs: set I_LINKABLE early to avoid wrong access by vfs - f2fs: free sysfs kobject - scsi: iscsi: Don't destroy session if there are outstanding connections - watchdog/softlockup: Enforce that timestamp is valid on boot - f2fs: fix memleak of kobject - [x86] mm: Fix NX bit clearing issue in kernel_map_pages_in_pgd - [armhf] pwm: omap-dmtimer: Remove PWM chip in .remove before making it unfunctional - btrfs: fix possible NULL-pointer dereference in integrity checks - btrfs: safely advance counter when looking up bio csums - btrfs: device stats, log when stats are zeroed - module: avoid setting info->name early in case we can fall back to info->mod->name - ALSA: hda/hdmi - add retry logic to parse_intel_hdmi() - driver core: platform: fix u32 greater or equal to zero comparison - ALSA: hda - Add docking station support for Lenovo Thinkpad T420s - drm/nouveau/mmu: fix comptag memory leak - [powerpc*] sriov: Remove VF eeh_dev state when disabling SR-IOV - bcache: cached_dev_free needs to put the sb page - [amd64] iommu/vt-d: Remove unnecessary WARN_ON_ONCE() - jbd2: switch to use jbd2_journal_abort() when failed to submit the commit record - jbd2: make sure ESHUTDOWN to be recorded in the journal superblock - iwlegacy: ensure loop counter addr does not wrap and cause an infinite loop - cifs: fix NULL dereference in match_prepath - bpf: map_seq_next should always increase position index - ceph: check availability of mds cluster on mount after wait timeout - [arm64,armhf] irqchip/gic-v3: Only provision redistributors that are enabled in ACPI - drm/nouveau/disp/nv50-: prevent oops when no channel method map provided - ftrace: fpid_next() should increase position index - trigger_next should increase position index - radeon: insert 10ms sleep in dce5_crtc_load_lut - ocfs2: fix a NULL pointer dereference when call ocfs2_update_inode_fsync_trans() - reiserfs: prevent NULL pointer dereference in reiserfs_insert_item() - bcache: explicity type cast in bset_bkey_last() - [arm64,armhf] irqchip/gic-v3-its: Reference to its_invall_cmd descriptor when building INVALL - iwlwifi: mvm: Fix thermal zone registration - brd: check and limit max_part par - NFS: Fix memory leaks - help_next should increase position index - cifs: log warning message (once) if out of disk space - virtio_balloon: prevent pfn array overflow https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.107 - [arm64] iommu/qcom: Fix bogus detach logic - ALSA: hda: Use scnprintf() for printing texts for sysfs/procfs - [x86] ALSA: hda/realtek - Apply quirk for MSI GP63, too - [x86] ALSA: hda/realtek - Apply quirk for yet another MSI laptop - [armhf] ASoC: sun8i-codec: Fix setting DAI data format - ecryptfs: fix a memory leak bug in parse_tag_1_packet() - ecryptfs: fix a memory leak bug in ecryptfs_init_messaging() - [x86] thunderbolt: Prevent crash if non-active NVMem file is read - USB: misc: iowarrior: add support for 2 OEMed devices - USB: misc: iowarrior: add support for the 28 and 28L devices - USB: misc: iowarrior: add support for the 100 device - floppy: check FDC index for errors before assigning it (CVE-2020-9383) - vt: fix scrollback flushing on background consoles - vt: selection, handle pending signals in paste_selection - vt: vt_ioctl: fix race in VT_RESIZEX - [arm*] staging: android: ashmem: Disallow ashmem memory from being remapped (CVE-2020-0009) - [x86] staging: vt6656: fix sign of rx_dbm to bb_pre_ed_rssi. - xhci: Force Maximum Packet size for Full-speed bulk devices to valid range. - xhci: fix runtime pm enabling for quirky Intel hosts - xhci: Fix memory leak when caching protocol extended capability PSI tables - take 2 - usb: host: xhci: update event ring dequeue pointer on purpose - USB: core: add endpoint-blacklist quirk - USB: quirks: blacklist duplicate ep on Sound Devices USBPre2 - usb: uas: fix a plug & unplug racing - USB: Fix novation SourceControl XL after suspend - USB: hub: Don't record a connect-change event during reset-resume - USB: hub: Fix the broken detection of USB3 device in SMSC hub - [arm*] usb: dwc2: Fix SET/CLEAR_FEATURE and GET_STATUS flows - [arm64,armhf] usb: dwc3: gadget: Check for IOC/LST bit in TRB->ctrl fields - staging: rtl8188eu: Fix potential security hole - staging: rtl8188eu: Fix potential overuse of kernel memory - staging: rtl8723bs: Fix potential security hole - staging: rtl8723bs: Fix potential overuse of kernel memory - [powerpc*] tm: Fix clearing MSR[TS] in current when reclaiming on signal delivery - jbd2: fix ocfs2 corrupt when clearing block group bits - [x86] mce/amd: Publish the bank pointer only after setup has succeeded - [x86] mce/amd: Fix kobject lifetime - [x86] cpu/amd: Enable the fixed Instructions Retired counter IRPERF - serial: 8250: Check UPF_IRQ_SHARED in advance - [armhf] tty: serial: imx: setup the correct sg entry for tx dma - serdev: ttyport: restore client ops on deregistration - Revert "ipc,sem: remove uneeded sem_undo_list lock usage in exit_sem()" - mm/memcontrol.c: lost css_put in memcg_expand_shrinker_maps() - nvme-multipath: Fix memory leak with ana_log_buf - genirq/irqdomain: Make sure all irq domain flags are distinct - mm/vmscan.c: don't round up scan size for online memory cgroup - drm/amdgpu/soc15: fix xclk for raven - [x86] xhci: apply XHCI_PME_STUCK_QUIRK to Intel Comet Lake platforms - [x86] KVM: nVMX: Don't emulate instructions in guest mode (CVE-2020-2732) - [x86] KVM: don't notify userspace IOAPIC on edge-triggered interrupt EOI - drm/nouveau/kms/gv100-: Re-set LUT after clearing for modesets - ext4: fix a data race in EXT4_I(inode)->i_disksize - ext4: add cond_resched() to __ext4_find_entry() - ext4: fix potential race between online resizing and write operations - ext4: fix potential race between s_group_info online resizing and access - ext4: fix potential race between s_flex_groups online resizing and access - ext4: fix mount failure with quota configured as module - ext4: rename s_journal_flag_rwsem to s_writepages_rwsem - ext4: fix race between writepages and enabling EXT4_EXTENTS_FL - [x86] KVM: nVMX: Refactor IO bitmap checks into helper function - [x86] KVM: nVMX: Check IO instruction VM-exit conditions - [x86] KVM: nVMX: handle nested posted interrupts when apicv is disabled for L1 - [x86] KVM: apic: avoid calculating pending eoi from an uninitialized val - btrfs: fix bytes_may_use underflow in prealloc error condtition - btrfs: reset fs_root to NULL on error in open_ctree - btrfs: do not check delayed items are empty for single transaction cleanup - Btrfs: fix btrfs_wait_ordered_range() so that it waits for all ordered extents - scsi: Revert "target: iscsi: Wait for all commands to finish before freeing a session" - usb: gadget: composite: Fix bMaxPower for SuperSpeedPlus - [arm*] usb: dwc2: Fix in ISOC request length checking - staging: rtl8723bs: fix copy of overlapping memory - ecryptfs: replace BUG_ON with error handling code - genirq/proc: Reject invalid affinity masks (again) - bpf, offload: Replace bitwise AND by logical AND in bpf_prog_offload_info_fill - ALSA: seq: Avoid concurrent access to queue flags - ALSA: seq: Fix concurrent access to queue current tick/time - netfilter: xt_hashlimit: limit the max size of hashtable - rxrpc: Fix call RCU cleanup using non-bh-safe locks - ata: ahci: Add shutdown to freeze hardware resources of ahci - xen: Enable interrupts when calling _cond_resched() - [s390x] mm: Explicitly compare PAGE_DEFAULT_KEY against zero in storage_key_init_range https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.108 - [arm64,armhf] irqchip/gic-v3-its: Fix misuse of GENMASK macro - iwlwifi: pcie: fix rb_allocator workqueue allocation - ipmi:ssif: Handle a possible NULL pointer reference - [arm64] drm/msm: Set dma maximum segment size for mdss - dax: pass NOWAIT flag to iomap_apply - mac80211: consider more elements in parsing CRC - cfg80211: check wiphy driver existence for drvinfo report - [s390x] zcrypt: fix card and queue total counter wrap - qmi_wwan: re-add DW5821e pre-production variant - qmi_wwan: unconditionally reject 2 ep interfaces - [arm64] soc/tegra: fuse: Fix build with Tegra194 configuration - net: ena: fix potential crash when rxfh key is NULL - net: ena: fix uses of round_jiffies() - net: ena: add missing ethtool TX timestamping indication - net: ena: fix incorrect default RSS key - net: ena: rss: fix failure to get indirection table - net: ena: rss: store hash function as values and not bits - net: ena: fix incorrectly saving queue numbers when setting RSS indirection table - net: ena: ethtool: use correct value for crc32 hash - net: ena: ena-com.c: prevent NULL pointer dereference - cifs: Fix mode output in debugging statements - cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE - sysrq: Restore original console_loglevel when sysrq disabled - sysrq: Remove duplicated sysrq message - net: fib_rules: Correctly set table field when table number exceeds 8 bits - net: sched: correct flower port blocking - sctp: move the format error check out of __sctp_sf_do_9_1_abort - ipv6: Fix route replacement with dev-only route - ipv6: Fix nlmsg_flags when splitting a multipath route - qede: Fix race between rdma destroy workqueue and link change event - ext4: potential crash on allocation error in ext4_alloc_flex_bg_array() - audit: fix error handling in audit_data_to_entry() - ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro - [arm64,x86] ACPI: watchdog: Fix gas->access_width usage - [x86] KVM: VMX: check descriptor table exits on instruction emulation - HID: ite: Only bind to keyboard USB interface on Acer SW5-012 keyboard dock - HID: core: fix off-by-one memset in hid_report_raw_event() - HID: core: increase HID report buffer size to 8KiB - tracing: Disable trace_printk() on post poned tests - Revert "PM / devfreq: Modify the device name as devfreq(X) for sysfs" - amdgpu/gmc_v9: save/restore sdpif regs during S3 - vhost: Check docket sk_family instead of call getname (CVE-2020-10942) - HID: alps: Fix an error handling path in 'alps_input_configured()' - HID: hiddev: Fix race in in hiddev_disconnect() - [x86] hv_netvsc: Fix unwanted wakeup in netvsc_attach() - [s390x] qeth: vnicc Fix EOPNOTSUPP precedence - net: netlink: cap max groups which will be considered in netlink_bind() - [amd64] net: atlantic: fix use after free kasan warn - [amd64] net: atlantic: fix potential error handling - net/smc: no peer ID in CLC decline for SMCD - net: ena: make ena rxfh support ETH_RSS_HASH_NO_CHANGE - namei: only return -ECHILD from follow_dotdot_rcu() - mwifiex: drop most magic numbers from mwifiex_process_tdls_action_frame() - [x86] KVM: SVM: Override default MMIO mask if memory encryption is enabled - KVM: Check for a bad hva before dropping into the ghc slow path - sched/fair: Optimize update_blocked_averages() - sched/fair: Fix O(nr_cgroups) in the load balancing path - perf stat: Use perf_evsel__is_clocki() for clock events - perf stat: Fix shadow stats for clock events - [arm64] drivers: net: xgene: Fix the order of the arguments of 'alloc_etherdev_mqs()' - kprobes: Set unoptimized flag after unoptimizing code - [armhf] pwm: omap-dmtimer: put_device() after of_find_device_by_node() - perf hists browser: Restore ESC as "Zoom out" of DSO/thread/etc - [x86] KVM: Remove spurious kvm_mmu_unload() from vcpu destruction path - [x86] KVM: Remove spurious clearing of async #PF MSR - netfilter: nft_tunnel: no need to call htons() when dumping ports - mm/huge_memory.c: use head to check huge zero page - mm, thp: fix defrag setting if newline is not used - audit: always check the netlink payload length in audit_receive_msg() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.109 - [x86] EDAC/amd64: Set grain per DIMM - ALSA: hda/realtek - Fix a regression for mute led on Lenovo Carbon X1 - [armhf] net: dsa: bcm_sf2: Forcibly configure IMP port for 1Gb/sec - kprobes: Fix optimize_kprobe()/unoptimize_kprobe() cancellation logic - [x86] ALSA: hda: do not override bus codec_mask in link_get() - usb: gadget: composite: Support more than 500mA MaxPower - usb: gadget: ffs: ffs_aio_cancel(): Save/restore IRQ flags - usb: gadget: serial: fix Tx stall after buffer overflow - [arm64] drm/msm/mdp5: rate limit pp done timeout warnings - [arm64] drm: msm: Fix return type of dsi_mgr_connector_mode_valid for kCFI - scsi: megaraid_sas: silence a warning - [arm64] drm/msm/dsi: save pll state before dsi host is powered off - [arm64] drm/msm/dsi/pll: call vco set rate explicitly - [armhf] net: dsa: b53: Ensure the default VID is untagged - [s390x] cio: cio_ignore_proc_seq_next should increase position index - [s390x] qdio: fill SL with absolute addresses - ice: Don't tell the OS that link is going down - [arm64] net: thunderx: workaround BGX TX Underflow issue - ALSA: hda/realtek - Add Headset Mic supported - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master - cifs: don't leak -EAGAIN for stat() during reconnect - usb: storage: Add quirk for Samsung Fit flash - usb: quirks: add NO_LPM quirk for Logitech Screen Share - [arm64,armhf] usb: dwc3: gadget: Update chain bit correctly when using sg list - usb: core: hub: fix unhandled return by employing a void function - usb: core: hub: do error out if usb_autopm_get_interface() fails - usb: core: port: do error out if usb_autopm_get_interface() fails - vgacon: Fix a UAF in vgacon_invert_region (CVE-2020-8647, CVE-2020-8649) - mm, numa: fix bad pmd by atomically check for pmd_trans_huge when marking page tables prot_numa - mm: fix possible PMD dirty bit lost in set_pmd_migration_entry() - fat: fix uninit-memory access for partial initialized inode - [arm64] tty:serial:mvebu-uart:fix a wrong return - serial: 8250_exar: add support for ACCES cards - vt: selection, close sel_buffer race (CVE-2020-8648) - vt: selection, push console lock down - vt: selection, push sel_lock up - [arm64,armhf] media: v4l2-mem2mem.c: fix broken links - [x86] pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes - [arm64,armhf] dmaengine: tegra-apb: Fix use-after-free - [arm64,armhf] dmaengine: tegra-apb: Prevent race conditions of tasklet vs free list - dm cache: fix a crash due to incorrect work item cancelling - dm: report suspended device during destroy - dm writecache: verify watermark during resume - [x86] ASoC: topology: Fix memleak in soc_tplg_link_elems_load() - [x86] ASoC: topology: Fix memleak in soc_tplg_manifest_load() - [x86] ASoC: intel: skl: Fix pin debug prints - [x86] ASoC: intel: skl: Fix possible buffer overflow in debug outputs - [armhf] dmaengine: imx-sdma: remove dma_slave_config direction usage and leave sdma_event_enable() - ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output - ASoC: dapm: Correct DAPM handling of active widgets during shutdown - [armhf] drm/sun4i: Fix DE2 VI layer format support - [armhf] drm/sun4i: de2/de3: Remove unsupported VI layer formats - RDMA/iwcm: Fix iwcm work deallocation - RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen() - [amd64] IB/hfi1, qib: Ensure RCU is locked when accessing list - [armhf] ARM: imx: build v7_cpu_resume() unconditionally - hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT() - [powerpc*] fix hardware PMU exception bug on PowerVM compatibility mode systems - [amd64] efi/x86: Align GUIDs to their size in the mixed mode runtime wrapper - [amd64] efi/x86: Handle by-ref arguments covering multiple pages in mixed mode - dm integrity: fix a deadlock due to offloading to an incorrect workqueue - scsi: pm80xx: Fixed kernel panic during error recovery for SATA drive https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.110 - [x86] KVM: SVM: fix up incorrect backport https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.111 - phy: Revert toggling reset changes. - net: phy: Avoid multiple suspends - cgroup, netclassid: periodically release file_lock on classid updating - gre: fix uninit-value in __iptunnel_pull_header - inet_diag: return classid for all socket types - ipv6/addrconf: call ipv6_mc_up() for non-Ethernet interface - ipvlan: add cond_resched_rcu() while processing muticast backlog - ipvlan: do not add hardware address of master to its unicast filter list - ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast() - ipvlan: don't deref eth hdr before checking it's set - net/ipv6: use configured metric when add peer route - netlink: Use netlink header as base to calculate bad attribute offset - net: macsec: update SCI upon MAC address change. - net: nfc: fix bounds checking bugs on "pipe" - net/packet: tpacket_rcv: do not increment ring index on drop - [arm64,armhf] net: stmmac: dwmac1000: Disable ACS if enhanced descs are not used - r8152: check disconnect status after long sleep - sfc: detach from cb_page in efx_copy_channel() - bnxt_en: reinitialize IRQs when MTU is modified - cgroup: memcg: net: do not associate sock with unrelated cgroup - net: memcg: late association of sock to memcg - net: memcg: fix lockdep splat in inet_csk_accept() - devlink: validate length of param values - nl802154: add missing attribute validation - nl802154: add missing attribute validation for dev_type - can: add missing attribute validation for termination - macsec: add missing attribute validation for port - net: fq: add missing attribute validation for orphan mask - team: add missing attribute validation for port ifindex - team: add missing attribute validation for array index - nfc: add missing attribute validation for SE API - nfc: add missing attribute validation for deactivate target - nfc: add missing attribute validation for vendor subcommand - net: phy: fix MDIO bus PM PHY resuming - net/ipv6: need update peer route when modify metric - net/ipv6: remove the old peer route if change it to a new one - tipc: add missing attribute validation for MTU property - devlink: validate length of region addr/len - bonding/alb: make sure arp header is pulled before accessing it - slip: make slhc_compress() more robust against malicious packets - [armhf] net: fec: validate the new settings in fec_enet_set_coalesce() - macvlan: add cond_resched() during multicast processing - cgroup: cgroup_procs_next should increase position index - cgroup: Iterate tasks that did not finish do_exit() - iwlwifi: mvm: Do not require PHY_SKU NVM section for 3168 devices - virtio-blk: fix hw_queue stopped on arbitrary error - [amd64] iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn + add_taint - netfilter: nf_conntrack: ct_cpu_seq_next should increase position index - netfilter: synproxy: synproxy_cpu_seq_next should increase position index - netfilter: xt_recent: recent_seq_next should increase position index - netfilter: x_tables: xt_mttg_seq_next should increase position index - workqueue: don't use wq_select_unbound_cpu() for bound works - drm/amd/display: remove duplicated assignment to grph_obj_type - cifs_atomic_open(): fix double-put on late allocation failure - gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache - [x86] KVM: clear stale x86_emulate_ctxt->intercept value - efi: Fix a race and a buffer overflow while reading efivars via sysfs - efi: Make efi_rts_work accessible to efi page fault handler - mt76: fix array overflow on receiving too many fragments for a packet - [x86] mce: Fix logic and comments around MSR_PPIN_CTL - [arm64] iommu/dma: Fix MSI reservation allocation - [amd64] iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint - [amd64] iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page - batman-adv: Don't schedule OGM for disabled interface - [arm64] pinctrl: meson-gxl: fix GPIOX sdio pins - pinctrl: core: Remove extra kref_get which blocks hogs being freed - [arm64,armhf] i2c: gpio: suppress error on probe defer - nl80211: add missing attribute validation for critical protocol indication - nl80211: add missing attribute validation for beacon report scanning - nl80211: add missing attribute validation for channel switch - perf bench futex-wake: Restore thread count default to online CPU count - netfilter: cthelper: add missing attribute validation for cthelper - netfilter: nft_payload: add missing attribute validation for payload csum flags - netfilter: nft_tunnel: add missing attribute validation for tunnels - [amd64] iommu/vt-d: Fix the wrong printing in RHSA parsing - [amd64] iommu/vt-d: Ignore devices with out-of-spec domain number - [arm64,x86] i2c: acpi: put device when verifying client fails - ipv6: restrict IPV6_ADDRFORM operation - net/smc: check for valid ib_client_data - net/smc: cancel event worker during device removal - efi: Add a sanity check to efivar_store_raw() - batman-adv: Avoid free/alloc race when handling OGM2 buffer https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.112 - [x86] perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT flag - [armhf] mmc: sdhci-omap: Add platform specific reset callback - [armhf] mmc: sdhci-omap: Workaround errata regarding SDR104/HS200 tuning failures (i929) - ACPI: watchdog: Allow disabling WDAT at boot - HID: apple: Add support for recent firmware on Magic Keyboards - [x86] HID: i2c-hid: add Trekstor Surfbook E11B to descriptor override - cfg80211: check reg_rule for NULL in handle_channel_custom() - scsi: libfc: free response frame from GPN_ID - net: usb: qmi_wwan: restore mtu min/max values after raw_ip switch - mac80211: rx: avoid RCU list traversal under mutex - signal: avoid double atomic counter increments for user accounting - slip: not call free_netdev before rtnl_unlock in slip_open - [x86,arm64] hinic: fix a irq affinity bug - [x86,arm64] hinic: fix a bug of setting hw_ioctxt - sfc: fix timestamp reconstruction at 16-bit rollover points - jbd2: fix data races at struct journal_head - [armhf] mmc: sdhci-omap: Don't finish_mrq() on a command error during tuning - [armhf] mmc: sdhci-omap: Fix Tuning procedure for temperatures < -20C - driver core: Remove the link if there is no driver with AUTO flag - driver core: Fix adding device links to probing suppliers - driver core: Make driver core own stateful device links - driver core: Add device link flag DL_FLAG_AUTOPROBE_CONSUMER - driver core: Remove device link creation limitation - driver core: Fix creation of device links with PM-runtime flags - mm: slub: add missing TID bump in kmem_cache_alloc_bulk() - efi: Fix debugobjects warning on 'efi_rts_work' https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.113 - [arm64] spi: qup: call spi_qup_pm_resume_runtime before suspending - [amd64] spi: pxa2xx: Add CS control clock quirk - [armhf] drm/exynos: dsi: fix workaround for the legacy clock name - [arm64] drivers/perf: arm_pmu_acpi: Fix incorrect checking of gicc pointer - dm bio record: save/restore bi_end_io and bi_integrity - dm integrity: use dm_bio_record and dm_bio_restore - xenbus: req->body should be updated before req->state - xenbus: req->err should be updated before req->state - block, bfq: fix overwrite of bfq_group pointer in bfq_find_set_group() - USB: Disable LPM on WD19's Realtek Hub - usb: quirks: add NO_LPM quirk for RTL8153 based ethernet adapters - USB: serial: option: add ME910G1 ECM composition 0x110b - [arm64,armhf] usb: host: xhci-plat: add a shutdown - USB: serial: pl2303: add device-id for HP LD381 - [x86] usb: xhci: apply XHCI_SUSPEND_DELAY to AMD XHCI controller 1022:145c - ALSA: line6: Fix endless MIDI read loop - ALSA: seq: virmidi: Fix running status after receiving sysex - ALSA: seq: oss: Fix running status after receiving sysex - ALSA: pcm: oss: Avoid plugin buffer overflow - ALSA: pcm: oss: Remove WARNING from snd_pcm_plug_alloc() checks - [armhf] iio: st_sensors: remap SMO8840 to LIS2DH12 - mmc: rtsx_pci: Fix support for speed-modes that relies on tuning - staging: rtl8188eu: Add device id for MERCUSYS MW150US v2 - staging/speakup: fix get_word non-space look-ahead - [x86] intel_th: Fix user-visible error codes - [x86] intel_th: pci: Add Elkhart Lake CPU support - xhci: Do not open code __print_symbolic() in xhci trace events - btrfs: fix log context list corruption after rename whiteout error - drm/amd/amdgpu: Fix GPR read from debugfs (v2) - drm/lease: fix WARNING in idr_destroy - memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event - mm: slub: be more careful about the double cmpxchg of freelist - mm, slub: prevent kmalloc_node crashes and memory leaks - page-flags: fix a crash at SetPageError(THP_SWAP) - [x86] mm: split vmalloc_sync_all() (Closes: #953017) - USB: cdc-acm: fix close_delay and closing_wait units in TIOCSSERIAL - USB: cdc-acm: fix rounding error in TIOCSSERIAL - futex: Fix inode life-time issue - futex: Unbreak futex hashing - Revert "vrf: mark skb for multicast or link-local as enslaved to VRF" - Revert "ipv6: Fix handling of LLA with VRF and sockets bound to VRF" - ALSA: hda/realtek: Fix pop noise on ALC225 - [arm64] smp: fix smp_send_stop() behaviour - [arm64] smp: fix crash_smp_send_stop() behaviour - [arm64,armhf] drm/bridge: dw-hdmi: fix AVI frame colorimetry https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.114 - mmc: core: Allow host controllers to require R1B for CMD6 - mmc: core: Respect MMC_CAP_NEED_RSP_BUSY for erase/trim/discard - mmc: core: Respect MMC_CAP_NEED_RSP_BUSY for eMMC sleep command - [armhf] mmc: sdhci-omap: Fix busy detection by enabling MMC_CAP_NEED_RSP_BUSY - [arm64,armhf] mmc: sdhci-tegra: Fix busy detection by enabling MMC_CAP_NEED_RSP_BUSY - geneve: move debug check after netdev unregister - macsec: restrict to ethernet devices - net: cbs: Fix software cbs to consider packet sending time - [armhf] net: dsa: Fix duplicate frames flooded by learning - [arm64,armhf] net: mvneta: Fix the case where the last poll did not process all rx - net/packet: tpacket_rcv: avoid a producer race condition - net: qmi_wwan: add support for ASKEY WWHC050 - net_sched: cls_route: remove the right filter from hashtable - net_sched: keep alloc_hash updated after hash allocation - [arm64,armhf] net: stmmac: dwmac-rk: fix error path in rk_gmac_probe - slcan: not call free_netdev before rtnl_unlock in slcan_open - bnxt_en: fix memory leaks in bnxt_dcbnl_ieee_getets() - bnxt_en: Reset rings if ring reservation fails during open() - net: ip_gre: Separate ERSPAN newlink / changelink callbacks - net: ip_gre: Accept IFLA_INFO_DATA-less configuration - r8169: re-enable MSI on RTL8168c - tcp: repair: fix TCP_QUEUE_SEQ implementation - vxlan: check return value of gro_cells_init() - cgroup-v1: cgroup_pidlist_next should update position index - nfs: add minor version to nfs_server_key for fscache - drivers/of/of_mdio.c:fix of_mdiobus_register() - cgroup1: don't call release_agent when it is "" - [s390x] qeth: handle error when backing RX buffer - scsi: ipr: Fix softlockup when rescanning devices in petitboot - mac80211: Do not send mesh HWMP PREQ if HWMP is disabled - [x86] ftrace: Anotate text_mutex split between ftrace_arch_code_modify_post_process() and ftrace_arch_code_modify_prepare() - [x86] Input: synaptics - enable RMI on HP Envy 13-ad105ng - Input: avoid BIT() macro usage in the serio.h UAPI header - ceph: check POOL_FLAG_FULL/NEARFULL in addition to OSDMAP_FULL/NEARFULL - perf probe: Do not depend on dwfl_module_addrsym() - scsi: sd: Fix optimal I/O size for devices that change reported values - nl80211: fix NL80211_ATTR_CHANNEL_WIDTH attribute type - mac80211: mark station unauthorized before key removal - [x86] gpiolib: acpi: Correct comment for HP x2 10 honor_wakeup quirk - gpiolib: acpi: Rework honor_wakeup option into an ignore_wake option - [x86] gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 BYT + AXP288 model - genirq: Fix reference leaks on irq affinity notifiers - xfrm: handle NETDEV_UNREGISTER for xfrm device - vti[6]: fix packet tx through bpf_redirect() in XinY cases - RDMA/mlx5: Block delay drop to unprivileged users - xfrm: fix uctx len check in verify_sec_ctx_len - xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire - xfrm: policy: Fix doulbe free in xfrm_policy_timer - afs: Fix some tracing details - netfilter: flowtable: reload ip{v6}h in nf_flow_tuple_ip{v6} - netfilter: nft_fwd_netdev: validate family and chain type - bpf/btf: Fix BTF verification of enum members in struct/union - vti6: Fix memory leak of skb if input policy check fails - mac80211: add option for setting control flags - mac80211: set IEEE80211_TX_CTRL_PORT_CTRL_PROTO for nl80211 TX - USB: serial: option: add support for ASKEY WWHC050 - USB: serial: option: add BroadMobi BM806U - USB: serial: option: add Wistron Neweb D19Q1 - USB: cdc-acm: restore capability check order - USB: serial: io_edgeport: fix slab-out-of-bounds read in edge_interrupt_callback - [arm64,armhf] usb: musb: fix crash with highmen PIO and usbmon - media: flexcop-usb: fix endpoint sanity check - media: usbtv: fix control-message timeouts - staging: rtl8188eu: Add ASUS USB-N10 Nano B1 to device table - [x86] ahci: Add Intel Comet Lake H RAID PCI ID - libfs: fix infoleak in simple_attr_read() - media: ov519: add missing endpoint sanity checks (CVE-2020-11608) - media: dib0700: fix rc endpoint lookup - media: stv06xx: add missing descriptor sanity checks (CVE-2020-11609) - media: xirlink_cit: add missing descriptor sanity checks (CVE-2020-11668) - mac80211: Check port authorization in the ieee80211_tx_dequeue() case - mac80211: fix authentication with iwlwifi/mvm - vt: selection, introduce vc_is_sel - vt: ioctl, switch VT_IS_IN_USE and VT_BUSY to inlines - vt: switch vt_dont_switch to bool - vt: vt_ioctl: remove unnecessary console allocation checks - vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console - vt: vt_ioctl: fix use-after-free in vt_in_use() - [x86] platform: pmc_atom: Add Lex 2I385SW to critclk_systems DMI table - bpf: Explicitly memset the bpf_attr structure - bpf: Explicitly memset some bpf info structures declared on the stack - [x86] gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 CHT + AXP288 model - perf map: Fix off by one in strncpy() size argument - [armel] bcm2835-rpi-zero-w: Add missing pinctrl name - [armhf] dts: N900: fix onenand timings https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.115 - ipv4: fix a RCU-list lock in fib_triestat_seq_show - net, ip_tunnel: fix interface lookup with no key - sctp: fix refcount bug in sctp_wfree - sctp: fix possibly using a bad saddr with a given dst - nvme-rdma: Avoid double freeing of async event data - drm/bochs: downgrade pci_request_region failure from error to warning - drm/amdgpu: fix typo for vcn1 idle check - [x86] tools/power turbostat: Fix gcc build warnings - [x86] tools/power turbostat: Fix missing SYS_LPI counter on some Chromebooks - [armhf] drm/etnaviv: replace MMU flush marker with flush sequence - media: rc: IR signal for Panasonic air conditioner too long - misc: rtsx: set correct pcr_ops for rts522A - [x86] mei: me: add cedar fork device ids - ALSA: hda/ca0132 - Add Recon3Di quirk to handle integrated sound on EVGA X99 Classified motherboard - rxrpc: Fix sendmsg(MSG_WAITALL) handling - net: Fix Tx hash bound checking - padata: always acquire cpu_hotplug_lock before pinst->lock - mm: mempolicy: require at least one nodeid for MPOL_PREFERRED (CVE-2020-11565) - ipv6: don't auto-add link-local address to lag ports - [armhf] net: dsa: bcm_sf2: Do not register slave MDIO bus with OF - [armhf] net: dsa: bcm_sf2: Ensure correct sub-node is parsed - net: phy: micrel: kszphy_resume(): add delay after genphy_resume() before accessing PHY registers - [arm64,armhf] net: stmmac: dwmac1000: fix out-of-bounds mac address reg setting - slcan: Don't transmit uninitialized stack data in padding (CVE-2020-11494) - random: always use batched entropy for get_random_u{32,64} - [arm64,armhf] usb: dwc3: gadget: Wrap around when skip TRBs - [armhf] hwrng: imx-rngc - fix an error path - [amd64] IB/hfi1: Call kobject_put() when kobject_init_and_add() fails - [amd64] IB/hfi1: Fix memory leaks in sysfs registration and unregistration - ceph: remove the extra slashes in the server path - ceph: canonicalize server path in place - RDMA/ucma: Put a lock around every call to the rdma_cm layer - RDMA/cma: Teach lockdep about the order of rtnl and lock - Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl - RDMA/cm: Update num_paths in cma_resolve_iboe_route error flow - fbcon: fix null-ptr-deref in fbcon_switch - [arm64] clk: qcom: rcg: Return failure for RCG update - [arm64] drm/msm: stop abusing dma_map/unmap for cache - [arm64] Fix size of __early_cpu_boot_status - [arm64] rpmsg: glink: Remove chunk size word align warning - [arm64,armhf] usb: dwc3: don't set gadget->is_otg flag - drm_dp_mst_topology: fix broken drm_dp_sideband_parse_remote_dpcd_read() - [arm64] drm/msm: Use the correct dma_sync calls in msm_gem https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.116 - [armhf] dts: sun8i-a83t-tbs-a711: HM5065 doesn't like such a high voltage - [arm64,armhf] bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads - [x86,arm64] hinic: fix a bug of waitting for IO stopped - [x86,arm64] hinic: fix wrong para of wait_for_completion_timeout - cxgb4/ptp: pass the sign of offset delta in FW CMD - qlcnic: Fix bad kzalloc null test - [armhf] cpufreq: imx6q: Fixes unwanted cpu overclocking on i.MX6ULL - [arm64] media: venus: hfi_parser: Ignore HEVC encoding for V1 - null_blk: Fix the null_add_dev() error path - null_blk: Handle null_add_dev() failures properly - null_blk: fix spurious IO errors after failed past-wp access - xhci: bail out early if driver can't accress host in resume - [x86] Don't let pgprot_modify() change the page encryption bit - block: keep bdi->io_pages in sync with max_sectors_kb for stacked devices - sched: Avoid scale real weight down to zero - libata: Remove extra scsi_host_put() in ata_scsi_add_hosts() - [amd64,x86] pstore/platform: fix potential mem leak if pstore_init_fs failed - gfs2: Don't demote a glock until its revokes are written - [i386] efi/x86: Ignore the memory attributes table on i386 - genirq/irqdomain: Check pointer in irq_domain_alloc_irqs_hierarchy() - block: Fix use-after-free issue accessing struct io_cq - [arm64,armhf] usb: dwc3: core: add support for disabling SS instances in park mode - [arm64,armhf] irqchip/gic-v4: Provide irq_retrigger to avoid circular locking dependency - md: check arrays is suspended in mddev_detach before call quiesce operations - firmware: fix a double abort case with fw_load_sysfs_fallback - block, bfq: fix use-after-free in bfq_idle_slice_timer_body - btrfs: qgroup: ensure qgroup_rescan_running is only set when the worker is at least queued - btrfs: remove a BUG_ON() from merge_reloc_roots() - btrfs: track reloc roots based on their commit root bytenr - IB/mlx5: Replace tunnel mpls capability bits for tunnel_offloads - uapi: rename ext2_swab() to swab() and share globally in swab.h - slub: improve bit diffusion for freelist ptr obfuscation - ASoC: fix regwmask - ASoC: dapm: connect virtual mux with default value - ASoC: dpcm: allow start or stop during pause for backend - [x86] ASoC: topology: use name_prefix for new kcontrol - usb: gadget: f_fs: Fix use after free issue as part of queue failure - usb: gadget: composite: Inform controller driver of self-powered - ALSA: hda: Add driver blacklist - ALSA: hda: Fix potential access overflow in beep helper - ALSA: ice1724: Fix invalid access for enumerated ctl items - ALSA: pcm: oss: Fix regression by buffer overflow fix - ALSA: doc: Document PC Beep Hidden Register on Realtek ALC256 - ALSA: hda/realtek - Set principled PC Beep configuration for ALC256 - [x86] ALSA: hda/realtek - Remove now-unnecessary XPS 13 headphone noise fixups - [x86] ALSA: hda/realtek - Add quirk for MSI GL63 - [x86] acpi: ignore unspecified bit positions in the ACPI global lock field - nvme-fc: Revert "add module to ops template to allow module references" - nvme: Treat discovery subsystems as unique subsystems - PCI: pciehp: Fix indefinite wait on sysfs requests - PCI/ASPM: Clear the correct bits when enabling L1 substates - PCI: Add boot interrupt quirk mechanism for Xeon chipsets - tpm: Don't make log failures fatal - tpm: tpm1_bios_measurements_next should increase position index - tpm: tpm2_bios_measurements_next should increase position index - KEYS: reaching the keys quotas correctly - [amd64,x86] pstore: pstore_ftrace_seq_next should increase position index - [mips*el] tlbex: Fix LDDIR usage in setup_pw() for Loongson-3 - [mips*/octeon] irq: Fix potential NULL pointer dereference - ath9k: Handle txpower changes even when TPC is disabled - signal: Extend exec_id to 64bits - [i386] x86/entry/32: Add missing ASM_CLAC to general_protection entry - [x86] KVM: nVMX: Properly handle userspace interrupt window request - [s390x] KVM: vsie: Fix region 1 ASCE sanity shadow address checks - [s390x] KVM: vsie: Fix delivery of addressing exceptions - [x86] KVM: Allocate new rmap and large page tracking when moving memslot - [x86] KVM: VMX: Always VMCLEAR in-use VMCSes during crash with kexec support - [x86] KVM: Gracefully handle __vmalloc() failure during VM allocation - [x86] KVM: VMX: fix crash cleanup when KVM wasn't used - CIFS: Fix bug which the return value by asynchronous read is error - Btrfs: fix crash during unmount due to race with delayed inode workers - btrfs: set update the uuid generation as soon as possible - btrfs: drop block from cache on error in relocation - btrfs: fix missing file extent item for hole after ranged fsync - btrfs: fix missing semaphore unlock in btrfs_sync_file - [powerpc*] pseries: Drop pointless static qualifier in vpa_debugfs_init() - [x86] speculation: Remove redundant arch_smt_update() invocation - mm: Use fixed constant in page_frag_alloc instead of size + 1 - dm writecache: add cond_resched to avoid CPU hangs - [s390x] scsi: zfcp: fix missing erp_lock in port recovery trigger for point-to-point - [arm64] armv8_deprecated: Fix undef_hook mask for thumb setend - [armhf] drm/etnaviv: rework perfmon query infrastructure - [powerpc*] pseries: Avoid NULL pointer dereference when drmem is unavailable - NFS: Fix a page leak in nfs_destroy_unlinked_subrequests() - ext4: fix a data race at inode->i_blocks - fs/filesystems.c: downgrade user-reachable WARN_ONCE() to pr_warn_once() - ocfs2: no need try to truncate file beyond i_size - [s390x] diag: fix display of diagnose call statistics - [x86] Input: i8042 - add Acer Aspire 5738z to nomux list - kmod: make request_module() return an error when autoloading is disabled - [powerpc*] cpufreq: powernv: Fix use-after-free - hfsplus: fix crash and filesystem corruption when deleting files - libata: Return correct status in sata_pmp_eh_recover_pm() when ATA_DFLAG_DETACH is set - ipmi: fix hung processes in __get_guid() - xen/blkfront: fix memory allocation flags in blkfront_setup_indirect() - [powerpc*] powernv/idle: Restore AMR/UAMOR/AMOR after idle (CVE-2020-11669) - [powerpc*] 64/tm: Don't let userspace set regs->trap via sigreturn - [powerpc*] hash64/devmap: Use H_PAGE_THP_HUGE when setting up huge devmap PTE entries - [powerpc*] xive: Use XIVE_BAD_IRQ instead of zero to catch non configured IPIs - [powerpc*] kprobes: Ignore traps that happened in real mode - scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug - [powerpc*] Add attributes for setjmp/longjmp - [powerpc*] Make setjmp/longjmp signature standard - btrfs: use nofs allocations for running delayed items - dm zoned: remove duplicate nr_rnd_zones increase in dmz_init_zone() - drm/dp_mst: Fix clearing payload state on topology disable - drm: Remove PageReserved manipulation from drm_pci_alloc - ftrace/kprobe: Show the maxactive number on kprobe_events - [armhf] etnaviv: perfmon: fix total and idle HI cyleces readout - [amd64] efi/x86: Fix the deletion of variables in mixed mode https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.117 - [amd64,arm64] amd-xgbe: Use __napi_schedule() in BH context - net: ipv6: do not consider routes via gateways for anycast address check - net: revert default NAPI poll timeout to 2 jiffies - [arm64,armhf] net: stmmac: dwmac-sunxi: Provide TX and RX fifo sizes - ovl: fix value of i_ino for lower hardlink corner case - scsi: ufs: Fix ufshcd_hold() caused scheduling while atomic - jbd2: improve comments about freeing data buffers whose page mapping is NULL - ext4: fix incorrect group count in ext4_fill_super error message - ext4: fix incorrect inodes per group in error message - [x86] ASoC: Intel: mrfld: fix incorrect check on p->sink - [x86] ASoC: Intel: mrfld: return error codes when an error occurs - ALSA: usb-audio: Filter error from connector kctl ops, too - ALSA: usb-audio: Don't override ignore_ctl_error value from the map - ALSA: usb-audio: Don't create jack controls for PCM terminals - ALSA: usb-audio: Check mapping at creating connector controls, too - keys: Fix proc_keys_next to increase position index - tracing: Fix the race between registering 'snapshot' event trigger and triggering 'snapshot' operation - btrfs: check commit root generation in should_ignore_root - mac80211_hwsim: Use kstrndup() in place of kasprintf() - [arm64,armhf] usb: dwc3: gadget: don't enable interrupt when disabling endpoint - [arm64,armhf] usb: dwc3: gadget: Don't clear flags before transfer ended - ext4: do not zeroout extents beyond i_disksize - [x86] kvm: Host feature SSBD doesn't imply guest feature SPEC_CTRL_SSBD - scsi: target: fix hang when multiple threads try to destroy the same iscsi session - [x86] microcode/AMD: Increase microcode PATCH_MAX_SIZE - wil6210: check rx_buff_mgmt before accessing it - wil6210: ignore HALP ICR if already handled - wil6210: add general initialization/size checks - wil6210: make sure Rx ring sizes are correlated - wil6210: remove reset file from debugfs - mm/vmalloc.c: move 'area->pages' after if statement https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.118 - [armel,armhf] bpf: Fix offset overflow for BPF_MEM BPF_DW - scsi: sg: add sg_remove_request in sg_common_write - ext4: use non-movable memory for superblock readahead - [arm64,armhf] watchdog: sp805: fix restart handler - [armel,armhf] arm, bpf: Fix bugs with ALU64 {RSH, ARSH} BPF_K shift by 0 - netfilter: nf_tables: report EOPNOTSUPP on unsupported flags/object type - [arm64] irqchip/mbigen: Free msi_desc on device teardown - ALSA: hda: Don't release card at firmware loading error - of: overlay: kmemleak in dup_and_fixup_symbol_prop() - [x86] Hyper-V: Report crash register data or kmsg before running crash kernel - rbd: avoid a deadlock on header_rwsem when flushing notifies - rbd: call rbd_dev_unprobe() after unwatching and flushing notifies - xsk: Add missing check on user supplied headroom size - [x86] Hyper-V: Unload vmbus channel in hv panic callback - [x86] Hyper-V: Free hv_panic_page when fail to register kmsg dump - [x86] Hyper-V: Trigger crash enlightenment only once during system crash. - [x86] Hyper-V: Report crash register data when sysctl_record_panic_msg is not set - [x86] Hyper-V: Report crash data in die() when panic_on_oops is set - power: supply: bq27xxx_battery: Silence deferred-probe error - [arm64,armhf] clk: tegra: Fix Tegra PMC clock out parents - [armhf] soc: imx: gpc: fix power up sequencing - NFSv4/pnfs: Return valid stateids in nfs_layout_find_inode_by_stateid() - NFS: direct.c: Fix memory leak of dreq when nfs_get_lock_context fails - [s390x] cpuinfo: fix wrong output when CPU0 is offline - [s390x] cpum_sf: Fix wrong page count in error message - ext4: do not commit super on read-only bdev - cifs: Allocate encryption header through kmalloc - include/linux/swapops.h: correct guards for non_swap_entry() - percpu_counter: fix a data race at vm_committed_as - [s390x] KVM: vsie: Fix possible race when shadowing region 3 tables - [x86] ACPI: fix CPU hotplug deadlock - [amd64] drm/amdkfd: kfree the wrong pointer - NFS: Fix memory leaks in nfs_pageio_stop_mirroring() - f2fs: fix NULL pointer dereference in f2fs_write_begin() - [arm*] drm/vc4: Fix HDMI mode validation - [amd64] iommu/vt-d: Fix mm reference leak - power: supply: axp288_fuel_gauge: Broaden vendor check for Intel Compute Sticks. - libnvdimm: Out of bounds read in __nd_ioctl() - f2fs: fix to wait all node page writeback - [armhf] net: dsa: bcm_sf2: Fix overflow checks - fbdev: potential information leak in do_fb_ioctl() - mtd: lpddr: Fix a double free in probe() - mtd: phram: fix a double free issue in error path - KEYS: Don't write out to userspace while holding key semaphore - bpf: fix buggy r0 retval refinement for tracing helpers . [ Salvatore Bonaccorso ] * Refresh "Revert "objtool: Fix CONFIG_STACK_VALIDATION=y warning for out-of-tree modules"" for context changes in 4.19.99 * Refresh "ARM: dts: bcm283x: Correct vchiq compatible string" for context changes in 4.19.99 * Drop "tools/lib/api/fs/fs.c: Fix misuse of strncpy()" * Refresh "net: ena: add MAX_QUEUES_EXT get feature admin command" for context changes in 4.19.108 * [rt] Update to 4.19.115-rt48: - Revert "genirq: Do not invoke the affinity callback via a workqueue on RT" * [rt] Refresh "pci/switchtec: Don't use completion's wait queue" for context changes in 4.19.116 * Refresh "firmware: Remove redundant log messages from drivers" for context changes in 4.19.118 * f2fs: fix to avoid memory leakage in f2fs_listxattr (CVE-2020-0067) * net: ipv6: add net argument to ip6_dst_lookup_flow * net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup (CVE-2020-1749) * blktrace: Protect q->blk_trace with RCU (CVE-2019-19768) * blktrace: fix dereference after null check . [ Ben Hutchings ] * [x86] Drop "Add a SysRq option to lift kernel lockdown" (Closes: #947021) - This patch allowed remotely disabling lockdown using usbip - Lockdown can be disabled by running "mokutil --disable-validation", rebooting, and confirming the change when prompted * debian/README.source: Refer to upload checklist in kernel-team.git * Bump ABI to 9 . [ YunQiang Su ] * [mips*] enable CONFIG_MIPS_O32_FP64_SUPPORT. * [mips*] enable CONFIG_CPU_HAS_MSA except octeon. . [ Steve McIntyre ] * [arm64] Include the Hisilicon Hibmc drm driver in fb-modules (Closes: #951274) . [ Noah Meyerhans ] * [cloud] Enable CONFIG_KSM (Closes: #955366) linux-signed-i386 (4.19.98+1+deb10u1) buster-security; urgency=high . * Sign kernel from linux 4.19.98-1+deb10u1 . * [x86] KVM: nVMX: Don't emulate instructions in guest mode (CVE-2020-2732) * do_last(): fetch directory ->i_mode and ->i_uid before it's too late (CVE-2020-8428) * vfs: fix do_last() regression * vhost: Check docket sk_family instead of call getname (CVE-2020-10942) * mm: mempolicy: require at least one nodeid for MPOL_PREFERRED (CVE-2020-11565) * [s390x] mm: fix page table upgrade vs 2ndary address mode accesses (CVE-2020-11884) lwip (2.0.3-3+deb10u1) buster; urgency=high . * Fix CVE-2020-8597 lxc-templates (3.0.4-0+deb10u1) buster; urgency=medium . * New upstream release 3.0.4 * d/lxc-templates.lintian-overrides: Disable warning for access to dpkg DB * d/p/0001: [lxc-debian] Handle languages that are only UTF-8 encoded (Closes: #950840) mailman (1:2.1.29-1+deb10u1) buster-security; urgency=high . * Upload to buster for security issue. * Fix stored cross site scripting in attachment extensions. manila (1:7.0.0-1+deb10u1) buster; urgency=medium . * CVE-2020-9543: Manila allows other project users to view, update, delete, or share resources that do not belong to them. Applied upstream patch: share_networks: enable project_only API only (Closes: #953581). mediawiki (1:1.31.7-1~deb10u1) buster-security; urgency=medium . * New upstream version 1.31.7, fixing CVE-2020-10960. CVE-2020-10960 does not affect this version of MediaWiki. * A hardening fix was included for the OATHAuth extension to limit access of user-controlled JavaScript. mediawiki (1:1.31.6-1) unstable; urgency=medium . * New upstream version 1.31.6, fixing CVE-2019-19709. * Drop Postgres patches merged upstream * Suppress a bunch of lintian warnings that are ignored on purpose * Sync d/upstream/signing-key.asc with upstream * autopkgtests: set allow-stderr for all tests that use sudo. Thanks to Mathieu Trudel-Lapierre for reporting and fixing in Ubuntu. (Closes: #946665) megatools (1.10.2-1+deb10u1) buster; urgency=medium . * debian/patches/support-new-links.patch: - Add support for the new format of mega.nz links. mew (1:6.8-4+deb10u1) buster; urgency=medium . * New patch 070_checkhost.patch to enable checkHost for stunnel (closes: #950411) mew-beta (7.0.50~6.8+0.20190228-1+deb10u1) buster; urgency=medium . * New patch 070_checkhost.patch to enable checkHost for stunnel (closes: #950412) ncbi-blast+ (2.8.1-1+deb10u1) buster; urgency=medium . * debian/rules: DEB_CONFIGURE_EXTRA_FLAGS += --without-sse42. (Closes: #951280.) network-manager-ssh (1.2.10-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Privilege escalation because extra options are mishandled (CVE-2020-9355) node-anymatch (2.0.0-1+deb10u1) buster; urgency=medium . * Team upload * Minimize required dependencies (Closes: #950850) node-dot (1.1.1-1+deb10u1) buster; urgency=medium . * Team upload * Add CVE-2020-8141 test * Prevent code execution after prototype pollution (Closes: CVE-2020-8141) node-dot-prop (4.1.1-1+deb10u1) buster; urgency=medium . * Team upload * Add fix for prototype pollution (Closes: CVE-2020-8116) node-knockout (3.4.2-2+deb10u1) buster; urgency=medium . * Team upload * Fix bad escaping for old MSIE (Closes: #943560, CVE-2019-14862) node-mongodb (3.1.13+~3.1.11-2+deb10u1) buster; urgency=medium . * Throw if invalid _bsontype is detected (Closes: CVE-2019-2391, CVE-2020-7610) node-yargs-parser (11.1.1-1+deb10u1) buster; urgency=medium . * Team upload * Fix prototype pollution and add test (Closes: CVE-2020-7608) nodejs (10.19.0~dfsg1-1) buster-security; urgency=medium . * New upstream version 10.19.0~dfsg1 * Delete applied ssl 1.1.1 compatibility patches * Revert upstream changes to stay compatible with stable libuv1: + uv_os_uname is not available + test-dgram-address uv returns EINVAL, not EBADF * Never run tests in parallel to avoid memory exhaustion * Use embedded nghttp2 as upstream rely that much on having an updated version of it. * Avoid two tests to cause a FTBFS (Closes #919588) * Patch for compatibility with libuv1 from stable * uv in stable expects EINVAL, not EBADF * Link to atomic using a patch, LDFLAGS is not enough * Exclude brotli from deps, use system-installed one + B-D brotli + use upstream patch nodejs (10.19.0~dfsg-3) unstable; urgency=medium . * Upstream fix (backward-compatible) for ssl 1.1.1e nodejs (10.19.0~dfsg-2) unstable; urgency=medium . * Install acorn, acorn-walk deps * Patch to support acorn 6 nodejs (10.19.0~dfsg-1) unstable; urgency=medium . * New upstream version 10.19.0~dfsg * Use shared libhttp-parser again * b-d acorn and acorn-walk and fix file install nodejs (10.17.0~dfsg-2) unstable; urgency=medium . * Link to atomic using a patch, LDFLAGS is not enough This is at least needed on mipsel. nodejs (10.17.0~dfsg-1) unstable; urgency=medium . * New upstream version 10.17.0~dfsg nodejs (10.16.3~dfsg-1) unstable; urgency=medium . * New upstream version 10.16.3~dfsg (Closes: #934885) * Avoid two tests to cause a FTBFS (Closes: #919588) * Delete applied ssl 1.1.1 compatibility patches * Never run tests in parallel to avoid memory exhaustion * README: match current modules search paths (Closes: #939001) * Fix make-doc patch, simplify make using NODE_PATH * B-D pkg-js-tools * Tighten dep on libuv1 version nodejs (10.15.3~dfsg-1) experimental; urgency=medium . * New upstream version 10.15.3~dfsg npm (5.8.0+ds6-4+deb10u1) buster; urgency=medium . * Add patches to fix arbitrary path access (Closes: CVE-2019-16775, CVE-2019-16776, CVE-2019-16777) nvidia-graphics-drivers (418.113-1) buster; urgency=medium . * New upstream long lived branch release 418.113 (2019-11-05). - Updated the Module.symvers sanity check, which is part of the NVIDIA kernel module build process, to accommodate the recent addition of a new field in the Module.symvers file format. This fixes the error "The Module.symvers file is missing [...]" seen during driver installation or DKMS rebuilds with Linux 5.4 RC kernels. - Fixed a bug that prevented NVIDIA GPUs from entering the low-power D3 state when entering suspend-to-idle (s2idle). Note that on some systems this may expose an existing timing issue in the Linux kernel; see the "Known Issues and Workarounds" section of the "Configuring Power Management Support" chapter of the README for more details. . [ Andreas Beckmann ] * Update nv-readme.ids. * Refresh patches. * debian/gen-control.pl: Support substitutions in the Architecture field and skip packages with empty or commented Architecture field (430.50-2). * Prepare infrastructure for packaging Tesla 418 driver releases (available for amd64 (including some i386 libs) and ppc64el) (430.50-2). * Create and commit tarball symlinks for legacy branches (430.64-1). * nvidia-detect: Add PCI ID list for 418.74 in buster (430.64-2). * nvidia-detect: Add support for Tesla 418 drivers (430.64-2). * nvidia-detect: The 340xx legacy driver will not be in bullseye (430.64-5). * Allow alternative libnvidia-{tesla,legacy-*}-ml1 packages to substitute libnvidia-ml1 (430.64-2). - Add Provides: libnvidia-ml.so.1 (= ${nvidia:Version}). - Generate alternative versioned dependency on libnvidia-ml.so.1 through the symbols file. * Allow alternative libnvidia-{tesla,legacy-*}-cuda1 packages to substitute libcuda1 in third-party packages (430.64-3). - Add Provides: libcuda.so.1 (= ${nvidia:Version}). - Generate alternative versioned dependency on libcuda.so.1 through the symbols file. * Use substitution to keep Standards-Version in sync (430.64-5). * Insert '-' between suffix ending with digit and SOVERSION (435.21-3). * Rename "legacy" variables to more generic "variant" (440.44-2). * bug-control: Report information about more (virtual) packages (440.64-2). * Prepare infrastructure for packaging Tesla 440 driver releases (available for amd64 (including some i386 libs) and ppc64el) (440.64-2). * Bump Standards-Version to 4.5.0. No changes needed. * Update lintian overrides. * Upload to buster. nvidia-graphics-drivers (418.88-1) unstable; urgency=medium . * New upstream long lived branch release 418.88 (2019-07-29). - Added support for the following GPUs: Quadro P520, Quadro RTX 3000, Quadro RTX 3000 with Max-Q Design, Quadro RTX 4000 with Max-Q Design, Quadro RTX 5000 with Max-Q Design, Quadro T1000, Quadro T2000. - Fixed a bug, introduced in 415.13, that caused audio over DisplayPort to not work in some configurations. * Improved compatibility with recent Linux kernels. (Closes: #934344) . [ Andreas Beckmann ] * Update nv-readme.ids. nvidia-graphics-drivers-legacy-390xx (390.132-3~deb10u1) buster; urgency=medium . * Rebuild for buster. nvidia-graphics-drivers-legacy-390xx (390.132-2) unstable; urgency=medium . * Create and commit tarball symlinks for legacy branches (430.64-1). * Allow alternative libnvidia-{tesla,legacy-*}-ml1 packages to substitute libnvidia-ml1 (430.64-2). - Add Provides: libnvidia-ml.so.1 (= ${nvidia:Version}). - Generate alternative versioned dependency on libnvidia-ml.so.1 through the symbols file. * Allow alternative libnvidia-{tesla,legacy-*}-cuda1 packages to substitute libcuda1 in third-party packages (430.64-3). - Add Provides: libcuda.so.1 (= ${nvidia:Version}). - Generate alternative versioned dependency on libcuda.so.1 through the symbols file. * Use substitution to keep Standards-Version in sync (430.64-5). * Insert '-' between suffix ending with digit and SOVERSION (435.21-3). * Rename "legacy" variables to more generic "variant" (440.44-2). * Bump Standards-Version to 4.5.0. No changes needed. nvidia-graphics-drivers-legacy-390xx (390.132-1) unstable; urgency=medium . * New upstream legacy branch release 390.132 (2019-11-08). - Fixed kernel module build problems with Linux kernel 5.4.0 release candidates. - Updated nvidia-bug-report.sh to collect information about X server crashes from coredumpctl, when available. * New upstream legacy branch release 340 series. - Updated the nvidia-drm kernel module for compatibility with the removal of the DRIVER_PRIME flag in recent Linux kernel versions. . [ Andreas Beckmann ] * Refresh patches. nvidia-graphics-drivers-legacy-390xx (390.129-2) unstable; urgency=medium . * Add mobile Kepler GPUs to supported EoL models. The are dropped from the mainline driver in the 430 series. https://nvidia.custhelp.com/app/answers/detail/a_id/4779 https://nvidia.custhelp.com/app/answers/detail/a_id/4788 * debian/gen-control.pl: Support substitutions in the Architecture field and skip packages with empty or commented Architecture field. * Bump Standards-Version to 4.4.1. No changes needed. nvidia-graphics-drivers-legacy-390xx (390.129-1) unstable; urgency=medium . * New upstream legacy branch release 390.129 (2019-07-29). - Improved nvidia-bug-report.sh to grab the output of the `vulkaninfo` command when it is available. * Improved compatibility with recent Linux kernels. * New upstream legacy branch release 340 series. - Updated nvidia-bug-report.sh to search the systemd journal for gdm-x-session logs. . [ Andreas Beckmann ] * Bump Standards-Version to 4.4.0. No changes needed. nvidia-graphics-drivers-legacy-390xx (390.116-2) unstable; urgency=medium . [ Kevin Locke ] * Backport changes from 418.74 and 430.14 to support building the module for Linux 5.1 and 5.2. (Closes: #928634) nvidia-settings-legacy-340xx (340.108-1~deb10u1) buster; urgency=medium . * Rebuild for buster. . nvidia-settings-legacy-340xx (340.108-1) unstable; urgency=medium . * New upstream release 340.108. - Fixed a bug that could prevent nvidia-xconfig from disabling the X Composite extension on version 1.20 of the X.org X server. (390.116-1) * Bump Standards-Version to 4.5.0. No changes needed. oar (2.5.8-1+deb10u1) buster; urgency=medium . * Revert to stretch behavior for Storable::dclone perl function (Closes: #942467) opam (2.0.3-1+deb10u1) buster; urgency=medium . * Team upload * Prefer mccs over aspcud (Closes: #908203) openldap (2.4.47+dfsg-3+deb10u2) buster-security; urgency=high . * Fix slapd to limit depth of nested expressions in search filters (ITS#9202) openldap (2.4.47+dfsg-3+deb10u2~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. * Revert "Fix build with Heimdal 7.2.0" as stretch contains a lower version of heimdal. . openldap (2.4.47+dfsg-3+deb10u2) buster-security; urgency=high . * Fix slapd to limit depth of nested expressions in search filters (ITS#9202) opensmtpd (6.0.3p1-5+deb10u4) buster-security; urgency=high . * Fix LPE and RCE vulnerability (Closes: #952453) (CVE-2020-8794) An out of bounds read in smtpd allows an attacker to inject arbitrary commands into the envelope file which are then executed as root. Separately, missing privilege revocation in smtpctl allows arbitrary commands to be run with the _smtpq group. OpenBSD 6.6 errata 021: https://ftp.openbsd.org/pub/OpenBSD/patches/6.6/common/021_smtpd_envelope.patch.sig openssl (1.1.1d-0+deb10u3) buster-security; urgency=medium . * CVE-2020-1967 (Segmentation fault in SSL_check_chain). openvswitch (2.10.0+2018.08.28+git.8ca7c82b7d+ds1-12+deb10u2) buster; urgency=medium . * Fixed debian/ifupdown.sh typo: ovs_vsctl -> ovs-vsctl. * Add patch to fix ovs-vswitchd dying: - Fix_vswitchd_abort_when_a_port_is_added_and_the_controller_is_down.patch orocos-kdl (1.4.0-7+deb10u1) buster; urgency=medium . * Add patch for python3 std string conversion (Closes: #956254) owfs (3.2p3+dfsg1-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Drop python3-ow, python3-ownet: Unused, contained python2 code. (Closes: #943612) pango1.0 (1.42.4-8~deb10u1) buster; urgency=medium . * Team upload * Merge changes from 1.42.4-8 into buster - d/gbp.conf, d/control: Set packaging branch to debian/buster . pango1.0 (1.42.4-8) unstable; urgency=medium . * Team upload * d/p/Fix-crash-in-pango_fc_font_key_get_variations-when-key-is.patch: Backport crash fix from 1.44.x (Closes: #898960) * d/tests/build: Use correct compiler for proposed autopkgtest cross-architecture testing support, based on a patch for clutter-1.0 by Steve Langasek * d/tests/build: Fix shellcheck warnings * d/tests/build: Remove trailing whitespace * d/tests/build: Fail if using an undefined variable ("unofficial strict mode") * d/tests/build: Mark as superficial * d/gbp.conf, d/control: Use debian/unstable, upstream/1.42.x branches pango1.0 (1.42.4-7) unstable; urgency=medium . * Team upload * d/p/bidi-Be-safer-against-bad-input.patch: Fix heap overflow when acting on malformed UTF-8. (Closes: #933860; CVE-2019-1010238) pgcli (1.9.1-3+deb10u1) buster; urgency=medium . * Non-maintainer upload. . [ Lennart Weller ] * pkg-resources hard dependency for minimal systems (Closes: #944455) php-horde-data (2.1.4-5+deb10u1) buster; urgency=high . * Fix CVE-2020-8518: The Horde Application Framework contained a remote code execution vulnerability. An authenticated remote attacker could use this flaw to cause execution of uploaded CSV data. (Closes: #951537) php-horde-form (2.0.18-3.1+deb10u1) buster; urgency=high . * Fix CVE-2020-8866: The Horde Application Framework contained a remote code execution vulnerability. An authenticated remote attacker could use this flaw to upload arbitrary content to an arbitrary writable location on the server and potentially execute code in the context of the web server user. (Closes: #955020) php-horde-trean (1.1.9-3+deb10u1) buster; urgency=high . * Fix CVE-2020-8865: The Horde Application Framework contained a directory traversal vulnerability resulting from insufficient input sanitization. An authenticated remote attacker could use this flaw to execute code in the context of the web server user. (Closes: #955019) pillow (5.4.1-2+deb10u1) buster-security; urgency=medium . * CVE-2019-16865 CVE-2019-19911 CVE-2020-5311 CVE-2020-5312 CVE-2020-5313 postfix (3.4.10-0+deb10u1) buster; urgency=medium . [Wietse Venema] . * 3.4.10 - Bugfix (introduced: Postfix 2.3): panic with Postfix multi-Milter configuration during MAIL FROM. Milter client state was not properly reset after one of the Milters failed. Reported by WeiYu Wu. postfix (3.4.9-1) unstable; urgency=medium . [Scott Kitterman] . * Correct Debian's smtp (8) man page name in d/p/debian-man-name.diff for lmtp. Closes: #920356 * Fix d/init.d running change so it works with multi-instance again - Thanks to jaroslav@thinline.cz for the fix. Closes: #944922 * Bump standards-version to 4.5.0 without further change * Switch from debian/compat to debhelper-compat and bump compat to 12 - Update debian/rules to use dh_installsystemd instead of dh_systemd_enable and dh_systemd_start - Update debian/rules for new example install path . [Wietse Venema] . * 3.4.9 postfix (3.4.9-0+10debu1) buster; urgency=medium . [Scott Kitterman] . * Correct Debian's smtp (8) man page name in d/p/debian-man-name.diff for lmtp. Closes: #920356 * Fix d/init.d running change so it works with multi-instance again - Thanks to jaroslav@thinline.cz for the fix. Closes: #944922 . [Wietse Venema] . * 3.4.9 - Bugfix (introduced: Postfix 3.1): support for smtp_dns_resolver_options was broken while adding support for negative DNS response caching in postscreen. Postfix was inadvertently changed to call res_query() instead of res_search(). Reported by Jaroslav Skarvada. File: dns/dns_lookup.c. . - Bugfix (introduced: Postfix 3.0): sanitize server responses before storing them in the verify database, to avoid Postfix warnings about malformed UTF8. File: verify/verify.c. . - Bugfix (introduced: Postfix 2.5): the Milter connect event macros were evaluated before the Milter connection itself had been negotiated. Problem reported by David Bürgin. Files: milter/milter.h, milter/milter.c, milter/milter8.c postfix (3.4.8-1) unstable; urgency=medium . [Scott Kitterman] . * Stop generating obsolete Upstream substvar * Bump standards-version to 4.4.1 without further change * Use -l instead of LD_LIBRARY_PATH for dh_shlibdeps * Check GPG signature when downloading new versions via uscan . [Wietse Venema] . * 3.4.8 postgresql-11 (11.7-0+deb10u1) buster-security; urgency=medium . * New upstream version. + Add missing permissions checks for ALTER ... DEPENDS ON EXTENSION. . Marking an object as dependent on an extension did not have any privilege check whatsoever. This oversight allowed any user to mark routines, triggers, materialized views, or indexes as droppable by anyone able to drop an extension. Require that the calling user own the specified object (and hence have privilege to drop it). (CVE-2020-1720) postgresql-11 (11.6-2~sid1) unstable; urgency=medium . * Move pg_config and pgxs to postgresql-client package to be able to test extension packages using only their native dependencies. (Closes: #944457) ppp (2.4.7-2+4.1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * pppd: Fix bounds check in EAP code (CVE-2020-8597) (Closes: #950618) proftpd-dfsg (1.3.6-4+deb10u5) buster; urgency=medium . * Patch for upstream Issue #656 (Closes: #951412) * Patch for upstream Bug #4385 (Closes: #949622) proftpd-dfsg (1.3.6-4+deb10u4) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Ensure that we do not reuse already-destroyed memory pools during data transfers (CVE-2020-9273) (Closes: #951800) * Clear the data-transfer instigating command pool but keep a memory pool. Fixes regression in the %{transfer-status} LogFormat functionality. puma (3.12.0-2+deb10u1) buster; urgency=medium . * Team upload. * d/control (Vcs-Git): Add branch. * d/patches/CVE-2019-16770.patch: Add patch. - Backport fix for CVE-2019-16770 from upstream (closes: #946312). * d/patches/series: Add patch. purple-discord (0.9.2019.02.07.git.e5d9627-1+deb10u1) buster; urgency=medium . * Backport workaround for crashes in ssl_nss_read (Closes: #955635) python-bleach (3.1.2-0+deb10u1) buster-security; urgency=high . * New upstream security release (Closes: #954236) - Addresses CVE-2020-6816 python-bleach (3.1.1-1) unstable; urgency=high . * New upstream security release (Closes: #951907) * Temporarily disable tests due to #945522 in order to get this security update published python-bleach (3.1.1-0+deb10u1) buster-security; urgency=high . * New upstream security release (Closes: #951907) - Addresses CVE-2020-6802 python-bleach (3.1.0-2) unstable; urgency=medium . [ Ondřej Nový ] * Use debhelper-compat instead of debian/compat. * Bump Standards-Version to 4.4.1. . [ Sandro Tosi ] * Drop python2 support; Closes: #937614 python-django (1:1.11.28-1~deb10u1) buster-security; urgency=high . * New upstream security release. (Closes: #950581) <https://www.djangoproject.com/weblog/2020/feb/03/security-releases/> . - CVE-2020-7471: Potential SQL injection via StringAgg(delimiter) . Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter (e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter). By passing a suitably crafted delimiter to a contrib.postgres.aggregates.StringAgg instance, it was possible to break escaping and inject malicious SQL. python-oslo.utils (3.36.5-0+deb10u1) buster; urgency=medium . * CVE-2019-3866: Sensitive information leaked in mistral logs. Upgrade to the tip of the upstream stable/rocky branch (as the upstream patch would not otherwise apply). python-pysaml2 (4.5.0-4+deb10u1) buster-security; urgency=medium . * CVE-2020-5390: does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected by XML Signature Wrapping (XSW). Applied upstream patch: Fix XML Signature Wrapping (XSW) vulnerabilities (Closes: #949322). * Remove a test file that will fail past 2020-11-28 (Closes: #949227). * Add fix-importing-mock-in-py2.7.patch. * Add remove-test_switch_1.patch. python-reportlab (3.5.13-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Address remote code execution in colors.py (CVE-2019-17626) (Closes: #942763) qbittorrent (4.1.5-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Prevent command injection via "Run external program" function (CVE-2019-13640) (Closes: #932539) qemu (1:3.1+dfsg-8+deb10u5) buster-security; urgency=medium . * display-bochs-fix-pcie-support-CVE-2019-15034.patch Fix possible buffer overflow in BOCHS display PCI config space Closes: CVE-2019-15034 * vnc-fix-memory-leak-when-vnc-disconnect-CVE-2019-20382.patch Fix misuse of libz in VNC disconnect, leading to memory leak Closes: CVE-2019-20382 * scsi-lsi-exit-infinite-loop-while-executing-script-CVE-2019-12068.patch Fix possible infinite loop in lsi_execute_script (LSI SCSI adapter) Closes: CVE-2019-12068 * iscsi-fix-heap-buffer-overflow-in-iscsi_aio_ioctl_cb.patch Fix heap buffer overflow in iSCSI's iscsi_aio_ioctl_cb() * slirp-fix-use-afte-free-in-ip_reass-CVE-2020-1983.patch Fix another use-after-free in ip_reass() in SLIRP code Closes: CVE-2020-1983 qemu (1:3.1+dfsg-8+deb10u4) buster-security; urgency=medium . * acknowledge the last NMU by the Security Team * io-ensure-UNIX-client-doesn-t-unlink-server-socket.patch Closes: #946210 * slirp possible use-after-free in ip_reass(), slirp-ip_reass-fix-use-after-free-CVE-CVE-2019-15890.patch Closes: #939869, CVE-2019-15890 * slirp emulation fixes, Closes: CVE-2020-7039 tcp_emu-fix-OOB-access-CVE-2020-7039.patch slirp-use-correct-size-while-emulating-commands-CVE-2020-7039.patch slirp-use-correct-size-while-emulating-IRC-commands-CVE-2020-7039.patch * fix iscsi OOB heap access via an unexpected response of iSCSI Server, scsi-cap-block-count-from-GET-LBA-STATUS-CVE-2020-1711.patch Closes: #949731, CVE-2020-1711 qtbase-opensource-src (5.11.3+dfsg1-1+deb10u3) buster-security; urgency=high . [ Dmitry Shachnev ] * Backport fixes for two vulnerabilities: - CVE-2020-0569: Do not load plugin from the CWD. - CVE-2020-0570: Qt tries to load invalid library from CWD. rails (2:5.2.2.1+dfsg-1+deb10u1) buster; urgency=high . * Team upload. * Add patch to fix possible XSS vector in JS escape helper. (Fixes: CVE-2020-5267) (Closes: #954304) rake (12.3.1-3+deb10u1) buster; urgency=high . * Team upload * Add patch to use File.open explicitly. (Fixes: CVE-2020-8130) raspi3-firmware (1.20190215-1+deb10u3) buster; urgency=medium . * Fix dtb names mismatch in z50-raspi-firmware and add new option upstream_kernel=1 to the config.txt. These two changes allow for the correct boot on RPi families 1 and 0. Thanks to Valentin Vidic for the fix! (Closes: #939727) resource-agents (1:4.2.0-2+deb10u1) buster; urgency=medium . * debian/patches: drop xen-toolstack.patch * debian/patches: add ethmonitor-no-addr.patch (Closes: #927311) * debian/patches: add zfs-bashism.patch (Closes: #933398) rootskel (1.131+10u1) buster; urgency=medium . [ Steve McIntyre ] * Backport fix from unstable: Tweak how multiple consoles are used. If we detect that we're trying to run using preseeding, do *not* run on multiple consoles in parallel as that causes race conditions and weird behaviour. Instead, just run on the "preferred" console. Hopefully Closes: #940028, #932416 ruby-i18n (1.5.3-1+deb10u1) buster; urgency=medium . * Team upload. * Pick up patch from unstable to fix .gemspec created and shipped. . [ Antonio Terceiro ] * d/patches/strip_bundler.patch: Rename to d/patches/0001-disable-bundler-on-build-time-do-not-install-stuff-a.patch. * d/patches/0002-gemspec-prepend-local-directory-to-the-LOAD_PATH.patch: Add patch to avoid picking up the version number from an installed version of the package (Closes: #927339). * d/patches/series: Adjust. . [ Daniel Leidert ] * d/control (Homepage): Fix homepage-field-uses-insecure-uri. rubygems-integration (1.11+deb10u1) buster; urgency=medium . * Replace usage of Gem::ConfigMap with RbConfig::CONFIG This avoid deprecation warnings when users install a newer version of Rubygems via `gem update --system`. schleuder (3.4.0-2+deb10u3) buster; urgency=medium . * debian/control: - (Build)-Depend on ruby-charlock-holmes to aid in encoding detection. * debian/patches: - Improve patch to handle encoding errors introduced in the previous version, 3.4.0-2+deb10u2. The former approach had shortcomings if parsing unencrypted, but signed UTF-8 mails or mail parts without a charset. The parsing failed and lead to further errors. The new approach switches to UTF-8 as the default input, and tries to convert non-UTF-8 mails. In case this fails, the invalid characters are dropped and a note is added to the mail that this happened. To aid in encoding detection, a new dependency is added, ruby-charlock-holmes. (Closes: #948982) - Add patch to let x-add-key handle mails with attached, quoted-printable encoded keys. Such mails might be produced by Thunderbird. Before, such mails were not recognized. (Closes: #956827) - Add patch to fix x-attach-listkey with mails created by Thunderbird that include protected headers. Before, the output was garbled and unusable. (Closes: #956964) scilab (6.0.1-10+deb10u1) buster; urgency=medium . * Add patch from Gilles Filippini to fix library path loading with the recent openjdk 11.0.7 upload. (Closes: #955694, #959034) serverspec-runner (1.2.2-1+deb10u1) buster; urgency=medium . * d/patches/fix-yaml-load-document-missing: Add patch. - Support Ruby 2.5 and replace YAML.load_documents (closes: #939645). * d/patches/series: Add new patch. softflowd (0.9.9-5+deb10u1) buster; urgency=medium . * Fix roken flow aggregation which might result in flow table overflow and 100% CPU usage. speech-dispatcher (0.9.0-5+deb10u1) buster; urgency=medium . * patches/pulseaudio-latency: Fix default pulseaudio latency which triggers pulseaudio scratchy output. spl-linux (0.7.12-2+deb10u1) buster; urgency=medium . * Cherry-pick upstream commit cb4464f to fix deadlock. (#932251) sssd (1.16.3-3.2) buster; urgency=medium . * Non-maintainer upload with maintainer permission. * Fix sssd_be busy-looping when LDAP connection flickers. (Closes: #946847) systemd (241-7~deb10u4) buster; urgency=medium . * polkit: when authorizing via PolicyKit re-resolve callback/userdata instead of caching it. This fixes a heap use-after-free vulnerability in systemd, when asynchronous PolicyKit queries are performed while handling DBus messages. CVE-2020-1712 (Closes: #950732) * Install 60-block.rules in udev-udeb and initramfs-tools. The block device rules were split out from 60-persistent-storage.rules into its own rules file in v220. Those rules ensure that change events are emitted and the udev db is updated after metadata changes. Thanks to Pascal Hambourg (Closes: #958397) taglib (1.11.1+dfsg.1-0.3+deb10u1) buster; urgency=medium . * debian/patches/0005: Add patch to fix corruption on handling ogg files. (Closes: #915281, upstream issue 775) * debian/control: Update maintainer and Vcs information accordingly. tbsync (2.11-1~deb10u1) buster; urgency=medium . * Built for Buster tbsync (2.10-1) unstable; urgency=medium . [ Carsten Schoenert ] * [9ad5177] d/control: correct depending versions . [ Mechtilde Stehmann ] * [8c89b10] New upstream version 2.10 * [b66345f] d/upstream/metadata: added * [306b4f5] d/copyright: add recent year * [c719716] d/control: bump standard version to 4.5 - no changes needed tbsync (2.9-1) unstable; urgency=medium . * Prepared for unstable tbsync (2.9-1~exp1) experimental; urgency=medium . * [77907ef] New upstream version 2.9 tbsync (2.8-1~exp4) experimental; urgency=medium . [ Carsten Schoenert ] * [c98efe0] install more needed files * [4ad835a] webext-tbsync.links: correct linking tbsync (2.8-1~exp3) experimental; urgency=medium . * [6f127a7] use new line number * [0c46b28] Corrected *.docs file * [454ef69] Removed old xul stuff * [9193971] Removed xpi dependencies * [aa931a5] Added *.install and *.links for manuall installation tbsync (2.8-1~exp1) experimental; urgency=medium . * [3dfedf8] New upstream version 2.8 * [fed3c3d] Added me to debian/copyright for debian files * [2f0ba40] Changed version number of dependencies * [e1486d9] Deactivate verbosity in debian/rules tbsync (2.5-1~exp2) experimental; urgency=medium . [ Mechtilde ] * [315e718] correct rules tbsync (2.5-1~exp1) experimental; urgency=medium . [ Mechtilde ] * [0e55c0b] last changes in changelog for releasein experimental * [004d898] Use debhelper-compat for choosing compat level * [3015561] Bumped to standard version 4.4.1 -no changes needed * [e5136eb] Reduce the line length in last entry * [4f252a0] New upstream version 2.5 tbsync (2.3-1) experimental; urgency=medium . [ Mechtilde ] * New upstream version 2.3 * added debian/salsa-ci.yml for testing on Salsa * New upstream version 2.3 * changed debian/control bump standard version to 4.4.0, changed thunderbird version to >=68, changed webext-tbsync version to 2.3 * changed debian/watch to version 4 * simpified debian/rules for using webext * changed debian/source/lintian-overrides * adapt changes of licenses in debian/copyright thunderbird (1:68.7.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security thunderbird (1:68.7.0-1~deb9u1) stretch-security; urgency=medium . * Rebuild for stretch-security thunderbird (1:68.6.0-1) unstable; urgency=medium . * [5709774] New upstream version 68.6.0 Fixed CVE issues in upstream version 68.6.0 (MFSA 2020-10): CVE-2019-20503: Out of bounds reads in sctp_load_addresses_from_init CVE-2020-6805: Use-after-free when removing data about origins CVE-2020-6806: BodyStream::OnInputStreamReady was missing protections against state confusion CVE-2020-6807: Use-after-free in cubeb during stream destruction CVE-2020-6811: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection CVE-2020-6812: The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission CVE-2020-6814: Memory safety bugs fixed in Thunderbird 68.6 thunderbird (1:68.6.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security thunderbird (1:68.6.0-1~deb9u1) stretch-security; urgency=medium . * Rebuild for stretch-security thunderbird (1:68.5.0-1) unstable; urgency=medium . * [d79bf82] New upstream version 68.5.0 Fixed CVE issues in upstream version 68.5.0 (MFSA 2020-07): CVE-2020-6793: Out-of-bounds read when processing certain email messages CVE-2020-6794: Setting a master password post-Thunderbird 52 does not delete unencrypted previously stored passwords CVE-2020-6795: Crash processing S/MIME messages with multiple signatures CVE-2020-6798: Incorrect parsing of template tag could result in JavaScript injection CVE-2020-6792: Message ID calculcation was based on uninitialized data CVE-2020-6800: Memory safety bugs fixed in Thunderbird 68.5 (Closes: #891848) * [0884df6] d/control: increase Standards-Version to 4.5.0 No further changes needed. thunderbird (1:68.5.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security (Closes: #891848) thunderbird (1:68.5.0-1~deb9u1) stretch-security; urgency=medium . * Rebuild for stretch-security (Closes: #891848) thunderbird (1:68.4.2-1) unstable; urgency=medium . * [7ab7786] d/gbp.conf: add some more files we need to filter out * [9c02c34] New upstream version 68.4.2 thunderbird (1:68.4.1-1) unstable; urgency=medium . * [a00f3e9] New upstream version 68.4.1 Fixed CVE issues in upstream version 68.4.1 (MFSA 2020-04): CVE-2019-17026: IonMonkey type confusion with StoreElementHole and FallibleStoreElement CVE-2019-17015: Memory corruption in parent process during new content process initialization on Windows CVE-2019-17016: Bypass of @namespace CSS sanitization during pasting CVE-2019-17017: Type Confusion in XPCVariant.cpp CVE-2019-17022: CSS sanitization does not escape HTML tags CVE-2019-17024: Memory safety bugs fixed in Thunderbird 68.4.1 * [6b1fd82] rebuild patch queue from patch-queue branch removed patch (included upstream) fixes/Update-bindgen-in-ESR68.-r-glandium-a-RyanVM.patch timeshift (19.01+ds-2+deb10u1) buster; urgency=medium . * Team upload. * debian/control: Use new homepage. (Closes: #952685) * debian/patches/0006: Backport upstream fix on predictable location of temporary directory. (Closes: #953385, CVE-2020-10174) tinyproxy (1.10.0-2+deb10u1) buster; urgency=medium . * debian/tinyproxy.init: + Only set PIDDIR, if PIDFILE is a non-zero length string. (Closes: #948283). tor (0.3.5.10-1) buster-security; urgency=medium . * New upstream version. * Fixes, among other things a denial-of-service bug that could be used by anyone to consume a bunch of CPU on any Tor relay, making it potentially easier to introduce observable timing patterns (TROVE-2020-002, CVE-2020-10592). tor (0.3.5.10-1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. trafficserver (8.0.2+ds-1+deb10u2) buster-security; urgency=medium . * Add fix from upstream for CVE-2019-17559 * Add fix from upstream for CVE-2019-17565 * Add fix from upstream for CVE-2020-1944 * Add fix from upstream for CVE-2020-9481 tzdata (2020a-0+deb10u1) buster; urgency=medium . * New upstream version, affecting the following future timestamps: - Morocco springs forward on 2020-05-31, not 2020-05-24. - Canada's Yukon advanced to -07 year-round on 2020-03-08. tzdata (2020a-0+deb9u1) stretch; urgency=medium . * New upstream version, affecting the following future timestamps: - Morocco springs forward on 2020-05-31, not 2020-05-24. - Canada's Yukon advanced to -07 year-round on 2020-03-08. tzdata (2019c-3) unstable; urgency=medium . * Build the timezone data from tzdata.zi. * Install leapseconds file /usr/share/zoneinfo. * Bump Standards-Version to 4.4.1 (no changes). tzdata (2019c-2) unstable; urgency=medium . [ Paul Eggert ] * Install tzdata.zi file in /usr/share/zoneinfo. Closes: #940852. . [ Aurelien Jarno ] * Use tzdata.zi to change hardlinks into symlinks. * Bump debhelper compatibility to 12. * Bump Standards-Version to 4.4.0 (no changes). * Drop Replaces on libc6, it is not needed anymore since Lenny. * Depends on gawk and use it instead of mawk which crashes with a memory corruption. tzdata (2019c-1) unstable; urgency=medium . * New upstream version, affecting the following future timestamps: - Fiji's next DST transitions will be 2019-11-10 and 2020-01-12 instead of 2019-11-03 and 2020-01-19. - Norfolk Island will observe Australian-style DST starting in spring 2019. The first transition is on 2019-10-06. * Update French debconf translation, by Baptiste Jammet. Closes: #935153. * debian/rules: drop obsolete -y zic option. uim (1:1.8.8-4+deb10u3) buster; urgency=medium . * Non-maintainer upload. . [ NOKUBI Takatsugu ] * d/libuim-data.postint: add uim-mozc (See #939588) . [ HIGUCHI Daisuke (VDR dai) ] * d/libuim-data.postint: add uim-chewing . [ YOSHINO Yoshihito ] * d/libuim-data.postinst: unregister not-installed modules (Closes: #945344). The previous upload to fix #939588 caused regression, which has accidentally registered some not-installed modules. user-mode-linux (4.19-1um-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * [00f54af] Fix FTBFS in buster with linux-source-4.19 4.19.98-1. Remove fix-port-helper-path.patch (Closes: #951329). vite (1.2+svn1430-6+deb10u1) buster; urgency=medium . * patches/fieldnames: Cherry-pick upstream fix for unbound number of field names. vlc (3.0.10-0+deb10u1) buster-security; urgency=medium . * New upstream release * debian/: Disable microdns plugin due to microdns security issues (CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079, CVE-2020-6080) vlc (3.0.10-0+deb9u1) stretch-security; urgency=medium . * New upstream release * debian/: Disable microdns plugin due to microdns security issues (CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079, CVE-2020-6080) * debian/patches: Fix build with stretch's libdvdread vlc (3.0.9.2-1) unstable; urgency=medium . * New upstream release * debian/patches: Remove patches integrated upstream * debian/copyright: - Bump copyright years - Update files * debian/upstream/signing-key.asc: Re-export upstream's signing key vlc (3.0.8-4) unstable; urgency=medium . * debian/control: Bump Standards-Version * debian/upstream: Apply upstream patches for chromechast support in avahi * debian/: Disable microdns plugin vlc (3.0.8-3) unstable; urgency=medium . * debian/control: - Replace libfreetype6-dev with libfreetype-dev - Bump Standards-Version * debian/: Build srt access plugin vlc (3.0.8-2) unstable; urgency=medium . * debian/: Revert "Switch back to libmodplug-dev since vlc now requires 0.8.9.". Patch configure.ac instead. vlc (3.0.8-1) unstable; urgency=medium . * New upstream release. - Fix a read buffer overflow in the avcodec decoder (CVE-2019-13962) - Fix a read buffer overflow in the OGG demuxer (CVE-2019-14437, CVE-2019-14438) - Fix a read buffer overflow in the ASF demuxer (CVE-2019-14776) - Fix a use after free in the MKV demuxer (CVE-2019-14777, CVE-2019-14778) - Fix a use after free in the ASF demuxer (CVE-2019-14533) - Fix a null dereference in the ASF demuxer (CVE-2019-14534) - Fix a division by zero in the CAF demuxer (CVE-2019-14498) - Fix a division by zero in the ASF demuxer (CVE-2019-14535) * debian/: Remove crystalhd plugin. libcrystalhd-dev is scheduled for removal. * debian/patches: Remove patches included upstream. * debian/control: Switch back to libmodplug-dev since vlc now requires 0.8.9. waagent (2.2.45-4~deb10u1) buster; urgency=medium . * Upload to buster. waagent (2.2.45-3) unstable; urgency=medium . * Disable resource disk if cloud-init is enabled. * Open log before trying to log anything. * Make compatible with Python 3.8. waagent (2.2.45-2) unstable; urgency=medium . * Use new source format. * Fix resource disk setup. waagent (2.2.45-1) unstable; urgency=medium . * New upstream version. (closes: #911701) * Support co-installation with cloud-init. waagent (2.2.41-1) unstable; urgency=medium . * New upstream version. webkit2gtk (2.26.4-1~deb10u3) buster-security; urgency=medium . * debian/patches/cve-2020-11793-fix.patch: + Cherry-pick fix for CVE-2020-11793. webkit2gtk (2.26.4-1~deb10u2) buster-security; urgency=medium . * debian/patches/cve-2020-10018-fix.patch: + Cherry-pick fix for CVE-2020-10018. webkit2gtk (2.26.4-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-backports. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. webkit2gtk (2.26.4-1~bpo9+3) stretch-backports-sloppy; urgency=medium . * debian/patches/cve-2020-11793-fix.patch: + Cherry-pick fix for CVE-2020-11793. webkit2gtk (2.26.4-1~bpo9+2) stretch-backports-sloppy; urgency=medium . * debian/patches/cve-2020-10018-fix.patch: + Cherry-pick fix for CVE-2020-10018. webkit2gtk (2.26.4-1~bpo9+1) stretch-backports-sloppy; urgency=medium . * Rebuild for stretch-backports-sloppy. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Versions of GStreamer < 1.13 had GStreamerGL in the "bad" set, so depend on libgstreamer-plugins-bad1.0-dev and don't require GStreamer 1.13. Don't install libgstreamer-plugins-bad1.0-dev in armel or armhf: the usage of two different GL implementations causes a build failure (see WebKit bug #175127). + Remove build dependencies on libwoff-dev and libopenjp2-7-dev. + Don't recommend gstreamer1.0-gl, that package is not available in this Debian release. + Build depend on clang-7. + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. * debian/rules: + Build with -DENABLE_MEDIA_SOURCE=OFF. This feature requires a more recent version of GStreamer. + Build with -DUSE_OPENJPEG=OFF. This feature requires a more recent version of libopenjp2-7-dev. + Pass CC and CXX to dh_auto_configure so it uses clang instead of gcc. + Don't use the gold linker in mips nor mipsel. * debian/patches/is-same-v.patch: + Define std::is_same_v and std::is_pod_v. * debian/patches/fix-gtkdoc-generation.patch: + Fix gtk-doc generation. * debian/patches/safe-multiply.patch: + Fix link errors in 32-bit CPUs with clang * debian/libwebkit2gtk-4.0-37.symbols: + Mark webkit_emoji_chooser_get_type as optional, this requires a more recent version of GTK. * debian/patches/fix-atomics-build.patch: + Use libatomic in libWTF. This fixes the armel build. webkit2gtk (2.26.3-1) unstable; urgency=high . * New upstream release. * The WebKitGTK security advisory WSA-2019-0006 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2019-8765, CVE-2019-8821, CVE-2019-8822 (fixed in 2.24.4) + CVE-2019-8710, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8782, CVE-2019-8808, CVE-2019-8815 (fixed in 2.26.0) + CVE-2019-8783, CVE-2019-8811, CVE-2019-8813, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823 (fixed in 2.26.1) + CVE-2019-8812, CVE-2019-8814 (fixed in 2.26.2) * Build without the bubblewrap sandbox if the required dependencies are not available (Closes: #944731): + debian/rules: - Pass -DENABLE_BUBBLEWRAP_SANDBOX depending on whether libseccomp is installed. - Add runtime dependencies on bubblewrap and xdg-dbus-proxy conditionally to the status of ENABLE_BUBBLEWRAP_SANDBOX. + debian/control: - Don't require bubblewrap, xdg-dbus-proxy or libseccomp-dev in alpha, ia64, m68k, riscv64, sh4 or sparc64. * Enable USE_WPE_RENDERER: + debian/control: - Add build dependency on libwpebackend-fdo-1.0-dev. + debian/rules: - Set USE_WPE_RENDERER depending on whether wpebackend-fdo is available or not (this allows disabling it by simply removing the build dependency). * debian/rules: + Use -g1 in all builds. The webkit2gtk debug packages are huge and I'm not convinced that they have been very useful for reporting bugs. Using -g1 is enough for a basic backtrace and it makes the packages easier to handle. + Install the NEWS file using debian/libwebkit2gtk-4.0-37.docs. * debian/control: + Switch build dependency from libenchant-dev to libenchant-2-dev (Closes: #948106). + Add build dependency on libx11-xcb-dev (Closes: #949430). + Add Rules-Requires-Root: no. * debian/patches/use-python3.patch: + The unversioned python interpreter (i.e. Python 2) is not installed by default anymore, so use Python 3 instead (Closes: #948839). * debian/patches/user-agent-branding.patch: + Refresh. * debian/libwebkit2gtk-4.0-37.symbols: + Add Build-Depends-Package field. * debian/copyright: + Update copyright years. websocket-api (1.1-1+deb10u1) buster; urgency=medium . * Team upload. * Change Breaks and Replaces for libservlet3.1-java to << 9 and fix dpkg error when upgrading tomcat 8 from Stretch to Buster. wpa (2:2.7+git20190128+0c1e29f-6+deb10u2) buster; urgency=medium . * Apply upstream patches: - Do not try to detect PSK mismatch during PTK rekeying. Fixes the 4-way WPA handshake in some situations. - Check for FT support when selecting FT suites. Closes: #942164. - Fix RTM NEW/DELLINK IFLA_IFNAME copy for maximum ifname length. Fixes the MAC randomisation issue with some cards. LP: #1867908. xdg-utils (1.1.3-1+deb10u1) buster; urgency=medium . [ Rex Dieter ] * xdg-open: Do better pcmanfm check, fix AND operator. Closes: #908760, Upstream: BR106636, BR106161. . [ Iain Lane ] * xdg-screensaver: Sanitise window name before sending it over D-Bus. Closes: #910070, LP: #1743216, Upstream: BR108121. . [ Andrea Tarocchi ] * xdg-open: correct handling directories with spaces in the name. LP: #1848335, Upstream: #166. . [ Nicholas Guriev ] * xdg-mime: Create config directory if it does not exist yet. Closes: #652038. xtrlock (2.8+deb10u1) buster; urgency=high . * CVE-2016-10894: Attempt to grab multitouch devices which are not intercepted via XGrabPointer. . xtrlock did not block multitouch events so an attacker could still input and thus control various programs such as Chromium, etc. via so-called "multitouch" events such as pan scrolling, "pinch and zoom", or even being able to provide regular mouse clicks by depressing the touchpad once and then clicking with a secondary finger. . This fix does not the situation where Eve plugs in a multitouch device *after* the screen has been locked. For more information on this angle, please see <https://bugs.debian.org/830726#115>. (Closes: #830726) xtrlock (2.8+deb9u1) stretch; urgency=high . * CVE-2016-10894: Attempt to grab multitouch devices which are not intercepted via XGrabPointer. . xtrlock did not block multitouch events so an attacker could still input and thus control various programs such as Chromium, etc. via so-called "multitouch" events such as pan scrolling, "pinch and zoom", or even being able to provide regular mouse clicks by depressing the touchpad once and then clicking with a secondary finger. . This fix does not the situation where Eve plugs in a multitouch device *after* the screen has been locked. For more information on this angle, please see <https://bugs.debian.org/830726#115>. (Closes: #830726) zfs-linux (0.7.12-2+deb10u2) buster; urgency=medium . * Cherry-pick two upstream patches to fix potential deadlock issues. + 01937958ce85b1cd8942dbaf9a3f9768c5b02a0a + 98bb45e27ae80145a6ce028df90fccdb23f8901d * Let zfs-dkms pre-depends on spl-dkms (>= 0.7.12-2+deb10u1). ====================================== Sat, 08 Feb 2020 - Debian 10.3 released ====================================== ========================================================================= [Date: Sat, 08 Feb 2020 09:57:11 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-6-all-amd64 | 4.19.67-2+deb10u2 | amd64 linux-headers-4.19.0-6-amd64 | 4.19.67-2+deb10u2 | amd64 linux-headers-4.19.0-6-cloud-amd64 | 4.19.67-2+deb10u2 | amd64 linux-headers-4.19.0-6-rt-amd64 | 4.19.67-2+deb10u2 | amd64 linux-headers-4.19.0-7-all-amd64 | 4.19.87-1 | amd64 linux-headers-4.19.0-7-amd64 | 4.19.87-1 | amd64 linux-headers-4.19.0-7-cloud-amd64 | 4.19.87-1 | amd64 linux-headers-4.19.0-7-rt-amd64 | 4.19.87-1 | amd64 linux-image-4.19.0-6-amd64-dbg | 4.19.67-2+deb10u2 | amd64 linux-image-4.19.0-6-amd64-unsigned | 4.19.67-2+deb10u2 | amd64 linux-image-4.19.0-6-cloud-amd64-dbg | 4.19.67-2+deb10u2 | amd64 linux-image-4.19.0-6-cloud-amd64-unsigned | 4.19.67-2+deb10u2 | amd64 linux-image-4.19.0-6-rt-amd64-dbg | 4.19.67-2+deb10u2 | amd64 linux-image-4.19.0-6-rt-amd64-unsigned | 4.19.67-2+deb10u2 | amd64 linux-image-4.19.0-7-amd64-dbg | 4.19.87-1 | amd64 linux-image-4.19.0-7-amd64-unsigned | 4.19.87-1 | amd64 linux-image-4.19.0-7-cloud-amd64-dbg | 4.19.87-1 | amd64 linux-image-4.19.0-7-cloud-amd64-unsigned | 4.19.87-1 | amd64 linux-image-4.19.0-7-rt-amd64-dbg | 4.19.87-1 | amd64 linux-image-4.19.0-7-rt-amd64-unsigned | 4.19.87-1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 09:57:58 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-6-all-mipsel | 4.19.67-2+deb10u2 | mipsel linux-headers-4.19.0-7-all-mipsel | 4.19.87-1 | mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:02:44 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el ata-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el btrfs-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el btrfs-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el cdrom-core-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el cdrom-core-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el compress-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el compress-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el crc-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el crc-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el crypto-dm-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el crypto-dm-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el crypto-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el crypto-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el event-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el event-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el ext4-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el ext4-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el fancontrol-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el fancontrol-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el fat-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el fat-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el fb-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el fb-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el firewire-core-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el firewire-core-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el fuse-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el fuse-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el hypervisor-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el hypervisor-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el i2c-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el i2c-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el input-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el input-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el isofs-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el isofs-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el jfs-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el jfs-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el kernel-image-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el kernel-image-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el linux-headers-4.19.0-6-all-ppc64el | 4.19.67-2+deb10u2 | ppc64el linux-headers-4.19.0-6-powerpc64le | 4.19.67-2+deb10u2 | ppc64el linux-headers-4.19.0-7-all-ppc64el | 4.19.87-1 | ppc64el linux-headers-4.19.0-7-powerpc64le | 4.19.87-1 | ppc64el linux-image-4.19.0-6-powerpc64le | 4.19.67-2+deb10u2 | ppc64el linux-image-4.19.0-6-powerpc64le-dbg | 4.19.67-2+deb10u2 | ppc64el linux-image-4.19.0-7-powerpc64le | 4.19.87-1 | ppc64el linux-image-4.19.0-7-powerpc64le-dbg | 4.19.87-1 | ppc64el loop-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el loop-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el md-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el md-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el mouse-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el mouse-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el mtd-core-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el mtd-core-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el multipath-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el multipath-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el nbd-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el nbd-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el nic-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el nic-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el nic-shared-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el nic-shared-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el nic-usb-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el nic-usb-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el nic-wireless-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el nic-wireless-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el ppp-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el ppp-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el sata-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el sata-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el scsi-core-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el scsi-core-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el scsi-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el scsi-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el scsi-nic-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el scsi-nic-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el serial-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el serial-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el squashfs-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el udf-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el uinput-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el uinput-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el usb-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el usb-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el usb-serial-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el usb-serial-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el usb-storage-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el usb-storage-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el xfs-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el xfs-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:03:04 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: btrfs-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x btrfs-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x cdrom-core-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x compress-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x compress-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x crc-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x crypto-dm-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x crypto-dm-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x crypto-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x dasd-extra-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x dasd-extra-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x dasd-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x ext4-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x ext4-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x fat-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x fat-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x fuse-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x isofs-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x isofs-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x kernel-image-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x linux-headers-4.19.0-6-all-s390x | 4.19.67-2+deb10u2 | s390x linux-headers-4.19.0-6-s390x | 4.19.67-2+deb10u2 | s390x linux-headers-4.19.0-7-all-s390x | 4.19.87-1 | s390x linux-headers-4.19.0-7-s390x | 4.19.87-1 | s390x linux-image-4.19.0-6-s390x | 4.19.67-2+deb10u2 | s390x linux-image-4.19.0-7-s390x | 4.19.87-1 | s390x linux-image-4.19.0-7-s390x-dbg | 4.19.87-1 | s390x loop-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x loop-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x md-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x mtd-core-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x mtd-core-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x multipath-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x nbd-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x nbd-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x nic-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x nic-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x scsi-core-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x scsi-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x scsi-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x udf-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x xfs-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x xfs-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x zlib-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x zlib-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:04:06 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-6-all | 4.19.67-2+deb10u2 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x linux-headers-4.19.0-7-all | 4.19.87-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:04:18 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-6-all-arm64 | 4.19.67-2+deb10u2 | arm64 linux-headers-4.19.0-6-arm64 | 4.19.67-2+deb10u2 | arm64 linux-headers-4.19.0-6-rt-arm64 | 4.19.67-2+deb10u2 | arm64 linux-headers-4.19.0-7-all-arm64 | 4.19.87-1 | arm64 linux-headers-4.19.0-7-arm64 | 4.19.87-1 | arm64 linux-headers-4.19.0-7-rt-arm64 | 4.19.87-1 | arm64 linux-image-4.19.0-6-arm64-dbg | 4.19.67-2+deb10u2 | arm64 linux-image-4.19.0-6-arm64-unsigned | 4.19.67-2+deb10u2 | arm64 linux-image-4.19.0-6-rt-arm64-dbg | 4.19.67-2+deb10u2 | arm64 linux-image-4.19.0-6-rt-arm64-unsigned | 4.19.67-2+deb10u2 | arm64 linux-image-4.19.0-7-arm64-dbg | 4.19.87-1 | arm64 linux-image-4.19.0-7-arm64-unsigned | 4.19.87-1 | arm64 linux-image-4.19.0-7-rt-arm64-dbg | 4.19.87-1 | arm64 linux-image-4.19.0-7-rt-arm64-unsigned | 4.19.87-1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:05:47 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: btrfs-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel cdrom-core-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel cdrom-core-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel compress-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel compress-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel crc-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel crypto-dm-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel crypto-dm-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel crypto-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel event-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel event-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel ext4-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel fat-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel fat-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel fb-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel fb-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel fuse-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel input-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel input-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel ipv6-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel isofs-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel isofs-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel jffs2-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel jfs-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel jfs-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel kernel-image-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel kernel-image-4.19.0-7-marvell-di | 4.19.87-1 | armel leds-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel linux-headers-4.19.0-6-all-armel | 4.19.67-2+deb10u2 | armel linux-headers-4.19.0-6-marvell | 4.19.67-2+deb10u2 | armel linux-headers-4.19.0-6-rpi | 4.19.67-2+deb10u2 | armel linux-headers-4.19.0-7-marvell | 4.19.87-1 | armel linux-headers-4.19.0-7-rpi | 4.19.87-1 | armel linux-image-4.19.0-6-marvell | 4.19.67-2+deb10u2 | armel linux-image-4.19.0-6-marvell-dbg | 4.19.67-2+deb10u2 | armel linux-image-4.19.0-6-rpi-dbg | 4.19.67-2+deb10u2 | armel linux-image-4.19.0-7-marvell | 4.19.87-1 | armel linux-image-4.19.0-7-marvell-dbg | 4.19.87-1 | armel linux-image-4.19.0-7-rpi | 4.19.87-1 | armel linux-image-4.19.0-7-rpi-dbg | 4.19.87-1 | armel loop-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel loop-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel md-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel md-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel minix-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel mmc-core-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel mmc-core-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel mmc-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel mouse-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel mouse-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel mtd-core-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel mtd-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel mtd-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel multipath-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel multipath-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel nbd-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel nic-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel nic-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel nic-shared-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel nic-usb-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel nic-usb-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel ppp-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel sata-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel sata-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel scsi-core-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel squashfs-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel squashfs-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel udf-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel udf-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel uinput-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel uinput-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel usb-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel usb-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel usb-serial-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel usb-serial-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel usb-storage-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel usb-storage-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel zlib-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel zlib-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:06:44 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf ata-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf btrfs-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf btrfs-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf cdrom-core-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf cdrom-core-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf compress-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf compress-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf crc-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf crc-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf crypto-dm-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf crypto-dm-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf crypto-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf crypto-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf efi-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf efi-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf event-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf event-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf ext4-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf ext4-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf fat-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf fat-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf fb-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf fb-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf fuse-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf fuse-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf i2c-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf i2c-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf input-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf input-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf isofs-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf isofs-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf jfs-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf jfs-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf kernel-image-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf kernel-image-4.19.0-7-armmp-di | 4.19.87-1 | armhf leds-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf leds-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf linux-headers-4.19.0-6-all-armhf | 4.19.67-2+deb10u2 | armhf linux-headers-4.19.0-6-armmp | 4.19.67-2+deb10u2 | armhf linux-headers-4.19.0-6-armmp-lpae | 4.19.67-2+deb10u2 | armhf linux-headers-4.19.0-6-rt-armmp | 4.19.67-2+deb10u2 | armhf linux-headers-4.19.0-7-all-armhf | 4.19.87-1 | armhf linux-headers-4.19.0-7-armmp | 4.19.87-1 | armhf linux-headers-4.19.0-7-armmp-lpae | 4.19.87-1 | armhf linux-headers-4.19.0-7-rt-armmp | 4.19.87-1 | armhf linux-image-4.19.0-6-armmp | 4.19.67-2+deb10u2 | armhf linux-image-4.19.0-6-armmp-dbg | 4.19.67-2+deb10u2 | armhf linux-image-4.19.0-6-armmp-lpae | 4.19.67-2+deb10u2 | armhf linux-image-4.19.0-6-armmp-lpae-dbg | 4.19.67-2+deb10u2 | armhf linux-image-4.19.0-6-rt-armmp | 4.19.67-2+deb10u2 | armhf linux-image-4.19.0-6-rt-armmp-dbg | 4.19.67-2+deb10u2 | armhf linux-image-4.19.0-7-armmp | 4.19.87-1 | armhf linux-image-4.19.0-7-armmp-dbg | 4.19.87-1 | armhf linux-image-4.19.0-7-armmp-lpae | 4.19.87-1 | armhf linux-image-4.19.0-7-armmp-lpae-dbg | 4.19.87-1 | armhf linux-image-4.19.0-7-rt-armmp | 4.19.87-1 | armhf linux-image-4.19.0-7-rt-armmp-dbg | 4.19.87-1 | armhf loop-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf loop-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf md-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf md-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf mmc-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf mmc-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf mtd-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf mtd-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf multipath-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf multipath-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf nbd-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf nbd-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf nic-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf nic-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf nic-shared-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf nic-shared-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf nic-usb-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf nic-usb-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf nic-wireless-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf nic-wireless-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf pata-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf pata-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf ppp-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf ppp-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf sata-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf sata-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf scsi-core-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf scsi-core-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf scsi-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf scsi-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf scsi-nic-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf scsi-nic-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf squashfs-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf squashfs-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf udf-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf udf-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf uinput-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf uinput-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf usb-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf usb-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf usb-serial-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf usb-serial-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf usb-storage-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf usb-storage-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf zlib-modules-4.19.0-6-armmp-di | 4.19.67-2+deb10u2 | armhf zlib-modules-4.19.0-7-armmp-di | 4.19.87-1 | armhf ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:07:13 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-6-686 | 4.19.67-2+deb10u2 | i386 linux-headers-4.19.0-6-686-pae | 4.19.67-2+deb10u2 | i386 linux-headers-4.19.0-6-all-i386 | 4.19.67-2+deb10u2 | i386 linux-headers-4.19.0-6-rt-686-pae | 4.19.67-2+deb10u2 | i386 linux-headers-4.19.0-7-686 | 4.19.87-1 | i386 linux-headers-4.19.0-7-686-pae | 4.19.87-1 | i386 linux-headers-4.19.0-7-all-i386 | 4.19.87-1 | i386 linux-headers-4.19.0-7-rt-686-pae | 4.19.87-1 | i386 linux-image-4.19.0-6-686-dbg | 4.19.67-2+deb10u2 | i386 linux-image-4.19.0-6-686-pae-dbg | 4.19.67-2+deb10u2 | i386 linux-image-4.19.0-6-686-pae-unsigned | 4.19.67-2+deb10u2 | i386 linux-image-4.19.0-6-686-unsigned | 4.19.67-2+deb10u2 | i386 linux-image-4.19.0-6-rt-686-pae-dbg | 4.19.67-2+deb10u2 | i386 linux-image-4.19.0-6-rt-686-pae-unsigned | 4.19.67-2+deb10u2 | i386 linux-image-4.19.0-7-686-dbg | 4.19.87-1 | i386 linux-image-4.19.0-7-686-pae-dbg | 4.19.87-1 | i386 linux-image-4.19.0-7-686-pae-unsigned | 4.19.87-1 | i386 linux-image-4.19.0-7-686-unsigned | 4.19.87-1 | i386 linux-image-4.19.0-7-rt-686-pae-dbg | 4.19.87-1 | i386 linux-image-4.19.0-7-rt-686-pae-unsigned | 4.19.87-1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:07:41 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel affs-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel btrfs-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel btrfs-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel cdrom-core-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel cdrom-core-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel compress-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel compress-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel crc-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel crc-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel crypto-dm-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel crypto-dm-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel crypto-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel crypto-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel event-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel event-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel ext4-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel ext4-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel fat-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel fat-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel fuse-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel fuse-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel hfs-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel hfs-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel input-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel input-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel isofs-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel isofs-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel jfs-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel jfs-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel kernel-image-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel kernel-image-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel linux-headers-4.19.0-6-5kc-malta | 4.19.67-2+deb10u2 | mips, mips64el, mipsel linux-headers-4.19.0-6-octeon | 4.19.67-2+deb10u2 | mips, mips64el, mipsel linux-image-4.19.0-6-5kc-malta | 4.19.67-2+deb10u2 | mips, mips64el, mipsel linux-image-4.19.0-6-5kc-malta-dbg | 4.19.67-2+deb10u2 | mips, mips64el, mipsel linux-image-4.19.0-6-octeon | 4.19.67-2+deb10u2 | mips, mips64el, mipsel linux-image-4.19.0-6-octeon-dbg | 4.19.67-2+deb10u2 | mips, mips64el, mipsel linux-image-4.19.0-7-5kc-malta | 4.19.87-1 | mips, mips64el, mipsel linux-image-4.19.0-7-5kc-malta-dbg | 4.19.87-1 | mips, mips64el, mipsel linux-image-4.19.0-7-octeon | 4.19.87-1 | mips, mips64el, mipsel linux-image-4.19.0-7-octeon-dbg | 4.19.87-1 | mips, mips64el, mipsel loop-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel loop-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel md-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel md-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel minix-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel minix-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel multipath-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel multipath-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel nbd-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel nbd-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel nic-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel nic-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel nic-shared-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel nic-shared-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel nic-usb-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel nic-usb-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel nic-wireless-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel nic-wireless-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel pata-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel pata-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel ppp-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel ppp-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel rtc-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel rtc-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel sata-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel sata-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel scsi-core-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel scsi-core-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel scsi-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel scsi-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel scsi-nic-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel scsi-nic-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel sound-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel sound-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel squashfs-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel squashfs-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel udf-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel udf-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel usb-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel usb-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel usb-serial-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel usb-serial-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel usb-storage-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel usb-storage-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel xfs-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel xfs-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel zlib-modules-4.19.0-6-octeon-di | 4.19.67-2+deb10u2 | mips, mips64el, mipsel zlib-modules-4.19.0-7-octeon-di | 4.19.87-1 | mips, mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:07:59 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel affs-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel ata-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel ata-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel btrfs-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel btrfs-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel cdrom-core-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel cdrom-core-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel compress-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel compress-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel crc-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel crc-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel crypto-dm-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel crypto-dm-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel crypto-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel crypto-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel event-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel event-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel ext4-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel ext4-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel fat-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel fat-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel fb-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel fb-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel fuse-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel fuse-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel hfs-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel hfs-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel i2c-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel i2c-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel input-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel input-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel isofs-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel isofs-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel jfs-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel jfs-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel kernel-image-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel kernel-image-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel linux-headers-4.19.0-6-4kc-malta | 4.19.67-2+deb10u2 | mips, mipsel linux-headers-4.19.0-7-4kc-malta | 4.19.87-1 | mips, mipsel linux-image-4.19.0-6-4kc-malta | 4.19.67-2+deb10u2 | mips, mipsel linux-image-4.19.0-6-4kc-malta-dbg | 4.19.67-2+deb10u2 | mips, mipsel linux-image-4.19.0-7-4kc-malta | 4.19.87-1 | mips, mipsel linux-image-4.19.0-7-4kc-malta-dbg | 4.19.87-1 | mips, mipsel loop-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel loop-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel md-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel md-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel minix-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel minix-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel mmc-core-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel mmc-core-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel mmc-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel mmc-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel mtd-core-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel mtd-core-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel multipath-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel multipath-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel nbd-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel nbd-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel nic-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel nic-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel nic-shared-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel nic-shared-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel nic-usb-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel nic-usb-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel nic-wireless-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel nic-wireless-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel pata-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel pata-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel ppp-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel ppp-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel sata-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel sata-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel scsi-core-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel scsi-core-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel scsi-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel scsi-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel scsi-nic-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel scsi-nic-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel sound-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel sound-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel squashfs-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel squashfs-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel udf-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel udf-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel usb-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel usb-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel usb-serial-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel usb-serial-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel usb-storage-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel usb-storage-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel xfs-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel xfs-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel zlib-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips, mipsel zlib-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:09:11 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el affs-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el ata-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el ata-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el btrfs-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el btrfs-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el cdrom-core-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el cdrom-core-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el compress-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el compress-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el crc-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el crc-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el crypto-dm-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el crypto-dm-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el crypto-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el crypto-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el event-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el event-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el ext4-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el ext4-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el fat-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el fat-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el fb-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el fb-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el fuse-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el fuse-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el hfs-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el hfs-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el i2c-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el i2c-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el input-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el input-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el isofs-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el isofs-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el jfs-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el jfs-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el kernel-image-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el kernel-image-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el linux-headers-4.19.0-6-all-mips64el | 4.19.67-2+deb10u2 | mips64el linux-headers-4.19.0-7-all-mips64el | 4.19.87-1 | mips64el loop-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el loop-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el md-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el md-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el minix-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el minix-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el mmc-core-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el mmc-core-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el mmc-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el mmc-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el mouse-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el mouse-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el mtd-core-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el mtd-core-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el multipath-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el multipath-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el nbd-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el nbd-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el nic-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el nic-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el nic-shared-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el nic-shared-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el nic-usb-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el nic-usb-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el nic-wireless-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el nic-wireless-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el pata-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el pata-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el ppp-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el ppp-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el sata-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el sata-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el scsi-core-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el scsi-core-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el scsi-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el scsi-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el scsi-nic-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el scsi-nic-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el sound-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el sound-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el squashfs-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el squashfs-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el udf-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el usb-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el usb-serial-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el usb-serial-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el usb-storage-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el usb-storage-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el xfs-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el xfs-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el zlib-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el zlib-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:10:10 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel affs-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel ata-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel ata-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel btrfs-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel btrfs-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel cdrom-core-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel cdrom-core-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel compress-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel compress-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel crc-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel crc-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel crypto-dm-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel crypto-dm-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel crypto-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel crypto-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel event-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel event-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel ext4-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel ext4-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel fat-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel fat-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel fb-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel fb-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel firewire-core-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel firewire-core-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel fuse-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel hfs-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel input-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel input-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel isofs-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel isofs-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel jfs-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel jfs-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel kernel-image-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel kernel-image-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel linux-headers-4.19.0-6-loongson-3 | 4.19.67-2+deb10u2 | mips64el, mipsel linux-headers-4.19.0-7-loongson-3 | 4.19.87-1 | mips64el, mipsel linux-image-4.19.0-6-loongson-3 | 4.19.67-2+deb10u2 | mips64el, mipsel linux-image-4.19.0-6-loongson-3-dbg | 4.19.67-2+deb10u2 | mips64el, mipsel linux-image-4.19.0-7-loongson-3 | 4.19.87-1 | mips64el, mipsel linux-image-4.19.0-7-loongson-3-dbg | 4.19.87-1 | mips64el, mipsel loop-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel loop-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel md-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel md-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel minix-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel minix-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel mtd-core-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel mtd-core-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel multipath-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel multipath-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel nbd-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel nbd-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel nfs-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel nfs-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel nic-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel nic-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel nic-shared-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel nic-shared-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel nic-usb-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel nic-usb-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel nic-wireless-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel nic-wireless-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel pata-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel pata-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel ppp-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel ppp-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel sata-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel sata-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel scsi-core-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel scsi-core-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel scsi-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel scsi-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel scsi-nic-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel scsi-nic-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel sound-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel sound-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel speakup-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel speakup-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel squashfs-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel squashfs-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel udf-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel udf-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel usb-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel usb-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel usb-serial-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel usb-serial-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel usb-storage-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel usb-storage-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel xfs-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel xfs-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel zlib-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el, mipsel zlib-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:10:21 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: acpi-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 acpi-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 ata-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 ata-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 btrfs-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 btrfs-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 cdrom-core-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 cdrom-core-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 compress-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 compress-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 crc-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 crc-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 crypto-dm-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 crypto-dm-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 crypto-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 crypto-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 efi-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 efi-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 event-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 event-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 ext4-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 ext4-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 fat-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 fat-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 fb-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 fb-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 firewire-core-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 firewire-core-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 fuse-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 fuse-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 i2c-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 i2c-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 input-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 input-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 isofs-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 isofs-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 jfs-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 jfs-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 kernel-image-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 kernel-image-4.19.0-7-amd64-di | 4.19.87-1 | amd64 linux-image-4.19.0-6-amd64 | 4.19.67-2+deb10u2 | amd64 linux-image-4.19.0-6-cloud-amd64 | 4.19.67-2+deb10u2 | amd64 linux-image-4.19.0-6-rt-amd64 | 4.19.67-2+deb10u2 | amd64 linux-image-4.19.0-7-amd64 | 4.19.87-1 | amd64 linux-image-4.19.0-7-cloud-amd64 | 4.19.87-1 | amd64 linux-image-4.19.0-7-rt-amd64 | 4.19.87-1 | amd64 loop-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 loop-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 md-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 md-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 mmc-core-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 mmc-core-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 mmc-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 mmc-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 mouse-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 mouse-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 mtd-core-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 mtd-core-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 multipath-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 multipath-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 nbd-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 nbd-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 nic-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 nic-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 nic-pcmcia-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 nic-pcmcia-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 nic-shared-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 nic-shared-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 nic-usb-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 nic-usb-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 nic-wireless-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 nic-wireless-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 pata-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 pata-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 pcmcia-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 pcmcia-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 pcmcia-storage-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 pcmcia-storage-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 ppp-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 ppp-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 sata-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 sata-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 scsi-core-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 scsi-core-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 scsi-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 scsi-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 scsi-nic-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 scsi-nic-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 serial-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 serial-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 sound-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 sound-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 speakup-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 speakup-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 squashfs-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 squashfs-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 udf-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 udf-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 uinput-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 uinput-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 usb-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 usb-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 usb-storage-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 usb-storage-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 xfs-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 xfs-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-amd64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:11:08 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 ata-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 btrfs-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 btrfs-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 cdrom-core-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 cdrom-core-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 compress-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 compress-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 crc-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 crc-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 crypto-dm-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 crypto-dm-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 crypto-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 crypto-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 efi-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 event-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 ext4-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 ext4-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 fb-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 fb-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 fuse-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 fuse-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 i2c-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 i2c-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 input-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 input-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 isofs-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 isofs-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 jfs-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 jfs-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 kernel-image-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 kernel-image-4.19.0-7-arm64-di | 4.19.87-1 | arm64 leds-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 leds-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 linux-image-4.19.0-6-arm64 | 4.19.67-2+deb10u2 | arm64 linux-image-4.19.0-7-rt-arm64 | 4.19.87-1 | arm64 loop-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 loop-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 md-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 md-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 mtd-core-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 mtd-core-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 multipath-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 multipath-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 nbd-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 nbd-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 nic-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 nic-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 nic-shared-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 nic-shared-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 nic-usb-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 nic-usb-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 nic-wireless-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 nic-wireless-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 ppp-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 ppp-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 sata-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 sata-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 scsi-core-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 scsi-core-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 scsi-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 scsi-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 scsi-nic-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 scsi-nic-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 squashfs-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 squashfs-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 udf-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 udf-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 uinput-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 uinput-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 usb-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 usb-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 usb-serial-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 usb-serial-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 usb-storage-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 usb-storage-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 xfs-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 xfs-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-arm64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:11:56 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: acpi-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 acpi-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 acpi-modules-4.19.0-7-686-di | 4.19.87-1 | i386 acpi-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 ata-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 ata-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 btrfs-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 btrfs-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 btrfs-modules-4.19.0-7-686-di | 4.19.87-1 | i386 btrfs-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 cdrom-core-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 cdrom-core-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 cdrom-core-modules-4.19.0-7-686-di | 4.19.87-1 | i386 cdrom-core-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 compress-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 compress-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 compress-modules-4.19.0-7-686-di | 4.19.87-1 | i386 compress-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 crc-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 crc-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 crc-modules-4.19.0-7-686-di | 4.19.87-1 | i386 crc-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 crypto-dm-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 crypto-dm-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 crypto-dm-modules-4.19.0-7-686-di | 4.19.87-1 | i386 crypto-dm-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 crypto-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 crypto-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 crypto-modules-4.19.0-7-686-di | 4.19.87-1 | i386 crypto-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 efi-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 efi-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 efi-modules-4.19.0-7-686-di | 4.19.87-1 | i386 efi-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 event-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 event-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 event-modules-4.19.0-7-686-di | 4.19.87-1 | i386 event-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 ext4-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 ext4-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 ext4-modules-4.19.0-7-686-di | 4.19.87-1 | i386 ext4-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 fat-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 fat-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 fat-modules-4.19.0-7-686-di | 4.19.87-1 | i386 fat-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 fb-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 fb-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 fb-modules-4.19.0-7-686-di | 4.19.87-1 | i386 fb-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 firewire-core-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 firewire-core-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 fuse-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 fuse-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 fuse-modules-4.19.0-7-686-di | 4.19.87-1 | i386 fuse-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 i2c-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 i2c-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 i2c-modules-4.19.0-7-686-di | 4.19.87-1 | i386 i2c-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 input-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 input-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 input-modules-4.19.0-7-686-di | 4.19.87-1 | i386 input-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 isofs-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 isofs-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 isofs-modules-4.19.0-7-686-di | 4.19.87-1 | i386 isofs-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 jfs-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 jfs-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 jfs-modules-4.19.0-7-686-di | 4.19.87-1 | i386 jfs-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 kernel-image-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 kernel-image-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 kernel-image-4.19.0-7-686-di | 4.19.87-1 | i386 kernel-image-4.19.0-7-686-pae-di | 4.19.87-1 | i386 linux-image-4.19.0-6-686 | 4.19.67-2+deb10u2 | i386 linux-image-4.19.0-6-686-pae | 4.19.67-2+deb10u2 | i386 linux-image-4.19.0-6-rt-686-pae | 4.19.67-2+deb10u2 | i386 linux-image-4.19.0-7-686 | 4.19.87-1 | i386 linux-image-4.19.0-7-686-pae | 4.19.87-1 | i386 linux-image-4.19.0-7-rt-686-pae | 4.19.87-1 | i386 loop-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 loop-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 loop-modules-4.19.0-7-686-di | 4.19.87-1 | i386 loop-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 md-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 md-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 md-modules-4.19.0-7-686-di | 4.19.87-1 | i386 md-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 mmc-core-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 mmc-core-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 mmc-core-modules-4.19.0-7-686-di | 4.19.87-1 | i386 mmc-core-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 mmc-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 mmc-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 mmc-modules-4.19.0-7-686-di | 4.19.87-1 | i386 mmc-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 mouse-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 mouse-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 mouse-modules-4.19.0-7-686-di | 4.19.87-1 | i386 mouse-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 mtd-core-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 mtd-core-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 mtd-core-modules-4.19.0-7-686-di | 4.19.87-1 | i386 mtd-core-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 multipath-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 multipath-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 multipath-modules-4.19.0-7-686-di | 4.19.87-1 | i386 multipath-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 nbd-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 nbd-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 nbd-modules-4.19.0-7-686-di | 4.19.87-1 | i386 nbd-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 nic-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 nic-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 nic-modules-4.19.0-7-686-di | 4.19.87-1 | i386 nic-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 nic-pcmcia-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 nic-pcmcia-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 nic-pcmcia-modules-4.19.0-7-686-di | 4.19.87-1 | i386 nic-pcmcia-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 nic-shared-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 nic-shared-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 nic-shared-modules-4.19.0-7-686-di | 4.19.87-1 | i386 nic-shared-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 nic-usb-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 nic-usb-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 nic-usb-modules-4.19.0-7-686-di | 4.19.87-1 | i386 nic-usb-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 nic-wireless-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 nic-wireless-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 nic-wireless-modules-4.19.0-7-686-di | 4.19.87-1 | i386 nic-wireless-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 pata-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 pata-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 pata-modules-4.19.0-7-686-di | 4.19.87-1 | i386 pata-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 pcmcia-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 pcmcia-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 pcmcia-modules-4.19.0-7-686-di | 4.19.87-1 | i386 pcmcia-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 pcmcia-storage-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 pcmcia-storage-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 pcmcia-storage-modules-4.19.0-7-686-di | 4.19.87-1 | i386 pcmcia-storage-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 ppp-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 ppp-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 ppp-modules-4.19.0-7-686-di | 4.19.87-1 | i386 ppp-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 sata-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 sata-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 sata-modules-4.19.0-7-686-di | 4.19.87-1 | i386 sata-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 scsi-core-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 scsi-core-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 scsi-core-modules-4.19.0-7-686-di | 4.19.87-1 | i386 scsi-core-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 scsi-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 scsi-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 scsi-modules-4.19.0-7-686-di | 4.19.87-1 | i386 scsi-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 scsi-nic-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 scsi-nic-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 scsi-nic-modules-4.19.0-7-686-di | 4.19.87-1 | i386 scsi-nic-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 serial-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 serial-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 serial-modules-4.19.0-7-686-di | 4.19.87-1 | i386 serial-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 sound-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 sound-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 speakup-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 speakup-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 speakup-modules-4.19.0-7-686-di | 4.19.87-1 | i386 speakup-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 squashfs-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 squashfs-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 squashfs-modules-4.19.0-7-686-di | 4.19.87-1 | i386 squashfs-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 udf-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 udf-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 udf-modules-4.19.0-7-686-di | 4.19.87-1 | i386 udf-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 uinput-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 uinput-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 uinput-modules-4.19.0-7-686-di | 4.19.87-1 | i386 uinput-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 usb-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 usb-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 usb-modules-4.19.0-7-686-di | 4.19.87-1 | i386 usb-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 usb-serial-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 usb-serial-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 usb-serial-modules-4.19.0-7-686-di | 4.19.87-1 | i386 usb-serial-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 usb-storage-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 usb-storage-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 usb-storage-modules-4.19.0-7-686-di | 4.19.87-1 | i386 usb-storage-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 xfs-modules-4.19.0-6-686-di | 4.19.67-2+deb10u2 | i386 xfs-modules-4.19.0-6-686-pae-di | 4.19.67-2+deb10u2 | i386 xfs-modules-4.19.0-7-686-di | 4.19.87-1 | i386 xfs-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-i386) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:13:01 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-6-common | 4.19.67-2+deb10u2 | all linux-headers-4.19.0-6-common-rt | 4.19.67-2+deb10u2 | all linux-headers-4.19.0-7-common | 4.19.87-1 | all linux-headers-4.19.0-7-common-rt | 4.19.87-1 | all linux-support-4.19.0-6 | 4.19.67-2+deb10u2 | all linux-support-4.19.0-7 | 4.19.87-1 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:13:38 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-6-all-mips | 4.19.67-2+deb10u2 | mips linux-headers-4.19.0-7-5kc-malta | 4.19.87-1 | mips linux-headers-4.19.0-7-all-mips | 4.19.87-1 | mips linux-headers-4.19.0-7-octeon | 4.19.87-1 | mips mouse-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mips ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:14:28 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: fuse-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mipsel hfs-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mipsel linux-headers-4.19.0-7-5kc-malta | 4.19.87-1 | mipsel linux-headers-4.19.0-7-octeon | 4.19.87-1 | mipsel mouse-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mipsel mouse-modules-4.19.0-7-4kc-malta-di | 4.19.87-1 | mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:15:26 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: btrfs-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel crc-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel crypto-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel ext4-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel fuse-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel jffs2-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel leds-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel linux-headers-4.19.0-7-all-armel | 4.19.87-1 | armel linux-image-4.19.0-6-rpi | 4.19.67-2+deb10u2 | armel minix-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel mmc-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel mtd-core-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel nbd-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel nic-shared-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel ppp-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel scsi-core-modules-4.19.0-7-marvell-di | 4.19.87-1 | armel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:18:52 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: cdrom-core-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x crc-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x crypto-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x dasd-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x fuse-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x kernel-image-4.19.0-7-s390x-di | 4.19.87-1 | s390x linux-image-4.19.0-6-s390x-dbg | 4.19.67-2+deb10u2 | s390x md-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x multipath-modules-4.19.0-7-s390x-di | 4.19.87-1 | s390x scsi-core-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x udf-modules-4.19.0-6-s390x-di | 4.19.67-2+deb10u2 | s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:19:04 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: mouse-modules-4.19.0-6-4kc-malta-di | 4.19.67-2+deb10u2 | mips ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:19:11 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: fuse-modules-4.19.0-7-loongson-3-di | 4.19.87-1 | mips64el hfs-modules-4.19.0-6-loongson-3-di | 4.19.67-2+deb10u2 | mips64el linux-headers-4.19.0-7-5kc-malta | 4.19.87-1 | mips64el linux-headers-4.19.0-7-octeon | 4.19.87-1 | mips64el udf-modules-4.19.0-7-5kc-malta-di | 4.19.87-1 | mips64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:19:54 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: squashfs-modules-4.19.0-7-powerpc64le-di | 4.19.87-1 | ppc64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:20:19 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: udf-modules-4.19.0-6-powerpc64le-di | 4.19.67-2+deb10u2 | ppc64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:20:29 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ipv6-modules-4.19.0-6-marvell-di | 4.19.67-2+deb10u2 | armel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:20:40 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: usb-serial-modules-4.19.0-6-amd64-di | 4.19.67-2+deb10u2 | amd64 usb-serial-modules-4.19.0-7-amd64-di | 4.19.87-1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-amd64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:20:58 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: efi-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 event-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 fat-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 fat-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 linux-image-4.19.0-6-rt-arm64 | 4.19.67-2+deb10u2 | arm64 linux-image-4.19.0-7-arm64 | 4.19.87-1 | arm64 mmc-modules-4.19.0-6-arm64-di | 4.19.67-2+deb10u2 | arm64 mmc-modules-4.19.0-7-arm64-di | 4.19.87-1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-arm64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:21:09 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-7-686-di | 4.19.87-1 | i386 ata-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 firewire-core-modules-4.19.0-7-686-di | 4.19.87-1 | i386 firewire-core-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 sound-modules-4.19.0-7-686-di | 4.19.87-1 | i386 sound-modules-4.19.0-7-686-pae-di | 4.19.87-1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-i386) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:21:56 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: usb-modules-4.19.0-6-5kc-malta-di | 4.19.67-2+deb10u2 | mips64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 10:24:40 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: calendar-google-provider | 1:60.9.0-1~deb10u1 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by thunderbird - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 09:41:16 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: firetray | 0.6.1+dfsg-1.2 | source xul-ext-firetray | 0.6.1+dfsg-1.2 | all Closed bugs: 946124 ------------------- Reason ------------------- ROM; Orphaned and dead upstream, not needed any more ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 09:42:01 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: python-lamson | 1.0pre11-1.3 | source, all Closed bugs: 948446 ------------------- Reason ------------------- RoQA; broken since python-daemon 2.0.5-1 ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 09:42:33 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: caml-crush-clients | 1.0.8-1+b1 | armel caml-crush-server | 1.0.8-1+b1 | armel Closed bugs: 948795 ------------------- Reason ------------------- RoQA; B-D ocaml-native-compilers n/a on armel ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 09:42:54 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: koji | 1.16.2-1 | source koji-client | 1.16.2-1 | all koji-common | 1.16.2-1 | all koji-servers | 1.16.2-1 | all Closed bugs: 950084 ------------------- Reason ------------------- RoM / RoST; security issues ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 09:43:40 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: libradare2-3.2 | 3.2.1+dfsg-5 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x libradare2-common | 3.2.1+dfsg-5 | all libradare2-dev | 3.2.1+dfsg-5 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x radare2 | 3.2.1+dfsg-5 | source, amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x Closed bugs: 950691 ------------------- Reason ------------------- RoST; security issues; upstream do not offer stable support ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 08 Feb 2020 09:44:02 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: radare2-cutter | 1.7.4-2 | source, amd64, arm64, armhf, i386, mipsel Closed bugs: 950692 ------------------- Reason ------------------- RoST; depends on to-be-removed radare2 ---------------------------------------------- ========================================================================= alot (0.8.1-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. . [ Jordan Justen ] * d/patches: Cherry pick upstream 3446dc44f87d. Closes: #930057 atril (1.20.3-1+deb10u1) buster; urgency=medium . [ Martin Wimpress ] * debian/patches: + Add 0001_prevent_no_doc_segfault.patch. Prevent segfaults when no document is loaded. + Add 0002_CVE-2019-1010006.patch. Fix buffer overflow. (CVE-2019-1010006) . [ Mike Gabriel ] * debian/patches: + Add CVE-2019-11459.patch. tiff: Handle failure from TIFFReadRGBAImageOriented. (Closes: #927821). + Rebase 0001_prevent_no_doc_segfault.patch. base-files (10.3+deb10u3) buster; urgency=medium . * Change /etc/debian_version to 10.3, for Debian 10.3 point release. beagle (5.0-180928+dfsg-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. . [ Daniel Baumann ] * Provide wrapper script instead of symlinks to JARs Closes: #940611 bgpdump (1.6.0-1+deb10u1) buster; urgency=medium . * Don't pass the full LDFLAGS set to bgpdump creation. Closes: #945881 boost1.67 (1.67.0-13+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Patch undefined behaviour leading to crashing libboost-numpy (closes: #945987). brightd (0.4.1-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. . [ Andrej Shadura ] * Actually compare the value read out of /sys/class/power_supply/AC/online with '0' (Closes: #934140) cacti (1.2.2+ds1-2+deb10u2) buster-security; urgency=medium . * Non-maintainer upload by the Security Team. * Acknowledgements to Paul Gevers! * CVE-2019-17358: insufficient validation of form input leading to unsafe unserialization operations and memory corruption (Closes: #947375). * CVE-2019-17357: SQL injection vulnerability in graphs.php (Closes: #947374). * CVE-2019-16723: Authentication bypass allows unprivileged users to view all graphs (Closes: #941036). casacore-data-jplde (2007.07.05+ds.1-0+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Include tables up to 2040 in the upstream tarball. Closes: #949219 chromium (79.0.3945.130-1~deb10u1) buster-security; urgency=medium . * New upstream security release. - CVE-2020-6377: Use after free in audio. Reported by Zhe Jin - CVE-2020-6378: Use-after-free in speech recognizer. Reported by Antti Levomäki and Christian Jalio - CVE-2020-6379: Use-after-free in speech recognizer. Reported by Guang Gong - CVE-2020-6380: Extension message verification error. Reported by Sergei Glazunov - CVE-2019-13725: Use after free in Bluetooth. Reported by Gengming Liu and Jianyu Chen - CVE-2019-13726: Heap buffer overflow in password manager. Reported by Sergei Glazunov - CVE-2019-13727: Insufficient policy enforcement in WebSockets. Reported by @piochu - CVE-2019-13728: Out of bounds write in V8. Reported by Rong Jian and Guang Gong - CVE-2019-13729: Use after free in WebSockets. Reported by Zhe Jin - CVE-2019-13730: Type Confusion in V8. Reported by Soyeon Park and Wen Xu - CVE-2019-13732: Use after free in WebAudio. Reported by Sergei Glazunov - CVE-2019-13734: Out of bounds write in SQLite. Reported by Wenxiang Qian - CVE-2019-13735: Out of bounds write in V8. Reported by Gengming Liu and Zhen Feng - CVE-2019-13764: Type Confusion in V8. Reported by Soyeon Park and Wen Xu - CVE-2019-13736: Integer overflow in PDFium. Reported by Anonymous - CVE-2019-13737: Insufficient policy enforcement in autocomplete. Reported by Mark Amery - CVE-2019-13738: Insufficient policy enforcement in navigation. Reported by Johnathan Norman and Daniel Clark - CVE-2019-13739: Incorrect security UI in Omnibox. Reported by xisigr - CVE-2019-13740: Incorrect security UI. Reported by Khalil Zhani - CVE-2019-13741: Insufficient validation of untrusted input in Blink. Reported by Michał Bentkowski - CVE-2019-13742: Incorrect security UI in Omnibox. Reported by Khalil Zhani - CVE-2019-13743: Incorrect security UI in external protocol handling. Reported by Zhiyang Zeng - CVE-2019-13744: Insufficient policy enforcement in cookies. Reported by Prakash - CVE-2019-13745: Insufficient policy enforcement in audio. Reported by Luan Herrera - CVE-2019-13746: Insufficient policy enforcement in Omnibox. Reported by David Erceg - CVE-2019-13747: Uninitialized Use in rendering. Reported by Ivan Popelyshev and André Bonatti - CVE-2019-13748: Insufficient policy enforcement in developer tools. Reported by David Erceg - CVE-2019-13749: Incorrect security UI in Omnibox. Reported by Khalil Zhani - CVE-2019-13750: Insufficient data validation in SQLite. Reported by Wenxiang Qian - CVE-2019-13751: Uninitialized Use in SQLite. Reported by Wenxiang Qian - CVE-2019-13752: Out of bounds read in SQLite. Reported by Wenxiang Qian - CVE-2019-13753: Out of bounds read in SQLite. Reported by Wenxiang Qian - CVE-2019-13754: Insufficient policy enforcement in extensions. Reported by Cody Crews - CVE-2019-13755: Insufficient policy enforcement in extensions. Reported by Masato Kinugawa - CVE-2019-13756: Incorrect security UI in printing. Reported by Khalil Zhani - CVE-2019-13757: Incorrect security UI in Omnibox. Reported by Khalil Zhani - CVE-2019-13758: Insufficient policy enforcement in navigation. Reported by Khalil Zhani - CVE-2019-13759: Incorrect security UI. Reported by Wenxu Wu - CVE-2019-13761: Incorrect security UI in Omnibox. Reported by Khalil Zhani - CVE-2019-13762: Insufficient policy enforcement in downloads. Reported by csanuragjain - CVE-2019-13763: Insufficient policy enforcement in payments. Reported by weiwangpp93 - CVE-2019-13767: Use after free in media picker. Reported by Sergei Glazunov chromium (79.0.3945.79-1) unstable; urgency=medium . * New upstream stable release. chromium (79.0.3945.56-1) experimental; urgency=medium . * New upstream beta release. * Update standards version to 4.4.1. * Ignore the gpu blacklist by default again. chromium (78.0.3904.108-1) unstable; urgency=medium . * New upstream security release. - CVE-2019-13723: Use-after-free in Bluetooth. Reported by Yuxiang Li - CVE-2019-13724: Out-of-bounds in Bluetooth. Reported by Yuxiang Li * Disable vaapi on armhf (closes: #944627). chromium (78.0.3904.108-1~deb10u1) buster-security; urgency=medium . * New upstream security release. - CVE-2019-13723: Use-after-free in Bluetooth. Reported by Yuxiang Li - CVE-2019-13724: Out-of-bounds in Bluetooth. Reported by Yuxiang Li chromium (78.0.3904.97-1) unstable; urgency=medium . * New upstream security release. * Enable vaapi (closes: #940074). * Fix crash during profile manager shutdown. * Drop libglewmx-dev build dependency (closes: #941050). clamav (0.102.1+dfsg-0+deb10u2) buster; urgency=medium . * clamav-daemon: Correct error from ScanOnAccess option removal so that setting LogFile options via DebConf works again (Closes: #950296) . clamav (0.102.1+dfsg-0+deb10u1) buster; urgency=medium . * Import 0.102.1 (Closes: #945265) - CVE-2019-15961 (A Denial-of-Service as a result of excessively long scan times). - Let freshclam show progress during download (Closes: #690789). * Update symbol file. * Add libfreshclam to the libclamav9 package. * Add the clamonacc binary to the clamav-daemon package. * Drop ScanOnAccess option. The clamonacc provides this functionality. clamav (0.102.1+dfsg-0+deb10u1) buster; urgency=medium . * Import 0.102.1 (Closes: #945265) - CVE-2019-15961 (A Denial-of-Service as a result of excessively long scan times). - Let freshclam show progress during download (Closes: #690789). * Update symbol file. * Add libfreshclam to the libclamav9 package. * Add the clamonacc binary to the clamav-daemon package. * Drop ScanOnAccess option. The clamonacc provides this functionality. clamav (0.102.1+dfsg-0+deb9u2) stretch; urgency=medium . * clamav-daemon: Correct error from ScanOnAccess option removal so that setting LogFile options via DebConf works again (Closes: #950296) . clamav (0.102.1+dfsg-0+deb9u1) stretch; urgency=medium . * Import 0.102.1 (Closes: #945265) - CVE-2019-15961 (A Denial-of-Service as a result of excessively long scan times). - Let freshclam show progress during download (Closes: #690789). * Update symbol file. * Add libfreshclam to the libclamav9 package. * Add the clamonacc binary to the clamav-daemon package. * Drop ScanOnAccess option. The clamonacc provides this functionality. clamav (0.102.1+dfsg-0+deb9u1) stretch; urgency=medium . * Import 0.102.1 (Closes: #945265) - CVE-2019-15961 (A Denial-of-Service as a result of excessively long scan times). - Let freshclam show progress during download (Closes: #690789). * Update symbol file. * Add libfreshclam to the libclamav9 package. * Add the clamonacc binary to the clamav-daemon package. * Drop ScanOnAccess option. The clamonacc provides this functionality. clamav (0.101.4+dfsg-1) unstable; urgency=medium . * Import 0.101.4 - CVE-2019-12625 (Add scan time limit to limit the processing zip-bombs) (Closes:934359) - CVE-2019-12900 (An out of bounds write was possible within ClamAV's NSIS bzip) - update symbols file (bump to 101.4 and drop unused cli_strnstr). compactheader (3.0.0~beta5-2~deb10u1) buster; urgency=medium . * Rebuild for Buster * [cdab1c4] d/gbp.conf: adjsut to debian/buster compactheader (3.0.0~beta5-1) unstable; urgency=medium . * [89f1683] d/control: adding versioned B-D on mozilla-devscripts Using mozilla-devscripts need to be based on some recent version. * [3503e4b] debhelper: use debhelper-compat in B-D Moving over to debhelper-compat version 12, reducing the maintenance of used files. * [e3ef1f4] d/control: bump Standards-Version to 4.4.1 No further changes needed. * [e1787a9] d/control: move Homepage info over to GitHub The upstream project lives basically more on GitHub than on the old mozdev website. * [8944c9d] d/gbp.conf: exclude some more VCS files The upstream source can include some old Mercurial VCS controlling files which are useless fur us, exclude them while importing the source. * [8b0d586] New upstream version 3.0.0~beta5 The AddOn is now full web-extension based. (Closes: #944021) * [ca0fad3] Remove patch queue The one patch we have used within the patch queue isn't needed any more. * [f6a6dca] d/control: remove B-D on mozilla-devscripts For now drop the usage of any helper from mozilla-devscripts as it brings no gain or advantage. The dh sequencers are enough to build the package. * [c578353] d/control: add new package webext-compactheader The source of the package is now web-extension based only, no old transitional xul stuff is included. So make this visible by moving the main binary package over to webext-* syntax. * [d12d2a1] d/rules: adjust package install Clean up all non needed xul-* helpers, makes the mostly needed target reduced to the quite the minimum. * [37b1cd3] d/copyright: update file content Update to data reflecting the year 2019. * [4ed4c79] webext-compactheader: adding install sequencer file * [77cf260] webext-compactheader: adding linking sequencer file * [aebb2f8] d/control: no root rights needed for package build * [7c1da48] d/control: adding dependency on TB >= 68.0 * [b9a01cf] Remove install of outdated file upstream-changelog The previously installed upstream changelog file isn't really helpful and outdated. We can drop it simply. console-common (0.7.90+deb10u1) buster; urgency=medium . * Non-maintainer upload. . [ Alastair McKinstry ] * Patch from Patrick Cernko for regression that dropped files. Closes: #935096 csh (20110502-4+deb10u1) buster; urgency=medium . * Non-maintainer upload. . [ Alastair McKinstry ] * Fix for segfault on eval. Patch thanks to Keith Thompson, Graham Inggs. Closes: #933057 cups (2.2.10-6+deb10u2) buster; urgency=medium . * Backport upstream security fixes: - Fix memory leak in ppdOpen (Closes: #946941) - CVE-2019-2228: The `ippSetValuetag` function did not validate the default language value (Closes: #946782) cyrus-imapd (3.0.8-6+deb10u4) buster; urgency=medium . * Add BACKUP type to cyrus-upgrade-db (Closes: #930764) cyrus-imapd (3.0.8-6+deb10u3) buster-security; urgency=medium . * Add patch to avoid mailbox creation as administrator (Closes: #CVE-2019-19783) cyrus-sasl2 (2.1.27+dfsg-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Off-by-one in _sasl_add_string function (CVE-2019-19906) (Closes: #947043) davical (1.1.8-1+deb10u1) buster-security; urgency=high . * Fix three cross-site scripting and cross-site request forgery vulnerabilities in the web administration front-end: CVE-2019-18345 CVE-2019-18346 CVE-2019-18347 (closes: #946343) debian-edu-config (2.10.65+deb10u4) buster; urgency=medium . [ Dominik George ] * Keep proxy settings on client if wpad is unreachable (Closes: #941001). debian-edu-config (2.10.65+deb10u3) buster-security; urgency=high . * Security fix for CVE-2019-3467 . [ Wolfgang Schweer ] * share/debian-edu-config/tools/kerberos-kdc-init: - Set proper rights for users in kadm5.acl file. (Closes: #946797) * Adjust debian/debian-edu-config.postinst to fix kadm5.acl upon upgrades. . [ Holger Levsen ] * Improve debian/debian-edu-config.postinst fix to only run once on upgrades. . [ Dominik George ] * Add NEWS to warn administrators with possible local changes. debian-installer (20190702+deb10u3) buster; urgency=medium . [ Steve McIntyre ] * Tweak mini.iso generation on arm so EFI netboot will work. . [ Cyril Brulebois ] * Update USE_UDEBS_FROM default from unstable to buster; debian/rules uses heuristics to set the right value anyway, but that should help users perform local builds without having to know about those heuristics. Thanks to Carsten Schoenert for the report. * Bump Linux ABI to 4.19.0-8. debian-installer-netboot-images (20190702+deb10u3) buster; urgency=medium . * Update to 20190702+deb10u3, from buster-proposed-updates. debian-lan-config (0.25+deb10u1) buster-security; urgency=high . * Fix kadmin access rules. * Add NEWS file. debian-security-support (2019.12.12~deb10u1) buster; urgency=medium . * Re-uploaded for buster. debian-security-support (2019.12.12~deb9u2) stretch-security; urgency=medium . * Rebuild for stretch-security. * Use debian/compat and depends on debhelper to support building on stretch. debian-security-support (2019.11.16) unstable; urgency=medium . * Add chromium to security-support-ended.deb9. * d/rules: update to NEXT_VERSION_ID=11. debian-security-support (2019.11.15) unstable; urgency=medium . * Team upload. * Add libqb to security-support-ended.deb8. debian-security-support (2019.11.01) unstable; urgency=medium . * Remove nodejs from security-support-limited as it is supported since the Buster release. Closes: #931376. * Add empty security-support-ended.deb11 file. * check-support-status.in: set DEB_NEXT_VER_ID=11. debian-security-support (2019.10.31) unstable; urgency=medium . * Mark nodejs only suitable for trusted content. Closes: #931376. * Add nasm-mozilla and nodejs-mozilla to security-support-ended.deb8 and security-support-ended.deb9 as they are only provided as build dependency for Firefox/Thunderbird >= 68. Closes: #943365. * Bump standards version to 4.4.1, no changes needed. dispmua (1.8.4.6-1~deb10u1) buster; urgency=medium . * Team upload. * Backport to Buster in order to make dispmua compatible with Thunderbird 68.x again. (Closes: #943584) dispmua (1.8.4.6-1~deb9u1) stretch; urgency=medium . * Team upload * Backport to Stretch in order to make dispmua compatible with Thunderbird 68.x again. (Closes: #943584) * Revert to compat level 10. dkimpy (0.9.6-0+deb10u1) buster; urgency=medium . * Update debian/watch to only see 0.9 versions for stable updates * Update debian/gbp.conf to use buster branches * New upstream bugfix releases: * 0.9.6 - Follow CNAMES when looking up key records when using DNS (pydns) (LP: #1856421) - Provide specialized error message when signing or verifying ed25519 signatures and pynacl is not installed (LP: #1854475) - Catch binascii related key format errors (LP: #1854477) * 0.9.5 - Ignore unknown service types in key records (LP: #1847020) - This is required by RFC 6376 and predecessors. It becomes important now that RFC 8460, which defines a new DKIM service type exists. This change is required to avoid processing tlsrpt keys like regular email keys, which is incorrect, they have different requirements. * 0.9.4 - Add LICENSE to MANIFEST.in so it is included in the tarball (LP: #1845318) * 0.9.3 - Fix linesep setting in arcsign script (LP: #1838262) (Thanks to Gowtham Gopalakrishnan for the report and the patch) - Fix default canonicalization for DKIM signature verification to be simple/simple per RFC 6376 (LP: #1839299) (Thanks to Cyril Nicodème for the report and a suggested fix) * 0.9.2 - Fix the arcsign script so it works with the current API (Note: the new srv_id option is the authserv_id to use in the ARC signatures - Only AR fields with an authserv-id that matches srv_id will be considered for ARC signing) - Fix cv=none processing for initial signature in chain - Add additional text documenting use of srv_id for ARC signing to docstrings and man 1 arcsign (LP: #1808301) - Use same line seperator for output as input in dkimsign/arcsign (LP: #1808686) - Refactor canonicalization.py strip_trailing_lines to avoid using re for more consistent processing across python versions (Thanks to Jonathan Bastien-Filiatrault for the change) - Refactor header folding for more consistent results, including reduced stray whitespace (Also Jonathan Bastien-Filiatrault) - Don't log message headers and body unless explicitely requested. This should also reduce memory usage on large messages. (Jonathan Bastien-Filiatrault) - Clarify the crlf does not count towards line length in fold - Adjust fold maxlen to one shorter for lines after the first, since they already have a leading space (LP: #1823008) dkimpy (0.9.5-1) unstable; urgency=medium . * New upstream release * Bump standards-version to 4.4.1 without further change dkimpy (0.9.4-1) unstable; urgency=medium . * New upstream release * Update public upstream key to be minimal dkimpy (0.9.3-1) unstable; urgency=medium . [ Ondřej Nový ] * Use debhelper-compat instead of debian/compat. . [ Scott Kitterman ] * New upstream release * Update debian/copyright dkimpy (0.9.2-1) unstable; urgency=medium . * New upstream release * Drop Python 2 support (no rdepends) * Bump standards-version to 4.4.0 without further change dkimpy-milter (1.0.3-1) buster; urgency=medium . * New upstream release: * Fix priviledge managment at startup so Unix sockets work: Milter: Move drop_privileges before Milter.runmilter and delete own_socketfile so that the milter interface runs as the correct user without race conditions about changing ownership of the socket file when it hasn't been created yet (When the milter is started, it will create the socket based on uMask, so we don't need to manually change it) * Improve error log messages to aid troublshooting dpdk (18.11.5-1~deb10u1) buster; urgency=medium . * Merge tag 'debian/18.11.5-1' into buster. * Drop CVE-2019-14818 patches, merged upstream. . dpdk (18.11.5-1) unstable; urgency=medium . * New upstream version 18.11.5; For a list of changes see http://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html * Refresh 0004-build-bump-minimum-Meson-version-to-0.47.1.patch to remove fuzz from 18.11.5 . dpdk (18.11.4-1) unstable; urgency=high . * Merge stable update to 18.11.4; For a list of changes see http://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html * Fixes CVE-2019-14818 * Refresh 0004-build-bump-minimum-Meson-version-to-0.47.1.patch to remove fuzz from 18.11.4 . dpdk (18.11.3-1) unstable; urgency=medium . * Merge stable update to 18.11.3; For a list of changes see http://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html#id2 - refresh d/p/0004-build-bump-minimum-Meson-version-to-0.47.1.patch - refresh d/p/avoid-as-needed-as-it-causes-overlinking.patch - d/dpdk-dev.install: dpdk-test is now properly in usr/bin - d/librte-security18.11.symbols: mark some symbols that now properly are experimental as such (none is gone) - among other things it fixes a dkms build issue with kernel 5.4 (LP: #1848585) . dpdk (18.11.2-4) unstable; urgency=medium . * d/p/avoid-as-needed-as-it-causes-overlinking.patch: fix overlinking in software using the dpdk pkg-config (LP: #1841759) . dpdk (18.11.2-3) unstable; urgency=medium . * Note branch in Vcs-Git. * Bump Standards-Version to 4.4.0. * Fix distribution in dpdk-dev.NEWS. Fixes LW: debian-news-entry-has-strange-distribution dpdk (18.11.4-1) unstable; urgency=high . * Merge stable update to 18.11.4; For a list of changes see http://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html * Fixes CVE-2019-14818 * Refresh 0004-build-bump-minimum-Meson-version-to-0.47.1.patch to remove fuzz from 18.11.4 dpdk (18.11.3-1) unstable; urgency=medium . * Merge stable update to 18.11.3; For a list of changes see http://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html#id2 - refresh d/p/0004-build-bump-minimum-Meson-version-to-0.47.1.patch - refresh d/p/avoid-as-needed-as-it-causes-overlinking.patch - d/dpdk-dev.install: dpdk-test is now properly in usr/bin - d/librte-security18.11.symbols: mark some symbols that now properly are experimental as such (none is gone) - among other things it fixes a dkms build issue with kernel 5.4 (LP: #1848585) dpdk (18.11.2-4) unstable; urgency=medium . * d/p/avoid-as-needed-as-it-causes-overlinking.patch: fix overlinking in software using the dpdk pkg-config (LP: #1841759) dpdk (18.11.2-3) unstable; urgency=medium . * Note branch in Vcs-Git. * Bump Standards-Version to 4.4.0. * Fix distribution in dpdk-dev.NEWS. Fixes LW: debian-news-entry-has-strange-distribution dpdk (18.11.2-2+deb10u2) buster-security; urgency=high . * Backport patches to fix CVE-2019-14818. A denial of service security issue has been found in the Vhost PMD. e2fsprogs (1.44.5-1+deb10u3) buster; urgency=medium . * Fix CVE-2019-5188: potential stack underflow in e2fsck (Closes: #948508) * Fix use after free in e2fsck (Closes: #948517) enigmail (2:2.1.3+ds1-4~deb10u2) buster-security; urgency=medium . * Upload to buster-security after discussing with the security team (closes: #945014) . enigmail (2:2.1.3+ds1-4~deb10u1) buster; urgency=medium . * Upload to debian stable to keep it installable now that Thunderbird 68 is in stable (Closes: #945014) . enigmail (2:2.1.3+ds1-4) unstable; urgency=medium . * convert to python3 * convert unit tests to python3 as well * wrap-and-sort -ast . enigmail (2:2.1.3+ds1-3) unstable; urgency=medium . * d/tests: permit stderr on tbird-sqlite . enigmail (2:2.1.3+ds1-2) unstable; urgency=medium . * Address autopkgtest failures (Closes: #944216) . enigmail (2:2.1.3+ds1-1) unstable; urgency=medium . * new upstream version (closes: #933832) * prepare to exclude more pieces of OpenPGP.js from upstream * upstream renamed the openpgp.worker javascript file * standards-version: bump to 4.4.1 (no changes needed) * drop mozilla-devscripts due to lack of install.rdf * strip out config.guess and config.sub when importing orig tarballs * refresh patches * strip even more OpenPGP.js when building * build in build-tb/ instead of build/ * d/copyright: drop unnecessary stanzas * enigmail 2.1.3 needs thunderbird 68 * d/run-tests: adapt to enigmail 2.1 test practices * use thunderbird --headless and rely on main.js to identify jsunit test * Avoid testing dependency on X11 for sqlite * ensure that we see some output when testing. * JSUnit is provided globally if jsunit 0.2.2 is installed * make unit test run without xvfb * always use system config.{guess,sub} * whittle down errors in the test suite . enigmail (2:2.0.12+ds1-1) unstable; urgency=medium . * new upstream release * refresh patches, dropping those already upstream * Standards-Version: bump to 4.4.0 (no changes needed) * move to debhelper 12 . enigmail (2:2.0.11+ds1-2) unstable; urgency=medium . * minimize legacy-display protected headers for encrypted mails . enigmail (2:2.0.11+ds1-1) unstable; urgency=medium . * new upstream release * refresh patches * use the older import-show with --dry-run instead of show-only enigmail (2:2.1.3+ds1-3+exp2) experimental; urgency=medium . * convert unit tests to python3 as well * try adding unit tests back to debian build process * wrap-and-sort -ast enigmail (2:2.1.3+ds1-3+exp1) experimental; urgency=medium . * move to debian/experimental * convert packaging to python3 (Closes: #936482) enigmail (2:2.1.3+ds1-3) unstable; urgency=medium . * d/tests: permit stderr on tbird-sqlite enigmail (2:2.1.3+ds1-2) unstable; urgency=medium . * Address autopkgtest failures (Closes: #944216) enigmail (2:2.1.3+ds1-1) unstable; urgency=medium . * new upstream version (closes: #933832) * prepare to exclude more pieces of OpenPGP.js from upstream * upstream renamed the openpgp.worker javascript file * standards-version: bump to 4.4.1 (no changes needed) * drop mozilla-devscripts due to lack of install.rdf * strip out config.guess and config.sub when importing orig tarballs * refresh patches * strip even more OpenPGP.js when building * build in build-tb/ instead of build/ * d/copyright: drop unnecessary stanzas * enigmail 2.1.3 needs thunderbird 68 * d/run-tests: adapt to enigmail 2.1 test practices * use thunderbird --headless and rely on main.js to identify jsunit test * Avoid testing dependency on X11 for sqlite * ensure that we see some output when testing. * JSUnit is provided globally if jsunit 0.2.2 is installed * make unit test run without xvfb * always use system config.{guess,sub} * whittle down errors in the test suite enigmail (2:2.0.12+ds1-1) unstable; urgency=medium . * new upstream release * refresh patches, dropping those already upstream * Standards-Version: bump to 4.4.0 (no changes needed) * move to debhelper 12 fig2dev (1:3.2.7a-5+deb10u3) buster; urgency=medium . * 42_CVE-2019-19746: Reject huge arrow types causing integer overflow. This fixes CVE-2019-19746 (Closes: #946628). * 43_fgets2getline: Replace most calls to fgets() by getline() in read.c. This fixes CVE-2019-19797 and several other segfaults (Closes: #946866). fig2dev (1:3.2.7a-5+deb10u2) buster; urgency=medium . * 41_CVE-2019-19555: Allow Fig v2 text strings ending with multiple ^A. This fixes CVE-2019-19555 (Closes: #946176). firefox-esr (68.4.1esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fix for mfsa2020-03, also known as CVE-2019-17026. firefox-esr (68.4.1esr-1~deb9u1) stretch-security; urgency=medium . * New upstream release. * Fix for mfsa2020-03, also known as CVE-2019-17026. firefox-esr (68.4.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2020-02, also known as: CVE-2019-17015, CVE-2019-17016, CVE-2019-17017, CVE-2019-17021, CVE-2019-17022, CVE-2019-17024. . * debian/rules: Don't build with --compress-debug-sections on jessie. * debian/rules: Use sourcestamp.txt for MOZ_BUILD_DATE. Closes: #946193. . * sourcestamp.txt: Fill with the missing info. * intl/icu_sources_data.py: Don't build ICU in parallel. * gfx/skia/skia/third_party/skcms/src/Transform_inl.h: Work around older GCC ICEs on arm. (Thanks Emilio Pozuelo Monfort) firefox-esr (68.4.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2020-02, also known as: CVE-2019-17015, CVE-2019-17016, CVE-2019-17017, CVE-2019-17021, CVE-2019-17022, CVE-2019-17024. . * debian/rules: Don't build with --compress-debug-sections on jessie. * debian/rules: Use sourcestamp.txt for MOZ_BUILD_DATE. Closes: #946193. . * sourcestamp.txt: Fill with the missing info. * intl/icu_sources_data.py: Don't build ICU in parallel. * gfx/skia/skia/third_party/skcms/src/Transform_inl.h: Work around older GCC ICEs on arm. (Thanks Emilio Pozuelo Monfort) firefox-esr (68.4.0esr-1~deb9u1) stretch-security; urgency=medium . * New upstream release. * Fixes for mfsa2020-02, also known as: CVE-2019-17015, CVE-2019-17016, CVE-2019-17017, CVE-2019-17021, CVE-2019-17022, CVE-2019-17024. . * debian/rules: Don't build with --compress-debug-sections on jessie. * debian/rules: Use sourcestamp.txt for MOZ_BUILD_DATE. Closes: #946193. . * sourcestamp.txt: Fill with the missing info. firefox-esr (68.3.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2019-37, also known as: CVE-2019-17008, CVE-2019-11745, CVE-2019-17010, CVE-2019-17005, CVE-2019-17011, CVE-2019-17012. . * debian/control*: Bump nss build dependencies. * debian/rules, debian/control.in: - Build with nodejs-mozilla on jessie and stretch. - Build with nasm-mozilla on jessie and stretch. - Don't build with system libvpx on stretch. (Thanks Emilio Pozuelo Monfort) firefox-esr (68.3.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2019-37, also known as: CVE-2019-17008, CVE-2019-11745, CVE-2019-17010, CVE-2019-17005, CVE-2019-17011, CVE-2019-17012. . * debian/control*: Bump nss build dependencies. * debian/rules, debian/control.in: - Build with nodejs-mozilla on jessie and stretch. - Build with nasm-mozilla on jessie and stretch. - Don't build with system libvpx on stretch. (Thanks Emilio Pozuelo Monfort) firefox-esr (68.3.0esr-1~deb9u1) stretch-security; urgency=medium . * New upstream release. * Fixes for mfsa2019-37, also known as: CVE-2019-17008, CVE-2019-11745, CVE-2019-17010, CVE-2019-17005, CVE-2019-17011, CVE-2019-17012. . * debian/control.in: Bump nss build dependencies. * intl/icu_sources_data.py: - Revert change from 68.2.0esr-1~deb9u2. - Don't build ICU in parallel. * gfx/skia/skia/third_party/skcms/src/Transform_inl.h: Work around GCC ICEs on arm. (Thanks Emilio Pozuelo Monfort) firefox-esr (68.2.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2019-33, also known as: CVE-2019-15903, CVE-2019-11757, CVE-2019-11758, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764. freeimage (3.18.0+ds2-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2019-12213: stack exhaustion caused by unwanted recursion in ReadThumbnail (Closes: #929597). * CVE-2019-12211: heap buffer overflow caused by invalid memcpy in PluginTIFF. freerdp2 (2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u1) buster; urgency=medium . * debian/patches: + Add 0001_CVE-2019-17177.patch. Fix realloc return handling. (CVE-2019-17177). freetds (1.00.104-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * tds: Make sure UDT has varint set to 8 (CVE-2019-13508) (Closes: #944012) ghostscript (9.27~dfsg-2+deb10u3) buster-security; urgency=high . * remove .forceput from /.charkeys (CVE-2019-14869) git (1:2.20.1-2+deb10u1) buster-security; urgency=high . * new upstream point release (see RelNotes/2.20.2.txt). * Addresses the security issues CVE-2019-1348, CVE-2019-1349, CVE-2019-1350, CVE-2019-1351, CVE-2019-1352, CVE-2019-1353, CVE-2019-1354, and CVE-2019-1387. . Credit for finding these vulnerabilities goes to Microsoft Security Response Center, in particular to Nicolas Joly. Fixes were provided by Jeff King and Johannes Schindelin with help from Garima Singh. . * Addresses CVE-2019-19604, arbitrary code execution via the "update" field in .gitmodules. . Credit for finding this vulnerability goes to Joern Schneeweisz from GitLab. git-lfs (2.7.1-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. . [ Stephen Gelman ] * Backport a fix from upstream that fixes FTBFS under Go 1.12.8, 1.11.13 (aka 1.11.6-1+deb10u1) (Closes: #940485) gnubg (1.06.002-1+deb10u1) buster; urgency=medium . [ Russ Allbery ] * Increase the size of static buffers used to build messages during program start so that the Spanish translation doesn't overflow a buffer. (Closes: #932351) gnutls28 (3.6.7-4+deb10u2) buster; urgency=medium . * Fix parsing of certificates using RegisteredID Closes: #949293 gnutls28 (3.6.7-4+deb10u1) buster; urgency=medium . * 42_rel3.6.10_01-gnutls_epoch_set_keys-do-not-forbid-random-padding.patch from 3.6.10: Fix interop problems with gnutls 2.x. Closes: #933538 (Thanks, Hanno Stock!) gtk2-engines-murrine (0.98.2-2+deb10u1) buster; urgency=medium . * debian/control: + Downgrade from R to S (gtk2-engine-themes): murrine-themes. (Closes: #838994). guile-2.2 (2.2.4+1-2+deb10u1) buster; urgency=medium . * Switch to dh_missing and ignore guile-X.Y for binary-indep. Thanks to Santiago Vila for reporting the problem. (Closes: 930774) haproxy (1.8.19-1+deb10u1) buster-security; urgency=high . * Apply two patches around HTTP/2 header validation allowing an attacker to use a CRLF inside an HTTP header. Fix CVE-2019-19330. intel-microcode (3.20191115.2~deb10u1) buster-security; urgency=high . * Rebuild for buster-security (no changes) * Refer to DSA-4565-2 for details. . intel-microcode (3.20191115.2) unstable; urgency=medium . * Microcode rollbacks (closes: #946515, LP#1854764): sig 0x00050654, pf_mask 0xb7, 2019-07-31, rev 0x2000064, size 33792 * Avoids hangs on warm reboots (cold boots work fine) on HEDT and Xeon processors with signature 0x50654. https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/21 . intel-microcode (3.20191115.1) unstable; urgency=high . * New upstream microcode datafile 20191115 + Updated Microcodes: sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376 sig 0x000506e3, pf_mask 0x36, 2019-10-03, rev 0x00d6, size 101376 sig 0x000806e9, pf_mask 0x10, 2019-10-15, rev 0x00ca, size 100352 sig 0x000806e9, pf_mask 0xc0, 2019-09-26, rev 0x00ca, size 100352 sig 0x000806ea, pf_mask 0xc0, 2019-10-03, rev 0x00ca, size 100352 sig 0x000806eb, pf_mask 0xd0, 2019-10-03, rev 0x00ca, size 100352 sig 0x000806ec, pf_mask 0x94, 2019-10-03, rev 0x00ca, size 100352 sig 0x000906e9, pf_mask 0x2a, 2019-10-03, rev 0x00ca, size 100352 sig 0x000906ea, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 99328 sig 0x000906eb, pf_mask 0x02, 2019-10-03, rev 0x00ca, size 100352 sig 0x000906ec, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 99328 sig 0x000906ed, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 100352 sig 0x000a0660, pf_mask 0x80, 2019-10-03, rev 0x00ca, size 91136 . intel-microcode (3.20191113.1~deb10u1) buster-security; urgency=high . * Rebuild for buster-security (no changes) * Refer to DSA-4565-2 for details. . intel-microcode (3.20191113.1) unstable; urgency=high . * New upstream microcode datafile 20191113 + SECURITY UPDATE, refer to the 3.20191112.1 changelog entry for details Adds microcode update for CFL-S (Coffe Lake Desktop) INTEL-SA-00270, CVE-2019-11135, CVE-2019-0117 + Updated Microcodes (previously removed): sig 0x000906ec, pf_mask 0x22, 2019-08-14, rev 0x00c6, size 99328 intel-microcode (3.20191115.2~deb9u1) stretch-security; urgency=high . * Rebuild for stretch-security (no changes) * Refer to DSA-4565-2 for details. . intel-microcode (3.20191115.2) unstable; urgency=medium . * Microcode rollbacks (closes: #946515, LP#1854764): sig 0x00050654, pf_mask 0xb7, 2019-07-31, rev 0x2000064, size 33792 * Avoids hangs on warm reboots (cold boots work fine) on HEDT and Xeon processors with signature 0x50654. https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/21 . intel-microcode (3.20191115.1) unstable; urgency=high . * New upstream microcode datafile 20191115 + Updated Microcodes: sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376 sig 0x000506e3, pf_mask 0x36, 2019-10-03, rev 0x00d6, size 101376 sig 0x000806e9, pf_mask 0x10, 2019-10-15, rev 0x00ca, size 100352 sig 0x000806e9, pf_mask 0xc0, 2019-09-26, rev 0x00ca, size 100352 sig 0x000806ea, pf_mask 0xc0, 2019-10-03, rev 0x00ca, size 100352 sig 0x000806eb, pf_mask 0xd0, 2019-10-03, rev 0x00ca, size 100352 sig 0x000806ec, pf_mask 0x94, 2019-10-03, rev 0x00ca, size 100352 sig 0x000906e9, pf_mask 0x2a, 2019-10-03, rev 0x00ca, size 100352 sig 0x000906ea, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 99328 sig 0x000906eb, pf_mask 0x02, 2019-10-03, rev 0x00ca, size 100352 sig 0x000906ec, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 99328 sig 0x000906ed, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 100352 sig 0x000a0660, pf_mask 0x80, 2019-10-03, rev 0x00ca, size 91136 . intel-microcode (3.20191113.1~deb9u1) stretch-security; urgency=high . * Rebuild for stretch-security (no changes) * Refer to DSA-4565-2 for details. . intel-microcode (3.20191113.1) unstable; urgency=high . * New upstream microcode datafile 20191113 + SECURITY UPDATE, refer to the 3.20191112.1 changelog entry for details Adds microcode update for CFL-S (Coffe Lake Desktop) INTEL-SA-00270, CVE-2019-11135, CVE-2019-0117 + Updated Microcodes (previously removed): sig 0x000906ec, pf_mask 0x22, 2019-08-14, rev 0x00c6, size 99328 intel-microcode (3.20191115.1) unstable; urgency=high . * New upstream microcode datafile 20191115 + Updated Microcodes: sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376 sig 0x000506e3, pf_mask 0x36, 2019-10-03, rev 0x00d6, size 101376 sig 0x000806e9, pf_mask 0x10, 2019-10-15, rev 0x00ca, size 100352 sig 0x000806e9, pf_mask 0xc0, 2019-09-26, rev 0x00ca, size 100352 sig 0x000806ea, pf_mask 0xc0, 2019-10-03, rev 0x00ca, size 100352 sig 0x000806eb, pf_mask 0xd0, 2019-10-03, rev 0x00ca, size 100352 sig 0x000806ec, pf_mask 0x94, 2019-10-03, rev 0x00ca, size 100352 sig 0x000906e9, pf_mask 0x2a, 2019-10-03, rev 0x00ca, size 100352 sig 0x000906ea, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 99328 sig 0x000906eb, pf_mask 0x02, 2019-10-03, rev 0x00ca, size 100352 sig 0x000906ec, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 99328 sig 0x000906ed, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 100352 sig 0x000a0660, pf_mask 0x80, 2019-10-03, rev 0x00ca, size 91136 intel-microcode (3.20191115.1~deb10u1) buster-security; urgency=high . * Rebuild for buster-security (no changes) * Refer to DSA-4565-2 for details. . intel-microcode (3.20191115.1) unstable; urgency=high . * New upstream microcode datafile 20191115 + Updated Microcodes: sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376 sig 0x000506e3, pf_mask 0x36, 2019-10-03, rev 0x00d6, size 101376 sig 0x000806e9, pf_mask 0x10, 2019-10-15, rev 0x00ca, size 100352 sig 0x000806e9, pf_mask 0xc0, 2019-09-26, rev 0x00ca, size 100352 sig 0x000806ea, pf_mask 0xc0, 2019-10-03, rev 0x00ca, size 100352 sig 0x000806eb, pf_mask 0xd0, 2019-10-03, rev 0x00ca, size 100352 sig 0x000806ec, pf_mask 0x94, 2019-10-03, rev 0x00ca, size 100352 sig 0x000906e9, pf_mask 0x2a, 2019-10-03, rev 0x00ca, size 100352 sig 0x000906ea, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 99328 sig 0x000906eb, pf_mask 0x02, 2019-10-03, rev 0x00ca, size 100352 sig 0x000906ec, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 99328 sig 0x000906ed, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 100352 sig 0x000a0660, pf_mask 0x80, 2019-10-03, rev 0x00ca, size 91136 . intel-microcode (3.20191113.1~deb10u1) buster-security; urgency=high . * Rebuild for buster-security (no changes) * Refer to DSA-4565-2 for details. . intel-microcode (3.20191113.1) unstable; urgency=high . * New upstream microcode datafile 20191113 + SECURITY UPDATE, refer to the 3.20191112.1 changelog entry for details Adds microcode update for CFL-S (Coffe Lake Desktop) INTEL-SA-00270, CVE-2019-11135, CVE-2019-0117 + Updated Microcodes (previously removed): sig 0x000906ec, pf_mask 0x22, 2019-08-14, rev 0x00c6, size 99328 intel-microcode (3.20191115.1~deb9u1) stretch-security; urgency=high . * Rebuild for stretch-security (no changes) * Refer to DSA-4565-2 for details. . intel-microcode (3.20191115.1) unstable; urgency=high . * New upstream microcode datafile 20191115 + Updated Microcodes: sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376 sig 0x000506e3, pf_mask 0x36, 2019-10-03, rev 0x00d6, size 101376 sig 0x000806e9, pf_mask 0x10, 2019-10-15, rev 0x00ca, size 100352 sig 0x000806e9, pf_mask 0xc0, 2019-09-26, rev 0x00ca, size 100352 sig 0x000806ea, pf_mask 0xc0, 2019-10-03, rev 0x00ca, size 100352 sig 0x000806eb, pf_mask 0xd0, 2019-10-03, rev 0x00ca, size 100352 sig 0x000806ec, pf_mask 0x94, 2019-10-03, rev 0x00ca, size 100352 sig 0x000906e9, pf_mask 0x2a, 2019-10-03, rev 0x00ca, size 100352 sig 0x000906ea, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 99328 sig 0x000906eb, pf_mask 0x02, 2019-10-03, rev 0x00ca, size 100352 sig 0x000906ec, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 99328 sig 0x000906ed, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 100352 sig 0x000a0660, pf_mask 0x80, 2019-10-03, rev 0x00ca, size 91136 . intel-microcode (3.20191113.1~deb9u1) stretch-security; urgency=high . * Rebuild for stretch-security (no changes) * Refer to DSA-4565-2 for details. . intel-microcode (3.20191113.1) unstable; urgency=high . * New upstream microcode datafile 20191113 + SECURITY UPDATE, refer to the 3.20191112.1 changelog entry for details Adds microcode update for CFL-S (Coffe Lake Desktop) INTEL-SA-00270, CVE-2019-11135, CVE-2019-0117 + Updated Microcodes (previously removed): sig 0x000906ec, pf_mask 0x22, 2019-08-14, rev 0x00c6, size 99328 intel-microcode (3.20191113.1) unstable; urgency=high . * New upstream microcode datafile 20191113 + SECURITY UPDATE, refer to the 3.20191112.1 changelog entry for details Adds microcode update for CFL-S (Coffe Lake Desktop) INTEL-SA-00270, CVE-2019-11135, CVE-2019-0117 + Updated Microcodes (previously removed): sig 0x000906ec, pf_mask 0x22, 2019-08-14, rev 0x00c6, size 99328 intel-microcode (3.20191112.1) unstable; urgency=medium . * New upstream microcode datafile 20191112 + SECURITY UPDATE - Implements MDS mitigation (TSX TAA), INTEL-SA-00270, CVE-2019-11135 - Implements TA Indirect Sharing mitigation, and improves the MDS mitigation (VERW) - Fixes FIVR (Xeon Voltage Modulation) vulnerability, INTEL-SA-00271, CVE-2019-11139 - Fixes SGX vulnerabilities and errata (including CVE-2019-0117) + CRITICAL ERRATA FIXES - Fixes Jcc conditional jump macro-fusion erratum (Skylake+, except Ice Lake), causes a 0-3% typical perforance hit (can be as bad as 10%). But ensures the processor will actually jump where it should, so don't even *dream* of not applying this fix. - Fixes AVX SHUF* instruction implementation flaw erratum + Removed Microcodes: sig 0x000906ec, pf_mask 0x22, 2019-02-14, rev 0x00ae, size 98304 + New Microcodes: sig 0x000406d8, pf_mask 0x01, 2019-09-16, rev 0x012d, size 84992 sig 0x00050656, pf_mask 0xbf, 2019-09-05, rev 0x400002c, size 51200 sig 0x00060663, pf_mask 0x80, 2018-04-17, rev 0x002a, size 87040 sig 0x000706a8, pf_mask 0x01, 2019-08-29, rev 0x0016, size 74752 sig 0x000706e5, pf_mask 0x80, 2019-09-05, rev 0x0046, size 102400 sig 0x000a0660, pf_mask 0x80, 2019-08-27, rev 0x00c6, size 91136 + Updated Microcodes: sig 0x000406e3, pf_mask 0xc0, 2019-08-14, rev 0x00d4, size 101376 sig 0x00050654, pf_mask 0xb7, 2019-09-05, rev 0x2000065, size 34816 sig 0x00050657, pf_mask 0xbf, 2019-09-05, rev 0x500002c, size 51200 sig 0x000506e3, pf_mask 0x36, 2019-08-14, rev 0x00d4, size 101376 sig 0x000706a1, pf_mask 0x01, 2019-08-28, rev 0x0032, size 73728 sig 0x000806e9, pf_mask 0x10, 2019-08-14, rev 0x00c6, size 99328 sig 0x000806e9, pf_mask 0xc0, 2019-08-14, rev 0x00c6, size 100352 sig 0x000806ea, pf_mask 0xc0, 2019-08-14, rev 0x00c6, size 99328 sig 0x000806eb, pf_mask 0xd0, 2019-08-14, rev 0x00c6, size 100352 sig 0x000806ec, pf_mask 0x94, 2019-08-14, rev 0x00c6, size 100352 sig 0x000906e9, pf_mask 0x2a, 2019-08-14, rev 0x00c6, size 100352 sig 0x000906ea, pf_mask 0x22, 2019-08-14, rev 0x00c6, size 99328 sig 0x000906eb, pf_mask 0x02, 2019-08-14, rev 0x00c6, size 100352 sig 0x000906ed, pf_mask 0x22, 2019-08-14, rev 0x00c6, size 99328 + Updated Microcodes (previously removed): sig 0x00050653, pf_mask 0x97, 2019-09-09, rev 0x1000151, size 32768 intel-microcode (3.20191112.1~deb10u1) buster-security; urgency=high . * Rebuild for buster-security (no changes) * Refer to DSA-4565-1 for details. . intel-microcode (3.20191112.1) unstable; urgency=medium . * New upstream microcode datafile 20191112 + SECURITY UPDATE - Implements MDS mitigation (TSX TAA), INTEL-SA-00270, CVE-2019-11135 - Implements TA Indirect Sharing mitigation, and improves the MDS mitigation (VERW) - Fixes FIVR (Xeon Voltage Modulation) vulnerability, INTEL-SA-00271, CVE-2019-11139 - Fixes SGX vulnerabilities and errata (including CVE-2019-0117) + CRITICAL ERRATA FIXES - Fixes Jcc conditional jump macro-fusion erratum (Skylake+, except Ice Lake), causes a 0-3% typical perforance hit (can be as bad as 10%). But ensures the processor will actually jump where it should, so don't even *dream* of not applying this fix. - Fixes AVX SHUF* instruction implementation flaw erratum + Removed Microcodes: sig 0x000906ec, pf_mask 0x22, 2019-02-14, rev 0x00ae, size 98304 + New Microcodes: sig 0x000406d8, pf_mask 0x01, 2019-09-16, rev 0x012d, size 84992 sig 0x00050656, pf_mask 0xbf, 2019-09-05, rev 0x400002c, size 51200 sig 0x00060663, pf_mask 0x80, 2018-04-17, rev 0x002a, size 87040 sig 0x000706a8, pf_mask 0x01, 2019-08-29, rev 0x0016, size 74752 sig 0x000706e5, pf_mask 0x80, 2019-09-05, rev 0x0046, size 102400 sig 0x000a0660, pf_mask 0x80, 2019-08-27, rev 0x00c6, size 91136 + Updated Microcodes: sig 0x000406e3, pf_mask 0xc0, 2019-08-14, rev 0x00d4, size 101376 sig 0x00050654, pf_mask 0xb7, 2019-09-05, rev 0x2000065, size 34816 sig 0x00050657, pf_mask 0xbf, 2019-09-05, rev 0x500002c, size 51200 sig 0x000506e3, pf_mask 0x36, 2019-08-14, rev 0x00d4, size 101376 sig 0x000706a1, pf_mask 0x01, 2019-08-28, rev 0x0032, size 73728 sig 0x000806e9, pf_mask 0x10, 2019-08-14, rev 0x00c6, size 99328 sig 0x000806e9, pf_mask 0xc0, 2019-08-14, rev 0x00c6, size 100352 sig 0x000806ea, pf_mask 0xc0, 2019-08-14, rev 0x00c6, size 99328 sig 0x000806eb, pf_mask 0xd0, 2019-08-14, rev 0x00c6, size 100352 sig 0x000806ec, pf_mask 0x94, 2019-08-14, rev 0x00c6, size 100352 sig 0x000906e9, pf_mask 0x2a, 2019-08-14, rev 0x00c6, size 100352 sig 0x000906ea, pf_mask 0x22, 2019-08-14, rev 0x00c6, size 99328 sig 0x000906eb, pf_mask 0x02, 2019-08-14, rev 0x00c6, size 100352 sig 0x000906ed, pf_mask 0x22, 2019-08-14, rev 0x00c6, size 99328 + Updated Microcodes (previously removed): sig 0x00050653, pf_mask 0x97, 2019-09-09, rev 0x1000151, size 32768 . intel-microcode (3.20190918.1) unstable; urgency=medium . * New upstream microcode datafile 20190918 + SECURITY UPDATE *Might* contain mitigations for INTEL-SA-00247 (RAMBleed), given the set of processors being updated. + Updated Microcodes: sig 0x000306d4, pf_mask 0xc0, 2019-06-13, rev 0x002e, size 19456 sig 0x000306f4, pf_mask 0x80, 2019-06-17, rev 0x0016, size 18432 sig 0x00040671, pf_mask 0x22, 2019-06-13, rev 0x0021, size 14336 sig 0x000406f1, pf_mask 0xef, 2019-06-18, rev 0xb000038, size 30720 sig 0x00050654, pf_mask 0xb7, 2019-07-31, rev 0x2000064, size 33792 sig 0x00050657, pf_mask 0xbf, 2019-08-12, rev 0x500002b, size 51200 sig 0x00050662, pf_mask 0x10, 2019-06-17, rev 0x001c, size 32768 sig 0x00050663, pf_mask 0x10, 2019-06-17, rev 0x7000019, size 24576 sig 0x00050664, pf_mask 0x10, 2019-06-17, rev 0xf000017, size 24576 sig 0x00050665, pf_mask 0x10, 2019-06-17, rev 0xe00000f, size 19456 intel-microcode (3.20191112.1~deb9u1) stretch-security; urgency=high . * Rebuild for stretch-security (no changes) * Refer to DSA-4565-1 for details. . intel-microcode (3.20191112.1) unstable; urgency=medium . * New upstream microcode datafile 20191112 + SECURITY UPDATE - Implements MDS mitigation (TSX TAA), INTEL-SA-00270, CVE-2019-11135 - Implements TA Indirect Sharing mitigation, and improves the MDS mitigation (VERW) - Fixes FIVR (Xeon Voltage Modulation) vulnerability, INTEL-SA-00271, CVE-2019-11139 - Fixes SGX vulnerabilities and errata (including CVE-2019-0117) + CRITICAL ERRATA FIXES - Fixes Jcc conditional jump macro-fusion erratum (Skylake+, except Ice Lake), causes a 0-3% typical perforance hit (can be as bad as 10%). But ensures the processor will actually jump where it should, so don't even *dream* of not applying this fix. - Fixes AVX SHUF* instruction implementation flaw erratum + Removed Microcodes: sig 0x000906ec, pf_mask 0x22, 2019-02-14, rev 0x00ae, size 98304 + New Microcodes: sig 0x000406d8, pf_mask 0x01, 2019-09-16, rev 0x012d, size 84992 sig 0x00050656, pf_mask 0xbf, 2019-09-05, rev 0x400002c, size 51200 sig 0x00060663, pf_mask 0x80, 2018-04-17, rev 0x002a, size 87040 sig 0x000706a8, pf_mask 0x01, 2019-08-29, rev 0x0016, size 74752 sig 0x000706e5, pf_mask 0x80, 2019-09-05, rev 0x0046, size 102400 sig 0x000a0660, pf_mask 0x80, 2019-08-27, rev 0x00c6, size 91136 + Updated Microcodes: sig 0x000406e3, pf_mask 0xc0, 2019-08-14, rev 0x00d4, size 101376 sig 0x00050654, pf_mask 0xb7, 2019-09-05, rev 0x2000065, size 34816 sig 0x00050657, pf_mask 0xbf, 2019-09-05, rev 0x500002c, size 51200 sig 0x000506e3, pf_mask 0x36, 2019-08-14, rev 0x00d4, size 101376 sig 0x000706a1, pf_mask 0x01, 2019-08-28, rev 0x0032, size 73728 sig 0x000806e9, pf_mask 0x10, 2019-08-14, rev 0x00c6, size 99328 sig 0x000806e9, pf_mask 0xc0, 2019-08-14, rev 0x00c6, size 100352 sig 0x000806ea, pf_mask 0xc0, 2019-08-14, rev 0x00c6, size 99328 sig 0x000806eb, pf_mask 0xd0, 2019-08-14, rev 0x00c6, size 100352 sig 0x000806ec, pf_mask 0x94, 2019-08-14, rev 0x00c6, size 100352 sig 0x000906e9, pf_mask 0x2a, 2019-08-14, rev 0x00c6, size 100352 sig 0x000906ea, pf_mask 0x22, 2019-08-14, rev 0x00c6, size 99328 sig 0x000906eb, pf_mask 0x02, 2019-08-14, rev 0x00c6, size 100352 sig 0x000906ed, pf_mask 0x22, 2019-08-14, rev 0x00c6, size 99328 + Updated Microcodes (previously removed): sig 0x00050653, pf_mask 0x97, 2019-09-09, rev 0x1000151, size 32768 . intel-microcode (3.20190918.1) unstable; urgency=medium . * New upstream microcode datafile 20190918 + SECURITY UPDATE *Might* contain mitigations for INTEL-SA-00247 (RAMBleed), given the set of processors being updated. + Updated Microcodes: sig 0x000306d4, pf_mask 0xc0, 2019-06-13, rev 0x002e, size 19456 sig 0x000306f4, pf_mask 0x80, 2019-06-17, rev 0x0016, size 18432 sig 0x00040671, pf_mask 0x22, 2019-06-13, rev 0x0021, size 14336 sig 0x000406f1, pf_mask 0xef, 2019-06-18, rev 0xb000038, size 30720 sig 0x00050654, pf_mask 0xb7, 2019-07-31, rev 0x2000064, size 33792 sig 0x00050657, pf_mask 0xbf, 2019-08-12, rev 0x500002b, size 51200 sig 0x00050662, pf_mask 0x10, 2019-06-17, rev 0x001c, size 32768 sig 0x00050663, pf_mask 0x10, 2019-06-17, rev 0x7000019, size 24576 sig 0x00050664, pf_mask 0x10, 2019-06-17, rev 0xf000017, size 24576 sig 0x00050665, pf_mask 0x10, 2019-06-17, rev 0xe00000f, size 19456 intel-microcode (3.20190918.1) unstable; urgency=medium . * New upstream microcode datafile 20190918 + SECURITY UPDATE *Might* contain mitigations for INTEL-SA-00247 (RAMBleed), given the set of processors being updated. + Updated Microcodes: sig 0x000306d4, pf_mask 0xc0, 2019-06-13, rev 0x002e, size 19456 sig 0x000306f4, pf_mask 0x80, 2019-06-17, rev 0x0016, size 18432 sig 0x00040671, pf_mask 0x22, 2019-06-13, rev 0x0021, size 14336 sig 0x000406f1, pf_mask 0xef, 2019-06-18, rev 0xb000038, size 30720 sig 0x00050654, pf_mask 0xb7, 2019-07-31, rev 0x2000064, size 33792 sig 0x00050657, pf_mask 0xbf, 2019-08-12, rev 0x500002b, size 51200 sig 0x00050662, pf_mask 0x10, 2019-06-17, rev 0x001c, size 32768 sig 0x00050663, pf_mask 0x10, 2019-06-17, rev 0x7000019, size 24576 sig 0x00050664, pf_mask 0x10, 2019-06-17, rev 0xf000017, size 24576 sig 0x00050665, pf_mask 0x10, 2019-06-17, rev 0xe00000f, size 19456 ldm (2:2.18.06-1+deb10u1) buster-security; urgency=medium . * Add patch fixing root access when LDM_USERNAME is unset. libburn (1.5.0-1+deb10u1) buster; urgency=low . * Patch taken from upstream development + cdrskin multi-track burning was slow and stalled after track 1. Regression introduced in version 1.5.0 by commit 84fad99, 2018.02.05, which should fix a bug with O_DIRECT track reading. Debian never enabled O_DIRECT, so 84fad99 was never desirable. The patch reverts the upstream commit to bring the fifo code of cdrskin back to the state in Debian 9 and Debian 8. Closes: #946679 libcgns (3.3.0-7~deb10u1) buster; urgency=medium . * Rebuild for buster. . libcgns (3.3.0-7) unstable; urgency=medium . * Backport fix from experimental * New patch gcc-pr92361.patch to fix FTBFS on ppcel64 (closes: #944127) libidn2 (2.0.5-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix free of random (stack) value in idn2_to_ascii_4i() * idn2_to_ascii_4i(): Restrict output length to 63 (CVE-2019-18224) (Closes: #942895) * Fail make if 'ronn' doesn't exist when building docs * Fix generation of idn2.1 man page file * Move texinfo from Build-Depends-Indep to Build-Depends (Closes: #949705) libimobiledevice (1.2.1~git20181030.92c5462-2) stable; urgency=medium . * d/patches: properly handle partial SSL writes * d/gbp.conf: follow buster branch libmatroska (1.4.9-1+deb10u1) buster; urgency=medium . * debian/shlibs: Bump version to 1.4.7 since that version introduced new symbols (Closes: #946669) libmysofa (0.6~dfsg0-3+deb10u1) buster; urgency=high . * Backport security fixes (Closes: #939735) * CVE-2019-16091 * CVE-2019-16092 * CVE-2019-16093 * CVE-2019-16094 * CVE-2019-16095 * misc security fixes that have no CVE assigned libole-storage-lite-perl (0.19-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport upstream fix for years >= 2020 being misinterpreted. (Closes: #948668) libparse-win32registry-perl (1.0-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Add patch to fix Y2K20 problem. (Closes: #948682) libparse-win32registry-perl (1.0-2+deb9u1) stretch; urgency=medium . * Non-maintainer upload. * Add patch to fix Y2K20 problem. (Closes: #948682) libperl4-corelibs-perl (0.004-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Add t/timelocal.t fix for Y2K20 problem in t/timelocal.t. (Closes: #948666) libsolv (0.6.35-2+deb10u1) buster; urgency=medium . * debian/patches: + CVE-2019-20387: Add 0001_CVE-2019-20387.patch. Resolves heap-based buffer over-read in repodata.c (Closes: #949611). + 1006_various-types.patch: Trivial rebase. libspreadsheet-wright-perl (0.105-1+deb10u1) buster; urgency=medium . * Fixing previously unusable OpenDocument Spreadsheets (https://rt.cpan.org/Ticket/Display.html?id=128919). * Fixing previously unusable multisheet OpenDocument Spreadsheets (https://rt.cpan.org/Ticket/Display.html?id=131334). * Fixing passing JSON formatting options (https://github.com/tobyink/p5-spreadsheet-wright/issues/5). libtimedate-perl (2.3000-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Add patch from upstream pull request to fix Y2K20 test failure. (Closes: #948680) libtimedate-perl (2.3000-2+deb9u1) stretch; urgency=medium . * Non-maintainer upload. * Add patch from upstream pull request to fix Y2K20 test failure. (Closes: #948680) libvirt (5.0.0-4+deb10u1) buster; urgency=medium . [ Tobias Wolter ] * [711f612] apparmor: Allow one to run pygrub . [ Guido Günther ] * [3bcbf56] Don't render osxsave, ospke into QEMU comman line. This helps newer QEMU with some configs generated by virt-install. Thanks to Michal Arbet for digging out the patches (Closes: #944248) libvncserver (0.9.11+dfsg-1.3+deb10u2) buster; urgency=medium . * Regression update. . * debian/patches: Add use-after-free/{4,5,6}.patch. All cherry-picked from upstream. Resolves crashing of x11vnc when vncviewer connects. (Closes: #905786). libvncserver (0.9.11+dfsg-1.3+deb10u1) buster; urgency=medium . * CVE-2019-15681: rfbserver: don't leak stack memory to the remote. (Closes: #943793). * debian/patches: + Trivial patch rebasing. + Add 3 use-after-free patches. Resolve a freeze during connection closure and a segmentation fault on multi-threaded VNC servers. (Closes: #905786). + Add 0002-set-true-color-flag-to-1.patch. Fix connecting to VMware servers. (Closes: #880531). libvpx (1.7.0-3+deb10u1) buster-security; urgency=medium . * CVE-2019-9232 CVE-2019-9325 CVE-2019-9371 CVE-2019-9433 limnoria (2019.02.23-1+deb10u1) buster; urgency=medium . * Add patch from upstream to fix remote information disclosure and possibly remote code execution in the Math plugin. CVE-2019-19010 linux (4.19.98-1) buster; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.88 - [arm64] clk: meson: gxbb: let sar_adc_clk_div set the parent clock rate - ASoC: compress: fix unsigned integer overflow check - reset: Fix memory leak in reset_control_array_put() - [armhf] clk: samsung: exynos5433: Fix error paths - [armel/marvell,armhf] ASoC: kirkwood: fix external clock probe defer - [armel/marvell,armhf] ASoC: kirkwood: fix device remove ordering - [armhf] clk: samsung: exynos5420: Preserve PLL configuration during suspend/resume - [x86] pinctrl: cherryview: Allocate IRQ chip dynamic - [armhf] dts: imx6qdl-sabreauto: Fix storm of accelerometer interrupts - reset: fix reset_control_ops kerneldoc comment - [armhf,arm64] clk: sunxi: Fix operator precedence in sunxi_divs_clk_setup - [armhf] clk: sunxi-ng: a80: fix the zero'ing of bits 16 and 18 - [armhf] dts: sun8i-a83t-tbs-a711: Fix WiFi resume from suspend - [ppc64el] bpf: Fix tail call implementation - idr: Fix integer overflow in idr_for_each_entry - idr: Fix idr_alloc_u32 on 32-bit systems - [x86] resctrl: Prevent NULL pointer dereference when reading mondata - [armhf] clk: ti: dra7-atl-clock: Remove ti_clk_add_alias call - [armhf] clk: ti: clkctrl: Fix failed to enable error with double udelay timeout - bridge: ebtables: don't crash when using dnat target in output chains - can: peak_usb: report bus recovery as well - can: rx-offload: can_rx_offload_queue_tail(): fix error handling, avoid skb mem leak - can: rx-offload: can_rx_offload_offload_one(): do not increase the skb_queue beyond skb_queue_len_max - can: rx-offload: can_rx_offload_offload_one(): increment rx_fifo_errors on queue overflow or OOM - can: rx-offload: can_rx_offload_offload_one(): use ERR_PTR() to propagate error value in case of errors - can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on error - can: rx-offload: can_rx_offload_irq_offload_fifo(): continue on error - [armhf] can: flexcan: increase error counters if skb enqueueing via can_rx_offload_queue_sorted() fails - [arm64] watchdog: meson: Fix the wrong value of left time - ceph: return -EINVAL if given fsc mount option on kernel w/o support - net/fq_impl: Switch to kvmalloc() for memory allocation - mac80211: fix station inactive_time shortly after boot - block: drbd: remove a stray unlock in __drbd_send_protocol() - scsi: target/tcmu: Fix queue_cmd_ring() declaration - scsi: lpfc: Fix kernel Oops due to null pring pointers - scsi: lpfc: Fix dif and first burst use in write commands - tracing: Lock event_mutex before synth_event_mutex - [armhf] dts: imx*: Fix memory node duplication - [armhf] dts: Fix hsi gdd range for omap4 - [arm64] mm: Prevent mismatched 52-bit VA support - [arm64] smp: Handle errors reported by the firmware - [armhf] bus: ti-sysc: Check for no-reset and no-idle flags at the child level - [arm64] RDMA/hns: Fix the bug while use multi-hop of pbl - [x86] RDMA/vmw_pvrdma: Use atomic memory allocation in create AH - [armhf] PM / AVS: SmartReflex: NULL check before some freeing functions is not needed - xfs: zero length symlinks are not valid - ACPI / LPSS: Ignore acpi_device_fix_up_power() return value - scsi: lpfc: Enable Management features for IF_TYPE=6 - scsi: qla2xxx: Fix NPIV handling for FC-NVMe - scsi: qla2xxx: Fix for FC-NVMe discovery for NPIV port - nvme: provide fallback for discard alloc failure - [s390x] zcrypt: make sysfs reset attribute trigger queue reset - crypto: user - support incremental algorithm dumps - mwifiex: fix potential NULL dereference and use after free - mwifiex: debugfs: correct histogram spacing, formatting - brcmfmac: set F2 watermark to 256 for 4373 - brcmfmac: set SDIO F1 MesBusyCtrl for CYW4373 - rtl818x: fix potential use after free - bcache: do not check if debug dentry is ERR or NULL explicitly on remove - bcache: do not mark writeback_running too early - xfs: require both realtime inodes to mount - nvme: fix kernel paging oops - ubifs: Fix default compression selection in ubifs - ubi: Put MTD device after it is not used - ubi: Do not drop UBI device reference before using - iwlwifi: move iwl_nvm_check_version() into dvm - iwlwifi: mvm: force TCM re-evaluation on TCM resume - iwlwifi: pcie: fix erroneous print - iwlwifi: pcie: set cmd_len in the correct place - [armhf,arm64] gpio: pca953x: Fix AI overflow on PCAL6524 - gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB - [x86] kvm: vmx: Set IA32_TSC_AUX for legacy mode guests - [x86] Revert "KVM: nVMX: reset cache/shadows when switching loaded VMCS" - [x86] Revert "KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode()" - VSOCK: bind to random port for VMADDR_PORT_ANY - [amd64] mmc: meson-gx: make sure the descriptor is stopped on errors - [armhf] mtd: rawnand: sunxi: Write pageprog related opcodes to WCMD_SET - [armhf] usb: ehci-omap: Fix deferred probe for phy handling - btrfs: Check for missing device before bio submission in btrfs_map_bio - btrfs: fix ncopies raid_attr for RAID56 - btrfs: dev-replace: set result code of cancel by status of scrub - Btrfs: allow clear_extent_dirty() to receive a cached extent state record - btrfs: only track ref_heads in delayed_ref_updates - [x86] HID: intel-ish-hid: fixes incorrect error handling - serial: 8250: Rate limit serial port rx interrupts during input overruns - [x86] kprobes/xen: blacklist non-attachable xen interrupt functions - xen/pciback: Check dev_data before using it - kprobes: Blacklist symbols in arch-defined prohibited area - [amd64] kprobes: Show x86-64 specific blacklisted symbols correctly - [armhf] memory: omap-gpmc: Get the header of the enum - net/mlx5: Continue driver initialization despite debugfs failure - netfilter: nf_nat_sip: fix RTP/RTCP source port translations - exofs_mount(): fix leaks on failure exits - bnxt_en: Return linux standard errors in bnxt_ethtool.c - bnxt_en: Save ring statistics before reset. - bnxt_en: query force speeds before disabling autoneg mode. - [s390x] KVM: unregister debug feature on failing arch init - dm flakey: Properly corrupt multi-page bios. - gfs2: take jdata unstuff into account in do_grow - dm raid: fix false -EBUSY when handling check/repair message - xfs: Align compat attrlist_by_handle with native implementation. - xfs: Fix bulkstat compat ioctls on x32 userspace. - IB/qib: Fix an error code in qib_sdma_verbs_send() - vxlan: Fix error path in __vxlan_dev_create() - [ppc64el] xmon: fix dump_segments() - drivers/regulator: fix a missing check of return value - Bluetooth: hci_bcm: Handle specific unknown packets after firmware loading - RDMA/srp: Propagate ib_post_send() failures to the SCSI mid-layer - scsi: qla2xxx: deadlock by configfs_depend_item - scsi: csiostor: fix incorrect dma device in case of vport - brcmfmac: Fix access point mode - ath6kl: Only use match sets when firmware supports it - ath6kl: Fix off by one error in scan completion - [ppc64el] perf: Fix unit_sel/cache_sel checks - [ppc64el] prom: fix early DEBUG messages - [ppc64el] mm: Make NULL pointer deferences explicit on bad page faults. - [ppc64el] vfio/spapr_tce: Get rid of possible infinite loop - [ppc64el] powernv/eeh/npu: Fix uninitialized variables in opal_pci_eeh_freeze_status - drbd: ignore "all zero" peer volume sizes in handshake - drbd: reject attach of unsuitable uuids even if connected - drbd: do not block when adjusting "disk-options" while IO is frozen - drbd: fix print_st_err()'s prototype to match the definition - IB/rxe: Make counters thread safe - bpf/cpumap: make sure frame_size for build_skb is aligned if headroom isn't - [armhf] regulator: tps65910: fix a missing check of return value - [ppc64el] powerpc/pseries: Fix node leak in update_lmb_associativity_index() - net/netlink_compat: Fix a missing check of nla_parse_nested - net/net_namespace: Check the return value of register_pernet_subsys() - f2fs: fix block address for __check_sit_bitmap - f2fs: fix to dirty inode synchronously - [armhf] net: dsa: bcm_sf2: Propagate error value from mdio_write - atl1e: checking the status of atl1e_write_phy_reg - tipc: fix a missing check of genlmsg_put - net: marvell: fix a missing check of acpi_match_device - ocfs2: clear journal dirty flag after shutdown journal - vmscan: return NODE_RECLAIM_NOSCAN in node_reclaim() when CONFIG_NUMA is n - mm/page_alloc.c: free order-0 pages through PCP in page_frag_free() - mm/page_alloc.c: use a single function to free page - mm/page_alloc.c: deduplicate __memblock_free_early() and memblock_free() - netfilter: nf_tables: fix a missing check of nla_put_failure - xprtrdma: Prevent leak of rpcrdma_rep objects - infiniband/qedr: Potential null ptr dereference of qp - lib/genalloc.c: fix allocation of aligned buffer from non-aligned chunk - lib/genalloc.c: use vzalloc_node() to allocate the bitmap - drivers/base/platform.c: kmemleak ignore a known leak - lib/genalloc.c: include vmalloc.h - mtd: Check add_mtd_device() ret code - tipc: fix memory leak in tipc_nl_compat_publ_dump - net/core/neighbour: tell kmemleak about hash tables - [armhf,arm64] ata: ahci: mvebu: do Armada 38x configuration only on relevant SoCs - PCI/MSI: Return -ENOSPC from pci_alloc_irq_vectors_affinity() - net/core/neighbour: fix kmemleak minimal reference count for hash tables - serial: 8250: Fix serial8250 initialization crash - [armhf] gpu: ipu-v3: pre: don't trigger update if buffer address doesn't change - sfc: suppress duplicate nvmem partition types in efx_ef10_mtd_probe - ip_tunnel: Make none-tunnel-dst tunnel port work with lwtunnel - decnet: fix DN_IFREQ_SIZE - net/smc: prevent races between smc_lgr_terminate() and smc_conn_free() - net/smc: don't wait for send buffer space when data was already sent - mm/hotplug: invalid PFNs from pfn_to_online_page() - xfs: end sync buffer I/O properly on shutdown error - net/smc: fix sender_free computation - blktrace: Show requests without sector - net/smc: fix byte_order for rx_curs_confirmed - tipc: fix skb may be leaky in tipc_link_input - sfc: initialise found bitmap in efx_ef10_mtd_probe - geneve: change NET_UDP_TUNNEL dependency to select - net: fix possible overflow in __sk_mem_raise_allocated() - net: ip_gre: do not report erspan_ver for gre or gretap - net: ip6_gre: do not report erspan_ver for ip6gre or ip6gretap - sctp: don't compare hb_timer expire date before starting it - bpf: decrease usercnt if bpf_map_new_fd() fails in bpf_map_get_fd_by_id() - mmc: core: align max segment size with logical block size - net: dev: Use unsigned integer as an argument to left-shift - kvm: properly check debugfs dentry before using it - bpf: drop refcount if bpf_map_new_fd() fails in map_create() - [arm64] net: hns3: Change fw error code NOT_EXEC to NOT_SUPPORTED - [arm64] net: hns3: fix PFC not setting problem for DCB module - [arm64] net: hns3: fix an issue for hclgevf_ae_get_hdev - [arm64] net: hns3: fix an issue for hns3_update_new_int_gl - [x86] iommu/amd: Fix NULL dereference bug in match_hid_uid - apparmor: delete the dentry in aafs_remove() to avoid a leak - scsi: libsas: Support SATA PHY connection rate unmatch fixing during discovery - ACPI / APEI: Don't wait to serialise with oops messages when panic()ing - ACPI / APEI: Switch estatus pool to use vmalloc memory - [arm64] scsi: hisi_sas: shutdown axi bus to avoid exception CQ returned - scsi: libsas: Check SMP PHY control function result - [arm64] RDMA/hns: Fix the bug with updating rq head pointer when flush cqe - [arm64] RDMA/hns: Bugfix for the scene without receiver queue - [arm64] RDMA/hns: Fix the state of rereg mr - [arm64] RDMA/hns: Use GFP_ATOMIC in hns_roce_v2_modify_qp - ASoC: rt5645: Headphone Jack sense inverts on the LattePanda board - [ppc64el] pseries/dlpar: Fix a missing check in dlpar_parse_cc_property() (CVE-2019-12614) - xdp: fix cpumap redirect SKB creation bug - mtd: Remove a debug trace in mtdpart.c - [s390x] mm, gup: add missing refcount overflow checks on s390 - [armhf,arm64] usb: dwc2: use a longer core rest timeout in dwc2_core_reset() - staging: rtl8192e: fix potential use after free - staging: rtl8723bs: Drop ACPI device ids - staging: rtl8723bs: Add 024c:0525 to the list of SDIO device-ids - USB: serial: ftdi_sio: add device IDs for U-Blox C099-F9P - [x86] mei: bus: prefix device names on bus with the bus name - [x86] mei: me: add comet point V device id - thunderbolt: Power cycle the router if NVM authentication fails - xfrm: Fix memleak on xfrm state destroy - media: v4l2-ctrl: fix flags for DO_WHITE_BALANCE - [arm64] net: macb: fix error format in dev_err() - pwm: Clear chip_data in pwm_put() - macvlan: schedule bc_work even if error - net: psample: fix skb_over_panic - openvswitch: fix flow command message size - sctp: Fix memory leak in sctp_sf_do_5_2_4_dupcook - slip: Fix use-after-free Read in slip_open - openvswitch: drop unneeded BUG_ON() in ovs_flow_cmd_build_info() - openvswitch: remove another BUG_ON() - tipc: fix link name length check - sctp: cache netns in sctp_ep_common - net: sched: fix `tc -s class show` no bstats on class with nolock subqueues - [arm64] net: macb: add missed tasklet_kill - ext4: add more paranoia checking in ext4_expand_extra_isize handling (CVE-2019-19767) - [arm64] net: macb: Fix SUBNS increment and increase resolution - [arm64] net: macb driver, check for SKBTX_HW_TSTAMP - mtd: spi-nor: cast to u64 to avoid uint overflows - tcp: exit if nothing to retransmit on RTO timeout - HID: core: check whether Usage Page item is after Usage ID items - [x86] platform: hp-wmi: Fix ACPI errors caused by too small buffer - [x86] platform: hp-wmi: Fix ACPI errors caused by passing 0 as input size https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.89 - rsi: release skb if rsi_prepare_beacon fails (CVE-2019-19071) - [arm64] tegra: Fix 'active-low' warning for Jetson TX1 regulator - usb: gadget: u_serial: add missing port entry locking - [arm64] tty: serial: msm_serial: Fix flow control - [armhf,arm64] serial: pl011: Fix DMA ->flush_buffer() - serial: serial_core: Perform NULL checks for break_ctl ops - autofs: fix a leak in autofs_expire_indirect() - [arm64] RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN - iwlwifi: pcie: don't consider IV len in A-MSDU - exportfs_decode_fh(): negative pinned may become positive without the parent locked - audit_get_nd(): don't unlock parent too early - xfrm: release device reference for invalid state - sched/core: Avoid spurious lock dependencies - perf/core: Consistently fail fork on allocation failures - ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed() - [armhf,arm64] drm/sun4i: tcon: Set min division of TCON0_DCLK to 1. - rsxx: add missed destroy_workqueue calls in remove - i2c: core: fix use after free in of_i2c_notify - serial: core: Allow processing sysrq at port unlock time - cxgb4vf: fix memleak in mac_hlist initialization - iwlwifi: mvm: synchronize TID queue removal - iwlwifi: trans: Clear persistence bit when starting the FW - iwlwifi: mvm: Send non offchannel traffic via AP sta - [armhf] 8813/1: Make aligned 2-byte getuser()/putuser() atomic on ARMv6+ - audit: Embed key into chunk - netfilter: nf_tables: don't use position attribute on rule replacement - net/mlx5: Release resource on error flow - [arm64] clk: sunxi-ng: a64: Fix gate bit of DSI DPHY - ice: Fix NVM mask defines - dlm: fix possible call to kfree() for non-initialized pointer - [armhf] dts: exynos: Fix LDO13 min values on Odroid XU3/XU4/HC1 - [armhf,arm64] rtc: max77686: Fix the returned value in case of error in 'max77686_rtc_read_time()' - i40e: don't restart nway if autoneg not supported - virtchnl: Fix off by one error - [armhf] clk: rockchip: fix rk3188 sclk_smc gate data - [armhf] clk: rockchip: fix rk3188 sclk_mac_lbtest parameter ordering - [armhf] dts: rockchip: Fix rk3288-rock2 vcc_flash name - dlm: fix missing idr_destroy for recover_idr - [armhf,arm64] net: dsa: mv88e6xxx: Work around mv886e6161 SERDES missing MII_PHYSID2 - [s390x] scsi: zfcp: update kernel message for invalid FCP_CMND length, it's not the CDB - [s390x] scsi: zfcp: drop default switch case which might paper over missing case - [armhf] bus: ti-sysc: Fix getting optional clocks in clock_roles - [armhf] dts: imx6: RDU2: fix eGalax touchscreen node - crypto: ecc - check for invalid values in the key verification test - crypto: bcm - fix normal/non key hash algorithm failure - [arm64] dts: zynqmp: Fix node names which contain "_" - [arm64] pinctrl: qcom: ssbi-gpio: fix gpio-hog related boot issues - [arm*] firmware: raspberrypi: Fix firmware calls with large buffers - mm/vmstat.c: fix NUMA statistics updates - [arm64] clk: rockchip: fix I2S1 clock gate register for rk3328 - [arm64] clk: rockchip: fix ID of 8ch clock of I2S1 for rk3328 - sctp: count sk_wmem_alloc by skb truesize in sctp_packet_transmit - regulator: Fix return value of _set_load() stub - USB: serial: f81534: fix reading old/new IC config - xfs: extent shifting doesn't fully invalidate page cache - net-next/hinic:fix a bug in set mac address - net-next/hinic: fix a bug in rx data flow - ice: Fix return value from NAPI poll - ice: Fix possible NULL pointer de-reference - iomap: FUA is wrong for DIO O_DSYNC writes into unwritten extents - iomap: sub-block dio needs to zeroout beyond EOF - iomap: dio data corruption and spurious errors when pipes fill - iomap: readpages doesn't zero page tail beyond EOF - iw_cxgb4: only reconnect with MPAv1 if the peer aborts - [mips*/octeon] octeon-platform: fix typing - net/smc: use after free fix in smc_wr_tx_put_slot() - [armhf] dts: exynos: Use Samsung SoC specific compatible for DWC2 module - media: pulse8-cec: return 0 when invalidating the logical address - media: cec: report Vendor ID after initialization - iwlwifi: fix cfg structs for 22000 with different RF modules - net/ipv6: re-do dad when interface has IFF_NOARP flag change - [x86] dmaengine: dw-dmac: implement dma protection control setting - [armhf,arm64] usb: dwc3: debugfs: Properly print/set link state for HS - [armhf,arm64] usb: dwc3: don't log probe deferrals; but do log other error codes - ACPI: fix acpi_find_child_device() invocation in acpi_preset_companion() - f2fs: fix to account preflush command for noflush_merge mode - f2fs: fix count of seg_freed to make sec_freed correct - f2fs: change segment to section in f2fs_ioc_gc_range - [armhf] dts: rockchip: Fix the PMU interrupt number for rv1108 - [armhf] dts: rockchip: Assign the proper GPIO clocks for rv1108 - f2fs: fix to allow node segment for GC by ioctl path - nvme: Free ctrl device name on init failure - dma-mapping: fix return type of dma_set_max_seg_size() - [armhf] serial: imx: fix error handling in console_setup - [armhf] i2c: imx: don't print error message on probe defer - [arm64] clk: meson: Fix GXL HDMI PLL fractional bits width - [armhf,arm64] gpu: host1x: Fix syncpoint ID field size on Tegra186 - lockd: fix decoding of TEST results - sctp: increase sk_wmem_alloc when head->truesize is increased - [x86] iommu/amd: Fix line-break in error log reporting - [armhf] dts: sun8i: a23/a33: Fix OPP DTC warnings - [armhf] dts: sun8i: v3s: Change pinctrl nodes to avoid warning - nfsd: fix a warning in __cld_pipe_upcall() - bpf: btf: implement btf_name_valid_identifier() - bpf: btf: check name validity for various types - [armhf] OMAP1/2: fix SoC name printing - [arm64] dts: meson-gxl-libretech-cc: fix GPIO lines names - [arm64] dts: meson-gxbb-nanopi-k2: fix GPIO lines names - [arm64] dts: meson-gxbb-odroidc2: fix GPIO lines names - [arm64] dts: meson-gxl-khadas-vim: fix GPIO lines names - net/x25: fix called/calling length calculation in x25_parse_address_block - net/x25: fix null_x25_address handling - tcp: make tcp_space() aware of socket backlog - tcp: fix off-by-one bug on aborting window-probing socket - tcp: fix SNMP under-estimation on failed retransmission - tcp: fix SNMP TCP timeout under-estimation - kbuild: fix single target build for external module - mtd: fix mtd_oobavail() incoherent returned value - [arm64] clk: meson: meson8b: fix the offset of vid_pll_dco's N value - [armhf,arm64] clk: sunxi-ng: h3/h5: Fix CSI_MCLK parent - [arm64] clk: qcom: Fix MSM8998 resets - dlm: fix invalid cluster name warning - net/mlx4_core: Fix return codes of unsupported operations - pstore/ram: Avoid NULL deref in ftrace merging failure path - [mips*/octeon] cvmx_pko_mem_debug8: use oldest forward compatible definition - nfsd: Return EPERM, not EACCES, in some SETATTR cases - media: uvcvideo: Abstract streaming object lifetime - [armhf] dts: sun8i: h3: Fix the system-control register range - tty: Don't block on IO when ldisc change is pending - media: stkwebcam: Bugfix for wrong return values - sctp: frag_point sanity check - IB/hfi1: Ignore LNI errors before DC8051 transitions to Polling state - IB/hfi1: Close VNIC sdma_progress sleep window - mlx4: Use snprintf instead of complicated strcpy - [armhf] dts: sunxi: Fix PMU compatible strings - [armhf] dts: am335x-pdu001: Fix polarity of card detection input - net: aquantia: fix RSS table and key sizes - sched/fair: Scale bandwidth quota and period without losing quota/period ratio precision - fuse: verify nlink - fuse: verify attributes - [x86] ALSA: hda/realtek - Enable internal speaker of ASUS UX431FLC - [x86] ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop - [x86] ALSA: hda/realtek - Dell headphone has noise on unmute for ALC236 - ALSA: pcm: oss: Avoid potential buffer overflows - [x86] ALSA: hda - Add mute led support for HP ProBook 645 G4 - [x86] Input: synaptics - switch another X1 Carbon 6 to RMI/SMbus - [x86] Input: synaptics-rmi4 - re-enable IRQs in f34v7_do_reflash - [x86] Input: synaptics-rmi4 - don't increment rmiaddr for SMBus transfers - [x86] Input: goodix - add upside-down quirk for Teclast X89 tablet - Input: Fix memory leak in psxpad_spi_probe - [i386] mm: Sync only to VMALLOC_END in vmalloc_sync_all() - [x86] PCI: Avoid AMD FCH XHCI USB PME# from D0 defect - xfrm interface: fix memory leak on creation - xfrm interface: avoid corruption on changelink - xfrm interface: fix list corruption for x-netns - xfrm interface: fix management of phydev - CIFS: Fix NULL-pointer dereference in smb2_push_mandatory_locks - CIFS: Fix SMB2 oplock break processing - tty: vt: keyboard: reject invalid keycodes - can: slcan: Fix use-after-free Read in slcan_open - kernfs: fix ino wrap-around detection - jbd2: Fix possible overflow in jbd2_log_space_left() - [arm64] drm/msm: fix memleak on release - [i386] drm/i810: Prevent underflow in ioctl - [armhf,arm64] KVM: vgic: Don't rely on the wrong pending table - [x86] KVM: do not modify masked bits of shared MSRs - [x86] KVM: fix presentation of TSX feature in ARCH_CAPABILITIES - [x86] KVM: Grab KVM's srcu lock when setting nested state - crypto: af_alg - cast ki_complete ternary op to int - [x86] crypto: ccp - fix uninitialized list head - crypto: ecdh - fix big endian bug in ECC library - crypto: user - fix memory leak in crypto_report (CVE-2019-19062) - mwifiex: update set_mac_address logic - can: ucan: fix non-atomic allocation in completion handler - RDMA/qib: Validate ->show()/store() callbacks before calling them - iomap: Fix pipe page leakage during splicing - thermal: Fix deadlock in thermal thermal_zone_device_check - vcs: prevent write access to vcsu devices (CVE-2019-19252) - binder: Fix race between mmap() and binder_alloc_print_pages() - binder: Handle start==NULL in binder_update_page_range() - ALSA: hda - Fix pending unsol events at shutdown - perf script: Fix invalid LBR/binary mismatch error - splice: don't read more than available pipe space - iomap: partially revert 4721a601099 (simulated directio short read on EFAULT) - xfs: add missing error check in xfs_prepare_shift() - ASoC: rsnd: fixup MIX kctrl registration - [x86] KVM: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332) - net: qrtr: fix memort leak in qrtr_tun_write_iter (CVE-2019-19079) - appletalk: Fix potential NULL pointer dereference in unregister_snap_client (CVE-2019-19227) - appletalk: Set error code if register_snap_client failed https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.90 - usb: gadget: configfs: Fix missing spin_lock_init() - [x86] usb: gadget: pch_udc: fix use after free - scsi: qla2xxx: Fix driver unload hang - [arm64] media: venus: remove invalid compat_ioctl32 handler - USB: uas: honor flag to avoid CAPACITY16 - USB: uas: heed CAPACITY_HEURISTICS - usb: Allow USB device to be warm reset in suspended state - staging: rtl8188eu: fix interface sanity check - staging: rtl8712: fix interface sanity check - staging: gigaset: fix general protection fault on probe - staging: gigaset: fix illegal free on probe errors - staging: gigaset: add endpoint-type sanity check - usb: xhci: only set D3hot for pci device - xhci: Fix memory leak in xhci_add_in_port() - xhci: Increase STS_HALT timeout in xhci_suspend() - xhci: handle some XHCI_TRUST_TX_LENGTH quirks cases as default behaviour. - [armhf] dts: pandora-common: define wl1251 as child node of mmc3 - [x86] iio: imu: inv_mpu6050: fix temperature reporting using bad unit - USB: atm: ueagle-atm: add missing endpoint check - USB: idmouse: fix interface sanity checks - USB: serial: io_edgeport: fix epic endpoint lookup - usb: roles: fix a potential use after free - USB: adutux: fix interface sanity check - usb: core: urb: fix URB structure initialization function - usb: mon: Fix a deadlock in usbmon between mmap and read - tpm: add check after commands attribs tab allocation - virtio-balloon: fix managed page counts when migrating pages between zones - [armhf,arm64] usb: dwc3: gadget: Fix logical condition - [armhf,arm64] usb: dwc3: ep0: Clear started flag on completion - btrfs: check page->mapping when loading free space cache - btrfs: use refcount_inc_not_zero in kill_all_nodes - Btrfs: fix metadata space leak on fixup worker failure to set range as delalloc - Btrfs: fix negative subv_writers counter and data space leak after buffered write - btrfs: Avoid getting stuck during cyclic writebacks - btrfs: Remove btrfs_bio::flags member - Btrfs: send, skip backreference walking for extents with many references - btrfs: record all roots for rename exchange on a subvol - rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address - rtlwifi: rtl8192de: Fix missing callback that tests for hw release of buffer - rtlwifi: rtl8192de: Fix missing enable interrupt flag - ovl: fix corner case of non-unique st_dev;st_ino - ovl: relax WARN_ON() on rename to self - [armhf] hwrng: omap - Fix RNG wait loop timeout - dm writecache: handle REQ_FUA - dm zoned: reduce overhead of backing device checks - workqueue: Fix spurious sanity check failures in destroy_workqueue() - workqueue: Fix pwq ref leak in rescuer_thread() - ASoC: rt5645: Fixed buddy jack support. - ASoC: rt5645: Fixed typo for buddy jack support. - ASoC: Jack: Fix NULL pointer dereference in snd_soc_jack_report - md: improve handling of bio with REQ_PREFLUSH in md_flush_request() - blk-mq: avoid sysfs buffer overflow with too many CPU cores - cgroup: pids: use atomic64_t for pids->limit - ar5523: check NULL before memcpy() in ar5523_cmd() - [s390x] mm: properly clear _PAGE_NOEXEC bit when it is not supported - media: cec.h: CEC_OP_REC_FLAG_ values were swapped - cpuidle: Do not unset the driver if it is there already - erofs: zero out when listxattr is called with no xattr - [x86] intel_th: Fix a double put_device() in error path - [x86] intel_th: pci: Add Ice Lake CPU support - [x86] intel_th: pci: Add Tiger Lake CPU support - PM / devfreq: Lock devfreq in trans_stat_show - [ppc64el] cpufreq: powernv: fix stack bloat and hard limit on number of CPUs - ACPI / hotplug / PCI: Allocate resources directly under the non-hotplug bridge - ACPI: OSL: only free map once in osl.c - ACPI: bus: Fix NULL pointer check in acpi_bus_get_private_data() - ACPI: PM: Avoid attaching ACPI PM domain to certain devices - [arm64] pinctrl: armada-37xx: Fix irq mask access in armada_37xx_irq_set_type() - [armhf] pinctrl: samsung: Add of_node_put() before return in error path - [armhf] pinctrl: samsung: Fix device node refcount leaks in Exynos wakeup controller init - [armhf] pinctrl: samsung: Fix device node refcount leaks in init code - [armhf] mmc: host: omap_hsmmc: add code for special init of wl1251 to get rid of pandora_wl1251_init_card - [armhf] dts: omap3-tao3530: Fix incorrect MMC card detection GPIO polarity - ppdev: fix PPGETTIME/PPSETTIME ioctls - [ppc64el] Allow 64bit VDSO __kernel_sync_dicache to work across ranges >4GB - [ppc64el] xive: Prevent page fault issues in the machine crash handler - [ppc64el] Allow flush_icache_range to work across ranges >4GB - [ppc64el] xive: Skip ioremap() of ESB pages for LSI interrupts - video/hdmi: Fix AVI bar unpack - quota: Check that quota is not dirty before release - ext2: check err when partial != NULL - quota: fix livelock in dquot_writeback_dquots - ext4: Fix credit estimate for final inode freeing - reiserfs: fix extended attributes on the root directory - block: fix single range discard merge - [s390x] scsi: zfcp: trace channel log even for FCP command responses - scsi: qla2xxx: Fix DMA unmap leak - scsi: qla2xxx: Fix hang in fcport delete path - scsi: qla2xxx: Fix session lookup in qlt_abort_work() - scsi: qla2xxx: Fix qla24xx_process_bidir_cmd() - scsi: qla2xxx: Always check the qla2x00_wait_for_hba_online() return value - scsi: qla2xxx: Fix message indicating vectors used by driver - scsi: qla2xxx: Fix SRB leak on switch command timeout - xhci: make sure interrupts are restored to correct state - usb: typec: fix use after free in typec_register_port() - [armhf] omap: pdata-quirks: remove openpandora quirks for mmc3 and wl1251 - scsi: lpfc: Cap NPIV vports to 256 - scsi: lpfc: Correct code setting non existent bits in sli4 ABORT WQE - scsi: lpfc: Correct topology type reporting on G7 adapters - sch_cake: Correctly update parent qlen when splitting GSO packets - net/smc: do not wait under send_lock - [arm64] net: hns3: clear pci private data when unload hns3 driver - [arm64] net: hns3: change hnae3_register_ae_dev() to int - [arm64] net: hns3: Check variable is valid before assigning it to another - [arm64] scsi: hisi_sas: send primitive NOTIFY to SSP situation only - [arm64] scsi: hisi_sas: Reject setting programmed minimum linkrate > 1.5G - [x86] MCE/AMD: Turn off MC4_MISC thresholding on all family 0x15 models - [x86] MCE/AMD: Carve out the MC4_MISC thresholding quirk - ath10k: fix fw crash by moving chip reset after napi disabled - [ppc64el] Fix vDSO clock_getres() - ext4: work around deleting a file with i_nlink == 0 safely (CVE-2019-19447) - mm/shmem.c: cast the type of unmap_start to u64 - rtc: disable uie before setting time and enable after - splice: only read in as much information as there is pipe buffer space - ext4: fix a bug in ext4_wait_for_tail_page_commit - [armhf,arm64] mfd: rk808: Fix RK818 ID template - mm, thp, proc: report THP eligibility for each vma - [s390x] smp,vdso: fix ASCE handling - blk-mq: make sure that line break can be printed - workqueue: Fix missing kfree(rescuer) in destroy_workqueue() - perf callchain: Fix segfault in thread__resolve_callchain_sample() - gre: refetch erspan header from skb->data after pskb_may_pull() - sunrpc: fix crash when cache_head become valid before update - net/mlx5e: Fix SFF 8472 eeprom length - leds: trigger: netdev: fix handling on interface rename - gfs2: fix glock reference problem in gfs2_trans_remove_revoke - of: overlay: add_changeset_property() memory leak - kernel/module.c: wakeup processes in module_wq on module unload - cifs: Fix potential softlockups while refreshing DFS cache - [x86] gpiolib: acpi: Add Terra Pad 1061 to the run_edge_events_on_boot_blacklist - raid5: need to set STRIPE_HANDLE for batch head - scsi: qla2xxx: Change discovery state before PLOGI - [x86] iio: imu: mpu6050: add missing available scan masks - idr: Fix idr_get_next_ul race with idr_remove - of: unittest: fix memory leak in attach_node_and_children https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.91 - inet: protect against too small mtu values. - mqprio: Fix out-of-bounds access in mqprio_dump - net: bridge: deny dev_set_mac_address() when unregistering - net: dsa: fix flow dissection on Tx path - net: ethernet: ti: cpsw: fix extra rx interrupt - net: sched: fix dump qlen for sch_mq/sch_mqprio with NOLOCK subqueues - [arm64] net: thunderx: start phy before starting autonegotiation - openvswitch: support asymmetric conntrack - tcp: md5: fix potential overestimation of TCP option space - tipc: fix ordering of tipc module init and exit routine - net/mlx5e: Query global pause state before setting prio2buffer - tcp: fix rejected syncookies due to stale timestamps - tcp: tighten acceptance of ACKs not matching a child socket - tcp: Protect accesses to .ts_recent_stamp with {READ,WRITE}_ONCE() - [arm64] Revert "arm64: preempt: Fix big-endian when checking preempt count in assembly" - mmc: block: Make card_busy_detect() a bit more generic - mmc: block: Add CMD13 polling for MMC IOCTLS with R1B response - PCI/PM: Always return devices to D0 when thawing - PCI: pciehp: Avoid returning prematurely from sysfs requests - [x86] PCI: Fix Intel ACS quirk UPDCR register address - PCI/MSI: Fix incorrect MSI-X masking on resume - [arm64] PCI: Apply Cavium ACS quirk to ThunderX2 and ThunderX3 - [arm64] rpmsg: glink: Set tail pointer to 0 at end of FIFO - [arm64] rpmsg: glink: Fix reuse intents memory leak issue - [arm64] rpmsg: glink: Fix use after free in open_ack TIMEOUT case - [arm64] rpmsg: glink: Put an extra reference during cleanup - [arm64] rpmsg: glink: Fix rpmsg_register_device err handling - [arm64] rpmsg: glink: Don't send pending rx_done during remove - [arm64] rpmsg: glink: Free pending deferred work on remove - cifs: smbd: Return -EAGAIN when transport is reconnecting - cifs: smbd: Add messages on RDMA session destroy and reconnection - cifs: smbd: Return -EINVAL when the number of iovs exceeds SMBDIRECT_MAX_SGE - cifs: Don't display RDMA transport on reconnect - CIFS: Respect O_SYNC and O_DIRECT flags during reconnect - CIFS: Close open handle after interrupted close - [armhf] tegra: Fix FLOW_CTLR_HALT register clobbering by tegra_resume() - vfio/pci: call irq_bypass_unregister_producer() before freeing irq - dma-buf: Fix memory leak in sync_file_merge() - [arm64] drm: meson: venc: cvbs: fix CVBS mode matching - dm mpath: remove harmful bio-based optimization - dm btree: increase rebalance threshold in __rebalance2() - scsi: iscsi: Fix a potential deadlock in the timeout handler - scsi: qla2xxx: Change discovery state before PLOGI - drm/radeon: fix r1xx/r2xx register checker for POT textures - xhci: fix USB3 device initiated resume race with roothub autosuspend https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.92 - af_packet: set defaule value for tmo - [amd64] fjes: fix missed check in fjes_acpi_add - [arm64] net: hisilicon: Fix a BUG trigered by wrong bytes_compl - net: qlogic: Fix error paths in ql_alloc_large_buffers() - net: usb: lan78xx: Fix suspend/resume PHY register access error - qede: Disable hardware gro when xdp prog is installed - qede: Fix multicast mac configuration - sctp: fully initialize v4 addr in some functions - btrfs: don't double lock the subvol_sem for rename exchange - btrfs: do not call synchronize_srcu() in inode_tree_del - Btrfs: fix missing data checksums after replaying a log tree - btrfs: send: remove WARN_ON for readonly mount - btrfs: abort transaction after failed inode updates in create_subvol - btrfs: skip log replay on orphaned roots - btrfs: do not leak reloc root if we fail to read the fs root - btrfs: handle ENOENT in btrfs_uuid_tree_iterate - Btrfs: fix removal logic of the tree mod log that leads to use-after-free issues - ALSA: pcm: Avoid possible info leaks from PCM stream buffers - ALSA: hda/ca0132 - Keep power on during processing DSP response - ALSA: hda/ca0132 - Avoid endless loop - ALSA: hda/ca0132 - Fix work handling in delayed HP detection - [arm64,armhf] drm/panel: Add missing drm_panel_init() in panel drivers - drm/amdgpu: grab the id mgr lock while accessing passid_mapping - spi: Add call to spi_slave_abort() function when spidev driver is released - [x86] staging: rtl8192u: fix multiple memory leaks on error path - staging: rtl8188eu: fix possible null dereference - rtlwifi: prevent memory leak in rtl_usb_probe (CVE-2019-19063) - libertas: fix a potential NULL pointer dereference - ath10k: fix backtrace on coredump - IB/iser: bound protection_sg size by data_sg size - [arm64] media: venus: core: Fix msm8996 frequency table - ath10k: fix offchannel tx failure when no ath10k_mac_tx_frm_has_freq - pinctrl: devicetree: Avoid taking direct reference to device name string - [amd64] drm/amdkfd: fix a potential NULL pointer dereference - [arm64] media: venus: Fix occasionally failures to suspend - [armhf] hwrng: omap3-rom - Call clk_disable_unprepare() on exit only if not idled - media: flexcop-usb: fix NULL-ptr deref in flexcop_usb_transfer_init() - [arm64,armhf] drm/bridge: dw-hdmi: Refuse DDC/CI transfers on the internal I2C controller - block: Fix writeback throttling W=1 compiler warnings - mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring (CVE-2019-19057) - drm/drm_vblank: Change EINVAL by the correct errno - media: cx88: Fix some error handling path in 'cx8800_initdev()' - [armhf] media: ti-vpe: vpe: Fix Motion Vector vpdma stride - [armhf] media: ti-vpe: vpe: fix a v4l2-compliance warning about invalid pixel format - [armhf] media: ti-vpe: vpe: fix a v4l2-compliance failure about frame sequence number - [armhf] media: ti-vpe: vpe: Make sure YUYV is set as default format - [armhf] media: ti-vpe: vpe: fix a v4l2-compliance failure causing a kernel panic - [armhf] media: ti-vpe: vpe: ensure buffers are cleaned up properly in abort cases - [armhf] media: ti-vpe: vpe: fix a v4l2-compliance failure about invalid sizeimage - [x86] syscalls/x86: Use the correct function type in SYSCALL_DEFINE0 - [x86] mm: Use the correct function type for native_set_fixmap() - ath10k: Correct error handling of dma_map_single() - [arm64,armhf] drm/bridge: dw-hdmi: Restore audio when setting a mode - perf report: Add warning when libunwind not compiled in - usb: usbfs: Suppress problematic bind and unbind uevents. - Bluetooth: missed cpu_to_le16 conversion in hci_init4_req - Bluetooth: Workaround directed advertising bug in Broadcom controllers - Bluetooth: hci_core: fix init for HCI_USER_CHANNEL - [x86] mce: Lower throttling MCE messages' priority to warning - [x86] drm/gma500: fix memory disclosures due to uninitialized bytes - rtl8xxxu: fix RTL8723BU connection failure issue after warm reboot - ipmi: Don't allow device module unload when in use - [x86] ioapic: Prevent inconsistent state when moving an interrupt - md/bitmap: avoid race window between md_bitmap_resize and bitmap_file_clear_bit - [arm64] psci: Reduce the waiting time for cpu_psci_cpu_kill() - i40e: initialize ITRN registers with correct values - net: phy: dp83867: enable robust auto-mdix - [arm64,armhf] drm/tegra: sor: Use correct SOR index on Tegra210 - ACPI: button: Add DMI quirk for Medion Akoya E2215T - RDMA/qedr: Fix memory leak in user qp and mr - [arm64,armhf] gpu: host1x: Allocate gather copy for host1x - [arm64,armhf] net: dsa: LAN9303: select REGMAP when LAN9303 enable - [arm64] phy: qcom-usb-hs: Fix extcon double register after power cycle - [s390x] time: ensure get_clock_monotonic() returns monotonic values - [s390x] mm: add mm_pxd_folded() checks to pxd_free() - [arm64] net: hns3: add struct netdev_queue debug info for TX timeout - libata: Ensure ata_port probe has completed before detach - loop: fix no-unmap write-zeroes request behavior - Bluetooth: Fix advertising duplicated flags - pinctrl: amd: fix __iomem annotation in amd_gpio_irq_handler() - ixgbe: protect TX timestamping from API misuse - media: rcar_drif: fix a memory disclosure (CVE-2019-18786) - media: v4l2-core: fix touch support in v4l_g_fmt - rfkill: allocate static minor - bnx2x: Fix PF-VF communication over multi-cos queues. - ALSA: timer: Limit max amount of slave instances - rtlwifi: fix memory leak in rtl92c_set_fw_rsvdpagepkt() - perf probe: Fix to find range-only function instance - perf probe: Fix to list probe event with correct line number - perf jevents: Fix resource leak in process_mapfile() and main() - perf probe: Walk function lines in lexical blocks - perf probe: Fix to probe an inline function which has no entry pc - perf probe: Fix to show ranges of variables in functions without entry_pc - perf probe: Fix to show inlined function callsite without entry_pc - perf probe: Fix to probe a function which has no entry pc - perf tools: Splice events onto evlist even on error - perf parse: If pmu configuration fails free terms - perf probe: Skip overlapped location on searching variables - perf probe: Return a better scope DIE if there is no best scope - perf probe: Fix to show calling lines of inlined functions - perf probe: Skip end-of-sequence and non statement lines - perf probe: Filter out instances except for inlined subroutine and subprogram - ath10k: fix get invalid tx rate for Mesh metric - media: pvrusb2: Fix oops on tear-down when radio support is not present - ice: delay less - [amd64] spi: pxa2xx: Add missed security checks - ASoC: rt5677: Mark reg RT5677_PWR_ANLG2 as volatile - iio: dac: ad5446: Add support for new AD5600 DAC - [x86] ASoC: Intel: kbl_rt5663_rt5514_max98927: Add dmic format constraint - [s390x] disassembler: don't hide instruction addresses - nvme: Discard workaround for non-conformant devices - parport: load lowlevel driver if ports not found - bcache: fix static checker warning in bcache_device_free() - cpufreq: Register drivers only after CPU devices have been registered - tracing: use kvcalloc for tgid_map array allocation - tracing/kprobe: Check whether the non-suffixed symbol is notrace - bcache: fix deadlock in bcache_allocator - iwlwifi: mvm: fix unaligned read of rx_pkt_status - [arm64] spi: tegra20-slink: add missed clk_unprepare - tun: fix data-race in gro_normal_list() - crypto: virtio - deal with unsupported input sizes - btrfs: don't prematurely free work in end_workqueue_fn() - btrfs: don't prematurely free work in run_ordered_work() - [x86] ASoC: Intel: bytcr_rt5640: Update quirk for Acer Switch 10 SW5-012 2-in-1 - [x86] insn: Add some Intel instructions to the opcode map - brcmfmac: remove monitor interface when detaching - iwlwifi: check kasprintf() return value - [armhf] net: ethernet: ti: ale: clean ale tbl on init and intf restart - [armhf] crypto: sun4i-ss - Fix 64-bit size_t warnings - [armhf] crypto: sun4i-ss - Fix 64-bit size_t warnings on sun4i-ss-hash.c - mac80211: consider QoS Null frames for STA_NULLFUNC_ACKED - net: phy: initialise phydev speed and duplex sanely - btrfs: don't prematurely free work in reada_start_machine_worker() - btrfs: don't prematurely free work in scrub_missing_raid56_worker() - Revert "mmc: sdhci: Fix incorrect switch to HS mode" - can: kvaser_usb: kvaser_usb_leaf: Fix some info-leaks to USB devices (CVE-2019-19947) - usb: xhci: Fix build warning seen with CONFIG_PM=n - [s390x] ftrace: fix endless recursion in function_graph tracer - btrfs: return error pointer from alloc_test_extent_buffer - usbip: Fix receive error in vhci-hcd when using scatter-gather - usbip: Fix error path of vhci_recv_ret_submit() - cpufreq: Avoid leaving stale IRQ work items during CPU offline - [x86] intel_th: pci: Add Comet Lake PCH-V support - [x86] intel_th: pci: Add Elkhart Lake SOC support - [x86] platform/x86: hp-wmi: Make buffer for HPWMI_FEATURE2_QUERY 128 bytes - [x86] staging: comedi: gsc_hpdi: check dma_alloc_coherent() return value - ext4: fix ext4_empty_dir() for directories with holes (CVE-2019-19037) - ext4: check for directory entries too close to block end - ext4: unlock on error in ext4_expand_extra_isize() - [arm64] KVM: Ensure 'params' is initialised when looking up sys register - [x86] MCE/AMD: Do not use rdmsr_safe_on_cpu() in smca_configure() - [x86] MCE/AMD: Allow Reserved types to be overwritten in smca_banks[] - [powerpc*] irq: fix stack overflow verification - [arm64] mmc: sdhci-msm: Correct the offset and value for DDR_CONFIG register - mmc: sdhci: Update the tuning failed messages to pr_debug level - mmc: sdhci: Workaround broken command queuing on Intel GLK - mmc: sdhci: Add a quirk for broken command queuing - nbd: fix shutdown and recv work deadlock - perf probe: Fix to show function entry line as probe-able https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.93 - scsi: lpfc: Fix discovery failures when target device connectivity bounces - scsi: mpt3sas: Fix clear pending bit in ioctl status - scsi: lpfc: Fix locking on mailbox command completion - Input: atmel_mxt_ts - disable IRQ across suspend - f2fs: fix to update time in lazytime mode - [arm64,armhf] iommu: rockchip: Free domain on .domain_free - [arm64,armhf] iommu/tegra-smmu: Fix page tables in > 4 GiB memory - scsi: target: compare full CHAP_A Algorithm strings - scsi: lpfc: Fix SLI3 hba in loop mode not discovering devices - scsi: csiostor: Don't enable IRQs too early - [arm64] scsi: hisi_sas: Replace in_softirq() check in hisi_sas_task_exec() - [ppc64el] pseries: Mark accumulate_stolen_time() as notrace - [ppc64el] pseries: Don't fail hash page table insert for bolted mapping - clocksource/drivers/timer-of: Use unique device name instead of timer - [ppc64el] security/book3s64: Report L1TF status in sysfs - [ppc64el] book3s64/hash: Add cond_resched to avoid soft lockup warning - ext4: update direct I/O read lock pattern for IOCB_NOWAIT - ext4: iomap that extends beyond EOF should be marked dirty - jbd2: Fix statistics for the number of logged blocks - scsi: tracing: Fix handling of TRANSFER LENGTH == 0 for READ(6) and WRITE(6) - scsi: lpfc: Fix duplicate unreg_rpi error in port offline flow - f2fs: fix to update dir's i_pino during cross_rename - [arm64] clk: qcom: Allow constant ratio freq tables for rcg - clk: clk-gpio: propagate rate change to parent - fs/quota: handle overflows of sysctl fs.quota.* and report as unsigned long - scsi: lpfc: fix: Coverity: lpfc_cmpl_els_rsp(): Null pointer dereferences - [ppc64el] PCI: rpaphp: Fix up pointer to first drc-info entry - scsi: ufs: fix potential bug which ends in system hang - [ppc64el] PCI: rpaphp: Don't rely on firmware feature to imply drc-info support - [ppc64el] PCI: rpaphp: Annotate and correctly byte swap DRC properties - [ppc64el] PCI: rpaphp: Correctly match ibm, my-drc-index to drc-name when using drc-info - [ppc64el] powerpc/security: Fix wrong message when RFI Flush is disable - bcache: at least try to shrink 1 node in bch_mca_scan() - HID: quirks: Add quirk for HP MSU1465 PIXART OEM mouse - HID: logitech-hidpp: Silence intermittent get_battery_capacity errors - [armhf] 8937/1: spectre-v2: remove Brahma-B53 from hardening - libnvdimm/btt: fix variable 'rc' set but not used - HID: Improve Windows Precision Touchpad detection. - HID: rmi: Check that the RMI_STARTED bit is set before unregistering the RMI transport device - watchdog: Fix the race between the release of watchdog_core_data and cdev - scsi: pm80xx: Fix for SATA device discovery - scsi: ufs: Fix error handing during hibern8 enter - scsi: scsi_debug: num_tgts must be >= 0 - scsi: iscsi: Don't send data to unbound connection - scsi: target: iscsi: Wait for all commands to finish before freeing a session - apparmor: fix unsigned len comparison with less than zero - scripts/kallsyms: fix definitely-lost memory leak - cdrom: respect device capabilities during opening action - perf script: Fix brstackinsn for AUXTRACE - perf regs: Make perf_reg_name() return "unknown" instead of NULL - [s390x] zcrypt: handle new reply code FILTERED_BY_HYPERVISOR - [s390x] cpum_sf: Check for SDBT and SDB consistency - ocfs2: fix passing zero to 'PTR_ERR' warning - kernel: sysctl: make drop_caches write-only - userfaultfd: require CAP_SYS_PTRACE for UFFD_FEATURE_EVENT_FORK - [x86] mce: Fix possibly incorrect severity calculation on AMD - net, sysctl: Fix compiler warning when only cBPF is present - netfilter: nf_queue: enqueue skbs with NULL dst - ALSA: hda - Downgrade error message for single-cmd fallback - bonding: fix active-backup transition after link failure - perf strbuf: Remove redundant va_end() in strbuf_addv() - Make filldir[64]() verify the directory entry filename is valid (CVE-2019-10220) - filldir[64]: remove WARN_ON_ONCE() for bad directory entries (CVE-2019-10220) - netfilter: ebtables: compat: reject all padding in matches/watchers - 6pack,mkiss: fix possible deadlock - netfilter: bridge: make sure to pull arp header in br_nf_forward_arp() - inetpeer: fix data-race in inet_putpeer / inet_putpeer - net: add a READ_ONCE() in skb_peek_tail() - net: icmp: fix data-race in cmp_global_allow() - hrtimer: Annotate lockless access to timer->state - net: ena: fix napi handler misbehavior when the napi budget is zero - net/mlxfw: Fix out-of-memory error in mfa2 flash burning - [arm64,armhf] net: stmmac: dwmac-meson8b: Fix the RGMII TX delay on Meson8b/8m2 SoCs - ptp: fix the race between the release of ptp_clock and cdev - tcp: Fix highest_sack and highest_sack_seq - udp: fix integer overflow while computing available space in sk_rcvbuf - vhost/vsock: accept only packets with the right dst_cid - net: add bool confirm_neigh parameter for dst_ops.update_pmtu - ip6_gre: do not confirm neighbor when do pmtu update - gtp: do not confirm neighbor when do pmtu update - net/dst: add new function skb_dst_update_pmtu_no_confirm - tunnel: do not confirm neighbor when do pmtu update - vti: do not confirm neighbor when do pmtu update - sit: do not confirm neighbor when do pmtu update - net/dst: do not confirm neighbor for vxlan and geneve pmtu update - gtp: do not allow adding duplicate tid and ms_addr pdp context - [arm64,armhf] net: marvell: mvpp2: phylink requires the link interrupt - tcp/dccp: fix possible race __inet_lookup_established() - tcp: do not send empty skb from tcp_write_xmit() - gtp: fix wrong condition in gtp_genl_dump_pdp() - gtp: fix an use-after-free in ipv4_pdp_find() - gtp: avoid zero size hashtable - [arm64,armhf] pinctrl: baytrail: Really serialize all register accesses https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.94 - nvme_fc: add module to ops template to allow module references - nvme-fc: fix double-free scenarios on hw queues - drm/amdgpu: add check before enabling/disabling broadcast mode - drm/amdgpu: add cache flush workaround to gfx8 emit_fence - PM / devfreq: Fix devfreq_notifier_call returning errno - PM / devfreq: Set scaling_max_freq to max on OPP notifier error - PM / devfreq: Don't fail devfreq_dev_release if not in list - afs: Fix afs_find_server lookups for ipv4 peers - afs: Fix SELinux setting security label on /afs - RDMA/cma: add missed unregister_pernet_subsys in init failure - rxe: correctly calculate iCRC for unaligned payloads - scsi: lpfc: Fix memory leak on lpfc_bsg_write_ebuf_set func - scsi: qla2xxx: Drop superfluous INIT_WORK of del_work - scsi: qla2xxx: Don't call qlt_async_event twice - scsi: qla2xxx: Fix PLOGI payload and ELS IOCB dump length - scsi: qla2xxx: Configure local loop for N2N target - scsi: qla2xxx: Send Notify ACK after N2N PLOGI - scsi: qla2xxx: Ignore PORT UPDATE after N2N PLOGI - scsi: iscsi: qla4xxx: fix double free in probe - scsi: libsas: stop discovering if oob mode is disconnected (CVE-2019-19965) - drm/nouveau: Move the declaration of struct nouveau_conn_atom up a bit - usb: gadget: fix wrong endpoint desc - net: make socket read/write_iter() honor IOCB_NOWAIT - afs: Fix creation calls in the dynamic root to fail with EOPNOTSUPP - md: raid1: check rdev before reference in raid1_sync_request func - [s390x] cpum_sf: Adjust sampling interval to avoid hitting sample limits - [s390x] cpum_sf: Avoid SBD overflow condition in irq handler - IB/mlx4: Follow mirror sequence of device add during device removal - IB/mlx5: Fix steering rule of drop and count - xen-blkback: prevent premature module unload - xen/balloon: fix ballooned page accounting without hotplug enabled - PM / hibernate: memory_bm_find_bit(): Tighten node optimisation - ALSA: hda/realtek - Add Bass Speaker and fixed dac for bass speaker - ALSA: hda/realtek - Enable the bass speaker of ASUS UX431FLC - ALSA: hda - fixup for the bass speaker on Lenovo Carbon X1 7th gen - xfs: fix mount failure crash on invalid iclog memory access - taskstats: fix data-race - drm: limit to INT_MAX in create_blob ioctl - netfilter: nft_tproxy: Fix port selector on Big Endian - ALSA: ice1724: Fix sleep-in-atomic in Infrasonic Quartet support code - ALSA: usb-audio: fix set_format altsetting sanity check - ALSA: usb-audio: set the interface format after resume on Dell WD19 - ALSA: hda/realtek - Add headset Mic no shutup for ALC283 - [arm64,armhf] drm/sun4i: hdmi: Remove duplicate cleanup calls - [mips*] Avoid VDSO ABI breakage due to global register variable - media: pulse8-cec: fix lost cec_transmit_attempt_done() call - media: cec: CEC 2.0-only bcast messages were ignored - media: cec: avoid decrementing transmit_queue_sz if it is 0 - media: cec: check 'transmit_in_progress', not 'transmitting' - mm/zsmalloc.c: fix the migrated zspage statistics. - memcg: account security cred as well to kmemcg - mm: move_pages: return valid node id in status if the page is already on the target node - [x86,arm64] pstore/ram: Write new dumps to start of recycled zones - locks: print unsigned ino in /proc/locks - compat_ioctl: block: handle Persistent Reservations - compat_ioctl: block: handle BLKREPORTZONE/BLKRESETZONE - ata: libahci_platform: Export again ahci_platform_<en/dis>able_phys() - libata: Fix retrieving of active qcs - gpiolib: fix up emulated open drain outputs - tracing: Fix lock inversion in trace_event_enable_tgid_record() - tracing: Avoid memory leak in process_system_preds() - tracing: Have the histogram compare functions convert to u64 first - tracing: Fix endianness bug in histogram trigger - apparmor: fix aa_xattrs_match() may sleep while holding a RCU lock - [i386] ALSA: cs4236: fix error return comparison of an unsigned integer - ALSA: firewire-motu: Correct a typo in the clock proc string - exit: panic before exit_mm() on global init exit - [arm64] Revert support for execute-only user mappings - ftrace: Avoid potential division by zero in function profiler - [arm64] drm/msm: include linux/sched/task.h - PM / devfreq: Check NULL governor in available_governors_show - nfsd4: fix up replay_matches_cache() - [x86,arm64] HID: i2c-hid: Reset ALPS touchpads on resume - ACPI: sysfs: Change ACPI_MASKABLE_GPE_MAX to 0x100 - xfs: don't check for AG deadlock for realtime files in bunmapi - [x86] platform/x86: pmc_atom: Add Siemens CONNECT X300 to critclk_systems DMI table - Bluetooth: btusb: fix PM leak in error case of setup - Bluetooth: delete a stray unlock - Bluetooth: Fix memory leak in hci_connect_le_scan - media: flexcop-usb: ensure -EIO is returned on error condition - media: usb: fix memory leak in af9005_identify_state (CVE-2019-18809) - [arm64] dts: meson: odroid-c2: Disable usb_otg bus to avoid power failed warning - [arm64] tty: serial: msm_serial: Fix lockup for sysrq and oops - fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP - bdev: Factor out bdev revalidation into a common helper - bdev: Refresh bdev size for disks without partitioning - scsi: qedf: Do not retry ELS request if qedf_alloc_cmd fails - drm/mst: Fix MST sideband up-reply failure handling - [ppc64el] pseries/hvconsole: Fix stack overread via udbg - [ppc64el] KVM: PPC: Book3S HV: use smp_mb() when setting/clearing host_ipi flag - rxrpc: Fix possible NULL pointer access in ICMP handling - tcp: annotate tp->rcv_nxt lockless reads - net: core: limit nested device depth - ath9k_htc: Modify byte order for an error message - ath9k_htc: Discard undersized packets - xfs: periodically yield scrub threads to the scheduler - net: add annotations on hh->hh_len lockless accesses - ubifs: ubifs_tnc_start_commit: Fix OOB in layout_in_gaps - [s390x] smp: fix physical to logical CPU map for SMT - xen/blkback: Avoid unmapping unmapped grant pages - [x86] perf/x86/intel/bts: Fix the use of page_private() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.95 - bpf: Fix passing modified ctx to ld/abs/ind instruction - regulator: fix use after free issue - ASoC: max98090: fix possible race conditions - netfilter: ctnetlink: netns exit must wait for callbacks - mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() (CVE-2019-14901) - [x86] efi: Update e820 with reserved EFI boot services data to fix kexec breakage - [x86] ASoC: Intel: bytcr_rt5640: Update quirk for Teclast X89 - efi/gop: Return EFI_NOT_FOUND if there are no usable GOPs - efi/gop: Return EFI_SUCCESS if a usable GOP was found - efi/gop: Fix memory leak in __gop_query32/64() - netfilter: uapi: Avoid undefined left-shift in xt_sctp.h - netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets - netfilter: nf_tables: validate NFT_SET_ELEM_INTERVAL_END - netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init() - [arm64] spi: spi-cavium-thunderx: Add missing pci_release_regions() - ASoC: topology: Check return value for soc_tplg_pcm_create() - bnxt_en: Return error if FW returns more data than dump length - [mips*] bpf, mips: Limit to 33 tail calls - [armhf] spi: spi-ti-qspi: Fix a bug when accessing non default CS - [powerpc*] Ensure that swiotlb buffer is allocated from low memory - btrfs: Fix error messages in qgroup_rescan_init - bpf: Clear skb->tstamp in bpf_redirect when necessary - bnx2x: Do not handle requests from VFs after parity - bnx2x: Fix logic to get total no. of PFs per engine - cxgb4: Fix kernel panic while accessing sge_info - net: usb: lan78xx: Fix error message format specifier - rfkill: Fix incorrect check to avoid NULL pointer dereference - iommu/iova: Init the struct iova to fix the possible memleak - [x86] perf/x86/intel: Fix PT PMI handling - fs: avoid softlockups in s_inodes iterators - [arm64,armhf] net: stmmac: Do not accept invalid MTU values - [arm64,armhf] net: stmmac: xgmac: Clear previous RX buffer size - [arm64,armhf] net: stmmac: RX buffer size must be 16 byte aligned - [arm64,armhf] net: stmmac: Always arm TX Timer at end of transmission start - [s390x] dasd/cio: Interpret ccw_device_get_mdc return value correctly - [s390x] dasd: fix memleak in path handling error case - block: fix memleak when __blk_rq_map_user_iov() is failed - llc2: Fix return statement of llc_stat_ev_rx_null_dsap_xid_c (and _test_c) - [x86] hv_netvsc: Fix unwanted rx_table reset - [powerpc*] vcpu: Assume dedicated processors as non-preempt - [powerpc*] spinlocks: Include correct header for static key - [armhf] cpufreq: imx6q: read OCOTP through nvmem for imx6ul/imx6ull - gtp: fix bad unlock balance in gtp_encap_enable_socket - macvlan: do not assume mac_header is set in macvlan_broadcast() - [arm64,armhf] net: dsa: mv88e6xxx: Preserve priority when setting CPU port. - [arm64,armhf] net: stmmac: dwmac-sun8i: Allow all RGMII modes - [arm64,armhf] net: stmmac: dwmac-sunxi: Allow all RGMII modes - net: usb: lan78xx: fix possible skb leak - pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM - sch_cake: avoid possible divide by zero in cake_enqueue() - sctp: free cmd->obj.chunk for the unprocessed SCTP_CMD_REPLY - tcp: fix "old stuff" D-SACK causing SACK to be treated as D-SACK - vxlan: fix tos value before xmit - vlan: fix memory leak in vlan_dev_set_egress_priority - vlan: vlan_changelink() should propagate errors - net: sch_prio: When ungrafting, replace with FIFO - [arm64,armhf] usb: dwc3: gadget: Fix request complete check - USB: core: fix check for duplicate endpoints - USB: serial: option: add Telit ME910G1 0x110a composition - usb: missing parentheses in USE_NEW_SCHEME https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.96 - chardev: Avoid potential use-after-free in 'chrdev_open()' - i2c: fix bus recovery stop mode timing - [arm64,armhf] usb: chipidea: host: Disable port power only if previously enabled - ALSA: usb-audio: Apply the sample rate quirk for Bose Companion 5 - ALSA: hda/realtek - Add new codec supported for ALCS1200A - ALSA: hda/realtek - Set EAPD control to default for ALC222 - [x86] ALSA: hda/realtek - Add quirk for the bass speaker on Lenovo Yoga X1 7th gen - kernel/trace: Fix do not unregister tracepoints when register sched_migrate_task fail - tracing: Have stack tracer compile when MCOUNT_INSN_SIZE is not defined - tracing: Change offset type to s32 in preempt/irq tracepoints - HID: Fix slab-out-of-bounds read in hid_field_extract - HID: uhid: Fix returning EPOLLOUT from uhid_char_poll - HID: hid-input: clear unmapped usages - Input: add safety guards to input_set_keycode() - [arm64,armhf] drm/sun4i: tcon: Set RGB DCLK min. divider based on hardware model - drm/fb-helper: Round up bits_per_pixel if possible - drm/dp_mst: correct the shifting in DP_REMOTE_I2C_READ - can: kvaser_usb: fix interface sanity check - can: gs_usb: gs_usb_probe(): use descriptors of current altsetting - can: can_dropped_invalid_skb(): ensure an initialized headroom in outgoing CAN sk_buffs - gpiolib: acpi: Turn dmi_system_id table into a generic quirk table - gpiolib: acpi: Add honor_wakeup module-option + quirk mechanism - [x86] staging: vt6656: set usb_set_intfdata on driver fail. - USB: serial: option: add ZLP support for 0x1bc7/0x9010 - [arm64,armhf] usb: musb: fix idling for suspend after disconnect interrupt - [arm64,armhf] usb: musb: Disable pullup at init - [arm64,armhf] usb: musb: dma: Correct parameter passed to IRQ handler - [x86] staging: comedi: adv_pci1710: fix AI channels 16-31 for PCI-1713 - staging: rtl8188eu: Add device code for TP-Link TL-WN727N v5.21 - serdev: Don't claim unsupported ACPI serial devices - tty: link tty and port before configuring it as console - tty: always relink the port - mwifiex: fix possible heap overflow in mwifiex_process_country_ie() (CVE-2019-14895) - mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf (CVE-2019-19056) - scsi: bfa: release allocated memory in case of error (CVE-2019-19066) - rtl8xxxu: prevent leaking urb (CVE-2019-19068) - ath10k: fix memory leak (CVE-2019-19078) - HID: hiddev: fix mess in hiddev_open() - USB: Fix: Don't skip endpoint descriptors with maxpacket=0 - netfilter: arp_tables: init netns pointer in xt_tgchk_param struct - netfilter: conntrack: dccp, sctp: handle null timeout argument - netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present - [x86] drm/i915/gen9: Clear residual context state on context switch (CVE-2019-14615) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.97 - hidraw: Return EPOLLOUT from hidraw_poll - HID: hidraw: Fix returning EPOLLOUT from hidraw_poll - HID: hidraw, uhid: Always report EPOLLOUT - cfg80211/mac80211: make ieee80211_send_layer2_update a public function - mac80211: Do not send Layer 2 Update frame before authorization (CVE-2019-5108) - f2fs: Move err variable to function scope in f2fs_fill_dentries() - f2fs: check memory boundary by insane namelen - f2fs: check if file namelen exceeds max value (CVE-2019-9445) - media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap (CVE-2019-15217) - iwlwifi: dbg_ini: fix memory leak in alloc_sgtable (CVE-2019-19058) - iwlwifi: pcie: fix memory leaks in iwl_pcie_ctxt_info_gen3_init (CVE-2019-19059) - RDMA: Fix goto target to release the allocated memory (CVE-2019-19077) - dccp: Fix memleak in __feat_register_sp (CVE-2019-20096) - [x86] drm/i915: Fix use-after-free when destroying GEM context - ASoC: soc-core: Set dpcm_playback / dpcm_capture - [armhf] mtd: onenand: omap2: Pass correct flags for prep_dma_memcpy - [arm64] gpio: zynq: Fix for bug in zynq_gpio_restore_context API - iommu: Remove device link to group on failure - gpio: Fix error message on out-of-range GPIO in lookup table - [s390x] qeth: fix false reporting of VNIC CHAR config failure - [s390x] qeth: Fix vnicc_is_in_use if rx_bcast not set - cifs: Adjust indentation in smb2_open_file - afs: Fix missing cell comparison in afs_test_super() - drm/ttm: fix start page for huge page check in ttm_put_pages() (CVE-2019-19927) - drm/ttm: fix incrementing the page pointer for huge pages (CVE-2019-19927) - btrfs: simplify inode locking for RWF_NOWAIT - RDMA/mlx5: Return proper error value - RDMA/srpt: Report the SCSI residual to the initiator - scsi: enclosure: Fix stale device oops with hot replug - scsi: sd: Clear sdkp->protection_type if disk is reformatted without PI - [x86] platform/x86: asus-wmi: Fix keyboard brightness cannot be set to 0 - [x86] platform/x86: GPD pocket fan: Use default values when wrong modparams are given - xprtrdma: Fix completion wait during device removal - crypto: virtio - implement missing support for output IVs - NFSv2: Fix a typo in encode_sattr() - NFSv4.x: Drop the slot if nfs4_delegreturn_prepare waits for layoutreturn - mei: fix modalias documentation - [armhf] clk: samsung: exynos5420: Preserve CPU clocks configuration during suspend/resume - [armhf] pinctl: ti: iodelay: fix error checking on pinctrl_count_index_with_args call - [x86] pinctrl: lewisburg: Update pin list according to v1.1v6 - scsi: sd: enable compat ioctls for sed-opal - af_unix: add compat_ioctl support - compat_ioctl: handle SIOCOUTQNSD - [arm64,armhf] PCI: dwc: Fix find_next_bit() usage - PCI/PTM: Remove spurious "d" from granularity message - [powerpc*] powernv: Disable native PCIe port management - [armhf] tty: serial: imx: use the sg count from dma_map_sg - [i386] tty: serial: pch_uart: correct usage of dma_unmap_sg - mtd: spi-nor: fix silent truncation in spi_nor_read() - mtd: spi-nor: fix silent truncation in spi_nor_read_raw() - rtlwifi: Remove unnecessary NULL check in rtl_regd_init - f2fs: fix potential overflow - scsi: libcxgbi: fix NULL pointer dereference in cxgbi_device_destroy() - [mips*] cacheinfo: report shared CPU map - [arm64] drm/arm/mali: make malidp_mw_connector_helper_funcs static - [arm64] dmaengine: k3dma: Avoid null pointer traversal - [amd64] ioat: ioat_alloc_ring() failure handling. - ocfs2: call journal flush to mark journal as empty after journal recovery when mount https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.98 - clk: Don't try to enable critical clocks if prepare failed - iio: buffer: align the size of scan bytes to size of the largest element - USB: serial: simple: Add Motorola Solutions TETRA MTP3xxx and MTP85xx - USB: serial: option: Add support for Quectel RM500Q - USB: serial: opticon: fix control-message timeouts - USB: serial: option: add support for Quectel RM500Q in QDL mode - USB: serial: suppress driver bind attributes - USB: serial: ch341: handle unbound port at reset_resume - USB: serial: io_edgeport: handle unbound ports on URB completion - USB: serial: io_edgeport: add missing active-port sanity check - USB: serial: keyspan: handle unbound ports - USB: serial: quatech2: handle unbound ports - [x86] scsi: fnic: fix invalid stack access - scsi: mptfusion: Fix double fetch bug in ioctl - [armhf] dts: imx6q-dhcom: Fix SGTL5000 VDDIO regulator connection - ALSA: dice: fix fallback from protocol extension into limited functionality - ALSA: seq: Fix racy access for queue timer in proc read - ALSA: usb-audio: fix sync-ep altsetting sanity check - [arm64] dts: allwinner: a64: olinuxino: Fix SDIO supply regulator - block: fix an integer overflow in logical block size - [armhf] dts: am571x-idk: Fix gpios property to have the correct gpio number - LSM: generalize flag passing to security_capable - ptrace: reintroduce usage of subjective credentials in ptrace_has_cap() - usb: core: hub: Improved device recognition on remote wakeup - [x86] resctrl: Fix an imbalance in domain_remove_cpu() - [x86] CPU/AMD: Ensure clearing of SME/SEV features is maintained - [amd64] x86/efistub: Disable paging at mixed mode entry - [x86] resctrl: Fix potential memory leak - perf hists: Fix variable name's inconsistency in hists__for_each() macro - perf report: Fix incorrectly added dimensions as switch perf data file - mm/shmem.c: thp, shmem: fix conflict of above-47bit hint address and PMD alignment - mm: memcg/slab: call flush_memcg_workqueue() only if memcg workqueue is valid - btrfs: rework arguments of btrfs_unlink_subvol - btrfs: fix invalid removal of root ref - btrfs: do not delete mismatched root refs - btrfs: fix memory leak in qgroup accounting - mm/page-writeback.c: avoid potential division by zero in wb_min_max_ratio() - [armhf] dts: imx6qdl: Add Engicam i.Core 1.5 MX6 - [armhf] dts: imx6q-icore-mipi: Use 1.5 version of i.Core MX6DL - [arm64,armhf] net: stmmac: 16KB buffer must be 16 byte aligned - [arm64,armhf] net: stmmac: Enable 16KB buffer size - mm/huge_memory.c: make __thp_get_unmapped_area static - mm/huge_memory.c: thp: fix conflict of above-47bit hint address and PMD alignment - bpf: Fix incorrect verifier simulation of ARSH under ALU32 - cfg80211: fix deadlocks in autodisconnect work - cfg80211: fix memory leak in cfg80211_cqm_rssi_update - cfg80211: fix page refcount issue in A-MSDU decap - netfilter: fix a use-after-free in mtype_destroy() - netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct - netfilter: nft_tunnel: fix null-attribute check - netfilter: nf_tables: remove WARN and add NLA_STRING upper limits - netfilter: nf_tables: store transaction list locally while requesting module - netfilter: nf_tables: fix flowtable list del corruption - NFC: pn533: fix bulk-message timeout - batman-adv: Fix DAT candidate selection on little endian systems - macvlan: use skb_reset_mac_header() in macvlan_queue_xmit() - [x86] hv_netvsc: Fix memory leak when removing rndis device - [arm64] net: hns: fix soft lockup when there is not enough memory - net: usb: lan78xx: limit size of local TSO packets - ptp: free ptp device pin descriptors properly - r8152: add missing endpoint sanity check - tcp: fix marked lost packets not being retransmitted - xen/blkfront: Adjust indentation in xlvbd_alloc_gendisk - tcp: refine rule to allow EPOLLOUT generation under mem pressure - [arm64] dts: meson-gxl-s905x-khadas-vim: fix gpio-keys-polled node - cfg80211: check for set_wiphy_params - tick/sched: Annotate lockless access to last_jiffies_update - drm/nouveau/bar/nv50: check bar1 vmm return value - drm/nouveau/bar/gf100: ensure BAR is mapped - drm/nouveau/mmu: qualify vmm during dtor - reiserfs: fix handling of -EOPNOTSUPP in reiserfs_for_each_xattr - scsi: esas2r: unlock on error in esas2r_nvram_read_direct() - scsi: qla4xxx: fix double free bug - scsi: bnx2i: fix potential use after free - scsi: target: core: Fix a pr_debug() argument - scsi: qla2xxx: Fix qla2x00_request_irqs() for MSI - scsi: qla2xxx: fix rports not being mark as lost in sync fabric scan - scsi: core: scsi_trace: Use get_unaligned_be*() - perf probe: Fix wrong address verification . [ Joe Richey ] * [cloud-amd64] tpm: Enable TPM drivers for Cloud (Closes: #946237) . [ Salvatore Bonaccorso ] * Refresh powerpc-fix-mcpu-options-for-spe-only-compiler.patch (Context changes in 4.19.88) * Drop 0027-RDMA-hns-Fix-the-bug-with-updating-rq-head-pointer-w.patch * Drop 0028-RDMA-hns-Bugfix-for-the-scene-without-receiver-queue.patch * [rt] Refresh 0199-net-move-xmit_recursion-to-per-task-variable-on-RT.patch (Context changes in 4.19.88) * [rt] Update to 4.19.90-rt35: - Update "workqueue: rework" for workqueue changes in 4.19.90 * [rt] Drop 0245-Revert-arm64-preempt-Fix-big-endian-when-checking-pr.patch * Refresh 0013-scsi-hisi_sas-Relocate-some-codes-to-avoid-an-unused.patch for context changes in 4.19.93. * [rt] Refresh 0253-watchdog-prevent-deferral-of-watchdogd-wakeup-on-RT.patch (Context changes in 4.19.93) * [rt] Refresh 0199-net-move-xmit_recursion-to-per-task-variable-on-RT.patch (Context changes in 4.19.97) . [ Ben Hutchings ] * [rt] Update to 4.19.94-rt38: - Refresh "x86/ioapic: Don't let setaffinity unmask threaded EOI interrupt too early" which was partly included in 4.19.92 * aufs: Update support patchset to aufs4.19.63+ 20200113; no functional changes * Bump ABI to 8 * libertas: Fix two buffer overflows at parsing bss descriptor (CVE-2019-14896, CVE-2019-14897) * wimax: i2400: fix memory leak (CVE-2019-19051) * wimax: i2400: Fix memory leak in i2400m_op_rfkill_sw_toggle (CVE-2019-19051) * [amd64/cloud-amd64] hwrandom: Enable HW_RANDOM_VIRTIO (Closes: #914511) . [ Noah Meyerhans ] * random: try to actively add entropy rather than passively wait for it (Closes: #948519) . [ Aurelien Jarno ] * [mips*/malta] Enable POWER_RESET_PIIX4_POWEROFF. linux (4.19.87-1) buster; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.68 - seq_file: fix problem when seeking mid-record - mm/hmm: fix bad subpage pointer in try_to_unmap_one - mm: mempolicy: make the behavior consistent when MPOL_MF_MOVE* and MPOL_MF_STRICT were specified - mm: mempolicy: handle vma with unmovable pages mapped correctly in mbind - mm/memcontrol.c: fix use after free in mem_cgroup_iter() - mm/usercopy: use memory range to be accessed for wraparound check - Revert "pwm: Set class for exported channels in sysfs" - cpufreq: schedutil: Don't skip freq update when limits change - [x86] ALSA: hda/realtek - Add quirk for HP Envy x360 - ALSA: hda - Apply workaround for another AMD chip 1022:1487 - ALSA: hda - Fix a memory leak bug - ALSA: hda - Add a generic reboot_notify - ALSA: hda - Let all conexant codec enter D3 when rebooting - HID: holtek: test for sanity of intfdata - HID: hiddev: avoid opening a disconnected device - HID: hiddev: do cleanup in failure of opening a device - Input: kbtab - sanity check for endpoint type - Input: iforce - add sanity checks - net: usb: pegasus: fix improper read if get_registers() fail - netfilter: ebtables: also count base chain policies - xen/pciback: remove set but not used variable 'old_state' - [armhf,arm64] irqchip/gic-v3-its: Free unused vpt_page when alloc vpe table fail - perf header: Fix divide by zero error if f_header.attr_size==0 - perf header: Fix use of unitialized value warning - libata: zpodd: Fix small read overflow in zpodd_get_mech_type() - Btrfs: fix deadlock between fiemap and transaction commits - scsi: hpsa: correct scsi command status issue after reset - scsi: qla2xxx: Fix possible fcport null-pointer dereferences - drm/amdgpu: fix a potential information leaking bug - ata: libahci: do not complain in case of deferred probe - kbuild: modpost: handle KBUILD_EXTRA_SYMBOLS only for external modules - [arm64] efi: fix variable 'si' set but not used - [arm64] unwind: Prohibit probing on return_address() - [arm64] mm: fix variable 'pud' set but not used - IB/core: Add mitigation for Spectre V1 - IB/mlx5: Fix MR registration flow to use UMR properly - IB/mad: Fix use-after-free in ib mad completion handling - [arm64] drm: msm: Fix add_gpu_components - [armhf] drm/exynos: fix missing decrement of retry counter - ocfs2: remove set but not used variable 'last_hash' - asm-generic: fix -Wtype-limits compiler warnings - [arm64] KVM: regmap: Fix unexpected switch fall-through - [armhf,arm64] KVM: Sync ICH_VMCR_EL2 back when about to block - [x86] staging: comedi: dt3000: Fix signed integer overflow 'divider * base' - [x86] staging: comedi: dt3000: Fix rounding up of timer divisor - USB: core: Fix races in character device registration and deregistraion - usb: cdc-acm: make sure a refcount is taken early enough - USB: CDC: fix sanity checks in CDC union parser - USB: serial: option: add D-Link DWM-222 device ID - USB: serial: option: Add support for ZTE MF871A - USB: serial: option: add the BroadMobi BM818 card - USB: serial: option: Add Motorola modem UARTs - [x86] drm/i915/cfl: Add a new CFL PCI ID. - [arm64] ftrace: Ensure module ftrace trampoline is coherent with I-side - Input: psmouse - fix build error of multiple definition - bnx2x: Fix VF's VLAN reconfiguration in reload. - bonding: Add vlan tx offload to hw_enc_features - net: dsa: Check existence of .port_mdb_add callback before calling it - net/mlx4_en: fix a memory leak bug - net/packet: fix race in tpacket_snd() - sctp: fix memleak in sctp_send_reset_streams - sctp: fix the transport error_count check - team: Add vlan tx offload to hw_enc_features - tipc: initialise addr_trail_end when setting node addresses - xen/netback: Reset nr_frags before freeing skb - net/mlx5e: Only support tx/rx pause setting for port owner - net/mlx5e: Use flow keys dissector to parse packets for ARFS - [arm64] mmc: sdhci-of-arasan: Do now show error message in case of deffered probe https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.69 - HID: Add 044f:b320 ThrustMaster, Inc. 2 in 1 DT - [mips*] kernel: only use i8253 clocksource with periodic clockevent - [mips*] fix cacheinfo - netfilter: ebtables: fix a memory leak bug in compat - ASoC: dapm: Fix handling of custom_stop_condition on DAPM graph walks - bonding: Force slave speed check after link state recovery for 802.3ad - [armhf,arm64] net: mvpp2: Don't check for 3 consecutive Idle frames for 10G links - can: dev: call netif_carrier_off() in register_candev() - can: gw: Fix error path of cgw_module_init - [armhf,arm64] ASoC: rockchip: Fix mono capture - [armhf] ASoC: ti: davinci-mcasp: Correct slot_width posed constraint - net: usb: qmi_wwan: Add the BroadMobi BM818 card - qed: RDMA - Fix the hw_ver returned in device attributes - isdn: mISDN: hfcsusb: Fix possible null-pointer dereferences in start_isoc_chain() - mac80211_hwsim: Fix possible null-pointer dereferences in hwsim_dump_radio_nl() - netfilter: ipset: Actually allow destination MAC address for hash:ip,mac sets too - netfilter: ipset: Copy the right MAC address in bitmap:ip,mac and hash:ip,mac sets - netfilter: ipset: Fix rename concurrency with listing - rxrpc: Fix potential deadlock - rxrpc: Fix the lack of notification when sendmsg() fails on a DATA packet - isdn: hfcsusb: Fix mISDN driver crash caused by transfer buffer on the stack - net: phy: phy_led_triggers: Fix a possible null-pointer dereference in phy_led_trigger_change_speed() - can: sja1000: force the string buffer NULL-terminated - can: peak_usb: force the string buffer NULL-terminated - net/ethernet/qlogic/qed: force the string buffer NULL-terminated - NFSv4: Fix a potential sleep while atomic in nfs4_do_reclaim() - NFS: Fix regression whereby fscache errors are appearing on 'nofsc' mounts - HID: quirks: Set the INCREMENT_USAGE_ON_DUPLICATE quirk on Saitek X52 - HID: input: fix a4tech horizontal wheel custom usage - [armhf,arm64] drm/rockchip: Suspend DP late - SMB3: Fix potential memory leak when processing compound chain - SMB3: Kernel oops mounting a encryptData share with CONFIG_DEBUG_VIRTUAL - [s390x] put _stext and _etext into .text section - net: cxgb3_main: Fix a resource leak in a error path in 'init_one()' - [armhf,arm64] net: stmmac: Fix issues when number of Queues >= 4 - [armhf,arm64] net: stmmac: tc: Do not return a fragment entry - [arm64] net: hisilicon: make hip04_tx_reclaim non-reentrant - [arm64] net: hisilicon: fix hip04-xmit never return TX_BUSY - [arm64] net: hisilicon: Fix dma_map_single failed on arm64 - libata: have ata_scsi_rw_xlat() fail invalid passthrough requests - libata: add SG safety checks in SFF pio transfers - [x86] lib/cpu: Address missing prototypes warning - [x86] drm/vmwgfx: fix memory leak when too many retries have occurred - block, bfq: handle NULL return value by bfq_init_rq() - perf ftrace: Fix failure to set cpumask when only one cpu is present - perf cpumap: Fix writing to illegal memory in handling cpumap mask - perf pmu-events: Fix missing "cpu_clk_unhalted.core" event - [arm64] KVM: Don't write junk to sysregs on reset - [armhf] KVM: Don't write junk to CP15 registers on reset - HID: wacom: correct misreported EKR ring values - HID: wacom: Correct distance scale for 2nd-gen Intuos devices - Revert "dm bufio: fix deadlock with loop device" (regression in 4.19.61) - ceph: clear page dirty before invalidate page - ceph: don't try fill file_lock on unsuccessful GETFILELOCK reply - libceph: fix PG split vs OSD (re)connect race - drm/nouveau: Don't retry infinitely when receiving no data on i2c over AUX - gpiolib: never report open-drain/source lines as 'input' to user-space - [x86] Drivers: hv: vmbus: Fix virt_to_hvpfn() for X86_PAE - userfaultfd_release: always remove uffd flags and clear vm_userfaultfd_ctx - [i386] retpoline: Don't clobber RFLAGS during CALL_NOSPEC on i386 - [x86] apic: Handle missing global clockevent gracefully - [x86] CPU/AMD: Clear RDRAND CPUID bit on AMD family 15h/16h - [x86] boot: Save fields explicitly, zero out everything else - [x86] boot: Fix boot regression caused by bootparam sanitizing - dm kcopyd: always complete failed jobs - dm btree: fix order of block initialization in btree_split_beneath - dm integrity: fix a crash due to BUG_ON in __journal_read_write() - dm raid: add missing cleanup in raid_ctr() - dm space map metadata: fix missing store of apply_bops() return value - dm table: fix invalid memory accesses with too high sector number - dm zoned: improve error handling in reclaim - dm zoned: improve error handling in i/o map code - dm zoned: properly handle backing device failure - genirq: Properly pair kobject_del() with kobject_add() - mm, page_owner: handle THP splits correctly - mm/zsmalloc.c: migration can leave pages in ZS_EMPTY indefinitely - mm/zsmalloc.c: fix race condition in zs_destroy_pool - xfs: don't trip over uninitialized buffer on extent read of corrupted inode - xfs: Move fs/xfs/xfs_attr.h to fs/xfs/libxfs/xfs_attr.h - xfs: Add helper function xfs_attr_try_sf_addname - xfs: Add attibute set and helper functions - xfs: Add attibute remove and helper functions - xfs: always rejoin held resources during defer roll - dm zoned: fix potential NULL dereference in dmz_do_reclaim() - [ppc64el] Allow flush_(inval_)dcache_range to work across ranges >4GB - rxrpc: Fix local endpoint refcounting - rxrpc: Fix read-after-free in rxrpc_queue_local() - rxrpc: Fix local endpoint replacement - rxrpc: Fix local refcounting https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.70 - nvme-multipath: revalidate nvme_ns_head gendisk in nvme_validate_ns - afs: Fix the CB.ProbeUuid service handler to reply correctly - afs: Fix loop index mixup in afs_deliver_vl_get_entry_by_name_u() - fs: afs: Fix a possible null-pointer dereference in afs_put_read() - afs: Only update d_fsdata if different in afs_d_revalidate() - nvmet-loop: Flush nvme_delete_wq when removing the port - nvme: fix a possible deadlock when passthru commands sent to a multipath device - nvme-pci: Fix async probe remove race - [armhf] omap-dma/omap_vout_vrfb: fix off-by-one fi value - iommu/dma: Handle SG length overflow better - usb: gadget: composite: Clear "suspended" on reset/disconnect - usb: gadget: mass_storage: Fix races between fsg_disable and fsg_set_alt - xen/blkback: fix memory leaks - [arm64] cpufeature: Don't treat granule sizes as strict - drm/ast: Fixed reboot test may cause system hanged - [x86] tools: hv: fix KVP and VSS daemons exit code - [x86] drm/i915: fix broadwell EU computation - [arm*] watchdog: bcm2835_wdt: Fix module autoload - scsi: ufs: Fix RX_TERMINATION_FORCE_ENABLE define value - [armhf] drm/tilcdc: Register cpufreq notifier after we have initialized crtc - ipv6/addrconf: allow adding multicast addr if IFA_F_MCAUTOJOIN is set - ipv6: Default fib6_type to RTN_UNICAST when not set - net/smc: make sure EPOLLOUT is raised - tcp: make sure EPOLLOUT wont be missed - ipv4/icmp: fix rt dst dev null pointer dereference - mm/zsmalloc.c: fix build when CONFIG_COMPACTION=n - ALSA: usb-audio: Check mixer unit bitmap yet more strictly - ALSA: line6: Fix memory leak at line6_init_pcm() error path - ALSA: hda - Fixes inverted Conexant GPIO mic mute led - ALSA: seq: Fix potential concurrent access to the deleted pool - ALSA: usb-audio: Fix invalid NULL check in snd_emuusb_set_samplerate() - ALSA: usb-audio: Add implicit fb quirk for Behringer UFX1604 - [x86] kvm: skip populating logical dest map if apic is not sw enabled - [x86] KVM: Don't update RIP or do single-step on faulting emulation - [amd64] uprobes: Fix detection of 32-bit user mode - [x86] apic: Do not initialize LDR and DFR for bigsmp - ftrace: Fix NULL pointer dereference in t_probe_next() - ftrace: Check for successful allocation of hash - ftrace: Check for empty hash and comment the race with registering probes - usb-storage: Add new JMS567 revision to unusual_devs - USB: cdc-wdm: fix race between write and disconnect due to flag abuse - usb: hcd: use managed device resources - [armhf,arm64] usb: chipidea: udc: don't do hardware access if gadget has stopped - usb: host: ohci: fix a race condition between shutdown and irq - usb: host: xhci: rcar: Fix typo in compatible string matching - USB: storage: ums-realtek: Update module parameter description for auto_delink_en - USB: storage: ums-realtek: Whitelist auto-delink support - [x86] mei: me: add Tiger Lake point LP device ID - mmc: core: Fix init of SD cards reporting an invalid VDD range - stm class: Fix a double free of stm_source_device - [x86] intel_th: pci: Add support for another Lewisburg PCH - [x86] intel_th: pci: Add Tiger Lake support - [x86] typec: tcpm: fix a typo in the comparison of pdo_max_voltage - lib: logic_pio: Fix RCU usage - lib: logic_pio: Avoid possible overlap for unregistering regions - lib: logic_pio: Add logic_pio_unregister_range() - [x86] drm/amdgpu: Add APTX quirk for Dell Latitude 5495 - [x86] drm/i915: Don't deballoon unused ggtt drm_mm_node in linux guest - [x86] drm/i915: Call dma_set_max_seg_size() in i915_driver_hw_probe() - [arm64] bus: hisi_lpc: Unregister logical PIO range to avoid potential use-after-free - [arm64] bus: hisi_lpc: Add .remove method to avoid driver unbind crash - [x86] VMCI: Release resource if the work is already queued - [x86] crypto: ccp - Ignore unconfigured CCP device on suspend/resume - Revert "cfg80211: fix processing world regdomain when non modular" - mac80211: fix possible sta leak - mac80211: Don't memset RXCB prior to PAE intercept - mac80211: Correctly set noencrypt for PAE frames - [ppc64el] KVM: Book3S: Fix incorrect guest-to-user-translation error handling - [armhf,arm64] KVM: vgic: Fix potential deadlock when ap_list is long - [armhf,arm64] KVM: vgic-v2: Handle SGI bits in GICD_I{S,C}PENDR0 as WI - NFS: Clean up list moves of struct nfs_page - NFSv4/pnfs: Fix a page lock leak in nfs_pageio_resend() - NFS: Pass error information to the pgio error cleanup routine - NFS: Ensure O_DIRECT reports an error if the bytes read/written is 0 - [x86] i2c: piix4: Fix port selection for AMD Family 16h Model 30h - mt76: mt76x0u: do not reset radio on resume https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.71 - Revert "Input: elantech - enable SMBus on new (2018+) systems" (regression in 4.19.67) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.72 - mld: fix memory leak in mld_del_delrec() - net: fix skb use after free in netpoll - net: sched: act_sample: fix psample group handling on overwrite - net_sched: fix a NULL pointer deref in ipt action - [armhf,arm64] net: stmmac: dwmac-rk: Don't fail if phy regulator is absent - tcp: inherit timestamp on mtu probe - tcp: remove empty skb from write queue in error cases - net/rds: Fix info leak in rds6_inc_info_copy() (CVE-2019-16714) - [x86] boot: Preserve boot_params.secure_boot from sanitizing - [arm*] spi: bcm2835aux: unifying code between polling and interrupt driven code - [arm*] spi: bcm2835aux: remove dangerous uncontrolled read of fifo - [arm*] spi: bcm2835aux: fix corruptions for longer spi transfers - netfilter: nf_tables: use-after-free in failing rule with bound set - [x86] hv_netvsc: Fix a warning of suspicious RCU usage - Bluetooth: btqca: Add a short delay before downloading the NVM - [ppc64el] ibmveth: Convert multicast list size for little-endian system - gpio: Fix build error of function redefinition - netfilter: nft_flow_offload: skip tcp rst and fin packets - scsi: qla2xxx: Fix gnl.l memory leak on adapter init failure - scsi: target: tcmu: avoid use-after-free after command timeout - cxgb4: fix a memory leak bug - liquidio: add cleanup in octeon_setup_iq() - net: myri10ge: fix memory leaks - lan78xx: Fix memory leaks - vfs: fix page locking deadlocks when deduping files - cx82310_eth: fix a memory leak bug - net: kalmia: fix memory leaks - net: cavium: fix driver name - wimax/i2400m: fix a memory leak bug - kprobes: Fix potential deadlock in kprobe_optimizer() - HID: cp2112: prevent sleeping function called from invalid context - [amd64] boot/compressed: Fix boot on machines with broken E820 table - [x86] Input: hyperv-keyboard: Use in-place iterator API in the channel callback - [x86] Tools: hv: kvp: eliminate 'may be used uninitialized' warning - nvme-multipath: fix possible I/O hang when paths are updated - IB/mlx4: Fix memory leaks - infiniband: hfi1: fix a memory leak bug - infiniband: hfi1: fix memory leaks - ceph: fix buffer free while holding i_ceph_lock in __ceph_setxattr() - ceph: fix buffer free while holding i_ceph_lock in __ceph_build_xattrs_blob() - ceph: fix buffer free while holding i_ceph_lock in fill_inode() - [armhf,arm64] KVM: Only skip MMIO insn once - afs: Fix leak in afs_lookup_cell_rcu() - [armhf,arm64] KVM: VGIC: Properly initialise private IRQ affinity - [amd64] boot/compressed: Fix missing initialization in find_trampoline_placement() - libceph: allow ceph_buffer_put() to receive a NULL ceph_buffer https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.73 - ALSA: hda - Fix potential endless loop at applying quirks - ALSA: hda/realtek - Fix overridden device-specific initialization - [x86] ALSA: hda/realtek - Add quirk for HP Pavilion 15 - [x86] ALSA: hda/realtek - Enable internal speaker & headset mic of ASUS UX431FL - [x86] ALSA: hda/realtek - Fix the problem of two front mics on a ThinkCentre - sched/fair: Don't assign runtime for throttled cfs_rq - [x86] drm/vmwgfx: Fix double free in vmw_recv_msg() - [ppc64el] tm: Fix FP/VMX unavailable exceptions inside a transaction (CVE-2019-15030) - batman-adv: fix uninit-value in batadv_netlink_get_ifindex() - batman-adv: Only read OGM tvlv_len after buffer len check - [x86] hv_sock: Fix hang when a connection is closed - Blk-iolatency: warn on negative inflight IO counter - blk-iolatency: fix STS_AGAIN handling - {nl,mac}80211: fix interface combinations on crypto controlled devices - timekeeping: Use proper ktime_add when adding nsecs in coarse offset - selftests: fib_rule_tests: use pre-defined DEV_ADDR - [x86] ftrace: Fix warning and considate ftrace_jmp_replace() and ftrace_call_replace() - [ppc64el] mark start_here_multiplatform as __ref - [arm64] dts: rockchip: enable usb-host regulators at boot on rk3328-rock64 - nvme-fc: use separate work queue to avoid warning - [armhf] clk: s2mps11: Add used attribute to s2mps11_dt_match - [arm64] remoteproc: qcom: q6v5: shore up resource probe handling - modules: always page-align module section allocations - kernel/module: Fix mem leak in module_add_modinfo_attrs - [x86] drm/i915: Re-apply "Perform link quality check, unconditionally during long pulse" - scsi: qla2xxx: Move log messages before issuing command to firmware - keys: Fix the use of the C++ keyword "private" in uapi/linux/keyctl.h - [x86] Drivers: hv: kvp: Fix two "this statement may fall through" warnings - [x86] hibernate: Fix nosave_regions setup for hibernation - [arm64] remoteproc: qcom: q6v5-mss: add SCM probe dependency - drm/amdgpu/gfx9: Update gfx9 golden settings. - drm/amdgpu: Update gc_9_0 golden settings. - [x86] KVM: hyperv: enforce vp_index < KVM_MAX_VCPUS - [x86] KVM: hyperv: consistently use 'hv_vcpu' for 'struct kvm_vcpu_hv' variables - [x86] KVM: hyperv: keep track of mismatched VP indexes - [x86] KVM: hyperv: define VP assist page helpers - [x86] kvm/lapic: preserve gfn_to_hva_cache len on cache reinit - [x86] drm/i915: Fix intel_dp_mst_best_encoder() - [x86] drm/i915: Rename PLANE_CTL_DECOMPRESSION_ENABLE - [x86] drm/i915/gen9+: Fix initial readout for Y tiled framebuffers - drm/atomic_helper: Disallow new modesets on unregistered connectors - [x86] Drivers: hv: kvp: Fix the recent regression caused by incorrect clean-up - powerplay: Respect units on max dcfclk watermark - drm/amd/pp: Fix truncated clock value when set watermark - drm/amd/dm: Understand why attaching path/tile properties are needed - [s390x] zcrypt: reinit ap queue state machine during device probe - [x86] drm/i915: Restore sane defaults for KMS on GEM error load - [x86] drm/i915: Cleanup gt powerstate from gem - [ppc64el] KVM: Book3S HV: Fix race between kvm_unmap_hva_range and MMU mode switch - Btrfs: clean up scrub is_dev_replace parameter - Btrfs: fix deadlock with memory reclaim during scrub - btrfs: Remove extent_io_ops::fill_delalloc - btrfs: Fix error handling in btrfs_cleanup_ordered_extents - scsi: megaraid_sas: Fix combined reply queue mode detection - scsi: megaraid_sas: Add check for reset adapter bit - scsi: megaraid_sas: Use 63-bit DMA addressing - [ppc64el] pkeys: Fix handling of pkey state across fork() - btrfs: volumes: Make sure no dev extent is beyond device boundary - btrfs: Use real device structure to verify dev extent - IB/uverbs: Fix OOPs upon device disassociation - drm/vblank: Allow dynamic per-crtc max_vblank_count - [x86] drm/i915/ilk: Fix warning when reading emon_status with no output - tpm: Fix some name collisions with drivers/char/tpm.h - bcache: replace hard coded number with BUCKET_GC_GEN_MAX - bcache: treat stale && dirty keys as bad keys - [x86] KVM: VMX: Compare only a single byte for VMCS' "launched" in vCPU-run - [armhf] iio: adc: exynos-adc: Add S5PV210 variant - [armhf] iio: adc: exynos-adc: Use proper number of channels for Exynos4x12 - mt76: fix corrupted software generated tx CCMP PN - drm/nouveau: Don't WARN_ON VCPI allocation failures - iwlwifi: fix devices with PCI Device ID 0x34F0 and 11ac RF modules - iwlwifi: add new card for 9260 series - spi: spi-gpio: fix SPI_CS_HIGH capability - [ppc64el] kvm: Save and restore host AMR/IAMR/UAMOR - btrfs: scrub: pass fs_info to scrub_setup_ctx - btrfs: scrub: move scrub_setup_ctx allocation out of device_list_mutex - btrfs: scrub: fix circular locking dependency warning - btrfs: init csum_list before possible free - [arm64] PCI: qcom: Fix error handling in runtime PM support - [arm64] PCI: qcom: Don't deassert reset GPIO during probe - CIFS: Fix error paths in writeback code - CIFS: Fix leaking locked VFS cache pages in writeback retry - [x86] drm/i915: Handle vm_mmap error during I915_GEM_MMAP ioctl with WC set - [x86] drm/i915: Sanity check mmap length against object size - [x86] usb: typec: tcpm: Try PD-2.0 if sink does not respond to 3.0 source-caps - IB/mlx5: Reset access mask when looping inside page fault handler - kvm: mmu: Fix overflow on kvm mmu page limit calculation - [x86] kvm: move kvm_load/put_guest_xcr0 into atomic context - [x86] KVM: Always use 32-bit SMRAM save state for 32-bit kernels - cifs: Fix lease buffer length error (CVE-2019-15918) - ext4: protect journal inode's blocks using block_validity - [x86] PCI: Reset Lenovo ThinkPad P50 nvgpu at boot if necessary - dm mpath: fix missing call of path selector type->end_io - blk-mq: free hw queue's resource in hctx's release handler - mmc: sdhci-pci: Add support for Intel CML - PCI: dwc: Use devm_pci_alloc_host_bridge() to simplify code - cifs: smbd: take an array of reqeusts when sending upper layer data - dm crypt: move detailed message into debug level - [x86] drm/amdkfd: Add missing Polaris10 ID - kvm: Check irqchip mode before assign irqfd - drm/amdgpu: fix ring test failure issue during s3 in vce 3.0 (V2) - drm/amdgpu/{uvd,vcn}: fetch ring's read_ptr after alloc - Btrfs: fix race between block group removal and block group allocation - cifs: add spinlock for the openFileList to cifsInodeInfo - [arm64] clk: tegra: Fix maximum audio sync clock for Tegra124/210 - [arm64] clk: tegra210: Fix default rates for HDA clocks - IB/hfi1: Avoid hardlockup with flushlist_lock - apparmor: reset pos on failure to unpack for various functions - scsi: target/core: Use the SECTOR_SHIFT constant - scsi: target/iblock: Fix overrun in WRITE SAME emulation - [s390x] scsi: zfcp: fix request object use-after-free in send path causing wrong traces - cifs: Properly handle auto disabling of serverino option - [x86] ALSA: hda - Don't resume forcibly i915 HDMI/DP codec - [x86] KVM: optimize check for valid PAT value - [x86] KVM: VMX: Always signal #GP on WRMSR to MSR_IA32_CR_PAT with bad value - [x86] KVM: VMX: Fix handling of #MC that occurs during VM-Entry - [x86] KVM: VMX: check CPUID before allowing read/write of IA32_XSS - [ppc64el] KVM: Use ccr field in pt_regs struct embedded in vcpu struct - [ppc64el] KVM: Book3S HV: Fix CR0 setting in TM emulation - RDMA/srp: Document srp_parse_in() arguments - RDMA/srp: Accept again source addresses that do not have a port number - btrfs: correctly validate compression type - resource: Include resource end in walk_*() interfaces - resource: Fix find_next_iomem_res() iteration issue - resource: fix locking in find_next_iomem_res() - pstore: Fix double-free in pstore_mkfile() failure path - dm thin metadata: check if in fail_io mode when setting needs_check - [armhf,arm64] drm/panel: Add support for Armadeus ST0700 Adapt - [x86] ALSA: hda - Fix intermittent CORB/RIRB stall on Intel chips - [ppc64el] mm: Limit rma_size to 1TB when running without HV mode - iommu/iova: Remove stale cached32_node - gpio: don't WARN() on NULL descs if gpiolib is disabled - mm/migrate.c: initialize pud_entry in migrate_vma() - NFSv4: Fix delegation state recovery - bcache: only clear BTREE_NODE_dirty bit when it is set - bcache: add comments for mutex_lock(&b->write_lock) - bcache: fix race in btree_flush_write() - [x86] drm/i915: Make sure cdclk is high enough for DP audio on VLV/CHV - [s390x] virtio: fix race on airq_areas[] - drm/atomic_helper: Allow DPMS On<->Off changes for unregistered connectors - ext4: don't perform block validity checks on the journal inode - ext4: fix block validity checks for journal inodes using indirect blocks - ext4: unsigned int compared against zero - [x86] PCI: Reset both NVIDIA GPU and HDA in ThinkPad P50 workaround - [ppc64el] tm: Remove msr_tm_active() - [ppc64el] tm: Fix restoring FP/VMX facility incorrectly on interrupts (CVE-2019-15031) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.74 - bridge/mdb: remove wrong use of NLM_F_MULTI - cdc_ether: fix rndis support for Mediatek based smartphones - ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()' - isdn/capi: check message length in capi_write() - net: Fix null de-reference of device refcount - net: gso: Fix skb_segment splat when splitting gso_size mangled skb having linear-headed frag_list - net: phylink: Fix flow control resolution - net: sched: fix reordering issues - sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero - sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()' - sctp: use transport pf_retrans in sctp_do_8_2_transport_strike - tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR - tipc: add NULL pointer check before calling kfree_rcu - tun: fix use-after-free when register netdev failed - gpiolib: acpi: Add gpiolib_acpi_run_edge_events_on_boot option and blacklist - gpio: fix line flag validation in linehandle_create - Btrfs: fix assertion failure during fsync and use of stale transaction - ixgbe: Prevent u8 wrapping of ITR value to something less than 10us - genirq: Prevent NULL pointer dereference in resend_irqs() - [s390x] KVM: kvm_s390_vm_start_migration: check dirty_bitmap before using it as target for memset() - [s390x] KVM: Do not leak kernel stack data in the KVM_S390_INTERRUPT ioctl - [x86] KVM: work around leak of uninitialized stack contents - [x86] KVM: nVMX: handle page fault in vmread - [x86] purgatory: Change compiler flags from -mcmodel=kernel to -mcmodel=large to fix kexec relocation errors - [ppc64el] Add barrier_nospec to raw_copy_in_user() - [arm64] drm/meson: Add support for XBGR8888 & ABGR8888 formats - [armhf,arm64] clk: rockchip: Don't yell about bad mmc phases when getting - PCI: Always allow probing with driver_override - gpio: fix line flag validation in lineevent_create - ubifs: Correctly use tnc_next() in search_dh_cookie() - driver core: Fix use-after-free and double free on glue directory - firmware: ti_sci: Always request response from firmware - [x86] drm: panel-orientation-quirks: Add extra quirk table entry for GPD MicroPC - Revert "Bluetooth: btusb: driver to enable the usb-wakeup feature" - modules: fix BUG when load module with rodata=n - rsi: fix a double free bug in rsi_91x_deinit() (CVE-2019-15504) - nvmem: Use the same permissions for eeprom as for nvmem https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.75 - netfilter: nf_flow_table: set default timeout after successful insertion - HID: wacom: generic: read HID_DG_CONTACTMAX from any feature report - RDMA/restrack: Release task struct which was hold by CM_ID object - [x86] Input: elan_i2c - remove Lenovo Legion Y7000 PnpID - [ppc64el] mm/radix: Use the right page size for vmemmap mapping - USB: usbcore: Fix slab-out-of-bounds bug during device reset - media: tm6000: double free if usb disconnect while streaming - ip6_gre: fix a dst leak in ip6erspan_tunnel_xmit - udp: correct reuseport selection with connected sockets - xen-netfront: do not assume sk_buff_head list is empty in error handling - net_sched: let qdisc_put() accept NULL pointer - mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings (CVE-2019-14814, CVE-2019-14815, CVE-2019-14816) - nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds - ieee802154: hwsim: Fix error handle path in hwsim_init_module - ieee802154: hwsim: unregister hw while hwsim_subscribe_all_others fails - [armhf] dts: am57xx: Disable voltage switching for SD card - [armhf] OMAP2+: Fix missing SYSC_HAS_RESET_STATUS for dra7 epwmss - [armhf] bus: ti-sysc: Fix using configured sysc mask value - [s390x] bpf: fix lcgr instruction encoding - [armhf] OMAP2+: Fix omap4 errata warning on other SoCs - [armhf] dts: dra74x: Fix iodelay configuration for mmc3 - [armhf] bus: ti-sysc: Simplify cleanup upon failures in sysc_probe() - [s390x] bpf: use 32-bit index for tail calls - netfilter: ebtables: Fix argument order to ADD_COUNTER - netfilter: nft_flow_offload: missing netlink attribute policy - netfilter: xt_nfacct: Fix alignment mismatch in xt_nfacct_match_info - NFSv4: Fix return values for nfs4_file_open() - NFSv4: Fix return value in nfs_finish_open() - NFS: Fix initialisation of I/O result struct in nfs_pgio_rpcsetup - xdp: unpin xdp umem pages in error path - qed: Add cleanup in qed_slowpath_start() - [armel,armhf] 8874/1: mm: only adjust sections of valid mm structures - batman-adv: Only read OGM2 tvlv_len after buffer len check - bpf: allow narrow loads of some sk_reuseport_md fields with offset > 0 - r8152: Set memory to all 0xFFs on failed reg reads - [x86] apic: Fix arch_dynirq_lower_bound() bug for DT enabled machines - netfilter: xt_physdev: Fix spurious error message in physdev_mt_check - netfilter: nf_conntrack_ftp: Fix debug output - NFSv2: Fix eof handling - NFSv2: Fix write regression - kallsyms: Don't let kallsyms_lookup_size_offset() fail on retrieving the first symbol - cifs: set domainName when a domain-key is used in multiuser - cifs: Use kzfree() to zero out the password - [armhf,arm64] usb: host: xhci-tegra: Set DMA mask correctly - [armel,armhf] 8901/1: add a criteria for pfn_valid of arm - sky2: Disable MSI on yet another ASUS boards (P6Xxxx) - i2c: designware: Synchronize IRQs when unregistering slave client - [x86] perf/intel: Restrict period on Nehalem - [x86] perf/amd/ibs: Fix sample bias for dispatched micro-ops - amd-xgbe: Fix error path in xgbe_mod_init() - [x86] tools/power x86_energy_perf_policy: Fix argument parsing - [x86] tools/power turbostat: fix buffer overrun - net: aquantia: fix out of memory condition on rx side - [armhf] dmaengine: ti: omap-dma: Add cleanup in omap_dma_probe() - [x86] uaccess: Don't leak the AC flags into __get_user() argument evaluation - [x86] hyper-v: Fix overflow bug in fill_gva_list() - keys: Fix missing null pointer check in request_key_auth_describe() - [x86] iommu/amd: Flush old domains in kdump kernel - [x86] iommu/amd: Fix race in increase_address_space() - [arm64] PCI: kirin: Fix section mismatch warning - ovl: fix regression caused by overlapping layers detection - floppy: fix usercopy direction - binfmt_elf: move brk out of mmap when doing direct loader exec - [arm64] kpti: Whitelist Cortex-A CPUs that don't implement the CSV3 field - media: technisat-usb2: break out of loop at end of buffer (CVE-2019-15505) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.76 - Revert "Bluetooth: validate BLE connection interval updates" - RDMA/restrack: Protect from reentry to resource return path - [ppc64el] xive: Fix bogus error code returned by OPAL - IB/core: Add an unbound WQ type to the new CQ API - HID: prodikeys: Fix general protection fault during probe - HID: sony: Fix memory corruption issue on cleanup. - HID: logitech: Fix general protection fault caused by Logitech driver - HID: hidraw: Fix invalid read in hidraw_ioctl - HID: Add quirk for HP X500 PIXART OEM mouse - mtd: cfi_cmdset_0002: Use chip_good() to retry in do_write_oneword() - CIFS: fix deadlock in cached root handling - net/mlx5e: Set ECN for received packets using CQE indication - net/mlx5e: don't set CHECKSUM_COMPLETE on SCTP packets - mlx5: fix get_ip_proto() - net/mlx5e: Allow reporting of checksum unnecessary - net/mlx5e: XDP, Avoid checksum complete when XDP prog is loaded - net/mlx5e: Rx, Fixup skb checksum for packets with tail padding - net/mlx5e: Rx, Check ip headers sanity - iwlwifi: mvm: send BCAST management frames to the right station - iwlwifi: mvm: always init rs_fw with 20MHz bandwidth rates - media: tvp5150: fix switch exit in set control handler - [x86] ASoC: Intel: cht_bsw_max98090_ti: Enable codec clock once and keep it enabled - ALSA: usb-audio: Add Hiby device family to quirks for native DSD support - ALSA: usb-audio: Add DSD support for EVGA NU Audio - ALSA: dice: fix wrong packet parameter for Alesis iO26 - [x86] ALSA: hda - Add laptop imic fixup for ASUS M9V laptop - [x86] ALSA: hda - Apply AMD controller workaround for Raven platform - objtool: Clobber user CFLAGS variable - power: supply: sysfs: ratelimit property read error message - scsi: qla2xxx: Turn off IOCB timeout timer on IOCB completion - scsi: qla2xxx: Remove all rports if fabric scan retry fails - scsi: qla2xxx: Return switch command on a timeout - Revert "drm/amd/powerplay: Enable/Disable NBPSTATE on On/OFF of UVD" - bpf: libbpf: retry loading program on EAGAIN - [armhf,arm64] irqchip/gic-v3-its: Fix LPI release for Multi-MSI devices - f2fs: check all the data segments against all node ones - [x86] PCI: hv: Avoid use of hv_pci_dev->pci_slot after freeing it - bcache: remove redundant LIST_HEAD(journal) from run_cache_set() - initramfs: don't free a non-existent initrd - blk-mq: change gfp flags to GFP_NOIO in blk_mq_realloc_hw_ctxs - blk-mq: move cancel of requeue_work to the front of blk_exit_queue - Revert "f2fs: avoid out-of-range memory access" - dm zoned: fix invalid memory access - f2fs: fix to do sanity check on segment bitmap of LFS curseg - drm: Flush output polling on shutdown - net: don't warn in inet diag when IPV6 is disabled - Bluetooth: btrtl: HCI reset on close for Realtek BT chip - [x86] ACPI: video: Add new hw_changes_brightness quirk, set it on PB Easynote MZ35 - drm/nouveau/disp/nv50-: fix center/aspect-corrected scaling - xfs: don't crash on null attr fork xfs_bmapi_read - netfilter: nft_socket: fix erroneous socket assignment - Bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices - net_sched: check cops->tcf_block in tc_bind_tclass() - net/rds: An rds_sock is added too early to the hash table - net/rds: Check laddr_check before calling it - f2fs: use generic EFSBADCRC/EFSCORRUPTED https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.77 - arcnet: provide a buffer big enough to actually receive packets - cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize - macsec: drop skb sk before calling gro_cells_receive - net/phy: fix DP83865 10 Mbps HDX loopback disable function - net/sched: act_sample: don't push mac header on ip6gre ingress - net_sched: add max len check for TCA_KIND - nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs (CVE-2019-19081) - openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC - ppp: Fix memory leak in ppp_write - sch_netem: fix a divide by zero in tabledist() - skge: fix checksum byte order - usbnet: ignore endpoints with invalid wMaxPacketSize - usbnet: sanity checking of packet sizes and device mtu - net: sched: fix possible crash in tcf_action_destroy() - tcp: better handle TCP_USER_TIMEOUT in SYN_SENT state - net/mlx5: Add device ID of upcoming BlueField-2 - mISDN: enforce CAP_NET_RAW for raw sockets (CVE-2019-17055) - appletalk: enforce CAP_NET_RAW for raw sockets (CVE-2019-17054) - ax25: enforce CAP_NET_RAW for raw sockets (CVE-2019-17052) - ieee802154: enforce CAP_NET_RAW for raw sockets (CVE-2019-17053) - nfc: enforce CAP_NET_RAW for raw sockets (CVE-2019-17056) - nfp: flower: prevent memory leak in nfp_flower_spawn_phy_reprs (CVE-2019-19080) - ALSA: hda: Flush interrupts on disabling - [armhf] ASoC: sgtl5000: Fix of unmute outputs on probe - [armhf] ASoC: sgtl5000: Fix charge pump source assignment - [arm*] dmaengine: bcm2835: Print error in case setting DMA mask fails - media: dib0700: fix link error for dibx000_i2c_set_speed - media: hdpvr: Add device num check and handling - time/tick-broadcast: Fix tick_broadcast_offline() lockdep complaint - sched/fair: Fix imbalance due to CPU affinity - sched/core: Fix CPU controller for !RT_GROUP_SCHED - [x86] apic: Make apic_pending_intr_clear() more robust - sched/deadline: Fix bandwidth accounting at all levels after offline migration - [x86] reboot: Always use NMI fallback when shutdown via reboot vector IPI fails - [x86] apic: Soft disable APIC before initializing it - ALSA: hda - Show the fatal CORB/RIRB error more clearly - ALSA: i2c: ak4xxx-adda: Fix a possible null pointer dereference in build_adc_controls() - EDAC/mc: Fix grain_bits calculation - media: iguanair: add sanity checks - base: soc: Export soc_device_register/unregister APIs - ALSA: usb-audio: Skip bSynchAddress endpoint check if it is invalid - [arm64] prefetch: fix a -Wtype-limits warning - md/raid1: end bio when the device faulty - md: don't call spare_active in md_reap_sync_thread if all member devices can't work - md: don't set In_sync if array is frozen - ACPI / processor: don't print errors for processorIDs == 0xff - loop: Add LOOP_SET_DIRECT_IO to compat ioctl - [x86] EDAC, pnd2: Fix ioremap() size in dnv_rd_reg() - efi: cper: print AER info of PCIe fatal error - sched/fair: Use rq_lock/unlock in online_fair_sched_group - idle: Prevent late-arriving interrupts from disrupting offline - media: gspca: zero usb_buf on error - perf config: Honour $PERF_CONFIG env var to specify alternate .perfconfig - perf test vfs_getname: Disable ~/.perfconfig to get default output - media: em28xx: modules workqueue not inited for 2nd device - media: rc: imon: Allow iMON RC protocol for ffdc 7e device - [arm64] perf record: Support aarch64 random socket_id assignment - [armhf] media: omap3isp: Don't set streaming state on random subdevs - media: radio/si470x: kill urb on error - media: hdpvr: add terminating 0 at end of string - led: triggers: Fix a memory leak bug - nbd: add missing config put - media: mceusb: fix (eliminate) TX IR signal length limit - media: dvb-frontends: use ida for pll number - posix-cpu-timers: Sanitize bogus WARNONS - media: dvb-core: fix a memory leak bug - libperf: Fix alignment trap with xyarray contents in 'perf stat' - [amd64] EDAC/amd64: Recognize DRAM device type ECC capability - [amd64] EDAC/amd64: Decode syndrome before translating address - PM / devfreq: passive: Use non-devm notifiers - PM / devfreq: exynos-bus: Correct clock enable sequence - media: cec-notifier: clear cec_adap in cec_notifier_unregister - media: saa7146: add cleanup in hexium_attach() - media: cpia2_usb: fix memory leaks - media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate() - perf trace beauty ioctl: Fix off-by-one error in cmd->string table - [x86] ASoC: es8316: fix headphone mixer volume table - ACPI / CPPC: do not require the _PSD method - sched/cpufreq: Align trace event behavior of fast switching - [x86] apic/vector: Warn when vector space exhaustion breaks affinity - [arm64] kpti: ensure patched kernel text is fetched from PoU - [x86] mm/pti: Do not invoke PTI functions when PTI is disabled - [x86] mm/pti: Handle unaligned address gracefully in pti_clone_pagetable() - nvmet: fix data units read and written counters in SMART log - nvme-multipath: fix ana log nsid lookup when nsid is not found - ALSA: firewire-motu: add support for MOTU 4pre - iommu/amd: Silence warnings under memory pressure - libata/ahci: Drop PCS quirk for Denverton and beyond - iommu/iova: Avoid false sharing on fq_timer_on - libtraceevent: Change users plugin directory - [armhf] dts: exynos: Mark LDO10 as always-on on Peach Pit/Pi Chromebooks - ACPI: custom_method: fix memory leaks - ACPI / PCI: fix acpi_pci_irq_enable() memory leak - closures: fix a race on wakeup from closure_sync - hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap' - md/raid1: fail run raid1 array when active disk less than one - dmaengine: ti: edma: Do not reset reserved paRAM slots - kprobes: Prohibit probing on BUG() and WARN() address - [s390x] crypto: xts-aes-s390 fix extra run-time crypto self tests finding - [x86] cpu: Add Tiger Lake to Intel family - [x86] platform: intel_pmc_core: Do not ioremap RAM - ASoC: dmaengine: Make the pcm->name equal to pcm->id if the name is not set - raid5: don't set STRIPE_HANDLE to stripe which is in batch list - mmc: core: Clarify sdio_irq_pending flag for MMC_CAP2_SDIO_IRQ_NOTHREAD - mmc: sdhci: Fix incorrect switch to HS mode - mmc: core: Add helper function to indicate if SDIO IRQs is enabled - [armhf,arm64] mmc: dw_mmc: Re-store SDIO IRQs mask at system resume - raid5: don't increment read_errors on EILSEQ return - libertas: Add missing sentinel at end of if_usb.c fw_table - e1000e: add workaround for possible stalled packet - ALSA: hda - Drop unsol event handler for Intel HDMI codecs - drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2) - media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() - [x86] ALSA: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93 - [x86] iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems - btrfs: extent-tree: Make sure we only allocate extents from block groups with the same type - [armhf] media: omap3isp: Set device on omap3isp subdevs - PM / devfreq: passive: fix compiler warning - iwlwifi: fw: don't send GEO_TX_POWER_LIMIT command to FW version 36 - ALSA: firewire-tascam: handle error code when getting current source of clock - ALSA: firewire-tascam: check intermediate state of clock status and retry - scsi: scsi_dh_rdac: zero cdb in send_mode_select() - scsi: qla2xxx: Fix Relogin to prevent modifying scan_state flag - printk: Do not lose last line in kmsg buffer dump - IB/mlx5: Free mpi in mp_slave mode - IB/hfi1: Define variables as unsigned long to fix KASAN warning - randstruct: Check member structs in is_pure_ops_struct() - ceph: use ceph_evict_inode to cleanup inode's resource - [x86] ALSA: hda/realtek - PCI quirk for Medion E4254 - blk-mq: add callback of .cleanup_rq - scsi: implement .cleanup_rq callback - [ppc64el] imc: Dont create debugfs files for cpu-less nodes - fuse: fix missing unlock_page in fuse_writepage() - [x86] KVM: always stop emulation on page fault - [x86] KVM: set ctxt->have_exception in x86_decode_insn() - [x86] KVM: Manually calculate reserved bits when loading PDPTRS - [x86] media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table - media: don't drop front-end reference count for ->detach - binfmt_elf: Do not move brk for INTERP-less ET_EXEC - [x86] ASoC: Intel: NHLT: Fix debug print format - [x86] ASoC: Intel: Skylake: Use correct function to access iomem space - [x86] ASoC: Intel: Fix use of potentially uninitialized variable - [arm64] Revert "arm64: Remove unnecessary ISBs from set_{pte,pmd,pud}" - [arm64] tlb: Ensure we execute an ISB following walk cache invalidation - [arm64] dts: rockchip: limit clock rate of MMC controllers for RK3328 - alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP - regulator: Defer init completion for a while after late_initcall - efifb: BGRT: Improve efifb_bgrt_sanity_check - gfs2: clear buf_in_tr when ending a transaction in sweep_bh_for_rgrps - memcg, oom: don't require __GFP_FS when invoking memcg OOM killer - memcg, kmem: do not fail __GFP_NOFAIL charges - i40e: check __I40E_VF_DISABLE bit in i40e_sync_filters_subtask - block: fix null pointer dereference in blk_mq_rq_timed_out() - smb3: allow disabling requesting leases - ovl: Fix dereferencing possible ERR_PTR() - ovl: filter of trusted xattr results in audit - btrfs: fix allocation of free space cache v1 bitmap pages - Btrfs: fix use-after-free when using the tree modification log - btrfs: Relinquish CPUs in btrfs_compare_trees - btrfs: qgroup: Fix the wrong target io_tree when freeing reserved data space - btrfs: qgroup: Fix reserved data space leak if we have multiple reserve calls - Btrfs: fix race setting up and completing qgroup rescan workers - md/raid6: Set R5_ReadError when there is read failure on parity disk - md: don't report active array_state until after revalidate_disk() completes. - md: only call set_in_sync() when it is expected to succeed. - cfg80211: Purge frame registrations on iftype change - /dev/mem: Bail out upon SIGKILL. - ext4: fix warning inside ext4_convert_unwritten_extents_endio - ext4: fix punch hole for inline_data file systems - quota: fix wrong condition in is_quota_modification() - hwrng: core - don't wait on add_early_randomness() - CIFS: fix max ea value size - CIFS: Fix oplock handling for SMB 2.1+ protocols - md/raid0: avoid RAID0 data corruption due to layout confusion. - fuse: fix deadlock with aio poll and fuse_iqueue::waitq.lock - mm/compaction.c: clear total_{migrate,free}_scanned before scanning a new zone - drm/amd/display: Restore backlight brightness after system resume https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.78 - tpm: use tpm_try_get_ops() in tpm-sysfs.c. - tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations - [armhf,arm64] drm/panel: simple: fix AUO g185han01 horizontal blanking - [armhf,arm64] drm/panel: check failure cases in the probe func - [armhf,arm64] drm/rockchip: Check for fast link training before enabling psr - gpu: drm: radeon: Fix a possible null-pointer dereference in radeon_connector_set_property() - [ppc64el] PCI: rpaphp: Avoid a sometimes-uninitialized warning - ipmi_si: Only schedule continuously in the thread in maintenance mode - [armhf,arm64] clk: sunxi-ng: v3s: add missing clock slices for MMC2 module clocks - drm/amd/display: fix issue where 252-255 values are clipped - drm/amd/display: reprogram VM config when system resume - [ppc64el] powernv/ioda2: Allocate TCE table levels on demand for default DMA window - [ppc64el] xmon: Check for HV mode when dumping XIVE info from OPAL - [ppc64el] rtas: use device model APIs and serialization during LPM - [ppc64el] futex: Fix warning: 'oldval' may be used uninitialized in this function - [ppc64el] pseries/mobility: use cond_resched when updating device tree - [armhf,arm64] pinctrl: tegra: Fix write barrier placement in pmx_writel - [ppc64el] eeh: Clear stale EEH_DEV_NO_HANDLER flag - vfio_pci: Restore original state on release - drm/nouveau/volt: Fix for some cards having 0 maximum voltage - [x86] pinctrl: amd: disable spurious-firing GPIO IRQs - drm/amd/display: support spdif - drm/amdgpu/si: fix ASIC tests - [ppc64el] exception: machine check use correct cfar for late handler - pstore: fs superblock limits - [ppc64el] pseries: correctly track irq state in default idle - [arm64] pinctrl: meson-gxbb: Fix wrong pinning definition for uart_c - [ppc64el] dump kernel log before carrying out fadump or kdump - [arm64] mbox: qcom: add APCS child device for QCS404 - scsi: core: Reduce memory required for SCSI logging - dma-buf/sw_sync: Synchronize signal vs syncpt free - ext4: fix potential use after free after remounting with noblock_validity - [mips*] tlbex: Explicitly cast _PAGE_NO_EXEC to a boolean - [x86] i2c-cht-wc: Fix lockdep warning - [x86] mfd: intel-lpss: Remove D3cold delay - HID: wacom: Fix several minor compiler warnings - [armel,armhf] 8898/1: mm: Don't treat faults reported from cache maintenance as writes - [armhf] rtc: snvs: fix possible race condition - HID: apple: Fix stuck function keys when using FN - [arm64] PCI: rockchip: Propagate errors for optional regulators - [armhf] PCI: imx6: Propagate errors for optional regulators - [armel,armhf] 8903/1: ensure that usable memory in bank 0 starts from a PMD-aligned address - fat: work around race with userspace's read via blockdev while mounting - pktcdvd: remove warning on attempting to register non-passthrough dev - [s390x] hypfs: Fix error number left in struct pointer member - ocfs2: wait for recovering done after direct unlock request - [arm64] consider stack randomization for mmap base only when necessary - [mips*] properly account for stack randomization and stack guard gap - [armel,armhf] properly account for stack randomization and stack guard gap - [armel,armhf] use STACK_TOP when computing mmap base address - block: mq-deadline: Fix queue restart handling - bpf: fix use after free in prog symbol exposure - cxgb4:Fix out-of-bounds MSI-X info array access - erspan: remove the incorrect mtu limit for erspan - hso: fix NULL-deref on tty open - ipv6: drop incoming packets having a v4mapped source address - ipv6: Handle missing host route in __ipv6_ifa_notify - net: ipv4: avoid mixed n_redirects and rate_tokens usage - net: qlogic: Fix memory leak in ql_alloc_large_buffers - net: Unpublish sk from sk_reuseport_cb before call_rcu - nfc: fix memory leak in llcp_sock_bind() - qmi_wwan: add support for Cinterion CLS8 devices - rxrpc: Fix rxrpc_recvmsg tracepoint - sch_dsmark: fix potential NULL deref in dsmark_init() - udp: fix gso_segs calculations - vsock: Fix a lockdep warning in __vsock_release() - udp: only do GSO if # of segs > 1 - net/rds: Fix error handling in rds_ib_add_one() - xen-netfront: do not use ~0U as error return value for xennet_fill_frags() - tipc: fix unlimited bundling of small messages - sch_cbq: validate TCA_CBQ_WRROPT to avoid crash - NFC: fix attrs checks in netlink interface - kexec: bail out upon SIGKILL when allocating memory. - 9p/cache.c: Fix memory leak in v9fs_cache_session_get_cookie https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.79 - [s390x] process: avoid potential reading of freed stack - [s390x] KVM: Test for bad access register and size at the start of S390_MEM_OP - [s390x] topology: avoid firing events before kobjs are created - [s390x] cio: exclude subchannels with no parent from pseudo check - [ppc64el] KVM: Book3S HV: Fix race in re-enabling XIVE escalation interrupts - [ppc64el] KVM: Book3S HV: Check for MMU ready on piggybacked virtual cores - [ppc64el] KVM: Book3S HV: Don't lose pending doorbell request on migration on P9 - [x86] KVM: Fix userspace set invalid CR4 - [x86] KVM: nVMX: handle page fault in vmread fix - nbd: fix max number of supported devs - PM / devfreq: tegra: Fix kHz to Hz conversion - ASoC: Define a set of DAPM pre/post-up events - [armhf] ASoC: sgtl5000: Improve VAG power and mute control - [ppc64el] mce: Fix MCE handling for huge pages - [ppc64el] mce: Schedule work from irq_work - [ppc64el] powernv: Restrict OPAL symbol map to only be readable by root - [ppc64el] powernv/ioda: Fix race in TCE level allocation - [ppc64el] book3s64/mm: Don't do tlbie fixup for some hardware revisions - tools lib traceevent: Fix "robust" test of do_generate_dynamic_list_file - [x86] crypto: qat - Silence smp_processor_id() warning - crypto: skcipher - Unmap pages after an external error - [mips*el/loongson-3] Treat Loongson Extensions as ASEs - power: supply: sbs-battery: use correct flags field - power: supply: sbs-battery: only return health when battery present - tracing: Make sure variable reference alias has correct var_ref_idx - usercopy: Avoid HIGHMEM pfn warning - timer: Read jiffies once when forwarding base clk - [x86] PCI: vmd: Fix shadow offsets to reflect spec changes - PCI: Restore Resizable BAR size bits correctly for 1MB BARs - [armhf] watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout - perf stat: Fix a segmentation fault when using repeat forever - [armhf] drm/omap: fix max fclk divider for omap36xx - [arm64] drm/msm/dsi: Fix return value check for clk_get_parent - drm/nouveau/kms/nv50-: Don't create MSTMs for eDP connectors - [x86] drm/i915/gvt: update vgpu workload head pointer correctly - mmc: sdhci: improve ADMA error reporting - Revert "locking/pvqspinlock: Don't wait if vCPU is preempted" - xen/xenbus: fix self-deadlock after killing user process - ieee802154: atusb: fix use-after-free at disconnect - [s390x] cio: avoid calling strlen on null pointer - cfg80211: initialize on-stack chandefs - [arm64] cpufeature: Detect SSBS and advertise to userspace - ima: always return negative code for error - ima: fix freeing ongoing ahash_request - fs: nfs: Fix possible null-pointer dereferences in encode_attrs() - 9p: Transport error uninitialized - 9p: avoid attaching writeback_fid on mmap with type PRIVATE - xen/pci: reserve MCFG areas earlier - ceph: fix directories inode i_blkbits initialization - ceph: reconnect connection if session hang in opening state - watchdog: aspeed: Add support for AST2600 - netfilter: nf_tables: allow lookups in dynamic sets - drm/amdgpu: Fix KFD-related kernel oops on Hawaii - drm/amdgpu: Check for valid number of registers to read - pNFS: Ensure we do clear the return-on-close layout stateid on fatal errors - [x86] purgatory: Disable the stackleak GCC plugin for the purgatory - ntb: point to right memory window index - thermal: Fix use-after-free when unregistering thermal zone device - thermal_hwmon: Sanitize thermal_zone type - libnvdimm/region: Initialize bad block for volatile namespaces - fuse: fix memleak in cuse_channel_open - libnvdimm/nfit_test: Fix acpi_handle redefinition - sched/membarrier: Call sync_core only before usermode for same mm - sched/membarrier: Fix private expedited registration check - sched/core: Fix migration to invalid CPU in __set_cpus_allowed_ptr() - kernel/elfcore.c: include proper prototypes - nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs - drm/radeon: Bail earlier when radeon.cik_/si_support=0 is passed - [ppc64el] KVM: HV: XIVE: Free escalation interrupts before disabling the VP - [x86] KVM: nVMX: Fix consistency check on injected exception error code - nbd: fix crash when the blksize is zero - [ppc64el] pseries: Fix cpu_hotplug_lock acquisition in resize_hpt() - [ppc64el] radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag - tools lib traceevent: Do not free tep->cmdlines in add_new_comm() on failure - tick: broadcast-hrtimer: Fix a race in bc_set_next - perf tools: Fix segfault in cpu_cache_level__read() - perf stat: Reset previous counts on repeat with interval - [arm64] ssbd: Add support for PSTATE.SSBS rather than trapping to EL3 - [arm64] KVM: Set SCTLR_EL2.DSSBS if SSBD is forcefully disabled and !vhe - [arm64] docs: Document SSBS HWCAP - [arm64] fix SSBS sanitization - [arm64] Add sysfs vulnerability show for spectre-v1 - [arm64] add sysfs vulnerability show for meltdown - [arm64] enable generic CPU vulnerabilites support - [arm64] Always enable ssb vulnerability detection - [arm64] Provide a command line to disable spectre_v2 mitigation - [arm64] Advertise mitigation of Spectre-v2, or lack thereof - [arm64] Always enable spectre-v2 vulnerability detection - [arm64] add sysfs vulnerability show for spectre-v2 - [arm64] add sysfs vulnerability show for speculative store bypass - [arm64] ssbs: Don't treat CPUs with SSBS as unaffected by SSB - [arm64] Force SSBS on context switch - [arm64] Use firmware to detect CPUs that are not affected by Spectre-v2 - [arm64] speculation: Support 'mitigations=' cmdline option - vfs: Fix EOVERFLOW testing in put_compat_statfs64 - cfg80211: add and use strongly typed element iteration macros - cfg80211: Use const more consistently in for_each_element macros - nl80211: validate beacon head (CVE-2019-16746) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.80 - panic: ensure preemption is disabled during panic() - f2fs: use EINVAL for superblock with invalid magic - USB: rio500: Remove Rio 500 kernel driver - USB: yurex: Don't retry on unexpected errors - USB: yurex: fix NULL-derefs on disconnect - USB: usb-skeleton: fix runtime PM after driver unbind - USB: usb-skeleton: fix NULL-deref on disconnect - xhci: Fix false warning message about wrong bounce buffer write length - xhci: Prevent device initiated U1/U2 link pm if exit latency is too long - xhci: Check all endpoints for LPM timeout - xhci: Fix USB 3.1 capability detection on early xHCI 1.1 spec based hosts - usb: xhci: wait for CNR controller not ready bit in xhci resume - xhci: Prevent deadlock when xhci adapter breaks during init - xhci: Increase STS_SAVE timeout in xhci_suspend() - USB: adutux: fix use-after-free on disconnect - USB: adutux: fix NULL-derefs on disconnect - USB: adutux: fix use-after-free on release - USB: iowarrior: fix use-after-free on disconnect - USB: iowarrior: fix use-after-free on release - USB: iowarrior: fix use-after-free after driver unbind - USB: usblp: fix runtime PM after driver unbind - USB: chaoskey: fix use-after-free on release - USB: ldusb: fix NULL-derefs on driver unbind - serial: uartlite: fix exit path null pointer - USB: serial: keyspan: fix NULL-derefs on open() and write() - USB: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20 - USB: serial: option: add Telit FN980 compositions - USB: serial: option: add support for Cinterion CLS8 devices - USB: serial: fix runtime PM after driver unbind - USB: usblcd: fix I/O after disconnect - USB: microtek: fix info-leak at probe - USB: dummy-hcd: fix power budget for SuperSpeed mode - USB: legousbtower: fix slab info leak at probe - USB: legousbtower: fix deadlock on disconnect - USB: legousbtower: fix potential NULL-deref on disconnect - USB: legousbtower: fix open after failed reset request - USB: legousbtower: fix use-after-free on release - [x86] mei: me: add comet point (lake) LP device ids - [x86] mei: avoid FW version request on Ibex Peak and earlier - [armhf,arm64] iio: adc: axp288: Override TS pin bias current for some models - efivar/ssdt: Don't iterate over EFI vars if no SSDT override was specified - perf llvm: Don't access out-of-scope array - perf inject jit: Fix JIT_CODE_MOVE filename - blk-wbt: fix performance regression in wbt scale_up/scale_down - CIFS: Gracefully handle QueryInfo errors during open - CIFS: Force revalidate inode when dentry is stale - CIFS: Force reval dentry if LOOKUP_REVAL flag is set - kernel/sysctl.c: do not override max_threads provided by userspace - mm/vmpressure.c: fix a signedness bug in vmpressure_register_event() - gpiolib: don't clear FLAG_IS_OUT when emulating open-drain/open-source - cifs: use cifsInodeInfo->open_file_lock while iterating to avoid a panic - btrfs: fix incorrect updating of log root tree - btrfs: fix uninitialized ret in ref-verify - NFS: Fix O_DIRECT accounting of number of bytes read/written - [mips*] elf_hwcap: Export userspace ASEs - ACPICA: ACPI 6.3: PPTT add additional fields in Processor Structure Flags - ACPI/PPTT: Add support for ACPI 6.3 thread flag - [arm64] topology: Use PPTT to determine if PE is a thread - vfs: Fix the locking in dcache_readdir() and friends - media: stkwebcam: fix runtime PM after driver unbind - [arm64] sve: Fix wrong free for task->thread.sve_state - [rt] tracing/hwlat: Report total time spent in all NMIs during the sample - [rt] tracing/hwlat: Don't ignore outer-loop duration when calculating max_latency - ftrace: Get a reference counter for the trace_array on filter files - tracing: Get trace_array reference for available_tracers files - hwmon: Fix HWMON_P_MIN_ALARM mask - [x86] asm: Fix MWAITX C-state hint value - [x86] PCI: vmd: Fix config addressing when using bus offsets - perf/hw_breakpoint: Fix arch_hw_breakpoint use-before-initialization https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.81 - nvme-pci: Fix a race in controller removal - scsi: ufs: skip shutdown if hba is not powered - scsi: megaraid: disable device when probe failed after enabled device - scsi: qla2xxx: Fix unbound sleep in fcport delete path. - [armhf] OMAP2+: Fix missing reset done flag for am3 and am43 - [armhf] OMAP2+: Fix warnings with broken omap2_set_init_voltage() - xen/efi: Set nonblocking callbacks - nl80211: fix null pointer dereference - mac80211: fix txq null pointer dereference - netfilter: nft_connlimit: disable bh on garbage collection - [mips*el/loongson-3] Fix the link time qualifier of 'serial_exit()' - [arm64] net: hisilicon: Fix usage of uninitialized variable in function mdio_sc_cfg_reg_write() - lib: textsearch: fix escapes in example code - r8152: Set macpassthru in reset_resume callback - libata/ahci: Fix PCS quirk application - md/raid0: fix warning message for parameter default_layout - ocfs2: fix panic due to ocfs2_wq is null - ipv4: fix race condition between route lookup and invalidation - net: avoid potential infinite loop in tc_ctl_action() - net: ipv6: fix listify ip6_rcv_finish in case of forwarding - [armhf,arm64] net: stmmac: disable/enable ptp_ref_clk in suspend/resume flow - sctp: change sctp_prot .no_autobind with true - memfd: Fix locking when tagging pins - USB: legousbtower: fix memleak on disconnect - ALSA: hda/realtek - Add support for ALC711 - [x86] ALSA: hda/realtek - Enable headset mic on Asus MJ401TA - ALSA: usb-audio: Disable quirks for BOSS Katana amplifiers - ALSA: hda - Force runtime PM on Nvidia HDMI codecs - USB: serial: ti_usb_3410_5052: fix port-close races - USB: ldusb: fix memleak on disconnect - USB: usblp: fix use-after-free on disconnect - USB: ldusb: fix read info leaks - [mips*] tlbex: Fix build_restore_pagemask KScratch restore - staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS - [s390x] scsi: zfcp: fix reaction on bit error threshold notification - scsi: sd: Ignore a failure to sync cache due to lack of authorization - scsi: core: save/restore command resid for error handling - scsi: core: try to get module before removing device - scsi: ch: Make it possible to open a ch device multiple times again - Input: synaptics-rmi4 - avoid processing unknown IRQs - ACPI: CPPC: Set pcc_data[pcc_ss_id] to NULL in acpi_cppc_processor_exit() - cfg80211: wext: avoid copying malformed SSIDs (CVE-2019-17133) - mac80211: Reject malformed SSID elements - [x86] drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50 - drm/ttm: Restore ttm prefaulting - drm/amdgpu: Bail earlier when amdgpu.cik_/si_support is not set to 1 - drivers/base/memory.c: don't access uninitialized memmaps in soft_offline_page_store() - fs/proc/page.c: don't access uninitialized memmaps in fs/proc/page.c - mm/memory-failure.c: don't access uninitialized memmaps in memory_failure() - mm/slub: fix a deadlock in show_slab_objects() - mm/page_owner: don't access uninitialized memmaps when reading /proc/pagetypeinfo - hugetlbfs: don't access uninitialized memmaps in pfn_range_valid_gigantic() - mm/memory-failure: poison read receives SIGKILL instead of SIGBUS if mmaped more than once - EDAC/ghes: Fix Use after free in ghes_edac remove path - [arm64] Enable workaround for Cavium TX2 erratum 219 when running SMT - CIFS: avoid using MID 0xFFFF - CIFS: Fix use after free of file info structures - perf/aux: Fix AUX output stopping - tracing: Fix race in perf_trace_buf initialization - dm cache: fix bugs when a GFP_NOWAIT allocation fails - [amd64] boot: Make level2_kernel_pgt pages invalid outside kernel area - [x86] apic/x2apic: Fix a NULL pointer deref when handling a dying cpu - [x86] pinctrl: cherryview: restore Strago DMI workaround for all versions - [arm64] pinctrl: armada-37xx: fix control of pins 32 and up - [arm64] pinctrl: armada-37xx: swap polarity on LED group - btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group() - Btrfs: add missing extents release on file extent cluster relocation error - Btrfs: check for the full sync flag while holding the inode lock during fsync - btrfs: tracepoints: Fix bad entry members of qgroup events - memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()' - cpufreq: Avoid cpufreq_suspend() deadlock on system shutdown - xen/netback: fix error path of xenvif_connect_data() - PCI: PM: Fix pci_power_up() - blk-rq-qos: fix first node deletion of rq_qos_del() - RDMA/cxgb4: Do not dma memory off of the stack (CVE-2019-17075) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.82 - zram: fix race between backing_dev_show and backing_dev_store - dm snapshot: introduce account_start_copy() and account_end_copy() - dm snapshot: rework COW throttling to fix deadlock - Btrfs: fix inode cache block reserve leak on failure to allocate data space - Btrfs: fix memory leak due to concurrent append writes with fiemap - btrfs: qgroup: Always free PREALLOC META reserve in btrfs_delalloc_release_extents() - btrfs: tracepoints: Fix wrong parameter order for qgroup events - wil6210: fix freeing of rx buffers in EDMA mode - f2fs: flush quota blocks after turnning it off - scsi: lpfc: Fix a duplicate 0711 log message number. - f2fs: fix to recover inode's i_gc_failures during POR - f2fs: fix to recover inode->i_flags of inode block during POR - [x86] HID: i2c-hid: add Direkt-Tek DTLAPY133-1 to descriptor override - [arm64,armel,armhf] usb: dwc2: fix unbalanced use of external vbus-supply - [x86] tools/power turbostat: fix goldmont C-state limit decoding - [x86] cpu: Add Atom Tremont (Jacobsville) - [arm64] drm/msm/dpu: handle failures while initializing displays - bcache: fix input overflow to writeback_rate_minimum - PCI: Fix Switchtec DMA aliasing quirk dmesg noise - Btrfs: fix deadlock on tree root leaf when finding free extent - netfilter: ipset: Make invalid MAC address checks consistent - HID: i2c-hid: Disable runtime PM for LG touchscreen - HID: i2c-hid: Ignore input report if there's no data present on Elan touchpanels - HID: i2c-hid: Add Odys Winbook 13 to descriptor override - [x86] platform/x86: Add the VLV ISP PCI ID to atomisp2_pm - [x86] platform/x86: Fix config space access for intel_atomisp2_pm - ath10k: assign 'n_cipher_suites = 11' for WCN3990 to enable WPA3 - HID: Add ASUS T100CHI keyboard dock battery quirks - NFSv4: Ensure that the state manager exits the loop on SIGKILL - HID: steam: fix boot loop with bluetooth firmware - HID: steam: fix deadlock with input devices. - [arm64,armhf] usb: dwc3: gadget: early giveback if End Transfer already completed - [arm64,armhf] usb: dwc3: gadget: clear DWC3_EP_TRANSFER_STARTED on cmd complete - ALSA: usb-audio: Cleanup DSD whitelist - usb: handle warm-reset port requests on hub resume - [armhf] rtc: pcf8523: set xtal load capacitance from DT - [arm64] Add MIDR encoding for HiSilicon Taishan CPUs - [arm64] kpti: Whitelist HiSilicon Taishan v110 CPUs - scsi: lpfc: Correct localport timeout duration error - CIFS: Respect SMB2 hdr preamble size in read responses - cifs: add credits from unmatched responses/messages - ALSA: hda/realtek - Apply ALC294 hp init also for S4 resume - ext4: disallow files with EXT4_JOURNAL_DATA_FL from EXT4_IOC_SWAP_BOOT - exec: load_script: Do not exec truncated interpreter path - [arm64,armhf] net: dsa: mv88e6xxx: Release lock while requesting IRQ - PCI/PME: Fix possible use-after-free on remove - [arm64,armhf] iio: adc: meson_saradc: Fix memory allocation order - [x86] iio: fix center temperature of bmc150-accel-core - perf map: Fix overlapped map handling - perf script brstackinsn: Fix recovery from LBR/binary mismatch - perf jevents: Fix period for Intel fixed counters - perf tools: Propagate get_cpuid() error - perf annotate: Propagate perf_env__arch() error - perf annotate: Fix the signedness of failure returns - perf annotate: Propagate the symbol__annotate() error return - perf annotate: Return appropriate error code for allocation failures - staging: rtl8188eu: fix null dereference when kzalloc fails - RDMA/hfi1: Prevent memory leak in sdma_init (CVE-2019-19065) - RDMA/iwcm: Fix a lock inversion issue - [x86] HID: hyperv: Use in-place iterator API in the channel callback - nfs: Fix nfsi->nrequests count error on nfs_inode_remove_request - [arm64] ftrace: Ensure synchronisation in PLT setup for Neoverse-N1 - [arm64] gpio: max77620: Use correct unit for debounce times - fs: cifs: mute -Wunused-const-variable message - [armhf] serial: mctrl_gpio: Check for NULL pointer - efi/cper: Fix endianness of PCIe class code - [x86] efi/x86: Do not clean dummy variable in kexec path - [x86] xen: Return from panic notifier - ocfs2: clear zero in unaligned direct IO - fs: ocfs2: fix possible null-pointer dereferences in ocfs2_xa_prepare_entry() - fs: ocfs2: fix a possible null-pointer dereference in ocfs2_write_end_nolock() - fs: ocfs2: fix a possible null-pointer dereference in ocfs2_info_scan_inode_alloc() - [arm64] armv8_deprecated: Checking return value for memory allocation - [x86] cpu: Add Comet Lake to the Intel CPU models header - sched/vtime: Fix guest/system mis-accounting on task switch - [x86] perf/x86/amd: Change/fix NMI latency mitigation to use a timestamp - drm/amdgpu: fix memory leak - iio: imu: adis16400: release allocated memory on failure (CVE-2019-19060) - [x86] virt: vbox: fix memory leak in hgcm_call_preprocess_linaddr (CVE-2019-19048) - NFSv4: Fix leak of clp->cl_acceptor string - tracing: Initialize iter->seq after zeroing in tracing_read_pipe() - ALSA: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360 - iwlwifi: exclude GEO SAR support for 3168 - nbd: verify socket is supported during setup - USB: legousbtower: fix a signedness bug in tower_probe() - [x86] thunderbolt: Use 32-bit writes when writing ring producer/consumer - ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe() (CVE-2019-15098) - fuse: flush dirty data/metadata before non-truncate setattr - fuse: truncate pending writes on O_TRUNC - ALSA: bebob: Fix prototype of helper function to return negative value - ALSA: hda/realtek - Fix 2 front mics of codec 0x623 - ALSA: hda/realtek - Add support for ALC623 - UAS: Revert commit 3ae62a42090f ("UAS: fix alignment of scatter/gather segments") - USB: gadget: Reject endpoints with 0 maxpacket value - usb-storage: Revert commit 747668dbc061 ("usb-storage: Set virt_boundary_mask to avoid SG overflows") - USB: ldusb: fix ring-buffer locking - USB: ldusb: fix control-message timeout - usb: xhci: fix __le32/__le64 accessors in debugfs code - USB: serial: whiteheat: fix potential slab corruption - USB: serial: whiteheat: fix line-speed endianness - scsi: target: cxgbit: Fix cxgbit_fw4_ack() - HID: i2c-hid: add Trekstor Primebook C11B to descriptor override - HID: Fix assumption that devices have inputs - HID: fix error message in hid_open_report() - nl80211: fix validation of mesh path nexthop - [s390x] cmm: fix information leak in cmm_timeout_handler() - [s390x] idle: fix cpu idle time calculation - [arm64] Ensure VM_WRITE|VM_SHARED ptes are clean by default - rtlwifi: Fix potential overflow on P2P code (CVE-2019-17666) - [arm64] dmaengine: qcom: bam_dma: Fix resource leak - [armhf] dmaengine: cppi41: Fix cppi41_dma_prep_slave_sg() when idle - NFS: Fix an RCU lock leak in nfs4_refresh_delegation_stateid() - batman-adv: Avoid free/alloc race when handling OGM buffer - llc: fix sk_buff leak in llc_sap_state_process() - llc: fix sk_buff leak in llc_conn_service() - rxrpc: Fix call ref leak - rxrpc: rxrpc_peer needs to hold a ref on the rxrpc_local record - rxrpc: Fix trace-after-put looking at the put peer record - NFC: pn533: fix use-after-free and memleaks - bonding: fix potential NULL deref in bond_update_slave_arr - net: usb: sr9800: fix uninitialized local variable - sch_netem: fix rcu splat in netem_enqueue() - ALSA: timer: Simplify error path in snd_timer_open() - ALSA: timer: Fix mutex deadlock at releasing card - ALSA: usb-audio: DSD auto-detection for Playback Designs - ALSA: usb-audio: Update DSD support quirks for Oppo and Rotel - ALSA: usb-audio: Add DSD support for Gustard U16/X26 USB Interface - [ppc64el] powerpc/powernv: Fix CPU idle to be called with IRQs disabled - Revert "ALSA: hda: Flush interrupts on disabling" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.83 - regulator: of: fix suspend-min/max-voltage parsing - [arm64] dts: allwinner: a64: pine64-plus: Add PHY regulator delay - [arm64] arm64: dts: allwinner: a64: sopine-baseboard: Add PHY regulator delay - [armhf] regulator: ti-abb: Fix timeout in ti_abb_wait_txdone/ti_abb_clear_all_txdone - [x86] ASoC: rt5682: add NULL handler to set_jack function - [armhf] regulator: pfuze100-regulator: Variable "val" in pfuze100_regulator_probe() could be uninitialized - [arm64,armhf] ASoc: rockchip: i2s: Fix RPM imbalance - [armel,armhf] mm: fix alignment handler faults under memory pressure - scsi: qla2xxx: fix a potential NULL pointer dereference - scsi: scsi_dh_alua: handle RTPG sense code correctly during state transitions - drm/amdgpu: fix potential VM faults - scsi: target: core: Do not overwrite CDB byte 1 - tracing: Fix "gfp_t" format for synthetic events - of: unittest: fix memory leak in unittest_data_add (CVE-2019-19049) - [arm64,armhf] irqchip/gic-v3-its: Use the exact ITSList for VMOVP - cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs - nbd: protect cmd->status with cmd->lock - nbd: handle racing with error'ed out commands - cxgb4: fix panic when attaching to ULD fail - dccp: do not leak jiffies on the wire - erspan: fix the tun_info options_len check for erspan - inet: stop leaking jiffies on the wire - net: annotate accesses to sk->sk_incoming_cpu - net: annotate lockless accesses to sk->sk_napi_id - [armhf] net: dsa: bcm_sf2: Fix IMP setup for port different than 8 - net: fix sk_page_frag() recursion from memory reclaim - [arm64] net: hisilicon: Fix ping latency when deal with high throughput - net/mlx4_core: Dynamically set guaranteed amount of counters per VF - netns: fix GFP flags in rtnl_net_notifyid() - net: usb: lan78xx: Disable interrupts before calling generic_handle_irq() - net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol() - udp: fix data-race in udp_set_dev_scratch() - vxlan: check tun_info options_len properly - net: add skb_queue_empty_lockless() - udp: use skb_queue_empty_lockless() - net: use skb_queue_empty_lockless() in poll() handlers - net: use skb_queue_empty_lockless() in busy poll contexts - net: add READ_ONCE() annotation in __skb_wait_for_more_packets() - ipv4: fix route update on metric change. - net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget - r8169: fix wrong PHY ID issue with RTL8168dp - net/mlx5e: Fix ethtool self test: link speed - [armhf] net: dsa: b53: Do not clear existing mirrored port mask - [armhf] net: phy: bcm7xxx: define soft_reset for 40nm EPHY - net: usb: lan78xx: Connect PHY before registering MAC - [arm64,armhf] net: dsa: fix switch tree list - r8152: add device id for Lenovo ThinkPad USB-C Dock Gen 2 - net/flow_dissector: switch to siphash - wireless: Skip directory when generating certificates - [x86] platform/x86: pmc_atom: Add Siemens SIMATIC IPC227E to critclk_systems DMI table - [ppc64el] powerpc/mm: Fixup tlbie vs mtpidr/mtlpidr ordering issue on POWER9 - usb: gadget: udc: core: Fix segfault if udc_bind_to_driver() for pending driver fails https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.84 - bonding: fix state transition issue in link monitoring - CDC-NCM: handle incomplete transfer of MTU - ipv4: Fix table id reference in fib_sync_down_addr - [mips*] net: ethernet: octeon_mgmt: Account for second possible VLAN header - net: fix data-race in neigh_event_send() - net: usb: qmi_wwan: add support for DW5821e with eSIM support - nfc: netlink: fix double device reference drop - qede: fix NULL pointer deref in __qede_remove() - ipv6: fixes rt6_probe() and fib6_nh->last_probe init - [arm64] net: hns: Fix the stray netpoll locks causing deadlock in NAPI path - ALSA: timer: Fix incorrectly assigned timer instance - ALSA: bebob: fix to detect configured source of sampling clock for Focusrite Saffire Pro i/o series - ALSA: hda/ca0132 - Fix possible workqueue stall - mm: memcontrol: fix network errors from failing __GFP_ATOMIC charges - mm, meminit: recalculate pcpu batch and high limits after init completes - mm: thp: handle page cache THP correctly in PageTransCompoundMap - mm, vmstat: hide /proc/pagetypeinfo from normal users - dump_stack: avoid the livelock of the dump_lock - perf tools: Fix time sorting - drm/radeon: fix si_enable_smc_cac() failed issue - HID: wacom: generic: Treat serial number and related fields as unsigned - [arm64] Do not mask out PTE_RDONLY in pte_same() - ceph: fix use-after-free in __ceph_remove_cap() - ceph: add missing check in d_revalidate snapdir handling - [armhf] sunxi: Fix CPU powerdown on A83T - netfilter: nf_tables: Align nft_expr private data to 64-bit - netfilter: ipset: Fix an error code in ip_set_sockfn_get() - [x86] intel_th: pci: Add Comet Lake PCH support - [x86] intel_th: pci: Add Jasper Lake PCH support - [x86] apic/32: Avoid bogus LDR warnings - SMB3: Fix persistent handles reconnect - can: usb_8dev: fix use-after-free on disconnect - [armhf] can: flexcan: disable completely the ECC mechanism - can: peak_usb: fix a potential out-of-sync while decoding packets - can: rx-offload: can_rx_offload_queue_sorted(): fix error handling, avoid skb mem leak - can: gs_usb: gs_can_open(): prevent memory leak (CVE-2019-19052) - can: dev: add missing of_node_put() after calling of_get_child_by_name() - can: mcba_usb: fix use-after-free on disconnect - can: peak_usb: fix slab info leak - configfs: stash the data we need into configfs_buffer at open time - configfs_register_group() shouldn't be (and isn't) called in rmdirable parts - configfs: new object reprsenting tree fragments - configfs: provide exclusion between IO and removals - configfs: fix a deadlock in configfs_symlink() - ALSA: usb-audio: More validations of descriptor units - ALSA: usb-audio: Simplify parse_audio_unit() - ALSA: usb-audio: Unify the release of usb_mixer_elem_info objects - ALSA: usb-audio: Remove superfluous bLength checks - ALSA: usb-audio: Clean up check_input_term() - ALSA: usb-audio: Fix possible NULL dereference at create_yamaha_midi_quirk() - ALSA: usb-audio: remove some dead code - ALSA: usb-audio: Fix copy&paste error in the validator - sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices - sched/fair: Fix -Wunused-but-set-variable warnings - usbip: Fix vhci_urb_enqueue() URB null transfer buffer error path - usbip: Implement SG support to vhci-hcd and stub driver - [arm64,armhf] PCI: tegra: Enable Relaxed Ordering only for Tegra20 & Tegra30 - [amd64] HID: intel-ish-hid: fix wrong error handling in ishtp_cl_alloc_tx_ring() - RDMA/mlx5: Clear old rate limit when closing QP - iw_cxgb4: fix ECN check on the passive accept - RDMA/qedr: Fix reported firmware version - net/mlx5e: TX, Fix consumer index of error cqe dump - net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq (CVE-2019-19045) - scsi: qla2xxx: fixup incorrect usage of host_byte - RDMA/uverbs: Prevent potential underflow - net: openvswitch: free vport unless register_netdevice() succeeds - scsi: lpfc: Honor module parameter lpfc_use_adisc - scsi: qla2xxx: Initialized mailbox to prevent driver load failure - netfilter: nf_flow_table: set timeout before insertion into hashes - ipvs: don't ignore errors in case refcounting ip_vs module fails - ipvs: move old_secure_tcp into struct netns_ipvs - bonding: fix unexpected IFF_BONDING bit unset - macsec: fix refcnt leak in module exit routine - usb: gadget: composite: Fix possible double free memory bug - [arm64] usb: dwc3: pci: prevent memory leak in dwc3_pci_probe (CVE-2019-18813) - usb: gadget: configfs: fix concurrent issue between composite APIs - [arm64,armhf] usb: dwc3: remove the call trace of USBx_GFLADJ - [x86] perf/x86/amd/ibs: Fix reading of the IBS OpData register and thus precise RIP validity - [x86] perf/x86/amd/ibs: Handle erratum #420 only on the affected CPU family (10h) - [x86] perf/x86/uncore: Fix event group support - USB: Skip endpoints with 0 maxpacket length - USB: ldusb: use unsigned size format specifiers - usbip: tools: Fix read_usb_vudc_device() error path handling - RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case - [arm64] RDMA/hns: Prevent memory leaks of eq->buf_list - scsi: qla2xxx: stop timer in shutdown path - nvme-multipath: fix possible io hang after ctrl reconnect - [amd64] fjes: Handle workqueue allocation failure - [arm64] net: hisilicon: Fix "Trying to free already-free IRQ" - drm/amdgpu: If amdgpu_ib_schedule fails return back the error. - [x86] hv_netvsc: Fix error handling in netvsc_attach() - [arm64,armhf] usb: dwc3: gadget: fix race when disabling ep with cancelled xfers - NFSv4: Don't allow a cached open with a revoked delegation - igb: Fix constant media auto sense switching when no cable is connected - e1000: fix memory leaks - [x86] pinctrl: intel: Avoid potential glitches if pin is in GPIO mode - ocfs2: protect extent tree in ocfs2_prepare_inode_for_write() - [x86] pinctrl: cherryview: Fix irq_valid_mask calculation - blkcg: make blkcg_print_stat() print stats only for online blkgs - [x86] iio: imu: mpu6050: Add support for the ICM 20602 IMU - [x86] iio: imu: inv_mpu6050: fix no data on MPU6050 - mm/filemap.c: don't initiate writeback if mapping has no dirty pages - cgroup,writeback: don't switch wbs immediately on dead wbs if the memcg is dead - usbip: Fix free of unallocated memory in vhci tx - netfilter: ipset: Copy the right MAC address in hash:ip,mac IPv6 sets - net: prevent load/store tearing on sk->sk_stamp - [x86] iio: imu: mpu6050: Fix FIFO layout for ICM20602 - vsock/virtio: fix sock refcnt holding during the shutdown - x86/cpu: Add Tremont to the cpu vulnerability whitelist https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.85 - scsi: core: Handle drivers which set sg_tablesize to zero - ax88172a: fix information leak on short answers - ipmr: Fix skb headroom in ipmr_get_route(). - net: gemini: add missed free_netdev - net: usb: qmi_wwan: add support for Foxconn T77W968 LTE modules - slip: Fix memory leak in slip_open error path - ALSA: usb-audio: Fix missing error check at mixer resolution test - ALSA: usb-audio: not submit urb for stopped endpoint - ALSA: usb-audio: Fix incorrect NULL check in create_yamaha_midi_quirk() - ALSA: usb-audio: Fix incorrect size check for processing/extension units - Btrfs: fix log context list corruption after rename exchange operation - Input: ff-memless - kill timer in destroy() - Input: synaptics-rmi4 - fix video buffer size - Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver - Input: synaptics-rmi4 - do not consume more data than we have (F11, F12) - Input: synaptics-rmi4 - clear IRQ enables for F54 - Input: synaptics-rmi4 - destroy F54 poller workqueue when removing - IB/hfi1: Ensure full Gen3 speed in a Gen4 system - IB/hfi1: Use a common pad buffer for 9B and 16B packets - i2c: acpi: Force bus speed to 400KHz if a Silead touchscreen is present - ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable - ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either - [armhf] net: ethernet: dwmac-sun8i: Use the correct function in exit path - [x86] iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros - mm: mempolicy: fix the wrong return value and potential pages leak of mbind - mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm() - mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup() - iio: adc: max9611: explicitly cast gain_selectors - tee: optee: take DT status property into account - ath10k: fix kernel panic by moving pci flush after napi_disable - clk: sunxi-ng: h6: fix PWM gate/reset offset - soundwire: Initialize completion for defer messages - [x86] soundwire: intel: Fix uninitialized adev deref - [arm64] dts: allwinner: a64: Orange Pi Win: Fix SD card node - [arm64] dts: allwinner: a64: Olinuxino: fix DRAM voltage - [arm64] dts: allwinner: a64: NanoPi-A64: Fix DCDC1 voltage - ALSA: pcm: signedness bug in snd_pcm_plug_alloc() - [arm64] soc/tegra: pmc: Fix pad voltage configuration for Tegra186 - [arm64] dts: tegra210-p2180: Correct sdmmc4 vqmmc-supply - y2038: make do_gettimeofday() and get_seconds() inline - rtc: sysfs: fix NULL check in rtc_add_groups() - remoteproc/davinci: Use %zx for formating size_t - extcon: cht-wc: Return from default case to avoid warnings - cfg80211: Avoid regulatory restore when COUNTRY_IE_IGNORE is set - ALSA: seq: Do error checks at creating system ports - ath10k: skip resetting rx filter for WCN3990 - ath9k: fix tx99 with monitor mode interface - wil6210: drop Rx multicast packets that are looped-back to STA - wil6210: set edma variables only for Talyn-MB devices - wil6210: prevent usage of tx ring 0 for eDMA - wil6210: fix invalid memory access for rx_buff_mgmt debugfs - ath10k: limit available channels via DT ieee80211-freq-limit - ice: Update request resource command to latest specification - ice: Prevent control queue operations during reset - gfs2: Don't set GFS2_RDF_UPTODATE when the lvb is updated - ice: Fix and update driver version string - ASoC: dapm: Don't fail creating new DAPM control on NULL pinctrl - ASoC: dpcm: Properly initialise hw->rate_max - ASoC: meson: axg-fifo: report interrupt request failure - ASoC: AMD: Change MCLK to 48Mhz - pinctrl: ingenic: Probe driver at subsys_initcall - [armhf] dts: exynos: Use i2c-gpio for HDMI-DDC on Arndale - [armhf] dts: exynos: Fix HDMI-HPD line handling on Arndale - [armhf] dts: exynos: Fix sound in Snow-rev5 Chromebook - liquidio: fix race condition in instruction completion processing - [arm64] dts: stratix10: i2c clock running out of spec - [armhf] dts: exynos: Fix regulators configuration on Peach Pi/Pit Chromebooks - i40evf: Validate the number of queues a PF sends - i40e: use correct length for strncpy - i40evf: set IFF_UNICAST_FLT flag for the VF - i40e: Check and correct speed values for link on open - i40evf: Don't enable vlan stripping when rx offload is turned on - i40e: hold the rtnl lock on clearing interrupt scheme - i40evf: cancel workqueue sync for adminq when a VF is removed - i40e: Prevent deleting MAC address from VF when set by PF - IB/rxe: avoid back-to-back retries - IB/rxe: fixes for rdma read retry - iwlwifi: drop packets with bad status in CD - iwlwifi: don't WARN on trying to dump dead firmware - iwlwifi: mvm: avoid sending too many BARs - media: vicodec: fix out-of-range values when decoding - media: i2c: Fix pm_runtime_get_if_in_use() usage in sensor drivers - media: ov772x: Disable clk on error path - rtl8187: Fix warning generated when strncpy() destination length matches the sixe argument - mwifiex: do no submit URB in suspended state - mwifex: free rx_cmd skb in suspended state - brcmfmac: fix wrong strnchr usage - mt76: Fix comparisons with invalid hardware key index - soc: imx: gpc: fix PDN delay - ASoC: rsnd: ssi: Fix issue in dma data address assignment - net: hns3: Fix for multicast failure - net: hns3: Fix error of checking used vlan id - net: hns3: Fix for loopback selftest failed problem - net: hns3: Change the dst mac addr of loopback packet - net/mlx5: Fix atomic_mode enum values - net: phy: mscc: read 'vsc8531,vddmac' as an u32 - net: phy: mscc: read 'vsc8531, edge-slowdown' as an u32 - [armhf] dts: meson8: fix the clock controller register size - [armhf] dts: meson8b: fix the clock controller register size - mtd: rawnand: marvell: use regmap_update_bits() for syscon access - mtd: rawnand: fsl_ifc: check result of SRAM initialization - mtd: rawnand: fsl_ifc: fixup SRAM init for newer ctrl versions - mtd: rawnand: qcom: don't include dma-direct.h - IB/mlx5: Change TX affinity assignment in RoCE LAG mode - qxl: fix null-pointer crash during suspend - mac80211: fix saving a few HE values - cfg80211: validate wmm rule when setting - f2fs: avoid wrong decrypted data from disk - net: lan78xx: Bail out if lan78xx_get_endpoints fails - rtnetlink: move type calculation out of loop - ASoC: sgtl5000: avoid division by zero if lo_vag is zero - ath10k: avoid possible memory access violation - [armhf] dts: exynos: Disable pull control for S5M8767 PMIC - ath10k: wmi: disable softirq's while calling ieee80211_rx - i2c: mediatek: Use DMA safe buffers for i2c transactions - IB/mlx5: Don't hold spin lock while checking device state - IB/ipoib: Ensure that MTU isn't less than minimum permitted - RDMA/core: Rate limit MAD error messages - RDMA/core: Follow correct unregister order between sysfs and cgroup - udf: Fix crash during mount - ASoC: dapm: Avoid uninitialised variable warning - [x86] ASoC: Intel: hdac_hdmi: Limit sampling rates at dai creation - ata: Disable AHCI ALPM feature for Ampere Computing eMAG SATA - [powerpc] make PowerMac cache node search conditional on CONFIG_PPC_PMAC - [armhf] dts: omap3-gta04: give spi_lcd node a label so that we can overwrite in other DTS files - [armhf] dts: omap3-gta04: fixes for tvout / venc - [armhf] dts: omap3-gta04: tvout: enable as display1 alias - [armhf] dts: omap3-gta04: fix touchscreen tsc2007 - [armhf] dts: omap3-gta04: make NAND partitions compatible with recent U-Boot - [armhf] dts: omap3-gta04: keep vpll2 always on - f2fs: submit bio after shutdown - failover: Fix error return code in net_failover_create - sched/debug: Explicitly cast sched_feat() to bool - sched/debug: Use symbolic names for task state constants - firmware: arm_scmi: use strlcpy to ensure NULL-terminated strings - [arm64] dts: rockchip: Fix VCC5V0_HOST_EN on rk3399-sapphire - [armhf] dts: exynos: Disable pull control for PMIC IRQ line on Artik5 board - usb: mtu3: disable vbus rise/fall interrupts of ltssm - EDAC, sb_edac: Return early on ADDRV bit and address type test - [armhf] rtc: pl030: fix possible race condition - ath9k: add back support for using active monitor interfaces for tx99 - dmaengine: at_xdmac: remove a stray bottom half unlock - RDMA/hns: Fix an error code in hns_roce_v2_init_eq_table() - IB/hfi1: Missing return value in error path for user sdma - signal: Always ignore SIGKILL and SIGSTOP sent to the global init - signal: Properly deliver SIGILL from uprobes - signal: Properly deliver SIGSEGV from x86 uprobes - f2fs: fix memory leak of write_io in fill_super() - f2fs: fix memory leak of percpu counter in fill_super() - f2fs: fix setattr project check upon fssetxattr ioctl - scsi: qla2xxx: Use correct qpair for ABTS/CMD - scsi: qla2xxx: Fix iIDMA error - scsi: qla2xxx: Defer chip reset until target mode is enabled - scsi: qla2xxx: Terminate Plogi/PRLI if WWN is 0 - scsi: qla2xxx: Fix deadlock between ATIO and HW lock - scsi: qla2xxx: Increase abort timeout value - scsi: qla2xxx: Check for Register disconnect - scsi: qla2xxx: Fix port speed display on chip reset - scsi: qla2xxx: Fix dropped srb resource. - scsi: qla2xxx: Fix duplicate switch's Nport ID entries - scsi: lpfc: Fix GFT_ID and PRLI logic for RSCN - scsi: lpfc: Correct invalid EQ doorbell write on if_type=6 - scsi: lpfc: Fix errors in log messages. - scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir() - [armhf] imx6: register pm_power_off handler if "fsl,pmic-stby-poweroff" is set - scsi: pm80xx: Corrected dma_unmap_sg() parameter - scsi: pm80xx: Fixed system hang issue during kexec boot - kprobes: Don't call BUG_ON() if there is a kprobe in use on free list - net: aquantia: fix hw_atl_utils_fw_upload_dwords - Drivers: hv: vmbus: Fix synic per-cpu context initialization - nvmem: core: return error code instead of NULL from nvmem_device_get - media: dt-bindings: adv748x: Fix decimal unit addresses - [x86] ALSA: hda: Fix implicit definition of pci_iomap() on SH - media: fix: media: pci: meye: validate offset to avoid arbitrary access - media: dvb: fix compat ioctl translation - net: bcmgenet: Fix speed selection for reverse MII - [arm64] dts: meson: libretech: update board model - [arm64] dts: meson-axg: use the proper compatible for ethmac - [x86] ALSA: intel8x0m: Register irq handler after register initializations - [arm64] dts: renesas: salvator-common: adv748x: Override secondary addresses - [arm64] dts: renesas: r8a77965: Attach the SYS-DMAC to the IPMMU - [arm64] dts: renesas: r8a77965: Fix HS-USB compatible - [arm64] dts: renesas: r8a77965: Fix clock/reset for usb2_phy1 - pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map() - llc: avoid blocking in llc_sap_close() - [armhf] dts: qcom: ipq4019: fix cpu0's qcom,saw2 reg value - [arm64] soc: qcom: wcnss_ctrl: Avoid string overflow - [arm64] dts: broadcom: Fix I2C and SPI bus warnings - [armhf] dts: bcm: Fix SPI bus warnings - [armhf] dts: aspeed: Fix I2C bus warnings - [ppc64el,powerpc*] powerpc/vdso: Correct call frame information - [armhf] dts: socfpga: Fix I2C bus unit-address error - [armhf] dts: sunxi: Fix I2C bus warnings - [armhf] dts: sun9i: Fix I2C bus warnings - android: binder: no outgoing transaction when thread todo has transaction - cxgb4: Fix endianness issue in t4_fwcache() - [arm64] fix for bad_mode() handler to always result in panic - block, bfq: inject other-queue I/O into seeky idle queues on NCQ flash - blok, bfq: do not plug I/O if all queues are weight-raised - [arm64] dts: meson: Fix erroneous SPI bus warnings - power: supply: ab8500_fg: silence uninitialized variable warnings - component: fix loop condition to call unbind() if bind() fails - kernfs: Fix range checks in kernfs_get_target_path - ip_gre: fix parsing gre header in ipgre_err - scsi: ufshcd: Fix NULL pointer dereference for in ufshcd_init - [armhf] dts: rockchip: Fix erroneous SPI bus dtc warnings on rk3036 - [arm64] dts: rockchip: Fix I2C bus unit-address error on rk3399-puma-haikou - [x86] ACPI / LPSS: Exclude I2C busses shared with PUNIT from pmc_atom_d3_mask - netfilter: nf_tables: avoid BUG_ON usage - ath9k: Fix a locking bug in ath9k_add_interface() - [s390x] qeth: uninstall IRQ handler on device removal - [s390x] qeth: invoke softirqs after napi_schedule() - media: vsp1: Fix vsp1_regs.h license header - media: vsp1: Fix YCbCr planar formats pitch calculation - media: ov2680: don't register the v4l2 subdevice before checking chip ID - PCI/ACPI: Correct error message for ASPM disabling - net: socionext: Fix two sleep-in-atomic-context bugs in ave_rxfifo_reset() - PCI: mediatek: Fix unchecked return value - [armhf] dts: xilinx: Fix I2C and SPI bus warnings - serial: uartps: Fix suspend functionality - serial: samsung: Enable baud clock for UART reset procedure in resume - serial: mxs-auart: Fix potential infinite loop - tty: serial: qcom_geni_serial: Fix serial when not used as console - [arm64] dts: ti: k3-am65: Change #address-cells and #size-cells of interconnect to 2 - samples/bpf: fix a compilation failure - spi: mediatek: Don't modify spi_transfer when transfer. - ASoC: rt5682: Fix the boost volume at the begining of playback - ipmi_si_pci: fix NULL device in ipmi_si error message - ipmi_si: fix potential integer overflow on large shift - ipmi:dmi: Ignore IPMI SMBIOS entries with a zero base address - ipmi: fix return value of ipmi_set_my_LUN - net: hns3: fix return type of ndo_start_xmit function - net: cavium: fix return type of ndo_start_xmit function - net: ibm: fix return type of ndo_start_xmit function - [ppc64el,powerpc*] iommu: Avoid derefence before pointer check - [ppc64el,powerpc*] selftests: Do not fail with reschedule - [ppc64el,powerpc64] hash: Fix stab_rr off by one initialization - [ppc64el,powerpc64] pseries/memory-hotplug: Only update DT once per memory DLPAR request - [ppc64el,powerpc64] pseries: Disable CPU hotplug across migrations - [ppc64el,powerpc*] Fix duplicate const clang warning in user access code - RDMA/i40iw: Fix incorrect iterator type - OPP: Protect dev_list with opp_table lock - of/unittest: Fix I2C bus unit-address error - libfdt: Ensure INT_MAX is defined in libfdt_env.h - power: supply: twl4030_charger: fix charging current out-of-bounds - power: supply: twl4030_charger: disable eoc interrupt on linear charge - net: mvpp2: fix the number of queues per cpu for PPv2.2 - net: marvell: fix return type of ndo_start_xmit function - net: toshiba: fix return type of ndo_start_xmit function - net: xilinx: fix return type of ndo_start_xmit function - net: broadcom: fix return type of ndo_start_xmit function - net: amd: fix return type of ndo_start_xmit function - net: sun: fix return type of ndo_start_xmit function - net: hns3: Fix for setting speed for phy failed problem - net: hns3: Fix cmdq registers initialization issue for vf - net: hns3: Clear client pointer when initialize client failed or unintialize finished - net: hns3: Fix client initialize state issue when roce client initialize failed - net: hns3: Fix parameter type for q_id in hclge_tm_q_to_qs_map_cfg() - nfp: provide a better warning when ring allocation fails - usb: chipidea: imx: enable OTG overcurrent in case USB subsystem is already started - usb: chipidea: Fix otg event handler - usb: usbtmc: Fix ioctl USBTMC_IOCTL_ABORT_BULK_OUT - [s390x] zcrypt: enable AP bus scan without a valid default domain - [s390x] vdso: avoid 64-bit vdso mapping for compat tasks - [s390x] vdso: correct CFI annotations of vDSO functions - brcmfmac: increase buffer for obtaining firmware capabilities - brcmsmac: Use kvmalloc() for ucode allocations - mlxsw: spectrum: Init shaper for TCs 8..15 - PCI: portdrv: Initialize service drivers directly - [armhf] dts: am335x-evm: fix number of cpsw - [armhf] dts: ti: Fix SPI and I2C bus warnings - f2fs: avoid infinite loop in f2fs_alloc_nid - f2fs: fix to recover inode's uid/gid during POR - [armhf] dts: ux500: Correct SCU unit address - [armhf] dts: ux500: Fix LCDA clock line muxing - [armhf] dts: ste: Fix SPI controller node names - spi: pic32: Use proper enum in dmaengine_prep_slave_rg - crypto: chacha20 - Fix chacha20_block() keystream alignment (again) - cpufeature: avoid warning when compiling with clang - [armhf] crypto: crc32 - avoid warning when compiling with Clang - [armel] dts: marvell: Fix SPI and I2C bus warnings - [x86] mce-inject: Reset injection struct after injection - [armhf,arm64] dts: clearfog: fix sdhci supply property name - bnx2x: Ignore bandwidth attention in single function mode - PCI/AER: Take reference on error devices - PCI/AER: Don't read upstream ports below fatal errors - PCI/ERR: Use slot reset if available - samples/bpf: fix compilation failure - net: phy: mdio-bcm-unimac: Allow configuring MDIO clock divider - net: micrel: fix return type of ndo_start_xmit function - net: freescale: fix return type of ndo_start_xmit function - [x86] CPU: Use correct macros for Cyrix calls - [x86] CPU: Change query logic so CPUID is enabled before testing - EDAC: Correct DIMM capacity unit symbol - [mips*] kexec: Relax memory restriction - [arm64] dts: rockchip: Fix microSD in rk3399 sapphire board - mlxsw: Make MLXSW_SP1_FWREV_MINOR a hard requirement - media: imx: work around false-positive warning, again - media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init() - media: au0828: Fix incorrect error messages - media: davinci: Fix implicit enum conversion warning - [armhf] dts: rockchip: explicitly set vcc_sd0 pin to gpio on rk3188-radxarock - usb: gadget: uvc: configfs: Drop leaked references to config items - usb: gadget: uvc: configfs: Prevent format changes after linking header - usb: gadget: uvc: configfs: Sort frame intervals upon writing - [armhf] dts: exynos: Correct audio subsystem parent clock on Peach Chromebooks - i2c: aspeed: fix invalid clock parameters for very large divisors - gpiolib: Fix gpio_direction_* for single direction GPIOs - phy: brcm-sata: allow PHY_BRCM_SATA driver to be built for DSL SoCs - phy: renesas: rcar-gen3-usb2: fix vbus_ctrl for role sysfs - phy: phy-twl4030-usb: fix denied runtime access - [armhf] dts: imx6ull: update vdd_soc voltage for 900MHz operating point - usb: gadget: uvc: Factor out video USB request queueing - usb: gadget: uvc: Only halt video streaming endpoint in bulk mode - coresight: Use ERR_CAST instead of ERR_PTR - coresight: Fix handling of sinks - coresight: perf: Fix per cpu path management - coresight: perf: Disable trace path upon source error - coresight: tmc-etr: Handle driver mode specific ETR buffers - coresight: etm4x: Configure EL2 exception level when kernel is running in HYP - coresight: tmc: Fix byte-address alignment for RRP - coresight: dynamic-replicator: Handle multiple connections - slimbus: ngd: register ngd driver only once. - slimbus: ngd: return proper error code instead of zero - silmbus: ngd: register controller after power up. - misc: kgdbts: Fix restrict error - misc: genwqe: should return proper error value. - vmbus: keep pointer to ring buffer page - vfio/pci: Fix potential memory leak in vfio_msi_cap_len - vfio/pci: Mask buggy SR-IOV VF INTx support - iw_cxgb4: Use proper enumerated type in c4iw_bar2_addrs - scsi: libsas: always unregister the old device if going to discover new - f2fs: fix remount problem of option io_bits - phy: lantiq: Fix compile warning - [arm64] dts: fsl: Fix I2C and SPI bus warnings - [armhf] dts: imx51-zii-rdu1: Fix the rtc compatible string - [arm64] tegra: I2C on Tegra194 is not compatible with Tegra114 - [armhf] dts: tegra30: fix xcvr-setup-use-fuses - [armhf] dts: tegra20: restore address order - [armhf] tegra: apalis_t30: fix mmc1 cmd pull-up - [armhf] tegra: apalis_t30: fix mcp2515 can controller interrupt polarity - [armhf] tegra: colibri_t30: fix mcp2515 can controller interrupt polarity - [armhf] dts: paz00: fix wakeup gpio keycode - net: smsc: fix return type of ndo_start_xmit function - net: faraday: fix return type of ndo_start_xmit function - PCI/ERR: Run error recovery callbacks for all affected devices - f2fs: update i_size after DIO completion - f2fs: fix to recover inode's project id during POR - f2fs: mark inode dirty explicitly in recover_inode() - RDMA: Fix dependencies for rdma_user_mmap_io - EDAC: Raise the maximum number of memory controllers - firmware: dell_rbu: Make payload memory uncachable - Bluetooth: hci_serdev: clear HCI_UART_PROTO_READY to avoid closing proto races - Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS - Bluetooth: btrsi: fix bt tx timeout issue - [x86] hyperv: Suppress "PCI: Fatal: No config space access function found" - crypto: s5p-sss: Fix race in error handling - crypto: s5p-sss: Fix Fix argument list alignment - crypto: fix a memory leak in rsa-kcs1pad's encryption mode - iwlwifi: dbg: don't crash if the firmware crashes in the middle of a debug dump - iwlwifi: fix non_shared_ant for 22000 devices - iwlwifi: pcie: read correct prph address for newer devices - iwlwifi: api: annotate compressed BA notif array sizes - iwlwifi: pcie: gen2: build A-MSDU only for GSO - iwlwifi: pcie: fit reclaim msg to MAX_MSG_LEN - iwlwifi: mvm: use correct FIFO length - iwlwifi: mvm: Allow TKIP for AP mode - scsi: NCR5380: Clear all unissued commands on host reset - scsi: NCR5380: Have NCR5380_select() return a bool - scsi: NCR5380: Withhold disconnect privilege for REQUEST SENSE - scsi: NCR5380: Use DRIVER_SENSE to indicate valid sense data - scsi: NCR5380: Check for invalid reselection target - scsi: NCR5380: Don't clear busy flag when abort fails - scsi: NCR5380: Don't call dsprintk() following reselection interrupt - scsi: NCR5380: Handle BUS FREE during reselection - scsi: NCR5380: Check for bus reset - [arm64] dts: amd: Fix SPI bus warnings - [arm64] dts: lg: Fix SPI controller node names - rtc: isl1208: avoid possible sysfs race - rtc: tx4939: fixup nvmem name and register size - rtc: armada38x: fix possible race condition - netfilter: masquerade: don't flush all conntracks if only one address deleted on device - usb: xhci-mtk: fix ISOC error when interval is zero - usb: usbtmc: uninitialized symbol 'actual' in usbtmc_ioctl_clear - fuse: use READ_ONCE on congestion_threshold and max_background - IB/iser: Fix possible NULL deref at iser_inv_desc() - media: ov2680: fix null dereference at power on - [s390x] vdso: correct vdso mapping for compat tasks - net: phy: mdio-bcm-unimac: mark PM functions as __maybe_unused - memfd: Use radix_tree_deref_slot_protected to avoid the warning. - slcan: Fix memory leak in error path https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.86 - spi: mediatek: use correct mata->xfer_len when in fifo transfer - i2c: mediatek: modify threshold passed to i2c_get_dma_safe_msg_buf() - tee: optee: add missing of_node_put after of_device_is_available - Revert "OPP: Protect dev_list with opp_table lock" - net: cdc_ncm: Signedness bug in cdc_ncm_set_dgram_size() - idr: Fix idr_get_next race with idr_remove - mm/memory_hotplug: don't access uninitialized memmaps in shrink_pgdat_span() - mm/memory_hotplug: fix updating the node span - [arm64] uaccess: Ensure PAN is re-enabled after unhandled uaccess fault - fbdev: Ditch fb_edid_add_monspecs - [i386] bpf, x32: Fix bug for BPF_ALU64 | BPF_NEG - [i386] bpf, x32: Fix bug with ALU64 {LSH, RSH, ARSH} BPF_X shift by 0 - [i386] bpf, x32: Fix bug with ALU64 {LSH, RSH, ARSH} BPF_K shift by 0 - [i386] bpf, x32: Fix bug for BPF_JMP | {BPF_JSGT, BPF_JSLE, BPF_JSLT, BPF_JSGE} - net: ovs: fix return type of ndo_start_xmit function - net: xen-netback: fix return type of ndo_start_xmit function - [armhf] dts: dra7: Enable workaround for errata i870 in PCIe host mode - [armhf] dts: omap5: enable OTG role for DWC3 controller - [arm64] net: hns3: Fix for netdev not up problem when setting mtu - [arm64] net: hns3: Fix loss of coal configuration while doing reset - f2fs: return correct errno in f2fs_gc - [armhf] dts: sun8i: h3-h5: ir register size should be the whole memory block - [armhf] dts: sun8i: h3: bpi-m2-plus: Fix address for external RGMII Ethernet PHY - tcp: up initial rmem to 128KB and SYN rwin to around 64KB - SUNRPC: Fix priority queue fairness - ACPI / LPSS: Make acpi_lpss_find_device() also find PCI devices - ACPI / LPSS: Resume BYT/CHT I2C controllers from resume_noirq - f2fs: keep lazytime on remount - IB/hfi1: Error path MAD response size is incorrect - IB/hfi1: Ensure ucast_dlid access doesnt exceed bounds - mt76x2: fix tx power configuration for VHT mcs 9 - mt76x2: disable WLAN core before probe - mt76: fix handling ps-poll frames - [arm64,armhf] iommu/io-pgtable-arm: Fix race handling in split_blk_unmap() - [arm64,armhf] iommu/arm-smmu-v3: Fix unexpected CMD_SYNC timeout - [arm64,armhf] kvm: Fix stage2_flush_memslot for 4 level page table - [arm64] numa: Report correct memblock range for the dummy node - ath10k: fix vdev-start timeout on error - rtlwifi: btcoex: Use proper enumerated types for Wi-Fi only interface - ata: ahci_brcm: Allow using driver or DSL SoCs - PM / devfreq: Fix devfreq_add_device() when drivers are built as modules. - PM / devfreq: Fix handling of min/max_freq == 0 - PM / devfreq: stopping the governor before device_unregister() - ath9k: fix reporting calculated new FFT upper max - selftests/tls: Fix recv(MSG_PEEK) & splice() test cases - usb: gadget: udc: fotg210-udc: Fix a sleep-in-atomic-context bug in fotg210_get_status() - usb: dwc3: gadget: Check ENBLSLPM before sending ep command - nl80211: Fix a GET_KEY reply attribute - [arm64,armhf] irqchip/irq-mvebu-icu: Fix wrong private data retrieval - watchdog: core: fix null pointer dereference when releasing cdev - watchdog: w83627hf_wdt: Support NCT6796D, NCT6797D, NCT6798D - [ppc64el,powerpc64] Inform the userspace about TCE update failures - printk: Do not miss new messages when replaying the log - printk: CON_PRINTBUFFER console registration is a bit racy - dmaengine: ep93xx: Return proper enum in ep93xx_dma_chan_direction - dmaengine: timb_dma: Use proper enum in td_prep_slave_sg - [x86] ALSA: hda: Fix mismatch for register mask and value in ext controller. - ext4: fix build error when DX_DEBUG is defined - clk: keystone: Enable TISCI clocks if K3_ARCH - sunrpc: Fix connect metrics - [x86] PCI: Apply VMD's AERSID fixup generically - mei: samples: fix a signedness bug in amt_host_if_call() - cxgb4: Use proper enum in cxgb4_dcb_handle_fw_update - cxgb4: Use proper enum in IEEE_FAUX_SYNC - [ppc64el,powerpc*] Fix DTL buffer registration - [ppc64el,powerpc*] Fix how we iterate over the DTL entries - [ppc64el,powerpc*] xive: Move a dereference below a NULL test - mtd: rawnand: sh_flctl: Use proper enum for flctl_dma_fifo0_transfer - PM / hibernate: Check the success of generating md5 digest before hibernation - tools: PCI: Fix compilation warnings - ice: Fix forward to queue group logic - md: allow metadata updates while suspending an array - fix - ixgbe: Fix ixgbe TX hangs with XDP_TX beyond queue limit - i40e: Use proper enum in i40e_ndo_set_vf_link_state - ixgbe: Fix crash with VFs and flow director on interface flap - IB/mthca: Fix error return code in __mthca_init_one() - IB/rxe: avoid srq memory leak - RDMA/hns: Bugfix for reserved qp number - RDMA/hns: Submit bad wr when post send wr exception - RDMA/hns: Bugfix for CM test - RDMA/hns: Limit the size of extend sge of sq - IB/mlx4: Avoid implicit enumerated type conversion - rpmsg: glink: smem: Support rx peak for size less than 4 bytes - msm/gpu/a6xx: Force of_dma_configure to setup DMA for GMU - OPP: Return error on error from dev_pm_opp_get_opp_count() - ACPICA: Never run _REG on system_memory and system_IO - cpuidle: menu: Fix wakeup statistics updates for polling state - ASoC: qdsp6: q6asm-dai: checking NULL vs IS_ERR() - [ppc64el,powerpc*] time: Use clockevents_register_device(), fixing an issue with large decrementer - [ppc64el,powerpc64] radix: Explicitly flush ERAT with local LPID invalidation - ata: ep93xx: Use proper enums for directions - qed: Avoid implicit enum conversion in qed_ooo_submit_tx_buffers - media: rc: ir-rc6-decoder: enable toggle bit for Kathrein RCU-676 remote - media: pxa_camera: Fix check for pdev->dev.of_node - media: rcar-vin: fix redeclaration of symbol - media: i2c: adv748x: Support probing a single output - [x86] ALSA: hda/sigmatel - Disable automute for Elo VuPoint - bnxt_en: return proper error when FW returns HWRM_ERR_CODE_RESOURCE_ACCESS_DENIED - [ppc64el,powerpc64] Book3S PR: Exiting split hack mode needs to fixup both PC and LR - USB: serial: cypress_m8: fix interrupt-out transfer length - usb: dwc2: disable power_down on rockchip devices - mtd: physmap_of: Release resources on error - cpu/SMT: State SMT is disabled even with nosmt and without "=force" - brcmfmac: reduce timeout for action frame scan - brcmfmac: fix full timeout waiting for action frame on-channel tx - qtnfmac: request userspace to do OBSS scanning if FW can not - qtnfmac: pass sgi rate info flag to wireless core - qtnfmac: inform wireless core about supported extended capabilities - qtnfmac: drop error reports for out-of-bounds key indexes - [armhf] clk: samsung: Use NOIRQ stage for Exynos5433 clocks suspend/resume - [armhf] clk: samsung: exynos5420: Define CLK_SECKEY gate clock only or Exynos5420 - [armhf] clk: samsung: Use clk_hw API for calling clk framework from clk notifiers - printk: Correct wrong casting - NFSv4.x: fix lock recovery during delegation recall - dmaengine: ioat: fix prototype of ioat_enumerate_channels - media: ov5640: fix framerate update - media: cec-gpio: select correct Signal Free Time - gfs2: slow the deluge of io error messages - i2c: omap: use core to detect 'no zero length' quirk - i2c: qup: use core to detect 'no zero length' quirk - i2c: tegra: use core to detect 'no zero length' quirk - i2c: zx2967: use core to detect 'no zero length' quirk - Input: st1232 - set INPUT_PROP_DIRECT property - Input: silead - try firmware reload after unsuccessful resume - soc: fsl: bman_portals: defer probe after bman's probe - net: hns3: Fix for rx vlan id handle to support Rev 0x21 hardware - tc-testing: fix build of eBPF programs - remoteproc: Check for NULL firmwares in sysfs interface - remoteproc: qcom: q6v5: Fix a race condition on fatal crash - kexec: Allocate decrypted control pages for kdump if SME is enabled - [x86] olpc: Fix build error with CONFIG_MFD_CS5535=m - dmaengine: rcar-dmac: set scatter/gather max segment size - xfrm: use correct size to initialise sp->ovec - ACPI / SBS: Fix rare oops when removing modules - iwlwifi: mvm: don't send keys when entering D3 - xsk: proper AF_XDP socket teardown ordering - [amd64] fsgsbase: Fix ptrace() to read the FS/GS base accurately - mmc: renesas_sdhi_internal_dmac: Whitelist r8a774a1 - mmc: tmio: Fix SCC error detection - mmc: renesas_sdhi_internal_dmac: set scatter/gather max segment size - fbdev: sbuslib: use checked version of put_user() - fbdev: sbuslib: integer overflow in sbusfb_ioctl_helper() - fbdev: fix broken menu dependencies - reset: Fix potential use-after-free in __of_reset_control_get() - bcache: account size of buckets used in uuid write to ca->meta_sectors_written - bcache: recal cached_dev_sectors on detach - [x86] platform: mlx-platform: Properly use mlxplat_mlxcpld_msn201x_items - media: dw9714: Fix error handling in probe function - media: dw9807-vcm: Fix probe error handling - media: cx18: Don't check for address of video_dev - mtd: spi-nor: cadence-quadspi: Use proper enum for dma_[un]map_single - mtd: devices: m25p80: Make sure WRITE_EN is issued before each write - [x86] intel_rdt: Introduce utility to obtain CDP peer - [x86] intel_rdt: CBM overlap should also check for overlap with CDP peer - mmc: mmci: expand startbiterr to irqmask and error check - [s390x] kasan: avoid vdso instrumentation - [s390x] kasan: avoid instrumentation of early C code - [s390x] kasan: avoid user access code instrumentation - [i386] proc/vmcore: Fix i386 build error of missing copy_oldmem_page_encrypted() - backlight: lm3639: Unconditionally call led_classdev_unregister - mfd: ti_am335x_tscadc: Keep ADC interface on if child is wakeup capable - printk: Give error on attempt to set log buffer length to over 2G - media: isif: fix a NULL pointer dereference bug - GFS2: Flush the GFS2 delete workqueue before stopping the kernel threads - media: cx231xx: fix potential sign-extension overflow on large shift - media: venus: vdec: fix decoded data size - [x86] ALSA: hda/ca0132 - Fix input effect controls for desktop cards - lightnvm: pblk: fix rqd.error return value in pblk_blk_erase_sync - lightnvm: pblk: fix incorrect min_write_pgs - lightnvm: pblk: guarantee emeta on line close - lightnvm: pblk: fix write amplificiation calculation - lightnvm: pblk: guarantee mw_cunits on read buffer - lightnvm: do no update csecs and sos on 1.2 - lightnvm: pblk: fix error handling of pblk_lines_init() - lightnvm: pblk: consider max hw sectors supported for max_write_pgs - [x86] kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error - bpf: btf: Fix a missing check bug - net: fix generic XDP to handle if eth header was mangled - gpio: syscon: Fix possible NULL ptr usage - spi: fsl-lpspi: Prevent FIFO under/overrun by default - pinctrl: gemini: Mask and set properly - spi: spidev: Fix OF tree warning logic - [armel,armhf] 8802/1: Call syscall_trace_exit even when system call skipped - [x86] mm: Do not warn about PCI BIOS W+X mappings - orangefs: rate limit the client not running info message - pinctrl: gemini: Fix up TVC clock group - scsi: arcmsr: clean up clang warning on extraneous parentheses - [x86] hwmon: (k10temp) Support all Family 15h Model 6xh and Model 7xh processors - hwmon: (nct6775) Fix names of DIMM temperature sources - hwmon: (pwm-fan) Silence error on probe deferral - hwmon: (ina3221) Fix INA3221_CONFIG_MODE macros - hwmon: (npcm-750-pwm-fan) Change initial pwm target to 255 - selftests: forwarding: Have lldpad_app_wait_set() wait for unknown, too - net: sched: avoid writing on noop_qdisc - netfilter: nft_compat: do not dump private area - misc: cxl: Fix possible null pointer dereference - mac80211: minstrel: fix using short preamble CCK rates on HT clients - mac80211: minstrel: fix CCK rate group streams value - mac80211: minstrel: fix sampling/reporting of CCK rates in HT mode - spi: rockchip: initialize dma_slave_config properly - mlxsw: spectrum_switchdev: Check notification relevance based on upper device - [armhf] dts: omap5: Fix dual-role mode on Super-Speed port - tcp: start receiver buffer autotuning sooner - ACPI / LPSS: Use acpi_lpss_* instead of acpi_subsys_* functions for hibernate - PM / devfreq: Fix static checker warning in try_then_request_governor - tools: PCI: Fix broken pcitest compilation - [ppc64el,powerpc*] time: Fix clockevent_decrementer initalisation for PR KVM - mmc: tmio: fix SCC error handling to avoid false positive CRC error - [x86] resctrl: Fix rdt_find_domain() return value and checks https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.87 - mlxsw: spectrum_router: Fix determining underlay for a GRE tunnel - net/mlx4_en: fix mlx4 ethtool -N insertion - net/mlx4_en: Fix wrong limitation for number of TX rings - net: rtnetlink: prevent underflows in do_setvfinfo() - net/sched: act_pedit: fix WARN() in the traffic path - net: sched: ensure opts_len <= IP_TUNNEL_OPTS_MAX in act_tunnel_key - sfc: Only cancel the PPS workqueue if it exists - net/mlx5e: Fix set vf link state error flow - net/mlxfw: Verify FSM error code translation doesn't exceed array size - net/mlx5: Fix auto group size calculation - vhost/vsock: split packets to send using multiple buffers - gpio: max77620: Fixup debounce delays - tools: gpio: Correctly add make dependencies for gpio_utils - nbd:fix memory leak in nbd_get_socket() - virtio_console: allocate inbufs in add_port() only if it is needed - Revert "fs: ocfs2: fix possible null-pointer dereferences in ocfs2_xa_prepare_entry()" - mm/ksm.c: don't WARN if page is still mapped in remove_stable_node() - [x86] drm/amd/powerplay: issue no PPSMC_MSG_GetCurrPkgPwr on unsupported ASICs - [x86] drm/i915/pmu: "Frequency" is reported as accumulated cycles - [x86] drm/i915/userptr: Try to acquire the page lock around set_page_dirty() - mwifiex: Fix NL80211_TX_POWER_LIMITED - ALSA: isight: fix leak of reference to firewire unit in error path of .probe callback - crypto: testmgr - fix sizeof() on COMP_BUF_SIZE - printk: lock/unlock console only for new logbuf entries - printk: fix integer overflow in setup_log_buf() - pinctrl: madera: Fix uninitialized variable bug in madera_mux_set_mux - PCI: cadence: Write MSI data with 32bits - gfs2: Fix marking bitmaps non-full - pty: fix compat ioctls - synclink_gt(): fix compat_ioctl() - [ppc64] Fix signedness bug in update_flash_db() - [powerpc] boot: Fix opal console in boot wrapper - [ppc64*,powerpc] boot: Disable vector instructions - [ppc64*,powerpc] eeh: Fix null deref for devices removed during EEH - [ppc64*,powerpc] eeh: Fix use of EEH_PE_KEEP on wrong field - EDAC, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() - mt76: do not store aggregation sequence number for null-data frames - mt76x0: phy: fix restore phase in mt76x0_phy_recalibrate_after_assoc - brcmsmac: AP mode: update beacon when TIM changes - ath10k: set probe request oui during driver start - ath10k: allocate small size dma memory in ath10k_pci_diag_write_mem - skd: fixup usage of legacy IO API - cdrom: don't attempt to fiddle with cdo->capability - spi: sh-msiof: fix deferred probing - mmc: mediatek: fill the actual clock for mmc debugfs - mmc: mediatek: fix cannot receive new request when msdc_cmd_is_ready fail - PCI: mediatek: Fix class type for MT7622 to PCI_CLASS_BRIDGE_PCI - btrfs: defrag: use btrfs_mod_outstanding_extents in cluster_pages_for_defrag - btrfs: handle error of get_old_root - gsmi: Fix bug in append_to_eventlog sysfs handler - misc: mic: fix a DMA pool free failure - w1: IAD Register is yet readable trough iad sys file. Fix snprintf (%u for unsigned, count for max size). - [m68k] fix command-line parsing when passed from u-boot - RDMA/bnxt_re: Avoid NULL check after accessing the pointer - RDMA/bnxt_re: Fix qp async event reporting - RDMA/bnxt_re: Avoid resource leak in case the NQ registration fails - pinctrl: sunxi: Fix a memory leak in 'sunxi_pinctrl_build_state()' - pwm: lpss: Only set update bit if we are actually changing the settings - amiflop: clean up on errors during setup - qed: Align local and global PTT to propagate through the APIs. - scsi: ips: fix missing break in switch - nfp: bpf: protect against mis-initializing atomic counters - [x86] KVM: nVMX: reset cache/shadows when switching loaded VMCS - [x86] KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode() - [x86] KVM: Fix invvpid and invept register operand size in 64-bit mode - clk: tegra: Fixes for MBIST work around - scsi: isci: Use proper enumerated type in atapi_d2h_reg_frame_handler - scsi: isci: Change sci_controller_start_task's return type to sci_status - scsi: bfa: Avoid implicit enum conversion in bfad_im_post_vendor_event - scsi: iscsi_tcp: Explicitly cast param in iscsi_sw_tcp_host_get_param - nvmet: avoid integer overflow in the discard code - nvmet-fcloop: suppress a compiler warning - nvme-pci: fix hot removal during error handling - PCI: mediatek: Fixup MSI enablement logic by enabling MSI before clocks - clk: mmp2: fix the clock id for sdh2_clk and sdh3_clk - ASoC: tegra_sgtl5000: fix device_node refcounting - scsi: dc395x: fix dma API usage in srb_done - scsi: dc395x: fix DMA API usage in sg_update_list - scsi: zorro_esp: Limit DMA transfers to 65535 bytes - net: dsa: mv88e6xxx: Fix 88E6141/6341 2500mbps SERDES speed - net: fix warning in af_unix - xfs: fix use-after-free race in xfs_buf_rele - xfs: clear ail delwri queued bufs on unmount of shutdown fs - kprobes, x86/ptrace.h: Make regs_get_kernel_stack_nth() not fault on bad stack - ACPI / scan: Create platform device for INT33FE ACPI nodes - PM / Domains: Deal with multiple states but no governor in genpd - ALSA: i2c/cs8427: Fix int to char conversion - macintosh/windfarm_smu_sat: Fix debug output - PCI: vmd: Detach resources after stopping root bus - USB: misc: appledisplay: fix backlight update_status return code - usbip: tools: fix atoi() on non-null terminated string - sctp: use sk_wmem_queued to check for writable space - dm raid: avoid bitmap with raid4/5/6 journal device - selftests/bpf: fix file resource leak in load_kallsyms - SUNRPC: Fix a compile warning for cmpxchg64() - sunrpc: safely reallow resvport min/max inversion - atm: zatm: Fix empty body Clang warnings - [s390x] perf: Return error when debug_register fails - swiotlb: do not panic on mapping failures - spi: omap2-mcspi: Set FIFO DMA trigger level to word length - [x86] intel_rdt: Prevent pseudo-locking from using stale pointers - sparc: Fix parport build warnings. - [ppc64*,powerpc] pseries: Export raw per-CPU VPA data via debugfs - [ppc64*,powerpc] mm/radix: Fix off-by-one in split mapping logic - [ppc64*,powerpc] mm/radix: Fix overuse of small pages in splitting logic - [ppc64*,powerpc] mm/radix: Fix small page at boundary when splitting - [ppc64*] radix: Fix radix__flush_tlb_collapsed_pmd double flushing pmd - selftests/bpf: fix return value comparison for tests in test_libbpf.sh - tools: bpftool: fix completion for "bpftool map update" - ceph: fix dentry leak in ceph_readdir_prepopulate - ceph: only allow punch hole mode in fallocate - thermal: armada: fix a test in probe() - f2fs: fix to spread clear_cold_data() - f2fs: spread f2fs_set_inode_flags() - mISDN: Fix type of switch control variable in ctrl_teimanager - qlcnic: fix a return in qlcnic_dcb_get_capability() - net: ethernet: ti: cpsw: unsync mcast entries while switch promisc mode - mfd: arizona: Correct calling of runtime_put_sync - mfd: mc13xxx-core: Fix PMIC shutdown when reading ADC values - [x86] mfd: intel_soc_pmic_bxtwc: Chain power button IRQs as well - mfd: max8997: Enale irq-wakeup unconditionally - net: socionext: Stop PHY before resetting netsec - fs/cifs: fix uninitialised variable warnings - spi: uniphier: fix incorrect property items - selftests/ftrace: Fix to test kprobe $comm arg only if available - selftests: watchdog: fix message when /dev/watchdog open fails - selftests: watchdog: Fix error message. - selftests: kvm: Fix -Wformat warnings - selftests: fix warning: "_GNU_SOURCE" redefined - net: ethernet: cadence: fix socket buffer corruption problem - bpf: devmap: fix wrong interface selection in notifier_call - bpf, btf: fix a missing check bug in btf_parse - [sparc64] Rework xchg() definition to avoid warnings. - [arm64] lib: use C string functions with KASAN enabled - fs/ocfs2/dlm/dlmdebug.c: fix a sleep-in-atomic-context bug in dlm_print_one_mle() - mm/page-writeback.c: fix range_cyclic writeback vs writepages deadlock - tools/testing/selftests/vm/gup_benchmark.c: fix 'write' flag usage - mm: thp: fix MADV_DONTNEED vs migrate_misplaced_transhuge_page race condition - macsec: update operstate when lower device changes - macsec: let the administrator set UP state even if lowerdev is down - block: fix the DISCARD request merge - i2c: uniphier-f: make driver robust against concurrency - i2c: uniphier-f: fix occasional timeout error - i2c: uniphier-f: fix race condition when IRQ is cleared - um: Make line/tty semantics use true write IRQ - vfs: avoid problematic remapping requests into partial EOF block - ipv4/igmp: fix v1/v2 switchback timeout based on rfc3376, 8.12 - [ppc64*,powerpc] xmon: Relax frame size for clang - [ppc64*,powerpc] selftests/ptrace: Fix out-of-tree build - [ppc64*,powerpc] selftests/signal: Fix out-of-tree build - [ppc64*,powerpc] selftests/switch_endian: Fix out-of-tree build - [ppc64*,powerpc] selftests/cache_shape: Fix out-of-tree build - block: call rq_qos_exit() after queue is frozen - mm/gup_benchmark.c: prevent integer overflow in ioctl - linux/bitmap.h: handle constant zero-size bitmaps correctly - linux/bitmap.h: fix type of nbits in bitmap_shift_right() - lib/bitmap.c: fix remaining space computation in bitmap_print_to_pagebuf - hfsplus: fix BUG on bnode parent update - hfs: fix BUG on bnode parent update - hfsplus: prevent btree data loss on ENOSPC - hfs: prevent btree data loss on ENOSPC - hfsplus: fix return value of hfsplus_get_block() - hfs: fix return value of hfs_get_block() - hfsplus: update timestamps on truncate() - hfs: update timestamp on truncate() - fs/hfs/extent.c: fix array out of bounds read of array extent - kernel/panic.c: do not append newline to the stack protector panic string - mm/memory_hotplug: make add_memory() take the device_hotplug_lock - mm/memory_hotplug: fix online/offline_pages called w.o. mem_hotplug_lock - [ppc64*,powerprc] powerpc/powernv: hold device_hotplug_lock when calling device_online() - igb: shorten maximum PHC timecounter update interval - fm10k: ensure completer aborts are marked as non-fatal after a resume - [arm64] net: hns3: bugfix for buffer not free problem during resetting - [arm64] net: hns3: bugfix for reporting unknown vector0 interrupt repeatly problem - [arm64] net: hns3: bugfix for is_valid_csq_clean_head() - [arm64] net: hns3: bugfix for hclge_mdio_write and hclge_mdio_read - ntb_netdev: fix sleep time mismatch - [x86] ntb: intel: fix return value for ndev_vec_mask() - irq/matrix: Fix memory overallocation - nvme-pci: fix conflicting p2p resource adds - [arm64] makefile fix build of .i file in external module case - [x86] tools/power turbosat: fix AMD APIC-id output - mm: handle no memcg case in memcg_kmem_charge() properly - ocfs2: without quota support, avoid calling quota recovery - ocfs2: don't use iocb when EIOCBQUEUED returns - ocfs2: don't put and assigning null to bh allocated outside - ocfs2: fix clusters leak in ocfs2_defrag_extent() - net: do not abort bulk send on BQL status - sched/topology: Fix off by one bug - sched/fair: Don't increase sd->balance_interval on newidle balance - openvswitch: fix linking without CONFIG_NF_CONNTRACK_LABELS - [armhf] dts: imx6sx-sdb: Fix enet phy regulator - [arm64] sunxi-ng: enable so-said LDOs for A64 SoC's pll-mipi clock - soc: bcm: brcmstb: Fix re-entry point with a THUMB2_KERNEL - audit: print empty EXECVE args - sock_diag: fix autoloading of the raw_diag module - net: bpfilter: fix iptables failure if bpfilter_umh is disabled - nds32: Fix bug in bitfield.h - media: ov13858: Check for possible null pointer - btrfs: avoid link error with CONFIG_NO_AUTO_INLINE - wil6210: fix debugfs memory access alignment - wil6210: fix L2 RX status handling - wil6210: fix RGF_CAF_ICR address for Talyn-MB - wil6210: fix locking in wmi_call - ath10k: snoc: fix unbalanced clock error handling - wlcore: Fix the return value in case of error in 'wlcore_vendor_cmd_smart_config_start()' - rtl8xxxu: Fix missing break in switch - brcmsmac: never log "tid x is not agg'able" by default - wireless: airo: potential buffer overflow in sprintf() - rtlwifi: rtl8192de: Fix misleading REG_MCUFWDL information - net: dsa: bcm_sf2: Turn on PHY to allow successful registration - scsi: mpt3sas: Fix Sync cache command failure during driver unload - scsi: mpt3sas: Don't modify EEDPTagMode field setting on SAS3.5 HBA devices - scsi: mpt3sas: Fix driver modifying persistent data in Manufacturing page11 - scsi: megaraid_sas: Fix msleep granularity - scsi: megaraid_sas: Fix goto labels in error handling - scsi: lpfc: fcoe: Fix link down issue after 1000+ link bounces - scsi: lpfc: Fix odd recovery in duplicate FLOGIs in point-to-point - scsi: lpfc: Correct loss of fc4 type on remote port address change - usb: typec: tcpm: charge current handling for sink during hard reset - dlm: fix invalid free - dlm: don't leak kernel pointer to userspace - vrf: mark skb for multicast or link-local as enslaved to VRF - clk: tegra20: Turn EMC clock gate into divider - ACPICA: Use %d for signed int print formatting instead of %u - net: bcmgenet: return correct value 'ret' from bcmgenet_power_down - of: unittest: allow base devicetree to have symbol metadata - of: unittest: initialize args before calling of_*parse_*() - tools: bpftool: pass an argument to silence open_obj_pinned() - cfg80211: Prevent regulatory restore during STA disconnect in concurrent interfaces - pinctrl: qcom: spmi-gpio: fix gpio-hog related boot issues - pinctrl: bcm2835: Use define directive for BCM2835_PINCONF_PARAM_PULL - pinctrl: lpc18xx: Use define directive for PIN_CONFIG_GPIO_PIN_INT - pinctrl: zynq: Use define directive for PIN_CONFIG_IO_STANDARD - PCI: keystone: Use quirk to limit MRRS for K2G - nvme-pci: fix surprise removal - spi: omap2-mcspi: Fix DMA and FIFO event trigger size mismatch - i2c: uniphier-f: fix timeout error after reading 8 bytes - mm/memory_hotplug: Do not unlock when fails to take the device_hotplug_lock - ipv6: Fix handling of LLA with VRF and sockets bound to VRF - cfg80211: call disconnect_wk when AP stops - mm/page_io.c: do not free shared swap slots - Bluetooth: Fix invalid-free in bcsp_close() - KVM: MMU: Do not treat ZONE_DEVICE pages as being reserved - ath10k: Fix a NULL-ptr-deref bug in ath10k_usb_alloc_urb_from_pipe - ath9k_hw: fix uninitialized variable data - md/raid10: prevent access of uninitialized resync_pages offset - mm/memory_hotplug: don't access uninitialized memmaps in shrink_zone_span() - net: phy: dp83867: fix speed 10 in sgmii mode - net: phy: dp83867: increase SGMII autoneg timer duration - ocfs2: remove ocfs2_is_o2cb_active() - [arm*] 8904/1: skip nomap memblocks while finding the lowmem/highmem boundary - ARC: perf: Accommodate big-endian CPU - [x86] insn: Fix awk regexp warnings - [x86] speculation: Fix incorrect MDS/TAA mitigation status - [x86] speculation: Fix redundant MDS mitigation message - nbd: prevent memory leak - y2038: futex: Move compat implementation into futex.c - futex: Prevent robust futex exit race - ALSA: usb-audio: Fix NULL dereference at parsing BADD - nfc: port100: handle command failure cleanly - media: vivid: Set vid_cap_streaming and vid_out_streaming to true - media: vivid: Fix wrong locking that causes race conditions on streaming stop (CVE-2019-18683) - media: usbvision: Fix races among open, close, and disconnect - cpufreq: Add NULL checks to show() and store() methods of cpufreq - media: uvcvideo: Fix error path in control parsing failure - media: b2c2-flexcop-usb: add sanity checking - media: cxusb: detect cxusb_ctrl_msg error in query - media: imon: invalid dereference in imon_touch_event - virtio_ring: fix return code on DMA mapping fails - USBIP: add config dependency for SGL_ALLOC - usbip: tools: fix fd leakage in the function of read_attr_usbip_status - usbip: Fix uninitialized symbol 'nents' in stub_recv_cmd_submit() - usb-serial: cp201x: support Mark-10 digital force gauge - USB: chaoskey: fix error case of a timeout - appledisplay: fix error handling in the scheduled work - USB: serial: mos7840: add USB ID to support Moxa UPort 2210 - USB: serial: mos7720: fix remote wakeup - USB: serial: mos7840: fix remote wakeup - USB: serial: option: add support for DW5821e with eSIM support - USB: serial: option: add support for Foxconn T77W968 LTE modules - staging: comedi: usbduxfast: usbduxfast_ai_cmdtest rounding error - [ppc64*] support nospectre_v2 cmdline option - [ppc64*] book3s: Fix link stack flush on context switch (CVE-2019-18660) - [ppc64*, powerpc] PPC: Book3S HV: Flush link stack on guest exit to host kernel - PM / devfreq: Fix kernel oops on governor module load . [ Romain Perier ] * [armel/rpi] Enable CONFIG_BRCMFMAC_SDIO (Closes: #940530) * [armhf, arm64] Backport devicetree for enabling support for the Raspberry PI 3 A+ . [ Salvatore Bonaccorso ] * ixgbe: Fix secpath usage for IPsec TX offload (Closes: #930443) * ipv4: Return -ENETUNREACH if we can't create route but saddr is valid (Closes: #945023) * [x86] KVM: x86: introduce is_pae_paging (Regression in 4.19.77) * [rt] Refresh 0011-sched-fair-Robustify-CFS-bandwidth-timer-locking.patch (context changes in 4.19.84) . [ Bastian Blank ] * [amd64/cloud-amd64] Re-enable RTC drivers. (closes: #931341) . [ Noah Meyerhans ] * drivers/net/ethernet/amazon: Backport driver fixes from Linux 5.4 (Closes: #941291) * Bump ABI to 7 . [ Ben Hutchings ] * debian/bin/genpatch-rt: Fix series generation from git * [rt] Update to 4.19.82-rt30: - Drop changes in "fs/dcache: disable preemption on i_dir_seq's write side" that conflict with "Fix the locking in dcache_readdir() and friends" - Rewrite "fs/aio: simple simple work" using kthread_work - Rewrite "thermal: Defer thermal wakups to threads" using kthread_work - Rewrite "block: blk-mq: move blk_queue_usage_counter_release() into process context" using kthread_work - workqueue: rework . [ Benjamin Poirier ] * tools/perf: Add python3 support to scripts (Closes: #944641) . [ Aurelien Jarno ] * [rt] Refresh 0025-NFSv4-replace-seqcount_t-with-a-seqlock_t.patch (context changes in 4.19.86) * [rt] Refresh 0202-net-Qdisc-use-a-seqlock-instead-seqcount.patch (context changes in 4.19.86) * [rt] Refresh 0057-printk-Add-a-printk-kill-switch.patch (context changes in 4.19.87) * [rt] Refresh 0207-printk-Make-rt-aware.patch (context changes in 4.19.87) linux (4.19.67-2+deb10u2) buster-security; urgency=high . * [x86] Add mitigation for TSX Asynchronous Abort (CVE-2019-11135): - KVM: x86: use Intel speculation bugs and features as derived in generic x86 code - x86/msr: Add the IA32_TSX_CTRL MSR - x86/cpu: Add a helper function x86_read_arch_cap_msr() - x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default - x86/speculation/taa: Add mitigation for TSX Async Abort - x86/speculation/taa: Add sysfs reporting for TSX Async Abort - kvm/x86: Export MDS_NO=0 to guests when TSX is enabled - x86/tsx: Add "auto" option to the tsx= cmdline parameter - x86/speculation/taa: Add documentation for TSX Async Abort - x86/tsx: Add config options to set tsx=on|off|auto - x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs TSX is now disabled by default; see Documentation/admin-guide/hw-vuln/tsx_async_abort.rst * [x86] KVM: Add mitigation for Machine Check Error on Page Size Change (aka iTLB multi-hit, CVE-2018-12207): - kvm: Convert kvm_lock to a mutex - kvm: x86: Do not release the page inside mmu_set_spte() - KVM: x86: make FNAME(fetch) and __direct_map more similar - KVM: x86: remove now unneeded hugepage gfn adjustment - KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON - KVM: x86: add tracepoints around __direct_map and FNAME(fetch) - kvm: x86, powerpc: do not allow clearing largepages debugfs entry - KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active - x86/bugs: Add ITLB_MULTIHIT bug infrastructure - cpu/speculation: Uninline and export CPU mitigations helpers - kvm: mmu: ITLB_MULTIHIT mitigation - kvm: Add helper function for creating VM worker threads - kvm: x86: mmu: Recovery of shattered NX large pages - Documentation: Add ITLB_MULTIHIT documentation * [x86] i915: Mitigate local privilege escalation on gen9 (CVE-2019-0155): - drm/i915: Rename gen7 cmdparser tables - drm/i915: Disable Secure Batches for gen6+ - drm/i915: Remove Master tables from cmdparser - drm/i915: Add support for mandatory cmdparsing - drm/i915: Support ro ppgtt mapped cmdparser shadow buffers - drm/i915: Allow parsing of unsized batches - drm/i915: Add gen9 BCS cmdparsing - drm/i915/cmdparser: Use explicit goto for error paths - drm/i915/cmdparser: Add support for backward jumps - drm/i915/cmdparser: Ignore Length operands during command matching - drm/i915/cmdparser: Fix jump whitelist clearing * [x86] i915: Mitigate local denial-of-service on gen8/gen9 (CVE-2019-0154): - drm/i915: Lower RM timeout to avoid DSI hard hangs - drm/i915/gen8+: Add RC6 CTX corruption WA linux (4.19.67-2+deb10u2~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports; no further changes required . linux (4.19.67-2+deb10u2) buster-security; urgency=high . * [x86] Add mitigation for TSX Asynchronous Abort (CVE-2019-11135): - KVM: x86: use Intel speculation bugs and features as derived in generic x86 code - x86/msr: Add the IA32_TSX_CTRL MSR - x86/cpu: Add a helper function x86_read_arch_cap_msr() - x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default - x86/speculation/taa: Add mitigation for TSX Async Abort - x86/speculation/taa: Add sysfs reporting for TSX Async Abort - kvm/x86: Export MDS_NO=0 to guests when TSX is enabled - x86/tsx: Add "auto" option to the tsx= cmdline parameter - x86/speculation/taa: Add documentation for TSX Async Abort - x86/tsx: Add config options to set tsx=on|off|auto - x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs TSX is now disabled by default; see Documentation/admin-guide/hw-vuln/tsx_async_abort.rst * [x86] KVM: Add mitigation for Machine Check Error on Page Size Change (aka iTLB multi-hit, CVE-2018-12207): - kvm: Convert kvm_lock to a mutex - kvm: x86: Do not release the page inside mmu_set_spte() - KVM: x86: make FNAME(fetch) and __direct_map more similar - KVM: x86: remove now unneeded hugepage gfn adjustment - KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON - KVM: x86: add tracepoints around __direct_map and FNAME(fetch) - kvm: x86, powerpc: do not allow clearing largepages debugfs entry - KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active - x86/bugs: Add ITLB_MULTIHIT bug infrastructure - cpu/speculation: Uninline and export CPU mitigations helpers - kvm: mmu: ITLB_MULTIHIT mitigation - kvm: Add helper function for creating VM worker threads - kvm: x86: mmu: Recovery of shattered NX large pages - Documentation: Add ITLB_MULTIHIT documentation * [x86] i915: Mitigate local privilege escalation on gen9 (CVE-2019-0155): - drm/i915: Rename gen7 cmdparser tables - drm/i915: Disable Secure Batches for gen6+ - drm/i915: Remove Master tables from cmdparser - drm/i915: Add support for mandatory cmdparsing - drm/i915: Support ro ppgtt mapped cmdparser shadow buffers - drm/i915: Allow parsing of unsized batches - drm/i915: Add gen9 BCS cmdparsing - drm/i915/cmdparser: Use explicit goto for error paths - drm/i915/cmdparser: Add support for backward jumps - drm/i915/cmdparser: Ignore Length operands during command matching - drm/i915/cmdparser: Fix jump whitelist clearing * [x86] i915: Mitigate local denial-of-service on gen8/gen9 (CVE-2019-0154): - drm/i915: Lower RM timeout to avoid DSI hard hangs - drm/i915/gen8+: Add RC6 CTX corruption WA linux-latest (105+deb10u3) buster; urgency=medium . * Update to 4.19.0-8 linux-latest (105+deb10u2) buster; urgency=medium . * Update to 4.19.0-7 linux-signed-amd64 (4.19.98+1) buster; urgency=medium . * Sign kernel from linux 4.19.98-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.88 - [arm64] clk: meson: gxbb: let sar_adc_clk_div set the parent clock rate - ASoC: compress: fix unsigned integer overflow check - reset: Fix memory leak in reset_control_array_put() - [armhf] clk: samsung: exynos5433: Fix error paths - [armel/marvell,armhf] ASoC: kirkwood: fix external clock probe defer - [armel/marvell,armhf] ASoC: kirkwood: fix device remove ordering - [armhf] clk: samsung: exynos5420: Preserve PLL configuration during suspend/resume - [x86] pinctrl: cherryview: Allocate IRQ chip dynamic - [armhf] dts: imx6qdl-sabreauto: Fix storm of accelerometer interrupts - reset: fix reset_control_ops kerneldoc comment - [armhf,arm64] clk: sunxi: Fix operator precedence in sunxi_divs_clk_setup - [armhf] clk: sunxi-ng: a80: fix the zero'ing of bits 16 and 18 - [armhf] dts: sun8i-a83t-tbs-a711: Fix WiFi resume from suspend - [ppc64el] bpf: Fix tail call implementation - idr: Fix integer overflow in idr_for_each_entry - idr: Fix idr_alloc_u32 on 32-bit systems - [x86] resctrl: Prevent NULL pointer dereference when reading mondata - [armhf] clk: ti: dra7-atl-clock: Remove ti_clk_add_alias call - [armhf] clk: ti: clkctrl: Fix failed to enable error with double udelay timeout - bridge: ebtables: don't crash when using dnat target in output chains - can: peak_usb: report bus recovery as well - can: rx-offload: can_rx_offload_queue_tail(): fix error handling, avoid skb mem leak - can: rx-offload: can_rx_offload_offload_one(): do not increase the skb_queue beyond skb_queue_len_max - can: rx-offload: can_rx_offload_offload_one(): increment rx_fifo_errors on queue overflow or OOM - can: rx-offload: can_rx_offload_offload_one(): use ERR_PTR() to propagate error value in case of errors - can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on error - can: rx-offload: can_rx_offload_irq_offload_fifo(): continue on error - [armhf] can: flexcan: increase error counters if skb enqueueing via can_rx_offload_queue_sorted() fails - [arm64] watchdog: meson: Fix the wrong value of left time - ceph: return -EINVAL if given fsc mount option on kernel w/o support - net/fq_impl: Switch to kvmalloc() for memory allocation - mac80211: fix station inactive_time shortly after boot - block: drbd: remove a stray unlock in __drbd_send_protocol() - scsi: target/tcmu: Fix queue_cmd_ring() declaration - scsi: lpfc: Fix kernel Oops due to null pring pointers - scsi: lpfc: Fix dif and first burst use in write commands - tracing: Lock event_mutex before synth_event_mutex - [armhf] dts: imx*: Fix memory node duplication - [armhf] dts: Fix hsi gdd range for omap4 - [arm64] mm: Prevent mismatched 52-bit VA support - [arm64] smp: Handle errors reported by the firmware - [armhf] bus: ti-sysc: Check for no-reset and no-idle flags at the child level - [arm64] RDMA/hns: Fix the bug while use multi-hop of pbl - [x86] RDMA/vmw_pvrdma: Use atomic memory allocation in create AH - [armhf] PM / AVS: SmartReflex: NULL check before some freeing functions is not needed - xfs: zero length symlinks are not valid - ACPI / LPSS: Ignore acpi_device_fix_up_power() return value - scsi: lpfc: Enable Management features for IF_TYPE=6 - scsi: qla2xxx: Fix NPIV handling for FC-NVMe - scsi: qla2xxx: Fix for FC-NVMe discovery for NPIV port - nvme: provide fallback for discard alloc failure - [s390x] zcrypt: make sysfs reset attribute trigger queue reset - crypto: user - support incremental algorithm dumps - mwifiex: fix potential NULL dereference and use after free - mwifiex: debugfs: correct histogram spacing, formatting - brcmfmac: set F2 watermark to 256 for 4373 - brcmfmac: set SDIO F1 MesBusyCtrl for CYW4373 - rtl818x: fix potential use after free - bcache: do not check if debug dentry is ERR or NULL explicitly on remove - bcache: do not mark writeback_running too early - xfs: require both realtime inodes to mount - nvme: fix kernel paging oops - ubifs: Fix default compression selection in ubifs - ubi: Put MTD device after it is not used - ubi: Do not drop UBI device reference before using - iwlwifi: move iwl_nvm_check_version() into dvm - iwlwifi: mvm: force TCM re-evaluation on TCM resume - iwlwifi: pcie: fix erroneous print - iwlwifi: pcie: set cmd_len in the correct place - [armhf,arm64] gpio: pca953x: Fix AI overflow on PCAL6524 - gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB - [x86] kvm: vmx: Set IA32_TSC_AUX for legacy mode guests - [x86] Revert "KVM: nVMX: reset cache/shadows when switching loaded VMCS" - [x86] Revert "KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode()" - VSOCK: bind to random port for VMADDR_PORT_ANY - [amd64] mmc: meson-gx: make sure the descriptor is stopped on errors - [armhf] mtd: rawnand: sunxi: Write pageprog related opcodes to WCMD_SET - [armhf] usb: ehci-omap: Fix deferred probe for phy handling - btrfs: Check for missing device before bio submission in btrfs_map_bio - btrfs: fix ncopies raid_attr for RAID56 - btrfs: dev-replace: set result code of cancel by status of scrub - Btrfs: allow clear_extent_dirty() to receive a cached extent state record - btrfs: only track ref_heads in delayed_ref_updates - [x86] HID: intel-ish-hid: fixes incorrect error handling - serial: 8250: Rate limit serial port rx interrupts during input overruns - [x86] kprobes/xen: blacklist non-attachable xen interrupt functions - xen/pciback: Check dev_data before using it - kprobes: Blacklist symbols in arch-defined prohibited area - [amd64] kprobes: Show x86-64 specific blacklisted symbols correctly - [armhf] memory: omap-gpmc: Get the header of the enum - net/mlx5: Continue driver initialization despite debugfs failure - netfilter: nf_nat_sip: fix RTP/RTCP source port translations - exofs_mount(): fix leaks on failure exits - bnxt_en: Return linux standard errors in bnxt_ethtool.c - bnxt_en: Save ring statistics before reset. - bnxt_en: query force speeds before disabling autoneg mode. - [s390x] KVM: unregister debug feature on failing arch init - dm flakey: Properly corrupt multi-page bios. - gfs2: take jdata unstuff into account in do_grow - dm raid: fix false -EBUSY when handling check/repair message - xfs: Align compat attrlist_by_handle with native implementation. - xfs: Fix bulkstat compat ioctls on x32 userspace. - IB/qib: Fix an error code in qib_sdma_verbs_send() - vxlan: Fix error path in __vxlan_dev_create() - [ppc64el] xmon: fix dump_segments() - drivers/regulator: fix a missing check of return value - Bluetooth: hci_bcm: Handle specific unknown packets after firmware loading - RDMA/srp: Propagate ib_post_send() failures to the SCSI mid-layer - scsi: qla2xxx: deadlock by configfs_depend_item - scsi: csiostor: fix incorrect dma device in case of vport - brcmfmac: Fix access point mode - ath6kl: Only use match sets when firmware supports it - ath6kl: Fix off by one error in scan completion - [ppc64el] perf: Fix unit_sel/cache_sel checks - [ppc64el] prom: fix early DEBUG messages - [ppc64el] mm: Make NULL pointer deferences explicit on bad page faults. - [ppc64el] vfio/spapr_tce: Get rid of possible infinite loop - [ppc64el] powernv/eeh/npu: Fix uninitialized variables in opal_pci_eeh_freeze_status - drbd: ignore "all zero" peer volume sizes in handshake - drbd: reject attach of unsuitable uuids even if connected - drbd: do not block when adjusting "disk-options" while IO is frozen - drbd: fix print_st_err()'s prototype to match the definition - IB/rxe: Make counters thread safe - bpf/cpumap: make sure frame_size for build_skb is aligned if headroom isn't - [armhf] regulator: tps65910: fix a missing check of return value - [ppc64el] powerpc/pseries: Fix node leak in update_lmb_associativity_index() - net/netlink_compat: Fix a missing check of nla_parse_nested - net/net_namespace: Check the return value of register_pernet_subsys() - f2fs: fix block address for __check_sit_bitmap - f2fs: fix to dirty inode synchronously - [armhf] net: dsa: bcm_sf2: Propagate error value from mdio_write - atl1e: checking the status of atl1e_write_phy_reg - tipc: fix a missing check of genlmsg_put - net: marvell: fix a missing check of acpi_match_device - ocfs2: clear journal dirty flag after shutdown journal - vmscan: return NODE_RECLAIM_NOSCAN in node_reclaim() when CONFIG_NUMA is n - mm/page_alloc.c: free order-0 pages through PCP in page_frag_free() - mm/page_alloc.c: use a single function to free page - mm/page_alloc.c: deduplicate __memblock_free_early() and memblock_free() - netfilter: nf_tables: fix a missing check of nla_put_failure - xprtrdma: Prevent leak of rpcrdma_rep objects - infiniband/qedr: Potential null ptr dereference of qp - lib/genalloc.c: fix allocation of aligned buffer from non-aligned chunk - lib/genalloc.c: use vzalloc_node() to allocate the bitmap - drivers/base/platform.c: kmemleak ignore a known leak - lib/genalloc.c: include vmalloc.h - mtd: Check add_mtd_device() ret code - tipc: fix memory leak in tipc_nl_compat_publ_dump - net/core/neighbour: tell kmemleak about hash tables - [armhf,arm64] ata: ahci: mvebu: do Armada 38x configuration only on relevant SoCs - PCI/MSI: Return -ENOSPC from pci_alloc_irq_vectors_affinity() - net/core/neighbour: fix kmemleak minimal reference count for hash tables - serial: 8250: Fix serial8250 initialization crash - [armhf] gpu: ipu-v3: pre: don't trigger update if buffer address doesn't change - sfc: suppress duplicate nvmem partition types in efx_ef10_mtd_probe - ip_tunnel: Make none-tunnel-dst tunnel port work with lwtunnel - decnet: fix DN_IFREQ_SIZE - net/smc: prevent races between smc_lgr_terminate() and smc_conn_free() - net/smc: don't wait for send buffer space when data was already sent - mm/hotplug: invalid PFNs from pfn_to_online_page() - xfs: end sync buffer I/O properly on shutdown error - net/smc: fix sender_free computation - blktrace: Show requests without sector - net/smc: fix byte_order for rx_curs_confirmed - tipc: fix skb may be leaky in tipc_link_input - sfc: initialise found bitmap in efx_ef10_mtd_probe - geneve: change NET_UDP_TUNNEL dependency to select - net: fix possible overflow in __sk_mem_raise_allocated() - net: ip_gre: do not report erspan_ver for gre or gretap - net: ip6_gre: do not report erspan_ver for ip6gre or ip6gretap - sctp: don't compare hb_timer expire date before starting it - bpf: decrease usercnt if bpf_map_new_fd() fails in bpf_map_get_fd_by_id() - mmc: core: align max segment size with logical block size - net: dev: Use unsigned integer as an argument to left-shift - kvm: properly check debugfs dentry before using it - bpf: drop refcount if bpf_map_new_fd() fails in map_create() - [arm64] net: hns3: Change fw error code NOT_EXEC to NOT_SUPPORTED - [arm64] net: hns3: fix PFC not setting problem for DCB module - [arm64] net: hns3: fix an issue for hclgevf_ae_get_hdev - [arm64] net: hns3: fix an issue for hns3_update_new_int_gl - [x86] iommu/amd: Fix NULL dereference bug in match_hid_uid - apparmor: delete the dentry in aafs_remove() to avoid a leak - scsi: libsas: Support SATA PHY connection rate unmatch fixing during discovery - ACPI / APEI: Don't wait to serialise with oops messages when panic()ing - ACPI / APEI: Switch estatus pool to use vmalloc memory - [arm64] scsi: hisi_sas: shutdown axi bus to avoid exception CQ returned - scsi: libsas: Check SMP PHY control function result - [arm64] RDMA/hns: Fix the bug with updating rq head pointer when flush cqe - [arm64] RDMA/hns: Bugfix for the scene without receiver queue - [arm64] RDMA/hns: Fix the state of rereg mr - [arm64] RDMA/hns: Use GFP_ATOMIC in hns_roce_v2_modify_qp - ASoC: rt5645: Headphone Jack sense inverts on the LattePanda board - [ppc64el] pseries/dlpar: Fix a missing check in dlpar_parse_cc_property() (CVE-2019-12614) - xdp: fix cpumap redirect SKB creation bug - mtd: Remove a debug trace in mtdpart.c - [s390x] mm, gup: add missing refcount overflow checks on s390 - [armhf,arm64] usb: dwc2: use a longer core rest timeout in dwc2_core_reset() - staging: rtl8192e: fix potential use after free - staging: rtl8723bs: Drop ACPI device ids - staging: rtl8723bs: Add 024c:0525 to the list of SDIO device-ids - USB: serial: ftdi_sio: add device IDs for U-Blox C099-F9P - [x86] mei: bus: prefix device names on bus with the bus name - [x86] mei: me: add comet point V device id - thunderbolt: Power cycle the router if NVM authentication fails - xfrm: Fix memleak on xfrm state destroy - media: v4l2-ctrl: fix flags for DO_WHITE_BALANCE - [arm64] net: macb: fix error format in dev_err() - pwm: Clear chip_data in pwm_put() - macvlan: schedule bc_work even if error - net: psample: fix skb_over_panic - openvswitch: fix flow command message size - sctp: Fix memory leak in sctp_sf_do_5_2_4_dupcook - slip: Fix use-after-free Read in slip_open - openvswitch: drop unneeded BUG_ON() in ovs_flow_cmd_build_info() - openvswitch: remove another BUG_ON() - tipc: fix link name length check - sctp: cache netns in sctp_ep_common - net: sched: fix `tc -s class show` no bstats on class with nolock subqueues - [arm64] net: macb: add missed tasklet_kill - ext4: add more paranoia checking in ext4_expand_extra_isize handling (CVE-2019-19767) - [arm64] net: macb: Fix SUBNS increment and increase resolution - [arm64] net: macb driver, check for SKBTX_HW_TSTAMP - mtd: spi-nor: cast to u64 to avoid uint overflows - tcp: exit if nothing to retransmit on RTO timeout - HID: core: check whether Usage Page item is after Usage ID items - [x86] platform: hp-wmi: Fix ACPI errors caused by too small buffer - [x86] platform: hp-wmi: Fix ACPI errors caused by passing 0 as input size https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.89 - rsi: release skb if rsi_prepare_beacon fails (CVE-2019-19071) - [arm64] tegra: Fix 'active-low' warning for Jetson TX1 regulator - usb: gadget: u_serial: add missing port entry locking - [arm64] tty: serial: msm_serial: Fix flow control - [armhf,arm64] serial: pl011: Fix DMA ->flush_buffer() - serial: serial_core: Perform NULL checks for break_ctl ops - autofs: fix a leak in autofs_expire_indirect() - [arm64] RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN - iwlwifi: pcie: don't consider IV len in A-MSDU - exportfs_decode_fh(): negative pinned may become positive without the parent locked - audit_get_nd(): don't unlock parent too early - xfrm: release device reference for invalid state - sched/core: Avoid spurious lock dependencies - perf/core: Consistently fail fork on allocation failures - ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed() - [armhf,arm64] drm/sun4i: tcon: Set min division of TCON0_DCLK to 1. - rsxx: add missed destroy_workqueue calls in remove - i2c: core: fix use after free in of_i2c_notify - serial: core: Allow processing sysrq at port unlock time - cxgb4vf: fix memleak in mac_hlist initialization - iwlwifi: mvm: synchronize TID queue removal - iwlwifi: trans: Clear persistence bit when starting the FW - iwlwifi: mvm: Send non offchannel traffic via AP sta - [armhf] 8813/1: Make aligned 2-byte getuser()/putuser() atomic on ARMv6+ - audit: Embed key into chunk - netfilter: nf_tables: don't use position attribute on rule replacement - net/mlx5: Release resource on error flow - [arm64] clk: sunxi-ng: a64: Fix gate bit of DSI DPHY - ice: Fix NVM mask defines - dlm: fix possible call to kfree() for non-initialized pointer - [armhf] dts: exynos: Fix LDO13 min values on Odroid XU3/XU4/HC1 - [armhf,arm64] rtc: max77686: Fix the returned value in case of error in 'max77686_rtc_read_time()' - i40e: don't restart nway if autoneg not supported - virtchnl: Fix off by one error - [armhf] clk: rockchip: fix rk3188 sclk_smc gate data - [armhf] clk: rockchip: fix rk3188 sclk_mac_lbtest parameter ordering - [armhf] dts: rockchip: Fix rk3288-rock2 vcc_flash name - dlm: fix missing idr_destroy for recover_idr - [armhf,arm64] net: dsa: mv88e6xxx: Work around mv886e6161 SERDES missing MII_PHYSID2 - [s390x] scsi: zfcp: update kernel message for invalid FCP_CMND length, it's not the CDB - [s390x] scsi: zfcp: drop default switch case which might paper over missing case - [armhf] bus: ti-sysc: Fix getting optional clocks in clock_roles - [armhf] dts: imx6: RDU2: fix eGalax touchscreen node - crypto: ecc - check for invalid values in the key verification test - crypto: bcm - fix normal/non key hash algorithm failure - [arm64] dts: zynqmp: Fix node names which contain "_" - [arm64] pinctrl: qcom: ssbi-gpio: fix gpio-hog related boot issues - [arm*] firmware: raspberrypi: Fix firmware calls with large buffers - mm/vmstat.c: fix NUMA statistics updates - [arm64] clk: rockchip: fix I2S1 clock gate register for rk3328 - [arm64] clk: rockchip: fix ID of 8ch clock of I2S1 for rk3328 - sctp: count sk_wmem_alloc by skb truesize in sctp_packet_transmit - regulator: Fix return value of _set_load() stub - USB: serial: f81534: fix reading old/new IC config - xfs: extent shifting doesn't fully invalidate page cache - net-next/hinic:fix a bug in set mac address - net-next/hinic: fix a bug in rx data flow - ice: Fix return value from NAPI poll - ice: Fix possible NULL pointer de-reference - iomap: FUA is wrong for DIO O_DSYNC writes into unwritten extents - iomap: sub-block dio needs to zeroout beyond EOF - iomap: dio data corruption and spurious errors when pipes fill - iomap: readpages doesn't zero page tail beyond EOF - iw_cxgb4: only reconnect with MPAv1 if the peer aborts - [mips*/octeon] octeon-platform: fix typing - net/smc: use after free fix in smc_wr_tx_put_slot() - [armhf] dts: exynos: Use Samsung SoC specific compatible for DWC2 module - media: pulse8-cec: return 0 when invalidating the logical address - media: cec: report Vendor ID after initialization - iwlwifi: fix cfg structs for 22000 with different RF modules - net/ipv6: re-do dad when interface has IFF_NOARP flag change - [x86] dmaengine: dw-dmac: implement dma protection control setting - [armhf,arm64] usb: dwc3: debugfs: Properly print/set link state for HS - [armhf,arm64] usb: dwc3: don't log probe deferrals; but do log other error codes - ACPI: fix acpi_find_child_device() invocation in acpi_preset_companion() - f2fs: fix to account preflush command for noflush_merge mode - f2fs: fix count of seg_freed to make sec_freed correct - f2fs: change segment to section in f2fs_ioc_gc_range - [armhf] dts: rockchip: Fix the PMU interrupt number for rv1108 - [armhf] dts: rockchip: Assign the proper GPIO clocks for rv1108 - f2fs: fix to allow node segment for GC by ioctl path - nvme: Free ctrl device name on init failure - dma-mapping: fix return type of dma_set_max_seg_size() - [armhf] serial: imx: fix error handling in console_setup - [armhf] i2c: imx: don't print error message on probe defer - [arm64] clk: meson: Fix GXL HDMI PLL fractional bits width - [armhf,arm64] gpu: host1x: Fix syncpoint ID field size on Tegra186 - lockd: fix decoding of TEST results - sctp: increase sk_wmem_alloc when head->truesize is increased - [x86] iommu/amd: Fix line-break in error log reporting - [armhf] dts: sun8i: a23/a33: Fix OPP DTC warnings - [armhf] dts: sun8i: v3s: Change pinctrl nodes to avoid warning - nfsd: fix a warning in __cld_pipe_upcall() - bpf: btf: implement btf_name_valid_identifier() - bpf: btf: check name validity for various types - [armhf] OMAP1/2: fix SoC name printing - [arm64] dts: meson-gxl-libretech-cc: fix GPIO lines names - [arm64] dts: meson-gxbb-nanopi-k2: fix GPIO lines names - [arm64] dts: meson-gxbb-odroidc2: fix GPIO lines names - [arm64] dts: meson-gxl-khadas-vim: fix GPIO lines names - net/x25: fix called/calling length calculation in x25_parse_address_block - net/x25: fix null_x25_address handling - tcp: make tcp_space() aware of socket backlog - tcp: fix off-by-one bug on aborting window-probing socket - tcp: fix SNMP under-estimation on failed retransmission - tcp: fix SNMP TCP timeout under-estimation - kbuild: fix single target build for external module - mtd: fix mtd_oobavail() incoherent returned value - [arm64] clk: meson: meson8b: fix the offset of vid_pll_dco's N value - [armhf,arm64] clk: sunxi-ng: h3/h5: Fix CSI_MCLK parent - [arm64] clk: qcom: Fix MSM8998 resets - dlm: fix invalid cluster name warning - net/mlx4_core: Fix return codes of unsupported operations - pstore/ram: Avoid NULL deref in ftrace merging failure path - [mips*/octeon] cvmx_pko_mem_debug8: use oldest forward compatible definition - nfsd: Return EPERM, not EACCES, in some SETATTR cases - media: uvcvideo: Abstract streaming object lifetime - [armhf] dts: sun8i: h3: Fix the system-control register range - tty: Don't block on IO when ldisc change is pending - media: stkwebcam: Bugfix for wrong return values - sctp: frag_point sanity check - IB/hfi1: Ignore LNI errors before DC8051 transitions to Polling state - IB/hfi1: Close VNIC sdma_progress sleep window - mlx4: Use snprintf instead of complicated strcpy - [armhf] dts: sunxi: Fix PMU compatible strings - [armhf] dts: am335x-pdu001: Fix polarity of card detection input - net: aquantia: fix RSS table and key sizes - sched/fair: Scale bandwidth quota and period without losing quota/period ratio precision - fuse: verify nlink - fuse: verify attributes - [x86] ALSA: hda/realtek - Enable internal speaker of ASUS UX431FLC - [x86] ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop - [x86] ALSA: hda/realtek - Dell headphone has noise on unmute for ALC236 - ALSA: pcm: oss: Avoid potential buffer overflows - [x86] ALSA: hda - Add mute led support for HP ProBook 645 G4 - [x86] Input: synaptics - switch another X1 Carbon 6 to RMI/SMbus - [x86] Input: synaptics-rmi4 - re-enable IRQs in f34v7_do_reflash - [x86] Input: synaptics-rmi4 - don't increment rmiaddr for SMBus transfers - [x86] Input: goodix - add upside-down quirk for Teclast X89 tablet - Input: Fix memory leak in psxpad_spi_probe - [i386] mm: Sync only to VMALLOC_END in vmalloc_sync_all() - [x86] PCI: Avoid AMD FCH XHCI USB PME# from D0 defect - xfrm interface: fix memory leak on creation - xfrm interface: avoid corruption on changelink - xfrm interface: fix list corruption for x-netns - xfrm interface: fix management of phydev - CIFS: Fix NULL-pointer dereference in smb2_push_mandatory_locks - CIFS: Fix SMB2 oplock break processing - tty: vt: keyboard: reject invalid keycodes - can: slcan: Fix use-after-free Read in slcan_open - kernfs: fix ino wrap-around detection - jbd2: Fix possible overflow in jbd2_log_space_left() - [arm64] drm/msm: fix memleak on release - [i386] drm/i810: Prevent underflow in ioctl - [armhf,arm64] KVM: vgic: Don't rely on the wrong pending table - [x86] KVM: do not modify masked bits of shared MSRs - [x86] KVM: fix presentation of TSX feature in ARCH_CAPABILITIES - [x86] KVM: Grab KVM's srcu lock when setting nested state - crypto: af_alg - cast ki_complete ternary op to int - [x86] crypto: ccp - fix uninitialized list head - crypto: ecdh - fix big endian bug in ECC library - crypto: user - fix memory leak in crypto_report (CVE-2019-19062) - mwifiex: update set_mac_address logic - can: ucan: fix non-atomic allocation in completion handler - RDMA/qib: Validate ->show()/store() callbacks before calling them - iomap: Fix pipe page leakage during splicing - thermal: Fix deadlock in thermal thermal_zone_device_check - vcs: prevent write access to vcsu devices (CVE-2019-19252) - binder: Fix race between mmap() and binder_alloc_print_pages() - binder: Handle start==NULL in binder_update_page_range() - ALSA: hda - Fix pending unsol events at shutdown - perf script: Fix invalid LBR/binary mismatch error - splice: don't read more than available pipe space - iomap: partially revert 4721a601099 (simulated directio short read on EFAULT) - xfs: add missing error check in xfs_prepare_shift() - ASoC: rsnd: fixup MIX kctrl registration - [x86] KVM: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332) - net: qrtr: fix memort leak in qrtr_tun_write_iter (CVE-2019-19079) - appletalk: Fix potential NULL pointer dereference in unregister_snap_client (CVE-2019-19227) - appletalk: Set error code if register_snap_client failed https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.90 - usb: gadget: configfs: Fix missing spin_lock_init() - [x86] usb: gadget: pch_udc: fix use after free - scsi: qla2xxx: Fix driver unload hang - [arm64] media: venus: remove invalid compat_ioctl32 handler - USB: uas: honor flag to avoid CAPACITY16 - USB: uas: heed CAPACITY_HEURISTICS - usb: Allow USB device to be warm reset in suspended state - staging: rtl8188eu: fix interface sanity check - staging: rtl8712: fix interface sanity check - staging: gigaset: fix general protection fault on probe - staging: gigaset: fix illegal free on probe errors - staging: gigaset: add endpoint-type sanity check - usb: xhci: only set D3hot for pci device - xhci: Fix memory leak in xhci_add_in_port() - xhci: Increase STS_HALT timeout in xhci_suspend() - xhci: handle some XHCI_TRUST_TX_LENGTH quirks cases as default behaviour. - [armhf] dts: pandora-common: define wl1251 as child node of mmc3 - [x86] iio: imu: inv_mpu6050: fix temperature reporting using bad unit - USB: atm: ueagle-atm: add missing endpoint check - USB: idmouse: fix interface sanity checks - USB: serial: io_edgeport: fix epic endpoint lookup - usb: roles: fix a potential use after free - USB: adutux: fix interface sanity check - usb: core: urb: fix URB structure initialization function - usb: mon: Fix a deadlock in usbmon between mmap and read - tpm: add check after commands attribs tab allocation - virtio-balloon: fix managed page counts when migrating pages between zones - [armhf,arm64] usb: dwc3: gadget: Fix logical condition - [armhf,arm64] usb: dwc3: ep0: Clear started flag on completion - btrfs: check page->mapping when loading free space cache - btrfs: use refcount_inc_not_zero in kill_all_nodes - Btrfs: fix metadata space leak on fixup worker failure to set range as delalloc - Btrfs: fix negative subv_writers counter and data space leak after buffered write - btrfs: Avoid getting stuck during cyclic writebacks - btrfs: Remove btrfs_bio::flags member - Btrfs: send, skip backreference walking for extents with many references - btrfs: record all roots for rename exchange on a subvol - rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address - rtlwifi: rtl8192de: Fix missing callback that tests for hw release of buffer - rtlwifi: rtl8192de: Fix missing enable interrupt flag - ovl: fix corner case of non-unique st_dev;st_ino - ovl: relax WARN_ON() on rename to self - [armhf] hwrng: omap - Fix RNG wait loop timeout - dm writecache: handle REQ_FUA - dm zoned: reduce overhead of backing device checks - workqueue: Fix spurious sanity check failures in destroy_workqueue() - workqueue: Fix pwq ref leak in rescuer_thread() - ASoC: rt5645: Fixed buddy jack support. - ASoC: rt5645: Fixed typo for buddy jack support. - ASoC: Jack: Fix NULL pointer dereference in snd_soc_jack_report - md: improve handling of bio with REQ_PREFLUSH in md_flush_request() - blk-mq: avoid sysfs buffer overflow with too many CPU cores - cgroup: pids: use atomic64_t for pids->limit - ar5523: check NULL before memcpy() in ar5523_cmd() - [s390x] mm: properly clear _PAGE_NOEXEC bit when it is not supported - media: cec.h: CEC_OP_REC_FLAG_ values were swapped - cpuidle: Do not unset the driver if it is there already - erofs: zero out when listxattr is called with no xattr - [x86] intel_th: Fix a double put_device() in error path - [x86] intel_th: pci: Add Ice Lake CPU support - [x86] intel_th: pci: Add Tiger Lake CPU support - PM / devfreq: Lock devfreq in trans_stat_show - [ppc64el] cpufreq: powernv: fix stack bloat and hard limit on number of CPUs - ACPI / hotplug / PCI: Allocate resources directly under the non-hotplug bridge - ACPI: OSL: only free map once in osl.c - ACPI: bus: Fix NULL pointer check in acpi_bus_get_private_data() - ACPI: PM: Avoid attaching ACPI PM domain to certain devices - [arm64] pinctrl: armada-37xx: Fix irq mask access in armada_37xx_irq_set_type() - [armhf] pinctrl: samsung: Add of_node_put() before return in error path - [armhf] pinctrl: samsung: Fix device node refcount leaks in Exynos wakeup controller init - [armhf] pinctrl: samsung: Fix device node refcount leaks in init code - [armhf] mmc: host: omap_hsmmc: add code for special init of wl1251 to get rid of pandora_wl1251_init_card - [armhf] dts: omap3-tao3530: Fix incorrect MMC card detection GPIO polarity - ppdev: fix PPGETTIME/PPSETTIME ioctls - [ppc64el] Allow 64bit VDSO __kernel_sync_dicache to work across ranges >4GB - [ppc64el] xive: Prevent page fault issues in the machine crash handler - [ppc64el] Allow flush_icache_range to work across ranges >4GB - [ppc64el] xive: Skip ioremap() of ESB pages for LSI interrupts - video/hdmi: Fix AVI bar unpack - quota: Check that quota is not dirty before release - ext2: check err when partial != NULL - quota: fix livelock in dquot_writeback_dquots - ext4: Fix credit estimate for final inode freeing - reiserfs: fix extended attributes on the root directory - block: fix single range discard merge - [s390x] scsi: zfcp: trace channel log even for FCP command responses - scsi: qla2xxx: Fix DMA unmap leak - scsi: qla2xxx: Fix hang in fcport delete path - scsi: qla2xxx: Fix session lookup in qlt_abort_work() - scsi: qla2xxx: Fix qla24xx_process_bidir_cmd() - scsi: qla2xxx: Always check the qla2x00_wait_for_hba_online() return value - scsi: qla2xxx: Fix message indicating vectors used by driver - scsi: qla2xxx: Fix SRB leak on switch command timeout - xhci: make sure interrupts are restored to correct state - usb: typec: fix use after free in typec_register_port() - [armhf] omap: pdata-quirks: remove openpandora quirks for mmc3 and wl1251 - scsi: lpfc: Cap NPIV vports to 256 - scsi: lpfc: Correct code setting non existent bits in sli4 ABORT WQE - scsi: lpfc: Correct topology type reporting on G7 adapters - sch_cake: Correctly update parent qlen when splitting GSO packets - net/smc: do not wait under send_lock - [arm64] net: hns3: clear pci private data when unload hns3 driver - [arm64] net: hns3: change hnae3_register_ae_dev() to int - [arm64] net: hns3: Check variable is valid before assigning it to another - [arm64] scsi: hisi_sas: send primitive NOTIFY to SSP situation only - [arm64] scsi: hisi_sas: Reject setting programmed minimum linkrate > 1.5G - [x86] MCE/AMD: Turn off MC4_MISC thresholding on all family 0x15 models - [x86] MCE/AMD: Carve out the MC4_MISC thresholding quirk - ath10k: fix fw crash by moving chip reset after napi disabled - [ppc64el] Fix vDSO clock_getres() - ext4: work around deleting a file with i_nlink == 0 safely (CVE-2019-19447) - mm/shmem.c: cast the type of unmap_start to u64 - rtc: disable uie before setting time and enable after - splice: only read in as much information as there is pipe buffer space - ext4: fix a bug in ext4_wait_for_tail_page_commit - [armhf,arm64] mfd: rk808: Fix RK818 ID template - mm, thp, proc: report THP eligibility for each vma - [s390x] smp,vdso: fix ASCE handling - blk-mq: make sure that line break can be printed - workqueue: Fix missing kfree(rescuer) in destroy_workqueue() - perf callchain: Fix segfault in thread__resolve_callchain_sample() - gre: refetch erspan header from skb->data after pskb_may_pull() - sunrpc: fix crash when cache_head become valid before update - net/mlx5e: Fix SFF 8472 eeprom length - leds: trigger: netdev: fix handling on interface rename - gfs2: fix glock reference problem in gfs2_trans_remove_revoke - of: overlay: add_changeset_property() memory leak - kernel/module.c: wakeup processes in module_wq on module unload - cifs: Fix potential softlockups while refreshing DFS cache - [x86] gpiolib: acpi: Add Terra Pad 1061 to the run_edge_events_on_boot_blacklist - raid5: need to set STRIPE_HANDLE for batch head - scsi: qla2xxx: Change discovery state before PLOGI - [x86] iio: imu: mpu6050: add missing available scan masks - idr: Fix idr_get_next_ul race with idr_remove - of: unittest: fix memory leak in attach_node_and_children https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.91 - inet: protect against too small mtu values. - mqprio: Fix out-of-bounds access in mqprio_dump - net: bridge: deny dev_set_mac_address() when unregistering - net: dsa: fix flow dissection on Tx path - net: ethernet: ti: cpsw: fix extra rx interrupt - net: sched: fix dump qlen for sch_mq/sch_mqprio with NOLOCK subqueues - [arm64] net: thunderx: start phy before starting autonegotiation - openvswitch: support asymmetric conntrack - tcp: md5: fix potential overestimation of TCP option space - tipc: fix ordering of tipc module init and exit routine - net/mlx5e: Query global pause state before setting prio2buffer - tcp: fix rejected syncookies due to stale timestamps - tcp: tighten acceptance of ACKs not matching a child socket - tcp: Protect accesses to .ts_recent_stamp with {READ,WRITE}_ONCE() - [arm64] Revert "arm64: preempt: Fix big-endian when checking preempt count in assembly" - mmc: block: Make card_busy_detect() a bit more generic - mmc: block: Add CMD13 polling for MMC IOCTLS with R1B response - PCI/PM: Always return devices to D0 when thawing - PCI: pciehp: Avoid returning prematurely from sysfs requests - [x86] PCI: Fix Intel ACS quirk UPDCR register address - PCI/MSI: Fix incorrect MSI-X masking on resume - [arm64] PCI: Apply Cavium ACS quirk to ThunderX2 and ThunderX3 - [arm64] rpmsg: glink: Set tail pointer to 0 at end of FIFO - [arm64] rpmsg: glink: Fix reuse intents memory leak issue - [arm64] rpmsg: glink: Fix use after free in open_ack TIMEOUT case - [arm64] rpmsg: glink: Put an extra reference during cleanup - [arm64] rpmsg: glink: Fix rpmsg_register_device err handling - [arm64] rpmsg: glink: Don't send pending rx_done during remove - [arm64] rpmsg: glink: Free pending deferred work on remove - cifs: smbd: Return -EAGAIN when transport is reconnecting - cifs: smbd: Add messages on RDMA session destroy and reconnection - cifs: smbd: Return -EINVAL when the number of iovs exceeds SMBDIRECT_MAX_SGE - cifs: Don't display RDMA transport on reconnect - CIFS: Respect O_SYNC and O_DIRECT flags during reconnect - CIFS: Close open handle after interrupted close - [armhf] tegra: Fix FLOW_CTLR_HALT register clobbering by tegra_resume() - vfio/pci: call irq_bypass_unregister_producer() before freeing irq - dma-buf: Fix memory leak in sync_file_merge() - [arm64] drm: meson: venc: cvbs: fix CVBS mode matching - dm mpath: remove harmful bio-based optimization - dm btree: increase rebalance threshold in __rebalance2() - scsi: iscsi: Fix a potential deadlock in the timeout handler - scsi: qla2xxx: Change discovery state before PLOGI - drm/radeon: fix r1xx/r2xx register checker for POT textures - xhci: fix USB3 device initiated resume race with roothub autosuspend https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.92 - af_packet: set defaule value for tmo - [amd64] fjes: fix missed check in fjes_acpi_add - [arm64] net: hisilicon: Fix a BUG trigered by wrong bytes_compl - net: qlogic: Fix error paths in ql_alloc_large_buffers() - net: usb: lan78xx: Fix suspend/resume PHY register access error - qede: Disable hardware gro when xdp prog is installed - qede: Fix multicast mac configuration - sctp: fully initialize v4 addr in some functions - btrfs: don't double lock the subvol_sem for rename exchange - btrfs: do not call synchronize_srcu() in inode_tree_del - Btrfs: fix missing data checksums after replaying a log tree - btrfs: send: remove WARN_ON for readonly mount - btrfs: abort transaction after failed inode updates in create_subvol - btrfs: skip log replay on orphaned roots - btrfs: do not leak reloc root if we fail to read the fs root - btrfs: handle ENOENT in btrfs_uuid_tree_iterate - Btrfs: fix removal logic of the tree mod log that leads to use-after-free issues - ALSA: pcm: Avoid possible info leaks from PCM stream buffers - ALSA: hda/ca0132 - Keep power on during processing DSP response - ALSA: hda/ca0132 - Avoid endless loop - ALSA: hda/ca0132 - Fix work handling in delayed HP detection - [arm64,armhf] drm/panel: Add missing drm_panel_init() in panel drivers - drm/amdgpu: grab the id mgr lock while accessing passid_mapping - spi: Add call to spi_slave_abort() function when spidev driver is released - [x86] staging: rtl8192u: fix multiple memory leaks on error path - staging: rtl8188eu: fix possible null dereference - rtlwifi: prevent memory leak in rtl_usb_probe (CVE-2019-19063) - libertas: fix a potential NULL pointer dereference - ath10k: fix backtrace on coredump - IB/iser: bound protection_sg size by data_sg size - [arm64] media: venus: core: Fix msm8996 frequency table - ath10k: fix offchannel tx failure when no ath10k_mac_tx_frm_has_freq - pinctrl: devicetree: Avoid taking direct reference to device name string - [amd64] drm/amdkfd: fix a potential NULL pointer dereference - [arm64] media: venus: Fix occasionally failures to suspend - [armhf] hwrng: omap3-rom - Call clk_disable_unprepare() on exit only if not idled - media: flexcop-usb: fix NULL-ptr deref in flexcop_usb_transfer_init() - [arm64,armhf] drm/bridge: dw-hdmi: Refuse DDC/CI transfers on the internal I2C controller - block: Fix writeback throttling W=1 compiler warnings - mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring (CVE-2019-19057) - drm/drm_vblank: Change EINVAL by the correct errno - media: cx88: Fix some error handling path in 'cx8800_initdev()' - [armhf] media: ti-vpe: vpe: Fix Motion Vector vpdma stride - [armhf] media: ti-vpe: vpe: fix a v4l2-compliance warning about invalid pixel format - [armhf] media: ti-vpe: vpe: fix a v4l2-compliance failure about frame sequence number - [armhf] media: ti-vpe: vpe: Make sure YUYV is set as default format - [armhf] media: ti-vpe: vpe: fix a v4l2-compliance failure causing a kernel panic - [armhf] media: ti-vpe: vpe: ensure buffers are cleaned up properly in abort cases - [armhf] media: ti-vpe: vpe: fix a v4l2-compliance failure about invalid sizeimage - [x86] syscalls/x86: Use the correct function type in SYSCALL_DEFINE0 - [x86] mm: Use the correct function type for native_set_fixmap() - ath10k: Correct error handling of dma_map_single() - [arm64,armhf] drm/bridge: dw-hdmi: Restore audio when setting a mode - perf report: Add warning when libunwind not compiled in - usb: usbfs: Suppress problematic bind and unbind uevents. - Bluetooth: missed cpu_to_le16 conversion in hci_init4_req - Bluetooth: Workaround directed advertising bug in Broadcom controllers - Bluetooth: hci_core: fix init for HCI_USER_CHANNEL - [x86] mce: Lower throttling MCE messages' priority to warning - [x86] drm/gma500: fix memory disclosures due to uninitialized bytes - rtl8xxxu: fix RTL8723BU connection failure issue after warm reboot - ipmi: Don't allow device module unload when in use - [x86] ioapic: Prevent inconsistent state when moving an interrupt - md/bitmap: avoid race window between md_bitmap_resize and bitmap_file_clear_bit - [arm64] psci: Reduce the waiting time for cpu_psci_cpu_kill() - i40e: initialize ITRN registers with correct values - net: phy: dp83867: enable robust auto-mdix - [arm64,armhf] drm/tegra: sor: Use correct SOR index on Tegra210 - ACPI: button: Add DMI quirk for Medion Akoya E2215T - RDMA/qedr: Fix memory leak in user qp and mr - [arm64,armhf] gpu: host1x: Allocate gather copy for host1x - [arm64,armhf] net: dsa: LAN9303: select REGMAP when LAN9303 enable - [arm64] phy: qcom-usb-hs: Fix extcon double register after power cycle - [s390x] time: ensure get_clock_monotonic() returns monotonic values - [s390x] mm: add mm_pxd_folded() checks to pxd_free() - [arm64] net: hns3: add struct netdev_queue debug info for TX timeout - libata: Ensure ata_port probe has completed before detach - loop: fix no-unmap write-zeroes request behavior - Bluetooth: Fix advertising duplicated flags - pinctrl: amd: fix __iomem annotation in amd_gpio_irq_handler() - ixgbe: protect TX timestamping from API misuse - media: rcar_drif: fix a memory disclosure (CVE-2019-18786) - media: v4l2-core: fix touch support in v4l_g_fmt - rfkill: allocate static minor - bnx2x: Fix PF-VF communication over multi-cos queues. - ALSA: timer: Limit max amount of slave instances - rtlwifi: fix memory leak in rtl92c_set_fw_rsvdpagepkt() - perf probe: Fix to find range-only function instance - perf probe: Fix to list probe event with correct line number - perf jevents: Fix resource leak in process_mapfile() and main() - perf probe: Walk function lines in lexical blocks - perf probe: Fix to probe an inline function which has no entry pc - perf probe: Fix to show ranges of variables in functions without entry_pc - perf probe: Fix to show inlined function callsite without entry_pc - perf probe: Fix to probe a function which has no entry pc - perf tools: Splice events onto evlist even on error - perf parse: If pmu configuration fails free terms - perf probe: Skip overlapped location on searching variables - perf probe: Return a better scope DIE if there is no best scope - perf probe: Fix to show calling lines of inlined functions - perf probe: Skip end-of-sequence and non statement lines - perf probe: Filter out instances except for inlined subroutine and subprogram - ath10k: fix get invalid tx rate for Mesh metric - media: pvrusb2: Fix oops on tear-down when radio support is not present - ice: delay less - [amd64] spi: pxa2xx: Add missed security checks - ASoC: rt5677: Mark reg RT5677_PWR_ANLG2 as volatile - iio: dac: ad5446: Add support for new AD5600 DAC - [x86] ASoC: Intel: kbl_rt5663_rt5514_max98927: Add dmic format constraint - [s390x] disassembler: don't hide instruction addresses - nvme: Discard workaround for non-conformant devices - parport: load lowlevel driver if ports not found - bcache: fix static checker warning in bcache_device_free() - cpufreq: Register drivers only after CPU devices have been registered - tracing: use kvcalloc for tgid_map array allocation - tracing/kprobe: Check whether the non-suffixed symbol is notrace - bcache: fix deadlock in bcache_allocator - iwlwifi: mvm: fix unaligned read of rx_pkt_status - [arm64] spi: tegra20-slink: add missed clk_unprepare - tun: fix data-race in gro_normal_list() - crypto: virtio - deal with unsupported input sizes - btrfs: don't prematurely free work in end_workqueue_fn() - btrfs: don't prematurely free work in run_ordered_work() - [x86] ASoC: Intel: bytcr_rt5640: Update quirk for Acer Switch 10 SW5-012 2-in-1 - [x86] insn: Add some Intel instructions to the opcode map - brcmfmac: remove monitor interface when detaching - iwlwifi: check kasprintf() return value - [armhf] net: ethernet: ti: ale: clean ale tbl on init and intf restart - [armhf] crypto: sun4i-ss - Fix 64-bit size_t warnings - [armhf] crypto: sun4i-ss - Fix 64-bit size_t warnings on sun4i-ss-hash.c - mac80211: consider QoS Null frames for STA_NULLFUNC_ACKED - net: phy: initialise phydev speed and duplex sanely - btrfs: don't prematurely free work in reada_start_machine_worker() - btrfs: don't prematurely free work in scrub_missing_raid56_worker() - Revert "mmc: sdhci: Fix incorrect switch to HS mode" - can: kvaser_usb: kvaser_usb_leaf: Fix some info-leaks to USB devices (CVE-2019-19947) - usb: xhci: Fix build warning seen with CONFIG_PM=n - [s390x] ftrace: fix endless recursion in function_graph tracer - btrfs: return error pointer from alloc_test_extent_buffer - usbip: Fix receive error in vhci-hcd when using scatter-gather - usbip: Fix error path of vhci_recv_ret_submit() - cpufreq: Avoid leaving stale IRQ work items during CPU offline - [x86] intel_th: pci: Add Comet Lake PCH-V support - [x86] intel_th: pci: Add Elkhart Lake SOC support - [x86] platform/x86: hp-wmi: Make buffer for HPWMI_FEATURE2_QUERY 128 bytes - [x86] staging: comedi: gsc_hpdi: check dma_alloc_coherent() return value - ext4: fix ext4_empty_dir() for directories with holes (CVE-2019-19037) - ext4: check for directory entries too close to block end - ext4: unlock on error in ext4_expand_extra_isize() - [arm64] KVM: Ensure 'params' is initialised when looking up sys register - [x86] MCE/AMD: Do not use rdmsr_safe_on_cpu() in smca_configure() - [x86] MCE/AMD: Allow Reserved types to be overwritten in smca_banks[] - [powerpc*] irq: fix stack overflow verification - [arm64] mmc: sdhci-msm: Correct the offset and value for DDR_CONFIG register - mmc: sdhci: Update the tuning failed messages to pr_debug level - mmc: sdhci: Workaround broken command queuing on Intel GLK - mmc: sdhci: Add a quirk for broken command queuing - nbd: fix shutdown and recv work deadlock - perf probe: Fix to show function entry line as probe-able https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.93 - scsi: lpfc: Fix discovery failures when target device connectivity bounces - scsi: mpt3sas: Fix clear pending bit in ioctl status - scsi: lpfc: Fix locking on mailbox command completion - Input: atmel_mxt_ts - disable IRQ across suspend - f2fs: fix to update time in lazytime mode - [arm64,armhf] iommu: rockchip: Free domain on .domain_free - [arm64,armhf] iommu/tegra-smmu: Fix page tables in > 4 GiB memory - scsi: target: compare full CHAP_A Algorithm strings - scsi: lpfc: Fix SLI3 hba in loop mode not discovering devices - scsi: csiostor: Don't enable IRQs too early - [arm64] scsi: hisi_sas: Replace in_softirq() check in hisi_sas_task_exec() - [ppc64el] pseries: Mark accumulate_stolen_time() as notrace - [ppc64el] pseries: Don't fail hash page table insert for bolted mapping - clocksource/drivers/timer-of: Use unique device name instead of timer - [ppc64el] security/book3s64: Report L1TF status in sysfs - [ppc64el] book3s64/hash: Add cond_resched to avoid soft lockup warning - ext4: update direct I/O read lock pattern for IOCB_NOWAIT - ext4: iomap that extends beyond EOF should be marked dirty - jbd2: Fix statistics for the number of logged blocks - scsi: tracing: Fix handling of TRANSFER LENGTH == 0 for READ(6) and WRITE(6) - scsi: lpfc: Fix duplicate unreg_rpi error in port offline flow - f2fs: fix to update dir's i_pino during cross_rename - [arm64] clk: qcom: Allow constant ratio freq tables for rcg - clk: clk-gpio: propagate rate change to parent - fs/quota: handle overflows of sysctl fs.quota.* and report as unsigned long - scsi: lpfc: fix: Coverity: lpfc_cmpl_els_rsp(): Null pointer dereferences - [ppc64el] PCI: rpaphp: Fix up pointer to first drc-info entry - scsi: ufs: fix potential bug which ends in system hang - [ppc64el] PCI: rpaphp: Don't rely on firmware feature to imply drc-info support - [ppc64el] PCI: rpaphp: Annotate and correctly byte swap DRC properties - [ppc64el] PCI: rpaphp: Correctly match ibm, my-drc-index to drc-name when using drc-info - [ppc64el] powerpc/security: Fix wrong message when RFI Flush is disable - bcache: at least try to shrink 1 node in bch_mca_scan() - HID: quirks: Add quirk for HP MSU1465 PIXART OEM mouse - HID: logitech-hidpp: Silence intermittent get_battery_capacity errors - [armhf] 8937/1: spectre-v2: remove Brahma-B53 from hardening - libnvdimm/btt: fix variable 'rc' set but not used - HID: Improve Windows Precision Touchpad detection. - HID: rmi: Check that the RMI_STARTED bit is set before unregistering the RMI transport device - watchdog: Fix the race between the release of watchdog_core_data and cdev - scsi: pm80xx: Fix for SATA device discovery - scsi: ufs: Fix error handing during hibern8 enter - scsi: scsi_debug: num_tgts must be >= 0 - scsi: iscsi: Don't send data to unbound connection - scsi: target: iscsi: Wait for all commands to finish before freeing a session - apparmor: fix unsigned len comparison with less than zero - scripts/kallsyms: fix definitely-lost memory leak - cdrom: respect device capabilities during opening action - perf script: Fix brstackinsn for AUXTRACE - perf regs: Make perf_reg_name() return "unknown" instead of NULL - [s390x] zcrypt: handle new reply code FILTERED_BY_HYPERVISOR - [s390x] cpum_sf: Check for SDBT and SDB consistency - ocfs2: fix passing zero to 'PTR_ERR' warning - kernel: sysctl: make drop_caches write-only - userfaultfd: require CAP_SYS_PTRACE for UFFD_FEATURE_EVENT_FORK - [x86] mce: Fix possibly incorrect severity calculation on AMD - net, sysctl: Fix compiler warning when only cBPF is present - netfilter: nf_queue: enqueue skbs with NULL dst - ALSA: hda - Downgrade error message for single-cmd fallback - bonding: fix active-backup transition after link failure - perf strbuf: Remove redundant va_end() in strbuf_addv() - Make filldir[64]() verify the directory entry filename is valid (CVE-2019-10220) - filldir[64]: remove WARN_ON_ONCE() for bad directory entries (CVE-2019-10220) - netfilter: ebtables: compat: reject all padding in matches/watchers - 6pack,mkiss: fix possible deadlock - netfilter: bridge: make sure to pull arp header in br_nf_forward_arp() - inetpeer: fix data-race in inet_putpeer / inet_putpeer - net: add a READ_ONCE() in skb_peek_tail() - net: icmp: fix data-race in cmp_global_allow() - hrtimer: Annotate lockless access to timer->state - net: ena: fix napi handler misbehavior when the napi budget is zero - net/mlxfw: Fix out-of-memory error in mfa2 flash burning - [arm64,armhf] net: stmmac: dwmac-meson8b: Fix the RGMII TX delay on Meson8b/8m2 SoCs - ptp: fix the race between the release of ptp_clock and cdev - tcp: Fix highest_sack and highest_sack_seq - udp: fix integer overflow while computing available space in sk_rcvbuf - vhost/vsock: accept only packets with the right dst_cid - net: add bool confirm_neigh parameter for dst_ops.update_pmtu - ip6_gre: do not confirm neighbor when do pmtu update - gtp: do not confirm neighbor when do pmtu update - net/dst: add new function skb_dst_update_pmtu_no_confirm - tunnel: do not confirm neighbor when do pmtu update - vti: do not confirm neighbor when do pmtu update - sit: do not confirm neighbor when do pmtu update - net/dst: do not confirm neighbor for vxlan and geneve pmtu update - gtp: do not allow adding duplicate tid and ms_addr pdp context - [arm64,armhf] net: marvell: mvpp2: phylink requires the link interrupt - tcp/dccp: fix possible race __inet_lookup_established() - tcp: do not send empty skb from tcp_write_xmit() - gtp: fix wrong condition in gtp_genl_dump_pdp() - gtp: fix an use-after-free in ipv4_pdp_find() - gtp: avoid zero size hashtable - [arm64,armhf] pinctrl: baytrail: Really serialize all register accesses https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.94 - nvme_fc: add module to ops template to allow module references - nvme-fc: fix double-free scenarios on hw queues - drm/amdgpu: add check before enabling/disabling broadcast mode - drm/amdgpu: add cache flush workaround to gfx8 emit_fence - PM / devfreq: Fix devfreq_notifier_call returning errno - PM / devfreq: Set scaling_max_freq to max on OPP notifier error - PM / devfreq: Don't fail devfreq_dev_release if not in list - afs: Fix afs_find_server lookups for ipv4 peers - afs: Fix SELinux setting security label on /afs - RDMA/cma: add missed unregister_pernet_subsys in init failure - rxe: correctly calculate iCRC for unaligned payloads - scsi: lpfc: Fix memory leak on lpfc_bsg_write_ebuf_set func - scsi: qla2xxx: Drop superfluous INIT_WORK of del_work - scsi: qla2xxx: Don't call qlt_async_event twice - scsi: qla2xxx: Fix PLOGI payload and ELS IOCB dump length - scsi: qla2xxx: Configure local loop for N2N target - scsi: qla2xxx: Send Notify ACK after N2N PLOGI - scsi: qla2xxx: Ignore PORT UPDATE after N2N PLOGI - scsi: iscsi: qla4xxx: fix double free in probe - scsi: libsas: stop discovering if oob mode is disconnected (CVE-2019-19965) - drm/nouveau: Move the declaration of struct nouveau_conn_atom up a bit - usb: gadget: fix wrong endpoint desc - net: make socket read/write_iter() honor IOCB_NOWAIT - afs: Fix creation calls in the dynamic root to fail with EOPNOTSUPP - md: raid1: check rdev before reference in raid1_sync_request func - [s390x] cpum_sf: Adjust sampling interval to avoid hitting sample limits - [s390x] cpum_sf: Avoid SBD overflow condition in irq handler - IB/mlx4: Follow mirror sequence of device add during device removal - IB/mlx5: Fix steering rule of drop and count - xen-blkback: prevent premature module unload - xen/balloon: fix ballooned page accounting without hotplug enabled - PM / hibernate: memory_bm_find_bit(): Tighten node optimisation - ALSA: hda/realtek - Add Bass Speaker and fixed dac for bass speaker - ALSA: hda/realtek - Enable the bass speaker of ASUS UX431FLC - ALSA: hda - fixup for the bass speaker on Lenovo Carbon X1 7th gen - xfs: fix mount failure crash on invalid iclog memory access - taskstats: fix data-race - drm: limit to INT_MAX in create_blob ioctl - netfilter: nft_tproxy: Fix port selector on Big Endian - ALSA: ice1724: Fix sleep-in-atomic in Infrasonic Quartet support code - ALSA: usb-audio: fix set_format altsetting sanity check - ALSA: usb-audio: set the interface format after resume on Dell WD19 - ALSA: hda/realtek - Add headset Mic no shutup for ALC283 - [arm64,armhf] drm/sun4i: hdmi: Remove duplicate cleanup calls - [mips*] Avoid VDSO ABI breakage due to global register variable - media: pulse8-cec: fix lost cec_transmit_attempt_done() call - media: cec: CEC 2.0-only bcast messages were ignored - media: cec: avoid decrementing transmit_queue_sz if it is 0 - media: cec: check 'transmit_in_progress', not 'transmitting' - mm/zsmalloc.c: fix the migrated zspage statistics. - memcg: account security cred as well to kmemcg - mm: move_pages: return valid node id in status if the page is already on the target node - [x86,arm64] pstore/ram: Write new dumps to start of recycled zones - locks: print unsigned ino in /proc/locks - compat_ioctl: block: handle Persistent Reservations - compat_ioctl: block: handle BLKREPORTZONE/BLKRESETZONE - ata: libahci_platform: Export again ahci_platform_<en/dis>able_phys() - libata: Fix retrieving of active qcs - gpiolib: fix up emulated open drain outputs - tracing: Fix lock inversion in trace_event_enable_tgid_record() - tracing: Avoid memory leak in process_system_preds() - tracing: Have the histogram compare functions convert to u64 first - tracing: Fix endianness bug in histogram trigger - apparmor: fix aa_xattrs_match() may sleep while holding a RCU lock - [i386] ALSA: cs4236: fix error return comparison of an unsigned integer - ALSA: firewire-motu: Correct a typo in the clock proc string - exit: panic before exit_mm() on global init exit - [arm64] Revert support for execute-only user mappings - ftrace: Avoid potential division by zero in function profiler - [arm64] drm/msm: include linux/sched/task.h - PM / devfreq: Check NULL governor in available_governors_show - nfsd4: fix up replay_matches_cache() - [x86,arm64] HID: i2c-hid: Reset ALPS touchpads on resume - ACPI: sysfs: Change ACPI_MASKABLE_GPE_MAX to 0x100 - xfs: don't check for AG deadlock for realtime files in bunmapi - [x86] platform/x86: pmc_atom: Add Siemens CONNECT X300 to critclk_systems DMI table - Bluetooth: btusb: fix PM leak in error case of setup - Bluetooth: delete a stray unlock - Bluetooth: Fix memory leak in hci_connect_le_scan - media: flexcop-usb: ensure -EIO is returned on error condition - media: usb: fix memory leak in af9005_identify_state (CVE-2019-18809) - [arm64] dts: meson: odroid-c2: Disable usb_otg bus to avoid power failed warning - [arm64] tty: serial: msm_serial: Fix lockup for sysrq and oops - fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP - bdev: Factor out bdev revalidation into a common helper - bdev: Refresh bdev size for disks without partitioning - scsi: qedf: Do not retry ELS request if qedf_alloc_cmd fails - drm/mst: Fix MST sideband up-reply failure handling - [ppc64el] pseries/hvconsole: Fix stack overread via udbg - [ppc64el] KVM: PPC: Book3S HV: use smp_mb() when setting/clearing host_ipi flag - rxrpc: Fix possible NULL pointer access in ICMP handling - tcp: annotate tp->rcv_nxt lockless reads - net: core: limit nested device depth - ath9k_htc: Modify byte order for an error message - ath9k_htc: Discard undersized packets - xfs: periodically yield scrub threads to the scheduler - net: add annotations on hh->hh_len lockless accesses - ubifs: ubifs_tnc_start_commit: Fix OOB in layout_in_gaps - [s390x] smp: fix physical to logical CPU map for SMT - xen/blkback: Avoid unmapping unmapped grant pages - [x86] perf/x86/intel/bts: Fix the use of page_private() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.95 - bpf: Fix passing modified ctx to ld/abs/ind instruction - regulator: fix use after free issue - ASoC: max98090: fix possible race conditions - netfilter: ctnetlink: netns exit must wait for callbacks - mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() (CVE-2019-14901) - [x86] efi: Update e820 with reserved EFI boot services data to fix kexec breakage - [x86] ASoC: Intel: bytcr_rt5640: Update quirk for Teclast X89 - efi/gop: Return EFI_NOT_FOUND if there are no usable GOPs - efi/gop: Return EFI_SUCCESS if a usable GOP was found - efi/gop: Fix memory leak in __gop_query32/64() - netfilter: uapi: Avoid undefined left-shift in xt_sctp.h - netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets - netfilter: nf_tables: validate NFT_SET_ELEM_INTERVAL_END - netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init() - [arm64] spi: spi-cavium-thunderx: Add missing pci_release_regions() - ASoC: topology: Check return value for soc_tplg_pcm_create() - bnxt_en: Return error if FW returns more data than dump length - [mips*] bpf, mips: Limit to 33 tail calls - [armhf] spi: spi-ti-qspi: Fix a bug when accessing non default CS - [powerpc*] Ensure that swiotlb buffer is allocated from low memory - btrfs: Fix error messages in qgroup_rescan_init - bpf: Clear skb->tstamp in bpf_redirect when necessary - bnx2x: Do not handle requests from VFs after parity - bnx2x: Fix logic to get total no. of PFs per engine - cxgb4: Fix kernel panic while accessing sge_info - net: usb: lan78xx: Fix error message format specifier - rfkill: Fix incorrect check to avoid NULL pointer dereference - iommu/iova: Init the struct iova to fix the possible memleak - [x86] perf/x86/intel: Fix PT PMI handling - fs: avoid softlockups in s_inodes iterators - [arm64,armhf] net: stmmac: Do not accept invalid MTU values - [arm64,armhf] net: stmmac: xgmac: Clear previous RX buffer size - [arm64,armhf] net: stmmac: RX buffer size must be 16 byte aligned - [arm64,armhf] net: stmmac: Always arm TX Timer at end of transmission start - [s390x] dasd/cio: Interpret ccw_device_get_mdc return value correctly - [s390x] dasd: fix memleak in path handling error case - block: fix memleak when __blk_rq_map_user_iov() is failed - llc2: Fix return statement of llc_stat_ev_rx_null_dsap_xid_c (and _test_c) - [x86] hv_netvsc: Fix unwanted rx_table reset - [powerpc*] vcpu: Assume dedicated processors as non-preempt - [powerpc*] spinlocks: Include correct header for static key - [armhf] cpufreq: imx6q: read OCOTP through nvmem for imx6ul/imx6ull - gtp: fix bad unlock balance in gtp_encap_enable_socket - macvlan: do not assume mac_header is set in macvlan_broadcast() - [arm64,armhf] net: dsa: mv88e6xxx: Preserve priority when setting CPU port. - [arm64,armhf] net: stmmac: dwmac-sun8i: Allow all RGMII modes - [arm64,armhf] net: stmmac: dwmac-sunxi: Allow all RGMII modes - net: usb: lan78xx: fix possible skb leak - pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM - sch_cake: avoid possible divide by zero in cake_enqueue() - sctp: free cmd->obj.chunk for the unprocessed SCTP_CMD_REPLY - tcp: fix "old stuff" D-SACK causing SACK to be treated as D-SACK - vxlan: fix tos value before xmit - vlan: fix memory leak in vlan_dev_set_egress_priority - vlan: vlan_changelink() should propagate errors - net: sch_prio: When ungrafting, replace with FIFO - [arm64,armhf] usb: dwc3: gadget: Fix request complete check - USB: core: fix check for duplicate endpoints - USB: serial: option: add Telit ME910G1 0x110a composition - usb: missing parentheses in USE_NEW_SCHEME https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.96 - chardev: Avoid potential use-after-free in 'chrdev_open()' - i2c: fix bus recovery stop mode timing - [arm64,armhf] usb: chipidea: host: Disable port power only if previously enabled - ALSA: usb-audio: Apply the sample rate quirk for Bose Companion 5 - ALSA: hda/realtek - Add new codec supported for ALCS1200A - ALSA: hda/realtek - Set EAPD control to default for ALC222 - [x86] ALSA: hda/realtek - Add quirk for the bass speaker on Lenovo Yoga X1 7th gen - kernel/trace: Fix do not unregister tracepoints when register sched_migrate_task fail - tracing: Have stack tracer compile when MCOUNT_INSN_SIZE is not defined - tracing: Change offset type to s32 in preempt/irq tracepoints - HID: Fix slab-out-of-bounds read in hid_field_extract - HID: uhid: Fix returning EPOLLOUT from uhid_char_poll - HID: hid-input: clear unmapped usages - Input: add safety guards to input_set_keycode() - [arm64,armhf] drm/sun4i: tcon: Set RGB DCLK min. divider based on hardware model - drm/fb-helper: Round up bits_per_pixel if possible - drm/dp_mst: correct the shifting in DP_REMOTE_I2C_READ - can: kvaser_usb: fix interface sanity check - can: gs_usb: gs_usb_probe(): use descriptors of current altsetting - can: can_dropped_invalid_skb(): ensure an initialized headroom in outgoing CAN sk_buffs - gpiolib: acpi: Turn dmi_system_id table into a generic quirk table - gpiolib: acpi: Add honor_wakeup module-option + quirk mechanism - [x86] staging: vt6656: set usb_set_intfdata on driver fail. - USB: serial: option: add ZLP support for 0x1bc7/0x9010 - [arm64,armhf] usb: musb: fix idling for suspend after disconnect interrupt - [arm64,armhf] usb: musb: Disable pullup at init - [arm64,armhf] usb: musb: dma: Correct parameter passed to IRQ handler - [x86] staging: comedi: adv_pci1710: fix AI channels 16-31 for PCI-1713 - staging: rtl8188eu: Add device code for TP-Link TL-WN727N v5.21 - serdev: Don't claim unsupported ACPI serial devices - tty: link tty and port before configuring it as console - tty: always relink the port - mwifiex: fix possible heap overflow in mwifiex_process_country_ie() (CVE-2019-14895) - mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf (CVE-2019-19056) - scsi: bfa: release allocated memory in case of error (CVE-2019-19066) - rtl8xxxu: prevent leaking urb (CVE-2019-19068) - ath10k: fix memory leak (CVE-2019-19078) - HID: hiddev: fix mess in hiddev_open() - USB: Fix: Don't skip endpoint descriptors with maxpacket=0 - netfilter: arp_tables: init netns pointer in xt_tgchk_param struct - netfilter: conntrack: dccp, sctp: handle null timeout argument - netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present - [x86] drm/i915/gen9: Clear residual context state on context switch (CVE-2019-14615) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.97 - hidraw: Return EPOLLOUT from hidraw_poll - HID: hidraw: Fix returning EPOLLOUT from hidraw_poll - HID: hidraw, uhid: Always report EPOLLOUT - cfg80211/mac80211: make ieee80211_send_layer2_update a public function - mac80211: Do not send Layer 2 Update frame before authorization (CVE-2019-5108) - f2fs: Move err variable to function scope in f2fs_fill_dentries() - f2fs: check memory boundary by insane namelen - f2fs: check if file namelen exceeds max value (CVE-2019-9445) - media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap (CVE-2019-15217) - iwlwifi: dbg_ini: fix memory leak in alloc_sgtable (CVE-2019-19058) - iwlwifi: pcie: fix memory leaks in iwl_pcie_ctxt_info_gen3_init (CVE-2019-19059) - RDMA: Fix goto target to release the allocated memory (CVE-2019-19077) - dccp: Fix memleak in __feat_register_sp (CVE-2019-20096) - [x86] drm/i915: Fix use-after-free when destroying GEM context - ASoC: soc-core: Set dpcm_playback / dpcm_capture - [armhf] mtd: onenand: omap2: Pass correct flags for prep_dma_memcpy - [arm64] gpio: zynq: Fix for bug in zynq_gpio_restore_context API - iommu: Remove device link to group on failure - gpio: Fix error message on out-of-range GPIO in lookup table - [s390x] qeth: fix false reporting of VNIC CHAR config failure - [s390x] qeth: Fix vnicc_is_in_use if rx_bcast not set - cifs: Adjust indentation in smb2_open_file - afs: Fix missing cell comparison in afs_test_super() - drm/ttm: fix start page for huge page check in ttm_put_pages() (CVE-2019-19927) - drm/ttm: fix incrementing the page pointer for huge pages (CVE-2019-19927) - btrfs: simplify inode locking for RWF_NOWAIT - RDMA/mlx5: Return proper error value - RDMA/srpt: Report the SCSI residual to the initiator - scsi: enclosure: Fix stale device oops with hot replug - scsi: sd: Clear sdkp->protection_type if disk is reformatted without PI - [x86] platform/x86: asus-wmi: Fix keyboard brightness cannot be set to 0 - [x86] platform/x86: GPD pocket fan: Use default values when wrong modparams are given - xprtrdma: Fix completion wait during device removal - crypto: virtio - implement missing support for output IVs - NFSv2: Fix a typo in encode_sattr() - NFSv4.x: Drop the slot if nfs4_delegreturn_prepare waits for layoutreturn - mei: fix modalias documentation - [armhf] clk: samsung: exynos5420: Preserve CPU clocks configuration during suspend/resume - [armhf] pinctl: ti: iodelay: fix error checking on pinctrl_count_index_with_args call - [x86] pinctrl: lewisburg: Update pin list according to v1.1v6 - scsi: sd: enable compat ioctls for sed-opal - af_unix: add compat_ioctl support - compat_ioctl: handle SIOCOUTQNSD - [arm64,armhf] PCI: dwc: Fix find_next_bit() usage - PCI/PTM: Remove spurious "d" from granularity message - [powerpc*] powernv: Disable native PCIe port management - [armhf] tty: serial: imx: use the sg count from dma_map_sg - [i386] tty: serial: pch_uart: correct usage of dma_unmap_sg - mtd: spi-nor: fix silent truncation in spi_nor_read() - mtd: spi-nor: fix silent truncation in spi_nor_read_raw() - rtlwifi: Remove unnecessary NULL check in rtl_regd_init - f2fs: fix potential overflow - scsi: libcxgbi: fix NULL pointer dereference in cxgbi_device_destroy() - [mips*] cacheinfo: report shared CPU map - [arm64] drm/arm/mali: make malidp_mw_connector_helper_funcs static - [arm64] dmaengine: k3dma: Avoid null pointer traversal - [amd64] ioat: ioat_alloc_ring() failure handling. - ocfs2: call journal flush to mark journal as empty after journal recovery when mount https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.98 - clk: Don't try to enable critical clocks if prepare failed - iio: buffer: align the size of scan bytes to size of the largest element - USB: serial: simple: Add Motorola Solutions TETRA MTP3xxx and MTP85xx - USB: serial: option: Add support for Quectel RM500Q - USB: serial: opticon: fix control-message timeouts - USB: serial: option: add support for Quectel RM500Q in QDL mode - USB: serial: suppress driver bind attributes - USB: serial: ch341: handle unbound port at reset_resume - USB: serial: io_edgeport: handle unbound ports on URB completion - USB: serial: io_edgeport: add missing active-port sanity check - USB: serial: keyspan: handle unbound ports - USB: serial: quatech2: handle unbound ports - [x86] scsi: fnic: fix invalid stack access - scsi: mptfusion: Fix double fetch bug in ioctl - [armhf] dts: imx6q-dhcom: Fix SGTL5000 VDDIO regulator connection - ALSA: dice: fix fallback from protocol extension into limited functionality - ALSA: seq: Fix racy access for queue timer in proc read - ALSA: usb-audio: fix sync-ep altsetting sanity check - [arm64] dts: allwinner: a64: olinuxino: Fix SDIO supply regulator - block: fix an integer overflow in logical block size - [armhf] dts: am571x-idk: Fix gpios property to have the correct gpio number - LSM: generalize flag passing to security_capable - ptrace: reintroduce usage of subjective credentials in ptrace_has_cap() - usb: core: hub: Improved device recognition on remote wakeup - [x86] resctrl: Fix an imbalance in domain_remove_cpu() - [x86] CPU/AMD: Ensure clearing of SME/SEV features is maintained - [amd64] x86/efistub: Disable paging at mixed mode entry - [x86] resctrl: Fix potential memory leak - perf hists: Fix variable name's inconsistency in hists__for_each() macro - perf report: Fix incorrectly added dimensions as switch perf data file - mm/shmem.c: thp, shmem: fix conflict of above-47bit hint address and PMD alignment - mm: memcg/slab: call flush_memcg_workqueue() only if memcg workqueue is valid - btrfs: rework arguments of btrfs_unlink_subvol - btrfs: fix invalid removal of root ref - btrfs: do not delete mismatched root refs - btrfs: fix memory leak in qgroup accounting - mm/page-writeback.c: avoid potential division by zero in wb_min_max_ratio() - [armhf] dts: imx6qdl: Add Engicam i.Core 1.5 MX6 - [armhf] dts: imx6q-icore-mipi: Use 1.5 version of i.Core MX6DL - [arm64,armhf] net: stmmac: 16KB buffer must be 16 byte aligned - [arm64,armhf] net: stmmac: Enable 16KB buffer size - mm/huge_memory.c: make __thp_get_unmapped_area static - mm/huge_memory.c: thp: fix conflict of above-47bit hint address and PMD alignment - bpf: Fix incorrect verifier simulation of ARSH under ALU32 - cfg80211: fix deadlocks in autodisconnect work - cfg80211: fix memory leak in cfg80211_cqm_rssi_update - cfg80211: fix page refcount issue in A-MSDU decap - netfilter: fix a use-after-free in mtype_destroy() - netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct - netfilter: nft_tunnel: fix null-attribute check - netfilter: nf_tables: remove WARN and add NLA_STRING upper limits - netfilter: nf_tables: store transaction list locally while requesting module - netfilter: nf_tables: fix flowtable list del corruption - NFC: pn533: fix bulk-message timeout - batman-adv: Fix DAT candidate selection on little endian systems - macvlan: use skb_reset_mac_header() in macvlan_queue_xmit() - [x86] hv_netvsc: Fix memory leak when removing rndis device - [arm64] net: hns: fix soft lockup when there is not enough memory - net: usb: lan78xx: limit size of local TSO packets - ptp: free ptp device pin descriptors properly - r8152: add missing endpoint sanity check - tcp: fix marked lost packets not being retransmitted - xen/blkfront: Adjust indentation in xlvbd_alloc_gendisk - tcp: refine rule to allow EPOLLOUT generation under mem pressure - [arm64] dts: meson-gxl-s905x-khadas-vim: fix gpio-keys-polled node - cfg80211: check for set_wiphy_params - tick/sched: Annotate lockless access to last_jiffies_update - drm/nouveau/bar/nv50: check bar1 vmm return value - drm/nouveau/bar/gf100: ensure BAR is mapped - drm/nouveau/mmu: qualify vmm during dtor - reiserfs: fix handling of -EOPNOTSUPP in reiserfs_for_each_xattr - scsi: esas2r: unlock on error in esas2r_nvram_read_direct() - scsi: qla4xxx: fix double free bug - scsi: bnx2i: fix potential use after free - scsi: target: core: Fix a pr_debug() argument - scsi: qla2xxx: Fix qla2x00_request_irqs() for MSI - scsi: qla2xxx: fix rports not being mark as lost in sync fabric scan - scsi: core: scsi_trace: Use get_unaligned_be*() - perf probe: Fix wrong address verification . [ Joe Richey ] * [cloud-amd64] tpm: Enable TPM drivers for Cloud (Closes: #946237) . [ Salvatore Bonaccorso ] * Refresh powerpc-fix-mcpu-options-for-spe-only-compiler.patch (Context changes in 4.19.88) * Drop 0027-RDMA-hns-Fix-the-bug-with-updating-rq-head-pointer-w.patch * Drop 0028-RDMA-hns-Bugfix-for-the-scene-without-receiver-queue.patch * [rt] Refresh 0199-net-move-xmit_recursion-to-per-task-variable-on-RT.patch (Context changes in 4.19.88) * [rt] Update to 4.19.90-rt35: - Update "workqueue: rework" for workqueue changes in 4.19.90 * [rt] Drop 0245-Revert-arm64-preempt-Fix-big-endian-when-checking-pr.patch * Refresh 0013-scsi-hisi_sas-Relocate-some-codes-to-avoid-an-unused.patch for context changes in 4.19.93. * [rt] Refresh 0253-watchdog-prevent-deferral-of-watchdogd-wakeup-on-RT.patch (Context changes in 4.19.93) * [rt] Refresh 0199-net-move-xmit_recursion-to-per-task-variable-on-RT.patch (Context changes in 4.19.97) . [ Ben Hutchings ] * [rt] Update to 4.19.94-rt38: - Refresh "x86/ioapic: Don't let setaffinity unmask threaded EOI interrupt too early" which was partly included in 4.19.92 * aufs: Update support patchset to aufs4.19.63+ 20200113; no functional changes * Bump ABI to 8 * libertas: Fix two buffer overflows at parsing bss descriptor (CVE-2019-14896, CVE-2019-14897) * wimax: i2400: fix memory leak (CVE-2019-19051) * wimax: i2400: Fix memory leak in i2400m_op_rfkill_sw_toggle (CVE-2019-19051) * [amd64/cloud-amd64] hwrandom: Enable HW_RANDOM_VIRTIO (Closes: #914511) . [ Noah Meyerhans ] * random: try to actively add entropy rather than passively wait for it (Closes: #948519) . [ Aurelien Jarno ] * [mips*/malta] Enable POWER_RESET_PIIX4_POWEROFF. linux-signed-amd64 (4.19.87+1) buster; urgency=medium . * Sign kernel from linux 4.19.87-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.68 - seq_file: fix problem when seeking mid-record - mm/hmm: fix bad subpage pointer in try_to_unmap_one - mm: mempolicy: make the behavior consistent when MPOL_MF_MOVE* and MPOL_MF_STRICT were specified - mm: mempolicy: handle vma with unmovable pages mapped correctly in mbind - mm/memcontrol.c: fix use after free in mem_cgroup_iter() - mm/usercopy: use memory range to be accessed for wraparound check - Revert "pwm: Set class for exported channels in sysfs" - cpufreq: schedutil: Don't skip freq update when limits change - [x86] ALSA: hda/realtek - Add quirk for HP Envy x360 - ALSA: hda - Apply workaround for another AMD chip 1022:1487 - ALSA: hda - Fix a memory leak bug - ALSA: hda - Add a generic reboot_notify - ALSA: hda - Let all conexant codec enter D3 when rebooting - HID: holtek: test for sanity of intfdata - HID: hiddev: avoid opening a disconnected device - HID: hiddev: do cleanup in failure of opening a device - Input: kbtab - sanity check for endpoint type - Input: iforce - add sanity checks - net: usb: pegasus: fix improper read if get_registers() fail - netfilter: ebtables: also count base chain policies - xen/pciback: remove set but not used variable 'old_state' - [armhf,arm64] irqchip/gic-v3-its: Free unused vpt_page when alloc vpe table fail - perf header: Fix divide by zero error if f_header.attr_size==0 - perf header: Fix use of unitialized value warning - libata: zpodd: Fix small read overflow in zpodd_get_mech_type() - Btrfs: fix deadlock between fiemap and transaction commits - scsi: hpsa: correct scsi command status issue after reset - scsi: qla2xxx: Fix possible fcport null-pointer dereferences - drm/amdgpu: fix a potential information leaking bug - ata: libahci: do not complain in case of deferred probe - kbuild: modpost: handle KBUILD_EXTRA_SYMBOLS only for external modules - [arm64] efi: fix variable 'si' set but not used - [arm64] unwind: Prohibit probing on return_address() - [arm64] mm: fix variable 'pud' set but not used - IB/core: Add mitigation for Spectre V1 - IB/mlx5: Fix MR registration flow to use UMR properly - IB/mad: Fix use-after-free in ib mad completion handling - [arm64] drm: msm: Fix add_gpu_components - [armhf] drm/exynos: fix missing decrement of retry counter - ocfs2: remove set but not used variable 'last_hash' - asm-generic: fix -Wtype-limits compiler warnings - [arm64] KVM: regmap: Fix unexpected switch fall-through - [armhf,arm64] KVM: Sync ICH_VMCR_EL2 back when about to block - [x86] staging: comedi: dt3000: Fix signed integer overflow 'divider * base' - [x86] staging: comedi: dt3000: Fix rounding up of timer divisor - USB: core: Fix races in character device registration and deregistraion - usb: cdc-acm: make sure a refcount is taken early enough - USB: CDC: fix sanity checks in CDC union parser - USB: serial: option: add D-Link DWM-222 device ID - USB: serial: option: Add support for ZTE MF871A - USB: serial: option: add the BroadMobi BM818 card - USB: serial: option: Add Motorola modem UARTs - [x86] drm/i915/cfl: Add a new CFL PCI ID. - [arm64] ftrace: Ensure module ftrace trampoline is coherent with I-side - Input: psmouse - fix build error of multiple definition - bnx2x: Fix VF's VLAN reconfiguration in reload. - bonding: Add vlan tx offload to hw_enc_features - net: dsa: Check existence of .port_mdb_add callback before calling it - net/mlx4_en: fix a memory leak bug - net/packet: fix race in tpacket_snd() - sctp: fix memleak in sctp_send_reset_streams - sctp: fix the transport error_count check - team: Add vlan tx offload to hw_enc_features - tipc: initialise addr_trail_end when setting node addresses - xen/netback: Reset nr_frags before freeing skb - net/mlx5e: Only support tx/rx pause setting for port owner - net/mlx5e: Use flow keys dissector to parse packets for ARFS - [arm64] mmc: sdhci-of-arasan: Do now show error message in case of deffered probe https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.69 - HID: Add 044f:b320 ThrustMaster, Inc. 2 in 1 DT - [mips*] kernel: only use i8253 clocksource with periodic clockevent - [mips*] fix cacheinfo - netfilter: ebtables: fix a memory leak bug in compat - ASoC: dapm: Fix handling of custom_stop_condition on DAPM graph walks - bonding: Force slave speed check after link state recovery for 802.3ad - [armhf,arm64] net: mvpp2: Don't check for 3 consecutive Idle frames for 10G links - can: dev: call netif_carrier_off() in register_candev() - can: gw: Fix error path of cgw_module_init - [armhf,arm64] ASoC: rockchip: Fix mono capture - [armhf] ASoC: ti: davinci-mcasp: Correct slot_width posed constraint - net: usb: qmi_wwan: Add the BroadMobi BM818 card - qed: RDMA - Fix the hw_ver returned in device attributes - isdn: mISDN: hfcsusb: Fix possible null-pointer dereferences in start_isoc_chain() - mac80211_hwsim: Fix possible null-pointer dereferences in hwsim_dump_radio_nl() - netfilter: ipset: Actually allow destination MAC address for hash:ip,mac sets too - netfilter: ipset: Copy the right MAC address in bitmap:ip,mac and hash:ip,mac sets - netfilter: ipset: Fix rename concurrency with listing - rxrpc: Fix potential deadlock - rxrpc: Fix the lack of notification when sendmsg() fails on a DATA packet - isdn: hfcsusb: Fix mISDN driver crash caused by transfer buffer on the stack - net: phy: phy_led_triggers: Fix a possible null-pointer dereference in phy_led_trigger_change_speed() - can: sja1000: force the string buffer NULL-terminated - can: peak_usb: force the string buffer NULL-terminated - net/ethernet/qlogic/qed: force the string buffer NULL-terminated - NFSv4: Fix a potential sleep while atomic in nfs4_do_reclaim() - NFS: Fix regression whereby fscache errors are appearing on 'nofsc' mounts - HID: quirks: Set the INCREMENT_USAGE_ON_DUPLICATE quirk on Saitek X52 - HID: input: fix a4tech horizontal wheel custom usage - [armhf,arm64] drm/rockchip: Suspend DP late - SMB3: Fix potential memory leak when processing compound chain - SMB3: Kernel oops mounting a encryptData share with CONFIG_DEBUG_VIRTUAL - [s390x] put _stext and _etext into .text section - net: cxgb3_main: Fix a resource leak in a error path in 'init_one()' - [armhf,arm64] net: stmmac: Fix issues when number of Queues >= 4 - [armhf,arm64] net: stmmac: tc: Do not return a fragment entry - [arm64] net: hisilicon: make hip04_tx_reclaim non-reentrant - [arm64] net: hisilicon: fix hip04-xmit never return TX_BUSY - [arm64] net: hisilicon: Fix dma_map_single failed on arm64 - libata: have ata_scsi_rw_xlat() fail invalid passthrough requests - libata: add SG safety checks in SFF pio transfers - [x86] lib/cpu: Address missing prototypes warning - [x86] drm/vmwgfx: fix memory leak when too many retries have occurred - block, bfq: handle NULL return value by bfq_init_rq() - perf ftrace: Fix failure to set cpumask when only one cpu is present - perf cpumap: Fix writing to illegal memory in handling cpumap mask - perf pmu-events: Fix missing "cpu_clk_unhalted.core" event - [arm64] KVM: Don't write junk to sysregs on reset - [armhf] KVM: Don't write junk to CP15 registers on reset - HID: wacom: correct misreported EKR ring values - HID: wacom: Correct distance scale for 2nd-gen Intuos devices - Revert "dm bufio: fix deadlock with loop device" (regression in 4.19.61) - ceph: clear page dirty before invalidate page - ceph: don't try fill file_lock on unsuccessful GETFILELOCK reply - libceph: fix PG split vs OSD (re)connect race - drm/nouveau: Don't retry infinitely when receiving no data on i2c over AUX - gpiolib: never report open-drain/source lines as 'input' to user-space - [x86] Drivers: hv: vmbus: Fix virt_to_hvpfn() for X86_PAE - userfaultfd_release: always remove uffd flags and clear vm_userfaultfd_ctx - [i386] retpoline: Don't clobber RFLAGS during CALL_NOSPEC on i386 - [x86] apic: Handle missing global clockevent gracefully - [x86] CPU/AMD: Clear RDRAND CPUID bit on AMD family 15h/16h - [x86] boot: Save fields explicitly, zero out everything else - [x86] boot: Fix boot regression caused by bootparam sanitizing - dm kcopyd: always complete failed jobs - dm btree: fix order of block initialization in btree_split_beneath - dm integrity: fix a crash due to BUG_ON in __journal_read_write() - dm raid: add missing cleanup in raid_ctr() - dm space map metadata: fix missing store of apply_bops() return value - dm table: fix invalid memory accesses with too high sector number - dm zoned: improve error handling in reclaim - dm zoned: improve error handling in i/o map code - dm zoned: properly handle backing device failure - genirq: Properly pair kobject_del() with kobject_add() - mm, page_owner: handle THP splits correctly - mm/zsmalloc.c: migration can leave pages in ZS_EMPTY indefinitely - mm/zsmalloc.c: fix race condition in zs_destroy_pool - xfs: don't trip over uninitialized buffer on extent read of corrupted inode - xfs: Move fs/xfs/xfs_attr.h to fs/xfs/libxfs/xfs_attr.h - xfs: Add helper function xfs_attr_try_sf_addname - xfs: Add attibute set and helper functions - xfs: Add attibute remove and helper functions - xfs: always rejoin held resources during defer roll - dm zoned: fix potential NULL dereference in dmz_do_reclaim() - [ppc64el] Allow flush_(inval_)dcache_range to work across ranges >4GB - rxrpc: Fix local endpoint refcounting - rxrpc: Fix read-after-free in rxrpc_queue_local() - rxrpc: Fix local endpoint replacement - rxrpc: Fix local refcounting https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.70 - nvme-multipath: revalidate nvme_ns_head gendisk in nvme_validate_ns - afs: Fix the CB.ProbeUuid service handler to reply correctly - afs: Fix loop index mixup in afs_deliver_vl_get_entry_by_name_u() - fs: afs: Fix a possible null-pointer dereference in afs_put_read() - afs: Only update d_fsdata if different in afs_d_revalidate() - nvmet-loop: Flush nvme_delete_wq when removing the port - nvme: fix a possible deadlock when passthru commands sent to a multipath device - nvme-pci: Fix async probe remove race - [armhf] omap-dma/omap_vout_vrfb: fix off-by-one fi value - iommu/dma: Handle SG length overflow better - usb: gadget: composite: Clear "suspended" on reset/disconnect - usb: gadget: mass_storage: Fix races between fsg_disable and fsg_set_alt - xen/blkback: fix memory leaks - [arm64] cpufeature: Don't treat granule sizes as strict - drm/ast: Fixed reboot test may cause system hanged - [x86] tools: hv: fix KVP and VSS daemons exit code - [x86] drm/i915: fix broadwell EU computation - [arm*] watchdog: bcm2835_wdt: Fix module autoload - scsi: ufs: Fix RX_TERMINATION_FORCE_ENABLE define value - [armhf] drm/tilcdc: Register cpufreq notifier after we have initialized crtc - ipv6/addrconf: allow adding multicast addr if IFA_F_MCAUTOJOIN is set - ipv6: Default fib6_type to RTN_UNICAST when not set - net/smc: make sure EPOLLOUT is raised - tcp: make sure EPOLLOUT wont be missed - ipv4/icmp: fix rt dst dev null pointer dereference - mm/zsmalloc.c: fix build when CONFIG_COMPACTION=n - ALSA: usb-audio: Check mixer unit bitmap yet more strictly - ALSA: line6: Fix memory leak at line6_init_pcm() error path - ALSA: hda - Fixes inverted Conexant GPIO mic mute led - ALSA: seq: Fix potential concurrent access to the deleted pool - ALSA: usb-audio: Fix invalid NULL check in snd_emuusb_set_samplerate() - ALSA: usb-audio: Add implicit fb quirk for Behringer UFX1604 - [x86] kvm: skip populating logical dest map if apic is not sw enabled - [x86] KVM: Don't update RIP or do single-step on faulting emulation - [amd64] uprobes: Fix detection of 32-bit user mode - [x86] apic: Do not initialize LDR and DFR for bigsmp - ftrace: Fix NULL pointer dereference in t_probe_next() - ftrace: Check for successful allocation of hash - ftrace: Check for empty hash and comment the race with registering probes - usb-storage: Add new JMS567 revision to unusual_devs - USB: cdc-wdm: fix race between write and disconnect due to flag abuse - usb: hcd: use managed device resources - [armhf,arm64] usb: chipidea: udc: don't do hardware access if gadget has stopped - usb: host: ohci: fix a race condition between shutdown and irq - usb: host: xhci: rcar: Fix typo in compatible string matching - USB: storage: ums-realtek: Update module parameter description for auto_delink_en - USB: storage: ums-realtek: Whitelist auto-delink support - [x86] mei: me: add Tiger Lake point LP device ID - mmc: core: Fix init of SD cards reporting an invalid VDD range - stm class: Fix a double free of stm_source_device - [x86] intel_th: pci: Add support for another Lewisburg PCH - [x86] intel_th: pci: Add Tiger Lake support - [x86] typec: tcpm: fix a typo in the comparison of pdo_max_voltage - lib: logic_pio: Fix RCU usage - lib: logic_pio: Avoid possible overlap for unregistering regions - lib: logic_pio: Add logic_pio_unregister_range() - [x86] drm/amdgpu: Add APTX quirk for Dell Latitude 5495 - [x86] drm/i915: Don't deballoon unused ggtt drm_mm_node in linux guest - [x86] drm/i915: Call dma_set_max_seg_size() in i915_driver_hw_probe() - [arm64] bus: hisi_lpc: Unregister logical PIO range to avoid potential use-after-free - [arm64] bus: hisi_lpc: Add .remove method to avoid driver unbind crash - [x86] VMCI: Release resource if the work is already queued - [x86] crypto: ccp - Ignore unconfigured CCP device on suspend/resume - Revert "cfg80211: fix processing world regdomain when non modular" - mac80211: fix possible sta leak - mac80211: Don't memset RXCB prior to PAE intercept - mac80211: Correctly set noencrypt for PAE frames - [ppc64el] KVM: Book3S: Fix incorrect guest-to-user-translation error handling - [armhf,arm64] KVM: vgic: Fix potential deadlock when ap_list is long - [armhf,arm64] KVM: vgic-v2: Handle SGI bits in GICD_I{S,C}PENDR0 as WI - NFS: Clean up list moves of struct nfs_page - NFSv4/pnfs: Fix a page lock leak in nfs_pageio_resend() - NFS: Pass error information to the pgio error cleanup routine - NFS: Ensure O_DIRECT reports an error if the bytes read/written is 0 - [x86] i2c: piix4: Fix port selection for AMD Family 16h Model 30h - mt76: mt76x0u: do not reset radio on resume https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.71 - Revert "Input: elantech - enable SMBus on new (2018+) systems" (regression in 4.19.67) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.72 - mld: fix memory leak in mld_del_delrec() - net: fix skb use after free in netpoll - net: sched: act_sample: fix psample group handling on overwrite - net_sched: fix a NULL pointer deref in ipt action - [armhf,arm64] net: stmmac: dwmac-rk: Don't fail if phy regulator is absent - tcp: inherit timestamp on mtu probe - tcp: remove empty skb from write queue in error cases - net/rds: Fix info leak in rds6_inc_info_copy() (CVE-2019-16714) - [x86] boot: Preserve boot_params.secure_boot from sanitizing - [arm*] spi: bcm2835aux: unifying code between polling and interrupt driven code - [arm*] spi: bcm2835aux: remove dangerous uncontrolled read of fifo - [arm*] spi: bcm2835aux: fix corruptions for longer spi transfers - netfilter: nf_tables: use-after-free in failing rule with bound set - [x86] hv_netvsc: Fix a warning of suspicious RCU usage - Bluetooth: btqca: Add a short delay before downloading the NVM - [ppc64el] ibmveth: Convert multicast list size for little-endian system - gpio: Fix build error of function redefinition - netfilter: nft_flow_offload: skip tcp rst and fin packets - scsi: qla2xxx: Fix gnl.l memory leak on adapter init failure - scsi: target: tcmu: avoid use-after-free after command timeout - cxgb4: fix a memory leak bug - liquidio: add cleanup in octeon_setup_iq() - net: myri10ge: fix memory leaks - lan78xx: Fix memory leaks - vfs: fix page locking deadlocks when deduping files - cx82310_eth: fix a memory leak bug - net: kalmia: fix memory leaks - net: cavium: fix driver name - wimax/i2400m: fix a memory leak bug - kprobes: Fix potential deadlock in kprobe_optimizer() - HID: cp2112: prevent sleeping function called from invalid context - [amd64] boot/compressed: Fix boot on machines with broken E820 table - [x86] Input: hyperv-keyboard: Use in-place iterator API in the channel callback - [x86] Tools: hv: kvp: eliminate 'may be used uninitialized' warning - nvme-multipath: fix possible I/O hang when paths are updated - IB/mlx4: Fix memory leaks - infiniband: hfi1: fix a memory leak bug - infiniband: hfi1: fix memory leaks - ceph: fix buffer free while holding i_ceph_lock in __ceph_setxattr() - ceph: fix buffer free while holding i_ceph_lock in __ceph_build_xattrs_blob() - ceph: fix buffer free while holding i_ceph_lock in fill_inode() - [armhf,arm64] KVM: Only skip MMIO insn once - afs: Fix leak in afs_lookup_cell_rcu() - [armhf,arm64] KVM: VGIC: Properly initialise private IRQ affinity - [amd64] boot/compressed: Fix missing initialization in find_trampoline_placement() - libceph: allow ceph_buffer_put() to receive a NULL ceph_buffer https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.73 - ALSA: hda - Fix potential endless loop at applying quirks - ALSA: hda/realtek - Fix overridden device-specific initialization - [x86] ALSA: hda/realtek - Add quirk for HP Pavilion 15 - [x86] ALSA: hda/realtek - Enable internal speaker & headset mic of ASUS UX431FL - [x86] ALSA: hda/realtek - Fix the problem of two front mics on a ThinkCentre - sched/fair: Don't assign runtime for throttled cfs_rq - [x86] drm/vmwgfx: Fix double free in vmw_recv_msg() - [ppc64el] tm: Fix FP/VMX unavailable exceptions inside a transaction (CVE-2019-15030) - batman-adv: fix uninit-value in batadv_netlink_get_ifindex() - batman-adv: Only read OGM tvlv_len after buffer len check - [x86] hv_sock: Fix hang when a connection is closed - Blk-iolatency: warn on negative inflight IO counter - blk-iolatency: fix STS_AGAIN handling - {nl,mac}80211: fix interface combinations on crypto controlled devices - timekeeping: Use proper ktime_add when adding nsecs in coarse offset - selftests: fib_rule_tests: use pre-defined DEV_ADDR - [x86] ftrace: Fix warning and considate ftrace_jmp_replace() and ftrace_call_replace() - [ppc64el] mark start_here_multiplatform as __ref - [arm64] dts: rockchip: enable usb-host regulators at boot on rk3328-rock64 - nvme-fc: use separate work queue to avoid warning - [armhf] clk: s2mps11: Add used attribute to s2mps11_dt_match - [arm64] remoteproc: qcom: q6v5: shore up resource probe handling - modules: always page-align module section allocations - kernel/module: Fix mem leak in module_add_modinfo_attrs - [x86] drm/i915: Re-apply "Perform link quality check, unconditionally during long pulse" - scsi: qla2xxx: Move log messages before issuing command to firmware - keys: Fix the use of the C++ keyword "private" in uapi/linux/keyctl.h - [x86] Drivers: hv: kvp: Fix two "this statement may fall through" warnings - [x86] hibernate: Fix nosave_regions setup for hibernation - [arm64] remoteproc: qcom: q6v5-mss: add SCM probe dependency - drm/amdgpu/gfx9: Update gfx9 golden settings. - drm/amdgpu: Update gc_9_0 golden settings. - [x86] KVM: hyperv: enforce vp_index < KVM_MAX_VCPUS - [x86] KVM: hyperv: consistently use 'hv_vcpu' for 'struct kvm_vcpu_hv' variables - [x86] KVM: hyperv: keep track of mismatched VP indexes - [x86] KVM: hyperv: define VP assist page helpers - [x86] kvm/lapic: preserve gfn_to_hva_cache len on cache reinit - [x86] drm/i915: Fix intel_dp_mst_best_encoder() - [x86] drm/i915: Rename PLANE_CTL_DECOMPRESSION_ENABLE - [x86] drm/i915/gen9+: Fix initial readout for Y tiled framebuffers - drm/atomic_helper: Disallow new modesets on unregistered connectors - [x86] Drivers: hv: kvp: Fix the recent regression caused by incorrect clean-up - powerplay: Respect units on max dcfclk watermark - drm/amd/pp: Fix truncated clock value when set watermark - drm/amd/dm: Understand why attaching path/tile properties are needed - [s390x] zcrypt: reinit ap queue state machine during device probe - [x86] drm/i915: Restore sane defaults for KMS on GEM error load - [x86] drm/i915: Cleanup gt powerstate from gem - [ppc64el] KVM: Book3S HV: Fix race between kvm_unmap_hva_range and MMU mode switch - Btrfs: clean up scrub is_dev_replace parameter - Btrfs: fix deadlock with memory reclaim during scrub - btrfs: Remove extent_io_ops::fill_delalloc - btrfs: Fix error handling in btrfs_cleanup_ordered_extents - scsi: megaraid_sas: Fix combined reply queue mode detection - scsi: megaraid_sas: Add check for reset adapter bit - scsi: megaraid_sas: Use 63-bit DMA addressing - [ppc64el] pkeys: Fix handling of pkey state across fork() - btrfs: volumes: Make sure no dev extent is beyond device boundary - btrfs: Use real device structure to verify dev extent - IB/uverbs: Fix OOPs upon device disassociation - drm/vblank: Allow dynamic per-crtc max_vblank_count - [x86] drm/i915/ilk: Fix warning when reading emon_status with no output - tpm: Fix some name collisions with drivers/char/tpm.h - bcache: replace hard coded number with BUCKET_GC_GEN_MAX - bcache: treat stale && dirty keys as bad keys - [x86] KVM: VMX: Compare only a single byte for VMCS' "launched" in vCPU-run - [armhf] iio: adc: exynos-adc: Add S5PV210 variant - [armhf] iio: adc: exynos-adc: Use proper number of channels for Exynos4x12 - mt76: fix corrupted software generated tx CCMP PN - drm/nouveau: Don't WARN_ON VCPI allocation failures - iwlwifi: fix devices with PCI Device ID 0x34F0 and 11ac RF modules - iwlwifi: add new card for 9260 series - spi: spi-gpio: fix SPI_CS_HIGH capability - [ppc64el] kvm: Save and restore host AMR/IAMR/UAMOR - btrfs: scrub: pass fs_info to scrub_setup_ctx - btrfs: scrub: move scrub_setup_ctx allocation out of device_list_mutex - btrfs: scrub: fix circular locking dependency warning - btrfs: init csum_list before possible free - [arm64] PCI: qcom: Fix error handling in runtime PM support - [arm64] PCI: qcom: Don't deassert reset GPIO during probe - CIFS: Fix error paths in writeback code - CIFS: Fix leaking locked VFS cache pages in writeback retry - [x86] drm/i915: Handle vm_mmap error during I915_GEM_MMAP ioctl with WC set - [x86] drm/i915: Sanity check mmap length against object size - [x86] usb: typec: tcpm: Try PD-2.0 if sink does not respond to 3.0 source-caps - IB/mlx5: Reset access mask when looping inside page fault handler - kvm: mmu: Fix overflow on kvm mmu page limit calculation - [x86] kvm: move kvm_load/put_guest_xcr0 into atomic context - [x86] KVM: Always use 32-bit SMRAM save state for 32-bit kernels - cifs: Fix lease buffer length error (CVE-2019-15918) - ext4: protect journal inode's blocks using block_validity - [x86] PCI: Reset Lenovo ThinkPad P50 nvgpu at boot if necessary - dm mpath: fix missing call of path selector type->end_io - blk-mq: free hw queue's resource in hctx's release handler - mmc: sdhci-pci: Add support for Intel CML - PCI: dwc: Use devm_pci_alloc_host_bridge() to simplify code - cifs: smbd: take an array of reqeusts when sending upper layer data - dm crypt: move detailed message into debug level - [x86] drm/amdkfd: Add missing Polaris10 ID - kvm: Check irqchip mode before assign irqfd - drm/amdgpu: fix ring test failure issue during s3 in vce 3.0 (V2) - drm/amdgpu/{uvd,vcn}: fetch ring's read_ptr after alloc - Btrfs: fix race between block group removal and block group allocation - cifs: add spinlock for the openFileList to cifsInodeInfo - [arm64] clk: tegra: Fix maximum audio sync clock for Tegra124/210 - [arm64] clk: tegra210: Fix default rates for HDA clocks - IB/hfi1: Avoid hardlockup with flushlist_lock - apparmor: reset pos on failure to unpack for various functions - scsi: target/core: Use the SECTOR_SHIFT constant - scsi: target/iblock: Fix overrun in WRITE SAME emulation - [s390x] scsi: zfcp: fix request object use-after-free in send path causing wrong traces - cifs: Properly handle auto disabling of serverino option - [x86] ALSA: hda - Don't resume forcibly i915 HDMI/DP codec - [x86] KVM: optimize check for valid PAT value - [x86] KVM: VMX: Always signal #GP on WRMSR to MSR_IA32_CR_PAT with bad value - [x86] KVM: VMX: Fix handling of #MC that occurs during VM-Entry - [x86] KVM: VMX: check CPUID before allowing read/write of IA32_XSS - [ppc64el] KVM: Use ccr field in pt_regs struct embedded in vcpu struct - [ppc64el] KVM: Book3S HV: Fix CR0 setting in TM emulation - RDMA/srp: Document srp_parse_in() arguments - RDMA/srp: Accept again source addresses that do not have a port number - btrfs: correctly validate compression type - resource: Include resource end in walk_*() interfaces - resource: Fix find_next_iomem_res() iteration issue - resource: fix locking in find_next_iomem_res() - pstore: Fix double-free in pstore_mkfile() failure path - dm thin metadata: check if in fail_io mode when setting needs_check - [armhf,arm64] drm/panel: Add support for Armadeus ST0700 Adapt - [x86] ALSA: hda - Fix intermittent CORB/RIRB stall on Intel chips - [ppc64el] mm: Limit rma_size to 1TB when running without HV mode - iommu/iova: Remove stale cached32_node - gpio: don't WARN() on NULL descs if gpiolib is disabled - mm/migrate.c: initialize pud_entry in migrate_vma() - NFSv4: Fix delegation state recovery - bcache: only clear BTREE_NODE_dirty bit when it is set - bcache: add comments for mutex_lock(&b->write_lock) - bcache: fix race in btree_flush_write() - [x86] drm/i915: Make sure cdclk is high enough for DP audio on VLV/CHV - [s390x] virtio: fix race on airq_areas[] - drm/atomic_helper: Allow DPMS On<->Off changes for unregistered connectors - ext4: don't perform block validity checks on the journal inode - ext4: fix block validity checks for journal inodes using indirect blocks - ext4: unsigned int compared against zero - [x86] PCI: Reset both NVIDIA GPU and HDA in ThinkPad P50 workaround - [ppc64el] tm: Remove msr_tm_active() - [ppc64el] tm: Fix restoring FP/VMX facility incorrectly on interrupts (CVE-2019-15031) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.74 - bridge/mdb: remove wrong use of NLM_F_MULTI - cdc_ether: fix rndis support for Mediatek based smartphones - ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()' - isdn/capi: check message length in capi_write() - net: Fix null de-reference of device refcount - net: gso: Fix skb_segment splat when splitting gso_size mangled skb having linear-headed frag_list - net: phylink: Fix flow control resolution - net: sched: fix reordering issues - sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero - sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()' - sctp: use transport pf_retrans in sctp_do_8_2_transport_strike - tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR - tipc: add NULL pointer check before calling kfree_rcu - tun: fix use-after-free when register netdev failed - gpiolib: acpi: Add gpiolib_acpi_run_edge_events_on_boot option and blacklist - gpio: fix line flag validation in linehandle_create - Btrfs: fix assertion failure during fsync and use of stale transaction - ixgbe: Prevent u8 wrapping of ITR value to something less than 10us - genirq: Prevent NULL pointer dereference in resend_irqs() - [s390x] KVM: kvm_s390_vm_start_migration: check dirty_bitmap before using it as target for memset() - [s390x] KVM: Do not leak kernel stack data in the KVM_S390_INTERRUPT ioctl - [x86] KVM: work around leak of uninitialized stack contents - [x86] KVM: nVMX: handle page fault in vmread - [x86] purgatory: Change compiler flags from -mcmodel=kernel to -mcmodel=large to fix kexec relocation errors - [ppc64el] Add barrier_nospec to raw_copy_in_user() - [arm64] drm/meson: Add support for XBGR8888 & ABGR8888 formats - [armhf,arm64] clk: rockchip: Don't yell about bad mmc phases when getting - PCI: Always allow probing with driver_override - gpio: fix line flag validation in lineevent_create - ubifs: Correctly use tnc_next() in search_dh_cookie() - driver core: Fix use-after-free and double free on glue directory - firmware: ti_sci: Always request response from firmware - [x86] drm: panel-orientation-quirks: Add extra quirk table entry for GPD MicroPC - Revert "Bluetooth: btusb: driver to enable the usb-wakeup feature" - modules: fix BUG when load module with rodata=n - rsi: fix a double free bug in rsi_91x_deinit() (CVE-2019-15504) - nvmem: Use the same permissions for eeprom as for nvmem https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.75 - netfilter: nf_flow_table: set default timeout after successful insertion - HID: wacom: generic: read HID_DG_CONTACTMAX from any feature report - RDMA/restrack: Release task struct which was hold by CM_ID object - [x86] Input: elan_i2c - remove Lenovo Legion Y7000 PnpID - [ppc64el] mm/radix: Use the right page size for vmemmap mapping - USB: usbcore: Fix slab-out-of-bounds bug during device reset - media: tm6000: double free if usb disconnect while streaming - ip6_gre: fix a dst leak in ip6erspan_tunnel_xmit - udp: correct reuseport selection with connected sockets - xen-netfront: do not assume sk_buff_head list is empty in error handling - net_sched: let qdisc_put() accept NULL pointer - mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings (CVE-2019-14814, CVE-2019-14815, CVE-2019-14816) - nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds - ieee802154: hwsim: Fix error handle path in hwsim_init_module - ieee802154: hwsim: unregister hw while hwsim_subscribe_all_others fails - [armhf] dts: am57xx: Disable voltage switching for SD card - [armhf] OMAP2+: Fix missing SYSC_HAS_RESET_STATUS for dra7 epwmss - [armhf] bus: ti-sysc: Fix using configured sysc mask value - [s390x] bpf: fix lcgr instruction encoding - [armhf] OMAP2+: Fix omap4 errata warning on other SoCs - [armhf] dts: dra74x: Fix iodelay configuration for mmc3 - [armhf] bus: ti-sysc: Simplify cleanup upon failures in sysc_probe() - [s390x] bpf: use 32-bit index for tail calls - netfilter: ebtables: Fix argument order to ADD_COUNTER - netfilter: nft_flow_offload: missing netlink attribute policy - netfilter: xt_nfacct: Fix alignment mismatch in xt_nfacct_match_info - NFSv4: Fix return values for nfs4_file_open() - NFSv4: Fix return value in nfs_finish_open() - NFS: Fix initialisation of I/O result struct in nfs_pgio_rpcsetup - xdp: unpin xdp umem pages in error path - qed: Add cleanup in qed_slowpath_start() - [armel,armhf] 8874/1: mm: only adjust sections of valid mm structures - batman-adv: Only read OGM2 tvlv_len after buffer len check - bpf: allow narrow loads of some sk_reuseport_md fields with offset > 0 - r8152: Set memory to all 0xFFs on failed reg reads - [x86] apic: Fix arch_dynirq_lower_bound() bug for DT enabled machines - netfilter: xt_physdev: Fix spurious error message in physdev_mt_check - netfilter: nf_conntrack_ftp: Fix debug output - NFSv2: Fix eof handling - NFSv2: Fix write regression - kallsyms: Don't let kallsyms_lookup_size_offset() fail on retrieving the first symbol - cifs: set domainName when a domain-key is used in multiuser - cifs: Use kzfree() to zero out the password - [armhf,arm64] usb: host: xhci-tegra: Set DMA mask correctly - [armel,armhf] 8901/1: add a criteria for pfn_valid of arm - sky2: Disable MSI on yet another ASUS boards (P6Xxxx) - i2c: designware: Synchronize IRQs when unregistering slave client - [x86] perf/intel: Restrict period on Nehalem - [x86] perf/amd/ibs: Fix sample bias for dispatched micro-ops - amd-xgbe: Fix error path in xgbe_mod_init() - [x86] tools/power x86_energy_perf_policy: Fix argument parsing - [x86] tools/power turbostat: fix buffer overrun - net: aquantia: fix out of memory condition on rx side - [armhf] dmaengine: ti: omap-dma: Add cleanup in omap_dma_probe() - [x86] uaccess: Don't leak the AC flags into __get_user() argument evaluation - [x86] hyper-v: Fix overflow bug in fill_gva_list() - keys: Fix missing null pointer check in request_key_auth_describe() - [x86] iommu/amd: Flush old domains in kdump kernel - [x86] iommu/amd: Fix race in increase_address_space() - [arm64] PCI: kirin: Fix section mismatch warning - ovl: fix regression caused by overlapping layers detection - floppy: fix usercopy direction - binfmt_elf: move brk out of mmap when doing direct loader exec - [arm64] kpti: Whitelist Cortex-A CPUs that don't implement the CSV3 field - media: technisat-usb2: break out of loop at end of buffer (CVE-2019-15505) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.76 - Revert "Bluetooth: validate BLE connection interval updates" - RDMA/restrack: Protect from reentry to resource return path - [ppc64el] xive: Fix bogus error code returned by OPAL - IB/core: Add an unbound WQ type to the new CQ API - HID: prodikeys: Fix general protection fault during probe - HID: sony: Fix memory corruption issue on cleanup. - HID: logitech: Fix general protection fault caused by Logitech driver - HID: hidraw: Fix invalid read in hidraw_ioctl - HID: Add quirk for HP X500 PIXART OEM mouse - mtd: cfi_cmdset_0002: Use chip_good() to retry in do_write_oneword() - CIFS: fix deadlock in cached root handling - net/mlx5e: Set ECN for received packets using CQE indication - net/mlx5e: don't set CHECKSUM_COMPLETE on SCTP packets - mlx5: fix get_ip_proto() - net/mlx5e: Allow reporting of checksum unnecessary - net/mlx5e: XDP, Avoid checksum complete when XDP prog is loaded - net/mlx5e: Rx, Fixup skb checksum for packets with tail padding - net/mlx5e: Rx, Check ip headers sanity - iwlwifi: mvm: send BCAST management frames to the right station - iwlwifi: mvm: always init rs_fw with 20MHz bandwidth rates - media: tvp5150: fix switch exit in set control handler - [x86] ASoC: Intel: cht_bsw_max98090_ti: Enable codec clock once and keep it enabled - ALSA: usb-audio: Add Hiby device family to quirks for native DSD support - ALSA: usb-audio: Add DSD support for EVGA NU Audio - ALSA: dice: fix wrong packet parameter for Alesis iO26 - [x86] ALSA: hda - Add laptop imic fixup for ASUS M9V laptop - [x86] ALSA: hda - Apply AMD controller workaround for Raven platform - objtool: Clobber user CFLAGS variable - power: supply: sysfs: ratelimit property read error message - scsi: qla2xxx: Turn off IOCB timeout timer on IOCB completion - scsi: qla2xxx: Remove all rports if fabric scan retry fails - scsi: qla2xxx: Return switch command on a timeout - Revert "drm/amd/powerplay: Enable/Disable NBPSTATE on On/OFF of UVD" - bpf: libbpf: retry loading program on EAGAIN - [armhf,arm64] irqchip/gic-v3-its: Fix LPI release for Multi-MSI devices - f2fs: check all the data segments against all node ones - [x86] PCI: hv: Avoid use of hv_pci_dev->pci_slot after freeing it - bcache: remove redundant LIST_HEAD(journal) from run_cache_set() - initramfs: don't free a non-existent initrd - blk-mq: change gfp flags to GFP_NOIO in blk_mq_realloc_hw_ctxs - blk-mq: move cancel of requeue_work to the front of blk_exit_queue - Revert "f2fs: avoid out-of-range memory access" - dm zoned: fix invalid memory access - f2fs: fix to do sanity check on segment bitmap of LFS curseg - drm: Flush output polling on shutdown - net: don't warn in inet diag when IPV6 is disabled - Bluetooth: btrtl: HCI reset on close for Realtek BT chip - [x86] ACPI: video: Add new hw_changes_brightness quirk, set it on PB Easynote MZ35 - drm/nouveau/disp/nv50-: fix center/aspect-corrected scaling - xfs: don't crash on null attr fork xfs_bmapi_read - netfilter: nft_socket: fix erroneous socket assignment - Bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices - net_sched: check cops->tcf_block in tc_bind_tclass() - net/rds: An rds_sock is added too early to the hash table - net/rds: Check laddr_check before calling it - f2fs: use generic EFSBADCRC/EFSCORRUPTED https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.77 - arcnet: provide a buffer big enough to actually receive packets - cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize - macsec: drop skb sk before calling gro_cells_receive - net/phy: fix DP83865 10 Mbps HDX loopback disable function - net/sched: act_sample: don't push mac header on ip6gre ingress - net_sched: add max len check for TCA_KIND - nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs (CVE-2019-19081) - openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC - ppp: Fix memory leak in ppp_write - sch_netem: fix a divide by zero in tabledist() - skge: fix checksum byte order - usbnet: ignore endpoints with invalid wMaxPacketSize - usbnet: sanity checking of packet sizes and device mtu - net: sched: fix possible crash in tcf_action_destroy() - tcp: better handle TCP_USER_TIMEOUT in SYN_SENT state - net/mlx5: Add device ID of upcoming BlueField-2 - mISDN: enforce CAP_NET_RAW for raw sockets (CVE-2019-17055) - appletalk: enforce CAP_NET_RAW for raw sockets (CVE-2019-17054) - ax25: enforce CAP_NET_RAW for raw sockets (CVE-2019-17052) - ieee802154: enforce CAP_NET_RAW for raw sockets (CVE-2019-17053) - nfc: enforce CAP_NET_RAW for raw sockets (CVE-2019-17056) - nfp: flower: prevent memory leak in nfp_flower_spawn_phy_reprs (CVE-2019-19080) - ALSA: hda: Flush interrupts on disabling - [armhf] ASoC: sgtl5000: Fix of unmute outputs on probe - [armhf] ASoC: sgtl5000: Fix charge pump source assignment - [arm*] dmaengine: bcm2835: Print error in case setting DMA mask fails - media: dib0700: fix link error for dibx000_i2c_set_speed - media: hdpvr: Add device num check and handling - time/tick-broadcast: Fix tick_broadcast_offline() lockdep complaint - sched/fair: Fix imbalance due to CPU affinity - sched/core: Fix CPU controller for !RT_GROUP_SCHED - [x86] apic: Make apic_pending_intr_clear() more robust - sched/deadline: Fix bandwidth accounting at all levels after offline migration - [x86] reboot: Always use NMI fallback when shutdown via reboot vector IPI fails - [x86] apic: Soft disable APIC before initializing it - ALSA: hda - Show the fatal CORB/RIRB error more clearly - ALSA: i2c: ak4xxx-adda: Fix a possible null pointer dereference in build_adc_controls() - EDAC/mc: Fix grain_bits calculation - media: iguanair: add sanity checks - base: soc: Export soc_device_register/unregister APIs - ALSA: usb-audio: Skip bSynchAddress endpoint check if it is invalid - [arm64] prefetch: fix a -Wtype-limits warning - md/raid1: end bio when the device faulty - md: don't call spare_active in md_reap_sync_thread if all member devices can't work - md: don't set In_sync if array is frozen - ACPI / processor: don't print errors for processorIDs == 0xff - loop: Add LOOP_SET_DIRECT_IO to compat ioctl - [x86] EDAC, pnd2: Fix ioremap() size in dnv_rd_reg() - efi: cper: print AER info of PCIe fatal error - sched/fair: Use rq_lock/unlock in online_fair_sched_group - idle: Prevent late-arriving interrupts from disrupting offline - media: gspca: zero usb_buf on error - perf config: Honour $PERF_CONFIG env var to specify alternate .perfconfig - perf test vfs_getname: Disable ~/.perfconfig to get default output - media: em28xx: modules workqueue not inited for 2nd device - media: rc: imon: Allow iMON RC protocol for ffdc 7e device - [arm64] perf record: Support aarch64 random socket_id assignment - [armhf] media: omap3isp: Don't set streaming state on random subdevs - media: radio/si470x: kill urb on error - media: hdpvr: add terminating 0 at end of string - led: triggers: Fix a memory leak bug - nbd: add missing config put - media: mceusb: fix (eliminate) TX IR signal length limit - media: dvb-frontends: use ida for pll number - posix-cpu-timers: Sanitize bogus WARNONS - media: dvb-core: fix a memory leak bug - libperf: Fix alignment trap with xyarray contents in 'perf stat' - [amd64] EDAC/amd64: Recognize DRAM device type ECC capability - [amd64] EDAC/amd64: Decode syndrome before translating address - PM / devfreq: passive: Use non-devm notifiers - PM / devfreq: exynos-bus: Correct clock enable sequence - media: cec-notifier: clear cec_adap in cec_notifier_unregister - media: saa7146: add cleanup in hexium_attach() - media: cpia2_usb: fix memory leaks - media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate() - perf trace beauty ioctl: Fix off-by-one error in cmd->string table - [x86] ASoC: es8316: fix headphone mixer volume table - ACPI / CPPC: do not require the _PSD method - sched/cpufreq: Align trace event behavior of fast switching - [x86] apic/vector: Warn when vector space exhaustion breaks affinity - [arm64] kpti: ensure patched kernel text is fetched from PoU - [x86] mm/pti: Do not invoke PTI functions when PTI is disabled - [x86] mm/pti: Handle unaligned address gracefully in pti_clone_pagetable() - nvmet: fix data units read and written counters in SMART log - nvme-multipath: fix ana log nsid lookup when nsid is not found - ALSA: firewire-motu: add support for MOTU 4pre - iommu/amd: Silence warnings under memory pressure - libata/ahci: Drop PCS quirk for Denverton and beyond - iommu/iova: Avoid false sharing on fq_timer_on - libtraceevent: Change users plugin directory - [armhf] dts: exynos: Mark LDO10 as always-on on Peach Pit/Pi Chromebooks - ACPI: custom_method: fix memory leaks - ACPI / PCI: fix acpi_pci_irq_enable() memory leak - closures: fix a race on wakeup from closure_sync - hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap' - md/raid1: fail run raid1 array when active disk less than one - dmaengine: ti: edma: Do not reset reserved paRAM slots - kprobes: Prohibit probing on BUG() and WARN() address - [s390x] crypto: xts-aes-s390 fix extra run-time crypto self tests finding - [x86] cpu: Add Tiger Lake to Intel family - [x86] platform: intel_pmc_core: Do not ioremap RAM - ASoC: dmaengine: Make the pcm->name equal to pcm->id if the name is not set - raid5: don't set STRIPE_HANDLE to stripe which is in batch list - mmc: core: Clarify sdio_irq_pending flag for MMC_CAP2_SDIO_IRQ_NOTHREAD - mmc: sdhci: Fix incorrect switch to HS mode - mmc: core: Add helper function to indicate if SDIO IRQs is enabled - [armhf,arm64] mmc: dw_mmc: Re-store SDIO IRQs mask at system resume - raid5: don't increment read_errors on EILSEQ return - libertas: Add missing sentinel at end of if_usb.c fw_table - e1000e: add workaround for possible stalled packet - ALSA: hda - Drop unsol event handler for Intel HDMI codecs - drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2) - media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() - [x86] ALSA: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93 - [x86] iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems - btrfs: extent-tree: Make sure we only allocate extents from block groups with the same type - [armhf] media: omap3isp: Set device on omap3isp subdevs - PM / devfreq: passive: fix compiler warning - iwlwifi: fw: don't send GEO_TX_POWER_LIMIT command to FW version 36 - ALSA: firewire-tascam: handle error code when getting current source of clock - ALSA: firewire-tascam: check intermediate state of clock status and retry - scsi: scsi_dh_rdac: zero cdb in send_mode_select() - scsi: qla2xxx: Fix Relogin to prevent modifying scan_state flag - printk: Do not lose last line in kmsg buffer dump - IB/mlx5: Free mpi in mp_slave mode - IB/hfi1: Define variables as unsigned long to fix KASAN warning - randstruct: Check member structs in is_pure_ops_struct() - ceph: use ceph_evict_inode to cleanup inode's resource - [x86] ALSA: hda/realtek - PCI quirk for Medion E4254 - blk-mq: add callback of .cleanup_rq - scsi: implement .cleanup_rq callback - [ppc64el] imc: Dont create debugfs files for cpu-less nodes - fuse: fix missing unlock_page in fuse_writepage() - [x86] KVM: always stop emulation on page fault - [x86] KVM: set ctxt->have_exception in x86_decode_insn() - [x86] KVM: Manually calculate reserved bits when loading PDPTRS - [x86] media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table - media: don't drop front-end reference count for ->detach - binfmt_elf: Do not move brk for INTERP-less ET_EXEC - [x86] ASoC: Intel: NHLT: Fix debug print format - [x86] ASoC: Intel: Skylake: Use correct function to access iomem space - [x86] ASoC: Intel: Fix use of potentially uninitialized variable - [arm64] Revert "arm64: Remove unnecessary ISBs from set_{pte,pmd,pud}" - [arm64] tlb: Ensure we execute an ISB following walk cache invalidation - [arm64] dts: rockchip: limit clock rate of MMC controllers for RK3328 - alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP - regulator: Defer init completion for a while after late_initcall - efifb: BGRT: Improve efifb_bgrt_sanity_check - gfs2: clear buf_in_tr when ending a transaction in sweep_bh_for_rgrps - memcg, oom: don't require __GFP_FS when invoking memcg OOM killer - memcg, kmem: do not fail __GFP_NOFAIL charges - i40e: check __I40E_VF_DISABLE bit in i40e_sync_filters_subtask - block: fix null pointer dereference in blk_mq_rq_timed_out() - smb3: allow disabling requesting leases - ovl: Fix dereferencing possible ERR_PTR() - ovl: filter of trusted xattr results in audit - btrfs: fix allocation of free space cache v1 bitmap pages - Btrfs: fix use-after-free when using the tree modification log - btrfs: Relinquish CPUs in btrfs_compare_trees - btrfs: qgroup: Fix the wrong target io_tree when freeing reserved data space - btrfs: qgroup: Fix reserved data space leak if we have multiple reserve calls - Btrfs: fix race setting up and completing qgroup rescan workers - md/raid6: Set R5_ReadError when there is read failure on parity disk - md: don't report active array_state until after revalidate_disk() completes. - md: only call set_in_sync() when it is expected to succeed. - cfg80211: Purge frame registrations on iftype change - /dev/mem: Bail out upon SIGKILL. - ext4: fix warning inside ext4_convert_unwritten_extents_endio - ext4: fix punch hole for inline_data file systems - quota: fix wrong condition in is_quota_modification() - hwrng: core - don't wait on add_early_randomness() - CIFS: fix max ea value size - CIFS: Fix oplock handling for SMB 2.1+ protocols - md/raid0: avoid RAID0 data corruption due to layout confusion. - fuse: fix deadlock with aio poll and fuse_iqueue::waitq.lock - mm/compaction.c: clear total_{migrate,free}_scanned before scanning a new zone - drm/amd/display: Restore backlight brightness after system resume https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.78 - tpm: use tpm_try_get_ops() in tpm-sysfs.c. - tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations - [armhf,arm64] drm/panel: simple: fix AUO g185han01 horizontal blanking - [armhf,arm64] drm/panel: check failure cases in the probe func - [armhf,arm64] drm/rockchip: Check for fast link training before enabling psr - gpu: drm: radeon: Fix a possible null-pointer dereference in radeon_connector_set_property() - [ppc64el] PCI: rpaphp: Avoid a sometimes-uninitialized warning - ipmi_si: Only schedule continuously in the thread in maintenance mode - [armhf,arm64] clk: sunxi-ng: v3s: add missing clock slices for MMC2 module clocks - drm/amd/display: fix issue where 252-255 values are clipped - drm/amd/display: reprogram VM config when system resume - [ppc64el] powernv/ioda2: Allocate TCE table levels on demand for default DMA window - [ppc64el] xmon: Check for HV mode when dumping XIVE info from OPAL - [ppc64el] rtas: use device model APIs and serialization during LPM - [ppc64el] futex: Fix warning: 'oldval' may be used uninitialized in this function - [ppc64el] pseries/mobility: use cond_resched when updating device tree - [armhf,arm64] pinctrl: tegra: Fix write barrier placement in pmx_writel - [ppc64el] eeh: Clear stale EEH_DEV_NO_HANDLER flag - vfio_pci: Restore original state on release - drm/nouveau/volt: Fix for some cards having 0 maximum voltage - [x86] pinctrl: amd: disable spurious-firing GPIO IRQs - drm/amd/display: support spdif - drm/amdgpu/si: fix ASIC tests - [ppc64el] exception: machine check use correct cfar for late handler - pstore: fs superblock limits - [ppc64el] pseries: correctly track irq state in default idle - [arm64] pinctrl: meson-gxbb: Fix wrong pinning definition for uart_c - [ppc64el] dump kernel log before carrying out fadump or kdump - [arm64] mbox: qcom: add APCS child device for QCS404 - scsi: core: Reduce memory required for SCSI logging - dma-buf/sw_sync: Synchronize signal vs syncpt free - ext4: fix potential use after free after remounting with noblock_validity - [mips*] tlbex: Explicitly cast _PAGE_NO_EXEC to a boolean - [x86] i2c-cht-wc: Fix lockdep warning - [x86] mfd: intel-lpss: Remove D3cold delay - HID: wacom: Fix several minor compiler warnings - [armel,armhf] 8898/1: mm: Don't treat faults reported from cache maintenance as writes - [armhf] rtc: snvs: fix possible race condition - HID: apple: Fix stuck function keys when using FN - [arm64] PCI: rockchip: Propagate errors for optional regulators - [armhf] PCI: imx6: Propagate errors for optional regulators - [armel,armhf] 8903/1: ensure that usable memory in bank 0 starts from a PMD-aligned address - fat: work around race with userspace's read via blockdev while mounting - pktcdvd: remove warning on attempting to register non-passthrough dev - [s390x] hypfs: Fix error number left in struct pointer member - ocfs2: wait for recovering done after direct unlock request - [arm64] consider stack randomization for mmap base only when necessary - [mips*] properly account for stack randomization and stack guard gap - [armel,armhf] properly account for stack randomization and stack guard gap - [armel,armhf] use STACK_TOP when computing mmap base address - block: mq-deadline: Fix queue restart handling - bpf: fix use after free in prog symbol exposure - cxgb4:Fix out-of-bounds MSI-X info array access - erspan: remove the incorrect mtu limit for erspan - hso: fix NULL-deref on tty open - ipv6: drop incoming packets having a v4mapped source address - ipv6: Handle missing host route in __ipv6_ifa_notify - net: ipv4: avoid mixed n_redirects and rate_tokens usage - net: qlogic: Fix memory leak in ql_alloc_large_buffers - net: Unpublish sk from sk_reuseport_cb before call_rcu - nfc: fix memory leak in llcp_sock_bind() - qmi_wwan: add support for Cinterion CLS8 devices - rxrpc: Fix rxrpc_recvmsg tracepoint - sch_dsmark: fix potential NULL deref in dsmark_init() - udp: fix gso_segs calculations - vsock: Fix a lockdep warning in __vsock_release() - udp: only do GSO if # of segs > 1 - net/rds: Fix error handling in rds_ib_add_one() - xen-netfront: do not use ~0U as error return value for xennet_fill_frags() - tipc: fix unlimited bundling of small messages - sch_cbq: validate TCA_CBQ_WRROPT to avoid crash - NFC: fix attrs checks in netlink interface - kexec: bail out upon SIGKILL when allocating memory. - 9p/cache.c: Fix memory leak in v9fs_cache_session_get_cookie https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.79 - [s390x] process: avoid potential reading of freed stack - [s390x] KVM: Test for bad access register and size at the start of S390_MEM_OP - [s390x] topology: avoid firing events before kobjs are created - [s390x] cio: exclude subchannels with no parent from pseudo check - [ppc64el] KVM: Book3S HV: Fix race in re-enabling XIVE escalation interrupts - [ppc64el] KVM: Book3S HV: Check for MMU ready on piggybacked virtual cores - [ppc64el] KVM: Book3S HV: Don't lose pending doorbell request on migration on P9 - [x86] KVM: Fix userspace set invalid CR4 - [x86] KVM: nVMX: handle page fault in vmread fix - nbd: fix max number of supported devs - PM / devfreq: tegra: Fix kHz to Hz conversion - ASoC: Define a set of DAPM pre/post-up events - [armhf] ASoC: sgtl5000: Improve VAG power and mute control - [ppc64el] mce: Fix MCE handling for huge pages - [ppc64el] mce: Schedule work from irq_work - [ppc64el] powernv: Restrict OPAL symbol map to only be readable by root - [ppc64el] powernv/ioda: Fix race in TCE level allocation - [ppc64el] book3s64/mm: Don't do tlbie fixup for some hardware revisions - tools lib traceevent: Fix "robust" test of do_generate_dynamic_list_file - [x86] crypto: qat - Silence smp_processor_id() warning - crypto: skcipher - Unmap pages after an external error - [mips*el/loongson-3] Treat Loongson Extensions as ASEs - power: supply: sbs-battery: use correct flags field - power: supply: sbs-battery: only return health when battery present - tracing: Make sure variable reference alias has correct var_ref_idx - usercopy: Avoid HIGHMEM pfn warning - timer: Read jiffies once when forwarding base clk - [x86] PCI: vmd: Fix shadow offsets to reflect spec changes - PCI: Restore Resizable BAR size bits correctly for 1MB BARs - [armhf] watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout - perf stat: Fix a segmentation fault when using repeat forever - [armhf] drm/omap: fix max fclk divider for omap36xx - [arm64] drm/msm/dsi: Fix return value check for clk_get_parent - drm/nouveau/kms/nv50-: Don't create MSTMs for eDP connectors - [x86] drm/i915/gvt: update vgpu workload head pointer correctly - mmc: sdhci: improve ADMA error reporting - Revert "locking/pvqspinlock: Don't wait if vCPU is preempted" - xen/xenbus: fix self-deadlock after killing user process - ieee802154: atusb: fix use-after-free at disconnect - [s390x] cio: avoid calling strlen on null pointer - cfg80211: initialize on-stack chandefs - [arm64] cpufeature: Detect SSBS and advertise to userspace - ima: always return negative code for error - ima: fix freeing ongoing ahash_request - fs: nfs: Fix possible null-pointer dereferences in encode_attrs() - 9p: Transport error uninitialized - 9p: avoid attaching writeback_fid on mmap with type PRIVATE - xen/pci: reserve MCFG areas earlier - ceph: fix directories inode i_blkbits initialization - ceph: reconnect connection if session hang in opening state - watchdog: aspeed: Add support for AST2600 - netfilter: nf_tables: allow lookups in dynamic sets - drm/amdgpu: Fix KFD-related kernel oops on Hawaii - drm/amdgpu: Check for valid number of registers to read - pNFS: Ensure we do clear the return-on-close layout stateid on fatal errors - [x86] purgatory: Disable the stackleak GCC plugin for the purgatory - ntb: point to right memory window index - thermal: Fix use-after-free when unregistering thermal zone device - thermal_hwmon: Sanitize thermal_zone type - libnvdimm/region: Initialize bad block for volatile namespaces - fuse: fix memleak in cuse_channel_open - libnvdimm/nfit_test: Fix acpi_handle redefinition - sched/membarrier: Call sync_core only before usermode for same mm - sched/membarrier: Fix private expedited registration check - sched/core: Fix migration to invalid CPU in __set_cpus_allowed_ptr() - kernel/elfcore.c: include proper prototypes - nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs - drm/radeon: Bail earlier when radeon.cik_/si_support=0 is passed - [ppc64el] KVM: HV: XIVE: Free escalation interrupts before disabling the VP - [x86] KVM: nVMX: Fix consistency check on injected exception error code - nbd: fix crash when the blksize is zero - [ppc64el] pseries: Fix cpu_hotplug_lock acquisition in resize_hpt() - [ppc64el] radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag - tools lib traceevent: Do not free tep->cmdlines in add_new_comm() on failure - tick: broadcast-hrtimer: Fix a race in bc_set_next - perf tools: Fix segfault in cpu_cache_level__read() - perf stat: Reset previous counts on repeat with interval - [arm64] ssbd: Add support for PSTATE.SSBS rather than trapping to EL3 - [arm64] KVM: Set SCTLR_EL2.DSSBS if SSBD is forcefully disabled and !vhe - [arm64] docs: Document SSBS HWCAP - [arm64] fix SSBS sanitization - [arm64] Add sysfs vulnerability show for spectre-v1 - [arm64] add sysfs vulnerability show for meltdown - [arm64] enable generic CPU vulnerabilites support - [arm64] Always enable ssb vulnerability detection - [arm64] Provide a command line to disable spectre_v2 mitigation - [arm64] Advertise mitigation of Spectre-v2, or lack thereof - [arm64] Always enable spectre-v2 vulnerability detection - [arm64] add sysfs vulnerability show for spectre-v2 - [arm64] add sysfs vulnerability show for speculative store bypass - [arm64] ssbs: Don't treat CPUs with SSBS as unaffected by SSB - [arm64] Force SSBS on context switch - [arm64] Use firmware to detect CPUs that are not affected by Spectre-v2 - [arm64] speculation: Support 'mitigations=' cmdline option - vfs: Fix EOVERFLOW testing in put_compat_statfs64 - cfg80211: add and use strongly typed element iteration macros - cfg80211: Use const more consistently in for_each_element macros - nl80211: validate beacon head (CVE-2019-16746) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.80 - panic: ensure preemption is disabled during panic() - f2fs: use EINVAL for superblock with invalid magic - USB: rio500: Remove Rio 500 kernel driver - USB: yurex: Don't retry on unexpected errors - USB: yurex: fix NULL-derefs on disconnect - USB: usb-skeleton: fix runtime PM after driver unbind - USB: usb-skeleton: fix NULL-deref on disconnect - xhci: Fix false warning message about wrong bounce buffer write length - xhci: Prevent device initiated U1/U2 link pm if exit latency is too long - xhci: Check all endpoints for LPM timeout - xhci: Fix USB 3.1 capability detection on early xHCI 1.1 spec based hosts - usb: xhci: wait for CNR controller not ready bit in xhci resume - xhci: Prevent deadlock when xhci adapter breaks during init - xhci: Increase STS_SAVE timeout in xhci_suspend() - USB: adutux: fix use-after-free on disconnect - USB: adutux: fix NULL-derefs on disconnect - USB: adutux: fix use-after-free on release - USB: iowarrior: fix use-after-free on disconnect - USB: iowarrior: fix use-after-free on release - USB: iowarrior: fix use-after-free after driver unbind - USB: usblp: fix runtime PM after driver unbind - USB: chaoskey: fix use-after-free on release - USB: ldusb: fix NULL-derefs on driver unbind - serial: uartlite: fix exit path null pointer - USB: serial: keyspan: fix NULL-derefs on open() and write() - USB: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20 - USB: serial: option: add Telit FN980 compositions - USB: serial: option: add support for Cinterion CLS8 devices - USB: serial: fix runtime PM after driver unbind - USB: usblcd: fix I/O after disconnect - USB: microtek: fix info-leak at probe - USB: dummy-hcd: fix power budget for SuperSpeed mode - USB: legousbtower: fix slab info leak at probe - USB: legousbtower: fix deadlock on disconnect - USB: legousbtower: fix potential NULL-deref on disconnect - USB: legousbtower: fix open after failed reset request - USB: legousbtower: fix use-after-free on release - [x86] mei: me: add comet point (lake) LP device ids - [x86] mei: avoid FW version request on Ibex Peak and earlier - [armhf,arm64] iio: adc: axp288: Override TS pin bias current for some models - efivar/ssdt: Don't iterate over EFI vars if no SSDT override was specified - perf llvm: Don't access out-of-scope array - perf inject jit: Fix JIT_CODE_MOVE filename - blk-wbt: fix performance regression in wbt scale_up/scale_down - CIFS: Gracefully handle QueryInfo errors during open - CIFS: Force revalidate inode when dentry is stale - CIFS: Force reval dentry if LOOKUP_REVAL flag is set - kernel/sysctl.c: do not override max_threads provided by userspace - mm/vmpressure.c: fix a signedness bug in vmpressure_register_event() - gpiolib: don't clear FLAG_IS_OUT when emulating open-drain/open-source - cifs: use cifsInodeInfo->open_file_lock while iterating to avoid a panic - btrfs: fix incorrect updating of log root tree - btrfs: fix uninitialized ret in ref-verify - NFS: Fix O_DIRECT accounting of number of bytes read/written - [mips*] elf_hwcap: Export userspace ASEs - ACPICA: ACPI 6.3: PPTT add additional fields in Processor Structure Flags - ACPI/PPTT: Add support for ACPI 6.3 thread flag - [arm64] topology: Use PPTT to determine if PE is a thread - vfs: Fix the locking in dcache_readdir() and friends - media: stkwebcam: fix runtime PM after driver unbind - [arm64] sve: Fix wrong free for task->thread.sve_state - [rt] tracing/hwlat: Report total time spent in all NMIs during the sample - [rt] tracing/hwlat: Don't ignore outer-loop duration when calculating max_latency - ftrace: Get a reference counter for the trace_array on filter files - tracing: Get trace_array reference for available_tracers files - hwmon: Fix HWMON_P_MIN_ALARM mask - [x86] asm: Fix MWAITX C-state hint value - [x86] PCI: vmd: Fix config addressing when using bus offsets - perf/hw_breakpoint: Fix arch_hw_breakpoint use-before-initialization https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.81 - nvme-pci: Fix a race in controller removal - scsi: ufs: skip shutdown if hba is not powered - scsi: megaraid: disable device when probe failed after enabled device - scsi: qla2xxx: Fix unbound sleep in fcport delete path. - [armhf] OMAP2+: Fix missing reset done flag for am3 and am43 - [armhf] OMAP2+: Fix warnings with broken omap2_set_init_voltage() - xen/efi: Set nonblocking callbacks - nl80211: fix null pointer dereference - mac80211: fix txq null pointer dereference - netfilter: nft_connlimit: disable bh on garbage collection - [mips*el/loongson-3] Fix the link time qualifier of 'serial_exit()' - [arm64] net: hisilicon: Fix usage of uninitialized variable in function mdio_sc_cfg_reg_write() - lib: textsearch: fix escapes in example code - r8152: Set macpassthru in reset_resume callback - libata/ahci: Fix PCS quirk application - md/raid0: fix warning message for parameter default_layout - ocfs2: fix panic due to ocfs2_wq is null - ipv4: fix race condition between route lookup and invalidation - net: avoid potential infinite loop in tc_ctl_action() - net: ipv6: fix listify ip6_rcv_finish in case of forwarding - [armhf,arm64] net: stmmac: disable/enable ptp_ref_clk in suspend/resume flow - sctp: change sctp_prot .no_autobind with true - memfd: Fix locking when tagging pins - USB: legousbtower: fix memleak on disconnect - ALSA: hda/realtek - Add support for ALC711 - [x86] ALSA: hda/realtek - Enable headset mic on Asus MJ401TA - ALSA: usb-audio: Disable quirks for BOSS Katana amplifiers - ALSA: hda - Force runtime PM on Nvidia HDMI codecs - USB: serial: ti_usb_3410_5052: fix port-close races - USB: ldusb: fix memleak on disconnect - USB: usblp: fix use-after-free on disconnect - USB: ldusb: fix read info leaks - [mips*] tlbex: Fix build_restore_pagemask KScratch restore - staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS - [s390x] scsi: zfcp: fix reaction on bit error threshold notification - scsi: sd: Ignore a failure to sync cache due to lack of authorization - scsi: core: save/restore command resid for error handling - scsi: core: try to get module before removing device - scsi: ch: Make it possible to open a ch device multiple times again - Input: synaptics-rmi4 - avoid processing unknown IRQs - ACPI: CPPC: Set pcc_data[pcc_ss_id] to NULL in acpi_cppc_processor_exit() - cfg80211: wext: avoid copying malformed SSIDs (CVE-2019-17133) - mac80211: Reject malformed SSID elements - [x86] drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50 - drm/ttm: Restore ttm prefaulting - drm/amdgpu: Bail earlier when amdgpu.cik_/si_support is not set to 1 - drivers/base/memory.c: don't access uninitialized memmaps in soft_offline_page_store() - fs/proc/page.c: don't access uninitialized memmaps in fs/proc/page.c - mm/memory-failure.c: don't access uninitialized memmaps in memory_failure() - mm/slub: fix a deadlock in show_slab_objects() - mm/page_owner: don't access uninitialized memmaps when reading /proc/pagetypeinfo - hugetlbfs: don't access uninitialized memmaps in pfn_range_valid_gigantic() - mm/memory-failure: poison read receives SIGKILL instead of SIGBUS if mmaped more than once - EDAC/ghes: Fix Use after free in ghes_edac remove path - [arm64] Enable workaround for Cavium TX2 erratum 219 when running SMT - CIFS: avoid using MID 0xFFFF - CIFS: Fix use after free of file info structures - perf/aux: Fix AUX output stopping - tracing: Fix race in perf_trace_buf initialization - dm cache: fix bugs when a GFP_NOWAIT allocation fails - [amd64] boot: Make level2_kernel_pgt pages invalid outside kernel area - [x86] apic/x2apic: Fix a NULL pointer deref when handling a dying cpu - [x86] pinctrl: cherryview: restore Strago DMI workaround for all versions - [arm64] pinctrl: armada-37xx: fix control of pins 32 and up - [arm64] pinctrl: armada-37xx: swap polarity on LED group - btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group() - Btrfs: add missing extents release on file extent cluster relocation error - Btrfs: check for the full sync flag while holding the inode lock during fsync - btrfs: tracepoints: Fix bad entry members of qgroup events - memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()' - cpufreq: Avoid cpufreq_suspend() deadlock on system shutdown - xen/netback: fix error path of xenvif_connect_data() - PCI: PM: Fix pci_power_up() - blk-rq-qos: fix first node deletion of rq_qos_del() - RDMA/cxgb4: Do not dma memory off of the stack (CVE-2019-17075) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.82 - zram: fix race between backing_dev_show and backing_dev_store - dm snapshot: introduce account_start_copy() and account_end_copy() - dm snapshot: rework COW throttling to fix deadlock - Btrfs: fix inode cache block reserve leak on failure to allocate data space - Btrfs: fix memory leak due to concurrent append writes with fiemap - btrfs: qgroup: Always free PREALLOC META reserve in btrfs_delalloc_release_extents() - btrfs: tracepoints: Fix wrong parameter order for qgroup events - wil6210: fix freeing of rx buffers in EDMA mode - f2fs: flush quota blocks after turnning it off - scsi: lpfc: Fix a duplicate 0711 log message number. - f2fs: fix to recover inode's i_gc_failures during POR - f2fs: fix to recover inode->i_flags of inode block during POR - [x86] HID: i2c-hid: add Direkt-Tek DTLAPY133-1 to descriptor override - [arm64,armel,armhf] usb: dwc2: fix unbalanced use of external vbus-supply - [x86] tools/power turbostat: fix goldmont C-state limit decoding - [x86] cpu: Add Atom Tremont (Jacobsville) - [arm64] drm/msm/dpu: handle failures while initializing displays - bcache: fix input overflow to writeback_rate_minimum - PCI: Fix Switchtec DMA aliasing quirk dmesg noise - Btrfs: fix deadlock on tree root leaf when finding free extent - netfilter: ipset: Make invalid MAC address checks consistent - HID: i2c-hid: Disable runtime PM for LG touchscreen - HID: i2c-hid: Ignore input report if there's no data present on Elan touchpanels - HID: i2c-hid: Add Odys Winbook 13 to descriptor override - [x86] platform/x86: Add the VLV ISP PCI ID to atomisp2_pm - [x86] platform/x86: Fix config space access for intel_atomisp2_pm - ath10k: assign 'n_cipher_suites = 11' for WCN3990 to enable WPA3 - HID: Add ASUS T100CHI keyboard dock battery quirks - NFSv4: Ensure that the state manager exits the loop on SIGKILL - HID: steam: fix boot loop with bluetooth firmware - HID: steam: fix deadlock with input devices. - [arm64,armhf] usb: dwc3: gadget: early giveback if End Transfer already completed - [arm64,armhf] usb: dwc3: gadget: clear DWC3_EP_TRANSFER_STARTED on cmd complete - ALSA: usb-audio: Cleanup DSD whitelist - usb: handle warm-reset port requests on hub resume - [armhf] rtc: pcf8523: set xtal load capacitance from DT - [arm64] Add MIDR encoding for HiSilicon Taishan CPUs - [arm64] kpti: Whitelist HiSilicon Taishan v110 CPUs - scsi: lpfc: Correct localport timeout duration error - CIFS: Respect SMB2 hdr preamble size in read responses - cifs: add credits from unmatched responses/messages - ALSA: hda/realtek - Apply ALC294 hp init also for S4 resume - ext4: disallow files with EXT4_JOURNAL_DATA_FL from EXT4_IOC_SWAP_BOOT - exec: load_script: Do not exec truncated interpreter path - [arm64,armhf] net: dsa: mv88e6xxx: Release lock while requesting IRQ - PCI/PME: Fix possible use-after-free on remove - [arm64,armhf] iio: adc: meson_saradc: Fix memory allocation order - [x86] iio: fix center temperature of bmc150-accel-core - perf map: Fix overlapped map handling - perf script brstackinsn: Fix recovery from LBR/binary mismatch - perf jevents: Fix period for Intel fixed counters - perf tools: Propagate get_cpuid() error - perf annotate: Propagate perf_env__arch() error - perf annotate: Fix the signedness of failure returns - perf annotate: Propagate the symbol__annotate() error return - perf annotate: Return appropriate error code for allocation failures - staging: rtl8188eu: fix null dereference when kzalloc fails - RDMA/hfi1: Prevent memory leak in sdma_init (CVE-2019-19065) - RDMA/iwcm: Fix a lock inversion issue - [x86] HID: hyperv: Use in-place iterator API in the channel callback - nfs: Fix nfsi->nrequests count error on nfs_inode_remove_request - [arm64] ftrace: Ensure synchronisation in PLT setup for Neoverse-N1 - [arm64] gpio: max77620: Use correct unit for debounce times - fs: cifs: mute -Wunused-const-variable message - [armhf] serial: mctrl_gpio: Check for NULL pointer - efi/cper: Fix endianness of PCIe class code - [x86] efi/x86: Do not clean dummy variable in kexec path - [x86] xen: Return from panic notifier - ocfs2: clear zero in unaligned direct IO - fs: ocfs2: fix possible null-pointer dereferences in ocfs2_xa_prepare_entry() - fs: ocfs2: fix a possible null-pointer dereference in ocfs2_write_end_nolock() - fs: ocfs2: fix a possible null-pointer dereference in ocfs2_info_scan_inode_alloc() - [arm64] armv8_deprecated: Checking return value for memory allocation - [x86] cpu: Add Comet Lake to the Intel CPU models header - sched/vtime: Fix guest/system mis-accounting on task switch - [x86] perf/x86/amd: Change/fix NMI latency mitigation to use a timestamp - drm/amdgpu: fix memory leak - iio: imu: adis16400: release allocated memory on failure (CVE-2019-19060) - [x86] virt: vbox: fix memory leak in hgcm_call_preprocess_linaddr (CVE-2019-19048) - NFSv4: Fix leak of clp->cl_acceptor string - tracing: Initialize iter->seq after zeroing in tracing_read_pipe() - ALSA: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360 - iwlwifi: exclude GEO SAR support for 3168 - nbd: verify socket is supported during setup - USB: legousbtower: fix a signedness bug in tower_probe() - [x86] thunderbolt: Use 32-bit writes when writing ring producer/consumer - ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe() (CVE-2019-15098) - fuse: flush dirty data/metadata before non-truncate setattr - fuse: truncate pending writes on O_TRUNC - ALSA: bebob: Fix prototype of helper function to return negative value - ALSA: hda/realtek - Fix 2 front mics of codec 0x623 - ALSA: hda/realtek - Add support for ALC623 - UAS: Revert commit 3ae62a42090f ("UAS: fix alignment of scatter/gather segments") - USB: gadget: Reject endpoints with 0 maxpacket value - usb-storage: Revert commit 747668dbc061 ("usb-storage: Set virt_boundary_mask to avoid SG overflows") - USB: ldusb: fix ring-buffer locking - USB: ldusb: fix control-message timeout - usb: xhci: fix __le32/__le64 accessors in debugfs code - USB: serial: whiteheat: fix potential slab corruption - USB: serial: whiteheat: fix line-speed endianness - scsi: target: cxgbit: Fix cxgbit_fw4_ack() - HID: i2c-hid: add Trekstor Primebook C11B to descriptor override - HID: Fix assumption that devices have inputs - HID: fix error message in hid_open_report() - nl80211: fix validation of mesh path nexthop - [s390x] cmm: fix information leak in cmm_timeout_handler() - [s390x] idle: fix cpu idle time calculation - [arm64] Ensure VM_WRITE|VM_SHARED ptes are clean by default - rtlwifi: Fix potential overflow on P2P code (CVE-2019-17666) - [arm64] dmaengine: qcom: bam_dma: Fix resource leak - [armhf] dmaengine: cppi41: Fix cppi41_dma_prep_slave_sg() when idle - NFS: Fix an RCU lock leak in nfs4_refresh_delegation_stateid() - batman-adv: Avoid free/alloc race when handling OGM buffer - llc: fix sk_buff leak in llc_sap_state_process() - llc: fix sk_buff leak in llc_conn_service() - rxrpc: Fix call ref leak - rxrpc: rxrpc_peer needs to hold a ref on the rxrpc_local record - rxrpc: Fix trace-after-put looking at the put peer record - NFC: pn533: fix use-after-free and memleaks - bonding: fix potential NULL deref in bond_update_slave_arr - net: usb: sr9800: fix uninitialized local variable - sch_netem: fix rcu splat in netem_enqueue() - ALSA: timer: Simplify error path in snd_timer_open() - ALSA: timer: Fix mutex deadlock at releasing card - ALSA: usb-audio: DSD auto-detection for Playback Designs - ALSA: usb-audio: Update DSD support quirks for Oppo and Rotel - ALSA: usb-audio: Add DSD support for Gustard U16/X26 USB Interface - [ppc64el] powerpc/powernv: Fix CPU idle to be called with IRQs disabled - Revert "ALSA: hda: Flush interrupts on disabling" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.83 - regulator: of: fix suspend-min/max-voltage parsing - [arm64] dts: allwinner: a64: pine64-plus: Add PHY regulator delay - [arm64] arm64: dts: allwinner: a64: sopine-baseboard: Add PHY regulator delay - [armhf] regulator: ti-abb: Fix timeout in ti_abb_wait_txdone/ti_abb_clear_all_txdone - [x86] ASoC: rt5682: add NULL handler to set_jack function - [armhf] regulator: pfuze100-regulator: Variable "val" in pfuze100_regulator_probe() could be uninitialized - [arm64,armhf] ASoc: rockchip: i2s: Fix RPM imbalance - [armel,armhf] mm: fix alignment handler faults under memory pressure - scsi: qla2xxx: fix a potential NULL pointer dereference - scsi: scsi_dh_alua: handle RTPG sense code correctly during state transitions - drm/amdgpu: fix potential VM faults - scsi: target: core: Do not overwrite CDB byte 1 - tracing: Fix "gfp_t" format for synthetic events - of: unittest: fix memory leak in unittest_data_add (CVE-2019-19049) - [arm64,armhf] irqchip/gic-v3-its: Use the exact ITSList for VMOVP - cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs - nbd: protect cmd->status with cmd->lock - nbd: handle racing with error'ed out commands - cxgb4: fix panic when attaching to ULD fail - dccp: do not leak jiffies on the wire - erspan: fix the tun_info options_len check for erspan - inet: stop leaking jiffies on the wire - net: annotate accesses to sk->sk_incoming_cpu - net: annotate lockless accesses to sk->sk_napi_id - [armhf] net: dsa: bcm_sf2: Fix IMP setup for port different than 8 - net: fix sk_page_frag() recursion from memory reclaim - [arm64] net: hisilicon: Fix ping latency when deal with high throughput - net/mlx4_core: Dynamically set guaranteed amount of counters per VF - netns: fix GFP flags in rtnl_net_notifyid() - net: usb: lan78xx: Disable interrupts before calling generic_handle_irq() - net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol() - udp: fix data-race in udp_set_dev_scratch() - vxlan: check tun_info options_len properly - net: add skb_queue_empty_lockless() - udp: use skb_queue_empty_lockless() - net: use skb_queue_empty_lockless() in poll() handlers - net: use skb_queue_empty_lockless() in busy poll contexts - net: add READ_ONCE() annotation in __skb_wait_for_more_packets() - ipv4: fix route update on metric change. - net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget - r8169: fix wrong PHY ID issue with RTL8168dp - net/mlx5e: Fix ethtool self test: link speed - [armhf] net: dsa: b53: Do not clear existing mirrored port mask - [armhf] net: phy: bcm7xxx: define soft_reset for 40nm EPHY - net: usb: lan78xx: Connect PHY before registering MAC - [arm64,armhf] net: dsa: fix switch tree list - r8152: add device id for Lenovo ThinkPad USB-C Dock Gen 2 - net/flow_dissector: switch to siphash - wireless: Skip directory when generating certificates - [x86] platform/x86: pmc_atom: Add Siemens SIMATIC IPC227E to critclk_systems DMI table - [ppc64el] powerpc/mm: Fixup tlbie vs mtpidr/mtlpidr ordering issue on POWER9 - usb: gadget: udc: core: Fix segfault if udc_bind_to_driver() for pending driver fails https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.84 - bonding: fix state transition issue in link monitoring - CDC-NCM: handle incomplete transfer of MTU - ipv4: Fix table id reference in fib_sync_down_addr - [mips*] net: ethernet: octeon_mgmt: Account for second possible VLAN header - net: fix data-race in neigh_event_send() - net: usb: qmi_wwan: add support for DW5821e with eSIM support - nfc: netlink: fix double device reference drop - qede: fix NULL pointer deref in __qede_remove() - ipv6: fixes rt6_probe() and fib6_nh->last_probe init - [arm64] net: hns: Fix the stray netpoll locks causing deadlock in NAPI path - ALSA: timer: Fix incorrectly assigned timer instance - ALSA: bebob: fix to detect configured source of sampling clock for Focusrite Saffire Pro i/o series - ALSA: hda/ca0132 - Fix possible workqueue stall - mm: memcontrol: fix network errors from failing __GFP_ATOMIC charges - mm, meminit: recalculate pcpu batch and high limits after init completes - mm: thp: handle page cache THP correctly in PageTransCompoundMap - mm, vmstat: hide /proc/pagetypeinfo from normal users - dump_stack: avoid the livelock of the dump_lock - perf tools: Fix time sorting - drm/radeon: fix si_enable_smc_cac() failed issue - HID: wacom: generic: Treat serial number and related fields as unsigned - [arm64] Do not mask out PTE_RDONLY in pte_same() - ceph: fix use-after-free in __ceph_remove_cap() - ceph: add missing check in d_revalidate snapdir handling - [armhf] sunxi: Fix CPU powerdown on A83T - netfilter: nf_tables: Align nft_expr private data to 64-bit - netfilter: ipset: Fix an error code in ip_set_sockfn_get() - [x86] intel_th: pci: Add Comet Lake PCH support - [x86] intel_th: pci: Add Jasper Lake PCH support - [x86] apic/32: Avoid bogus LDR warnings - SMB3: Fix persistent handles reconnect - can: usb_8dev: fix use-after-free on disconnect - [armhf] can: flexcan: disable completely the ECC mechanism - can: peak_usb: fix a potential out-of-sync while decoding packets - can: rx-offload: can_rx_offload_queue_sorted(): fix error handling, avoid skb mem leak - can: gs_usb: gs_can_open(): prevent memory leak (CVE-2019-19052) - can: dev: add missing of_node_put() after calling of_get_child_by_name() - can: mcba_usb: fix use-after-free on disconnect - can: peak_usb: fix slab info leak - configfs: stash the data we need into configfs_buffer at open time - configfs_register_group() shouldn't be (and isn't) called in rmdirable parts - configfs: new object reprsenting tree fragments - configfs: provide exclusion between IO and removals - configfs: fix a deadlock in configfs_symlink() - ALSA: usb-audio: More validations of descriptor units - ALSA: usb-audio: Simplify parse_audio_unit() - ALSA: usb-audio: Unify the release of usb_mixer_elem_info objects - ALSA: usb-audio: Remove superfluous bLength checks - ALSA: usb-audio: Clean up check_input_term() - ALSA: usb-audio: Fix possible NULL dereference at create_yamaha_midi_quirk() - ALSA: usb-audio: remove some dead code - ALSA: usb-audio: Fix copy&paste error in the validator - sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices - sched/fair: Fix -Wunused-but-set-variable warnings - usbip: Fix vhci_urb_enqueue() URB null transfer buffer error path - usbip: Implement SG support to vhci-hcd and stub driver - [arm64,armhf] PCI: tegra: Enable Relaxed Ordering only for Tegra20 & Tegra30 - [amd64] HID: intel-ish-hid: fix wrong error handling in ishtp_cl_alloc_tx_ring() - RDMA/mlx5: Clear old rate limit when closing QP - iw_cxgb4: fix ECN check on the passive accept - RDMA/qedr: Fix reported firmware version - net/mlx5e: TX, Fix consumer index of error cqe dump - net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq (CVE-2019-19045) - scsi: qla2xxx: fixup incorrect usage of host_byte - RDMA/uverbs: Prevent potential underflow - net: openvswitch: free vport unless register_netdevice() succeeds - scsi: lpfc: Honor module parameter lpfc_use_adisc - scsi: qla2xxx: Initialized mailbox to prevent driver load failure - netfilter: nf_flow_table: set timeout before insertion into hashes - ipvs: don't ignore errors in case refcounting ip_vs module fails - ipvs: move old_secure_tcp into struct netns_ipvs - bonding: fix unexpected IFF_BONDING bit unset - macsec: fix refcnt leak in module exit routine - usb: gadget: composite: Fix possible double free memory bug - [arm64] usb: dwc3: pci: prevent memory leak in dwc3_pci_probe (CVE-2019-18813) - usb: gadget: configfs: fix concurrent issue between composite APIs - [arm64,armhf] usb: dwc3: remove the call trace of USBx_GFLADJ - [x86] perf/x86/amd/ibs: Fix reading of the IBS OpData register and thus precise RIP validity - [x86] perf/x86/amd/ibs: Handle erratum #420 only on the affected CPU family (10h) - [x86] perf/x86/uncore: Fix event group support - USB: Skip endpoints with 0 maxpacket length - USB: ldusb: use unsigned size format specifiers - usbip: tools: Fix read_usb_vudc_device() error path handling - RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case - [arm64] RDMA/hns: Prevent memory leaks of eq->buf_list - scsi: qla2xxx: stop timer in shutdown path - nvme-multipath: fix possible io hang after ctrl reconnect - [amd64] fjes: Handle workqueue allocation failure - [arm64] net: hisilicon: Fix "Trying to free already-free IRQ" - drm/amdgpu: If amdgpu_ib_schedule fails return back the error. - [x86] hv_netvsc: Fix error handling in netvsc_attach() - [arm64,armhf] usb: dwc3: gadget: fix race when disabling ep with cancelled xfers - NFSv4: Don't allow a cached open with a revoked delegation - igb: Fix constant media auto sense switching when no cable is connected - e1000: fix memory leaks - [x86] pinctrl: intel: Avoid potential glitches if pin is in GPIO mode - ocfs2: protect extent tree in ocfs2_prepare_inode_for_write() - [x86] pinctrl: cherryview: Fix irq_valid_mask calculation - blkcg: make blkcg_print_stat() print stats only for online blkgs - [x86] iio: imu: mpu6050: Add support for the ICM 20602 IMU - [x86] iio: imu: inv_mpu6050: fix no data on MPU6050 - mm/filemap.c: don't initiate writeback if mapping has no dirty pages - cgroup,writeback: don't switch wbs immediately on dead wbs if the memcg is dead - usbip: Fix free of unallocated memory in vhci tx - netfilter: ipset: Copy the right MAC address in hash:ip,mac IPv6 sets - net: prevent load/store tearing on sk->sk_stamp - [x86] iio: imu: mpu6050: Fix FIFO layout for ICM20602 - vsock/virtio: fix sock refcnt holding during the shutdown - x86/cpu: Add Tremont to the cpu vulnerability whitelist https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.85 - scsi: core: Handle drivers which set sg_tablesize to zero - ax88172a: fix information leak on short answers - ipmr: Fix skb headroom in ipmr_get_route(). - net: gemini: add missed free_netdev - net: usb: qmi_wwan: add support for Foxconn T77W968 LTE modules - slip: Fix memory leak in slip_open error path - ALSA: usb-audio: Fix missing error check at mixer resolution test - ALSA: usb-audio: not submit urb for stopped endpoint - ALSA: usb-audio: Fix incorrect NULL check in create_yamaha_midi_quirk() - ALSA: usb-audio: Fix incorrect size check for processing/extension units - Btrfs: fix log context list corruption after rename exchange operation - Input: ff-memless - kill timer in destroy() - Input: synaptics-rmi4 - fix video buffer size - Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver - Input: synaptics-rmi4 - do not consume more data than we have (F11, F12) - Input: synaptics-rmi4 - clear IRQ enables for F54 - Input: synaptics-rmi4 - destroy F54 poller workqueue when removing - IB/hfi1: Ensure full Gen3 speed in a Gen4 system - IB/hfi1: Use a common pad buffer for 9B and 16B packets - i2c: acpi: Force bus speed to 400KHz if a Silead touchscreen is present - ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable - ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either - [armhf] net: ethernet: dwmac-sun8i: Use the correct function in exit path - [x86] iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros - mm: mempolicy: fix the wrong return value and potential pages leak of mbind - mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm() - mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup() - iio: adc: max9611: explicitly cast gain_selectors - tee: optee: take DT status property into account - ath10k: fix kernel panic by moving pci flush after napi_disable - clk: sunxi-ng: h6: fix PWM gate/reset offset - soundwire: Initialize completion for defer messages - [x86] soundwire: intel: Fix uninitialized adev deref - [arm64] dts: allwinner: a64: Orange Pi Win: Fix SD card node - [arm64] dts: allwinner: a64: Olinuxino: fix DRAM voltage - [arm64] dts: allwinner: a64: NanoPi-A64: Fix DCDC1 voltage - ALSA: pcm: signedness bug in snd_pcm_plug_alloc() - [arm64] soc/tegra: pmc: Fix pad voltage configuration for Tegra186 - [arm64] dts: tegra210-p2180: Correct sdmmc4 vqmmc-supply - y2038: make do_gettimeofday() and get_seconds() inline - rtc: sysfs: fix NULL check in rtc_add_groups() - remoteproc/davinci: Use %zx for formating size_t - extcon: cht-wc: Return from default case to avoid warnings - cfg80211: Avoid regulatory restore when COUNTRY_IE_IGNORE is set - ALSA: seq: Do error checks at creating system ports - ath10k: skip resetting rx filter for WCN3990 - ath9k: fix tx99 with monitor mode interface - wil6210: drop Rx multicast packets that are looped-back to STA - wil6210: set edma variables only for Talyn-MB devices - wil6210: prevent usage of tx ring 0 for eDMA - wil6210: fix invalid memory access for rx_buff_mgmt debugfs - ath10k: limit available channels via DT ieee80211-freq-limit - ice: Update request resource command to latest specification - ice: Prevent control queue operations during reset - gfs2: Don't set GFS2_RDF_UPTODATE when the lvb is updated - ice: Fix and update driver version string - ASoC: dapm: Don't fail creating new DAPM control on NULL pinctrl - ASoC: dpcm: Properly initialise hw->rate_max - ASoC: meson: axg-fifo: report interrupt request failure - ASoC: AMD: Change MCLK to 48Mhz - pinctrl: ingenic: Probe driver at subsys_initcall - [armhf] dts: exynos: Use i2c-gpio for HDMI-DDC on Arndale - [armhf] dts: exynos: Fix HDMI-HPD line handling on Arndale - [armhf] dts: exynos: Fix sound in Snow-rev5 Chromebook - liquidio: fix race condition in instruction completion processing - [arm64] dts: stratix10: i2c clock running out of spec - [armhf] dts: exynos: Fix regulators configuration on Peach Pi/Pit Chromebooks - i40evf: Validate the number of queues a PF sends - i40e: use correct length for strncpy - i40evf: set IFF_UNICAST_FLT flag for the VF - i40e: Check and correct speed values for link on open - i40evf: Don't enable vlan stripping when rx offload is turned on - i40e: hold the rtnl lock on clearing interrupt scheme - i40evf: cancel workqueue sync for adminq when a VF is removed - i40e: Prevent deleting MAC address from VF when set by PF - IB/rxe: avoid back-to-back retries - IB/rxe: fixes for rdma read retry - iwlwifi: drop packets with bad status in CD - iwlwifi: don't WARN on trying to dump dead firmware - iwlwifi: mvm: avoid sending too many BARs - media: vicodec: fix out-of-range values when decoding - media: i2c: Fix pm_runtime_get_if_in_use() usage in sensor drivers - media: ov772x: Disable clk on error path - rtl8187: Fix warning generated when strncpy() destination length matches the sixe argument - mwifiex: do no submit URB in suspended state - mwifex: free rx_cmd skb in suspended state - brcmfmac: fix wrong strnchr usage - mt76: Fix comparisons with invalid hardware key index - soc: imx: gpc: fix PDN delay - ASoC: rsnd: ssi: Fix issue in dma data address assignment - net: hns3: Fix for multicast failure - net: hns3: Fix error of checking used vlan id - net: hns3: Fix for loopback selftest failed problem - net: hns3: Change the dst mac addr of loopback packet - net/mlx5: Fix atomic_mode enum values - net: phy: mscc: read 'vsc8531,vddmac' as an u32 - net: phy: mscc: read 'vsc8531, edge-slowdown' as an u32 - [armhf] dts: meson8: fix the clock controller register size - [armhf] dts: meson8b: fix the clock controller register size - mtd: rawnand: marvell: use regmap_update_bits() for syscon access - mtd: rawnand: fsl_ifc: check result of SRAM initialization - mtd: rawnand: fsl_ifc: fixup SRAM init for newer ctrl versions - mtd: rawnand: qcom: don't include dma-direct.h - IB/mlx5: Change TX affinity assignment in RoCE LAG mode - qxl: fix null-pointer crash during suspend - mac80211: fix saving a few HE values - cfg80211: validate wmm rule when setting - f2fs: avoid wrong decrypted data from disk - net: lan78xx: Bail out if lan78xx_get_endpoints fails - rtnetlink: move type calculation out of loop - ASoC: sgtl5000: avoid division by zero if lo_vag is zero - ath10k: avoid possible memory access violation - [armhf] dts: exynos: Disable pull control for S5M8767 PMIC - ath10k: wmi: disable softirq's while calling ieee80211_rx - i2c: mediatek: Use DMA safe buffers for i2c transactions - IB/mlx5: Don't hold spin lock while checking device state - IB/ipoib: Ensure that MTU isn't less than minimum permitted - RDMA/core: Rate limit MAD error messages - RDMA/core: Follow correct unregister order between sysfs and cgroup - udf: Fix crash during mount - ASoC: dapm: Avoid uninitialised variable warning - [x86] ASoC: Intel: hdac_hdmi: Limit sampling rates at dai creation - ata: Disable AHCI ALPM feature for Ampere Computing eMAG SATA - [powerpc] make PowerMac cache node search conditional on CONFIG_PPC_PMAC - [armhf] dts: omap3-gta04: give spi_lcd node a label so that we can overwrite in other DTS files - [armhf] dts: omap3-gta04: fixes for tvout / venc - [armhf] dts: omap3-gta04: tvout: enable as display1 alias - [armhf] dts: omap3-gta04: fix touchscreen tsc2007 - [armhf] dts: omap3-gta04: make NAND partitions compatible with recent U-Boot - [armhf] dts: omap3-gta04: keep vpll2 always on - f2fs: submit bio after shutdown - failover: Fix error return code in net_failover_create - sched/debug: Explicitly cast sched_feat() to bool - sched/debug: Use symbolic names for task state constants - firmware: arm_scmi: use strlcpy to ensure NULL-terminated strings - [arm64] dts: rockchip: Fix VCC5V0_HOST_EN on rk3399-sapphire - [armhf] dts: exynos: Disable pull control for PMIC IRQ line on Artik5 board - usb: mtu3: disable vbus rise/fall interrupts of ltssm - EDAC, sb_edac: Return early on ADDRV bit and address type test - [armhf] rtc: pl030: fix possible race condition - ath9k: add back support for using active monitor interfaces for tx99 - dmaengine: at_xdmac: remove a stray bottom half unlock - RDMA/hns: Fix an error code in hns_roce_v2_init_eq_table() - IB/hfi1: Missing return value in error path for user sdma - signal: Always ignore SIGKILL and SIGSTOP sent to the global init - signal: Properly deliver SIGILL from uprobes - signal: Properly deliver SIGSEGV from x86 uprobes - f2fs: fix memory leak of write_io in fill_super() - f2fs: fix memory leak of percpu counter in fill_super() - f2fs: fix setattr project check upon fssetxattr ioctl - scsi: qla2xxx: Use correct qpair for ABTS/CMD - scsi: qla2xxx: Fix iIDMA error - scsi: qla2xxx: Defer chip reset until target mode is enabled - scsi: qla2xxx: Terminate Plogi/PRLI if WWN is 0 - scsi: qla2xxx: Fix deadlock between ATIO and HW lock - scsi: qla2xxx: Increase abort timeout value - scsi: qla2xxx: Check for Register disconnect - scsi: qla2xxx: Fix port speed display on chip reset - scsi: qla2xxx: Fix dropped srb resource. - scsi: qla2xxx: Fix duplicate switch's Nport ID entries - scsi: lpfc: Fix GFT_ID and PRLI logic for RSCN - scsi: lpfc: Correct invalid EQ doorbell write on if_type=6 - scsi: lpfc: Fix errors in log messages. - scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir() - [armhf] imx6: register pm_power_off handler if "fsl,pmic-stby-poweroff" is set - scsi: pm80xx: Corrected dma_unmap_sg() parameter - scsi: pm80xx: Fixed system hang issue during kexec boot - kprobes: Don't call BUG_ON() if there is a kprobe in use on free list - net: aquantia: fix hw_atl_utils_fw_upload_dwords - Drivers: hv: vmbus: Fix synic per-cpu context initialization - nvmem: core: return error code instead of NULL from nvmem_device_get - media: dt-bindings: adv748x: Fix decimal unit addresses - [x86] ALSA: hda: Fix implicit definition of pci_iomap() on SH - media: fix: media: pci: meye: validate offset to avoid arbitrary access - media: dvb: fix compat ioctl translation - net: bcmgenet: Fix speed selection for reverse MII - [arm64] dts: meson: libretech: update board model - [arm64] dts: meson-axg: use the proper compatible for ethmac - [x86] ALSA: intel8x0m: Register irq handler after register initializations - [arm64] dts: renesas: salvator-common: adv748x: Override secondary addresses - [arm64] dts: renesas: r8a77965: Attach the SYS-DMAC to the IPMMU - [arm64] dts: renesas: r8a77965: Fix HS-USB compatible - [arm64] dts: renesas: r8a77965: Fix clock/reset for usb2_phy1 - pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map() - llc: avoid blocking in llc_sap_close() - [armhf] dts: qcom: ipq4019: fix cpu0's qcom,saw2 reg value - [arm64] soc: qcom: wcnss_ctrl: Avoid string overflow - [arm64] dts: broadcom: Fix I2C and SPI bus warnings - [armhf] dts: bcm: Fix SPI bus warnings - [armhf] dts: aspeed: Fix I2C bus warnings - [ppc64el,powerpc*] powerpc/vdso: Correct call frame information - [armhf] dts: socfpga: Fix I2C bus unit-address error - [armhf] dts: sunxi: Fix I2C bus warnings - [armhf] dts: sun9i: Fix I2C bus warnings - android: binder: no outgoing transaction when thread todo has transaction - cxgb4: Fix endianness issue in t4_fwcache() - [arm64] fix for bad_mode() handler to always result in panic - block, bfq: inject other-queue I/O into seeky idle queues on NCQ flash - blok, bfq: do not plug I/O if all queues are weight-raised - [arm64] dts: meson: Fix erroneous SPI bus warnings - power: supply: ab8500_fg: silence uninitialized variable warnings - component: fix loop condition to call unbind() if bind() fails - kernfs: Fix range checks in kernfs_get_target_path - ip_gre: fix parsing gre header in ipgre_err - scsi: ufshcd: Fix NULL pointer dereference for in ufshcd_init - [armhf] dts: rockchip: Fix erroneous SPI bus dtc warnings on rk3036 - [arm64] dts: rockchip: Fix I2C bus unit-address error on rk3399-puma-haikou - [x86] ACPI / LPSS: Exclude I2C busses shared with PUNIT from pmc_atom_d3_mask - netfilter: nf_tables: avoid BUG_ON usage - ath9k: Fix a locking bug in ath9k_add_interface() - [s390x] qeth: uninstall IRQ handler on device removal - [s390x] qeth: invoke softirqs after napi_schedule() - media: vsp1: Fix vsp1_regs.h license header - media: vsp1: Fix YCbCr planar formats pitch calculation - media: ov2680: don't register the v4l2 subdevice before checking chip ID - PCI/ACPI: Correct error message for ASPM disabling - net: socionext: Fix two sleep-in-atomic-context bugs in ave_rxfifo_reset() - PCI: mediatek: Fix unchecked return value - [armhf] dts: xilinx: Fix I2C and SPI bus warnings - serial: uartps: Fix suspend functionality - serial: samsung: Enable baud clock for UART reset procedure in resume - serial: mxs-auart: Fix potential infinite loop - tty: serial: qcom_geni_serial: Fix serial when not used as console - [arm64] dts: ti: k3-am65: Change #address-cells and #size-cells of interconnect to 2 - samples/bpf: fix a compilation failure - spi: mediatek: Don't modify spi_transfer when transfer. - ASoC: rt5682: Fix the boost volume at the begining of playback - ipmi_si_pci: fix NULL device in ipmi_si error message - ipmi_si: fix potential integer overflow on large shift - ipmi:dmi: Ignore IPMI SMBIOS entries with a zero base address - ipmi: fix return value of ipmi_set_my_LUN - net: hns3: fix return type of ndo_start_xmit function - net: cavium: fix return type of ndo_start_xmit function - net: ibm: fix return type of ndo_start_xmit function - [ppc64el,powerpc*] iommu: Avoid derefence before pointer check - [ppc64el,powerpc*] selftests: Do not fail with reschedule - [ppc64el,powerpc64] hash: Fix stab_rr off by one initialization - [ppc64el,powerpc64] pseries/memory-hotplug: Only update DT once per memory DLPAR request - [ppc64el,powerpc64] pseries: Disable CPU hotplug across migrations - [ppc64el,powerpc*] Fix duplicate const clang warning in user access code - RDMA/i40iw: Fix incorrect iterator type - OPP: Protect dev_list with opp_table lock - of/unittest: Fix I2C bus unit-address error - libfdt: Ensure INT_MAX is defined in libfdt_env.h - power: supply: twl4030_charger: fix charging current out-of-bounds - power: supply: twl4030_charger: disable eoc interrupt on linear charge - net: mvpp2: fix the number of queues per cpu for PPv2.2 - net: marvell: fix return type of ndo_start_xmit function - net: toshiba: fix return type of ndo_start_xmit function - net: xilinx: fix return type of ndo_start_xmit function - net: broadcom: fix return type of ndo_start_xmit function - net: amd: fix return type of ndo_start_xmit function - net: sun: fix return type of ndo_start_xmit function - net: hns3: Fix for setting speed for phy failed problem - net: hns3: Fix cmdq registers initialization issue for vf - net: hns3: Clear client pointer when initialize client failed or unintialize finished - net: hns3: Fix client initialize state issue when roce client initialize failed - net: hns3: Fix parameter type for q_id in hclge_tm_q_to_qs_map_cfg() - nfp: provide a better warning when ring allocation fails - usb: chipidea: imx: enable OTG overcurrent in case USB subsystem is already started - usb: chipidea: Fix otg event handler - usb: usbtmc: Fix ioctl USBTMC_IOCTL_ABORT_BULK_OUT - [s390x] zcrypt: enable AP bus scan without a valid default domain - [s390x] vdso: avoid 64-bit vdso mapping for compat tasks - [s390x] vdso: correct CFI annotations of vDSO functions - brcmfmac: increase buffer for obtaining firmware capabilities - brcmsmac: Use kvmalloc() for ucode allocations - mlxsw: spectrum: Init shaper for TCs 8..15 - PCI: portdrv: Initialize service drivers directly - [armhf] dts: am335x-evm: fix number of cpsw - [armhf] dts: ti: Fix SPI and I2C bus warnings - f2fs: avoid infinite loop in f2fs_alloc_nid - f2fs: fix to recover inode's uid/gid during POR - [armhf] dts: ux500: Correct SCU unit address - [armhf] dts: ux500: Fix LCDA clock line muxing - [armhf] dts: ste: Fix SPI controller node names - spi: pic32: Use proper enum in dmaengine_prep_slave_rg - crypto: chacha20 - Fix chacha20_block() keystream alignment (again) - cpufeature: avoid warning when compiling with clang - [armhf] crypto: crc32 - avoid warning when compiling with Clang - [armel] dts: marvell: Fix SPI and I2C bus warnings - [x86] mce-inject: Reset injection struct after injection - [armhf,arm64] dts: clearfog: fix sdhci supply property name - bnx2x: Ignore bandwidth attention in single function mode - PCI/AER: Take reference on error devices - PCI/AER: Don't read upstream ports below fatal errors - PCI/ERR: Use slot reset if available - samples/bpf: fix compilation failure - net: phy: mdio-bcm-unimac: Allow configuring MDIO clock divider - net: micrel: fix return type of ndo_start_xmit function - net: freescale: fix return type of ndo_start_xmit function - [x86] CPU: Use correct macros for Cyrix calls - [x86] CPU: Change query logic so CPUID is enabled before testing - EDAC: Correct DIMM capacity unit symbol - [mips*] kexec: Relax memory restriction - [arm64] dts: rockchip: Fix microSD in rk3399 sapphire board - mlxsw: Make MLXSW_SP1_FWREV_MINOR a hard requirement - media: imx: work around false-positive warning, again - media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init() - media: au0828: Fix incorrect error messages - media: davinci: Fix implicit enum conversion warning - [armhf] dts: rockchip: explicitly set vcc_sd0 pin to gpio on rk3188-radxarock - usb: gadget: uvc: configfs: Drop leaked references to config items - usb: gadget: uvc: configfs: Prevent format changes after linking header - usb: gadget: uvc: configfs: Sort frame intervals upon writing - [armhf] dts: exynos: Correct audio subsystem parent clock on Peach Chromebooks - i2c: aspeed: fix invalid clock parameters for very large divisors - gpiolib: Fix gpio_direction_* for single direction GPIOs - phy: brcm-sata: allow PHY_BRCM_SATA driver to be built for DSL SoCs - phy: renesas: rcar-gen3-usb2: fix vbus_ctrl for role sysfs - phy: phy-twl4030-usb: fix denied runtime access - [armhf] dts: imx6ull: update vdd_soc voltage for 900MHz operating point - usb: gadget: uvc: Factor out video USB request queueing - usb: gadget: uvc: Only halt video streaming endpoint in bulk mode - coresight: Use ERR_CAST instead of ERR_PTR - coresight: Fix handling of sinks - coresight: perf: Fix per cpu path management - coresight: perf: Disable trace path upon source error - coresight: tmc-etr: Handle driver mode specific ETR buffers - coresight: etm4x: Configure EL2 exception level when kernel is running in HYP - coresight: tmc: Fix byte-address alignment for RRP - coresight: dynamic-replicator: Handle multiple connections - slimbus: ngd: register ngd driver only once. - slimbus: ngd: return proper error code instead of zero - silmbus: ngd: register controller after power up. - misc: kgdbts: Fix restrict error - misc: genwqe: should return proper error value. - vmbus: keep pointer to ring buffer page - vfio/pci: Fix potential memory leak in vfio_msi_cap_len - vfio/pci: Mask buggy SR-IOV VF INTx support - iw_cxgb4: Use proper enumerated type in c4iw_bar2_addrs - scsi: libsas: always unregister the old device if going to discover new - f2fs: fix remount problem of option io_bits - phy: lantiq: Fix compile warning - [arm64] dts: fsl: Fix I2C and SPI bus warnings - [armhf] dts: imx51-zii-rdu1: Fix the rtc compatible string - [arm64] tegra: I2C on Tegra194 is not compatible with Tegra114 - [armhf] dts: tegra30: fix xcvr-setup-use-fuses - [armhf] dts: tegra20: restore address order - [armhf] tegra: apalis_t30: fix mmc1 cmd pull-up - [armhf] tegra: apalis_t30: fix mcp2515 can controller interrupt polarity - [armhf] tegra: colibri_t30: fix mcp2515 can controller interrupt polarity - [armhf] dts: paz00: fix wakeup gpio keycode - net: smsc: fix return type of ndo_start_xmit function - net: faraday: fix return type of ndo_start_xmit function - PCI/ERR: Run error recovery callbacks for all affected devices - f2fs: update i_size after DIO completion - f2fs: fix to recover inode's project id during POR - f2fs: mark inode dirty explicitly in recover_inode() - RDMA: Fix dependencies for rdma_user_mmap_io - EDAC: Raise the maximum number of memory controllers - firmware: dell_rbu: Make payload memory uncachable - Bluetooth: hci_serdev: clear HCI_UART_PROTO_READY to avoid closing proto races - Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS - Bluetooth: btrsi: fix bt tx timeout issue - [x86] hyperv: Suppress "PCI: Fatal: No config space access function found" - crypto: s5p-sss: Fix race in error handling - crypto: s5p-sss: Fix Fix argument list alignment - crypto: fix a memory leak in rsa-kcs1pad's encryption mode - iwlwifi: dbg: don't crash if the firmware crashes in the middle of a debug dump - iwlwifi: fix non_shared_ant for 22000 devices - iwlwifi: pcie: read correct prph address for newer devices - iwlwifi: api: annotate compressed BA notif array sizes - iwlwifi: pcie: gen2: build A-MSDU only for GSO - iwlwifi: pcie: fit reclaim msg to MAX_MSG_LEN - iwlwifi: mvm: use correct FIFO length - iwlwifi: mvm: Allow TKIP for AP mode - scsi: NCR5380: Clear all unissued commands on host reset - scsi: NCR5380: Have NCR5380_select() return a bool - scsi: NCR5380: Withhold disconnect privilege for REQUEST SENSE - scsi: NCR5380: Use DRIVER_SENSE to indicate valid sense data - scsi: NCR5380: Check for invalid reselection target - scsi: NCR5380: Don't clear busy flag when abort fails - scsi: NCR5380: Don't call dsprintk() following reselection interrupt - scsi: NCR5380: Handle BUS FREE during reselection - scsi: NCR5380: Check for bus reset - [arm64] dts: amd: Fix SPI bus warnings - [arm64] dts: lg: Fix SPI controller node names - rtc: isl1208: avoid possible sysfs race - rtc: tx4939: fixup nvmem name and register size - rtc: armada38x: fix possible race condition - netfilter: masquerade: don't flush all conntracks if only one address deleted on device - usb: xhci-mtk: fix ISOC error when interval is zero - usb: usbtmc: uninitialized symbol 'actual' in usbtmc_ioctl_clear - fuse: use READ_ONCE on congestion_threshold and max_background - IB/iser: Fix possible NULL deref at iser_inv_desc() - media: ov2680: fix null dereference at power on - [s390x] vdso: correct vdso mapping for compat tasks - net: phy: mdio-bcm-unimac: mark PM functions as __maybe_unused - memfd: Use radix_tree_deref_slot_protected to avoid the warning. - slcan: Fix memory leak in error path https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.86 - spi: mediatek: use correct mata->xfer_len when in fifo transfer - i2c: mediatek: modify threshold passed to i2c_get_dma_safe_msg_buf() - tee: optee: add missing of_node_put after of_device_is_available - Revert "OPP: Protect dev_list with opp_table lock" - net: cdc_ncm: Signedness bug in cdc_ncm_set_dgram_size() - idr: Fix idr_get_next race with idr_remove - mm/memory_hotplug: don't access uninitialized memmaps in shrink_pgdat_span() - mm/memory_hotplug: fix updating the node span - [arm64] uaccess: Ensure PAN is re-enabled after unhandled uaccess fault - fbdev: Ditch fb_edid_add_monspecs - [i386] bpf, x32: Fix bug for BPF_ALU64 | BPF_NEG - [i386] bpf, x32: Fix bug with ALU64 {LSH, RSH, ARSH} BPF_X shift by 0 - [i386] bpf, x32: Fix bug with ALU64 {LSH, RSH, ARSH} BPF_K shift by 0 - [i386] bpf, x32: Fix bug for BPF_JMP | {BPF_JSGT, BPF_JSLE, BPF_JSLT, BPF_JSGE} - net: ovs: fix return type of ndo_start_xmit function - net: xen-netback: fix return type of ndo_start_xmit function - [armhf] dts: dra7: Enable workaround for errata i870 in PCIe host mode - [armhf] dts: omap5: enable OTG role for DWC3 controller - [arm64] net: hns3: Fix for netdev not up problem when setting mtu - [arm64] net: hns3: Fix loss of coal configuration while doing reset - f2fs: return correct errno in f2fs_gc - [armhf] dts: sun8i: h3-h5: ir register size should be the whole memory block - [armhf] dts: sun8i: h3: bpi-m2-plus: Fix address for external RGMII Ethernet PHY - tcp: up initial rmem to 128KB and SYN rwin to around 64KB - SUNRPC: Fix priority queue fairness - ACPI / LPSS: Make acpi_lpss_find_device() also find PCI devices - ACPI / LPSS: Resume BYT/CHT I2C controllers from resume_noirq - f2fs: keep lazytime on remount - IB/hfi1: Error path MAD response size is incorrect - IB/hfi1: Ensure ucast_dlid access doesnt exceed bounds - mt76x2: fix tx power configuration for VHT mcs 9 - mt76x2: disable WLAN core before probe - mt76: fix handling ps-poll frames - [arm64,armhf] iommu/io-pgtable-arm: Fix race handling in split_blk_unmap() - [arm64,armhf] iommu/arm-smmu-v3: Fix unexpected CMD_SYNC timeout - [arm64,armhf] kvm: Fix stage2_flush_memslot for 4 level page table - [arm64] numa: Report correct memblock range for the dummy node - ath10k: fix vdev-start timeout on error - rtlwifi: btcoex: Use proper enumerated types for Wi-Fi only interface - ata: ahci_brcm: Allow using driver or DSL SoCs - PM / devfreq: Fix devfreq_add_device() when drivers are built as modules. - PM / devfreq: Fix handling of min/max_freq == 0 - PM / devfreq: stopping the governor before device_unregister() - ath9k: fix reporting calculated new FFT upper max - selftests/tls: Fix recv(MSG_PEEK) & splice() test cases - usb: gadget: udc: fotg210-udc: Fix a sleep-in-atomic-context bug in fotg210_get_status() - usb: dwc3: gadget: Check ENBLSLPM before sending ep command - nl80211: Fix a GET_KEY reply attribute - [arm64,armhf] irqchip/irq-mvebu-icu: Fix wrong private data retrieval - watchdog: core: fix null pointer dereference when releasing cdev - watchdog: w83627hf_wdt: Support NCT6796D, NCT6797D, NCT6798D - [ppc64el,powerpc64] Inform the userspace about TCE update failures - printk: Do not miss new messages when replaying the log - printk: CON_PRINTBUFFER console registration is a bit racy - dmaengine: ep93xx: Return proper enum in ep93xx_dma_chan_direction - dmaengine: timb_dma: Use proper enum in td_prep_slave_sg - [x86] ALSA: hda: Fix mismatch for register mask and value in ext controller. - ext4: fix build error when DX_DEBUG is defined - clk: keystone: Enable TISCI clocks if K3_ARCH - sunrpc: Fix connect metrics - [x86] PCI: Apply VMD's AERSID fixup generically - mei: samples: fix a signedness bug in amt_host_if_call() - cxgb4: Use proper enum in cxgb4_dcb_handle_fw_update - cxgb4: Use proper enum in IEEE_FAUX_SYNC - [ppc64el,powerpc*] Fix DTL buffer registration - [ppc64el,powerpc*] Fix how we iterate over the DTL entries - [ppc64el,powerpc*] xive: Move a dereference below a NULL test - mtd: rawnand: sh_flctl: Use proper enum for flctl_dma_fifo0_transfer - PM / hibernate: Check the success of generating md5 digest before hibernation - tools: PCI: Fix compilation warnings - ice: Fix forward to queue group logic - md: allow metadata updates while suspending an array - fix - ixgbe: Fix ixgbe TX hangs with XDP_TX beyond queue limit - i40e: Use proper enum in i40e_ndo_set_vf_link_state - ixgbe: Fix crash with VFs and flow director on interface flap - IB/mthca: Fix error return code in __mthca_init_one() - IB/rxe: avoid srq memory leak - RDMA/hns: Bugfix for reserved qp number - RDMA/hns: Submit bad wr when post send wr exception - RDMA/hns: Bugfix for CM test - RDMA/hns: Limit the size of extend sge of sq - IB/mlx4: Avoid implicit enumerated type conversion - rpmsg: glink: smem: Support rx peak for size less than 4 bytes - msm/gpu/a6xx: Force of_dma_configure to setup DMA for GMU - OPP: Return error on error from dev_pm_opp_get_opp_count() - ACPICA: Never run _REG on system_memory and system_IO - cpuidle: menu: Fix wakeup statistics updates for polling state - ASoC: qdsp6: q6asm-dai: checking NULL vs IS_ERR() - [ppc64el,powerpc*] time: Use clockevents_register_device(), fixing an issue with large decrementer - [ppc64el,powerpc64] radix: Explicitly flush ERAT with local LPID invalidation - ata: ep93xx: Use proper enums for directions - qed: Avoid implicit enum conversion in qed_ooo_submit_tx_buffers - media: rc: ir-rc6-decoder: enable toggle bit for Kathrein RCU-676 remote - media: pxa_camera: Fix check for pdev->dev.of_node - media: rcar-vin: fix redeclaration of symbol - media: i2c: adv748x: Support probing a single output - [x86] ALSA: hda/sigmatel - Disable automute for Elo VuPoint - bnxt_en: return proper error when FW returns HWRM_ERR_CODE_RESOURCE_ACCESS_DENIED - [ppc64el,powerpc64] Book3S PR: Exiting split hack mode needs to fixup both PC and LR - USB: serial: cypress_m8: fix interrupt-out transfer length - usb: dwc2: disable power_down on rockchip devices - mtd: physmap_of: Release resources on error - cpu/SMT: State SMT is disabled even with nosmt and without "=force" - brcmfmac: reduce timeout for action frame scan - brcmfmac: fix full timeout waiting for action frame on-channel tx - qtnfmac: request userspace to do OBSS scanning if FW can not - qtnfmac: pass sgi rate info flag to wireless core - qtnfmac: inform wireless core about supported extended capabilities - qtnfmac: drop error reports for out-of-bounds key indexes - [armhf] clk: samsung: Use NOIRQ stage for Exynos5433 clocks suspend/resume - [armhf] clk: samsung: exynos5420: Define CLK_SECKEY gate clock only or Exynos5420 - [armhf] clk: samsung: Use clk_hw API for calling clk framework from clk notifiers - printk: Correct wrong casting - NFSv4.x: fix lock recovery during delegation recall - dmaengine: ioat: fix prototype of ioat_enumerate_channels - media: ov5640: fix framerate update - media: cec-gpio: select correct Signal Free Time - gfs2: slow the deluge of io error messages - i2c: omap: use core to detect 'no zero length' quirk - i2c: qup: use core to detect 'no zero length' quirk - i2c: tegra: use core to detect 'no zero length' quirk - i2c: zx2967: use core to detect 'no zero length' quirk - Input: st1232 - set INPUT_PROP_DIRECT property - Input: silead - try firmware reload after unsuccessful resume - soc: fsl: bman_portals: defer probe after bman's probe - net: hns3: Fix for rx vlan id handle to support Rev 0x21 hardware - tc-testing: fix build of eBPF programs - remoteproc: Check for NULL firmwares in sysfs interface - remoteproc: qcom: q6v5: Fix a race condition on fatal crash - kexec: Allocate decrypted control pages for kdump if SME is enabled - [x86] olpc: Fix build error with CONFIG_MFD_CS5535=m - dmaengine: rcar-dmac: set scatter/gather max segment size - xfrm: use correct size to initialise sp->ovec - ACPI / SBS: Fix rare oops when removing modules - iwlwifi: mvm: don't send keys when entering D3 - xsk: proper AF_XDP socket teardown ordering - [amd64] fsgsbase: Fix ptrace() to read the FS/GS base accurately - mmc: renesas_sdhi_internal_dmac: Whitelist r8a774a1 - mmc: tmio: Fix SCC error detection - mmc: renesas_sdhi_internal_dmac: set scatter/gather max segment size - fbdev: sbuslib: use checked version of put_user() - fbdev: sbuslib: integer overflow in sbusfb_ioctl_helper() - fbdev: fix broken menu dependencies - reset: Fix potential use-after-free in __of_reset_control_get() - bcache: account size of buckets used in uuid write to ca->meta_sectors_written - bcache: recal cached_dev_sectors on detach - [x86] platform: mlx-platform: Properly use mlxplat_mlxcpld_msn201x_items - media: dw9714: Fix error handling in probe function - media: dw9807-vcm: Fix probe error handling - media: cx18: Don't check for address of video_dev - mtd: spi-nor: cadence-quadspi: Use proper enum for dma_[un]map_single - mtd: devices: m25p80: Make sure WRITE_EN is issued before each write - [x86] intel_rdt: Introduce utility to obtain CDP peer - [x86] intel_rdt: CBM overlap should also check for overlap with CDP peer - mmc: mmci: expand startbiterr to irqmask and error check - [s390x] kasan: avoid vdso instrumentation - [s390x] kasan: avoid instrumentation of early C code - [s390x] kasan: avoid user access code instrumentation - [i386] proc/vmcore: Fix i386 build error of missing copy_oldmem_page_encrypted() - backlight: lm3639: Unconditionally call led_classdev_unregister - mfd: ti_am335x_tscadc: Keep ADC interface on if child is wakeup capable - printk: Give error on attempt to set log buffer length to over 2G - media: isif: fix a NULL pointer dereference bug - GFS2: Flush the GFS2 delete workqueue before stopping the kernel threads - media: cx231xx: fix potential sign-extension overflow on large shift - media: venus: vdec: fix decoded data size - [x86] ALSA: hda/ca0132 - Fix input effect controls for desktop cards - lightnvm: pblk: fix rqd.error return value in pblk_blk_erase_sync - lightnvm: pblk: fix incorrect min_write_pgs - lightnvm: pblk: guarantee emeta on line close - lightnvm: pblk: fix write amplificiation calculation - lightnvm: pblk: guarantee mw_cunits on read buffer - lightnvm: do no update csecs and sos on 1.2 - lightnvm: pblk: fix error handling of pblk_lines_init() - lightnvm: pblk: consider max hw sectors supported for max_write_pgs - [x86] kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error - bpf: btf: Fix a missing check bug - net: fix generic XDP to handle if eth header was mangled - gpio: syscon: Fix possible NULL ptr usage - spi: fsl-lpspi: Prevent FIFO under/overrun by default - pinctrl: gemini: Mask and set properly - spi: spidev: Fix OF tree warning logic - [armel,armhf] 8802/1: Call syscall_trace_exit even when system call skipped - [x86] mm: Do not warn about PCI BIOS W+X mappings - orangefs: rate limit the client not running info message - pinctrl: gemini: Fix up TVC clock group - scsi: arcmsr: clean up clang warning on extraneous parentheses - [x86] hwmon: (k10temp) Support all Family 15h Model 6xh and Model 7xh processors - hwmon: (nct6775) Fix names of DIMM temperature sources - hwmon: (pwm-fan) Silence error on probe deferral - hwmon: (ina3221) Fix INA3221_CONFIG_MODE macros - hwmon: (npcm-750-pwm-fan) Change initial pwm target to 255 - selftests: forwarding: Have lldpad_app_wait_set() wait for unknown, too - net: sched: avoid writing on noop_qdisc - netfilter: nft_compat: do not dump private area - misc: cxl: Fix possible null pointer dereference - mac80211: minstrel: fix using short preamble CCK rates on HT clients - mac80211: minstrel: fix CCK rate group streams value - mac80211: minstrel: fix sampling/reporting of CCK rates in HT mode - spi: rockchip: initialize dma_slave_config properly - mlxsw: spectrum_switchdev: Check notification relevance based on upper device - [armhf] dts: omap5: Fix dual-role mode on Super-Speed port - tcp: start receiver buffer autotuning sooner - ACPI / LPSS: Use acpi_lpss_* instead of acpi_subsys_* functions for hibernate - PM / devfreq: Fix static checker warning in try_then_request_governor - tools: PCI: Fix broken pcitest compilation - [ppc64el,powerpc*] time: Fix clockevent_decrementer initalisation for PR KVM - mmc: tmio: fix SCC error handling to avoid false positive CRC error - [x86] resctrl: Fix rdt_find_domain() return value and checks https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.87 - mlxsw: spectrum_router: Fix determining underlay for a GRE tunnel - net/mlx4_en: fix mlx4 ethtool -N insertion - net/mlx4_en: Fix wrong limitation for number of TX rings - net: rtnetlink: prevent underflows in do_setvfinfo() - net/sched: act_pedit: fix WARN() in the traffic path - net: sched: ensure opts_len <= IP_TUNNEL_OPTS_MAX in act_tunnel_key - sfc: Only cancel the PPS workqueue if it exists - net/mlx5e: Fix set vf link state error flow - net/mlxfw: Verify FSM error code translation doesn't exceed array size - net/mlx5: Fix auto group size calculation - vhost/vsock: split packets to send using multiple buffers - gpio: max77620: Fixup debounce delays - tools: gpio: Correctly add make dependencies for gpio_utils - nbd:fix memory leak in nbd_get_socket() - virtio_console: allocate inbufs in add_port() only if it is needed - Revert "fs: ocfs2: fix possible null-pointer dereferences in ocfs2_xa_prepare_entry()" - mm/ksm.c: don't WARN if page is still mapped in remove_stable_node() - [x86] drm/amd/powerplay: issue no PPSMC_MSG_GetCurrPkgPwr on unsupported ASICs - [x86] drm/i915/pmu: "Frequency" is reported as accumulated cycles - [x86] drm/i915/userptr: Try to acquire the page lock around set_page_dirty() - mwifiex: Fix NL80211_TX_POWER_LIMITED - ALSA: isight: fix leak of reference to firewire unit in error path of .probe callback - crypto: testmgr - fix sizeof() on COMP_BUF_SIZE - printk: lock/unlock console only for new logbuf entries - printk: fix integer overflow in setup_log_buf() - pinctrl: madera: Fix uninitialized variable bug in madera_mux_set_mux - PCI: cadence: Write MSI data with 32bits - gfs2: Fix marking bitmaps non-full - pty: fix compat ioctls - synclink_gt(): fix compat_ioctl() - [ppc64] Fix signedness bug in update_flash_db() - [powerpc] boot: Fix opal console in boot wrapper - [ppc64*,powerpc] boot: Disable vector instructions - [ppc64*,powerpc] eeh: Fix null deref for devices removed during EEH - [ppc64*,powerpc] eeh: Fix use of EEH_PE_KEEP on wrong field - EDAC, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() - mt76: do not store aggregation sequence number for null-data frames - mt76x0: phy: fix restore phase in mt76x0_phy_recalibrate_after_assoc - brcmsmac: AP mode: update beacon when TIM changes - ath10k: set probe request oui during driver start - ath10k: allocate small size dma memory in ath10k_pci_diag_write_mem - skd: fixup usage of legacy IO API - cdrom: don't attempt to fiddle with cdo->capability - spi: sh-msiof: fix deferred probing - mmc: mediatek: fill the actual clock for mmc debugfs - mmc: mediatek: fix cannot receive new request when msdc_cmd_is_ready fail - PCI: mediatek: Fix class type for MT7622 to PCI_CLASS_BRIDGE_PCI - btrfs: defrag: use btrfs_mod_outstanding_extents in cluster_pages_for_defrag - btrfs: handle error of get_old_root - gsmi: Fix bug in append_to_eventlog sysfs handler - misc: mic: fix a DMA pool free failure - w1: IAD Register is yet readable trough iad sys file. Fix snprintf (%u for unsigned, count for max size). - [m68k] fix command-line parsing when passed from u-boot - RDMA/bnxt_re: Avoid NULL check after accessing the pointer - RDMA/bnxt_re: Fix qp async event reporting - RDMA/bnxt_re: Avoid resource leak in case the NQ registration fails - pinctrl: sunxi: Fix a memory leak in 'sunxi_pinctrl_build_state()' - pwm: lpss: Only set update bit if we are actually changing the settings - amiflop: clean up on errors during setup - qed: Align local and global PTT to propagate through the APIs. - scsi: ips: fix missing break in switch - nfp: bpf: protect against mis-initializing atomic counters - [x86] KVM: nVMX: reset cache/shadows when switching loaded VMCS - [x86] KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode() - [x86] KVM: Fix invvpid and invept register operand size in 64-bit mode - clk: tegra: Fixes for MBIST work around - scsi: isci: Use proper enumerated type in atapi_d2h_reg_frame_handler - scsi: isci: Change sci_controller_start_task's return type to sci_status - scsi: bfa: Avoid implicit enum conversion in bfad_im_post_vendor_event - scsi: iscsi_tcp: Explicitly cast param in iscsi_sw_tcp_host_get_param - nvmet: avoid integer overflow in the discard code - nvmet-fcloop: suppress a compiler warning - nvme-pci: fix hot removal during error handling - PCI: mediatek: Fixup MSI enablement logic by enabling MSI before clocks - clk: mmp2: fix the clock id for sdh2_clk and sdh3_clk - ASoC: tegra_sgtl5000: fix device_node refcounting - scsi: dc395x: fix dma API usage in srb_done - scsi: dc395x: fix DMA API usage in sg_update_list - scsi: zorro_esp: Limit DMA transfers to 65535 bytes - net: dsa: mv88e6xxx: Fix 88E6141/6341 2500mbps SERDES speed - net: fix warning in af_unix - xfs: fix use-after-free race in xfs_buf_rele - xfs: clear ail delwri queued bufs on unmount of shutdown fs - kprobes, x86/ptrace.h: Make regs_get_kernel_stack_nth() not fault on bad stack - ACPI / scan: Create platform device for INT33FE ACPI nodes - PM / Domains: Deal with multiple states but no governor in genpd - ALSA: i2c/cs8427: Fix int to char conversion - macintosh/windfarm_smu_sat: Fix debug output - PCI: vmd: Detach resources after stopping root bus - USB: misc: appledisplay: fix backlight update_status return code - usbip: tools: fix atoi() on non-null terminated string - sctp: use sk_wmem_queued to check for writable space - dm raid: avoid bitmap with raid4/5/6 journal device - selftests/bpf: fix file resource leak in load_kallsyms - SUNRPC: Fix a compile warning for cmpxchg64() - sunrpc: safely reallow resvport min/max inversion - atm: zatm: Fix empty body Clang warnings - [s390x] perf: Return error when debug_register fails - swiotlb: do not panic on mapping failures - spi: omap2-mcspi: Set FIFO DMA trigger level to word length - [x86] intel_rdt: Prevent pseudo-locking from using stale pointers - sparc: Fix parport build warnings. - [ppc64*,powerpc] pseries: Export raw per-CPU VPA data via debugfs - [ppc64*,powerpc] mm/radix: Fix off-by-one in split mapping logic - [ppc64*,powerpc] mm/radix: Fix overuse of small pages in splitting logic - [ppc64*,powerpc] mm/radix: Fix small page at boundary when splitting - [ppc64*] radix: Fix radix__flush_tlb_collapsed_pmd double flushing pmd - selftests/bpf: fix return value comparison for tests in test_libbpf.sh - tools: bpftool: fix completion for "bpftool map update" - ceph: fix dentry leak in ceph_readdir_prepopulate - ceph: only allow punch hole mode in fallocate - thermal: armada: fix a test in probe() - f2fs: fix to spread clear_cold_data() - f2fs: spread f2fs_set_inode_flags() - mISDN: Fix type of switch control variable in ctrl_teimanager - qlcnic: fix a return in qlcnic_dcb_get_capability() - net: ethernet: ti: cpsw: unsync mcast entries while switch promisc mode - mfd: arizona: Correct calling of runtime_put_sync - mfd: mc13xxx-core: Fix PMIC shutdown when reading ADC values - [x86] mfd: intel_soc_pmic_bxtwc: Chain power button IRQs as well - mfd: max8997: Enale irq-wakeup unconditionally - net: socionext: Stop PHY before resetting netsec - fs/cifs: fix uninitialised variable warnings - spi: uniphier: fix incorrect property items - selftests/ftrace: Fix to test kprobe $comm arg only if available - selftests: watchdog: fix message when /dev/watchdog open fails - selftests: watchdog: Fix error message. - selftests: kvm: Fix -Wformat warnings - selftests: fix warning: "_GNU_SOURCE" redefined - net: ethernet: cadence: fix socket buffer corruption problem - bpf: devmap: fix wrong interface selection in notifier_call - bpf, btf: fix a missing check bug in btf_parse - [sparc64] Rework xchg() definition to avoid warnings. - [arm64] lib: use C string functions with KASAN enabled - fs/ocfs2/dlm/dlmdebug.c: fix a sleep-in-atomic-context bug in dlm_print_one_mle() - mm/page-writeback.c: fix range_cyclic writeback vs writepages deadlock - tools/testing/selftests/vm/gup_benchmark.c: fix 'write' flag usage - mm: thp: fix MADV_DONTNEED vs migrate_misplaced_transhuge_page race condition - macsec: update operstate when lower device changes - macsec: let the administrator set UP state even if lowerdev is down - block: fix the DISCARD request merge - i2c: uniphier-f: make driver robust against concurrency - i2c: uniphier-f: fix occasional timeout error - i2c: uniphier-f: fix race condition when IRQ is cleared - um: Make line/tty semantics use true write IRQ - vfs: avoid problematic remapping requests into partial EOF block - ipv4/igmp: fix v1/v2 switchback timeout based on rfc3376, 8.12 - [ppc64*,powerpc] xmon: Relax frame size for clang - [ppc64*,powerpc] selftests/ptrace: Fix out-of-tree build - [ppc64*,powerpc] selftests/signal: Fix out-of-tree build - [ppc64*,powerpc] selftests/switch_endian: Fix out-of-tree build - [ppc64*,powerpc] selftests/cache_shape: Fix out-of-tree build - block: call rq_qos_exit() after queue is frozen - mm/gup_benchmark.c: prevent integer overflow in ioctl - linux/bitmap.h: handle constant zero-size bitmaps correctly - linux/bitmap.h: fix type of nbits in bitmap_shift_right() - lib/bitmap.c: fix remaining space computation in bitmap_print_to_pagebuf - hfsplus: fix BUG on bnode parent update - hfs: fix BUG on bnode parent update - hfsplus: prevent btree data loss on ENOSPC - hfs: prevent btree data loss on ENOSPC - hfsplus: fix return value of hfsplus_get_block() - hfs: fix return value of hfs_get_block() - hfsplus: update timestamps on truncate() - hfs: update timestamp on truncate() - fs/hfs/extent.c: fix array out of bounds read of array extent - kernel/panic.c: do not append newline to the stack protector panic string - mm/memory_hotplug: make add_memory() take the device_hotplug_lock - mm/memory_hotplug: fix online/offline_pages called w.o. mem_hotplug_lock - [ppc64*,powerprc] powerpc/powernv: hold device_hotplug_lock when calling device_online() - igb: shorten maximum PHC timecounter update interval - fm10k: ensure completer aborts are marked as non-fatal after a resume - [arm64] net: hns3: bugfix for buffer not free problem during resetting - [arm64] net: hns3: bugfix for reporting unknown vector0 interrupt repeatly problem - [arm64] net: hns3: bugfix for is_valid_csq_clean_head() - [arm64] net: hns3: bugfix for hclge_mdio_write and hclge_mdio_read - ntb_netdev: fix sleep time mismatch - [x86] ntb: intel: fix return value for ndev_vec_mask() - irq/matrix: Fix memory overallocation - nvme-pci: fix conflicting p2p resource adds - [arm64] makefile fix build of .i file in external module case - [x86] tools/power turbosat: fix AMD APIC-id output - mm: handle no memcg case in memcg_kmem_charge() properly - ocfs2: without quota support, avoid calling quota recovery - ocfs2: don't use iocb when EIOCBQUEUED returns - ocfs2: don't put and assigning null to bh allocated outside - ocfs2: fix clusters leak in ocfs2_defrag_extent() - net: do not abort bulk send on BQL status - sched/topology: Fix off by one bug - sched/fair: Don't increase sd->balance_interval on newidle balance - openvswitch: fix linking without CONFIG_NF_CONNTRACK_LABELS - [armhf] dts: imx6sx-sdb: Fix enet phy regulator - [arm64] sunxi-ng: enable so-said LDOs for A64 SoC's pll-mipi clock - soc: bcm: brcmstb: Fix re-entry point with a THUMB2_KERNEL - audit: print empty EXECVE args - sock_diag: fix autoloading of the raw_diag module - net: bpfilter: fix iptables failure if bpfilter_umh is disabled - nds32: Fix bug in bitfield.h - media: ov13858: Check for possible null pointer - btrfs: avoid link error with CONFIG_NO_AUTO_INLINE - wil6210: fix debugfs memory access alignment - wil6210: fix L2 RX status handling - wil6210: fix RGF_CAF_ICR address for Talyn-MB - wil6210: fix locking in wmi_call - ath10k: snoc: fix unbalanced clock error handling - wlcore: Fix the return value in case of error in 'wlcore_vendor_cmd_smart_config_start()' - rtl8xxxu: Fix missing break in switch - brcmsmac: never log "tid x is not agg'able" by default - wireless: airo: potential buffer overflow in sprintf() - rtlwifi: rtl8192de: Fix misleading REG_MCUFWDL information - net: dsa: bcm_sf2: Turn on PHY to allow successful registration - scsi: mpt3sas: Fix Sync cache command failure during driver unload - scsi: mpt3sas: Don't modify EEDPTagMode field setting on SAS3.5 HBA devices - scsi: mpt3sas: Fix driver modifying persistent data in Manufacturing page11 - scsi: megaraid_sas: Fix msleep granularity - scsi: megaraid_sas: Fix goto labels in error handling - scsi: lpfc: fcoe: Fix link down issue after 1000+ link bounces - scsi: lpfc: Fix odd recovery in duplicate FLOGIs in point-to-point - scsi: lpfc: Correct loss of fc4 type on remote port address change - usb: typec: tcpm: charge current handling for sink during hard reset - dlm: fix invalid free - dlm: don't leak kernel pointer to userspace - vrf: mark skb for multicast or link-local as enslaved to VRF - clk: tegra20: Turn EMC clock gate into divider - ACPICA: Use %d for signed int print formatting instead of %u - net: bcmgenet: return correct value 'ret' from bcmgenet_power_down - of: unittest: allow base devicetree to have symbol metadata - of: unittest: initialize args before calling of_*parse_*() - tools: bpftool: pass an argument to silence open_obj_pinned() - cfg80211: Prevent regulatory restore during STA disconnect in concurrent interfaces - pinctrl: qcom: spmi-gpio: fix gpio-hog related boot issues - pinctrl: bcm2835: Use define directive for BCM2835_PINCONF_PARAM_PULL - pinctrl: lpc18xx: Use define directive for PIN_CONFIG_GPIO_PIN_INT - pinctrl: zynq: Use define directive for PIN_CONFIG_IO_STANDARD - PCI: keystone: Use quirk to limit MRRS for K2G - nvme-pci: fix surprise removal - spi: omap2-mcspi: Fix DMA and FIFO event trigger size mismatch - i2c: uniphier-f: fix timeout error after reading 8 bytes - mm/memory_hotplug: Do not unlock when fails to take the device_hotplug_lock - ipv6: Fix handling of LLA with VRF and sockets bound to VRF - cfg80211: call disconnect_wk when AP stops - mm/page_io.c: do not free shared swap slots - Bluetooth: Fix invalid-free in bcsp_close() - KVM: MMU: Do not treat ZONE_DEVICE pages as being reserved - ath10k: Fix a NULL-ptr-deref bug in ath10k_usb_alloc_urb_from_pipe - ath9k_hw: fix uninitialized variable data - md/raid10: prevent access of uninitialized resync_pages offset - mm/memory_hotplug: don't access uninitialized memmaps in shrink_zone_span() - net: phy: dp83867: fix speed 10 in sgmii mode - net: phy: dp83867: increase SGMII autoneg timer duration - ocfs2: remove ocfs2_is_o2cb_active() - [arm*] 8904/1: skip nomap memblocks while finding the lowmem/highmem boundary - ARC: perf: Accommodate big-endian CPU - [x86] insn: Fix awk regexp warnings - [x86] speculation: Fix incorrect MDS/TAA mitigation status - [x86] speculation: Fix redundant MDS mitigation message - nbd: prevent memory leak - y2038: futex: Move compat implementation into futex.c - futex: Prevent robust futex exit race - ALSA: usb-audio: Fix NULL dereference at parsing BADD - nfc: port100: handle command failure cleanly - media: vivid: Set vid_cap_streaming and vid_out_streaming to true - media: vivid: Fix wrong locking that causes race conditions on streaming stop (CVE-2019-18683) - media: usbvision: Fix races among open, close, and disconnect - cpufreq: Add NULL checks to show() and store() methods of cpufreq - media: uvcvideo: Fix error path in control parsing failure - media: b2c2-flexcop-usb: add sanity checking - media: cxusb: detect cxusb_ctrl_msg error in query - media: imon: invalid dereference in imon_touch_event - virtio_ring: fix return code on DMA mapping fails - USBIP: add config dependency for SGL_ALLOC - usbip: tools: fix fd leakage in the function of read_attr_usbip_status - usbip: Fix uninitialized symbol 'nents' in stub_recv_cmd_submit() - usb-serial: cp201x: support Mark-10 digital force gauge - USB: chaoskey: fix error case of a timeout - appledisplay: fix error handling in the scheduled work - USB: serial: mos7840: add USB ID to support Moxa UPort 2210 - USB: serial: mos7720: fix remote wakeup - USB: serial: mos7840: fix remote wakeup - USB: serial: option: add support for DW5821e with eSIM support - USB: serial: option: add support for Foxconn T77W968 LTE modules - staging: comedi: usbduxfast: usbduxfast_ai_cmdtest rounding error - [ppc64*] support nospectre_v2 cmdline option - [ppc64*] book3s: Fix link stack flush on context switch (CVE-2019-18660) - [ppc64*, powerpc] PPC: Book3S HV: Flush link stack on guest exit to host kernel - PM / devfreq: Fix kernel oops on governor module load . [ Romain Perier ] * [armel/rpi] Enable CONFIG_BRCMFMAC_SDIO (Closes: #940530) * [armhf, arm64] Backport devicetree for enabling support for the Raspberry PI 3 A+ . [ Salvatore Bonaccorso ] * ixgbe: Fix secpath usage for IPsec TX offload (Closes: #930443) * ipv4: Return -ENETUNREACH if we can't create route but saddr is valid (Closes: #945023) * [x86] KVM: x86: introduce is_pae_paging (Regression in 4.19.77) * [rt] Refresh 0011-sched-fair-Robustify-CFS-bandwidth-timer-locking.patch (context changes in 4.19.84) . [ Bastian Blank ] * [amd64/cloud-amd64] Re-enable RTC drivers. (closes: #931341) . [ Noah Meyerhans ] * drivers/net/ethernet/amazon: Backport driver fixes from Linux 5.4 (Closes: #941291) * Bump ABI to 7 . [ Ben Hutchings ] * debian/bin/genpatch-rt: Fix series generation from git * [rt] Update to 4.19.82-rt30: - Drop changes in "fs/dcache: disable preemption on i_dir_seq's write side" that conflict with "Fix the locking in dcache_readdir() and friends" - Rewrite "fs/aio: simple simple work" using kthread_work - Rewrite "thermal: Defer thermal wakups to threads" using kthread_work - Rewrite "block: blk-mq: move blk_queue_usage_counter_release() into process context" using kthread_work - workqueue: rework . [ Benjamin Poirier ] * tools/perf: Add python3 support to scripts (Closes: #944641) . [ Aurelien Jarno ] * [rt] Refresh 0025-NFSv4-replace-seqcount_t-with-a-seqlock_t.patch (context changes in 4.19.86) * [rt] Refresh 0202-net-Qdisc-use-a-seqlock-instead-seqcount.patch (context changes in 4.19.86) * [rt] Refresh 0057-printk-Add-a-printk-kill-switch.patch (context changes in 4.19.87) * [rt] Refresh 0207-printk-Make-rt-aware.patch (context changes in 4.19.87) linux-signed-amd64 (4.19.67+2+deb10u2) buster-security; urgency=high . * Sign kernel from linux 4.19.67-2+deb10u2 . * [x86] Add mitigation for TSX Asynchronous Abort (CVE-2019-11135): - KVM: x86: use Intel speculation bugs and features as derived in generic x86 code - x86/msr: Add the IA32_TSX_CTRL MSR - x86/cpu: Add a helper function x86_read_arch_cap_msr() - x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default - x86/speculation/taa: Add mitigation for TSX Async Abort - x86/speculation/taa: Add sysfs reporting for TSX Async Abort - kvm/x86: Export MDS_NO=0 to guests when TSX is enabled - x86/tsx: Add "auto" option to the tsx= cmdline parameter - x86/speculation/taa: Add documentation for TSX Async Abort - x86/tsx: Add config options to set tsx=on|off|auto - x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs TSX is now disabled by default; see Documentation/admin-guide/hw-vuln/tsx_async_abort.rst * [x86] KVM: Add mitigation for Machine Check Error on Page Size Change (aka iTLB multi-hit, CVE-2018-12207): - kvm: Convert kvm_lock to a mutex - kvm: x86: Do not release the page inside mmu_set_spte() - KVM: x86: make FNAME(fetch) and __direct_map more similar - KVM: x86: remove now unneeded hugepage gfn adjustment - KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON - KVM: x86: add tracepoints around __direct_map and FNAME(fetch) - kvm: x86, powerpc: do not allow clearing largepages debugfs entry - KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active - x86/bugs: Add ITLB_MULTIHIT bug infrastructure - cpu/speculation: Uninline and export CPU mitigations helpers - kvm: mmu: ITLB_MULTIHIT mitigation - kvm: Add helper function for creating VM worker threads - kvm: x86: mmu: Recovery of shattered NX large pages - Documentation: Add ITLB_MULTIHIT documentation * [x86] i915: Mitigate local privilege escalation on gen9 (CVE-2019-0155): - drm/i915: Rename gen7 cmdparser tables - drm/i915: Disable Secure Batches for gen6+ - drm/i915: Remove Master tables from cmdparser - drm/i915: Add support for mandatory cmdparsing - drm/i915: Support ro ppgtt mapped cmdparser shadow buffers - drm/i915: Allow parsing of unsized batches - drm/i915: Add gen9 BCS cmdparsing - drm/i915/cmdparser: Use explicit goto for error paths - drm/i915/cmdparser: Add support for backward jumps - drm/i915/cmdparser: Ignore Length operands during command matching - drm/i915/cmdparser: Fix jump whitelist clearing * [x86] i915: Mitigate local denial-of-service on gen8/gen9 (CVE-2019-0154): - drm/i915: Lower RM timeout to avoid DSI hard hangs - drm/i915/gen8+: Add RC6 CTX corruption WA linux-signed-amd64 (4.19.67+2+deb10u2~bpo9+1) stretch-backports; urgency=medium . * Sign kernel from linux 4.19.67-2+deb10u2~bpo9+1 . * Rebuild for stretch-backports; no further changes required linux-signed-arm64 (4.19.98+1) buster; urgency=medium . * Sign kernel from linux 4.19.98-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.88 - [arm64] clk: meson: gxbb: let sar_adc_clk_div set the parent clock rate - ASoC: compress: fix unsigned integer overflow check - reset: Fix memory leak in reset_control_array_put() - [armhf] clk: samsung: exynos5433: Fix error paths - [armel/marvell,armhf] ASoC: kirkwood: fix external clock probe defer - [armel/marvell,armhf] ASoC: kirkwood: fix device remove ordering - [armhf] clk: samsung: exynos5420: Preserve PLL configuration during suspend/resume - [x86] pinctrl: cherryview: Allocate IRQ chip dynamic - [armhf] dts: imx6qdl-sabreauto: Fix storm of accelerometer interrupts - reset: fix reset_control_ops kerneldoc comment - [armhf,arm64] clk: sunxi: Fix operator precedence in sunxi_divs_clk_setup - [armhf] clk: sunxi-ng: a80: fix the zero'ing of bits 16 and 18 - [armhf] dts: sun8i-a83t-tbs-a711: Fix WiFi resume from suspend - [ppc64el] bpf: Fix tail call implementation - idr: Fix integer overflow in idr_for_each_entry - idr: Fix idr_alloc_u32 on 32-bit systems - [x86] resctrl: Prevent NULL pointer dereference when reading mondata - [armhf] clk: ti: dra7-atl-clock: Remove ti_clk_add_alias call - [armhf] clk: ti: clkctrl: Fix failed to enable error with double udelay timeout - bridge: ebtables: don't crash when using dnat target in output chains - can: peak_usb: report bus recovery as well - can: rx-offload: can_rx_offload_queue_tail(): fix error handling, avoid skb mem leak - can: rx-offload: can_rx_offload_offload_one(): do not increase the skb_queue beyond skb_queue_len_max - can: rx-offload: can_rx_offload_offload_one(): increment rx_fifo_errors on queue overflow or OOM - can: rx-offload: can_rx_offload_offload_one(): use ERR_PTR() to propagate error value in case of errors - can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on error - can: rx-offload: can_rx_offload_irq_offload_fifo(): continue on error - [armhf] can: flexcan: increase error counters if skb enqueueing via can_rx_offload_queue_sorted() fails - [arm64] watchdog: meson: Fix the wrong value of left time - ceph: return -EINVAL if given fsc mount option on kernel w/o support - net/fq_impl: Switch to kvmalloc() for memory allocation - mac80211: fix station inactive_time shortly after boot - block: drbd: remove a stray unlock in __drbd_send_protocol() - scsi: target/tcmu: Fix queue_cmd_ring() declaration - scsi: lpfc: Fix kernel Oops due to null pring pointers - scsi: lpfc: Fix dif and first burst use in write commands - tracing: Lock event_mutex before synth_event_mutex - [armhf] dts: imx*: Fix memory node duplication - [armhf] dts: Fix hsi gdd range for omap4 - [arm64] mm: Prevent mismatched 52-bit VA support - [arm64] smp: Handle errors reported by the firmware - [armhf] bus: ti-sysc: Check for no-reset and no-idle flags at the child level - [arm64] RDMA/hns: Fix the bug while use multi-hop of pbl - [x86] RDMA/vmw_pvrdma: Use atomic memory allocation in create AH - [armhf] PM / AVS: SmartReflex: NULL check before some freeing functions is not needed - xfs: zero length symlinks are not valid - ACPI / LPSS: Ignore acpi_device_fix_up_power() return value - scsi: lpfc: Enable Management features for IF_TYPE=6 - scsi: qla2xxx: Fix NPIV handling for FC-NVMe - scsi: qla2xxx: Fix for FC-NVMe discovery for NPIV port - nvme: provide fallback for discard alloc failure - [s390x] zcrypt: make sysfs reset attribute trigger queue reset - crypto: user - support incremental algorithm dumps - mwifiex: fix potential NULL dereference and use after free - mwifiex: debugfs: correct histogram spacing, formatting - brcmfmac: set F2 watermark to 256 for 4373 - brcmfmac: set SDIO F1 MesBusyCtrl for CYW4373 - rtl818x: fix potential use after free - bcache: do not check if debug dentry is ERR or NULL explicitly on remove - bcache: do not mark writeback_running too early - xfs: require both realtime inodes to mount - nvme: fix kernel paging oops - ubifs: Fix default compression selection in ubifs - ubi: Put MTD device after it is not used - ubi: Do not drop UBI device reference before using - iwlwifi: move iwl_nvm_check_version() into dvm - iwlwifi: mvm: force TCM re-evaluation on TCM resume - iwlwifi: pcie: fix erroneous print - iwlwifi: pcie: set cmd_len in the correct place - [armhf,arm64] gpio: pca953x: Fix AI overflow on PCAL6524 - gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB - [x86] kvm: vmx: Set IA32_TSC_AUX for legacy mode guests - [x86] Revert "KVM: nVMX: reset cache/shadows when switching loaded VMCS" - [x86] Revert "KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode()" - VSOCK: bind to random port for VMADDR_PORT_ANY - [amd64] mmc: meson-gx: make sure the descriptor is stopped on errors - [armhf] mtd: rawnand: sunxi: Write pageprog related opcodes to WCMD_SET - [armhf] usb: ehci-omap: Fix deferred probe for phy handling - btrfs: Check for missing device before bio submission in btrfs_map_bio - btrfs: fix ncopies raid_attr for RAID56 - btrfs: dev-replace: set result code of cancel by status of scrub - Btrfs: allow clear_extent_dirty() to receive a cached extent state record - btrfs: only track ref_heads in delayed_ref_updates - [x86] HID: intel-ish-hid: fixes incorrect error handling - serial: 8250: Rate limit serial port rx interrupts during input overruns - [x86] kprobes/xen: blacklist non-attachable xen interrupt functions - xen/pciback: Check dev_data before using it - kprobes: Blacklist symbols in arch-defined prohibited area - [amd64] kprobes: Show x86-64 specific blacklisted symbols correctly - [armhf] memory: omap-gpmc: Get the header of the enum - net/mlx5: Continue driver initialization despite debugfs failure - netfilter: nf_nat_sip: fix RTP/RTCP source port translations - exofs_mount(): fix leaks on failure exits - bnxt_en: Return linux standard errors in bnxt_ethtool.c - bnxt_en: Save ring statistics before reset. - bnxt_en: query force speeds before disabling autoneg mode. - [s390x] KVM: unregister debug feature on failing arch init - dm flakey: Properly corrupt multi-page bios. - gfs2: take jdata unstuff into account in do_grow - dm raid: fix false -EBUSY when handling check/repair message - xfs: Align compat attrlist_by_handle with native implementation. - xfs: Fix bulkstat compat ioctls on x32 userspace. - IB/qib: Fix an error code in qib_sdma_verbs_send() - vxlan: Fix error path in __vxlan_dev_create() - [ppc64el] xmon: fix dump_segments() - drivers/regulator: fix a missing check of return value - Bluetooth: hci_bcm: Handle specific unknown packets after firmware loading - RDMA/srp: Propagate ib_post_send() failures to the SCSI mid-layer - scsi: qla2xxx: deadlock by configfs_depend_item - scsi: csiostor: fix incorrect dma device in case of vport - brcmfmac: Fix access point mode - ath6kl: Only use match sets when firmware supports it - ath6kl: Fix off by one error in scan completion - [ppc64el] perf: Fix unit_sel/cache_sel checks - [ppc64el] prom: fix early DEBUG messages - [ppc64el] mm: Make NULL pointer deferences explicit on bad page faults. - [ppc64el] vfio/spapr_tce: Get rid of possible infinite loop - [ppc64el] powernv/eeh/npu: Fix uninitialized variables in opal_pci_eeh_freeze_status - drbd: ignore "all zero" peer volume sizes in handshake - drbd: reject attach of unsuitable uuids even if connected - drbd: do not block when adjusting "disk-options" while IO is frozen - drbd: fix print_st_err()'s prototype to match the definition - IB/rxe: Make counters thread safe - bpf/cpumap: make sure frame_size for build_skb is aligned if headroom isn't - [armhf] regulator: tps65910: fix a missing check of return value - [ppc64el] powerpc/pseries: Fix node leak in update_lmb_associativity_index() - net/netlink_compat: Fix a missing check of nla_parse_nested - net/net_namespace: Check the return value of register_pernet_subsys() - f2fs: fix block address for __check_sit_bitmap - f2fs: fix to dirty inode synchronously - [armhf] net: dsa: bcm_sf2: Propagate error value from mdio_write - atl1e: checking the status of atl1e_write_phy_reg - tipc: fix a missing check of genlmsg_put - net: marvell: fix a missing check of acpi_match_device - ocfs2: clear journal dirty flag after shutdown journal - vmscan: return NODE_RECLAIM_NOSCAN in node_reclaim() when CONFIG_NUMA is n - mm/page_alloc.c: free order-0 pages through PCP in page_frag_free() - mm/page_alloc.c: use a single function to free page - mm/page_alloc.c: deduplicate __memblock_free_early() and memblock_free() - netfilter: nf_tables: fix a missing check of nla_put_failure - xprtrdma: Prevent leak of rpcrdma_rep objects - infiniband/qedr: Potential null ptr dereference of qp - lib/genalloc.c: fix allocation of aligned buffer from non-aligned chunk - lib/genalloc.c: use vzalloc_node() to allocate the bitmap - drivers/base/platform.c: kmemleak ignore a known leak - lib/genalloc.c: include vmalloc.h - mtd: Check add_mtd_device() ret code - tipc: fix memory leak in tipc_nl_compat_publ_dump - net/core/neighbour: tell kmemleak about hash tables - [armhf,arm64] ata: ahci: mvebu: do Armada 38x configuration only on relevant SoCs - PCI/MSI: Return -ENOSPC from pci_alloc_irq_vectors_affinity() - net/core/neighbour: fix kmemleak minimal reference count for hash tables - serial: 8250: Fix serial8250 initialization crash - [armhf] gpu: ipu-v3: pre: don't trigger update if buffer address doesn't change - sfc: suppress duplicate nvmem partition types in efx_ef10_mtd_probe - ip_tunnel: Make none-tunnel-dst tunnel port work with lwtunnel - decnet: fix DN_IFREQ_SIZE - net/smc: prevent races between smc_lgr_terminate() and smc_conn_free() - net/smc: don't wait for send buffer space when data was already sent - mm/hotplug: invalid PFNs from pfn_to_online_page() - xfs: end sync buffer I/O properly on shutdown error - net/smc: fix sender_free computation - blktrace: Show requests without sector - net/smc: fix byte_order for rx_curs_confirmed - tipc: fix skb may be leaky in tipc_link_input - sfc: initialise found bitmap in efx_ef10_mtd_probe - geneve: change NET_UDP_TUNNEL dependency to select - net: fix possible overflow in __sk_mem_raise_allocated() - net: ip_gre: do not report erspan_ver for gre or gretap - net: ip6_gre: do not report erspan_ver for ip6gre or ip6gretap - sctp: don't compare hb_timer expire date before starting it - bpf: decrease usercnt if bpf_map_new_fd() fails in bpf_map_get_fd_by_id() - mmc: core: align max segment size with logical block size - net: dev: Use unsigned integer as an argument to left-shift - kvm: properly check debugfs dentry before using it - bpf: drop refcount if bpf_map_new_fd() fails in map_create() - [arm64] net: hns3: Change fw error code NOT_EXEC to NOT_SUPPORTED - [arm64] net: hns3: fix PFC not setting problem for DCB module - [arm64] net: hns3: fix an issue for hclgevf_ae_get_hdev - [arm64] net: hns3: fix an issue for hns3_update_new_int_gl - [x86] iommu/amd: Fix NULL dereference bug in match_hid_uid - apparmor: delete the dentry in aafs_remove() to avoid a leak - scsi: libsas: Support SATA PHY connection rate unmatch fixing during discovery - ACPI / APEI: Don't wait to serialise with oops messages when panic()ing - ACPI / APEI: Switch estatus pool to use vmalloc memory - [arm64] scsi: hisi_sas: shutdown axi bus to avoid exception CQ returned - scsi: libsas: Check SMP PHY control function result - [arm64] RDMA/hns: Fix the bug with updating rq head pointer when flush cqe - [arm64] RDMA/hns: Bugfix for the scene without receiver queue - [arm64] RDMA/hns: Fix the state of rereg mr - [arm64] RDMA/hns: Use GFP_ATOMIC in hns_roce_v2_modify_qp - ASoC: rt5645: Headphone Jack sense inverts on the LattePanda board - [ppc64el] pseries/dlpar: Fix a missing check in dlpar_parse_cc_property() (CVE-2019-12614) - xdp: fix cpumap redirect SKB creation bug - mtd: Remove a debug trace in mtdpart.c - [s390x] mm, gup: add missing refcount overflow checks on s390 - [armhf,arm64] usb: dwc2: use a longer core rest timeout in dwc2_core_reset() - staging: rtl8192e: fix potential use after free - staging: rtl8723bs: Drop ACPI device ids - staging: rtl8723bs: Add 024c:0525 to the list of SDIO device-ids - USB: serial: ftdi_sio: add device IDs for U-Blox C099-F9P - [x86] mei: bus: prefix device names on bus with the bus name - [x86] mei: me: add comet point V device id - thunderbolt: Power cycle the router if NVM authentication fails - xfrm: Fix memleak on xfrm state destroy - media: v4l2-ctrl: fix flags for DO_WHITE_BALANCE - [arm64] net: macb: fix error format in dev_err() - pwm: Clear chip_data in pwm_put() - macvlan: schedule bc_work even if error - net: psample: fix skb_over_panic - openvswitch: fix flow command message size - sctp: Fix memory leak in sctp_sf_do_5_2_4_dupcook - slip: Fix use-after-free Read in slip_open - openvswitch: drop unneeded BUG_ON() in ovs_flow_cmd_build_info() - openvswitch: remove another BUG_ON() - tipc: fix link name length check - sctp: cache netns in sctp_ep_common - net: sched: fix `tc -s class show` no bstats on class with nolock subqueues - [arm64] net: macb: add missed tasklet_kill - ext4: add more paranoia checking in ext4_expand_extra_isize handling (CVE-2019-19767) - [arm64] net: macb: Fix SUBNS increment and increase resolution - [arm64] net: macb driver, check for SKBTX_HW_TSTAMP - mtd: spi-nor: cast to u64 to avoid uint overflows - tcp: exit if nothing to retransmit on RTO timeout - HID: core: check whether Usage Page item is after Usage ID items - [x86] platform: hp-wmi: Fix ACPI errors caused by too small buffer - [x86] platform: hp-wmi: Fix ACPI errors caused by passing 0 as input size https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.89 - rsi: release skb if rsi_prepare_beacon fails (CVE-2019-19071) - [arm64] tegra: Fix 'active-low' warning for Jetson TX1 regulator - usb: gadget: u_serial: add missing port entry locking - [arm64] tty: serial: msm_serial: Fix flow control - [armhf,arm64] serial: pl011: Fix DMA ->flush_buffer() - serial: serial_core: Perform NULL checks for break_ctl ops - autofs: fix a leak in autofs_expire_indirect() - [arm64] RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN - iwlwifi: pcie: don't consider IV len in A-MSDU - exportfs_decode_fh(): negative pinned may become positive without the parent locked - audit_get_nd(): don't unlock parent too early - xfrm: release device reference for invalid state - sched/core: Avoid spurious lock dependencies - perf/core: Consistently fail fork on allocation failures - ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed() - [armhf,arm64] drm/sun4i: tcon: Set min division of TCON0_DCLK to 1. - rsxx: add missed destroy_workqueue calls in remove - i2c: core: fix use after free in of_i2c_notify - serial: core: Allow processing sysrq at port unlock time - cxgb4vf: fix memleak in mac_hlist initialization - iwlwifi: mvm: synchronize TID queue removal - iwlwifi: trans: Clear persistence bit when starting the FW - iwlwifi: mvm: Send non offchannel traffic via AP sta - [armhf] 8813/1: Make aligned 2-byte getuser()/putuser() atomic on ARMv6+ - audit: Embed key into chunk - netfilter: nf_tables: don't use position attribute on rule replacement - net/mlx5: Release resource on error flow - [arm64] clk: sunxi-ng: a64: Fix gate bit of DSI DPHY - ice: Fix NVM mask defines - dlm: fix possible call to kfree() for non-initialized pointer - [armhf] dts: exynos: Fix LDO13 min values on Odroid XU3/XU4/HC1 - [armhf,arm64] rtc: max77686: Fix the returned value in case of error in 'max77686_rtc_read_time()' - i40e: don't restart nway if autoneg not supported - virtchnl: Fix off by one error - [armhf] clk: rockchip: fix rk3188 sclk_smc gate data - [armhf] clk: rockchip: fix rk3188 sclk_mac_lbtest parameter ordering - [armhf] dts: rockchip: Fix rk3288-rock2 vcc_flash name - dlm: fix missing idr_destroy for recover_idr - [armhf,arm64] net: dsa: mv88e6xxx: Work around mv886e6161 SERDES missing MII_PHYSID2 - [s390x] scsi: zfcp: update kernel message for invalid FCP_CMND length, it's not the CDB - [s390x] scsi: zfcp: drop default switch case which might paper over missing case - [armhf] bus: ti-sysc: Fix getting optional clocks in clock_roles - [armhf] dts: imx6: RDU2: fix eGalax touchscreen node - crypto: ecc - check for invalid values in the key verification test - crypto: bcm - fix normal/non key hash algorithm failure - [arm64] dts: zynqmp: Fix node names which contain "_" - [arm64] pinctrl: qcom: ssbi-gpio: fix gpio-hog related boot issues - [arm*] firmware: raspberrypi: Fix firmware calls with large buffers - mm/vmstat.c: fix NUMA statistics updates - [arm64] clk: rockchip: fix I2S1 clock gate register for rk3328 - [arm64] clk: rockchip: fix ID of 8ch clock of I2S1 for rk3328 - sctp: count sk_wmem_alloc by skb truesize in sctp_packet_transmit - regulator: Fix return value of _set_load() stub - USB: serial: f81534: fix reading old/new IC config - xfs: extent shifting doesn't fully invalidate page cache - net-next/hinic:fix a bug in set mac address - net-next/hinic: fix a bug in rx data flow - ice: Fix return value from NAPI poll - ice: Fix possible NULL pointer de-reference - iomap: FUA is wrong for DIO O_DSYNC writes into unwritten extents - iomap: sub-block dio needs to zeroout beyond EOF - iomap: dio data corruption and spurious errors when pipes fill - iomap: readpages doesn't zero page tail beyond EOF - iw_cxgb4: only reconnect with MPAv1 if the peer aborts - [mips*/octeon] octeon-platform: fix typing - net/smc: use after free fix in smc_wr_tx_put_slot() - [armhf] dts: exynos: Use Samsung SoC specific compatible for DWC2 module - media: pulse8-cec: return 0 when invalidating the logical address - media: cec: report Vendor ID after initialization - iwlwifi: fix cfg structs for 22000 with different RF modules - net/ipv6: re-do dad when interface has IFF_NOARP flag change - [x86] dmaengine: dw-dmac: implement dma protection control setting - [armhf,arm64] usb: dwc3: debugfs: Properly print/set link state for HS - [armhf,arm64] usb: dwc3: don't log probe deferrals; but do log other error codes - ACPI: fix acpi_find_child_device() invocation in acpi_preset_companion() - f2fs: fix to account preflush command for noflush_merge mode - f2fs: fix count of seg_freed to make sec_freed correct - f2fs: change segment to section in f2fs_ioc_gc_range - [armhf] dts: rockchip: Fix the PMU interrupt number for rv1108 - [armhf] dts: rockchip: Assign the proper GPIO clocks for rv1108 - f2fs: fix to allow node segment for GC by ioctl path - nvme: Free ctrl device name on init failure - dma-mapping: fix return type of dma_set_max_seg_size() - [armhf] serial: imx: fix error handling in console_setup - [armhf] i2c: imx: don't print error message on probe defer - [arm64] clk: meson: Fix GXL HDMI PLL fractional bits width - [armhf,arm64] gpu: host1x: Fix syncpoint ID field size on Tegra186 - lockd: fix decoding of TEST results - sctp: increase sk_wmem_alloc when head->truesize is increased - [x86] iommu/amd: Fix line-break in error log reporting - [armhf] dts: sun8i: a23/a33: Fix OPP DTC warnings - [armhf] dts: sun8i: v3s: Change pinctrl nodes to avoid warning - nfsd: fix a warning in __cld_pipe_upcall() - bpf: btf: implement btf_name_valid_identifier() - bpf: btf: check name validity for various types - [armhf] OMAP1/2: fix SoC name printing - [arm64] dts: meson-gxl-libretech-cc: fix GPIO lines names - [arm64] dts: meson-gxbb-nanopi-k2: fix GPIO lines names - [arm64] dts: meson-gxbb-odroidc2: fix GPIO lines names - [arm64] dts: meson-gxl-khadas-vim: fix GPIO lines names - net/x25: fix called/calling length calculation in x25_parse_address_block - net/x25: fix null_x25_address handling - tcp: make tcp_space() aware of socket backlog - tcp: fix off-by-one bug on aborting window-probing socket - tcp: fix SNMP under-estimation on failed retransmission - tcp: fix SNMP TCP timeout under-estimation - kbuild: fix single target build for external module - mtd: fix mtd_oobavail() incoherent returned value - [arm64] clk: meson: meson8b: fix the offset of vid_pll_dco's N value - [armhf,arm64] clk: sunxi-ng: h3/h5: Fix CSI_MCLK parent - [arm64] clk: qcom: Fix MSM8998 resets - dlm: fix invalid cluster name warning - net/mlx4_core: Fix return codes of unsupported operations - pstore/ram: Avoid NULL deref in ftrace merging failure path - [mips*/octeon] cvmx_pko_mem_debug8: use oldest forward compatible definition - nfsd: Return EPERM, not EACCES, in some SETATTR cases - media: uvcvideo: Abstract streaming object lifetime - [armhf] dts: sun8i: h3: Fix the system-control register range - tty: Don't block on IO when ldisc change is pending - media: stkwebcam: Bugfix for wrong return values - sctp: frag_point sanity check - IB/hfi1: Ignore LNI errors before DC8051 transitions to Polling state - IB/hfi1: Close VNIC sdma_progress sleep window - mlx4: Use snprintf instead of complicated strcpy - [armhf] dts: sunxi: Fix PMU compatible strings - [armhf] dts: am335x-pdu001: Fix polarity of card detection input - net: aquantia: fix RSS table and key sizes - sched/fair: Scale bandwidth quota and period without losing quota/period ratio precision - fuse: verify nlink - fuse: verify attributes - [x86] ALSA: hda/realtek - Enable internal speaker of ASUS UX431FLC - [x86] ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop - [x86] ALSA: hda/realtek - Dell headphone has noise on unmute for ALC236 - ALSA: pcm: oss: Avoid potential buffer overflows - [x86] ALSA: hda - Add mute led support for HP ProBook 645 G4 - [x86] Input: synaptics - switch another X1 Carbon 6 to RMI/SMbus - [x86] Input: synaptics-rmi4 - re-enable IRQs in f34v7_do_reflash - [x86] Input: synaptics-rmi4 - don't increment rmiaddr for SMBus transfers - [x86] Input: goodix - add upside-down quirk for Teclast X89 tablet - Input: Fix memory leak in psxpad_spi_probe - [i386] mm: Sync only to VMALLOC_END in vmalloc_sync_all() - [x86] PCI: Avoid AMD FCH XHCI USB PME# from D0 defect - xfrm interface: fix memory leak on creation - xfrm interface: avoid corruption on changelink - xfrm interface: fix list corruption for x-netns - xfrm interface: fix management of phydev - CIFS: Fix NULL-pointer dereference in smb2_push_mandatory_locks - CIFS: Fix SMB2 oplock break processing - tty: vt: keyboard: reject invalid keycodes - can: slcan: Fix use-after-free Read in slcan_open - kernfs: fix ino wrap-around detection - jbd2: Fix possible overflow in jbd2_log_space_left() - [arm64] drm/msm: fix memleak on release - [i386] drm/i810: Prevent underflow in ioctl - [armhf,arm64] KVM: vgic: Don't rely on the wrong pending table - [x86] KVM: do not modify masked bits of shared MSRs - [x86] KVM: fix presentation of TSX feature in ARCH_CAPABILITIES - [x86] KVM: Grab KVM's srcu lock when setting nested state - crypto: af_alg - cast ki_complete ternary op to int - [x86] crypto: ccp - fix uninitialized list head - crypto: ecdh - fix big endian bug in ECC library - crypto: user - fix memory leak in crypto_report (CVE-2019-19062) - mwifiex: update set_mac_address logic - can: ucan: fix non-atomic allocation in completion handler - RDMA/qib: Validate ->show()/store() callbacks before calling them - iomap: Fix pipe page leakage during splicing - thermal: Fix deadlock in thermal thermal_zone_device_check - vcs: prevent write access to vcsu devices (CVE-2019-19252) - binder: Fix race between mmap() and binder_alloc_print_pages() - binder: Handle start==NULL in binder_update_page_range() - ALSA: hda - Fix pending unsol events at shutdown - perf script: Fix invalid LBR/binary mismatch error - splice: don't read more than available pipe space - iomap: partially revert 4721a601099 (simulated directio short read on EFAULT) - xfs: add missing error check in xfs_prepare_shift() - ASoC: rsnd: fixup MIX kctrl registration - [x86] KVM: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332) - net: qrtr: fix memort leak in qrtr_tun_write_iter (CVE-2019-19079) - appletalk: Fix potential NULL pointer dereference in unregister_snap_client (CVE-2019-19227) - appletalk: Set error code if register_snap_client failed https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.90 - usb: gadget: configfs: Fix missing spin_lock_init() - [x86] usb: gadget: pch_udc: fix use after free - scsi: qla2xxx: Fix driver unload hang - [arm64] media: venus: remove invalid compat_ioctl32 handler - USB: uas: honor flag to avoid CAPACITY16 - USB: uas: heed CAPACITY_HEURISTICS - usb: Allow USB device to be warm reset in suspended state - staging: rtl8188eu: fix interface sanity check - staging: rtl8712: fix interface sanity check - staging: gigaset: fix general protection fault on probe - staging: gigaset: fix illegal free on probe errors - staging: gigaset: add endpoint-type sanity check - usb: xhci: only set D3hot for pci device - xhci: Fix memory leak in xhci_add_in_port() - xhci: Increase STS_HALT timeout in xhci_suspend() - xhci: handle some XHCI_TRUST_TX_LENGTH quirks cases as default behaviour. - [armhf] dts: pandora-common: define wl1251 as child node of mmc3 - [x86] iio: imu: inv_mpu6050: fix temperature reporting using bad unit - USB: atm: ueagle-atm: add missing endpoint check - USB: idmouse: fix interface sanity checks - USB: serial: io_edgeport: fix epic endpoint lookup - usb: roles: fix a potential use after free - USB: adutux: fix interface sanity check - usb: core: urb: fix URB structure initialization function - usb: mon: Fix a deadlock in usbmon between mmap and read - tpm: add check after commands attribs tab allocation - virtio-balloon: fix managed page counts when migrating pages between zones - [armhf,arm64] usb: dwc3: gadget: Fix logical condition - [armhf,arm64] usb: dwc3: ep0: Clear started flag on completion - btrfs: check page->mapping when loading free space cache - btrfs: use refcount_inc_not_zero in kill_all_nodes - Btrfs: fix metadata space leak on fixup worker failure to set range as delalloc - Btrfs: fix negative subv_writers counter and data space leak after buffered write - btrfs: Avoid getting stuck during cyclic writebacks - btrfs: Remove btrfs_bio::flags member - Btrfs: send, skip backreference walking for extents with many references - btrfs: record all roots for rename exchange on a subvol - rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address - rtlwifi: rtl8192de: Fix missing callback that tests for hw release of buffer - rtlwifi: rtl8192de: Fix missing enable interrupt flag - ovl: fix corner case of non-unique st_dev;st_ino - ovl: relax WARN_ON() on rename to self - [armhf] hwrng: omap - Fix RNG wait loop timeout - dm writecache: handle REQ_FUA - dm zoned: reduce overhead of backing device checks - workqueue: Fix spurious sanity check failures in destroy_workqueue() - workqueue: Fix pwq ref leak in rescuer_thread() - ASoC: rt5645: Fixed buddy jack support. - ASoC: rt5645: Fixed typo for buddy jack support. - ASoC: Jack: Fix NULL pointer dereference in snd_soc_jack_report - md: improve handling of bio with REQ_PREFLUSH in md_flush_request() - blk-mq: avoid sysfs buffer overflow with too many CPU cores - cgroup: pids: use atomic64_t for pids->limit - ar5523: check NULL before memcpy() in ar5523_cmd() - [s390x] mm: properly clear _PAGE_NOEXEC bit when it is not supported - media: cec.h: CEC_OP_REC_FLAG_ values were swapped - cpuidle: Do not unset the driver if it is there already - erofs: zero out when listxattr is called with no xattr - [x86] intel_th: Fix a double put_device() in error path - [x86] intel_th: pci: Add Ice Lake CPU support - [x86] intel_th: pci: Add Tiger Lake CPU support - PM / devfreq: Lock devfreq in trans_stat_show - [ppc64el] cpufreq: powernv: fix stack bloat and hard limit on number of CPUs - ACPI / hotplug / PCI: Allocate resources directly under the non-hotplug bridge - ACPI: OSL: only free map once in osl.c - ACPI: bus: Fix NULL pointer check in acpi_bus_get_private_data() - ACPI: PM: Avoid attaching ACPI PM domain to certain devices - [arm64] pinctrl: armada-37xx: Fix irq mask access in armada_37xx_irq_set_type() - [armhf] pinctrl: samsung: Add of_node_put() before return in error path - [armhf] pinctrl: samsung: Fix device node refcount leaks in Exynos wakeup controller init - [armhf] pinctrl: samsung: Fix device node refcount leaks in init code - [armhf] mmc: host: omap_hsmmc: add code for special init of wl1251 to get rid of pandora_wl1251_init_card - [armhf] dts: omap3-tao3530: Fix incorrect MMC card detection GPIO polarity - ppdev: fix PPGETTIME/PPSETTIME ioctls - [ppc64el] Allow 64bit VDSO __kernel_sync_dicache to work across ranges >4GB - [ppc64el] xive: Prevent page fault issues in the machine crash handler - [ppc64el] Allow flush_icache_range to work across ranges >4GB - [ppc64el] xive: Skip ioremap() of ESB pages for LSI interrupts - video/hdmi: Fix AVI bar unpack - quota: Check that quota is not dirty before release - ext2: check err when partial != NULL - quota: fix livelock in dquot_writeback_dquots - ext4: Fix credit estimate for final inode freeing - reiserfs: fix extended attributes on the root directory - block: fix single range discard merge - [s390x] scsi: zfcp: trace channel log even for FCP command responses - scsi: qla2xxx: Fix DMA unmap leak - scsi: qla2xxx: Fix hang in fcport delete path - scsi: qla2xxx: Fix session lookup in qlt_abort_work() - scsi: qla2xxx: Fix qla24xx_process_bidir_cmd() - scsi: qla2xxx: Always check the qla2x00_wait_for_hba_online() return value - scsi: qla2xxx: Fix message indicating vectors used by driver - scsi: qla2xxx: Fix SRB leak on switch command timeout - xhci: make sure interrupts are restored to correct state - usb: typec: fix use after free in typec_register_port() - [armhf] omap: pdata-quirks: remove openpandora quirks for mmc3 and wl1251 - scsi: lpfc: Cap NPIV vports to 256 - scsi: lpfc: Correct code setting non existent bits in sli4 ABORT WQE - scsi: lpfc: Correct topology type reporting on G7 adapters - sch_cake: Correctly update parent qlen when splitting GSO packets - net/smc: do not wait under send_lock - [arm64] net: hns3: clear pci private data when unload hns3 driver - [arm64] net: hns3: change hnae3_register_ae_dev() to int - [arm64] net: hns3: Check variable is valid before assigning it to another - [arm64] scsi: hisi_sas: send primitive NOTIFY to SSP situation only - [arm64] scsi: hisi_sas: Reject setting programmed minimum linkrate > 1.5G - [x86] MCE/AMD: Turn off MC4_MISC thresholding on all family 0x15 models - [x86] MCE/AMD: Carve out the MC4_MISC thresholding quirk - ath10k: fix fw crash by moving chip reset after napi disabled - [ppc64el] Fix vDSO clock_getres() - ext4: work around deleting a file with i_nlink == 0 safely (CVE-2019-19447) - mm/shmem.c: cast the type of unmap_start to u64 - rtc: disable uie before setting time and enable after - splice: only read in as much information as there is pipe buffer space - ext4: fix a bug in ext4_wait_for_tail_page_commit - [armhf,arm64] mfd: rk808: Fix RK818 ID template - mm, thp, proc: report THP eligibility for each vma - [s390x] smp,vdso: fix ASCE handling - blk-mq: make sure that line break can be printed - workqueue: Fix missing kfree(rescuer) in destroy_workqueue() - perf callchain: Fix segfault in thread__resolve_callchain_sample() - gre: refetch erspan header from skb->data after pskb_may_pull() - sunrpc: fix crash when cache_head become valid before update - net/mlx5e: Fix SFF 8472 eeprom length - leds: trigger: netdev: fix handling on interface rename - gfs2: fix glock reference problem in gfs2_trans_remove_revoke - of: overlay: add_changeset_property() memory leak - kernel/module.c: wakeup processes in module_wq on module unload - cifs: Fix potential softlockups while refreshing DFS cache - [x86] gpiolib: acpi: Add Terra Pad 1061 to the run_edge_events_on_boot_blacklist - raid5: need to set STRIPE_HANDLE for batch head - scsi: qla2xxx: Change discovery state before PLOGI - [x86] iio: imu: mpu6050: add missing available scan masks - idr: Fix idr_get_next_ul race with idr_remove - of: unittest: fix memory leak in attach_node_and_children https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.91 - inet: protect against too small mtu values. - mqprio: Fix out-of-bounds access in mqprio_dump - net: bridge: deny dev_set_mac_address() when unregistering - net: dsa: fix flow dissection on Tx path - net: ethernet: ti: cpsw: fix extra rx interrupt - net: sched: fix dump qlen for sch_mq/sch_mqprio with NOLOCK subqueues - [arm64] net: thunderx: start phy before starting autonegotiation - openvswitch: support asymmetric conntrack - tcp: md5: fix potential overestimation of TCP option space - tipc: fix ordering of tipc module init and exit routine - net/mlx5e: Query global pause state before setting prio2buffer - tcp: fix rejected syncookies due to stale timestamps - tcp: tighten acceptance of ACKs not matching a child socket - tcp: Protect accesses to .ts_recent_stamp with {READ,WRITE}_ONCE() - [arm64] Revert "arm64: preempt: Fix big-endian when checking preempt count in assembly" - mmc: block: Make card_busy_detect() a bit more generic - mmc: block: Add CMD13 polling for MMC IOCTLS with R1B response - PCI/PM: Always return devices to D0 when thawing - PCI: pciehp: Avoid returning prematurely from sysfs requests - [x86] PCI: Fix Intel ACS quirk UPDCR register address - PCI/MSI: Fix incorrect MSI-X masking on resume - [arm64] PCI: Apply Cavium ACS quirk to ThunderX2 and ThunderX3 - [arm64] rpmsg: glink: Set tail pointer to 0 at end of FIFO - [arm64] rpmsg: glink: Fix reuse intents memory leak issue - [arm64] rpmsg: glink: Fix use after free in open_ack TIMEOUT case - [arm64] rpmsg: glink: Put an extra reference during cleanup - [arm64] rpmsg: glink: Fix rpmsg_register_device err handling - [arm64] rpmsg: glink: Don't send pending rx_done during remove - [arm64] rpmsg: glink: Free pending deferred work on remove - cifs: smbd: Return -EAGAIN when transport is reconnecting - cifs: smbd: Add messages on RDMA session destroy and reconnection - cifs: smbd: Return -EINVAL when the number of iovs exceeds SMBDIRECT_MAX_SGE - cifs: Don't display RDMA transport on reconnect - CIFS: Respect O_SYNC and O_DIRECT flags during reconnect - CIFS: Close open handle after interrupted close - [armhf] tegra: Fix FLOW_CTLR_HALT register clobbering by tegra_resume() - vfio/pci: call irq_bypass_unregister_producer() before freeing irq - dma-buf: Fix memory leak in sync_file_merge() - [arm64] drm: meson: venc: cvbs: fix CVBS mode matching - dm mpath: remove harmful bio-based optimization - dm btree: increase rebalance threshold in __rebalance2() - scsi: iscsi: Fix a potential deadlock in the timeout handler - scsi: qla2xxx: Change discovery state before PLOGI - drm/radeon: fix r1xx/r2xx register checker for POT textures - xhci: fix USB3 device initiated resume race with roothub autosuspend https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.92 - af_packet: set defaule value for tmo - [amd64] fjes: fix missed check in fjes_acpi_add - [arm64] net: hisilicon: Fix a BUG trigered by wrong bytes_compl - net: qlogic: Fix error paths in ql_alloc_large_buffers() - net: usb: lan78xx: Fix suspend/resume PHY register access error - qede: Disable hardware gro when xdp prog is installed - qede: Fix multicast mac configuration - sctp: fully initialize v4 addr in some functions - btrfs: don't double lock the subvol_sem for rename exchange - btrfs: do not call synchronize_srcu() in inode_tree_del - Btrfs: fix missing data checksums after replaying a log tree - btrfs: send: remove WARN_ON for readonly mount - btrfs: abort transaction after failed inode updates in create_subvol - btrfs: skip log replay on orphaned roots - btrfs: do not leak reloc root if we fail to read the fs root - btrfs: handle ENOENT in btrfs_uuid_tree_iterate - Btrfs: fix removal logic of the tree mod log that leads to use-after-free issues - ALSA: pcm: Avoid possible info leaks from PCM stream buffers - ALSA: hda/ca0132 - Keep power on during processing DSP response - ALSA: hda/ca0132 - Avoid endless loop - ALSA: hda/ca0132 - Fix work handling in delayed HP detection - [arm64,armhf] drm/panel: Add missing drm_panel_init() in panel drivers - drm/amdgpu: grab the id mgr lock while accessing passid_mapping - spi: Add call to spi_slave_abort() function when spidev driver is released - [x86] staging: rtl8192u: fix multiple memory leaks on error path - staging: rtl8188eu: fix possible null dereference - rtlwifi: prevent memory leak in rtl_usb_probe (CVE-2019-19063) - libertas: fix a potential NULL pointer dereference - ath10k: fix backtrace on coredump - IB/iser: bound protection_sg size by data_sg size - [arm64] media: venus: core: Fix msm8996 frequency table - ath10k: fix offchannel tx failure when no ath10k_mac_tx_frm_has_freq - pinctrl: devicetree: Avoid taking direct reference to device name string - [amd64] drm/amdkfd: fix a potential NULL pointer dereference - [arm64] media: venus: Fix occasionally failures to suspend - [armhf] hwrng: omap3-rom - Call clk_disable_unprepare() on exit only if not idled - media: flexcop-usb: fix NULL-ptr deref in flexcop_usb_transfer_init() - [arm64,armhf] drm/bridge: dw-hdmi: Refuse DDC/CI transfers on the internal I2C controller - block: Fix writeback throttling W=1 compiler warnings - mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring (CVE-2019-19057) - drm/drm_vblank: Change EINVAL by the correct errno - media: cx88: Fix some error handling path in 'cx8800_initdev()' - [armhf] media: ti-vpe: vpe: Fix Motion Vector vpdma stride - [armhf] media: ti-vpe: vpe: fix a v4l2-compliance warning about invalid pixel format - [armhf] media: ti-vpe: vpe: fix a v4l2-compliance failure about frame sequence number - [armhf] media: ti-vpe: vpe: Make sure YUYV is set as default format - [armhf] media: ti-vpe: vpe: fix a v4l2-compliance failure causing a kernel panic - [armhf] media: ti-vpe: vpe: ensure buffers are cleaned up properly in abort cases - [armhf] media: ti-vpe: vpe: fix a v4l2-compliance failure about invalid sizeimage - [x86] syscalls/x86: Use the correct function type in SYSCALL_DEFINE0 - [x86] mm: Use the correct function type for native_set_fixmap() - ath10k: Correct error handling of dma_map_single() - [arm64,armhf] drm/bridge: dw-hdmi: Restore audio when setting a mode - perf report: Add warning when libunwind not compiled in - usb: usbfs: Suppress problematic bind and unbind uevents. - Bluetooth: missed cpu_to_le16 conversion in hci_init4_req - Bluetooth: Workaround directed advertising bug in Broadcom controllers - Bluetooth: hci_core: fix init for HCI_USER_CHANNEL - [x86] mce: Lower throttling MCE messages' priority to warning - [x86] drm/gma500: fix memory disclosures due to uninitialized bytes - rtl8xxxu: fix RTL8723BU connection failure issue after warm reboot - ipmi: Don't allow device module unload when in use - [x86] ioapic: Prevent inconsistent state when moving an interrupt - md/bitmap: avoid race window between md_bitmap_resize and bitmap_file_clear_bit - [arm64] psci: Reduce the waiting time for cpu_psci_cpu_kill() - i40e: initialize ITRN registers with correct values - net: phy: dp83867: enable robust auto-mdix - [arm64,armhf] drm/tegra: sor: Use correct SOR index on Tegra210 - ACPI: button: Add DMI quirk for Medion Akoya E2215T - RDMA/qedr: Fix memory leak in user qp and mr - [arm64,armhf] gpu: host1x: Allocate gather copy for host1x - [arm64,armhf] net: dsa: LAN9303: select REGMAP when LAN9303 enable - [arm64] phy: qcom-usb-hs: Fix extcon double register after power cycle - [s390x] time: ensure get_clock_monotonic() returns monotonic values - [s390x] mm: add mm_pxd_folded() checks to pxd_free() - [arm64] net: hns3: add struct netdev_queue debug info for TX timeout - libata: Ensure ata_port probe has completed before detach - loop: fix no-unmap write-zeroes request behavior - Bluetooth: Fix advertising duplicated flags - pinctrl: amd: fix __iomem annotation in amd_gpio_irq_handler() - ixgbe: protect TX timestamping from API misuse - media: rcar_drif: fix a memory disclosure (CVE-2019-18786) - media: v4l2-core: fix touch support in v4l_g_fmt - rfkill: allocate static minor - bnx2x: Fix PF-VF communication over multi-cos queues. - ALSA: timer: Limit max amount of slave instances - rtlwifi: fix memory leak in rtl92c_set_fw_rsvdpagepkt() - perf probe: Fix to find range-only function instance - perf probe: Fix to list probe event with correct line number - perf jevents: Fix resource leak in process_mapfile() and main() - perf probe: Walk function lines in lexical blocks - perf probe: Fix to probe an inline function which has no entry pc - perf probe: Fix to show ranges of variables in functions without entry_pc - perf probe: Fix to show inlined function callsite without entry_pc - perf probe: Fix to probe a function which has no entry pc - perf tools: Splice events onto evlist even on error - perf parse: If pmu configuration fails free terms - perf probe: Skip overlapped location on searching variables - perf probe: Return a better scope DIE if there is no best scope - perf probe: Fix to show calling lines of inlined functions - perf probe: Skip end-of-sequence and non statement lines - perf probe: Filter out instances except for inlined subroutine and subprogram - ath10k: fix get invalid tx rate for Mesh metric - media: pvrusb2: Fix oops on tear-down when radio support is not present - ice: delay less - [amd64] spi: pxa2xx: Add missed security checks - ASoC: rt5677: Mark reg RT5677_PWR_ANLG2 as volatile - iio: dac: ad5446: Add support for new AD5600 DAC - [x86] ASoC: Intel: kbl_rt5663_rt5514_max98927: Add dmic format constraint - [s390x] disassembler: don't hide instruction addresses - nvme: Discard workaround for non-conformant devices - parport: load lowlevel driver if ports not found - bcache: fix static checker warning in bcache_device_free() - cpufreq: Register drivers only after CPU devices have been registered - tracing: use kvcalloc for tgid_map array allocation - tracing/kprobe: Check whether the non-suffixed symbol is notrace - bcache: fix deadlock in bcache_allocator - iwlwifi: mvm: fix unaligned read of rx_pkt_status - [arm64] spi: tegra20-slink: add missed clk_unprepare - tun: fix data-race in gro_normal_list() - crypto: virtio - deal with unsupported input sizes - btrfs: don't prematurely free work in end_workqueue_fn() - btrfs: don't prematurely free work in run_ordered_work() - [x86] ASoC: Intel: bytcr_rt5640: Update quirk for Acer Switch 10 SW5-012 2-in-1 - [x86] insn: Add some Intel instructions to the opcode map - brcmfmac: remove monitor interface when detaching - iwlwifi: check kasprintf() return value - [armhf] net: ethernet: ti: ale: clean ale tbl on init and intf restart - [armhf] crypto: sun4i-ss - Fix 64-bit size_t warnings - [armhf] crypto: sun4i-ss - Fix 64-bit size_t warnings on sun4i-ss-hash.c - mac80211: consider QoS Null frames for STA_NULLFUNC_ACKED - net: phy: initialise phydev speed and duplex sanely - btrfs: don't prematurely free work in reada_start_machine_worker() - btrfs: don't prematurely free work in scrub_missing_raid56_worker() - Revert "mmc: sdhci: Fix incorrect switch to HS mode" - can: kvaser_usb: kvaser_usb_leaf: Fix some info-leaks to USB devices (CVE-2019-19947) - usb: xhci: Fix build warning seen with CONFIG_PM=n - [s390x] ftrace: fix endless recursion in function_graph tracer - btrfs: return error pointer from alloc_test_extent_buffer - usbip: Fix receive error in vhci-hcd when using scatter-gather - usbip: Fix error path of vhci_recv_ret_submit() - cpufreq: Avoid leaving stale IRQ work items during CPU offline - [x86] intel_th: pci: Add Comet Lake PCH-V support - [x86] intel_th: pci: Add Elkhart Lake SOC support - [x86] platform/x86: hp-wmi: Make buffer for HPWMI_FEATURE2_QUERY 128 bytes - [x86] staging: comedi: gsc_hpdi: check dma_alloc_coherent() return value - ext4: fix ext4_empty_dir() for directories with holes (CVE-2019-19037) - ext4: check for directory entries too close to block end - ext4: unlock on error in ext4_expand_extra_isize() - [arm64] KVM: Ensure 'params' is initialised when looking up sys register - [x86] MCE/AMD: Do not use rdmsr_safe_on_cpu() in smca_configure() - [x86] MCE/AMD: Allow Reserved types to be overwritten in smca_banks[] - [powerpc*] irq: fix stack overflow verification - [arm64] mmc: sdhci-msm: Correct the offset and value for DDR_CONFIG register - mmc: sdhci: Update the tuning failed messages to pr_debug level - mmc: sdhci: Workaround broken command queuing on Intel GLK - mmc: sdhci: Add a quirk for broken command queuing - nbd: fix shutdown and recv work deadlock - perf probe: Fix to show function entry line as probe-able https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.93 - scsi: lpfc: Fix discovery failures when target device connectivity bounces - scsi: mpt3sas: Fix clear pending bit in ioctl status - scsi: lpfc: Fix locking on mailbox command completion - Input: atmel_mxt_ts - disable IRQ across suspend - f2fs: fix to update time in lazytime mode - [arm64,armhf] iommu: rockchip: Free domain on .domain_free - [arm64,armhf] iommu/tegra-smmu: Fix page tables in > 4 GiB memory - scsi: target: compare full CHAP_A Algorithm strings - scsi: lpfc: Fix SLI3 hba in loop mode not discovering devices - scsi: csiostor: Don't enable IRQs too early - [arm64] scsi: hisi_sas: Replace in_softirq() check in hisi_sas_task_exec() - [ppc64el] pseries: Mark accumulate_stolen_time() as notrace - [ppc64el] pseries: Don't fail hash page table insert for bolted mapping - clocksource/drivers/timer-of: Use unique device name instead of timer - [ppc64el] security/book3s64: Report L1TF status in sysfs - [ppc64el] book3s64/hash: Add cond_resched to avoid soft lockup warning - ext4: update direct I/O read lock pattern for IOCB_NOWAIT - ext4: iomap that extends beyond EOF should be marked dirty - jbd2: Fix statistics for the number of logged blocks - scsi: tracing: Fix handling of TRANSFER LENGTH == 0 for READ(6) and WRITE(6) - scsi: lpfc: Fix duplicate unreg_rpi error in port offline flow - f2fs: fix to update dir's i_pino during cross_rename - [arm64] clk: qcom: Allow constant ratio freq tables for rcg - clk: clk-gpio: propagate rate change to parent - fs/quota: handle overflows of sysctl fs.quota.* and report as unsigned long - scsi: lpfc: fix: Coverity: lpfc_cmpl_els_rsp(): Null pointer dereferences - [ppc64el] PCI: rpaphp: Fix up pointer to first drc-info entry - scsi: ufs: fix potential bug which ends in system hang - [ppc64el] PCI: rpaphp: Don't rely on firmware feature to imply drc-info support - [ppc64el] PCI: rpaphp: Annotate and correctly byte swap DRC properties - [ppc64el] PCI: rpaphp: Correctly match ibm, my-drc-index to drc-name when using drc-info - [ppc64el] powerpc/security: Fix wrong message when RFI Flush is disable - bcache: at least try to shrink 1 node in bch_mca_scan() - HID: quirks: Add quirk for HP MSU1465 PIXART OEM mouse - HID: logitech-hidpp: Silence intermittent get_battery_capacity errors - [armhf] 8937/1: spectre-v2: remove Brahma-B53 from hardening - libnvdimm/btt: fix variable 'rc' set but not used - HID: Improve Windows Precision Touchpad detection. - HID: rmi: Check that the RMI_STARTED bit is set before unregistering the RMI transport device - watchdog: Fix the race between the release of watchdog_core_data and cdev - scsi: pm80xx: Fix for SATA device discovery - scsi: ufs: Fix error handing during hibern8 enter - scsi: scsi_debug: num_tgts must be >= 0 - scsi: iscsi: Don't send data to unbound connection - scsi: target: iscsi: Wait for all commands to finish before freeing a session - apparmor: fix unsigned len comparison with less than zero - scripts/kallsyms: fix definitely-lost memory leak - cdrom: respect device capabilities during opening action - perf script: Fix brstackinsn for AUXTRACE - perf regs: Make perf_reg_name() return "unknown" instead of NULL - [s390x] zcrypt: handle new reply code FILTERED_BY_HYPERVISOR - [s390x] cpum_sf: Check for SDBT and SDB consistency - ocfs2: fix passing zero to 'PTR_ERR' warning - kernel: sysctl: make drop_caches write-only - userfaultfd: require CAP_SYS_PTRACE for UFFD_FEATURE_EVENT_FORK - [x86] mce: Fix possibly incorrect severity calculation on AMD - net, sysctl: Fix compiler warning when only cBPF is present - netfilter: nf_queue: enqueue skbs with NULL dst - ALSA: hda - Downgrade error message for single-cmd fallback - bonding: fix active-backup transition after link failure - perf strbuf: Remove redundant va_end() in strbuf_addv() - Make filldir[64]() verify the directory entry filename is valid (CVE-2019-10220) - filldir[64]: remove WARN_ON_ONCE() for bad directory entries (CVE-2019-10220) - netfilter: ebtables: compat: reject all padding in matches/watchers - 6pack,mkiss: fix possible deadlock - netfilter: bridge: make sure to pull arp header in br_nf_forward_arp() - inetpeer: fix data-race in inet_putpeer / inet_putpeer - net: add a READ_ONCE() in skb_peek_tail() - net: icmp: fix data-race in cmp_global_allow() - hrtimer: Annotate lockless access to timer->state - net: ena: fix napi handler misbehavior when the napi budget is zero - net/mlxfw: Fix out-of-memory error in mfa2 flash burning - [arm64,armhf] net: stmmac: dwmac-meson8b: Fix the RGMII TX delay on Meson8b/8m2 SoCs - ptp: fix the race between the release of ptp_clock and cdev - tcp: Fix highest_sack and highest_sack_seq - udp: fix integer overflow while computing available space in sk_rcvbuf - vhost/vsock: accept only packets with the right dst_cid - net: add bool confirm_neigh parameter for dst_ops.update_pmtu - ip6_gre: do not confirm neighbor when do pmtu update - gtp: do not confirm neighbor when do pmtu update - net/dst: add new function skb_dst_update_pmtu_no_confirm - tunnel: do not confirm neighbor when do pmtu update - vti: do not confirm neighbor when do pmtu update - sit: do not confirm neighbor when do pmtu update - net/dst: do not confirm neighbor for vxlan and geneve pmtu update - gtp: do not allow adding duplicate tid and ms_addr pdp context - [arm64,armhf] net: marvell: mvpp2: phylink requires the link interrupt - tcp/dccp: fix possible race __inet_lookup_established() - tcp: do not send empty skb from tcp_write_xmit() - gtp: fix wrong condition in gtp_genl_dump_pdp() - gtp: fix an use-after-free in ipv4_pdp_find() - gtp: avoid zero size hashtable - [arm64,armhf] pinctrl: baytrail: Really serialize all register accesses https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.94 - nvme_fc: add module to ops template to allow module references - nvme-fc: fix double-free scenarios on hw queues - drm/amdgpu: add check before enabling/disabling broadcast mode - drm/amdgpu: add cache flush workaround to gfx8 emit_fence - PM / devfreq: Fix devfreq_notifier_call returning errno - PM / devfreq: Set scaling_max_freq to max on OPP notifier error - PM / devfreq: Don't fail devfreq_dev_release if not in list - afs: Fix afs_find_server lookups for ipv4 peers - afs: Fix SELinux setting security label on /afs - RDMA/cma: add missed unregister_pernet_subsys in init failure - rxe: correctly calculate iCRC for unaligned payloads - scsi: lpfc: Fix memory leak on lpfc_bsg_write_ebuf_set func - scsi: qla2xxx: Drop superfluous INIT_WORK of del_work - scsi: qla2xxx: Don't call qlt_async_event twice - scsi: qla2xxx: Fix PLOGI payload and ELS IOCB dump length - scsi: qla2xxx: Configure local loop for N2N target - scsi: qla2xxx: Send Notify ACK after N2N PLOGI - scsi: qla2xxx: Ignore PORT UPDATE after N2N PLOGI - scsi: iscsi: qla4xxx: fix double free in probe - scsi: libsas: stop discovering if oob mode is disconnected (CVE-2019-19965) - drm/nouveau: Move the declaration of struct nouveau_conn_atom up a bit - usb: gadget: fix wrong endpoint desc - net: make socket read/write_iter() honor IOCB_NOWAIT - afs: Fix creation calls in the dynamic root to fail with EOPNOTSUPP - md: raid1: check rdev before reference in raid1_sync_request func - [s390x] cpum_sf: Adjust sampling interval to avoid hitting sample limits - [s390x] cpum_sf: Avoid SBD overflow condition in irq handler - IB/mlx4: Follow mirror sequence of device add during device removal - IB/mlx5: Fix steering rule of drop and count - xen-blkback: prevent premature module unload - xen/balloon: fix ballooned page accounting without hotplug enabled - PM / hibernate: memory_bm_find_bit(): Tighten node optimisation - ALSA: hda/realtek - Add Bass Speaker and fixed dac for bass speaker - ALSA: hda/realtek - Enable the bass speaker of ASUS UX431FLC - ALSA: hda - fixup for the bass speaker on Lenovo Carbon X1 7th gen - xfs: fix mount failure crash on invalid iclog memory access - taskstats: fix data-race - drm: limit to INT_MAX in create_blob ioctl - netfilter: nft_tproxy: Fix port selector on Big Endian - ALSA: ice1724: Fix sleep-in-atomic in Infrasonic Quartet support code - ALSA: usb-audio: fix set_format altsetting sanity check - ALSA: usb-audio: set the interface format after resume on Dell WD19 - ALSA: hda/realtek - Add headset Mic no shutup for ALC283 - [arm64,armhf] drm/sun4i: hdmi: Remove duplicate cleanup calls - [mips*] Avoid VDSO ABI breakage due to global register variable - media: pulse8-cec: fix lost cec_transmit_attempt_done() call - media: cec: CEC 2.0-only bcast messages were ignored - media: cec: avoid decrementing transmit_queue_sz if it is 0 - media: cec: check 'transmit_in_progress', not 'transmitting' - mm/zsmalloc.c: fix the migrated zspage statistics. - memcg: account security cred as well to kmemcg - mm: move_pages: return valid node id in status if the page is already on the target node - [x86,arm64] pstore/ram: Write new dumps to start of recycled zones - locks: print unsigned ino in /proc/locks - compat_ioctl: block: handle Persistent Reservations - compat_ioctl: block: handle BLKREPORTZONE/BLKRESETZONE - ata: libahci_platform: Export again ahci_platform_<en/dis>able_phys() - libata: Fix retrieving of active qcs - gpiolib: fix up emulated open drain outputs - tracing: Fix lock inversion in trace_event_enable_tgid_record() - tracing: Avoid memory leak in process_system_preds() - tracing: Have the histogram compare functions convert to u64 first - tracing: Fix endianness bug in histogram trigger - apparmor: fix aa_xattrs_match() may sleep while holding a RCU lock - [i386] ALSA: cs4236: fix error return comparison of an unsigned integer - ALSA: firewire-motu: Correct a typo in the clock proc string - exit: panic before exit_mm() on global init exit - [arm64] Revert support for execute-only user mappings - ftrace: Avoid potential division by zero in function profiler - [arm64] drm/msm: include linux/sched/task.h - PM / devfreq: Check NULL governor in available_governors_show - nfsd4: fix up replay_matches_cache() - [x86,arm64] HID: i2c-hid: Reset ALPS touchpads on resume - ACPI: sysfs: Change ACPI_MASKABLE_GPE_MAX to 0x100 - xfs: don't check for AG deadlock for realtime files in bunmapi - [x86] platform/x86: pmc_atom: Add Siemens CONNECT X300 to critclk_systems DMI table - Bluetooth: btusb: fix PM leak in error case of setup - Bluetooth: delete a stray unlock - Bluetooth: Fix memory leak in hci_connect_le_scan - media: flexcop-usb: ensure -EIO is returned on error condition - media: usb: fix memory leak in af9005_identify_state (CVE-2019-18809) - [arm64] dts: meson: odroid-c2: Disable usb_otg bus to avoid power failed warning - [arm64] tty: serial: msm_serial: Fix lockup for sysrq and oops - fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP - bdev: Factor out bdev revalidation into a common helper - bdev: Refresh bdev size for disks without partitioning - scsi: qedf: Do not retry ELS request if qedf_alloc_cmd fails - drm/mst: Fix MST sideband up-reply failure handling - [ppc64el] pseries/hvconsole: Fix stack overread via udbg - [ppc64el] KVM: PPC: Book3S HV: use smp_mb() when setting/clearing host_ipi flag - rxrpc: Fix possible NULL pointer access in ICMP handling - tcp: annotate tp->rcv_nxt lockless reads - net: core: limit nested device depth - ath9k_htc: Modify byte order for an error message - ath9k_htc: Discard undersized packets - xfs: periodically yield scrub threads to the scheduler - net: add annotations on hh->hh_len lockless accesses - ubifs: ubifs_tnc_start_commit: Fix OOB in layout_in_gaps - [s390x] smp: fix physical to logical CPU map for SMT - xen/blkback: Avoid unmapping unmapped grant pages - [x86] perf/x86/intel/bts: Fix the use of page_private() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.95 - bpf: Fix passing modified ctx to ld/abs/ind instruction - regulator: fix use after free issue - ASoC: max98090: fix possible race conditions - netfilter: ctnetlink: netns exit must wait for callbacks - mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() (CVE-2019-14901) - [x86] efi: Update e820 with reserved EFI boot services data to fix kexec breakage - [x86] ASoC: Intel: bytcr_rt5640: Update quirk for Teclast X89 - efi/gop: Return EFI_NOT_FOUND if there are no usable GOPs - efi/gop: Return EFI_SUCCESS if a usable GOP was found - efi/gop: Fix memory leak in __gop_query32/64() - netfilter: uapi: Avoid undefined left-shift in xt_sctp.h - netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets - netfilter: nf_tables: validate NFT_SET_ELEM_INTERVAL_END - netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init() - [arm64] spi: spi-cavium-thunderx: Add missing pci_release_regions() - ASoC: topology: Check return value for soc_tplg_pcm_create() - bnxt_en: Return error if FW returns more data than dump length - [mips*] bpf, mips: Limit to 33 tail calls - [armhf] spi: spi-ti-qspi: Fix a bug when accessing non default CS - [powerpc*] Ensure that swiotlb buffer is allocated from low memory - btrfs: Fix error messages in qgroup_rescan_init - bpf: Clear skb->tstamp in bpf_redirect when necessary - bnx2x: Do not handle requests from VFs after parity - bnx2x: Fix logic to get total no. of PFs per engine - cxgb4: Fix kernel panic while accessing sge_info - net: usb: lan78xx: Fix error message format specifier - rfkill: Fix incorrect check to avoid NULL pointer dereference - iommu/iova: Init the struct iova to fix the possible memleak - [x86] perf/x86/intel: Fix PT PMI handling - fs: avoid softlockups in s_inodes iterators - [arm64,armhf] net: stmmac: Do not accept invalid MTU values - [arm64,armhf] net: stmmac: xgmac: Clear previous RX buffer size - [arm64,armhf] net: stmmac: RX buffer size must be 16 byte aligned - [arm64,armhf] net: stmmac: Always arm TX Timer at end of transmission start - [s390x] dasd/cio: Interpret ccw_device_get_mdc return value correctly - [s390x] dasd: fix memleak in path handling error case - block: fix memleak when __blk_rq_map_user_iov() is failed - llc2: Fix return statement of llc_stat_ev_rx_null_dsap_xid_c (and _test_c) - [x86] hv_netvsc: Fix unwanted rx_table reset - [powerpc*] vcpu: Assume dedicated processors as non-preempt - [powerpc*] spinlocks: Include correct header for static key - [armhf] cpufreq: imx6q: read OCOTP through nvmem for imx6ul/imx6ull - gtp: fix bad unlock balance in gtp_encap_enable_socket - macvlan: do not assume mac_header is set in macvlan_broadcast() - [arm64,armhf] net: dsa: mv88e6xxx: Preserve priority when setting CPU port. - [arm64,armhf] net: stmmac: dwmac-sun8i: Allow all RGMII modes - [arm64,armhf] net: stmmac: dwmac-sunxi: Allow all RGMII modes - net: usb: lan78xx: fix possible skb leak - pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM - sch_cake: avoid possible divide by zero in cake_enqueue() - sctp: free cmd->obj.chunk for the unprocessed SCTP_CMD_REPLY - tcp: fix "old stuff" D-SACK causing SACK to be treated as D-SACK - vxlan: fix tos value before xmit - vlan: fix memory leak in vlan_dev_set_egress_priority - vlan: vlan_changelink() should propagate errors - net: sch_prio: When ungrafting, replace with FIFO - [arm64,armhf] usb: dwc3: gadget: Fix request complete check - USB: core: fix check for duplicate endpoints - USB: serial: option: add Telit ME910G1 0x110a composition - usb: missing parentheses in USE_NEW_SCHEME https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.96 - chardev: Avoid potential use-after-free in 'chrdev_open()' - i2c: fix bus recovery stop mode timing - [arm64,armhf] usb: chipidea: host: Disable port power only if previously enabled - ALSA: usb-audio: Apply the sample rate quirk for Bose Companion 5 - ALSA: hda/realtek - Add new codec supported for ALCS1200A - ALSA: hda/realtek - Set EAPD control to default for ALC222 - [x86] ALSA: hda/realtek - Add quirk for the bass speaker on Lenovo Yoga X1 7th gen - kernel/trace: Fix do not unregister tracepoints when register sched_migrate_task fail - tracing: Have stack tracer compile when MCOUNT_INSN_SIZE is not defined - tracing: Change offset type to s32 in preempt/irq tracepoints - HID: Fix slab-out-of-bounds read in hid_field_extract - HID: uhid: Fix returning EPOLLOUT from uhid_char_poll - HID: hid-input: clear unmapped usages - Input: add safety guards to input_set_keycode() - [arm64,armhf] drm/sun4i: tcon: Set RGB DCLK min. divider based on hardware model - drm/fb-helper: Round up bits_per_pixel if possible - drm/dp_mst: correct the shifting in DP_REMOTE_I2C_READ - can: kvaser_usb: fix interface sanity check - can: gs_usb: gs_usb_probe(): use descriptors of current altsetting - can: can_dropped_invalid_skb(): ensure an initialized headroom in outgoing CAN sk_buffs - gpiolib: acpi: Turn dmi_system_id table into a generic quirk table - gpiolib: acpi: Add honor_wakeup module-option + quirk mechanism - [x86] staging: vt6656: set usb_set_intfdata on driver fail. - USB: serial: option: add ZLP support for 0x1bc7/0x9010 - [arm64,armhf] usb: musb: fix idling for suspend after disconnect interrupt - [arm64,armhf] usb: musb: Disable pullup at init - [arm64,armhf] usb: musb: dma: Correct parameter passed to IRQ handler - [x86] staging: comedi: adv_pci1710: fix AI channels 16-31 for PCI-1713 - staging: rtl8188eu: Add device code for TP-Link TL-WN727N v5.21 - serdev: Don't claim unsupported ACPI serial devices - tty: link tty and port before configuring it as console - tty: always relink the port - mwifiex: fix possible heap overflow in mwifiex_process_country_ie() (CVE-2019-14895) - mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf (CVE-2019-19056) - scsi: bfa: release allocated memory in case of error (CVE-2019-19066) - rtl8xxxu: prevent leaking urb (CVE-2019-19068) - ath10k: fix memory leak (CVE-2019-19078) - HID: hiddev: fix mess in hiddev_open() - USB: Fix: Don't skip endpoint descriptors with maxpacket=0 - netfilter: arp_tables: init netns pointer in xt_tgchk_param struct - netfilter: conntrack: dccp, sctp: handle null timeout argument - netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present - [x86] drm/i915/gen9: Clear residual context state on context switch (CVE-2019-14615) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.97 - hidraw: Return EPOLLOUT from hidraw_poll - HID: hidraw: Fix returning EPOLLOUT from hidraw_poll - HID: hidraw, uhid: Always report EPOLLOUT - cfg80211/mac80211: make ieee80211_send_layer2_update a public function - mac80211: Do not send Layer 2 Update frame before authorization (CVE-2019-5108) - f2fs: Move err variable to function scope in f2fs_fill_dentries() - f2fs: check memory boundary by insane namelen - f2fs: check if file namelen exceeds max value (CVE-2019-9445) - media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap (CVE-2019-15217) - iwlwifi: dbg_ini: fix memory leak in alloc_sgtable (CVE-2019-19058) - iwlwifi: pcie: fix memory leaks in iwl_pcie_ctxt_info_gen3_init (CVE-2019-19059) - RDMA: Fix goto target to release the allocated memory (CVE-2019-19077) - dccp: Fix memleak in __feat_register_sp (CVE-2019-20096) - [x86] drm/i915: Fix use-after-free when destroying GEM context - ASoC: soc-core: Set dpcm_playback / dpcm_capture - [armhf] mtd: onenand: omap2: Pass correct flags for prep_dma_memcpy - [arm64] gpio: zynq: Fix for bug in zynq_gpio_restore_context API - iommu: Remove device link to group on failure - gpio: Fix error message on out-of-range GPIO in lookup table - [s390x] qeth: fix false reporting of VNIC CHAR config failure - [s390x] qeth: Fix vnicc_is_in_use if rx_bcast not set - cifs: Adjust indentation in smb2_open_file - afs: Fix missing cell comparison in afs_test_super() - drm/ttm: fix start page for huge page check in ttm_put_pages() (CVE-2019-19927) - drm/ttm: fix incrementing the page pointer for huge pages (CVE-2019-19927) - btrfs: simplify inode locking for RWF_NOWAIT - RDMA/mlx5: Return proper error value - RDMA/srpt: Report the SCSI residual to the initiator - scsi: enclosure: Fix stale device oops with hot replug - scsi: sd: Clear sdkp->protection_type if disk is reformatted without PI - [x86] platform/x86: asus-wmi: Fix keyboard brightness cannot be set to 0 - [x86] platform/x86: GPD pocket fan: Use default values when wrong modparams are given - xprtrdma: Fix completion wait during device removal - crypto: virtio - implement missing support for output IVs - NFSv2: Fix a typo in encode_sattr() - NFSv4.x: Drop the slot if nfs4_delegreturn_prepare waits for layoutreturn - mei: fix modalias documentation - [armhf] clk: samsung: exynos5420: Preserve CPU clocks configuration during suspend/resume - [armhf] pinctl: ti: iodelay: fix error checking on pinctrl_count_index_with_args call - [x86] pinctrl: lewisburg: Update pin list according to v1.1v6 - scsi: sd: enable compat ioctls for sed-opal - af_unix: add compat_ioctl support - compat_ioctl: handle SIOCOUTQNSD - [arm64,armhf] PCI: dwc: Fix find_next_bit() usage - PCI/PTM: Remove spurious "d" from granularity message - [powerpc*] powernv: Disable native PCIe port management - [armhf] tty: serial: imx: use the sg count from dma_map_sg - [i386] tty: serial: pch_uart: correct usage of dma_unmap_sg - mtd: spi-nor: fix silent truncation in spi_nor_read() - mtd: spi-nor: fix silent truncation in spi_nor_read_raw() - rtlwifi: Remove unnecessary NULL check in rtl_regd_init - f2fs: fix potential overflow - scsi: libcxgbi: fix NULL pointer dereference in cxgbi_device_destroy() - [mips*] cacheinfo: report shared CPU map - [arm64] drm/arm/mali: make malidp_mw_connector_helper_funcs static - [arm64] dmaengine: k3dma: Avoid null pointer traversal - [amd64] ioat: ioat_alloc_ring() failure handling. - ocfs2: call journal flush to mark journal as empty after journal recovery when mount https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.98 - clk: Don't try to enable critical clocks if prepare failed - iio: buffer: align the size of scan bytes to size of the largest element - USB: serial: simple: Add Motorola Solutions TETRA MTP3xxx and MTP85xx - USB: serial: option: Add support for Quectel RM500Q - USB: serial: opticon: fix control-message timeouts - USB: serial: option: add support for Quectel RM500Q in QDL mode - USB: serial: suppress driver bind attributes - USB: serial: ch341: handle unbound port at reset_resume - USB: serial: io_edgeport: handle unbound ports on URB completion - USB: serial: io_edgeport: add missing active-port sanity check - USB: serial: keyspan: handle unbound ports - USB: serial: quatech2: handle unbound ports - [x86] scsi: fnic: fix invalid stack access - scsi: mptfusion: Fix double fetch bug in ioctl - [armhf] dts: imx6q-dhcom: Fix SGTL5000 VDDIO regulator connection - ALSA: dice: fix fallback from protocol extension into limited functionality - ALSA: seq: Fix racy access for queue timer in proc read - ALSA: usb-audio: fix sync-ep altsetting sanity check - [arm64] dts: allwinner: a64: olinuxino: Fix SDIO supply regulator - block: fix an integer overflow in logical block size - [armhf] dts: am571x-idk: Fix gpios property to have the correct gpio number - LSM: generalize flag passing to security_capable - ptrace: reintroduce usage of subjective credentials in ptrace_has_cap() - usb: core: hub: Improved device recognition on remote wakeup - [x86] resctrl: Fix an imbalance in domain_remove_cpu() - [x86] CPU/AMD: Ensure clearing of SME/SEV features is maintained - [amd64] x86/efistub: Disable paging at mixed mode entry - [x86] resctrl: Fix potential memory leak - perf hists: Fix variable name's inconsistency in hists__for_each() macro - perf report: Fix incorrectly added dimensions as switch perf data file - mm/shmem.c: thp, shmem: fix conflict of above-47bit hint address and PMD alignment - mm: memcg/slab: call flush_memcg_workqueue() only if memcg workqueue is valid - btrfs: rework arguments of btrfs_unlink_subvol - btrfs: fix invalid removal of root ref - btrfs: do not delete mismatched root refs - btrfs: fix memory leak in qgroup accounting - mm/page-writeback.c: avoid potential division by zero in wb_min_max_ratio() - [armhf] dts: imx6qdl: Add Engicam i.Core 1.5 MX6 - [armhf] dts: imx6q-icore-mipi: Use 1.5 version of i.Core MX6DL - [arm64,armhf] net: stmmac: 16KB buffer must be 16 byte aligned - [arm64,armhf] net: stmmac: Enable 16KB buffer size - mm/huge_memory.c: make __thp_get_unmapped_area static - mm/huge_memory.c: thp: fix conflict of above-47bit hint address and PMD alignment - bpf: Fix incorrect verifier simulation of ARSH under ALU32 - cfg80211: fix deadlocks in autodisconnect work - cfg80211: fix memory leak in cfg80211_cqm_rssi_update - cfg80211: fix page refcount issue in A-MSDU decap - netfilter: fix a use-after-free in mtype_destroy() - netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct - netfilter: nft_tunnel: fix null-attribute check - netfilter: nf_tables: remove WARN and add NLA_STRING upper limits - netfilter: nf_tables: store transaction list locally while requesting module - netfilter: nf_tables: fix flowtable list del corruption - NFC: pn533: fix bulk-message timeout - batman-adv: Fix DAT candidate selection on little endian systems - macvlan: use skb_reset_mac_header() in macvlan_queue_xmit() - [x86] hv_netvsc: Fix memory leak when removing rndis device - [arm64] net: hns: fix soft lockup when there is not enough memory - net: usb: lan78xx: limit size of local TSO packets - ptp: free ptp device pin descriptors properly - r8152: add missing endpoint sanity check - tcp: fix marked lost packets not being retransmitted - xen/blkfront: Adjust indentation in xlvbd_alloc_gendisk - tcp: refine rule to allow EPOLLOUT generation under mem pressure - [arm64] dts: meson-gxl-s905x-khadas-vim: fix gpio-keys-polled node - cfg80211: check for set_wiphy_params - tick/sched: Annotate lockless access to last_jiffies_update - drm/nouveau/bar/nv50: check bar1 vmm return value - drm/nouveau/bar/gf100: ensure BAR is mapped - drm/nouveau/mmu: qualify vmm during dtor - reiserfs: fix handling of -EOPNOTSUPP in reiserfs_for_each_xattr - scsi: esas2r: unlock on error in esas2r_nvram_read_direct() - scsi: qla4xxx: fix double free bug - scsi: bnx2i: fix potential use after free - scsi: target: core: Fix a pr_debug() argument - scsi: qla2xxx: Fix qla2x00_request_irqs() for MSI - scsi: qla2xxx: fix rports not being mark as lost in sync fabric scan - scsi: core: scsi_trace: Use get_unaligned_be*() - perf probe: Fix wrong address verification . [ Joe Richey ] * [cloud-amd64] tpm: Enable TPM drivers for Cloud (Closes: #946237) . [ Salvatore Bonaccorso ] * Refresh powerpc-fix-mcpu-options-for-spe-only-compiler.patch (Context changes in 4.19.88) * Drop 0027-RDMA-hns-Fix-the-bug-with-updating-rq-head-pointer-w.patch * Drop 0028-RDMA-hns-Bugfix-for-the-scene-without-receiver-queue.patch * [rt] Refresh 0199-net-move-xmit_recursion-to-per-task-variable-on-RT.patch (Context changes in 4.19.88) * [rt] Update to 4.19.90-rt35: - Update "workqueue: rework" for workqueue changes in 4.19.90 * [rt] Drop 0245-Revert-arm64-preempt-Fix-big-endian-when-checking-pr.patch * Refresh 0013-scsi-hisi_sas-Relocate-some-codes-to-avoid-an-unused.patch for context changes in 4.19.93. * [rt] Refresh 0253-watchdog-prevent-deferral-of-watchdogd-wakeup-on-RT.patch (Context changes in 4.19.93) * [rt] Refresh 0199-net-move-xmit_recursion-to-per-task-variable-on-RT.patch (Context changes in 4.19.97) . [ Ben Hutchings ] * [rt] Update to 4.19.94-rt38: - Refresh "x86/ioapic: Don't let setaffinity unmask threaded EOI interrupt too early" which was partly included in 4.19.92 * aufs: Update support patchset to aufs4.19.63+ 20200113; no functional changes * Bump ABI to 8 * libertas: Fix two buffer overflows at parsing bss descriptor (CVE-2019-14896, CVE-2019-14897) * wimax: i2400: fix memory leak (CVE-2019-19051) * wimax: i2400: Fix memory leak in i2400m_op_rfkill_sw_toggle (CVE-2019-19051) * [amd64/cloud-amd64] hwrandom: Enable HW_RANDOM_VIRTIO (Closes: #914511) . [ Noah Meyerhans ] * random: try to actively add entropy rather than passively wait for it (Closes: #948519) . [ Aurelien Jarno ] * [mips*/malta] Enable POWER_RESET_PIIX4_POWEROFF. linux-signed-arm64 (4.19.87+1) buster; urgency=medium . * Sign kernel from linux 4.19.87-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.68 - seq_file: fix problem when seeking mid-record - mm/hmm: fix bad subpage pointer in try_to_unmap_one - mm: mempolicy: make the behavior consistent when MPOL_MF_MOVE* and MPOL_MF_STRICT were specified - mm: mempolicy: handle vma with unmovable pages mapped correctly in mbind - mm/memcontrol.c: fix use after free in mem_cgroup_iter() - mm/usercopy: use memory range to be accessed for wraparound check - Revert "pwm: Set class for exported channels in sysfs" - cpufreq: schedutil: Don't skip freq update when limits change - [x86] ALSA: hda/realtek - Add quirk for HP Envy x360 - ALSA: hda - Apply workaround for another AMD chip 1022:1487 - ALSA: hda - Fix a memory leak bug - ALSA: hda - Add a generic reboot_notify - ALSA: hda - Let all conexant codec enter D3 when rebooting - HID: holtek: test for sanity of intfdata - HID: hiddev: avoid opening a disconnected device - HID: hiddev: do cleanup in failure of opening a device - Input: kbtab - sanity check for endpoint type - Input: iforce - add sanity checks - net: usb: pegasus: fix improper read if get_registers() fail - netfilter: ebtables: also count base chain policies - xen/pciback: remove set but not used variable 'old_state' - [armhf,arm64] irqchip/gic-v3-its: Free unused vpt_page when alloc vpe table fail - perf header: Fix divide by zero error if f_header.attr_size==0 - perf header: Fix use of unitialized value warning - libata: zpodd: Fix small read overflow in zpodd_get_mech_type() - Btrfs: fix deadlock between fiemap and transaction commits - scsi: hpsa: correct scsi command status issue after reset - scsi: qla2xxx: Fix possible fcport null-pointer dereferences - drm/amdgpu: fix a potential information leaking bug - ata: libahci: do not complain in case of deferred probe - kbuild: modpost: handle KBUILD_EXTRA_SYMBOLS only for external modules - [arm64] efi: fix variable 'si' set but not used - [arm64] unwind: Prohibit probing on return_address() - [arm64] mm: fix variable 'pud' set but not used - IB/core: Add mitigation for Spectre V1 - IB/mlx5: Fix MR registration flow to use UMR properly - IB/mad: Fix use-after-free in ib mad completion handling - [arm64] drm: msm: Fix add_gpu_components - [armhf] drm/exynos: fix missing decrement of retry counter - ocfs2: remove set but not used variable 'last_hash' - asm-generic: fix -Wtype-limits compiler warnings - [arm64] KVM: regmap: Fix unexpected switch fall-through - [armhf,arm64] KVM: Sync ICH_VMCR_EL2 back when about to block - [x86] staging: comedi: dt3000: Fix signed integer overflow 'divider * base' - [x86] staging: comedi: dt3000: Fix rounding up of timer divisor - USB: core: Fix races in character device registration and deregistraion - usb: cdc-acm: make sure a refcount is taken early enough - USB: CDC: fix sanity checks in CDC union parser - USB: serial: option: add D-Link DWM-222 device ID - USB: serial: option: Add support for ZTE MF871A - USB: serial: option: add the BroadMobi BM818 card - USB: serial: option: Add Motorola modem UARTs - [x86] drm/i915/cfl: Add a new CFL PCI ID. - [arm64] ftrace: Ensure module ftrace trampoline is coherent with I-side - Input: psmouse - fix build error of multiple definition - bnx2x: Fix VF's VLAN reconfiguration in reload. - bonding: Add vlan tx offload to hw_enc_features - net: dsa: Check existence of .port_mdb_add callback before calling it - net/mlx4_en: fix a memory leak bug - net/packet: fix race in tpacket_snd() - sctp: fix memleak in sctp_send_reset_streams - sctp: fix the transport error_count check - team: Add vlan tx offload to hw_enc_features - tipc: initialise addr_trail_end when setting node addresses - xen/netback: Reset nr_frags before freeing skb - net/mlx5e: Only support tx/rx pause setting for port owner - net/mlx5e: Use flow keys dissector to parse packets for ARFS - [arm64] mmc: sdhci-of-arasan: Do now show error message in case of deffered probe https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.69 - HID: Add 044f:b320 ThrustMaster, Inc. 2 in 1 DT - [mips*] kernel: only use i8253 clocksource with periodic clockevent - [mips*] fix cacheinfo - netfilter: ebtables: fix a memory leak bug in compat - ASoC: dapm: Fix handling of custom_stop_condition on DAPM graph walks - bonding: Force slave speed check after link state recovery for 802.3ad - [armhf,arm64] net: mvpp2: Don't check for 3 consecutive Idle frames for 10G links - can: dev: call netif_carrier_off() in register_candev() - can: gw: Fix error path of cgw_module_init - [armhf,arm64] ASoC: rockchip: Fix mono capture - [armhf] ASoC: ti: davinci-mcasp: Correct slot_width posed constraint - net: usb: qmi_wwan: Add the BroadMobi BM818 card - qed: RDMA - Fix the hw_ver returned in device attributes - isdn: mISDN: hfcsusb: Fix possible null-pointer dereferences in start_isoc_chain() - mac80211_hwsim: Fix possible null-pointer dereferences in hwsim_dump_radio_nl() - netfilter: ipset: Actually allow destination MAC address for hash:ip,mac sets too - netfilter: ipset: Copy the right MAC address in bitmap:ip,mac and hash:ip,mac sets - netfilter: ipset: Fix rename concurrency with listing - rxrpc: Fix potential deadlock - rxrpc: Fix the lack of notification when sendmsg() fails on a DATA packet - isdn: hfcsusb: Fix mISDN driver crash caused by transfer buffer on the stack - net: phy: phy_led_triggers: Fix a possible null-pointer dereference in phy_led_trigger_change_speed() - can: sja1000: force the string buffer NULL-terminated - can: peak_usb: force the string buffer NULL-terminated - net/ethernet/qlogic/qed: force the string buffer NULL-terminated - NFSv4: Fix a potential sleep while atomic in nfs4_do_reclaim() - NFS: Fix regression whereby fscache errors are appearing on 'nofsc' mounts - HID: quirks: Set the INCREMENT_USAGE_ON_DUPLICATE quirk on Saitek X52 - HID: input: fix a4tech horizontal wheel custom usage - [armhf,arm64] drm/rockchip: Suspend DP late - SMB3: Fix potential memory leak when processing compound chain - SMB3: Kernel oops mounting a encryptData share with CONFIG_DEBUG_VIRTUAL - [s390x] put _stext and _etext into .text section - net: cxgb3_main: Fix a resource leak in a error path in 'init_one()' - [armhf,arm64] net: stmmac: Fix issues when number of Queues >= 4 - [armhf,arm64] net: stmmac: tc: Do not return a fragment entry - [arm64] net: hisilicon: make hip04_tx_reclaim non-reentrant - [arm64] net: hisilicon: fix hip04-xmit never return TX_BUSY - [arm64] net: hisilicon: Fix dma_map_single failed on arm64 - libata: have ata_scsi_rw_xlat() fail invalid passthrough requests - libata: add SG safety checks in SFF pio transfers - [x86] lib/cpu: Address missing prototypes warning - [x86] drm/vmwgfx: fix memory leak when too many retries have occurred - block, bfq: handle NULL return value by bfq_init_rq() - perf ftrace: Fix failure to set cpumask when only one cpu is present - perf cpumap: Fix writing to illegal memory in handling cpumap mask - perf pmu-events: Fix missing "cpu_clk_unhalted.core" event - [arm64] KVM: Don't write junk to sysregs on reset - [armhf] KVM: Don't write junk to CP15 registers on reset - HID: wacom: correct misreported EKR ring values - HID: wacom: Correct distance scale for 2nd-gen Intuos devices - Revert "dm bufio: fix deadlock with loop device" (regression in 4.19.61) - ceph: clear page dirty before invalidate page - ceph: don't try fill file_lock on unsuccessful GETFILELOCK reply - libceph: fix PG split vs OSD (re)connect race - drm/nouveau: Don't retry infinitely when receiving no data on i2c over AUX - gpiolib: never report open-drain/source lines as 'input' to user-space - [x86] Drivers: hv: vmbus: Fix virt_to_hvpfn() for X86_PAE - userfaultfd_release: always remove uffd flags and clear vm_userfaultfd_ctx - [i386] retpoline: Don't clobber RFLAGS during CALL_NOSPEC on i386 - [x86] apic: Handle missing global clockevent gracefully - [x86] CPU/AMD: Clear RDRAND CPUID bit on AMD family 15h/16h - [x86] boot: Save fields explicitly, zero out everything else - [x86] boot: Fix boot regression caused by bootparam sanitizing - dm kcopyd: always complete failed jobs - dm btree: fix order of block initialization in btree_split_beneath - dm integrity: fix a crash due to BUG_ON in __journal_read_write() - dm raid: add missing cleanup in raid_ctr() - dm space map metadata: fix missing store of apply_bops() return value - dm table: fix invalid memory accesses with too high sector number - dm zoned: improve error handling in reclaim - dm zoned: improve error handling in i/o map code - dm zoned: properly handle backing device failure - genirq: Properly pair kobject_del() with kobject_add() - mm, page_owner: handle THP splits correctly - mm/zsmalloc.c: migration can leave pages in ZS_EMPTY indefinitely - mm/zsmalloc.c: fix race condition in zs_destroy_pool - xfs: don't trip over uninitialized buffer on extent read of corrupted inode - xfs: Move fs/xfs/xfs_attr.h to fs/xfs/libxfs/xfs_attr.h - xfs: Add helper function xfs_attr_try_sf_addname - xfs: Add attibute set and helper functions - xfs: Add attibute remove and helper functions - xfs: always rejoin held resources during defer roll - dm zoned: fix potential NULL dereference in dmz_do_reclaim() - [ppc64el] Allow flush_(inval_)dcache_range to work across ranges >4GB - rxrpc: Fix local endpoint refcounting - rxrpc: Fix read-after-free in rxrpc_queue_local() - rxrpc: Fix local endpoint replacement - rxrpc: Fix local refcounting https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.70 - nvme-multipath: revalidate nvme_ns_head gendisk in nvme_validate_ns - afs: Fix the CB.ProbeUuid service handler to reply correctly - afs: Fix loop index mixup in afs_deliver_vl_get_entry_by_name_u() - fs: afs: Fix a possible null-pointer dereference in afs_put_read() - afs: Only update d_fsdata if different in afs_d_revalidate() - nvmet-loop: Flush nvme_delete_wq when removing the port - nvme: fix a possible deadlock when passthru commands sent to a multipath device - nvme-pci: Fix async probe remove race - [armhf] omap-dma/omap_vout_vrfb: fix off-by-one fi value - iommu/dma: Handle SG length overflow better - usb: gadget: composite: Clear "suspended" on reset/disconnect - usb: gadget: mass_storage: Fix races between fsg_disable and fsg_set_alt - xen/blkback: fix memory leaks - [arm64] cpufeature: Don't treat granule sizes as strict - drm/ast: Fixed reboot test may cause system hanged - [x86] tools: hv: fix KVP and VSS daemons exit code - [x86] drm/i915: fix broadwell EU computation - [arm*] watchdog: bcm2835_wdt: Fix module autoload - scsi: ufs: Fix RX_TERMINATION_FORCE_ENABLE define value - [armhf] drm/tilcdc: Register cpufreq notifier after we have initialized crtc - ipv6/addrconf: allow adding multicast addr if IFA_F_MCAUTOJOIN is set - ipv6: Default fib6_type to RTN_UNICAST when not set - net/smc: make sure EPOLLOUT is raised - tcp: make sure EPOLLOUT wont be missed - ipv4/icmp: fix rt dst dev null pointer dereference - mm/zsmalloc.c: fix build when CONFIG_COMPACTION=n - ALSA: usb-audio: Check mixer unit bitmap yet more strictly - ALSA: line6: Fix memory leak at line6_init_pcm() error path - ALSA: hda - Fixes inverted Conexant GPIO mic mute led - ALSA: seq: Fix potential concurrent access to the deleted pool - ALSA: usb-audio: Fix invalid NULL check in snd_emuusb_set_samplerate() - ALSA: usb-audio: Add implicit fb quirk for Behringer UFX1604 - [x86] kvm: skip populating logical dest map if apic is not sw enabled - [x86] KVM: Don't update RIP or do single-step on faulting emulation - [amd64] uprobes: Fix detection of 32-bit user mode - [x86] apic: Do not initialize LDR and DFR for bigsmp - ftrace: Fix NULL pointer dereference in t_probe_next() - ftrace: Check for successful allocation of hash - ftrace: Check for empty hash and comment the race with registering probes - usb-storage: Add new JMS567 revision to unusual_devs - USB: cdc-wdm: fix race between write and disconnect due to flag abuse - usb: hcd: use managed device resources - [armhf,arm64] usb: chipidea: udc: don't do hardware access if gadget has stopped - usb: host: ohci: fix a race condition between shutdown and irq - usb: host: xhci: rcar: Fix typo in compatible string matching - USB: storage: ums-realtek: Update module parameter description for auto_delink_en - USB: storage: ums-realtek: Whitelist auto-delink support - [x86] mei: me: add Tiger Lake point LP device ID - mmc: core: Fix init of SD cards reporting an invalid VDD range - stm class: Fix a double free of stm_source_device - [x86] intel_th: pci: Add support for another Lewisburg PCH - [x86] intel_th: pci: Add Tiger Lake support - [x86] typec: tcpm: fix a typo in the comparison of pdo_max_voltage - lib: logic_pio: Fix RCU usage - lib: logic_pio: Avoid possible overlap for unregistering regions - lib: logic_pio: Add logic_pio_unregister_range() - [x86] drm/amdgpu: Add APTX quirk for Dell Latitude 5495 - [x86] drm/i915: Don't deballoon unused ggtt drm_mm_node in linux guest - [x86] drm/i915: Call dma_set_max_seg_size() in i915_driver_hw_probe() - [arm64] bus: hisi_lpc: Unregister logical PIO range to avoid potential use-after-free - [arm64] bus: hisi_lpc: Add .remove method to avoid driver unbind crash - [x86] VMCI: Release resource if the work is already queued - [x86] crypto: ccp - Ignore unconfigured CCP device on suspend/resume - Revert "cfg80211: fix processing world regdomain when non modular" - mac80211: fix possible sta leak - mac80211: Don't memset RXCB prior to PAE intercept - mac80211: Correctly set noencrypt for PAE frames - [ppc64el] KVM: Book3S: Fix incorrect guest-to-user-translation error handling - [armhf,arm64] KVM: vgic: Fix potential deadlock when ap_list is long - [armhf,arm64] KVM: vgic-v2: Handle SGI bits in GICD_I{S,C}PENDR0 as WI - NFS: Clean up list moves of struct nfs_page - NFSv4/pnfs: Fix a page lock leak in nfs_pageio_resend() - NFS: Pass error information to the pgio error cleanup routine - NFS: Ensure O_DIRECT reports an error if the bytes read/written is 0 - [x86] i2c: piix4: Fix port selection for AMD Family 16h Model 30h - mt76: mt76x0u: do not reset radio on resume https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.71 - Revert "Input: elantech - enable SMBus on new (2018+) systems" (regression in 4.19.67) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.72 - mld: fix memory leak in mld_del_delrec() - net: fix skb use after free in netpoll - net: sched: act_sample: fix psample group handling on overwrite - net_sched: fix a NULL pointer deref in ipt action - [armhf,arm64] net: stmmac: dwmac-rk: Don't fail if phy regulator is absent - tcp: inherit timestamp on mtu probe - tcp: remove empty skb from write queue in error cases - net/rds: Fix info leak in rds6_inc_info_copy() (CVE-2019-16714) - [x86] boot: Preserve boot_params.secure_boot from sanitizing - [arm*] spi: bcm2835aux: unifying code between polling and interrupt driven code - [arm*] spi: bcm2835aux: remove dangerous uncontrolled read of fifo - [arm*] spi: bcm2835aux: fix corruptions for longer spi transfers - netfilter: nf_tables: use-after-free in failing rule with bound set - [x86] hv_netvsc: Fix a warning of suspicious RCU usage - Bluetooth: btqca: Add a short delay before downloading the NVM - [ppc64el] ibmveth: Convert multicast list size for little-endian system - gpio: Fix build error of function redefinition - netfilter: nft_flow_offload: skip tcp rst and fin packets - scsi: qla2xxx: Fix gnl.l memory leak on adapter init failure - scsi: target: tcmu: avoid use-after-free after command timeout - cxgb4: fix a memory leak bug - liquidio: add cleanup in octeon_setup_iq() - net: myri10ge: fix memory leaks - lan78xx: Fix memory leaks - vfs: fix page locking deadlocks when deduping files - cx82310_eth: fix a memory leak bug - net: kalmia: fix memory leaks - net: cavium: fix driver name - wimax/i2400m: fix a memory leak bug - kprobes: Fix potential deadlock in kprobe_optimizer() - HID: cp2112: prevent sleeping function called from invalid context - [amd64] boot/compressed: Fix boot on machines with broken E820 table - [x86] Input: hyperv-keyboard: Use in-place iterator API in the channel callback - [x86] Tools: hv: kvp: eliminate 'may be used uninitialized' warning - nvme-multipath: fix possible I/O hang when paths are updated - IB/mlx4: Fix memory leaks - infiniband: hfi1: fix a memory leak bug - infiniband: hfi1: fix memory leaks - ceph: fix buffer free while holding i_ceph_lock in __ceph_setxattr() - ceph: fix buffer free while holding i_ceph_lock in __ceph_build_xattrs_blob() - ceph: fix buffer free while holding i_ceph_lock in fill_inode() - [armhf,arm64] KVM: Only skip MMIO insn once - afs: Fix leak in afs_lookup_cell_rcu() - [armhf,arm64] KVM: VGIC: Properly initialise private IRQ affinity - [amd64] boot/compressed: Fix missing initialization in find_trampoline_placement() - libceph: allow ceph_buffer_put() to receive a NULL ceph_buffer https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.73 - ALSA: hda - Fix potential endless loop at applying quirks - ALSA: hda/realtek - Fix overridden device-specific initialization - [x86] ALSA: hda/realtek - Add quirk for HP Pavilion 15 - [x86] ALSA: hda/realtek - Enable internal speaker & headset mic of ASUS UX431FL - [x86] ALSA: hda/realtek - Fix the problem of two front mics on a ThinkCentre - sched/fair: Don't assign runtime for throttled cfs_rq - [x86] drm/vmwgfx: Fix double free in vmw_recv_msg() - [ppc64el] tm: Fix FP/VMX unavailable exceptions inside a transaction (CVE-2019-15030) - batman-adv: fix uninit-value in batadv_netlink_get_ifindex() - batman-adv: Only read OGM tvlv_len after buffer len check - [x86] hv_sock: Fix hang when a connection is closed - Blk-iolatency: warn on negative inflight IO counter - blk-iolatency: fix STS_AGAIN handling - {nl,mac}80211: fix interface combinations on crypto controlled devices - timekeeping: Use proper ktime_add when adding nsecs in coarse offset - selftests: fib_rule_tests: use pre-defined DEV_ADDR - [x86] ftrace: Fix warning and considate ftrace_jmp_replace() and ftrace_call_replace() - [ppc64el] mark start_here_multiplatform as __ref - [arm64] dts: rockchip: enable usb-host regulators at boot on rk3328-rock64 - nvme-fc: use separate work queue to avoid warning - [armhf] clk: s2mps11: Add used attribute to s2mps11_dt_match - [arm64] remoteproc: qcom: q6v5: shore up resource probe handling - modules: always page-align module section allocations - kernel/module: Fix mem leak in module_add_modinfo_attrs - [x86] drm/i915: Re-apply "Perform link quality check, unconditionally during long pulse" - scsi: qla2xxx: Move log messages before issuing command to firmware - keys: Fix the use of the C++ keyword "private" in uapi/linux/keyctl.h - [x86] Drivers: hv: kvp: Fix two "this statement may fall through" warnings - [x86] hibernate: Fix nosave_regions setup for hibernation - [arm64] remoteproc: qcom: q6v5-mss: add SCM probe dependency - drm/amdgpu/gfx9: Update gfx9 golden settings. - drm/amdgpu: Update gc_9_0 golden settings. - [x86] KVM: hyperv: enforce vp_index < KVM_MAX_VCPUS - [x86] KVM: hyperv: consistently use 'hv_vcpu' for 'struct kvm_vcpu_hv' variables - [x86] KVM: hyperv: keep track of mismatched VP indexes - [x86] KVM: hyperv: define VP assist page helpers - [x86] kvm/lapic: preserve gfn_to_hva_cache len on cache reinit - [x86] drm/i915: Fix intel_dp_mst_best_encoder() - [x86] drm/i915: Rename PLANE_CTL_DECOMPRESSION_ENABLE - [x86] drm/i915/gen9+: Fix initial readout for Y tiled framebuffers - drm/atomic_helper: Disallow new modesets on unregistered connectors - [x86] Drivers: hv: kvp: Fix the recent regression caused by incorrect clean-up - powerplay: Respect units on max dcfclk watermark - drm/amd/pp: Fix truncated clock value when set watermark - drm/amd/dm: Understand why attaching path/tile properties are needed - [s390x] zcrypt: reinit ap queue state machine during device probe - [x86] drm/i915: Restore sane defaults for KMS on GEM error load - [x86] drm/i915: Cleanup gt powerstate from gem - [ppc64el] KVM: Book3S HV: Fix race between kvm_unmap_hva_range and MMU mode switch - Btrfs: clean up scrub is_dev_replace parameter - Btrfs: fix deadlock with memory reclaim during scrub - btrfs: Remove extent_io_ops::fill_delalloc - btrfs: Fix error handling in btrfs_cleanup_ordered_extents - scsi: megaraid_sas: Fix combined reply queue mode detection - scsi: megaraid_sas: Add check for reset adapter bit - scsi: megaraid_sas: Use 63-bit DMA addressing - [ppc64el] pkeys: Fix handling of pkey state across fork() - btrfs: volumes: Make sure no dev extent is beyond device boundary - btrfs: Use real device structure to verify dev extent - IB/uverbs: Fix OOPs upon device disassociation - drm/vblank: Allow dynamic per-crtc max_vblank_count - [x86] drm/i915/ilk: Fix warning when reading emon_status with no output - tpm: Fix some name collisions with drivers/char/tpm.h - bcache: replace hard coded number with BUCKET_GC_GEN_MAX - bcache: treat stale && dirty keys as bad keys - [x86] KVM: VMX: Compare only a single byte for VMCS' "launched" in vCPU-run - [armhf] iio: adc: exynos-adc: Add S5PV210 variant - [armhf] iio: adc: exynos-adc: Use proper number of channels for Exynos4x12 - mt76: fix corrupted software generated tx CCMP PN - drm/nouveau: Don't WARN_ON VCPI allocation failures - iwlwifi: fix devices with PCI Device ID 0x34F0 and 11ac RF modules - iwlwifi: add new card for 9260 series - spi: spi-gpio: fix SPI_CS_HIGH capability - [ppc64el] kvm: Save and restore host AMR/IAMR/UAMOR - btrfs: scrub: pass fs_info to scrub_setup_ctx - btrfs: scrub: move scrub_setup_ctx allocation out of device_list_mutex - btrfs: scrub: fix circular locking dependency warning - btrfs: init csum_list before possible free - [arm64] PCI: qcom: Fix error handling in runtime PM support - [arm64] PCI: qcom: Don't deassert reset GPIO during probe - CIFS: Fix error paths in writeback code - CIFS: Fix leaking locked VFS cache pages in writeback retry - [x86] drm/i915: Handle vm_mmap error during I915_GEM_MMAP ioctl with WC set - [x86] drm/i915: Sanity check mmap length against object size - [x86] usb: typec: tcpm: Try PD-2.0 if sink does not respond to 3.0 source-caps - IB/mlx5: Reset access mask when looping inside page fault handler - kvm: mmu: Fix overflow on kvm mmu page limit calculation - [x86] kvm: move kvm_load/put_guest_xcr0 into atomic context - [x86] KVM: Always use 32-bit SMRAM save state for 32-bit kernels - cifs: Fix lease buffer length error (CVE-2019-15918) - ext4: protect journal inode's blocks using block_validity - [x86] PCI: Reset Lenovo ThinkPad P50 nvgpu at boot if necessary - dm mpath: fix missing call of path selector type->end_io - blk-mq: free hw queue's resource in hctx's release handler - mmc: sdhci-pci: Add support for Intel CML - PCI: dwc: Use devm_pci_alloc_host_bridge() to simplify code - cifs: smbd: take an array of reqeusts when sending upper layer data - dm crypt: move detailed message into debug level - [x86] drm/amdkfd: Add missing Polaris10 ID - kvm: Check irqchip mode before assign irqfd - drm/amdgpu: fix ring test failure issue during s3 in vce 3.0 (V2) - drm/amdgpu/{uvd,vcn}: fetch ring's read_ptr after alloc - Btrfs: fix race between block group removal and block group allocation - cifs: add spinlock for the openFileList to cifsInodeInfo - [arm64] clk: tegra: Fix maximum audio sync clock for Tegra124/210 - [arm64] clk: tegra210: Fix default rates for HDA clocks - IB/hfi1: Avoid hardlockup with flushlist_lock - apparmor: reset pos on failure to unpack for various functions - scsi: target/core: Use the SECTOR_SHIFT constant - scsi: target/iblock: Fix overrun in WRITE SAME emulation - [s390x] scsi: zfcp: fix request object use-after-free in send path causing wrong traces - cifs: Properly handle auto disabling of serverino option - [x86] ALSA: hda - Don't resume forcibly i915 HDMI/DP codec - [x86] KVM: optimize check for valid PAT value - [x86] KVM: VMX: Always signal #GP on WRMSR to MSR_IA32_CR_PAT with bad value - [x86] KVM: VMX: Fix handling of #MC that occurs during VM-Entry - [x86] KVM: VMX: check CPUID before allowing read/write of IA32_XSS - [ppc64el] KVM: Use ccr field in pt_regs struct embedded in vcpu struct - [ppc64el] KVM: Book3S HV: Fix CR0 setting in TM emulation - RDMA/srp: Document srp_parse_in() arguments - RDMA/srp: Accept again source addresses that do not have a port number - btrfs: correctly validate compression type - resource: Include resource end in walk_*() interfaces - resource: Fix find_next_iomem_res() iteration issue - resource: fix locking in find_next_iomem_res() - pstore: Fix double-free in pstore_mkfile() failure path - dm thin metadata: check if in fail_io mode when setting needs_check - [armhf,arm64] drm/panel: Add support for Armadeus ST0700 Adapt - [x86] ALSA: hda - Fix intermittent CORB/RIRB stall on Intel chips - [ppc64el] mm: Limit rma_size to 1TB when running without HV mode - iommu/iova: Remove stale cached32_node - gpio: don't WARN() on NULL descs if gpiolib is disabled - mm/migrate.c: initialize pud_entry in migrate_vma() - NFSv4: Fix delegation state recovery - bcache: only clear BTREE_NODE_dirty bit when it is set - bcache: add comments for mutex_lock(&b->write_lock) - bcache: fix race in btree_flush_write() - [x86] drm/i915: Make sure cdclk is high enough for DP audio on VLV/CHV - [s390x] virtio: fix race on airq_areas[] - drm/atomic_helper: Allow DPMS On<->Off changes for unregistered connectors - ext4: don't perform block validity checks on the journal inode - ext4: fix block validity checks for journal inodes using indirect blocks - ext4: unsigned int compared against zero - [x86] PCI: Reset both NVIDIA GPU and HDA in ThinkPad P50 workaround - [ppc64el] tm: Remove msr_tm_active() - [ppc64el] tm: Fix restoring FP/VMX facility incorrectly on interrupts (CVE-2019-15031) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.74 - bridge/mdb: remove wrong use of NLM_F_MULTI - cdc_ether: fix rndis support for Mediatek based smartphones - ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()' - isdn/capi: check message length in capi_write() - net: Fix null de-reference of device refcount - net: gso: Fix skb_segment splat when splitting gso_size mangled skb having linear-headed frag_list - net: phylink: Fix flow control resolution - net: sched: fix reordering issues - sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero - sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()' - sctp: use transport pf_retrans in sctp_do_8_2_transport_strike - tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR - tipc: add NULL pointer check before calling kfree_rcu - tun: fix use-after-free when register netdev failed - gpiolib: acpi: Add gpiolib_acpi_run_edge_events_on_boot option and blacklist - gpio: fix line flag validation in linehandle_create - Btrfs: fix assertion failure during fsync and use of stale transaction - ixgbe: Prevent u8 wrapping of ITR value to something less than 10us - genirq: Prevent NULL pointer dereference in resend_irqs() - [s390x] KVM: kvm_s390_vm_start_migration: check dirty_bitmap before using it as target for memset() - [s390x] KVM: Do not leak kernel stack data in the KVM_S390_INTERRUPT ioctl - [x86] KVM: work around leak of uninitialized stack contents - [x86] KVM: nVMX: handle page fault in vmread - [x86] purgatory: Change compiler flags from -mcmodel=kernel to -mcmodel=large to fix kexec relocation errors - [ppc64el] Add barrier_nospec to raw_copy_in_user() - [arm64] drm/meson: Add support for XBGR8888 & ABGR8888 formats - [armhf,arm64] clk: rockchip: Don't yell about bad mmc phases when getting - PCI: Always allow probing with driver_override - gpio: fix line flag validation in lineevent_create - ubifs: Correctly use tnc_next() in search_dh_cookie() - driver core: Fix use-after-free and double free on glue directory - firmware: ti_sci: Always request response from firmware - [x86] drm: panel-orientation-quirks: Add extra quirk table entry for GPD MicroPC - Revert "Bluetooth: btusb: driver to enable the usb-wakeup feature" - modules: fix BUG when load module with rodata=n - rsi: fix a double free bug in rsi_91x_deinit() (CVE-2019-15504) - nvmem: Use the same permissions for eeprom as for nvmem https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.75 - netfilter: nf_flow_table: set default timeout after successful insertion - HID: wacom: generic: read HID_DG_CONTACTMAX from any feature report - RDMA/restrack: Release task struct which was hold by CM_ID object - [x86] Input: elan_i2c - remove Lenovo Legion Y7000 PnpID - [ppc64el] mm/radix: Use the right page size for vmemmap mapping - USB: usbcore: Fix slab-out-of-bounds bug during device reset - media: tm6000: double free if usb disconnect while streaming - ip6_gre: fix a dst leak in ip6erspan_tunnel_xmit - udp: correct reuseport selection with connected sockets - xen-netfront: do not assume sk_buff_head list is empty in error handling - net_sched: let qdisc_put() accept NULL pointer - mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings (CVE-2019-14814, CVE-2019-14815, CVE-2019-14816) - nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds - ieee802154: hwsim: Fix error handle path in hwsim_init_module - ieee802154: hwsim: unregister hw while hwsim_subscribe_all_others fails - [armhf] dts: am57xx: Disable voltage switching for SD card - [armhf] OMAP2+: Fix missing SYSC_HAS_RESET_STATUS for dra7 epwmss - [armhf] bus: ti-sysc: Fix using configured sysc mask value - [s390x] bpf: fix lcgr instruction encoding - [armhf] OMAP2+: Fix omap4 errata warning on other SoCs - [armhf] dts: dra74x: Fix iodelay configuration for mmc3 - [armhf] bus: ti-sysc: Simplify cleanup upon failures in sysc_probe() - [s390x] bpf: use 32-bit index for tail calls - netfilter: ebtables: Fix argument order to ADD_COUNTER - netfilter: nft_flow_offload: missing netlink attribute policy - netfilter: xt_nfacct: Fix alignment mismatch in xt_nfacct_match_info - NFSv4: Fix return values for nfs4_file_open() - NFSv4: Fix return value in nfs_finish_open() - NFS: Fix initialisation of I/O result struct in nfs_pgio_rpcsetup - xdp: unpin xdp umem pages in error path - qed: Add cleanup in qed_slowpath_start() - [armel,armhf] 8874/1: mm: only adjust sections of valid mm structures - batman-adv: Only read OGM2 tvlv_len after buffer len check - bpf: allow narrow loads of some sk_reuseport_md fields with offset > 0 - r8152: Set memory to all 0xFFs on failed reg reads - [x86] apic: Fix arch_dynirq_lower_bound() bug for DT enabled machines - netfilter: xt_physdev: Fix spurious error message in physdev_mt_check - netfilter: nf_conntrack_ftp: Fix debug output - NFSv2: Fix eof handling - NFSv2: Fix write regression - kallsyms: Don't let kallsyms_lookup_size_offset() fail on retrieving the first symbol - cifs: set domainName when a domain-key is used in multiuser - cifs: Use kzfree() to zero out the password - [armhf,arm64] usb: host: xhci-tegra: Set DMA mask correctly - [armel,armhf] 8901/1: add a criteria for pfn_valid of arm - sky2: Disable MSI on yet another ASUS boards (P6Xxxx) - i2c: designware: Synchronize IRQs when unregistering slave client - [x86] perf/intel: Restrict period on Nehalem - [x86] perf/amd/ibs: Fix sample bias for dispatched micro-ops - amd-xgbe: Fix error path in xgbe_mod_init() - [x86] tools/power x86_energy_perf_policy: Fix argument parsing - [x86] tools/power turbostat: fix buffer overrun - net: aquantia: fix out of memory condition on rx side - [armhf] dmaengine: ti: omap-dma: Add cleanup in omap_dma_probe() - [x86] uaccess: Don't leak the AC flags into __get_user() argument evaluation - [x86] hyper-v: Fix overflow bug in fill_gva_list() - keys: Fix missing null pointer check in request_key_auth_describe() - [x86] iommu/amd: Flush old domains in kdump kernel - [x86] iommu/amd: Fix race in increase_address_space() - [arm64] PCI: kirin: Fix section mismatch warning - ovl: fix regression caused by overlapping layers detection - floppy: fix usercopy direction - binfmt_elf: move brk out of mmap when doing direct loader exec - [arm64] kpti: Whitelist Cortex-A CPUs that don't implement the CSV3 field - media: technisat-usb2: break out of loop at end of buffer (CVE-2019-15505) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.76 - Revert "Bluetooth: validate BLE connection interval updates" - RDMA/restrack: Protect from reentry to resource return path - [ppc64el] xive: Fix bogus error code returned by OPAL - IB/core: Add an unbound WQ type to the new CQ API - HID: prodikeys: Fix general protection fault during probe - HID: sony: Fix memory corruption issue on cleanup. - HID: logitech: Fix general protection fault caused by Logitech driver - HID: hidraw: Fix invalid read in hidraw_ioctl - HID: Add quirk for HP X500 PIXART OEM mouse - mtd: cfi_cmdset_0002: Use chip_good() to retry in do_write_oneword() - CIFS: fix deadlock in cached root handling - net/mlx5e: Set ECN for received packets using CQE indication - net/mlx5e: don't set CHECKSUM_COMPLETE on SCTP packets - mlx5: fix get_ip_proto() - net/mlx5e: Allow reporting of checksum unnecessary - net/mlx5e: XDP, Avoid checksum complete when XDP prog is loaded - net/mlx5e: Rx, Fixup skb checksum for packets with tail padding - net/mlx5e: Rx, Check ip headers sanity - iwlwifi: mvm: send BCAST management frames to the right station - iwlwifi: mvm: always init rs_fw with 20MHz bandwidth rates - media: tvp5150: fix switch exit in set control handler - [x86] ASoC: Intel: cht_bsw_max98090_ti: Enable codec clock once and keep it enabled - ALSA: usb-audio: Add Hiby device family to quirks for native DSD support - ALSA: usb-audio: Add DSD support for EVGA NU Audio - ALSA: dice: fix wrong packet parameter for Alesis iO26 - [x86] ALSA: hda - Add laptop imic fixup for ASUS M9V laptop - [x86] ALSA: hda - Apply AMD controller workaround for Raven platform - objtool: Clobber user CFLAGS variable - power: supply: sysfs: ratelimit property read error message - scsi: qla2xxx: Turn off IOCB timeout timer on IOCB completion - scsi: qla2xxx: Remove all rports if fabric scan retry fails - scsi: qla2xxx: Return switch command on a timeout - Revert "drm/amd/powerplay: Enable/Disable NBPSTATE on On/OFF of UVD" - bpf: libbpf: retry loading program on EAGAIN - [armhf,arm64] irqchip/gic-v3-its: Fix LPI release for Multi-MSI devices - f2fs: check all the data segments against all node ones - [x86] PCI: hv: Avoid use of hv_pci_dev->pci_slot after freeing it - bcache: remove redundant LIST_HEAD(journal) from run_cache_set() - initramfs: don't free a non-existent initrd - blk-mq: change gfp flags to GFP_NOIO in blk_mq_realloc_hw_ctxs - blk-mq: move cancel of requeue_work to the front of blk_exit_queue - Revert "f2fs: avoid out-of-range memory access" - dm zoned: fix invalid memory access - f2fs: fix to do sanity check on segment bitmap of LFS curseg - drm: Flush output polling on shutdown - net: don't warn in inet diag when IPV6 is disabled - Bluetooth: btrtl: HCI reset on close for Realtek BT chip - [x86] ACPI: video: Add new hw_changes_brightness quirk, set it on PB Easynote MZ35 - drm/nouveau/disp/nv50-: fix center/aspect-corrected scaling - xfs: don't crash on null attr fork xfs_bmapi_read - netfilter: nft_socket: fix erroneous socket assignment - Bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices - net_sched: check cops->tcf_block in tc_bind_tclass() - net/rds: An rds_sock is added too early to the hash table - net/rds: Check laddr_check before calling it - f2fs: use generic EFSBADCRC/EFSCORRUPTED https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.77 - arcnet: provide a buffer big enough to actually receive packets - cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize - macsec: drop skb sk before calling gro_cells_receive - net/phy: fix DP83865 10 Mbps HDX loopback disable function - net/sched: act_sample: don't push mac header on ip6gre ingress - net_sched: add max len check for TCA_KIND - nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs (CVE-2019-19081) - openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC - ppp: Fix memory leak in ppp_write - sch_netem: fix a divide by zero in tabledist() - skge: fix checksum byte order - usbnet: ignore endpoints with invalid wMaxPacketSize - usbnet: sanity checking of packet sizes and device mtu - net: sched: fix possible crash in tcf_action_destroy() - tcp: better handle TCP_USER_TIMEOUT in SYN_SENT state - net/mlx5: Add device ID of upcoming BlueField-2 - mISDN: enforce CAP_NET_RAW for raw sockets (CVE-2019-17055) - appletalk: enforce CAP_NET_RAW for raw sockets (CVE-2019-17054) - ax25: enforce CAP_NET_RAW for raw sockets (CVE-2019-17052) - ieee802154: enforce CAP_NET_RAW for raw sockets (CVE-2019-17053) - nfc: enforce CAP_NET_RAW for raw sockets (CVE-2019-17056) - nfp: flower: prevent memory leak in nfp_flower_spawn_phy_reprs (CVE-2019-19080) - ALSA: hda: Flush interrupts on disabling - [armhf] ASoC: sgtl5000: Fix of unmute outputs on probe - [armhf] ASoC: sgtl5000: Fix charge pump source assignment - [arm*] dmaengine: bcm2835: Print error in case setting DMA mask fails - media: dib0700: fix link error for dibx000_i2c_set_speed - media: hdpvr: Add device num check and handling - time/tick-broadcast: Fix tick_broadcast_offline() lockdep complaint - sched/fair: Fix imbalance due to CPU affinity - sched/core: Fix CPU controller for !RT_GROUP_SCHED - [x86] apic: Make apic_pending_intr_clear() more robust - sched/deadline: Fix bandwidth accounting at all levels after offline migration - [x86] reboot: Always use NMI fallback when shutdown via reboot vector IPI fails - [x86] apic: Soft disable APIC before initializing it - ALSA: hda - Show the fatal CORB/RIRB error more clearly - ALSA: i2c: ak4xxx-adda: Fix a possible null pointer dereference in build_adc_controls() - EDAC/mc: Fix grain_bits calculation - media: iguanair: add sanity checks - base: soc: Export soc_device_register/unregister APIs - ALSA: usb-audio: Skip bSynchAddress endpoint check if it is invalid - [arm64] prefetch: fix a -Wtype-limits warning - md/raid1: end bio when the device faulty - md: don't call spare_active in md_reap_sync_thread if all member devices can't work - md: don't set In_sync if array is frozen - ACPI / processor: don't print errors for processorIDs == 0xff - loop: Add LOOP_SET_DIRECT_IO to compat ioctl - [x86] EDAC, pnd2: Fix ioremap() size in dnv_rd_reg() - efi: cper: print AER info of PCIe fatal error - sched/fair: Use rq_lock/unlock in online_fair_sched_group - idle: Prevent late-arriving interrupts from disrupting offline - media: gspca: zero usb_buf on error - perf config: Honour $PERF_CONFIG env var to specify alternate .perfconfig - perf test vfs_getname: Disable ~/.perfconfig to get default output - media: em28xx: modules workqueue not inited for 2nd device - media: rc: imon: Allow iMON RC protocol for ffdc 7e device - [arm64] perf record: Support aarch64 random socket_id assignment - [armhf] media: omap3isp: Don't set streaming state on random subdevs - media: radio/si470x: kill urb on error - media: hdpvr: add terminating 0 at end of string - led: triggers: Fix a memory leak bug - nbd: add missing config put - media: mceusb: fix (eliminate) TX IR signal length limit - media: dvb-frontends: use ida for pll number - posix-cpu-timers: Sanitize bogus WARNONS - media: dvb-core: fix a memory leak bug - libperf: Fix alignment trap with xyarray contents in 'perf stat' - [amd64] EDAC/amd64: Recognize DRAM device type ECC capability - [amd64] EDAC/amd64: Decode syndrome before translating address - PM / devfreq: passive: Use non-devm notifiers - PM / devfreq: exynos-bus: Correct clock enable sequence - media: cec-notifier: clear cec_adap in cec_notifier_unregister - media: saa7146: add cleanup in hexium_attach() - media: cpia2_usb: fix memory leaks - media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate() - perf trace beauty ioctl: Fix off-by-one error in cmd->string table - [x86] ASoC: es8316: fix headphone mixer volume table - ACPI / CPPC: do not require the _PSD method - sched/cpufreq: Align trace event behavior of fast switching - [x86] apic/vector: Warn when vector space exhaustion breaks affinity - [arm64] kpti: ensure patched kernel text is fetched from PoU - [x86] mm/pti: Do not invoke PTI functions when PTI is disabled - [x86] mm/pti: Handle unaligned address gracefully in pti_clone_pagetable() - nvmet: fix data units read and written counters in SMART log - nvme-multipath: fix ana log nsid lookup when nsid is not found - ALSA: firewire-motu: add support for MOTU 4pre - iommu/amd: Silence warnings under memory pressure - libata/ahci: Drop PCS quirk for Denverton and beyond - iommu/iova: Avoid false sharing on fq_timer_on - libtraceevent: Change users plugin directory - [armhf] dts: exynos: Mark LDO10 as always-on on Peach Pit/Pi Chromebooks - ACPI: custom_method: fix memory leaks - ACPI / PCI: fix acpi_pci_irq_enable() memory leak - closures: fix a race on wakeup from closure_sync - hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap' - md/raid1: fail run raid1 array when active disk less than one - dmaengine: ti: edma: Do not reset reserved paRAM slots - kprobes: Prohibit probing on BUG() and WARN() address - [s390x] crypto: xts-aes-s390 fix extra run-time crypto self tests finding - [x86] cpu: Add Tiger Lake to Intel family - [x86] platform: intel_pmc_core: Do not ioremap RAM - ASoC: dmaengine: Make the pcm->name equal to pcm->id if the name is not set - raid5: don't set STRIPE_HANDLE to stripe which is in batch list - mmc: core: Clarify sdio_irq_pending flag for MMC_CAP2_SDIO_IRQ_NOTHREAD - mmc: sdhci: Fix incorrect switch to HS mode - mmc: core: Add helper function to indicate if SDIO IRQs is enabled - [armhf,arm64] mmc: dw_mmc: Re-store SDIO IRQs mask at system resume - raid5: don't increment read_errors on EILSEQ return - libertas: Add missing sentinel at end of if_usb.c fw_table - e1000e: add workaround for possible stalled packet - ALSA: hda - Drop unsol event handler for Intel HDMI codecs - drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2) - media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() - [x86] ALSA: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93 - [x86] iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems - btrfs: extent-tree: Make sure we only allocate extents from block groups with the same type - [armhf] media: omap3isp: Set device on omap3isp subdevs - PM / devfreq: passive: fix compiler warning - iwlwifi: fw: don't send GEO_TX_POWER_LIMIT command to FW version 36 - ALSA: firewire-tascam: handle error code when getting current source of clock - ALSA: firewire-tascam: check intermediate state of clock status and retry - scsi: scsi_dh_rdac: zero cdb in send_mode_select() - scsi: qla2xxx: Fix Relogin to prevent modifying scan_state flag - printk: Do not lose last line in kmsg buffer dump - IB/mlx5: Free mpi in mp_slave mode - IB/hfi1: Define variables as unsigned long to fix KASAN warning - randstruct: Check member structs in is_pure_ops_struct() - ceph: use ceph_evict_inode to cleanup inode's resource - [x86] ALSA: hda/realtek - PCI quirk for Medion E4254 - blk-mq: add callback of .cleanup_rq - scsi: implement .cleanup_rq callback - [ppc64el] imc: Dont create debugfs files for cpu-less nodes - fuse: fix missing unlock_page in fuse_writepage() - [x86] KVM: always stop emulation on page fault - [x86] KVM: set ctxt->have_exception in x86_decode_insn() - [x86] KVM: Manually calculate reserved bits when loading PDPTRS - [x86] media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table - media: don't drop front-end reference count for ->detach - binfmt_elf: Do not move brk for INTERP-less ET_EXEC - [x86] ASoC: Intel: NHLT: Fix debug print format - [x86] ASoC: Intel: Skylake: Use correct function to access iomem space - [x86] ASoC: Intel: Fix use of potentially uninitialized variable - [arm64] Revert "arm64: Remove unnecessary ISBs from set_{pte,pmd,pud}" - [arm64] tlb: Ensure we execute an ISB following walk cache invalidation - [arm64] dts: rockchip: limit clock rate of MMC controllers for RK3328 - alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP - regulator: Defer init completion for a while after late_initcall - efifb: BGRT: Improve efifb_bgrt_sanity_check - gfs2: clear buf_in_tr when ending a transaction in sweep_bh_for_rgrps - memcg, oom: don't require __GFP_FS when invoking memcg OOM killer - memcg, kmem: do not fail __GFP_NOFAIL charges - i40e: check __I40E_VF_DISABLE bit in i40e_sync_filters_subtask - block: fix null pointer dereference in blk_mq_rq_timed_out() - smb3: allow disabling requesting leases - ovl: Fix dereferencing possible ERR_PTR() - ovl: filter of trusted xattr results in audit - btrfs: fix allocation of free space cache v1 bitmap pages - Btrfs: fix use-after-free when using the tree modification log - btrfs: Relinquish CPUs in btrfs_compare_trees - btrfs: qgroup: Fix the wrong target io_tree when freeing reserved data space - btrfs: qgroup: Fix reserved data space leak if we have multiple reserve calls - Btrfs: fix race setting up and completing qgroup rescan workers - md/raid6: Set R5_ReadError when there is read failure on parity disk - md: don't report active array_state until after revalidate_disk() completes. - md: only call set_in_sync() when it is expected to succeed. - cfg80211: Purge frame registrations on iftype change - /dev/mem: Bail out upon SIGKILL. - ext4: fix warning inside ext4_convert_unwritten_extents_endio - ext4: fix punch hole for inline_data file systems - quota: fix wrong condition in is_quota_modification() - hwrng: core - don't wait on add_early_randomness() - CIFS: fix max ea value size - CIFS: Fix oplock handling for SMB 2.1+ protocols - md/raid0: avoid RAID0 data corruption due to layout confusion. - fuse: fix deadlock with aio poll and fuse_iqueue::waitq.lock - mm/compaction.c: clear total_{migrate,free}_scanned before scanning a new zone - drm/amd/display: Restore backlight brightness after system resume https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.78 - tpm: use tpm_try_get_ops() in tpm-sysfs.c. - tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations - [armhf,arm64] drm/panel: simple: fix AUO g185han01 horizontal blanking - [armhf,arm64] drm/panel: check failure cases in the probe func - [armhf,arm64] drm/rockchip: Check for fast link training before enabling psr - gpu: drm: radeon: Fix a possible null-pointer dereference in radeon_connector_set_property() - [ppc64el] PCI: rpaphp: Avoid a sometimes-uninitialized warning - ipmi_si: Only schedule continuously in the thread in maintenance mode - [armhf,arm64] clk: sunxi-ng: v3s: add missing clock slices for MMC2 module clocks - drm/amd/display: fix issue where 252-255 values are clipped - drm/amd/display: reprogram VM config when system resume - [ppc64el] powernv/ioda2: Allocate TCE table levels on demand for default DMA window - [ppc64el] xmon: Check for HV mode when dumping XIVE info from OPAL - [ppc64el] rtas: use device model APIs and serialization during LPM - [ppc64el] futex: Fix warning: 'oldval' may be used uninitialized in this function - [ppc64el] pseries/mobility: use cond_resched when updating device tree - [armhf,arm64] pinctrl: tegra: Fix write barrier placement in pmx_writel - [ppc64el] eeh: Clear stale EEH_DEV_NO_HANDLER flag - vfio_pci: Restore original state on release - drm/nouveau/volt: Fix for some cards having 0 maximum voltage - [x86] pinctrl: amd: disable spurious-firing GPIO IRQs - drm/amd/display: support spdif - drm/amdgpu/si: fix ASIC tests - [ppc64el] exception: machine check use correct cfar for late handler - pstore: fs superblock limits - [ppc64el] pseries: correctly track irq state in default idle - [arm64] pinctrl: meson-gxbb: Fix wrong pinning definition for uart_c - [ppc64el] dump kernel log before carrying out fadump or kdump - [arm64] mbox: qcom: add APCS child device for QCS404 - scsi: core: Reduce memory required for SCSI logging - dma-buf/sw_sync: Synchronize signal vs syncpt free - ext4: fix potential use after free after remounting with noblock_validity - [mips*] tlbex: Explicitly cast _PAGE_NO_EXEC to a boolean - [x86] i2c-cht-wc: Fix lockdep warning - [x86] mfd: intel-lpss: Remove D3cold delay - HID: wacom: Fix several minor compiler warnings - [armel,armhf] 8898/1: mm: Don't treat faults reported from cache maintenance as writes - [armhf] rtc: snvs: fix possible race condition - HID: apple: Fix stuck function keys when using FN - [arm64] PCI: rockchip: Propagate errors for optional regulators - [armhf] PCI: imx6: Propagate errors for optional regulators - [armel,armhf] 8903/1: ensure that usable memory in bank 0 starts from a PMD-aligned address - fat: work around race with userspace's read via blockdev while mounting - pktcdvd: remove warning on attempting to register non-passthrough dev - [s390x] hypfs: Fix error number left in struct pointer member - ocfs2: wait for recovering done after direct unlock request - [arm64] consider stack randomization for mmap base only when necessary - [mips*] properly account for stack randomization and stack guard gap - [armel,armhf] properly account for stack randomization and stack guard gap - [armel,armhf] use STACK_TOP when computing mmap base address - block: mq-deadline: Fix queue restart handling - bpf: fix use after free in prog symbol exposure - cxgb4:Fix out-of-bounds MSI-X info array access - erspan: remove the incorrect mtu limit for erspan - hso: fix NULL-deref on tty open - ipv6: drop incoming packets having a v4mapped source address - ipv6: Handle missing host route in __ipv6_ifa_notify - net: ipv4: avoid mixed n_redirects and rate_tokens usage - net: qlogic: Fix memory leak in ql_alloc_large_buffers - net: Unpublish sk from sk_reuseport_cb before call_rcu - nfc: fix memory leak in llcp_sock_bind() - qmi_wwan: add support for Cinterion CLS8 devices - rxrpc: Fix rxrpc_recvmsg tracepoint - sch_dsmark: fix potential NULL deref in dsmark_init() - udp: fix gso_segs calculations - vsock: Fix a lockdep warning in __vsock_release() - udp: only do GSO if # of segs > 1 - net/rds: Fix error handling in rds_ib_add_one() - xen-netfront: do not use ~0U as error return value for xennet_fill_frags() - tipc: fix unlimited bundling of small messages - sch_cbq: validate TCA_CBQ_WRROPT to avoid crash - NFC: fix attrs checks in netlink interface - kexec: bail out upon SIGKILL when allocating memory. - 9p/cache.c: Fix memory leak in v9fs_cache_session_get_cookie https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.79 - [s390x] process: avoid potential reading of freed stack - [s390x] KVM: Test for bad access register and size at the start of S390_MEM_OP - [s390x] topology: avoid firing events before kobjs are created - [s390x] cio: exclude subchannels with no parent from pseudo check - [ppc64el] KVM: Book3S HV: Fix race in re-enabling XIVE escalation interrupts - [ppc64el] KVM: Book3S HV: Check for MMU ready on piggybacked virtual cores - [ppc64el] KVM: Book3S HV: Don't lose pending doorbell request on migration on P9 - [x86] KVM: Fix userspace set invalid CR4 - [x86] KVM: nVMX: handle page fault in vmread fix - nbd: fix max number of supported devs - PM / devfreq: tegra: Fix kHz to Hz conversion - ASoC: Define a set of DAPM pre/post-up events - [armhf] ASoC: sgtl5000: Improve VAG power and mute control - [ppc64el] mce: Fix MCE handling for huge pages - [ppc64el] mce: Schedule work from irq_work - [ppc64el] powernv: Restrict OPAL symbol map to only be readable by root - [ppc64el] powernv/ioda: Fix race in TCE level allocation - [ppc64el] book3s64/mm: Don't do tlbie fixup for some hardware revisions - tools lib traceevent: Fix "robust" test of do_generate_dynamic_list_file - [x86] crypto: qat - Silence smp_processor_id() warning - crypto: skcipher - Unmap pages after an external error - [mips*el/loongson-3] Treat Loongson Extensions as ASEs - power: supply: sbs-battery: use correct flags field - power: supply: sbs-battery: only return health when battery present - tracing: Make sure variable reference alias has correct var_ref_idx - usercopy: Avoid HIGHMEM pfn warning - timer: Read jiffies once when forwarding base clk - [x86] PCI: vmd: Fix shadow offsets to reflect spec changes - PCI: Restore Resizable BAR size bits correctly for 1MB BARs - [armhf] watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout - perf stat: Fix a segmentation fault when using repeat forever - [armhf] drm/omap: fix max fclk divider for omap36xx - [arm64] drm/msm/dsi: Fix return value check for clk_get_parent - drm/nouveau/kms/nv50-: Don't create MSTMs for eDP connectors - [x86] drm/i915/gvt: update vgpu workload head pointer correctly - mmc: sdhci: improve ADMA error reporting - Revert "locking/pvqspinlock: Don't wait if vCPU is preempted" - xen/xenbus: fix self-deadlock after killing user process - ieee802154: atusb: fix use-after-free at disconnect - [s390x] cio: avoid calling strlen on null pointer - cfg80211: initialize on-stack chandefs - [arm64] cpufeature: Detect SSBS and advertise to userspace - ima: always return negative code for error - ima: fix freeing ongoing ahash_request - fs: nfs: Fix possible null-pointer dereferences in encode_attrs() - 9p: Transport error uninitialized - 9p: avoid attaching writeback_fid on mmap with type PRIVATE - xen/pci: reserve MCFG areas earlier - ceph: fix directories inode i_blkbits initialization - ceph: reconnect connection if session hang in opening state - watchdog: aspeed: Add support for AST2600 - netfilter: nf_tables: allow lookups in dynamic sets - drm/amdgpu: Fix KFD-related kernel oops on Hawaii - drm/amdgpu: Check for valid number of registers to read - pNFS: Ensure we do clear the return-on-close layout stateid on fatal errors - [x86] purgatory: Disable the stackleak GCC plugin for the purgatory - ntb: point to right memory window index - thermal: Fix use-after-free when unregistering thermal zone device - thermal_hwmon: Sanitize thermal_zone type - libnvdimm/region: Initialize bad block for volatile namespaces - fuse: fix memleak in cuse_channel_open - libnvdimm/nfit_test: Fix acpi_handle redefinition - sched/membarrier: Call sync_core only before usermode for same mm - sched/membarrier: Fix private expedited registration check - sched/core: Fix migration to invalid CPU in __set_cpus_allowed_ptr() - kernel/elfcore.c: include proper prototypes - nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs - drm/radeon: Bail earlier when radeon.cik_/si_support=0 is passed - [ppc64el] KVM: HV: XIVE: Free escalation interrupts before disabling the VP - [x86] KVM: nVMX: Fix consistency check on injected exception error code - nbd: fix crash when the blksize is zero - [ppc64el] pseries: Fix cpu_hotplug_lock acquisition in resize_hpt() - [ppc64el] radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag - tools lib traceevent: Do not free tep->cmdlines in add_new_comm() on failure - tick: broadcast-hrtimer: Fix a race in bc_set_next - perf tools: Fix segfault in cpu_cache_level__read() - perf stat: Reset previous counts on repeat with interval - [arm64] ssbd: Add support for PSTATE.SSBS rather than trapping to EL3 - [arm64] KVM: Set SCTLR_EL2.DSSBS if SSBD is forcefully disabled and !vhe - [arm64] docs: Document SSBS HWCAP - [arm64] fix SSBS sanitization - [arm64] Add sysfs vulnerability show for spectre-v1 - [arm64] add sysfs vulnerability show for meltdown - [arm64] enable generic CPU vulnerabilites support - [arm64] Always enable ssb vulnerability detection - [arm64] Provide a command line to disable spectre_v2 mitigation - [arm64] Advertise mitigation of Spectre-v2, or lack thereof - [arm64] Always enable spectre-v2 vulnerability detection - [arm64] add sysfs vulnerability show for spectre-v2 - [arm64] add sysfs vulnerability show for speculative store bypass - [arm64] ssbs: Don't treat CPUs with SSBS as unaffected by SSB - [arm64] Force SSBS on context switch - [arm64] Use firmware to detect CPUs that are not affected by Spectre-v2 - [arm64] speculation: Support 'mitigations=' cmdline option - vfs: Fix EOVERFLOW testing in put_compat_statfs64 - cfg80211: add and use strongly typed element iteration macros - cfg80211: Use const more consistently in for_each_element macros - nl80211: validate beacon head (CVE-2019-16746) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.80 - panic: ensure preemption is disabled during panic() - f2fs: use EINVAL for superblock with invalid magic - USB: rio500: Remove Rio 500 kernel driver - USB: yurex: Don't retry on unexpected errors - USB: yurex: fix NULL-derefs on disconnect - USB: usb-skeleton: fix runtime PM after driver unbind - USB: usb-skeleton: fix NULL-deref on disconnect - xhci: Fix false warning message about wrong bounce buffer write length - xhci: Prevent device initiated U1/U2 link pm if exit latency is too long - xhci: Check all endpoints for LPM timeout - xhci: Fix USB 3.1 capability detection on early xHCI 1.1 spec based hosts - usb: xhci: wait for CNR controller not ready bit in xhci resume - xhci: Prevent deadlock when xhci adapter breaks during init - xhci: Increase STS_SAVE timeout in xhci_suspend() - USB: adutux: fix use-after-free on disconnect - USB: adutux: fix NULL-derefs on disconnect - USB: adutux: fix use-after-free on release - USB: iowarrior: fix use-after-free on disconnect - USB: iowarrior: fix use-after-free on release - USB: iowarrior: fix use-after-free after driver unbind - USB: usblp: fix runtime PM after driver unbind - USB: chaoskey: fix use-after-free on release - USB: ldusb: fix NULL-derefs on driver unbind - serial: uartlite: fix exit path null pointer - USB: serial: keyspan: fix NULL-derefs on open() and write() - USB: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20 - USB: serial: option: add Telit FN980 compositions - USB: serial: option: add support for Cinterion CLS8 devices - USB: serial: fix runtime PM after driver unbind - USB: usblcd: fix I/O after disconnect - USB: microtek: fix info-leak at probe - USB: dummy-hcd: fix power budget for SuperSpeed mode - USB: legousbtower: fix slab info leak at probe - USB: legousbtower: fix deadlock on disconnect - USB: legousbtower: fix potential NULL-deref on disconnect - USB: legousbtower: fix open after failed reset request - USB: legousbtower: fix use-after-free on release - [x86] mei: me: add comet point (lake) LP device ids - [x86] mei: avoid FW version request on Ibex Peak and earlier - [armhf,arm64] iio: adc: axp288: Override TS pin bias current for some models - efivar/ssdt: Don't iterate over EFI vars if no SSDT override was specified - perf llvm: Don't access out-of-scope array - perf inject jit: Fix JIT_CODE_MOVE filename - blk-wbt: fix performance regression in wbt scale_up/scale_down - CIFS: Gracefully handle QueryInfo errors during open - CIFS: Force revalidate inode when dentry is stale - CIFS: Force reval dentry if LOOKUP_REVAL flag is set - kernel/sysctl.c: do not override max_threads provided by userspace - mm/vmpressure.c: fix a signedness bug in vmpressure_register_event() - gpiolib: don't clear FLAG_IS_OUT when emulating open-drain/open-source - cifs: use cifsInodeInfo->open_file_lock while iterating to avoid a panic - btrfs: fix incorrect updating of log root tree - btrfs: fix uninitialized ret in ref-verify - NFS: Fix O_DIRECT accounting of number of bytes read/written - [mips*] elf_hwcap: Export userspace ASEs - ACPICA: ACPI 6.3: PPTT add additional fields in Processor Structure Flags - ACPI/PPTT: Add support for ACPI 6.3 thread flag - [arm64] topology: Use PPTT to determine if PE is a thread - vfs: Fix the locking in dcache_readdir() and friends - media: stkwebcam: fix runtime PM after driver unbind - [arm64] sve: Fix wrong free for task->thread.sve_state - [rt] tracing/hwlat: Report total time spent in all NMIs during the sample - [rt] tracing/hwlat: Don't ignore outer-loop duration when calculating max_latency - ftrace: Get a reference counter for the trace_array on filter files - tracing: Get trace_array reference for available_tracers files - hwmon: Fix HWMON_P_MIN_ALARM mask - [x86] asm: Fix MWAITX C-state hint value - [x86] PCI: vmd: Fix config addressing when using bus offsets - perf/hw_breakpoint: Fix arch_hw_breakpoint use-before-initialization https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.81 - nvme-pci: Fix a race in controller removal - scsi: ufs: skip shutdown if hba is not powered - scsi: megaraid: disable device when probe failed after enabled device - scsi: qla2xxx: Fix unbound sleep in fcport delete path. - [armhf] OMAP2+: Fix missing reset done flag for am3 and am43 - [armhf] OMAP2+: Fix warnings with broken omap2_set_init_voltage() - xen/efi: Set nonblocking callbacks - nl80211: fix null pointer dereference - mac80211: fix txq null pointer dereference - netfilter: nft_connlimit: disable bh on garbage collection - [mips*el/loongson-3] Fix the link time qualifier of 'serial_exit()' - [arm64] net: hisilicon: Fix usage of uninitialized variable in function mdio_sc_cfg_reg_write() - lib: textsearch: fix escapes in example code - r8152: Set macpassthru in reset_resume callback - libata/ahci: Fix PCS quirk application - md/raid0: fix warning message for parameter default_layout - ocfs2: fix panic due to ocfs2_wq is null - ipv4: fix race condition between route lookup and invalidation - net: avoid potential infinite loop in tc_ctl_action() - net: ipv6: fix listify ip6_rcv_finish in case of forwarding - [armhf,arm64] net: stmmac: disable/enable ptp_ref_clk in suspend/resume flow - sctp: change sctp_prot .no_autobind with true - memfd: Fix locking when tagging pins - USB: legousbtower: fix memleak on disconnect - ALSA: hda/realtek - Add support for ALC711 - [x86] ALSA: hda/realtek - Enable headset mic on Asus MJ401TA - ALSA: usb-audio: Disable quirks for BOSS Katana amplifiers - ALSA: hda - Force runtime PM on Nvidia HDMI codecs - USB: serial: ti_usb_3410_5052: fix port-close races - USB: ldusb: fix memleak on disconnect - USB: usblp: fix use-after-free on disconnect - USB: ldusb: fix read info leaks - [mips*] tlbex: Fix build_restore_pagemask KScratch restore - staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS - [s390x] scsi: zfcp: fix reaction on bit error threshold notification - scsi: sd: Ignore a failure to sync cache due to lack of authorization - scsi: core: save/restore command resid for error handling - scsi: core: try to get module before removing device - scsi: ch: Make it possible to open a ch device multiple times again - Input: synaptics-rmi4 - avoid processing unknown IRQs - ACPI: CPPC: Set pcc_data[pcc_ss_id] to NULL in acpi_cppc_processor_exit() - cfg80211: wext: avoid copying malformed SSIDs (CVE-2019-17133) - mac80211: Reject malformed SSID elements - [x86] drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50 - drm/ttm: Restore ttm prefaulting - drm/amdgpu: Bail earlier when amdgpu.cik_/si_support is not set to 1 - drivers/base/memory.c: don't access uninitialized memmaps in soft_offline_page_store() - fs/proc/page.c: don't access uninitialized memmaps in fs/proc/page.c - mm/memory-failure.c: don't access uninitialized memmaps in memory_failure() - mm/slub: fix a deadlock in show_slab_objects() - mm/page_owner: don't access uninitialized memmaps when reading /proc/pagetypeinfo - hugetlbfs: don't access uninitialized memmaps in pfn_range_valid_gigantic() - mm/memory-failure: poison read receives SIGKILL instead of SIGBUS if mmaped more than once - EDAC/ghes: Fix Use after free in ghes_edac remove path - [arm64] Enable workaround for Cavium TX2 erratum 219 when running SMT - CIFS: avoid using MID 0xFFFF - CIFS: Fix use after free of file info structures - perf/aux: Fix AUX output stopping - tracing: Fix race in perf_trace_buf initialization - dm cache: fix bugs when a GFP_NOWAIT allocation fails - [amd64] boot: Make level2_kernel_pgt pages invalid outside kernel area - [x86] apic/x2apic: Fix a NULL pointer deref when handling a dying cpu - [x86] pinctrl: cherryview: restore Strago DMI workaround for all versions - [arm64] pinctrl: armada-37xx: fix control of pins 32 and up - [arm64] pinctrl: armada-37xx: swap polarity on LED group - btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group() - Btrfs: add missing extents release on file extent cluster relocation error - Btrfs: check for the full sync flag while holding the inode lock during fsync - btrfs: tracepoints: Fix bad entry members of qgroup events - memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()' - cpufreq: Avoid cpufreq_suspend() deadlock on system shutdown - xen/netback: fix error path of xenvif_connect_data() - PCI: PM: Fix pci_power_up() - blk-rq-qos: fix first node deletion of rq_qos_del() - RDMA/cxgb4: Do not dma memory off of the stack (CVE-2019-17075) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.82 - zram: fix race between backing_dev_show and backing_dev_store - dm snapshot: introduce account_start_copy() and account_end_copy() - dm snapshot: rework COW throttling to fix deadlock - Btrfs: fix inode cache block reserve leak on failure to allocate data space - Btrfs: fix memory leak due to concurrent append writes with fiemap - btrfs: qgroup: Always free PREALLOC META reserve in btrfs_delalloc_release_extents() - btrfs: tracepoints: Fix wrong parameter order for qgroup events - wil6210: fix freeing of rx buffers in EDMA mode - f2fs: flush quota blocks after turnning it off - scsi: lpfc: Fix a duplicate 0711 log message number. - f2fs: fix to recover inode's i_gc_failures during POR - f2fs: fix to recover inode->i_flags of inode block during POR - [x86] HID: i2c-hid: add Direkt-Tek DTLAPY133-1 to descriptor override - [arm64,armel,armhf] usb: dwc2: fix unbalanced use of external vbus-supply - [x86] tools/power turbostat: fix goldmont C-state limit decoding - [x86] cpu: Add Atom Tremont (Jacobsville) - [arm64] drm/msm/dpu: handle failures while initializing displays - bcache: fix input overflow to writeback_rate_minimum - PCI: Fix Switchtec DMA aliasing quirk dmesg noise - Btrfs: fix deadlock on tree root leaf when finding free extent - netfilter: ipset: Make invalid MAC address checks consistent - HID: i2c-hid: Disable runtime PM for LG touchscreen - HID: i2c-hid: Ignore input report if there's no data present on Elan touchpanels - HID: i2c-hid: Add Odys Winbook 13 to descriptor override - [x86] platform/x86: Add the VLV ISP PCI ID to atomisp2_pm - [x86] platform/x86: Fix config space access for intel_atomisp2_pm - ath10k: assign 'n_cipher_suites = 11' for WCN3990 to enable WPA3 - HID: Add ASUS T100CHI keyboard dock battery quirks - NFSv4: Ensure that the state manager exits the loop on SIGKILL - HID: steam: fix boot loop with bluetooth firmware - HID: steam: fix deadlock with input devices. - [arm64,armhf] usb: dwc3: gadget: early giveback if End Transfer already completed - [arm64,armhf] usb: dwc3: gadget: clear DWC3_EP_TRANSFER_STARTED on cmd complete - ALSA: usb-audio: Cleanup DSD whitelist - usb: handle warm-reset port requests on hub resume - [armhf] rtc: pcf8523: set xtal load capacitance from DT - [arm64] Add MIDR encoding for HiSilicon Taishan CPUs - [arm64] kpti: Whitelist HiSilicon Taishan v110 CPUs - scsi: lpfc: Correct localport timeout duration error - CIFS: Respect SMB2 hdr preamble size in read responses - cifs: add credits from unmatched responses/messages - ALSA: hda/realtek - Apply ALC294 hp init also for S4 resume - ext4: disallow files with EXT4_JOURNAL_DATA_FL from EXT4_IOC_SWAP_BOOT - exec: load_script: Do not exec truncated interpreter path - [arm64,armhf] net: dsa: mv88e6xxx: Release lock while requesting IRQ - PCI/PME: Fix possible use-after-free on remove - [arm64,armhf] iio: adc: meson_saradc: Fix memory allocation order - [x86] iio: fix center temperature of bmc150-accel-core - perf map: Fix overlapped map handling - perf script brstackinsn: Fix recovery from LBR/binary mismatch - perf jevents: Fix period for Intel fixed counters - perf tools: Propagate get_cpuid() error - perf annotate: Propagate perf_env__arch() error - perf annotate: Fix the signedness of failure returns - perf annotate: Propagate the symbol__annotate() error return - perf annotate: Return appropriate error code for allocation failures - staging: rtl8188eu: fix null dereference when kzalloc fails - RDMA/hfi1: Prevent memory leak in sdma_init (CVE-2019-19065) - RDMA/iwcm: Fix a lock inversion issue - [x86] HID: hyperv: Use in-place iterator API in the channel callback - nfs: Fix nfsi->nrequests count error on nfs_inode_remove_request - [arm64] ftrace: Ensure synchronisation in PLT setup for Neoverse-N1 - [arm64] gpio: max77620: Use correct unit for debounce times - fs: cifs: mute -Wunused-const-variable message - [armhf] serial: mctrl_gpio: Check for NULL pointer - efi/cper: Fix endianness of PCIe class code - [x86] efi/x86: Do not clean dummy variable in kexec path - [x86] xen: Return from panic notifier - ocfs2: clear zero in unaligned direct IO - fs: ocfs2: fix possible null-pointer dereferences in ocfs2_xa_prepare_entry() - fs: ocfs2: fix a possible null-pointer dereference in ocfs2_write_end_nolock() - fs: ocfs2: fix a possible null-pointer dereference in ocfs2_info_scan_inode_alloc() - [arm64] armv8_deprecated: Checking return value for memory allocation - [x86] cpu: Add Comet Lake to the Intel CPU models header - sched/vtime: Fix guest/system mis-accounting on task switch - [x86] perf/x86/amd: Change/fix NMI latency mitigation to use a timestamp - drm/amdgpu: fix memory leak - iio: imu: adis16400: release allocated memory on failure (CVE-2019-19060) - [x86] virt: vbox: fix memory leak in hgcm_call_preprocess_linaddr (CVE-2019-19048) - NFSv4: Fix leak of clp->cl_acceptor string - tracing: Initialize iter->seq after zeroing in tracing_read_pipe() - ALSA: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360 - iwlwifi: exclude GEO SAR support for 3168 - nbd: verify socket is supported during setup - USB: legousbtower: fix a signedness bug in tower_probe() - [x86] thunderbolt: Use 32-bit writes when writing ring producer/consumer - ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe() (CVE-2019-15098) - fuse: flush dirty data/metadata before non-truncate setattr - fuse: truncate pending writes on O_TRUNC - ALSA: bebob: Fix prototype of helper function to return negative value - ALSA: hda/realtek - Fix 2 front mics of codec 0x623 - ALSA: hda/realtek - Add support for ALC623 - UAS: Revert commit 3ae62a42090f ("UAS: fix alignment of scatter/gather segments") - USB: gadget: Reject endpoints with 0 maxpacket value - usb-storage: Revert commit 747668dbc061 ("usb-storage: Set virt_boundary_mask to avoid SG overflows") - USB: ldusb: fix ring-buffer locking - USB: ldusb: fix control-message timeout - usb: xhci: fix __le32/__le64 accessors in debugfs code - USB: serial: whiteheat: fix potential slab corruption - USB: serial: whiteheat: fix line-speed endianness - scsi: target: cxgbit: Fix cxgbit_fw4_ack() - HID: i2c-hid: add Trekstor Primebook C11B to descriptor override - HID: Fix assumption that devices have inputs - HID: fix error message in hid_open_report() - nl80211: fix validation of mesh path nexthop - [s390x] cmm: fix information leak in cmm_timeout_handler() - [s390x] idle: fix cpu idle time calculation - [arm64] Ensure VM_WRITE|VM_SHARED ptes are clean by default - rtlwifi: Fix potential overflow on P2P code (CVE-2019-17666) - [arm64] dmaengine: qcom: bam_dma: Fix resource leak - [armhf] dmaengine: cppi41: Fix cppi41_dma_prep_slave_sg() when idle - NFS: Fix an RCU lock leak in nfs4_refresh_delegation_stateid() - batman-adv: Avoid free/alloc race when handling OGM buffer - llc: fix sk_buff leak in llc_sap_state_process() - llc: fix sk_buff leak in llc_conn_service() - rxrpc: Fix call ref leak - rxrpc: rxrpc_peer needs to hold a ref on the rxrpc_local record - rxrpc: Fix trace-after-put looking at the put peer record - NFC: pn533: fix use-after-free and memleaks - bonding: fix potential NULL deref in bond_update_slave_arr - net: usb: sr9800: fix uninitialized local variable - sch_netem: fix rcu splat in netem_enqueue() - ALSA: timer: Simplify error path in snd_timer_open() - ALSA: timer: Fix mutex deadlock at releasing card - ALSA: usb-audio: DSD auto-detection for Playback Designs - ALSA: usb-audio: Update DSD support quirks for Oppo and Rotel - ALSA: usb-audio: Add DSD support for Gustard U16/X26 USB Interface - [ppc64el] powerpc/powernv: Fix CPU idle to be called with IRQs disabled - Revert "ALSA: hda: Flush interrupts on disabling" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.83 - regulator: of: fix suspend-min/max-voltage parsing - [arm64] dts: allwinner: a64: pine64-plus: Add PHY regulator delay - [arm64] arm64: dts: allwinner: a64: sopine-baseboard: Add PHY regulator delay - [armhf] regulator: ti-abb: Fix timeout in ti_abb_wait_txdone/ti_abb_clear_all_txdone - [x86] ASoC: rt5682: add NULL handler to set_jack function - [armhf] regulator: pfuze100-regulator: Variable "val" in pfuze100_regulator_probe() could be uninitialized - [arm64,armhf] ASoc: rockchip: i2s: Fix RPM imbalance - [armel,armhf] mm: fix alignment handler faults under memory pressure - scsi: qla2xxx: fix a potential NULL pointer dereference - scsi: scsi_dh_alua: handle RTPG sense code correctly during state transitions - drm/amdgpu: fix potential VM faults - scsi: target: core: Do not overwrite CDB byte 1 - tracing: Fix "gfp_t" format for synthetic events - of: unittest: fix memory leak in unittest_data_add (CVE-2019-19049) - [arm64,armhf] irqchip/gic-v3-its: Use the exact ITSList for VMOVP - cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs - nbd: protect cmd->status with cmd->lock - nbd: handle racing with error'ed out commands - cxgb4: fix panic when attaching to ULD fail - dccp: do not leak jiffies on the wire - erspan: fix the tun_info options_len check for erspan - inet: stop leaking jiffies on the wire - net: annotate accesses to sk->sk_incoming_cpu - net: annotate lockless accesses to sk->sk_napi_id - [armhf] net: dsa: bcm_sf2: Fix IMP setup for port different than 8 - net: fix sk_page_frag() recursion from memory reclaim - [arm64] net: hisilicon: Fix ping latency when deal with high throughput - net/mlx4_core: Dynamically set guaranteed amount of counters per VF - netns: fix GFP flags in rtnl_net_notifyid() - net: usb: lan78xx: Disable interrupts before calling generic_handle_irq() - net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol() - udp: fix data-race in udp_set_dev_scratch() - vxlan: check tun_info options_len properly - net: add skb_queue_empty_lockless() - udp: use skb_queue_empty_lockless() - net: use skb_queue_empty_lockless() in poll() handlers - net: use skb_queue_empty_lockless() in busy poll contexts - net: add READ_ONCE() annotation in __skb_wait_for_more_packets() - ipv4: fix route update on metric change. - net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget - r8169: fix wrong PHY ID issue with RTL8168dp - net/mlx5e: Fix ethtool self test: link speed - [armhf] net: dsa: b53: Do not clear existing mirrored port mask - [armhf] net: phy: bcm7xxx: define soft_reset for 40nm EPHY - net: usb: lan78xx: Connect PHY before registering MAC - [arm64,armhf] net: dsa: fix switch tree list - r8152: add device id for Lenovo ThinkPad USB-C Dock Gen 2 - net/flow_dissector: switch to siphash - wireless: Skip directory when generating certificates - [x86] platform/x86: pmc_atom: Add Siemens SIMATIC IPC227E to critclk_systems DMI table - [ppc64el] powerpc/mm: Fixup tlbie vs mtpidr/mtlpidr ordering issue on POWER9 - usb: gadget: udc: core: Fix segfault if udc_bind_to_driver() for pending driver fails https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.84 - bonding: fix state transition issue in link monitoring - CDC-NCM: handle incomplete transfer of MTU - ipv4: Fix table id reference in fib_sync_down_addr - [mips*] net: ethernet: octeon_mgmt: Account for second possible VLAN header - net: fix data-race in neigh_event_send() - net: usb: qmi_wwan: add support for DW5821e with eSIM support - nfc: netlink: fix double device reference drop - qede: fix NULL pointer deref in __qede_remove() - ipv6: fixes rt6_probe() and fib6_nh->last_probe init - [arm64] net: hns: Fix the stray netpoll locks causing deadlock in NAPI path - ALSA: timer: Fix incorrectly assigned timer instance - ALSA: bebob: fix to detect configured source of sampling clock for Focusrite Saffire Pro i/o series - ALSA: hda/ca0132 - Fix possible workqueue stall - mm: memcontrol: fix network errors from failing __GFP_ATOMIC charges - mm, meminit: recalculate pcpu batch and high limits after init completes - mm: thp: handle page cache THP correctly in PageTransCompoundMap - mm, vmstat: hide /proc/pagetypeinfo from normal users - dump_stack: avoid the livelock of the dump_lock - perf tools: Fix time sorting - drm/radeon: fix si_enable_smc_cac() failed issue - HID: wacom: generic: Treat serial number and related fields as unsigned - [arm64] Do not mask out PTE_RDONLY in pte_same() - ceph: fix use-after-free in __ceph_remove_cap() - ceph: add missing check in d_revalidate snapdir handling - [armhf] sunxi: Fix CPU powerdown on A83T - netfilter: nf_tables: Align nft_expr private data to 64-bit - netfilter: ipset: Fix an error code in ip_set_sockfn_get() - [x86] intel_th: pci: Add Comet Lake PCH support - [x86] intel_th: pci: Add Jasper Lake PCH support - [x86] apic/32: Avoid bogus LDR warnings - SMB3: Fix persistent handles reconnect - can: usb_8dev: fix use-after-free on disconnect - [armhf] can: flexcan: disable completely the ECC mechanism - can: peak_usb: fix a potential out-of-sync while decoding packets - can: rx-offload: can_rx_offload_queue_sorted(): fix error handling, avoid skb mem leak - can: gs_usb: gs_can_open(): prevent memory leak (CVE-2019-19052) - can: dev: add missing of_node_put() after calling of_get_child_by_name() - can: mcba_usb: fix use-after-free on disconnect - can: peak_usb: fix slab info leak - configfs: stash the data we need into configfs_buffer at open time - configfs_register_group() shouldn't be (and isn't) called in rmdirable parts - configfs: new object reprsenting tree fragments - configfs: provide exclusion between IO and removals - configfs: fix a deadlock in configfs_symlink() - ALSA: usb-audio: More validations of descriptor units - ALSA: usb-audio: Simplify parse_audio_unit() - ALSA: usb-audio: Unify the release of usb_mixer_elem_info objects - ALSA: usb-audio: Remove superfluous bLength checks - ALSA: usb-audio: Clean up check_input_term() - ALSA: usb-audio: Fix possible NULL dereference at create_yamaha_midi_quirk() - ALSA: usb-audio: remove some dead code - ALSA: usb-audio: Fix copy&paste error in the validator - sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices - sched/fair: Fix -Wunused-but-set-variable warnings - usbip: Fix vhci_urb_enqueue() URB null transfer buffer error path - usbip: Implement SG support to vhci-hcd and stub driver - [arm64,armhf] PCI: tegra: Enable Relaxed Ordering only for Tegra20 & Tegra30 - [amd64] HID: intel-ish-hid: fix wrong error handling in ishtp_cl_alloc_tx_ring() - RDMA/mlx5: Clear old rate limit when closing QP - iw_cxgb4: fix ECN check on the passive accept - RDMA/qedr: Fix reported firmware version - net/mlx5e: TX, Fix consumer index of error cqe dump - net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq (CVE-2019-19045) - scsi: qla2xxx: fixup incorrect usage of host_byte - RDMA/uverbs: Prevent potential underflow - net: openvswitch: free vport unless register_netdevice() succeeds - scsi: lpfc: Honor module parameter lpfc_use_adisc - scsi: qla2xxx: Initialized mailbox to prevent driver load failure - netfilter: nf_flow_table: set timeout before insertion into hashes - ipvs: don't ignore errors in case refcounting ip_vs module fails - ipvs: move old_secure_tcp into struct netns_ipvs - bonding: fix unexpected IFF_BONDING bit unset - macsec: fix refcnt leak in module exit routine - usb: gadget: composite: Fix possible double free memory bug - [arm64] usb: dwc3: pci: prevent memory leak in dwc3_pci_probe (CVE-2019-18813) - usb: gadget: configfs: fix concurrent issue between composite APIs - [arm64,armhf] usb: dwc3: remove the call trace of USBx_GFLADJ - [x86] perf/x86/amd/ibs: Fix reading of the IBS OpData register and thus precise RIP validity - [x86] perf/x86/amd/ibs: Handle erratum #420 only on the affected CPU family (10h) - [x86] perf/x86/uncore: Fix event group support - USB: Skip endpoints with 0 maxpacket length - USB: ldusb: use unsigned size format specifiers - usbip: tools: Fix read_usb_vudc_device() error path handling - RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case - [arm64] RDMA/hns: Prevent memory leaks of eq->buf_list - scsi: qla2xxx: stop timer in shutdown path - nvme-multipath: fix possible io hang after ctrl reconnect - [amd64] fjes: Handle workqueue allocation failure - [arm64] net: hisilicon: Fix "Trying to free already-free IRQ" - drm/amdgpu: If amdgpu_ib_schedule fails return back the error. - [x86] hv_netvsc: Fix error handling in netvsc_attach() - [arm64,armhf] usb: dwc3: gadget: fix race when disabling ep with cancelled xfers - NFSv4: Don't allow a cached open with a revoked delegation - igb: Fix constant media auto sense switching when no cable is connected - e1000: fix memory leaks - [x86] pinctrl: intel: Avoid potential glitches if pin is in GPIO mode - ocfs2: protect extent tree in ocfs2_prepare_inode_for_write() - [x86] pinctrl: cherryview: Fix irq_valid_mask calculation - blkcg: make blkcg_print_stat() print stats only for online blkgs - [x86] iio: imu: mpu6050: Add support for the ICM 20602 IMU - [x86] iio: imu: inv_mpu6050: fix no data on MPU6050 - mm/filemap.c: don't initiate writeback if mapping has no dirty pages - cgroup,writeback: don't switch wbs immediately on dead wbs if the memcg is dead - usbip: Fix free of unallocated memory in vhci tx - netfilter: ipset: Copy the right MAC address in hash:ip,mac IPv6 sets - net: prevent load/store tearing on sk->sk_stamp - [x86] iio: imu: mpu6050: Fix FIFO layout for ICM20602 - vsock/virtio: fix sock refcnt holding during the shutdown - x86/cpu: Add Tremont to the cpu vulnerability whitelist https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.85 - scsi: core: Handle drivers which set sg_tablesize to zero - ax88172a: fix information leak on short answers - ipmr: Fix skb headroom in ipmr_get_route(). - net: gemini: add missed free_netdev - net: usb: qmi_wwan: add support for Foxconn T77W968 LTE modules - slip: Fix memory leak in slip_open error path - ALSA: usb-audio: Fix missing error check at mixer resolution test - ALSA: usb-audio: not submit urb for stopped endpoint - ALSA: usb-audio: Fix incorrect NULL check in create_yamaha_midi_quirk() - ALSA: usb-audio: Fix incorrect size check for processing/extension units - Btrfs: fix log context list corruption after rename exchange operation - Input: ff-memless - kill timer in destroy() - Input: synaptics-rmi4 - fix video buffer size - Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver - Input: synaptics-rmi4 - do not consume more data than we have (F11, F12) - Input: synaptics-rmi4 - clear IRQ enables for F54 - Input: synaptics-rmi4 - destroy F54 poller workqueue when removing - IB/hfi1: Ensure full Gen3 speed in a Gen4 system - IB/hfi1: Use a common pad buffer for 9B and 16B packets - i2c: acpi: Force bus speed to 400KHz if a Silead touchscreen is present - ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable - ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either - [armhf] net: ethernet: dwmac-sun8i: Use the correct function in exit path - [x86] iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros - mm: mempolicy: fix the wrong return value and potential pages leak of mbind - mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm() - mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup() - iio: adc: max9611: explicitly cast gain_selectors - tee: optee: take DT status property into account - ath10k: fix kernel panic by moving pci flush after napi_disable - clk: sunxi-ng: h6: fix PWM gate/reset offset - soundwire: Initialize completion for defer messages - [x86] soundwire: intel: Fix uninitialized adev deref - [arm64] dts: allwinner: a64: Orange Pi Win: Fix SD card node - [arm64] dts: allwinner: a64: Olinuxino: fix DRAM voltage - [arm64] dts: allwinner: a64: NanoPi-A64: Fix DCDC1 voltage - ALSA: pcm: signedness bug in snd_pcm_plug_alloc() - [arm64] soc/tegra: pmc: Fix pad voltage configuration for Tegra186 - [arm64] dts: tegra210-p2180: Correct sdmmc4 vqmmc-supply - y2038: make do_gettimeofday() and get_seconds() inline - rtc: sysfs: fix NULL check in rtc_add_groups() - remoteproc/davinci: Use %zx for formating size_t - extcon: cht-wc: Return from default case to avoid warnings - cfg80211: Avoid regulatory restore when COUNTRY_IE_IGNORE is set - ALSA: seq: Do error checks at creating system ports - ath10k: skip resetting rx filter for WCN3990 - ath9k: fix tx99 with monitor mode interface - wil6210: drop Rx multicast packets that are looped-back to STA - wil6210: set edma variables only for Talyn-MB devices - wil6210: prevent usage of tx ring 0 for eDMA - wil6210: fix invalid memory access for rx_buff_mgmt debugfs - ath10k: limit available channels via DT ieee80211-freq-limit - ice: Update request resource command to latest specification - ice: Prevent control queue operations during reset - gfs2: Don't set GFS2_RDF_UPTODATE when the lvb is updated - ice: Fix and update driver version string - ASoC: dapm: Don't fail creating new DAPM control on NULL pinctrl - ASoC: dpcm: Properly initialise hw->rate_max - ASoC: meson: axg-fifo: report interrupt request failure - ASoC: AMD: Change MCLK to 48Mhz - pinctrl: ingenic: Probe driver at subsys_initcall - [armhf] dts: exynos: Use i2c-gpio for HDMI-DDC on Arndale - [armhf] dts: exynos: Fix HDMI-HPD line handling on Arndale - [armhf] dts: exynos: Fix sound in Snow-rev5 Chromebook - liquidio: fix race condition in instruction completion processing - [arm64] dts: stratix10: i2c clock running out of spec - [armhf] dts: exynos: Fix regulators configuration on Peach Pi/Pit Chromebooks - i40evf: Validate the number of queues a PF sends - i40e: use correct length for strncpy - i40evf: set IFF_UNICAST_FLT flag for the VF - i40e: Check and correct speed values for link on open - i40evf: Don't enable vlan stripping when rx offload is turned on - i40e: hold the rtnl lock on clearing interrupt scheme - i40evf: cancel workqueue sync for adminq when a VF is removed - i40e: Prevent deleting MAC address from VF when set by PF - IB/rxe: avoid back-to-back retries - IB/rxe: fixes for rdma read retry - iwlwifi: drop packets with bad status in CD - iwlwifi: don't WARN on trying to dump dead firmware - iwlwifi: mvm: avoid sending too many BARs - media: vicodec: fix out-of-range values when decoding - media: i2c: Fix pm_runtime_get_if_in_use() usage in sensor drivers - media: ov772x: Disable clk on error path - rtl8187: Fix warning generated when strncpy() destination length matches the sixe argument - mwifiex: do no submit URB in suspended state - mwifex: free rx_cmd skb in suspended state - brcmfmac: fix wrong strnchr usage - mt76: Fix comparisons with invalid hardware key index - soc: imx: gpc: fix PDN delay - ASoC: rsnd: ssi: Fix issue in dma data address assignment - net: hns3: Fix for multicast failure - net: hns3: Fix error of checking used vlan id - net: hns3: Fix for loopback selftest failed problem - net: hns3: Change the dst mac addr of loopback packet - net/mlx5: Fix atomic_mode enum values - net: phy: mscc: read 'vsc8531,vddmac' as an u32 - net: phy: mscc: read 'vsc8531, edge-slowdown' as an u32 - [armhf] dts: meson8: fix the clock controller register size - [armhf] dts: meson8b: fix the clock controller register size - mtd: rawnand: marvell: use regmap_update_bits() for syscon access - mtd: rawnand: fsl_ifc: check result of SRAM initialization - mtd: rawnand: fsl_ifc: fixup SRAM init for newer ctrl versions - mtd: rawnand: qcom: don't include dma-direct.h - IB/mlx5: Change TX affinity assignment in RoCE LAG mode - qxl: fix null-pointer crash during suspend - mac80211: fix saving a few HE values - cfg80211: validate wmm rule when setting - f2fs: avoid wrong decrypted data from disk - net: lan78xx: Bail out if lan78xx_get_endpoints fails - rtnetlink: move type calculation out of loop - ASoC: sgtl5000: avoid division by zero if lo_vag is zero - ath10k: avoid possible memory access violation - [armhf] dts: exynos: Disable pull control for S5M8767 PMIC - ath10k: wmi: disable softirq's while calling ieee80211_rx - i2c: mediatek: Use DMA safe buffers for i2c transactions - IB/mlx5: Don't hold spin lock while checking device state - IB/ipoib: Ensure that MTU isn't less than minimum permitted - RDMA/core: Rate limit MAD error messages - RDMA/core: Follow correct unregister order between sysfs and cgroup - udf: Fix crash during mount - ASoC: dapm: Avoid uninitialised variable warning - [x86] ASoC: Intel: hdac_hdmi: Limit sampling rates at dai creation - ata: Disable AHCI ALPM feature for Ampere Computing eMAG SATA - [powerpc] make PowerMac cache node search conditional on CONFIG_PPC_PMAC - [armhf] dts: omap3-gta04: give spi_lcd node a label so that we can overwrite in other DTS files - [armhf] dts: omap3-gta04: fixes for tvout / venc - [armhf] dts: omap3-gta04: tvout: enable as display1 alias - [armhf] dts: omap3-gta04: fix touchscreen tsc2007 - [armhf] dts: omap3-gta04: make NAND partitions compatible with recent U-Boot - [armhf] dts: omap3-gta04: keep vpll2 always on - f2fs: submit bio after shutdown - failover: Fix error return code in net_failover_create - sched/debug: Explicitly cast sched_feat() to bool - sched/debug: Use symbolic names for task state constants - firmware: arm_scmi: use strlcpy to ensure NULL-terminated strings - [arm64] dts: rockchip: Fix VCC5V0_HOST_EN on rk3399-sapphire - [armhf] dts: exynos: Disable pull control for PMIC IRQ line on Artik5 board - usb: mtu3: disable vbus rise/fall interrupts of ltssm - EDAC, sb_edac: Return early on ADDRV bit and address type test - [armhf] rtc: pl030: fix possible race condition - ath9k: add back support for using active monitor interfaces for tx99 - dmaengine: at_xdmac: remove a stray bottom half unlock - RDMA/hns: Fix an error code in hns_roce_v2_init_eq_table() - IB/hfi1: Missing return value in error path for user sdma - signal: Always ignore SIGKILL and SIGSTOP sent to the global init - signal: Properly deliver SIGILL from uprobes - signal: Properly deliver SIGSEGV from x86 uprobes - f2fs: fix memory leak of write_io in fill_super() - f2fs: fix memory leak of percpu counter in fill_super() - f2fs: fix setattr project check upon fssetxattr ioctl - scsi: qla2xxx: Use correct qpair for ABTS/CMD - scsi: qla2xxx: Fix iIDMA error - scsi: qla2xxx: Defer chip reset until target mode is enabled - scsi: qla2xxx: Terminate Plogi/PRLI if WWN is 0 - scsi: qla2xxx: Fix deadlock between ATIO and HW lock - scsi: qla2xxx: Increase abort timeout value - scsi: qla2xxx: Check for Register disconnect - scsi: qla2xxx: Fix port speed display on chip reset - scsi: qla2xxx: Fix dropped srb resource. - scsi: qla2xxx: Fix duplicate switch's Nport ID entries - scsi: lpfc: Fix GFT_ID and PRLI logic for RSCN - scsi: lpfc: Correct invalid EQ doorbell write on if_type=6 - scsi: lpfc: Fix errors in log messages. - scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir() - [armhf] imx6: register pm_power_off handler if "fsl,pmic-stby-poweroff" is set - scsi: pm80xx: Corrected dma_unmap_sg() parameter - scsi: pm80xx: Fixed system hang issue during kexec boot - kprobes: Don't call BUG_ON() if there is a kprobe in use on free list - net: aquantia: fix hw_atl_utils_fw_upload_dwords - Drivers: hv: vmbus: Fix synic per-cpu context initialization - nvmem: core: return error code instead of NULL from nvmem_device_get - media: dt-bindings: adv748x: Fix decimal unit addresses - [x86] ALSA: hda: Fix implicit definition of pci_iomap() on SH - media: fix: media: pci: meye: validate offset to avoid arbitrary access - media: dvb: fix compat ioctl translation - net: bcmgenet: Fix speed selection for reverse MII - [arm64] dts: meson: libretech: update board model - [arm64] dts: meson-axg: use the proper compatible for ethmac - [x86] ALSA: intel8x0m: Register irq handler after register initializations - [arm64] dts: renesas: salvator-common: adv748x: Override secondary addresses - [arm64] dts: renesas: r8a77965: Attach the SYS-DMAC to the IPMMU - [arm64] dts: renesas: r8a77965: Fix HS-USB compatible - [arm64] dts: renesas: r8a77965: Fix clock/reset for usb2_phy1 - pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map() - llc: avoid blocking in llc_sap_close() - [armhf] dts: qcom: ipq4019: fix cpu0's qcom,saw2 reg value - [arm64] soc: qcom: wcnss_ctrl: Avoid string overflow - [arm64] dts: broadcom: Fix I2C and SPI bus warnings - [armhf] dts: bcm: Fix SPI bus warnings - [armhf] dts: aspeed: Fix I2C bus warnings - [ppc64el,powerpc*] powerpc/vdso: Correct call frame information - [armhf] dts: socfpga: Fix I2C bus unit-address error - [armhf] dts: sunxi: Fix I2C bus warnings - [armhf] dts: sun9i: Fix I2C bus warnings - android: binder: no outgoing transaction when thread todo has transaction - cxgb4: Fix endianness issue in t4_fwcache() - [arm64] fix for bad_mode() handler to always result in panic - block, bfq: inject other-queue I/O into seeky idle queues on NCQ flash - blok, bfq: do not plug I/O if all queues are weight-raised - [arm64] dts: meson: Fix erroneous SPI bus warnings - power: supply: ab8500_fg: silence uninitialized variable warnings - component: fix loop condition to call unbind() if bind() fails - kernfs: Fix range checks in kernfs_get_target_path - ip_gre: fix parsing gre header in ipgre_err - scsi: ufshcd: Fix NULL pointer dereference for in ufshcd_init - [armhf] dts: rockchip: Fix erroneous SPI bus dtc warnings on rk3036 - [arm64] dts: rockchip: Fix I2C bus unit-address error on rk3399-puma-haikou - [x86] ACPI / LPSS: Exclude I2C busses shared with PUNIT from pmc_atom_d3_mask - netfilter: nf_tables: avoid BUG_ON usage - ath9k: Fix a locking bug in ath9k_add_interface() - [s390x] qeth: uninstall IRQ handler on device removal - [s390x] qeth: invoke softirqs after napi_schedule() - media: vsp1: Fix vsp1_regs.h license header - media: vsp1: Fix YCbCr planar formats pitch calculation - media: ov2680: don't register the v4l2 subdevice before checking chip ID - PCI/ACPI: Correct error message for ASPM disabling - net: socionext: Fix two sleep-in-atomic-context bugs in ave_rxfifo_reset() - PCI: mediatek: Fix unchecked return value - [armhf] dts: xilinx: Fix I2C and SPI bus warnings - serial: uartps: Fix suspend functionality - serial: samsung: Enable baud clock for UART reset procedure in resume - serial: mxs-auart: Fix potential infinite loop - tty: serial: qcom_geni_serial: Fix serial when not used as console - [arm64] dts: ti: k3-am65: Change #address-cells and #size-cells of interconnect to 2 - samples/bpf: fix a compilation failure - spi: mediatek: Don't modify spi_transfer when transfer. - ASoC: rt5682: Fix the boost volume at the begining of playback - ipmi_si_pci: fix NULL device in ipmi_si error message - ipmi_si: fix potential integer overflow on large shift - ipmi:dmi: Ignore IPMI SMBIOS entries with a zero base address - ipmi: fix return value of ipmi_set_my_LUN - net: hns3: fix return type of ndo_start_xmit function - net: cavium: fix return type of ndo_start_xmit function - net: ibm: fix return type of ndo_start_xmit function - [ppc64el,powerpc*] iommu: Avoid derefence before pointer check - [ppc64el,powerpc*] selftests: Do not fail with reschedule - [ppc64el,powerpc64] hash: Fix stab_rr off by one initialization - [ppc64el,powerpc64] pseries/memory-hotplug: Only update DT once per memory DLPAR request - [ppc64el,powerpc64] pseries: Disable CPU hotplug across migrations - [ppc64el,powerpc*] Fix duplicate const clang warning in user access code - RDMA/i40iw: Fix incorrect iterator type - OPP: Protect dev_list with opp_table lock - of/unittest: Fix I2C bus unit-address error - libfdt: Ensure INT_MAX is defined in libfdt_env.h - power: supply: twl4030_charger: fix charging current out-of-bounds - power: supply: twl4030_charger: disable eoc interrupt on linear charge - net: mvpp2: fix the number of queues per cpu for PPv2.2 - net: marvell: fix return type of ndo_start_xmit function - net: toshiba: fix return type of ndo_start_xmit function - net: xilinx: fix return type of ndo_start_xmit function - net: broadcom: fix return type of ndo_start_xmit function - net: amd: fix return type of ndo_start_xmit function - net: sun: fix return type of ndo_start_xmit function - net: hns3: Fix for setting speed for phy failed problem - net: hns3: Fix cmdq registers initialization issue for vf - net: hns3: Clear client pointer when initialize client failed or unintialize finished - net: hns3: Fix client initialize state issue when roce client initialize failed - net: hns3: Fix parameter type for q_id in hclge_tm_q_to_qs_map_cfg() - nfp: provide a better warning when ring allocation fails - usb: chipidea: imx: enable OTG overcurrent in case USB subsystem is already started - usb: chipidea: Fix otg event handler - usb: usbtmc: Fix ioctl USBTMC_IOCTL_ABORT_BULK_OUT - [s390x] zcrypt: enable AP bus scan without a valid default domain - [s390x] vdso: avoid 64-bit vdso mapping for compat tasks - [s390x] vdso: correct CFI annotations of vDSO functions - brcmfmac: increase buffer for obtaining firmware capabilities - brcmsmac: Use kvmalloc() for ucode allocations - mlxsw: spectrum: Init shaper for TCs 8..15 - PCI: portdrv: Initialize service drivers directly - [armhf] dts: am335x-evm: fix number of cpsw - [armhf] dts: ti: Fix SPI and I2C bus warnings - f2fs: avoid infinite loop in f2fs_alloc_nid - f2fs: fix to recover inode's uid/gid during POR - [armhf] dts: ux500: Correct SCU unit address - [armhf] dts: ux500: Fix LCDA clock line muxing - [armhf] dts: ste: Fix SPI controller node names - spi: pic32: Use proper enum in dmaengine_prep_slave_rg - crypto: chacha20 - Fix chacha20_block() keystream alignment (again) - cpufeature: avoid warning when compiling with clang - [armhf] crypto: crc32 - avoid warning when compiling with Clang - [armel] dts: marvell: Fix SPI and I2C bus warnings - [x86] mce-inject: Reset injection struct after injection - [armhf,arm64] dts: clearfog: fix sdhci supply property name - bnx2x: Ignore bandwidth attention in single function mode - PCI/AER: Take reference on error devices - PCI/AER: Don't read upstream ports below fatal errors - PCI/ERR: Use slot reset if available - samples/bpf: fix compilation failure - net: phy: mdio-bcm-unimac: Allow configuring MDIO clock divider - net: micrel: fix return type of ndo_start_xmit function - net: freescale: fix return type of ndo_start_xmit function - [x86] CPU: Use correct macros for Cyrix calls - [x86] CPU: Change query logic so CPUID is enabled before testing - EDAC: Correct DIMM capacity unit symbol - [mips*] kexec: Relax memory restriction - [arm64] dts: rockchip: Fix microSD in rk3399 sapphire board - mlxsw: Make MLXSW_SP1_FWREV_MINOR a hard requirement - media: imx: work around false-positive warning, again - media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init() - media: au0828: Fix incorrect error messages - media: davinci: Fix implicit enum conversion warning - [armhf] dts: rockchip: explicitly set vcc_sd0 pin to gpio on rk3188-radxarock - usb: gadget: uvc: configfs: Drop leaked references to config items - usb: gadget: uvc: configfs: Prevent format changes after linking header - usb: gadget: uvc: configfs: Sort frame intervals upon writing - [armhf] dts: exynos: Correct audio subsystem parent clock on Peach Chromebooks - i2c: aspeed: fix invalid clock parameters for very large divisors - gpiolib: Fix gpio_direction_* for single direction GPIOs - phy: brcm-sata: allow PHY_BRCM_SATA driver to be built for DSL SoCs - phy: renesas: rcar-gen3-usb2: fix vbus_ctrl for role sysfs - phy: phy-twl4030-usb: fix denied runtime access - [armhf] dts: imx6ull: update vdd_soc voltage for 900MHz operating point - usb: gadget: uvc: Factor out video USB request queueing - usb: gadget: uvc: Only halt video streaming endpoint in bulk mode - coresight: Use ERR_CAST instead of ERR_PTR - coresight: Fix handling of sinks - coresight: perf: Fix per cpu path management - coresight: perf: Disable trace path upon source error - coresight: tmc-etr: Handle driver mode specific ETR buffers - coresight: etm4x: Configure EL2 exception level when kernel is running in HYP - coresight: tmc: Fix byte-address alignment for RRP - coresight: dynamic-replicator: Handle multiple connections - slimbus: ngd: register ngd driver only once. - slimbus: ngd: return proper error code instead of zero - silmbus: ngd: register controller after power up. - misc: kgdbts: Fix restrict error - misc: genwqe: should return proper error value. - vmbus: keep pointer to ring buffer page - vfio/pci: Fix potential memory leak in vfio_msi_cap_len - vfio/pci: Mask buggy SR-IOV VF INTx support - iw_cxgb4: Use proper enumerated type in c4iw_bar2_addrs - scsi: libsas: always unregister the old device if going to discover new - f2fs: fix remount problem of option io_bits - phy: lantiq: Fix compile warning - [arm64] dts: fsl: Fix I2C and SPI bus warnings - [armhf] dts: imx51-zii-rdu1: Fix the rtc compatible string - [arm64] tegra: I2C on Tegra194 is not compatible with Tegra114 - [armhf] dts: tegra30: fix xcvr-setup-use-fuses - [armhf] dts: tegra20: restore address order - [armhf] tegra: apalis_t30: fix mmc1 cmd pull-up - [armhf] tegra: apalis_t30: fix mcp2515 can controller interrupt polarity - [armhf] tegra: colibri_t30: fix mcp2515 can controller interrupt polarity - [armhf] dts: paz00: fix wakeup gpio keycode - net: smsc: fix return type of ndo_start_xmit function - net: faraday: fix return type of ndo_start_xmit function - PCI/ERR: Run error recovery callbacks for all affected devices - f2fs: update i_size after DIO completion - f2fs: fix to recover inode's project id during POR - f2fs: mark inode dirty explicitly in recover_inode() - RDMA: Fix dependencies for rdma_user_mmap_io - EDAC: Raise the maximum number of memory controllers - firmware: dell_rbu: Make payload memory uncachable - Bluetooth: hci_serdev: clear HCI_UART_PROTO_READY to avoid closing proto races - Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS - Bluetooth: btrsi: fix bt tx timeout issue - [x86] hyperv: Suppress "PCI: Fatal: No config space access function found" - crypto: s5p-sss: Fix race in error handling - crypto: s5p-sss: Fix Fix argument list alignment - crypto: fix a memory leak in rsa-kcs1pad's encryption mode - iwlwifi: dbg: don't crash if the firmware crashes in the middle of a debug dump - iwlwifi: fix non_shared_ant for 22000 devices - iwlwifi: pcie: read correct prph address for newer devices - iwlwifi: api: annotate compressed BA notif array sizes - iwlwifi: pcie: gen2: build A-MSDU only for GSO - iwlwifi: pcie: fit reclaim msg to MAX_MSG_LEN - iwlwifi: mvm: use correct FIFO length - iwlwifi: mvm: Allow TKIP for AP mode - scsi: NCR5380: Clear all unissued commands on host reset - scsi: NCR5380: Have NCR5380_select() return a bool - scsi: NCR5380: Withhold disconnect privilege for REQUEST SENSE - scsi: NCR5380: Use DRIVER_SENSE to indicate valid sense data - scsi: NCR5380: Check for invalid reselection target - scsi: NCR5380: Don't clear busy flag when abort fails - scsi: NCR5380: Don't call dsprintk() following reselection interrupt - scsi: NCR5380: Handle BUS FREE during reselection - scsi: NCR5380: Check for bus reset - [arm64] dts: amd: Fix SPI bus warnings - [arm64] dts: lg: Fix SPI controller node names - rtc: isl1208: avoid possible sysfs race - rtc: tx4939: fixup nvmem name and register size - rtc: armada38x: fix possible race condition - netfilter: masquerade: don't flush all conntracks if only one address deleted on device - usb: xhci-mtk: fix ISOC error when interval is zero - usb: usbtmc: uninitialized symbol 'actual' in usbtmc_ioctl_clear - fuse: use READ_ONCE on congestion_threshold and max_background - IB/iser: Fix possible NULL deref at iser_inv_desc() - media: ov2680: fix null dereference at power on - [s390x] vdso: correct vdso mapping for compat tasks - net: phy: mdio-bcm-unimac: mark PM functions as __maybe_unused - memfd: Use radix_tree_deref_slot_protected to avoid the warning. - slcan: Fix memory leak in error path https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.86 - spi: mediatek: use correct mata->xfer_len when in fifo transfer - i2c: mediatek: modify threshold passed to i2c_get_dma_safe_msg_buf() - tee: optee: add missing of_node_put after of_device_is_available - Revert "OPP: Protect dev_list with opp_table lock" - net: cdc_ncm: Signedness bug in cdc_ncm_set_dgram_size() - idr: Fix idr_get_next race with idr_remove - mm/memory_hotplug: don't access uninitialized memmaps in shrink_pgdat_span() - mm/memory_hotplug: fix updating the node span - [arm64] uaccess: Ensure PAN is re-enabled after unhandled uaccess fault - fbdev: Ditch fb_edid_add_monspecs - [i386] bpf, x32: Fix bug for BPF_ALU64 | BPF_NEG - [i386] bpf, x32: Fix bug with ALU64 {LSH, RSH, ARSH} BPF_X shift by 0 - [i386] bpf, x32: Fix bug with ALU64 {LSH, RSH, ARSH} BPF_K shift by 0 - [i386] bpf, x32: Fix bug for BPF_JMP | {BPF_JSGT, BPF_JSLE, BPF_JSLT, BPF_JSGE} - net: ovs: fix return type of ndo_start_xmit function - net: xen-netback: fix return type of ndo_start_xmit function - [armhf] dts: dra7: Enable workaround for errata i870 in PCIe host mode - [armhf] dts: omap5: enable OTG role for DWC3 controller - [arm64] net: hns3: Fix for netdev not up problem when setting mtu - [arm64] net: hns3: Fix loss of coal configuration while doing reset - f2fs: return correct errno in f2fs_gc - [armhf] dts: sun8i: h3-h5: ir register size should be the whole memory block - [armhf] dts: sun8i: h3: bpi-m2-plus: Fix address for external RGMII Ethernet PHY - tcp: up initial rmem to 128KB and SYN rwin to around 64KB - SUNRPC: Fix priority queue fairness - ACPI / LPSS: Make acpi_lpss_find_device() also find PCI devices - ACPI / LPSS: Resume BYT/CHT I2C controllers from resume_noirq - f2fs: keep lazytime on remount - IB/hfi1: Error path MAD response size is incorrect - IB/hfi1: Ensure ucast_dlid access doesnt exceed bounds - mt76x2: fix tx power configuration for VHT mcs 9 - mt76x2: disable WLAN core before probe - mt76: fix handling ps-poll frames - [arm64,armhf] iommu/io-pgtable-arm: Fix race handling in split_blk_unmap() - [arm64,armhf] iommu/arm-smmu-v3: Fix unexpected CMD_SYNC timeout - [arm64,armhf] kvm: Fix stage2_flush_memslot for 4 level page table - [arm64] numa: Report correct memblock range for the dummy node - ath10k: fix vdev-start timeout on error - rtlwifi: btcoex: Use proper enumerated types for Wi-Fi only interface - ata: ahci_brcm: Allow using driver or DSL SoCs - PM / devfreq: Fix devfreq_add_device() when drivers are built as modules. - PM / devfreq: Fix handling of min/max_freq == 0 - PM / devfreq: stopping the governor before device_unregister() - ath9k: fix reporting calculated new FFT upper max - selftests/tls: Fix recv(MSG_PEEK) & splice() test cases - usb: gadget: udc: fotg210-udc: Fix a sleep-in-atomic-context bug in fotg210_get_status() - usb: dwc3: gadget: Check ENBLSLPM before sending ep command - nl80211: Fix a GET_KEY reply attribute - [arm64,armhf] irqchip/irq-mvebu-icu: Fix wrong private data retrieval - watchdog: core: fix null pointer dereference when releasing cdev - watchdog: w83627hf_wdt: Support NCT6796D, NCT6797D, NCT6798D - [ppc64el,powerpc64] Inform the userspace about TCE update failures - printk: Do not miss new messages when replaying the log - printk: CON_PRINTBUFFER console registration is a bit racy - dmaengine: ep93xx: Return proper enum in ep93xx_dma_chan_direction - dmaengine: timb_dma: Use proper enum in td_prep_slave_sg - [x86] ALSA: hda: Fix mismatch for register mask and value in ext controller. - ext4: fix build error when DX_DEBUG is defined - clk: keystone: Enable TISCI clocks if K3_ARCH - sunrpc: Fix connect metrics - [x86] PCI: Apply VMD's AERSID fixup generically - mei: samples: fix a signedness bug in amt_host_if_call() - cxgb4: Use proper enum in cxgb4_dcb_handle_fw_update - cxgb4: Use proper enum in IEEE_FAUX_SYNC - [ppc64el,powerpc*] Fix DTL buffer registration - [ppc64el,powerpc*] Fix how we iterate over the DTL entries - [ppc64el,powerpc*] xive: Move a dereference below a NULL test - mtd: rawnand: sh_flctl: Use proper enum for flctl_dma_fifo0_transfer - PM / hibernate: Check the success of generating md5 digest before hibernation - tools: PCI: Fix compilation warnings - ice: Fix forward to queue group logic - md: allow metadata updates while suspending an array - fix - ixgbe: Fix ixgbe TX hangs with XDP_TX beyond queue limit - i40e: Use proper enum in i40e_ndo_set_vf_link_state - ixgbe: Fix crash with VFs and flow director on interface flap - IB/mthca: Fix error return code in __mthca_init_one() - IB/rxe: avoid srq memory leak - RDMA/hns: Bugfix for reserved qp number - RDMA/hns: Submit bad wr when post send wr exception - RDMA/hns: Bugfix for CM test - RDMA/hns: Limit the size of extend sge of sq - IB/mlx4: Avoid implicit enumerated type conversion - rpmsg: glink: smem: Support rx peak for size less than 4 bytes - msm/gpu/a6xx: Force of_dma_configure to setup DMA for GMU - OPP: Return error on error from dev_pm_opp_get_opp_count() - ACPICA: Never run _REG on system_memory and system_IO - cpuidle: menu: Fix wakeup statistics updates for polling state - ASoC: qdsp6: q6asm-dai: checking NULL vs IS_ERR() - [ppc64el,powerpc*] time: Use clockevents_register_device(), fixing an issue with large decrementer - [ppc64el,powerpc64] radix: Explicitly flush ERAT with local LPID invalidation - ata: ep93xx: Use proper enums for directions - qed: Avoid implicit enum conversion in qed_ooo_submit_tx_buffers - media: rc: ir-rc6-decoder: enable toggle bit for Kathrein RCU-676 remote - media: pxa_camera: Fix check for pdev->dev.of_node - media: rcar-vin: fix redeclaration of symbol - media: i2c: adv748x: Support probing a single output - [x86] ALSA: hda/sigmatel - Disable automute for Elo VuPoint - bnxt_en: return proper error when FW returns HWRM_ERR_CODE_RESOURCE_ACCESS_DENIED - [ppc64el,powerpc64] Book3S PR: Exiting split hack mode needs to fixup both PC and LR - USB: serial: cypress_m8: fix interrupt-out transfer length - usb: dwc2: disable power_down on rockchip devices - mtd: physmap_of: Release resources on error - cpu/SMT: State SMT is disabled even with nosmt and without "=force" - brcmfmac: reduce timeout for action frame scan - brcmfmac: fix full timeout waiting for action frame on-channel tx - qtnfmac: request userspace to do OBSS scanning if FW can not - qtnfmac: pass sgi rate info flag to wireless core - qtnfmac: inform wireless core about supported extended capabilities - qtnfmac: drop error reports for out-of-bounds key indexes - [armhf] clk: samsung: Use NOIRQ stage for Exynos5433 clocks suspend/resume - [armhf] clk: samsung: exynos5420: Define CLK_SECKEY gate clock only or Exynos5420 - [armhf] clk: samsung: Use clk_hw API for calling clk framework from clk notifiers - printk: Correct wrong casting - NFSv4.x: fix lock recovery during delegation recall - dmaengine: ioat: fix prototype of ioat_enumerate_channels - media: ov5640: fix framerate update - media: cec-gpio: select correct Signal Free Time - gfs2: slow the deluge of io error messages - i2c: omap: use core to detect 'no zero length' quirk - i2c: qup: use core to detect 'no zero length' quirk - i2c: tegra: use core to detect 'no zero length' quirk - i2c: zx2967: use core to detect 'no zero length' quirk - Input: st1232 - set INPUT_PROP_DIRECT property - Input: silead - try firmware reload after unsuccessful resume - soc: fsl: bman_portals: defer probe after bman's probe - net: hns3: Fix for rx vlan id handle to support Rev 0x21 hardware - tc-testing: fix build of eBPF programs - remoteproc: Check for NULL firmwares in sysfs interface - remoteproc: qcom: q6v5: Fix a race condition on fatal crash - kexec: Allocate decrypted control pages for kdump if SME is enabled - [x86] olpc: Fix build error with CONFIG_MFD_CS5535=m - dmaengine: rcar-dmac: set scatter/gather max segment size - xfrm: use correct size to initialise sp->ovec - ACPI / SBS: Fix rare oops when removing modules - iwlwifi: mvm: don't send keys when entering D3 - xsk: proper AF_XDP socket teardown ordering - [amd64] fsgsbase: Fix ptrace() to read the FS/GS base accurately - mmc: renesas_sdhi_internal_dmac: Whitelist r8a774a1 - mmc: tmio: Fix SCC error detection - mmc: renesas_sdhi_internal_dmac: set scatter/gather max segment size - fbdev: sbuslib: use checked version of put_user() - fbdev: sbuslib: integer overflow in sbusfb_ioctl_helper() - fbdev: fix broken menu dependencies - reset: Fix potential use-after-free in __of_reset_control_get() - bcache: account size of buckets used in uuid write to ca->meta_sectors_written - bcache: recal cached_dev_sectors on detach - [x86] platform: mlx-platform: Properly use mlxplat_mlxcpld_msn201x_items - media: dw9714: Fix error handling in probe function - media: dw9807-vcm: Fix probe error handling - media: cx18: Don't check for address of video_dev - mtd: spi-nor: cadence-quadspi: Use proper enum for dma_[un]map_single - mtd: devices: m25p80: Make sure WRITE_EN is issued before each write - [x86] intel_rdt: Introduce utility to obtain CDP peer - [x86] intel_rdt: CBM overlap should also check for overlap with CDP peer - mmc: mmci: expand startbiterr to irqmask and error check - [s390x] kasan: avoid vdso instrumentation - [s390x] kasan: avoid instrumentation of early C code - [s390x] kasan: avoid user access code instrumentation - [i386] proc/vmcore: Fix i386 build error of missing copy_oldmem_page_encrypted() - backlight: lm3639: Unconditionally call led_classdev_unregister - mfd: ti_am335x_tscadc: Keep ADC interface on if child is wakeup capable - printk: Give error on attempt to set log buffer length to over 2G - media: isif: fix a NULL pointer dereference bug - GFS2: Flush the GFS2 delete workqueue before stopping the kernel threads - media: cx231xx: fix potential sign-extension overflow on large shift - media: venus: vdec: fix decoded data size - [x86] ALSA: hda/ca0132 - Fix input effect controls for desktop cards - lightnvm: pblk: fix rqd.error return value in pblk_blk_erase_sync - lightnvm: pblk: fix incorrect min_write_pgs - lightnvm: pblk: guarantee emeta on line close - lightnvm: pblk: fix write amplificiation calculation - lightnvm: pblk: guarantee mw_cunits on read buffer - lightnvm: do no update csecs and sos on 1.2 - lightnvm: pblk: fix error handling of pblk_lines_init() - lightnvm: pblk: consider max hw sectors supported for max_write_pgs - [x86] kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error - bpf: btf: Fix a missing check bug - net: fix generic XDP to handle if eth header was mangled - gpio: syscon: Fix possible NULL ptr usage - spi: fsl-lpspi: Prevent FIFO under/overrun by default - pinctrl: gemini: Mask and set properly - spi: spidev: Fix OF tree warning logic - [armel,armhf] 8802/1: Call syscall_trace_exit even when system call skipped - [x86] mm: Do not warn about PCI BIOS W+X mappings - orangefs: rate limit the client not running info message - pinctrl: gemini: Fix up TVC clock group - scsi: arcmsr: clean up clang warning on extraneous parentheses - [x86] hwmon: (k10temp) Support all Family 15h Model 6xh and Model 7xh processors - hwmon: (nct6775) Fix names of DIMM temperature sources - hwmon: (pwm-fan) Silence error on probe deferral - hwmon: (ina3221) Fix INA3221_CONFIG_MODE macros - hwmon: (npcm-750-pwm-fan) Change initial pwm target to 255 - selftests: forwarding: Have lldpad_app_wait_set() wait for unknown, too - net: sched: avoid writing on noop_qdisc - netfilter: nft_compat: do not dump private area - misc: cxl: Fix possible null pointer dereference - mac80211: minstrel: fix using short preamble CCK rates on HT clients - mac80211: minstrel: fix CCK rate group streams value - mac80211: minstrel: fix sampling/reporting of CCK rates in HT mode - spi: rockchip: initialize dma_slave_config properly - mlxsw: spectrum_switchdev: Check notification relevance based on upper device - [armhf] dts: omap5: Fix dual-role mode on Super-Speed port - tcp: start receiver buffer autotuning sooner - ACPI / LPSS: Use acpi_lpss_* instead of acpi_subsys_* functions for hibernate - PM / devfreq: Fix static checker warning in try_then_request_governor - tools: PCI: Fix broken pcitest compilation - [ppc64el,powerpc*] time: Fix clockevent_decrementer initalisation for PR KVM - mmc: tmio: fix SCC error handling to avoid false positive CRC error - [x86] resctrl: Fix rdt_find_domain() return value and checks https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.87 - mlxsw: spectrum_router: Fix determining underlay for a GRE tunnel - net/mlx4_en: fix mlx4 ethtool -N insertion - net/mlx4_en: Fix wrong limitation for number of TX rings - net: rtnetlink: prevent underflows in do_setvfinfo() - net/sched: act_pedit: fix WARN() in the traffic path - net: sched: ensure opts_len <= IP_TUNNEL_OPTS_MAX in act_tunnel_key - sfc: Only cancel the PPS workqueue if it exists - net/mlx5e: Fix set vf link state error flow - net/mlxfw: Verify FSM error code translation doesn't exceed array size - net/mlx5: Fix auto group size calculation - vhost/vsock: split packets to send using multiple buffers - gpio: max77620: Fixup debounce delays - tools: gpio: Correctly add make dependencies for gpio_utils - nbd:fix memory leak in nbd_get_socket() - virtio_console: allocate inbufs in add_port() only if it is needed - Revert "fs: ocfs2: fix possible null-pointer dereferences in ocfs2_xa_prepare_entry()" - mm/ksm.c: don't WARN if page is still mapped in remove_stable_node() - [x86] drm/amd/powerplay: issue no PPSMC_MSG_GetCurrPkgPwr on unsupported ASICs - [x86] drm/i915/pmu: "Frequency" is reported as accumulated cycles - [x86] drm/i915/userptr: Try to acquire the page lock around set_page_dirty() - mwifiex: Fix NL80211_TX_POWER_LIMITED - ALSA: isight: fix leak of reference to firewire unit in error path of .probe callback - crypto: testmgr - fix sizeof() on COMP_BUF_SIZE - printk: lock/unlock console only for new logbuf entries - printk: fix integer overflow in setup_log_buf() - pinctrl: madera: Fix uninitialized variable bug in madera_mux_set_mux - PCI: cadence: Write MSI data with 32bits - gfs2: Fix marking bitmaps non-full - pty: fix compat ioctls - synclink_gt(): fix compat_ioctl() - [ppc64] Fix signedness bug in update_flash_db() - [powerpc] boot: Fix opal console in boot wrapper - [ppc64*,powerpc] boot: Disable vector instructions - [ppc64*,powerpc] eeh: Fix null deref for devices removed during EEH - [ppc64*,powerpc] eeh: Fix use of EEH_PE_KEEP on wrong field - EDAC, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() - mt76: do not store aggregation sequence number for null-data frames - mt76x0: phy: fix restore phase in mt76x0_phy_recalibrate_after_assoc - brcmsmac: AP mode: update beacon when TIM changes - ath10k: set probe request oui during driver start - ath10k: allocate small size dma memory in ath10k_pci_diag_write_mem - skd: fixup usage of legacy IO API - cdrom: don't attempt to fiddle with cdo->capability - spi: sh-msiof: fix deferred probing - mmc: mediatek: fill the actual clock for mmc debugfs - mmc: mediatek: fix cannot receive new request when msdc_cmd_is_ready fail - PCI: mediatek: Fix class type for MT7622 to PCI_CLASS_BRIDGE_PCI - btrfs: defrag: use btrfs_mod_outstanding_extents in cluster_pages_for_defrag - btrfs: handle error of get_old_root - gsmi: Fix bug in append_to_eventlog sysfs handler - misc: mic: fix a DMA pool free failure - w1: IAD Register is yet readable trough iad sys file. Fix snprintf (%u for unsigned, count for max size). - [m68k] fix command-line parsing when passed from u-boot - RDMA/bnxt_re: Avoid NULL check after accessing the pointer - RDMA/bnxt_re: Fix qp async event reporting - RDMA/bnxt_re: Avoid resource leak in case the NQ registration fails - pinctrl: sunxi: Fix a memory leak in 'sunxi_pinctrl_build_state()' - pwm: lpss: Only set update bit if we are actually changing the settings - amiflop: clean up on errors during setup - qed: Align local and global PTT to propagate through the APIs. - scsi: ips: fix missing break in switch - nfp: bpf: protect against mis-initializing atomic counters - [x86] KVM: nVMX: reset cache/shadows when switching loaded VMCS - [x86] KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode() - [x86] KVM: Fix invvpid and invept register operand size in 64-bit mode - clk: tegra: Fixes for MBIST work around - scsi: isci: Use proper enumerated type in atapi_d2h_reg_frame_handler - scsi: isci: Change sci_controller_start_task's return type to sci_status - scsi: bfa: Avoid implicit enum conversion in bfad_im_post_vendor_event - scsi: iscsi_tcp: Explicitly cast param in iscsi_sw_tcp_host_get_param - nvmet: avoid integer overflow in the discard code - nvmet-fcloop: suppress a compiler warning - nvme-pci: fix hot removal during error handling - PCI: mediatek: Fixup MSI enablement logic by enabling MSI before clocks - clk: mmp2: fix the clock id for sdh2_clk and sdh3_clk - ASoC: tegra_sgtl5000: fix device_node refcounting - scsi: dc395x: fix dma API usage in srb_done - scsi: dc395x: fix DMA API usage in sg_update_list - scsi: zorro_esp: Limit DMA transfers to 65535 bytes - net: dsa: mv88e6xxx: Fix 88E6141/6341 2500mbps SERDES speed - net: fix warning in af_unix - xfs: fix use-after-free race in xfs_buf_rele - xfs: clear ail delwri queued bufs on unmount of shutdown fs - kprobes, x86/ptrace.h: Make regs_get_kernel_stack_nth() not fault on bad stack - ACPI / scan: Create platform device for INT33FE ACPI nodes - PM / Domains: Deal with multiple states but no governor in genpd - ALSA: i2c/cs8427: Fix int to char conversion - macintosh/windfarm_smu_sat: Fix debug output - PCI: vmd: Detach resources after stopping root bus - USB: misc: appledisplay: fix backlight update_status return code - usbip: tools: fix atoi() on non-null terminated string - sctp: use sk_wmem_queued to check for writable space - dm raid: avoid bitmap with raid4/5/6 journal device - selftests/bpf: fix file resource leak in load_kallsyms - SUNRPC: Fix a compile warning for cmpxchg64() - sunrpc: safely reallow resvport min/max inversion - atm: zatm: Fix empty body Clang warnings - [s390x] perf: Return error when debug_register fails - swiotlb: do not panic on mapping failures - spi: omap2-mcspi: Set FIFO DMA trigger level to word length - [x86] intel_rdt: Prevent pseudo-locking from using stale pointers - sparc: Fix parport build warnings. - [ppc64*,powerpc] pseries: Export raw per-CPU VPA data via debugfs - [ppc64*,powerpc] mm/radix: Fix off-by-one in split mapping logic - [ppc64*,powerpc] mm/radix: Fix overuse of small pages in splitting logic - [ppc64*,powerpc] mm/radix: Fix small page at boundary when splitting - [ppc64*] radix: Fix radix__flush_tlb_collapsed_pmd double flushing pmd - selftests/bpf: fix return value comparison for tests in test_libbpf.sh - tools: bpftool: fix completion for "bpftool map update" - ceph: fix dentry leak in ceph_readdir_prepopulate - ceph: only allow punch hole mode in fallocate - thermal: armada: fix a test in probe() - f2fs: fix to spread clear_cold_data() - f2fs: spread f2fs_set_inode_flags() - mISDN: Fix type of switch control variable in ctrl_teimanager - qlcnic: fix a return in qlcnic_dcb_get_capability() - net: ethernet: ti: cpsw: unsync mcast entries while switch promisc mode - mfd: arizona: Correct calling of runtime_put_sync - mfd: mc13xxx-core: Fix PMIC shutdown when reading ADC values - [x86] mfd: intel_soc_pmic_bxtwc: Chain power button IRQs as well - mfd: max8997: Enale irq-wakeup unconditionally - net: socionext: Stop PHY before resetting netsec - fs/cifs: fix uninitialised variable warnings - spi: uniphier: fix incorrect property items - selftests/ftrace: Fix to test kprobe $comm arg only if available - selftests: watchdog: fix message when /dev/watchdog open fails - selftests: watchdog: Fix error message. - selftests: kvm: Fix -Wformat warnings - selftests: fix warning: "_GNU_SOURCE" redefined - net: ethernet: cadence: fix socket buffer corruption problem - bpf: devmap: fix wrong interface selection in notifier_call - bpf, btf: fix a missing check bug in btf_parse - [sparc64] Rework xchg() definition to avoid warnings. - [arm64] lib: use C string functions with KASAN enabled - fs/ocfs2/dlm/dlmdebug.c: fix a sleep-in-atomic-context bug in dlm_print_one_mle() - mm/page-writeback.c: fix range_cyclic writeback vs writepages deadlock - tools/testing/selftests/vm/gup_benchmark.c: fix 'write' flag usage - mm: thp: fix MADV_DONTNEED vs migrate_misplaced_transhuge_page race condition - macsec: update operstate when lower device changes - macsec: let the administrator set UP state even if lowerdev is down - block: fix the DISCARD request merge - i2c: uniphier-f: make driver robust against concurrency - i2c: uniphier-f: fix occasional timeout error - i2c: uniphier-f: fix race condition when IRQ is cleared - um: Make line/tty semantics use true write IRQ - vfs: avoid problematic remapping requests into partial EOF block - ipv4/igmp: fix v1/v2 switchback timeout based on rfc3376, 8.12 - [ppc64*,powerpc] xmon: Relax frame size for clang - [ppc64*,powerpc] selftests/ptrace: Fix out-of-tree build - [ppc64*,powerpc] selftests/signal: Fix out-of-tree build - [ppc64*,powerpc] selftests/switch_endian: Fix out-of-tree build - [ppc64*,powerpc] selftests/cache_shape: Fix out-of-tree build - block: call rq_qos_exit() after queue is frozen - mm/gup_benchmark.c: prevent integer overflow in ioctl - linux/bitmap.h: handle constant zero-size bitmaps correctly - linux/bitmap.h: fix type of nbits in bitmap_shift_right() - lib/bitmap.c: fix remaining space computation in bitmap_print_to_pagebuf - hfsplus: fix BUG on bnode parent update - hfs: fix BUG on bnode parent update - hfsplus: prevent btree data loss on ENOSPC - hfs: prevent btree data loss on ENOSPC - hfsplus: fix return value of hfsplus_get_block() - hfs: fix return value of hfs_get_block() - hfsplus: update timestamps on truncate() - hfs: update timestamp on truncate() - fs/hfs/extent.c: fix array out of bounds read of array extent - kernel/panic.c: do not append newline to the stack protector panic string - mm/memory_hotplug: make add_memory() take the device_hotplug_lock - mm/memory_hotplug: fix online/offline_pages called w.o. mem_hotplug_lock - [ppc64*,powerprc] powerpc/powernv: hold device_hotplug_lock when calling device_online() - igb: shorten maximum PHC timecounter update interval - fm10k: ensure completer aborts are marked as non-fatal after a resume - [arm64] net: hns3: bugfix for buffer not free problem during resetting - [arm64] net: hns3: bugfix for reporting unknown vector0 interrupt repeatly problem - [arm64] net: hns3: bugfix for is_valid_csq_clean_head() - [arm64] net: hns3: bugfix for hclge_mdio_write and hclge_mdio_read - ntb_netdev: fix sleep time mismatch - [x86] ntb: intel: fix return value for ndev_vec_mask() - irq/matrix: Fix memory overallocation - nvme-pci: fix conflicting p2p resource adds - [arm64] makefile fix build of .i file in external module case - [x86] tools/power turbosat: fix AMD APIC-id output - mm: handle no memcg case in memcg_kmem_charge() properly - ocfs2: without quota support, avoid calling quota recovery - ocfs2: don't use iocb when EIOCBQUEUED returns - ocfs2: don't put and assigning null to bh allocated outside - ocfs2: fix clusters leak in ocfs2_defrag_extent() - net: do not abort bulk send on BQL status - sched/topology: Fix off by one bug - sched/fair: Don't increase sd->balance_interval on newidle balance - openvswitch: fix linking without CONFIG_NF_CONNTRACK_LABELS - [armhf] dts: imx6sx-sdb: Fix enet phy regulator - [arm64] sunxi-ng: enable so-said LDOs for A64 SoC's pll-mipi clock - soc: bcm: brcmstb: Fix re-entry point with a THUMB2_KERNEL - audit: print empty EXECVE args - sock_diag: fix autoloading of the raw_diag module - net: bpfilter: fix iptables failure if bpfilter_umh is disabled - nds32: Fix bug in bitfield.h - media: ov13858: Check for possible null pointer - btrfs: avoid link error with CONFIG_NO_AUTO_INLINE - wil6210: fix debugfs memory access alignment - wil6210: fix L2 RX status handling - wil6210: fix RGF_CAF_ICR address for Talyn-MB - wil6210: fix locking in wmi_call - ath10k: snoc: fix unbalanced clock error handling - wlcore: Fix the return value in case of error in 'wlcore_vendor_cmd_smart_config_start()' - rtl8xxxu: Fix missing break in switch - brcmsmac: never log "tid x is not agg'able" by default - wireless: airo: potential buffer overflow in sprintf() - rtlwifi: rtl8192de: Fix misleading REG_MCUFWDL information - net: dsa: bcm_sf2: Turn on PHY to allow successful registration - scsi: mpt3sas: Fix Sync cache command failure during driver unload - scsi: mpt3sas: Don't modify EEDPTagMode field setting on SAS3.5 HBA devices - scsi: mpt3sas: Fix driver modifying persistent data in Manufacturing page11 - scsi: megaraid_sas: Fix msleep granularity - scsi: megaraid_sas: Fix goto labels in error handling - scsi: lpfc: fcoe: Fix link down issue after 1000+ link bounces - scsi: lpfc: Fix odd recovery in duplicate FLOGIs in point-to-point - scsi: lpfc: Correct loss of fc4 type on remote port address change - usb: typec: tcpm: charge current handling for sink during hard reset - dlm: fix invalid free - dlm: don't leak kernel pointer to userspace - vrf: mark skb for multicast or link-local as enslaved to VRF - clk: tegra20: Turn EMC clock gate into divider - ACPICA: Use %d for signed int print formatting instead of %u - net: bcmgenet: return correct value 'ret' from bcmgenet_power_down - of: unittest: allow base devicetree to have symbol metadata - of: unittest: initialize args before calling of_*parse_*() - tools: bpftool: pass an argument to silence open_obj_pinned() - cfg80211: Prevent regulatory restore during STA disconnect in concurrent interfaces - pinctrl: qcom: spmi-gpio: fix gpio-hog related boot issues - pinctrl: bcm2835: Use define directive for BCM2835_PINCONF_PARAM_PULL - pinctrl: lpc18xx: Use define directive for PIN_CONFIG_GPIO_PIN_INT - pinctrl: zynq: Use define directive for PIN_CONFIG_IO_STANDARD - PCI: keystone: Use quirk to limit MRRS for K2G - nvme-pci: fix surprise removal - spi: omap2-mcspi: Fix DMA and FIFO event trigger size mismatch - i2c: uniphier-f: fix timeout error after reading 8 bytes - mm/memory_hotplug: Do not unlock when fails to take the device_hotplug_lock - ipv6: Fix handling of LLA with VRF and sockets bound to VRF - cfg80211: call disconnect_wk when AP stops - mm/page_io.c: do not free shared swap slots - Bluetooth: Fix invalid-free in bcsp_close() - KVM: MMU: Do not treat ZONE_DEVICE pages as being reserved - ath10k: Fix a NULL-ptr-deref bug in ath10k_usb_alloc_urb_from_pipe - ath9k_hw: fix uninitialized variable data - md/raid10: prevent access of uninitialized resync_pages offset - mm/memory_hotplug: don't access uninitialized memmaps in shrink_zone_span() - net: phy: dp83867: fix speed 10 in sgmii mode - net: phy: dp83867: increase SGMII autoneg timer duration - ocfs2: remove ocfs2_is_o2cb_active() - [arm*] 8904/1: skip nomap memblocks while finding the lowmem/highmem boundary - ARC: perf: Accommodate big-endian CPU - [x86] insn: Fix awk regexp warnings - [x86] speculation: Fix incorrect MDS/TAA mitigation status - [x86] speculation: Fix redundant MDS mitigation message - nbd: prevent memory leak - y2038: futex: Move compat implementation into futex.c - futex: Prevent robust futex exit race - ALSA: usb-audio: Fix NULL dereference at parsing BADD - nfc: port100: handle command failure cleanly - media: vivid: Set vid_cap_streaming and vid_out_streaming to true - media: vivid: Fix wrong locking that causes race conditions on streaming stop (CVE-2019-18683) - media: usbvision: Fix races among open, close, and disconnect - cpufreq: Add NULL checks to show() and store() methods of cpufreq - media: uvcvideo: Fix error path in control parsing failure - media: b2c2-flexcop-usb: add sanity checking - media: cxusb: detect cxusb_ctrl_msg error in query - media: imon: invalid dereference in imon_touch_event - virtio_ring: fix return code on DMA mapping fails - USBIP: add config dependency for SGL_ALLOC - usbip: tools: fix fd leakage in the function of read_attr_usbip_status - usbip: Fix uninitialized symbol 'nents' in stub_recv_cmd_submit() - usb-serial: cp201x: support Mark-10 digital force gauge - USB: chaoskey: fix error case of a timeout - appledisplay: fix error handling in the scheduled work - USB: serial: mos7840: add USB ID to support Moxa UPort 2210 - USB: serial: mos7720: fix remote wakeup - USB: serial: mos7840: fix remote wakeup - USB: serial: option: add support for DW5821e with eSIM support - USB: serial: option: add support for Foxconn T77W968 LTE modules - staging: comedi: usbduxfast: usbduxfast_ai_cmdtest rounding error - [ppc64*] support nospectre_v2 cmdline option - [ppc64*] book3s: Fix link stack flush on context switch (CVE-2019-18660) - [ppc64*, powerpc] PPC: Book3S HV: Flush link stack on guest exit to host kernel - PM / devfreq: Fix kernel oops on governor module load . [ Romain Perier ] * [armel/rpi] Enable CONFIG_BRCMFMAC_SDIO (Closes: #940530) * [armhf, arm64] Backport devicetree for enabling support for the Raspberry PI 3 A+ . [ Salvatore Bonaccorso ] * ixgbe: Fix secpath usage for IPsec TX offload (Closes: #930443) * ipv4: Return -ENETUNREACH if we can't create route but saddr is valid (Closes: #945023) * [x86] KVM: x86: introduce is_pae_paging (Regression in 4.19.77) * [rt] Refresh 0011-sched-fair-Robustify-CFS-bandwidth-timer-locking.patch (context changes in 4.19.84) . [ Bastian Blank ] * [amd64/cloud-amd64] Re-enable RTC drivers. (closes: #931341) . [ Noah Meyerhans ] * drivers/net/ethernet/amazon: Backport driver fixes from Linux 5.4 (Closes: #941291) * Bump ABI to 7 . [ Ben Hutchings ] * debian/bin/genpatch-rt: Fix series generation from git * [rt] Update to 4.19.82-rt30: - Drop changes in "fs/dcache: disable preemption on i_dir_seq's write side" that conflict with "Fix the locking in dcache_readdir() and friends" - Rewrite "fs/aio: simple simple work" using kthread_work - Rewrite "thermal: Defer thermal wakups to threads" using kthread_work - Rewrite "block: blk-mq: move blk_queue_usage_counter_release() into process context" using kthread_work - workqueue: rework . [ Benjamin Poirier ] * tools/perf: Add python3 support to scripts (Closes: #944641) . [ Aurelien Jarno ] * [rt] Refresh 0025-NFSv4-replace-seqcount_t-with-a-seqlock_t.patch (context changes in 4.19.86) * [rt] Refresh 0202-net-Qdisc-use-a-seqlock-instead-seqcount.patch (context changes in 4.19.86) * [rt] Refresh 0057-printk-Add-a-printk-kill-switch.patch (context changes in 4.19.87) * [rt] Refresh 0207-printk-Make-rt-aware.patch (context changes in 4.19.87) linux-signed-arm64 (4.19.67+2+deb10u2) buster-security; urgency=high . * Sign kernel from linux 4.19.67-2+deb10u2 . * [x86] Add mitigation for TSX Asynchronous Abort (CVE-2019-11135): - KVM: x86: use Intel speculation bugs and features as derived in generic x86 code - x86/msr: Add the IA32_TSX_CTRL MSR - x86/cpu: Add a helper function x86_read_arch_cap_msr() - x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default - x86/speculation/taa: Add mitigation for TSX Async Abort - x86/speculation/taa: Add sysfs reporting for TSX Async Abort - kvm/x86: Export MDS_NO=0 to guests when TSX is enabled - x86/tsx: Add "auto" option to the tsx= cmdline parameter - x86/speculation/taa: Add documentation for TSX Async Abort - x86/tsx: Add config options to set tsx=on|off|auto - x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs TSX is now disabled by default; see Documentation/admin-guide/hw-vuln/tsx_async_abort.rst * [x86] KVM: Add mitigation for Machine Check Error on Page Size Change (aka iTLB multi-hit, CVE-2018-12207): - kvm: Convert kvm_lock to a mutex - kvm: x86: Do not release the page inside mmu_set_spte() - KVM: x86: make FNAME(fetch) and __direct_map more similar - KVM: x86: remove now unneeded hugepage gfn adjustment - KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON - KVM: x86: add tracepoints around __direct_map and FNAME(fetch) - kvm: x86, powerpc: do not allow clearing largepages debugfs entry - KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active - x86/bugs: Add ITLB_MULTIHIT bug infrastructure - cpu/speculation: Uninline and export CPU mitigations helpers - kvm: mmu: ITLB_MULTIHIT mitigation - kvm: Add helper function for creating VM worker threads - kvm: x86: mmu: Recovery of shattered NX large pages - Documentation: Add ITLB_MULTIHIT documentation * [x86] i915: Mitigate local privilege escalation on gen9 (CVE-2019-0155): - drm/i915: Rename gen7 cmdparser tables - drm/i915: Disable Secure Batches for gen6+ - drm/i915: Remove Master tables from cmdparser - drm/i915: Add support for mandatory cmdparsing - drm/i915: Support ro ppgtt mapped cmdparser shadow buffers - drm/i915: Allow parsing of unsized batches - drm/i915: Add gen9 BCS cmdparsing - drm/i915/cmdparser: Use explicit goto for error paths - drm/i915/cmdparser: Add support for backward jumps - drm/i915/cmdparser: Ignore Length operands during command matching - drm/i915/cmdparser: Fix jump whitelist clearing * [x86] i915: Mitigate local denial-of-service on gen8/gen9 (CVE-2019-0154): - drm/i915: Lower RM timeout to avoid DSI hard hangs - drm/i915/gen8+: Add RC6 CTX corruption WA linux-signed-arm64 (4.19.67+2+deb10u2~bpo9+1) stretch-backports; urgency=medium . * Sign kernel from linux 4.19.67-2+deb10u2~bpo9+1 . * Rebuild for stretch-backports; no further changes required linux-signed-i386 (4.19.98+1) buster; urgency=medium . * Sign kernel from linux 4.19.98-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.88 - [arm64] clk: meson: gxbb: let sar_adc_clk_div set the parent clock rate - ASoC: compress: fix unsigned integer overflow check - reset: Fix memory leak in reset_control_array_put() - [armhf] clk: samsung: exynos5433: Fix error paths - [armel/marvell,armhf] ASoC: kirkwood: fix external clock probe defer - [armel/marvell,armhf] ASoC: kirkwood: fix device remove ordering - [armhf] clk: samsung: exynos5420: Preserve PLL configuration during suspend/resume - [x86] pinctrl: cherryview: Allocate IRQ chip dynamic - [armhf] dts: imx6qdl-sabreauto: Fix storm of accelerometer interrupts - reset: fix reset_control_ops kerneldoc comment - [armhf,arm64] clk: sunxi: Fix operator precedence in sunxi_divs_clk_setup - [armhf] clk: sunxi-ng: a80: fix the zero'ing of bits 16 and 18 - [armhf] dts: sun8i-a83t-tbs-a711: Fix WiFi resume from suspend - [ppc64el] bpf: Fix tail call implementation - idr: Fix integer overflow in idr_for_each_entry - idr: Fix idr_alloc_u32 on 32-bit systems - [x86] resctrl: Prevent NULL pointer dereference when reading mondata - [armhf] clk: ti: dra7-atl-clock: Remove ti_clk_add_alias call - [armhf] clk: ti: clkctrl: Fix failed to enable error with double udelay timeout - bridge: ebtables: don't crash when using dnat target in output chains - can: peak_usb: report bus recovery as well - can: rx-offload: can_rx_offload_queue_tail(): fix error handling, avoid skb mem leak - can: rx-offload: can_rx_offload_offload_one(): do not increase the skb_queue beyond skb_queue_len_max - can: rx-offload: can_rx_offload_offload_one(): increment rx_fifo_errors on queue overflow or OOM - can: rx-offload: can_rx_offload_offload_one(): use ERR_PTR() to propagate error value in case of errors - can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on error - can: rx-offload: can_rx_offload_irq_offload_fifo(): continue on error - [armhf] can: flexcan: increase error counters if skb enqueueing via can_rx_offload_queue_sorted() fails - [arm64] watchdog: meson: Fix the wrong value of left time - ceph: return -EINVAL if given fsc mount option on kernel w/o support - net/fq_impl: Switch to kvmalloc() for memory allocation - mac80211: fix station inactive_time shortly after boot - block: drbd: remove a stray unlock in __drbd_send_protocol() - scsi: target/tcmu: Fix queue_cmd_ring() declaration - scsi: lpfc: Fix kernel Oops due to null pring pointers - scsi: lpfc: Fix dif and first burst use in write commands - tracing: Lock event_mutex before synth_event_mutex - [armhf] dts: imx*: Fix memory node duplication - [armhf] dts: Fix hsi gdd range for omap4 - [arm64] mm: Prevent mismatched 52-bit VA support - [arm64] smp: Handle errors reported by the firmware - [armhf] bus: ti-sysc: Check for no-reset and no-idle flags at the child level - [arm64] RDMA/hns: Fix the bug while use multi-hop of pbl - [x86] RDMA/vmw_pvrdma: Use atomic memory allocation in create AH - [armhf] PM / AVS: SmartReflex: NULL check before some freeing functions is not needed - xfs: zero length symlinks are not valid - ACPI / LPSS: Ignore acpi_device_fix_up_power() return value - scsi: lpfc: Enable Management features for IF_TYPE=6 - scsi: qla2xxx: Fix NPIV handling for FC-NVMe - scsi: qla2xxx: Fix for FC-NVMe discovery for NPIV port - nvme: provide fallback for discard alloc failure - [s390x] zcrypt: make sysfs reset attribute trigger queue reset - crypto: user - support incremental algorithm dumps - mwifiex: fix potential NULL dereference and use after free - mwifiex: debugfs: correct histogram spacing, formatting - brcmfmac: set F2 watermark to 256 for 4373 - brcmfmac: set SDIO F1 MesBusyCtrl for CYW4373 - rtl818x: fix potential use after free - bcache: do not check if debug dentry is ERR or NULL explicitly on remove - bcache: do not mark writeback_running too early - xfs: require both realtime inodes to mount - nvme: fix kernel paging oops - ubifs: Fix default compression selection in ubifs - ubi: Put MTD device after it is not used - ubi: Do not drop UBI device reference before using - iwlwifi: move iwl_nvm_check_version() into dvm - iwlwifi: mvm: force TCM re-evaluation on TCM resume - iwlwifi: pcie: fix erroneous print - iwlwifi: pcie: set cmd_len in the correct place - [armhf,arm64] gpio: pca953x: Fix AI overflow on PCAL6524 - gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB - [x86] kvm: vmx: Set IA32_TSC_AUX for legacy mode guests - [x86] Revert "KVM: nVMX: reset cache/shadows when switching loaded VMCS" - [x86] Revert "KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode()" - VSOCK: bind to random port for VMADDR_PORT_ANY - [amd64] mmc: meson-gx: make sure the descriptor is stopped on errors - [armhf] mtd: rawnand: sunxi: Write pageprog related opcodes to WCMD_SET - [armhf] usb: ehci-omap: Fix deferred probe for phy handling - btrfs: Check for missing device before bio submission in btrfs_map_bio - btrfs: fix ncopies raid_attr for RAID56 - btrfs: dev-replace: set result code of cancel by status of scrub - Btrfs: allow clear_extent_dirty() to receive a cached extent state record - btrfs: only track ref_heads in delayed_ref_updates - [x86] HID: intel-ish-hid: fixes incorrect error handling - serial: 8250: Rate limit serial port rx interrupts during input overruns - [x86] kprobes/xen: blacklist non-attachable xen interrupt functions - xen/pciback: Check dev_data before using it - kprobes: Blacklist symbols in arch-defined prohibited area - [amd64] kprobes: Show x86-64 specific blacklisted symbols correctly - [armhf] memory: omap-gpmc: Get the header of the enum - net/mlx5: Continue driver initialization despite debugfs failure - netfilter: nf_nat_sip: fix RTP/RTCP source port translations - exofs_mount(): fix leaks on failure exits - bnxt_en: Return linux standard errors in bnxt_ethtool.c - bnxt_en: Save ring statistics before reset. - bnxt_en: query force speeds before disabling autoneg mode. - [s390x] KVM: unregister debug feature on failing arch init - dm flakey: Properly corrupt multi-page bios. - gfs2: take jdata unstuff into account in do_grow - dm raid: fix false -EBUSY when handling check/repair message - xfs: Align compat attrlist_by_handle with native implementation. - xfs: Fix bulkstat compat ioctls on x32 userspace. - IB/qib: Fix an error code in qib_sdma_verbs_send() - vxlan: Fix error path in __vxlan_dev_create() - [ppc64el] xmon: fix dump_segments() - drivers/regulator: fix a missing check of return value - Bluetooth: hci_bcm: Handle specific unknown packets after firmware loading - RDMA/srp: Propagate ib_post_send() failures to the SCSI mid-layer - scsi: qla2xxx: deadlock by configfs_depend_item - scsi: csiostor: fix incorrect dma device in case of vport - brcmfmac: Fix access point mode - ath6kl: Only use match sets when firmware supports it - ath6kl: Fix off by one error in scan completion - [ppc64el] perf: Fix unit_sel/cache_sel checks - [ppc64el] prom: fix early DEBUG messages - [ppc64el] mm: Make NULL pointer deferences explicit on bad page faults. - [ppc64el] vfio/spapr_tce: Get rid of possible infinite loop - [ppc64el] powernv/eeh/npu: Fix uninitialized variables in opal_pci_eeh_freeze_status - drbd: ignore "all zero" peer volume sizes in handshake - drbd: reject attach of unsuitable uuids even if connected - drbd: do not block when adjusting "disk-options" while IO is frozen - drbd: fix print_st_err()'s prototype to match the definition - IB/rxe: Make counters thread safe - bpf/cpumap: make sure frame_size for build_skb is aligned if headroom isn't - [armhf] regulator: tps65910: fix a missing check of return value - [ppc64el] powerpc/pseries: Fix node leak in update_lmb_associativity_index() - net/netlink_compat: Fix a missing check of nla_parse_nested - net/net_namespace: Check the return value of register_pernet_subsys() - f2fs: fix block address for __check_sit_bitmap - f2fs: fix to dirty inode synchronously - [armhf] net: dsa: bcm_sf2: Propagate error value from mdio_write - atl1e: checking the status of atl1e_write_phy_reg - tipc: fix a missing check of genlmsg_put - net: marvell: fix a missing check of acpi_match_device - ocfs2: clear journal dirty flag after shutdown journal - vmscan: return NODE_RECLAIM_NOSCAN in node_reclaim() when CONFIG_NUMA is n - mm/page_alloc.c: free order-0 pages through PCP in page_frag_free() - mm/page_alloc.c: use a single function to free page - mm/page_alloc.c: deduplicate __memblock_free_early() and memblock_free() - netfilter: nf_tables: fix a missing check of nla_put_failure - xprtrdma: Prevent leak of rpcrdma_rep objects - infiniband/qedr: Potential null ptr dereference of qp - lib/genalloc.c: fix allocation of aligned buffer from non-aligned chunk - lib/genalloc.c: use vzalloc_node() to allocate the bitmap - drivers/base/platform.c: kmemleak ignore a known leak - lib/genalloc.c: include vmalloc.h - mtd: Check add_mtd_device() ret code - tipc: fix memory leak in tipc_nl_compat_publ_dump - net/core/neighbour: tell kmemleak about hash tables - [armhf,arm64] ata: ahci: mvebu: do Armada 38x configuration only on relevant SoCs - PCI/MSI: Return -ENOSPC from pci_alloc_irq_vectors_affinity() - net/core/neighbour: fix kmemleak minimal reference count for hash tables - serial: 8250: Fix serial8250 initialization crash - [armhf] gpu: ipu-v3: pre: don't trigger update if buffer address doesn't change - sfc: suppress duplicate nvmem partition types in efx_ef10_mtd_probe - ip_tunnel: Make none-tunnel-dst tunnel port work with lwtunnel - decnet: fix DN_IFREQ_SIZE - net/smc: prevent races between smc_lgr_terminate() and smc_conn_free() - net/smc: don't wait for send buffer space when data was already sent - mm/hotplug: invalid PFNs from pfn_to_online_page() - xfs: end sync buffer I/O properly on shutdown error - net/smc: fix sender_free computation - blktrace: Show requests without sector - net/smc: fix byte_order for rx_curs_confirmed - tipc: fix skb may be leaky in tipc_link_input - sfc: initialise found bitmap in efx_ef10_mtd_probe - geneve: change NET_UDP_TUNNEL dependency to select - net: fix possible overflow in __sk_mem_raise_allocated() - net: ip_gre: do not report erspan_ver for gre or gretap - net: ip6_gre: do not report erspan_ver for ip6gre or ip6gretap - sctp: don't compare hb_timer expire date before starting it - bpf: decrease usercnt if bpf_map_new_fd() fails in bpf_map_get_fd_by_id() - mmc: core: align max segment size with logical block size - net: dev: Use unsigned integer as an argument to left-shift - kvm: properly check debugfs dentry before using it - bpf: drop refcount if bpf_map_new_fd() fails in map_create() - [arm64] net: hns3: Change fw error code NOT_EXEC to NOT_SUPPORTED - [arm64] net: hns3: fix PFC not setting problem for DCB module - [arm64] net: hns3: fix an issue for hclgevf_ae_get_hdev - [arm64] net: hns3: fix an issue for hns3_update_new_int_gl - [x86] iommu/amd: Fix NULL dereference bug in match_hid_uid - apparmor: delete the dentry in aafs_remove() to avoid a leak - scsi: libsas: Support SATA PHY connection rate unmatch fixing during discovery - ACPI / APEI: Don't wait to serialise with oops messages when panic()ing - ACPI / APEI: Switch estatus pool to use vmalloc memory - [arm64] scsi: hisi_sas: shutdown axi bus to avoid exception CQ returned - scsi: libsas: Check SMP PHY control function result - [arm64] RDMA/hns: Fix the bug with updating rq head pointer when flush cqe - [arm64] RDMA/hns: Bugfix for the scene without receiver queue - [arm64] RDMA/hns: Fix the state of rereg mr - [arm64] RDMA/hns: Use GFP_ATOMIC in hns_roce_v2_modify_qp - ASoC: rt5645: Headphone Jack sense inverts on the LattePanda board - [ppc64el] pseries/dlpar: Fix a missing check in dlpar_parse_cc_property() (CVE-2019-12614) - xdp: fix cpumap redirect SKB creation bug - mtd: Remove a debug trace in mtdpart.c - [s390x] mm, gup: add missing refcount overflow checks on s390 - [armhf,arm64] usb: dwc2: use a longer core rest timeout in dwc2_core_reset() - staging: rtl8192e: fix potential use after free - staging: rtl8723bs: Drop ACPI device ids - staging: rtl8723bs: Add 024c:0525 to the list of SDIO device-ids - USB: serial: ftdi_sio: add device IDs for U-Blox C099-F9P - [x86] mei: bus: prefix device names on bus with the bus name - [x86] mei: me: add comet point V device id - thunderbolt: Power cycle the router if NVM authentication fails - xfrm: Fix memleak on xfrm state destroy - media: v4l2-ctrl: fix flags for DO_WHITE_BALANCE - [arm64] net: macb: fix error format in dev_err() - pwm: Clear chip_data in pwm_put() - macvlan: schedule bc_work even if error - net: psample: fix skb_over_panic - openvswitch: fix flow command message size - sctp: Fix memory leak in sctp_sf_do_5_2_4_dupcook - slip: Fix use-after-free Read in slip_open - openvswitch: drop unneeded BUG_ON() in ovs_flow_cmd_build_info() - openvswitch: remove another BUG_ON() - tipc: fix link name length check - sctp: cache netns in sctp_ep_common - net: sched: fix `tc -s class show` no bstats on class with nolock subqueues - [arm64] net: macb: add missed tasklet_kill - ext4: add more paranoia checking in ext4_expand_extra_isize handling (CVE-2019-19767) - [arm64] net: macb: Fix SUBNS increment and increase resolution - [arm64] net: macb driver, check for SKBTX_HW_TSTAMP - mtd: spi-nor: cast to u64 to avoid uint overflows - tcp: exit if nothing to retransmit on RTO timeout - HID: core: check whether Usage Page item is after Usage ID items - [x86] platform: hp-wmi: Fix ACPI errors caused by too small buffer - [x86] platform: hp-wmi: Fix ACPI errors caused by passing 0 as input size https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.89 - rsi: release skb if rsi_prepare_beacon fails (CVE-2019-19071) - [arm64] tegra: Fix 'active-low' warning for Jetson TX1 regulator - usb: gadget: u_serial: add missing port entry locking - [arm64] tty: serial: msm_serial: Fix flow control - [armhf,arm64] serial: pl011: Fix DMA ->flush_buffer() - serial: serial_core: Perform NULL checks for break_ctl ops - autofs: fix a leak in autofs_expire_indirect() - [arm64] RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN - iwlwifi: pcie: don't consider IV len in A-MSDU - exportfs_decode_fh(): negative pinned may become positive without the parent locked - audit_get_nd(): don't unlock parent too early - xfrm: release device reference for invalid state - sched/core: Avoid spurious lock dependencies - perf/core: Consistently fail fork on allocation failures - ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed() - [armhf,arm64] drm/sun4i: tcon: Set min division of TCON0_DCLK to 1. - rsxx: add missed destroy_workqueue calls in remove - i2c: core: fix use after free in of_i2c_notify - serial: core: Allow processing sysrq at port unlock time - cxgb4vf: fix memleak in mac_hlist initialization - iwlwifi: mvm: synchronize TID queue removal - iwlwifi: trans: Clear persistence bit when starting the FW - iwlwifi: mvm: Send non offchannel traffic via AP sta - [armhf] 8813/1: Make aligned 2-byte getuser()/putuser() atomic on ARMv6+ - audit: Embed key into chunk - netfilter: nf_tables: don't use position attribute on rule replacement - net/mlx5: Release resource on error flow - [arm64] clk: sunxi-ng: a64: Fix gate bit of DSI DPHY - ice: Fix NVM mask defines - dlm: fix possible call to kfree() for non-initialized pointer - [armhf] dts: exynos: Fix LDO13 min values on Odroid XU3/XU4/HC1 - [armhf,arm64] rtc: max77686: Fix the returned value in case of error in 'max77686_rtc_read_time()' - i40e: don't restart nway if autoneg not supported - virtchnl: Fix off by one error - [armhf] clk: rockchip: fix rk3188 sclk_smc gate data - [armhf] clk: rockchip: fix rk3188 sclk_mac_lbtest parameter ordering - [armhf] dts: rockchip: Fix rk3288-rock2 vcc_flash name - dlm: fix missing idr_destroy for recover_idr - [armhf,arm64] net: dsa: mv88e6xxx: Work around mv886e6161 SERDES missing MII_PHYSID2 - [s390x] scsi: zfcp: update kernel message for invalid FCP_CMND length, it's not the CDB - [s390x] scsi: zfcp: drop default switch case which might paper over missing case - [armhf] bus: ti-sysc: Fix getting optional clocks in clock_roles - [armhf] dts: imx6: RDU2: fix eGalax touchscreen node - crypto: ecc - check for invalid values in the key verification test - crypto: bcm - fix normal/non key hash algorithm failure - [arm64] dts: zynqmp: Fix node names which contain "_" - [arm64] pinctrl: qcom: ssbi-gpio: fix gpio-hog related boot issues - [arm*] firmware: raspberrypi: Fix firmware calls with large buffers - mm/vmstat.c: fix NUMA statistics updates - [arm64] clk: rockchip: fix I2S1 clock gate register for rk3328 - [arm64] clk: rockchip: fix ID of 8ch clock of I2S1 for rk3328 - sctp: count sk_wmem_alloc by skb truesize in sctp_packet_transmit - regulator: Fix return value of _set_load() stub - USB: serial: f81534: fix reading old/new IC config - xfs: extent shifting doesn't fully invalidate page cache - net-next/hinic:fix a bug in set mac address - net-next/hinic: fix a bug in rx data flow - ice: Fix return value from NAPI poll - ice: Fix possible NULL pointer de-reference - iomap: FUA is wrong for DIO O_DSYNC writes into unwritten extents - iomap: sub-block dio needs to zeroout beyond EOF - iomap: dio data corruption and spurious errors when pipes fill - iomap: readpages doesn't zero page tail beyond EOF - iw_cxgb4: only reconnect with MPAv1 if the peer aborts - [mips*/octeon] octeon-platform: fix typing - net/smc: use after free fix in smc_wr_tx_put_slot() - [armhf] dts: exynos: Use Samsung SoC specific compatible for DWC2 module - media: pulse8-cec: return 0 when invalidating the logical address - media: cec: report Vendor ID after initialization - iwlwifi: fix cfg structs for 22000 with different RF modules - net/ipv6: re-do dad when interface has IFF_NOARP flag change - [x86] dmaengine: dw-dmac: implement dma protection control setting - [armhf,arm64] usb: dwc3: debugfs: Properly print/set link state for HS - [armhf,arm64] usb: dwc3: don't log probe deferrals; but do log other error codes - ACPI: fix acpi_find_child_device() invocation in acpi_preset_companion() - f2fs: fix to account preflush command for noflush_merge mode - f2fs: fix count of seg_freed to make sec_freed correct - f2fs: change segment to section in f2fs_ioc_gc_range - [armhf] dts: rockchip: Fix the PMU interrupt number for rv1108 - [armhf] dts: rockchip: Assign the proper GPIO clocks for rv1108 - f2fs: fix to allow node segment for GC by ioctl path - nvme: Free ctrl device name on init failure - dma-mapping: fix return type of dma_set_max_seg_size() - [armhf] serial: imx: fix error handling in console_setup - [armhf] i2c: imx: don't print error message on probe defer - [arm64] clk: meson: Fix GXL HDMI PLL fractional bits width - [armhf,arm64] gpu: host1x: Fix syncpoint ID field size on Tegra186 - lockd: fix decoding of TEST results - sctp: increase sk_wmem_alloc when head->truesize is increased - [x86] iommu/amd: Fix line-break in error log reporting - [armhf] dts: sun8i: a23/a33: Fix OPP DTC warnings - [armhf] dts: sun8i: v3s: Change pinctrl nodes to avoid warning - nfsd: fix a warning in __cld_pipe_upcall() - bpf: btf: implement btf_name_valid_identifier() - bpf: btf: check name validity for various types - [armhf] OMAP1/2: fix SoC name printing - [arm64] dts: meson-gxl-libretech-cc: fix GPIO lines names - [arm64] dts: meson-gxbb-nanopi-k2: fix GPIO lines names - [arm64] dts: meson-gxbb-odroidc2: fix GPIO lines names - [arm64] dts: meson-gxl-khadas-vim: fix GPIO lines names - net/x25: fix called/calling length calculation in x25_parse_address_block - net/x25: fix null_x25_address handling - tcp: make tcp_space() aware of socket backlog - tcp: fix off-by-one bug on aborting window-probing socket - tcp: fix SNMP under-estimation on failed retransmission - tcp: fix SNMP TCP timeout under-estimation - kbuild: fix single target build for external module - mtd: fix mtd_oobavail() incoherent returned value - [arm64] clk: meson: meson8b: fix the offset of vid_pll_dco's N value - [armhf,arm64] clk: sunxi-ng: h3/h5: Fix CSI_MCLK parent - [arm64] clk: qcom: Fix MSM8998 resets - dlm: fix invalid cluster name warning - net/mlx4_core: Fix return codes of unsupported operations - pstore/ram: Avoid NULL deref in ftrace merging failure path - [mips*/octeon] cvmx_pko_mem_debug8: use oldest forward compatible definition - nfsd: Return EPERM, not EACCES, in some SETATTR cases - media: uvcvideo: Abstract streaming object lifetime - [armhf] dts: sun8i: h3: Fix the system-control register range - tty: Don't block on IO when ldisc change is pending - media: stkwebcam: Bugfix for wrong return values - sctp: frag_point sanity check - IB/hfi1: Ignore LNI errors before DC8051 transitions to Polling state - IB/hfi1: Close VNIC sdma_progress sleep window - mlx4: Use snprintf instead of complicated strcpy - [armhf] dts: sunxi: Fix PMU compatible strings - [armhf] dts: am335x-pdu001: Fix polarity of card detection input - net: aquantia: fix RSS table and key sizes - sched/fair: Scale bandwidth quota and period without losing quota/period ratio precision - fuse: verify nlink - fuse: verify attributes - [x86] ALSA: hda/realtek - Enable internal speaker of ASUS UX431FLC - [x86] ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop - [x86] ALSA: hda/realtek - Dell headphone has noise on unmute for ALC236 - ALSA: pcm: oss: Avoid potential buffer overflows - [x86] ALSA: hda - Add mute led support for HP ProBook 645 G4 - [x86] Input: synaptics - switch another X1 Carbon 6 to RMI/SMbus - [x86] Input: synaptics-rmi4 - re-enable IRQs in f34v7_do_reflash - [x86] Input: synaptics-rmi4 - don't increment rmiaddr for SMBus transfers - [x86] Input: goodix - add upside-down quirk for Teclast X89 tablet - Input: Fix memory leak in psxpad_spi_probe - [i386] mm: Sync only to VMALLOC_END in vmalloc_sync_all() - [x86] PCI: Avoid AMD FCH XHCI USB PME# from D0 defect - xfrm interface: fix memory leak on creation - xfrm interface: avoid corruption on changelink - xfrm interface: fix list corruption for x-netns - xfrm interface: fix management of phydev - CIFS: Fix NULL-pointer dereference in smb2_push_mandatory_locks - CIFS: Fix SMB2 oplock break processing - tty: vt: keyboard: reject invalid keycodes - can: slcan: Fix use-after-free Read in slcan_open - kernfs: fix ino wrap-around detection - jbd2: Fix possible overflow in jbd2_log_space_left() - [arm64] drm/msm: fix memleak on release - [i386] drm/i810: Prevent underflow in ioctl - [armhf,arm64] KVM: vgic: Don't rely on the wrong pending table - [x86] KVM: do not modify masked bits of shared MSRs - [x86] KVM: fix presentation of TSX feature in ARCH_CAPABILITIES - [x86] KVM: Grab KVM's srcu lock when setting nested state - crypto: af_alg - cast ki_complete ternary op to int - [x86] crypto: ccp - fix uninitialized list head - crypto: ecdh - fix big endian bug in ECC library - crypto: user - fix memory leak in crypto_report (CVE-2019-19062) - mwifiex: update set_mac_address logic - can: ucan: fix non-atomic allocation in completion handler - RDMA/qib: Validate ->show()/store() callbacks before calling them - iomap: Fix pipe page leakage during splicing - thermal: Fix deadlock in thermal thermal_zone_device_check - vcs: prevent write access to vcsu devices (CVE-2019-19252) - binder: Fix race between mmap() and binder_alloc_print_pages() - binder: Handle start==NULL in binder_update_page_range() - ALSA: hda - Fix pending unsol events at shutdown - perf script: Fix invalid LBR/binary mismatch error - splice: don't read more than available pipe space - iomap: partially revert 4721a601099 (simulated directio short read on EFAULT) - xfs: add missing error check in xfs_prepare_shift() - ASoC: rsnd: fixup MIX kctrl registration - [x86] KVM: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332) - net: qrtr: fix memort leak in qrtr_tun_write_iter (CVE-2019-19079) - appletalk: Fix potential NULL pointer dereference in unregister_snap_client (CVE-2019-19227) - appletalk: Set error code if register_snap_client failed https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.90 - usb: gadget: configfs: Fix missing spin_lock_init() - [x86] usb: gadget: pch_udc: fix use after free - scsi: qla2xxx: Fix driver unload hang - [arm64] media: venus: remove invalid compat_ioctl32 handler - USB: uas: honor flag to avoid CAPACITY16 - USB: uas: heed CAPACITY_HEURISTICS - usb: Allow USB device to be warm reset in suspended state - staging: rtl8188eu: fix interface sanity check - staging: rtl8712: fix interface sanity check - staging: gigaset: fix general protection fault on probe - staging: gigaset: fix illegal free on probe errors - staging: gigaset: add endpoint-type sanity check - usb: xhci: only set D3hot for pci device - xhci: Fix memory leak in xhci_add_in_port() - xhci: Increase STS_HALT timeout in xhci_suspend() - xhci: handle some XHCI_TRUST_TX_LENGTH quirks cases as default behaviour. - [armhf] dts: pandora-common: define wl1251 as child node of mmc3 - [x86] iio: imu: inv_mpu6050: fix temperature reporting using bad unit - USB: atm: ueagle-atm: add missing endpoint check - USB: idmouse: fix interface sanity checks - USB: serial: io_edgeport: fix epic endpoint lookup - usb: roles: fix a potential use after free - USB: adutux: fix interface sanity check - usb: core: urb: fix URB structure initialization function - usb: mon: Fix a deadlock in usbmon between mmap and read - tpm: add check after commands attribs tab allocation - virtio-balloon: fix managed page counts when migrating pages between zones - [armhf,arm64] usb: dwc3: gadget: Fix logical condition - [armhf,arm64] usb: dwc3: ep0: Clear started flag on completion - btrfs: check page->mapping when loading free space cache - btrfs: use refcount_inc_not_zero in kill_all_nodes - Btrfs: fix metadata space leak on fixup worker failure to set range as delalloc - Btrfs: fix negative subv_writers counter and data space leak after buffered write - btrfs: Avoid getting stuck during cyclic writebacks - btrfs: Remove btrfs_bio::flags member - Btrfs: send, skip backreference walking for extents with many references - btrfs: record all roots for rename exchange on a subvol - rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address - rtlwifi: rtl8192de: Fix missing callback that tests for hw release of buffer - rtlwifi: rtl8192de: Fix missing enable interrupt flag - ovl: fix corner case of non-unique st_dev;st_ino - ovl: relax WARN_ON() on rename to self - [armhf] hwrng: omap - Fix RNG wait loop timeout - dm writecache: handle REQ_FUA - dm zoned: reduce overhead of backing device checks - workqueue: Fix spurious sanity check failures in destroy_workqueue() - workqueue: Fix pwq ref leak in rescuer_thread() - ASoC: rt5645: Fixed buddy jack support. - ASoC: rt5645: Fixed typo for buddy jack support. - ASoC: Jack: Fix NULL pointer dereference in snd_soc_jack_report - md: improve handling of bio with REQ_PREFLUSH in md_flush_request() - blk-mq: avoid sysfs buffer overflow with too many CPU cores - cgroup: pids: use atomic64_t for pids->limit - ar5523: check NULL before memcpy() in ar5523_cmd() - [s390x] mm: properly clear _PAGE_NOEXEC bit when it is not supported - media: cec.h: CEC_OP_REC_FLAG_ values were swapped - cpuidle: Do not unset the driver if it is there already - erofs: zero out when listxattr is called with no xattr - [x86] intel_th: Fix a double put_device() in error path - [x86] intel_th: pci: Add Ice Lake CPU support - [x86] intel_th: pci: Add Tiger Lake CPU support - PM / devfreq: Lock devfreq in trans_stat_show - [ppc64el] cpufreq: powernv: fix stack bloat and hard limit on number of CPUs - ACPI / hotplug / PCI: Allocate resources directly under the non-hotplug bridge - ACPI: OSL: only free map once in osl.c - ACPI: bus: Fix NULL pointer check in acpi_bus_get_private_data() - ACPI: PM: Avoid attaching ACPI PM domain to certain devices - [arm64] pinctrl: armada-37xx: Fix irq mask access in armada_37xx_irq_set_type() - [armhf] pinctrl: samsung: Add of_node_put() before return in error path - [armhf] pinctrl: samsung: Fix device node refcount leaks in Exynos wakeup controller init - [armhf] pinctrl: samsung: Fix device node refcount leaks in init code - [armhf] mmc: host: omap_hsmmc: add code for special init of wl1251 to get rid of pandora_wl1251_init_card - [armhf] dts: omap3-tao3530: Fix incorrect MMC card detection GPIO polarity - ppdev: fix PPGETTIME/PPSETTIME ioctls - [ppc64el] Allow 64bit VDSO __kernel_sync_dicache to work across ranges >4GB - [ppc64el] xive: Prevent page fault issues in the machine crash handler - [ppc64el] Allow flush_icache_range to work across ranges >4GB - [ppc64el] xive: Skip ioremap() of ESB pages for LSI interrupts - video/hdmi: Fix AVI bar unpack - quota: Check that quota is not dirty before release - ext2: check err when partial != NULL - quota: fix livelock in dquot_writeback_dquots - ext4: Fix credit estimate for final inode freeing - reiserfs: fix extended attributes on the root directory - block: fix single range discard merge - [s390x] scsi: zfcp: trace channel log even for FCP command responses - scsi: qla2xxx: Fix DMA unmap leak - scsi: qla2xxx: Fix hang in fcport delete path - scsi: qla2xxx: Fix session lookup in qlt_abort_work() - scsi: qla2xxx: Fix qla24xx_process_bidir_cmd() - scsi: qla2xxx: Always check the qla2x00_wait_for_hba_online() return value - scsi: qla2xxx: Fix message indicating vectors used by driver - scsi: qla2xxx: Fix SRB leak on switch command timeout - xhci: make sure interrupts are restored to correct state - usb: typec: fix use after free in typec_register_port() - [armhf] omap: pdata-quirks: remove openpandora quirks for mmc3 and wl1251 - scsi: lpfc: Cap NPIV vports to 256 - scsi: lpfc: Correct code setting non existent bits in sli4 ABORT WQE - scsi: lpfc: Correct topology type reporting on G7 adapters - sch_cake: Correctly update parent qlen when splitting GSO packets - net/smc: do not wait under send_lock - [arm64] net: hns3: clear pci private data when unload hns3 driver - [arm64] net: hns3: change hnae3_register_ae_dev() to int - [arm64] net: hns3: Check variable is valid before assigning it to another - [arm64] scsi: hisi_sas: send primitive NOTIFY to SSP situation only - [arm64] scsi: hisi_sas: Reject setting programmed minimum linkrate > 1.5G - [x86] MCE/AMD: Turn off MC4_MISC thresholding on all family 0x15 models - [x86] MCE/AMD: Carve out the MC4_MISC thresholding quirk - ath10k: fix fw crash by moving chip reset after napi disabled - [ppc64el] Fix vDSO clock_getres() - ext4: work around deleting a file with i_nlink == 0 safely (CVE-2019-19447) - mm/shmem.c: cast the type of unmap_start to u64 - rtc: disable uie before setting time and enable after - splice: only read in as much information as there is pipe buffer space - ext4: fix a bug in ext4_wait_for_tail_page_commit - [armhf,arm64] mfd: rk808: Fix RK818 ID template - mm, thp, proc: report THP eligibility for each vma - [s390x] smp,vdso: fix ASCE handling - blk-mq: make sure that line break can be printed - workqueue: Fix missing kfree(rescuer) in destroy_workqueue() - perf callchain: Fix segfault in thread__resolve_callchain_sample() - gre: refetch erspan header from skb->data after pskb_may_pull() - sunrpc: fix crash when cache_head become valid before update - net/mlx5e: Fix SFF 8472 eeprom length - leds: trigger: netdev: fix handling on interface rename - gfs2: fix glock reference problem in gfs2_trans_remove_revoke - of: overlay: add_changeset_property() memory leak - kernel/module.c: wakeup processes in module_wq on module unload - cifs: Fix potential softlockups while refreshing DFS cache - [x86] gpiolib: acpi: Add Terra Pad 1061 to the run_edge_events_on_boot_blacklist - raid5: need to set STRIPE_HANDLE for batch head - scsi: qla2xxx: Change discovery state before PLOGI - [x86] iio: imu: mpu6050: add missing available scan masks - idr: Fix idr_get_next_ul race with idr_remove - of: unittest: fix memory leak in attach_node_and_children https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.91 - inet: protect against too small mtu values. - mqprio: Fix out-of-bounds access in mqprio_dump - net: bridge: deny dev_set_mac_address() when unregistering - net: dsa: fix flow dissection on Tx path - net: ethernet: ti: cpsw: fix extra rx interrupt - net: sched: fix dump qlen for sch_mq/sch_mqprio with NOLOCK subqueues - [arm64] net: thunderx: start phy before starting autonegotiation - openvswitch: support asymmetric conntrack - tcp: md5: fix potential overestimation of TCP option space - tipc: fix ordering of tipc module init and exit routine - net/mlx5e: Query global pause state before setting prio2buffer - tcp: fix rejected syncookies due to stale timestamps - tcp: tighten acceptance of ACKs not matching a child socket - tcp: Protect accesses to .ts_recent_stamp with {READ,WRITE}_ONCE() - [arm64] Revert "arm64: preempt: Fix big-endian when checking preempt count in assembly" - mmc: block: Make card_busy_detect() a bit more generic - mmc: block: Add CMD13 polling for MMC IOCTLS with R1B response - PCI/PM: Always return devices to D0 when thawing - PCI: pciehp: Avoid returning prematurely from sysfs requests - [x86] PCI: Fix Intel ACS quirk UPDCR register address - PCI/MSI: Fix incorrect MSI-X masking on resume - [arm64] PCI: Apply Cavium ACS quirk to ThunderX2 and ThunderX3 - [arm64] rpmsg: glink: Set tail pointer to 0 at end of FIFO - [arm64] rpmsg: glink: Fix reuse intents memory leak issue - [arm64] rpmsg: glink: Fix use after free in open_ack TIMEOUT case - [arm64] rpmsg: glink: Put an extra reference during cleanup - [arm64] rpmsg: glink: Fix rpmsg_register_device err handling - [arm64] rpmsg: glink: Don't send pending rx_done during remove - [arm64] rpmsg: glink: Free pending deferred work on remove - cifs: smbd: Return -EAGAIN when transport is reconnecting - cifs: smbd: Add messages on RDMA session destroy and reconnection - cifs: smbd: Return -EINVAL when the number of iovs exceeds SMBDIRECT_MAX_SGE - cifs: Don't display RDMA transport on reconnect - CIFS: Respect O_SYNC and O_DIRECT flags during reconnect - CIFS: Close open handle after interrupted close - [armhf] tegra: Fix FLOW_CTLR_HALT register clobbering by tegra_resume() - vfio/pci: call irq_bypass_unregister_producer() before freeing irq - dma-buf: Fix memory leak in sync_file_merge() - [arm64] drm: meson: venc: cvbs: fix CVBS mode matching - dm mpath: remove harmful bio-based optimization - dm btree: increase rebalance threshold in __rebalance2() - scsi: iscsi: Fix a potential deadlock in the timeout handler - scsi: qla2xxx: Change discovery state before PLOGI - drm/radeon: fix r1xx/r2xx register checker for POT textures - xhci: fix USB3 device initiated resume race with roothub autosuspend https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.92 - af_packet: set defaule value for tmo - [amd64] fjes: fix missed check in fjes_acpi_add - [arm64] net: hisilicon: Fix a BUG trigered by wrong bytes_compl - net: qlogic: Fix error paths in ql_alloc_large_buffers() - net: usb: lan78xx: Fix suspend/resume PHY register access error - qede: Disable hardware gro when xdp prog is installed - qede: Fix multicast mac configuration - sctp: fully initialize v4 addr in some functions - btrfs: don't double lock the subvol_sem for rename exchange - btrfs: do not call synchronize_srcu() in inode_tree_del - Btrfs: fix missing data checksums after replaying a log tree - btrfs: send: remove WARN_ON for readonly mount - btrfs: abort transaction after failed inode updates in create_subvol - btrfs: skip log replay on orphaned roots - btrfs: do not leak reloc root if we fail to read the fs root - btrfs: handle ENOENT in btrfs_uuid_tree_iterate - Btrfs: fix removal logic of the tree mod log that leads to use-after-free issues - ALSA: pcm: Avoid possible info leaks from PCM stream buffers - ALSA: hda/ca0132 - Keep power on during processing DSP response - ALSA: hda/ca0132 - Avoid endless loop - ALSA: hda/ca0132 - Fix work handling in delayed HP detection - [arm64,armhf] drm/panel: Add missing drm_panel_init() in panel drivers - drm/amdgpu: grab the id mgr lock while accessing passid_mapping - spi: Add call to spi_slave_abort() function when spidev driver is released - [x86] staging: rtl8192u: fix multiple memory leaks on error path - staging: rtl8188eu: fix possible null dereference - rtlwifi: prevent memory leak in rtl_usb_probe (CVE-2019-19063) - libertas: fix a potential NULL pointer dereference - ath10k: fix backtrace on coredump - IB/iser: bound protection_sg size by data_sg size - [arm64] media: venus: core: Fix msm8996 frequency table - ath10k: fix offchannel tx failure when no ath10k_mac_tx_frm_has_freq - pinctrl: devicetree: Avoid taking direct reference to device name string - [amd64] drm/amdkfd: fix a potential NULL pointer dereference - [arm64] media: venus: Fix occasionally failures to suspend - [armhf] hwrng: omap3-rom - Call clk_disable_unprepare() on exit only if not idled - media: flexcop-usb: fix NULL-ptr deref in flexcop_usb_transfer_init() - [arm64,armhf] drm/bridge: dw-hdmi: Refuse DDC/CI transfers on the internal I2C controller - block: Fix writeback throttling W=1 compiler warnings - mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring (CVE-2019-19057) - drm/drm_vblank: Change EINVAL by the correct errno - media: cx88: Fix some error handling path in 'cx8800_initdev()' - [armhf] media: ti-vpe: vpe: Fix Motion Vector vpdma stride - [armhf] media: ti-vpe: vpe: fix a v4l2-compliance warning about invalid pixel format - [armhf] media: ti-vpe: vpe: fix a v4l2-compliance failure about frame sequence number - [armhf] media: ti-vpe: vpe: Make sure YUYV is set as default format - [armhf] media: ti-vpe: vpe: fix a v4l2-compliance failure causing a kernel panic - [armhf] media: ti-vpe: vpe: ensure buffers are cleaned up properly in abort cases - [armhf] media: ti-vpe: vpe: fix a v4l2-compliance failure about invalid sizeimage - [x86] syscalls/x86: Use the correct function type in SYSCALL_DEFINE0 - [x86] mm: Use the correct function type for native_set_fixmap() - ath10k: Correct error handling of dma_map_single() - [arm64,armhf] drm/bridge: dw-hdmi: Restore audio when setting a mode - perf report: Add warning when libunwind not compiled in - usb: usbfs: Suppress problematic bind and unbind uevents. - Bluetooth: missed cpu_to_le16 conversion in hci_init4_req - Bluetooth: Workaround directed advertising bug in Broadcom controllers - Bluetooth: hci_core: fix init for HCI_USER_CHANNEL - [x86] mce: Lower throttling MCE messages' priority to warning - [x86] drm/gma500: fix memory disclosures due to uninitialized bytes - rtl8xxxu: fix RTL8723BU connection failure issue after warm reboot - ipmi: Don't allow device module unload when in use - [x86] ioapic: Prevent inconsistent state when moving an interrupt - md/bitmap: avoid race window between md_bitmap_resize and bitmap_file_clear_bit - [arm64] psci: Reduce the waiting time for cpu_psci_cpu_kill() - i40e: initialize ITRN registers with correct values - net: phy: dp83867: enable robust auto-mdix - [arm64,armhf] drm/tegra: sor: Use correct SOR index on Tegra210 - ACPI: button: Add DMI quirk for Medion Akoya E2215T - RDMA/qedr: Fix memory leak in user qp and mr - [arm64,armhf] gpu: host1x: Allocate gather copy for host1x - [arm64,armhf] net: dsa: LAN9303: select REGMAP when LAN9303 enable - [arm64] phy: qcom-usb-hs: Fix extcon double register after power cycle - [s390x] time: ensure get_clock_monotonic() returns monotonic values - [s390x] mm: add mm_pxd_folded() checks to pxd_free() - [arm64] net: hns3: add struct netdev_queue debug info for TX timeout - libata: Ensure ata_port probe has completed before detach - loop: fix no-unmap write-zeroes request behavior - Bluetooth: Fix advertising duplicated flags - pinctrl: amd: fix __iomem annotation in amd_gpio_irq_handler() - ixgbe: protect TX timestamping from API misuse - media: rcar_drif: fix a memory disclosure (CVE-2019-18786) - media: v4l2-core: fix touch support in v4l_g_fmt - rfkill: allocate static minor - bnx2x: Fix PF-VF communication over multi-cos queues. - ALSA: timer: Limit max amount of slave instances - rtlwifi: fix memory leak in rtl92c_set_fw_rsvdpagepkt() - perf probe: Fix to find range-only function instance - perf probe: Fix to list probe event with correct line number - perf jevents: Fix resource leak in process_mapfile() and main() - perf probe: Walk function lines in lexical blocks - perf probe: Fix to probe an inline function which has no entry pc - perf probe: Fix to show ranges of variables in functions without entry_pc - perf probe: Fix to show inlined function callsite without entry_pc - perf probe: Fix to probe a function which has no entry pc - perf tools: Splice events onto evlist even on error - perf parse: If pmu configuration fails free terms - perf probe: Skip overlapped location on searching variables - perf probe: Return a better scope DIE if there is no best scope - perf probe: Fix to show calling lines of inlined functions - perf probe: Skip end-of-sequence and non statement lines - perf probe: Filter out instances except for inlined subroutine and subprogram - ath10k: fix get invalid tx rate for Mesh metric - media: pvrusb2: Fix oops on tear-down when radio support is not present - ice: delay less - [amd64] spi: pxa2xx: Add missed security checks - ASoC: rt5677: Mark reg RT5677_PWR_ANLG2 as volatile - iio: dac: ad5446: Add support for new AD5600 DAC - [x86] ASoC: Intel: kbl_rt5663_rt5514_max98927: Add dmic format constraint - [s390x] disassembler: don't hide instruction addresses - nvme: Discard workaround for non-conformant devices - parport: load lowlevel driver if ports not found - bcache: fix static checker warning in bcache_device_free() - cpufreq: Register drivers only after CPU devices have been registered - tracing: use kvcalloc for tgid_map array allocation - tracing/kprobe: Check whether the non-suffixed symbol is notrace - bcache: fix deadlock in bcache_allocator - iwlwifi: mvm: fix unaligned read of rx_pkt_status - [arm64] spi: tegra20-slink: add missed clk_unprepare - tun: fix data-race in gro_normal_list() - crypto: virtio - deal with unsupported input sizes - btrfs: don't prematurely free work in end_workqueue_fn() - btrfs: don't prematurely free work in run_ordered_work() - [x86] ASoC: Intel: bytcr_rt5640: Update quirk for Acer Switch 10 SW5-012 2-in-1 - [x86] insn: Add some Intel instructions to the opcode map - brcmfmac: remove monitor interface when detaching - iwlwifi: check kasprintf() return value - [armhf] net: ethernet: ti: ale: clean ale tbl on init and intf restart - [armhf] crypto: sun4i-ss - Fix 64-bit size_t warnings - [armhf] crypto: sun4i-ss - Fix 64-bit size_t warnings on sun4i-ss-hash.c - mac80211: consider QoS Null frames for STA_NULLFUNC_ACKED - net: phy: initialise phydev speed and duplex sanely - btrfs: don't prematurely free work in reada_start_machine_worker() - btrfs: don't prematurely free work in scrub_missing_raid56_worker() - Revert "mmc: sdhci: Fix incorrect switch to HS mode" - can: kvaser_usb: kvaser_usb_leaf: Fix some info-leaks to USB devices (CVE-2019-19947) - usb: xhci: Fix build warning seen with CONFIG_PM=n - [s390x] ftrace: fix endless recursion in function_graph tracer - btrfs: return error pointer from alloc_test_extent_buffer - usbip: Fix receive error in vhci-hcd when using scatter-gather - usbip: Fix error path of vhci_recv_ret_submit() - cpufreq: Avoid leaving stale IRQ work items during CPU offline - [x86] intel_th: pci: Add Comet Lake PCH-V support - [x86] intel_th: pci: Add Elkhart Lake SOC support - [x86] platform/x86: hp-wmi: Make buffer for HPWMI_FEATURE2_QUERY 128 bytes - [x86] staging: comedi: gsc_hpdi: check dma_alloc_coherent() return value - ext4: fix ext4_empty_dir() for directories with holes (CVE-2019-19037) - ext4: check for directory entries too close to block end - ext4: unlock on error in ext4_expand_extra_isize() - [arm64] KVM: Ensure 'params' is initialised when looking up sys register - [x86] MCE/AMD: Do not use rdmsr_safe_on_cpu() in smca_configure() - [x86] MCE/AMD: Allow Reserved types to be overwritten in smca_banks[] - [powerpc*] irq: fix stack overflow verification - [arm64] mmc: sdhci-msm: Correct the offset and value for DDR_CONFIG register - mmc: sdhci: Update the tuning failed messages to pr_debug level - mmc: sdhci: Workaround broken command queuing on Intel GLK - mmc: sdhci: Add a quirk for broken command queuing - nbd: fix shutdown and recv work deadlock - perf probe: Fix to show function entry line as probe-able https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.93 - scsi: lpfc: Fix discovery failures when target device connectivity bounces - scsi: mpt3sas: Fix clear pending bit in ioctl status - scsi: lpfc: Fix locking on mailbox command completion - Input: atmel_mxt_ts - disable IRQ across suspend - f2fs: fix to update time in lazytime mode - [arm64,armhf] iommu: rockchip: Free domain on .domain_free - [arm64,armhf] iommu/tegra-smmu: Fix page tables in > 4 GiB memory - scsi: target: compare full CHAP_A Algorithm strings - scsi: lpfc: Fix SLI3 hba in loop mode not discovering devices - scsi: csiostor: Don't enable IRQs too early - [arm64] scsi: hisi_sas: Replace in_softirq() check in hisi_sas_task_exec() - [ppc64el] pseries: Mark accumulate_stolen_time() as notrace - [ppc64el] pseries: Don't fail hash page table insert for bolted mapping - clocksource/drivers/timer-of: Use unique device name instead of timer - [ppc64el] security/book3s64: Report L1TF status in sysfs - [ppc64el] book3s64/hash: Add cond_resched to avoid soft lockup warning - ext4: update direct I/O read lock pattern for IOCB_NOWAIT - ext4: iomap that extends beyond EOF should be marked dirty - jbd2: Fix statistics for the number of logged blocks - scsi: tracing: Fix handling of TRANSFER LENGTH == 0 for READ(6) and WRITE(6) - scsi: lpfc: Fix duplicate unreg_rpi error in port offline flow - f2fs: fix to update dir's i_pino during cross_rename - [arm64] clk: qcom: Allow constant ratio freq tables for rcg - clk: clk-gpio: propagate rate change to parent - fs/quota: handle overflows of sysctl fs.quota.* and report as unsigned long - scsi: lpfc: fix: Coverity: lpfc_cmpl_els_rsp(): Null pointer dereferences - [ppc64el] PCI: rpaphp: Fix up pointer to first drc-info entry - scsi: ufs: fix potential bug which ends in system hang - [ppc64el] PCI: rpaphp: Don't rely on firmware feature to imply drc-info support - [ppc64el] PCI: rpaphp: Annotate and correctly byte swap DRC properties - [ppc64el] PCI: rpaphp: Correctly match ibm, my-drc-index to drc-name when using drc-info - [ppc64el] powerpc/security: Fix wrong message when RFI Flush is disable - bcache: at least try to shrink 1 node in bch_mca_scan() - HID: quirks: Add quirk for HP MSU1465 PIXART OEM mouse - HID: logitech-hidpp: Silence intermittent get_battery_capacity errors - [armhf] 8937/1: spectre-v2: remove Brahma-B53 from hardening - libnvdimm/btt: fix variable 'rc' set but not used - HID: Improve Windows Precision Touchpad detection. - HID: rmi: Check that the RMI_STARTED bit is set before unregistering the RMI transport device - watchdog: Fix the race between the release of watchdog_core_data and cdev - scsi: pm80xx: Fix for SATA device discovery - scsi: ufs: Fix error handing during hibern8 enter - scsi: scsi_debug: num_tgts must be >= 0 - scsi: iscsi: Don't send data to unbound connection - scsi: target: iscsi: Wait for all commands to finish before freeing a session - apparmor: fix unsigned len comparison with less than zero - scripts/kallsyms: fix definitely-lost memory leak - cdrom: respect device capabilities during opening action - perf script: Fix brstackinsn for AUXTRACE - perf regs: Make perf_reg_name() return "unknown" instead of NULL - [s390x] zcrypt: handle new reply code FILTERED_BY_HYPERVISOR - [s390x] cpum_sf: Check for SDBT and SDB consistency - ocfs2: fix passing zero to 'PTR_ERR' warning - kernel: sysctl: make drop_caches write-only - userfaultfd: require CAP_SYS_PTRACE for UFFD_FEATURE_EVENT_FORK - [x86] mce: Fix possibly incorrect severity calculation on AMD - net, sysctl: Fix compiler warning when only cBPF is present - netfilter: nf_queue: enqueue skbs with NULL dst - ALSA: hda - Downgrade error message for single-cmd fallback - bonding: fix active-backup transition after link failure - perf strbuf: Remove redundant va_end() in strbuf_addv() - Make filldir[64]() verify the directory entry filename is valid (CVE-2019-10220) - filldir[64]: remove WARN_ON_ONCE() for bad directory entries (CVE-2019-10220) - netfilter: ebtables: compat: reject all padding in matches/watchers - 6pack,mkiss: fix possible deadlock - netfilter: bridge: make sure to pull arp header in br_nf_forward_arp() - inetpeer: fix data-race in inet_putpeer / inet_putpeer - net: add a READ_ONCE() in skb_peek_tail() - net: icmp: fix data-race in cmp_global_allow() - hrtimer: Annotate lockless access to timer->state - net: ena: fix napi handler misbehavior when the napi budget is zero - net/mlxfw: Fix out-of-memory error in mfa2 flash burning - [arm64,armhf] net: stmmac: dwmac-meson8b: Fix the RGMII TX delay on Meson8b/8m2 SoCs - ptp: fix the race between the release of ptp_clock and cdev - tcp: Fix highest_sack and highest_sack_seq - udp: fix integer overflow while computing available space in sk_rcvbuf - vhost/vsock: accept only packets with the right dst_cid - net: add bool confirm_neigh parameter for dst_ops.update_pmtu - ip6_gre: do not confirm neighbor when do pmtu update - gtp: do not confirm neighbor when do pmtu update - net/dst: add new function skb_dst_update_pmtu_no_confirm - tunnel: do not confirm neighbor when do pmtu update - vti: do not confirm neighbor when do pmtu update - sit: do not confirm neighbor when do pmtu update - net/dst: do not confirm neighbor for vxlan and geneve pmtu update - gtp: do not allow adding duplicate tid and ms_addr pdp context - [arm64,armhf] net: marvell: mvpp2: phylink requires the link interrupt - tcp/dccp: fix possible race __inet_lookup_established() - tcp: do not send empty skb from tcp_write_xmit() - gtp: fix wrong condition in gtp_genl_dump_pdp() - gtp: fix an use-after-free in ipv4_pdp_find() - gtp: avoid zero size hashtable - [arm64,armhf] pinctrl: baytrail: Really serialize all register accesses https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.94 - nvme_fc: add module to ops template to allow module references - nvme-fc: fix double-free scenarios on hw queues - drm/amdgpu: add check before enabling/disabling broadcast mode - drm/amdgpu: add cache flush workaround to gfx8 emit_fence - PM / devfreq: Fix devfreq_notifier_call returning errno - PM / devfreq: Set scaling_max_freq to max on OPP notifier error - PM / devfreq: Don't fail devfreq_dev_release if not in list - afs: Fix afs_find_server lookups for ipv4 peers - afs: Fix SELinux setting security label on /afs - RDMA/cma: add missed unregister_pernet_subsys in init failure - rxe: correctly calculate iCRC for unaligned payloads - scsi: lpfc: Fix memory leak on lpfc_bsg_write_ebuf_set func - scsi: qla2xxx: Drop superfluous INIT_WORK of del_work - scsi: qla2xxx: Don't call qlt_async_event twice - scsi: qla2xxx: Fix PLOGI payload and ELS IOCB dump length - scsi: qla2xxx: Configure local loop for N2N target - scsi: qla2xxx: Send Notify ACK after N2N PLOGI - scsi: qla2xxx: Ignore PORT UPDATE after N2N PLOGI - scsi: iscsi: qla4xxx: fix double free in probe - scsi: libsas: stop discovering if oob mode is disconnected (CVE-2019-19965) - drm/nouveau: Move the declaration of struct nouveau_conn_atom up a bit - usb: gadget: fix wrong endpoint desc - net: make socket read/write_iter() honor IOCB_NOWAIT - afs: Fix creation calls in the dynamic root to fail with EOPNOTSUPP - md: raid1: check rdev before reference in raid1_sync_request func - [s390x] cpum_sf: Adjust sampling interval to avoid hitting sample limits - [s390x] cpum_sf: Avoid SBD overflow condition in irq handler - IB/mlx4: Follow mirror sequence of device add during device removal - IB/mlx5: Fix steering rule of drop and count - xen-blkback: prevent premature module unload - xen/balloon: fix ballooned page accounting without hotplug enabled - PM / hibernate: memory_bm_find_bit(): Tighten node optimisation - ALSA: hda/realtek - Add Bass Speaker and fixed dac for bass speaker - ALSA: hda/realtek - Enable the bass speaker of ASUS UX431FLC - ALSA: hda - fixup for the bass speaker on Lenovo Carbon X1 7th gen - xfs: fix mount failure crash on invalid iclog memory access - taskstats: fix data-race - drm: limit to INT_MAX in create_blob ioctl - netfilter: nft_tproxy: Fix port selector on Big Endian - ALSA: ice1724: Fix sleep-in-atomic in Infrasonic Quartet support code - ALSA: usb-audio: fix set_format altsetting sanity check - ALSA: usb-audio: set the interface format after resume on Dell WD19 - ALSA: hda/realtek - Add headset Mic no shutup for ALC283 - [arm64,armhf] drm/sun4i: hdmi: Remove duplicate cleanup calls - [mips*] Avoid VDSO ABI breakage due to global register variable - media: pulse8-cec: fix lost cec_transmit_attempt_done() call - media: cec: CEC 2.0-only bcast messages were ignored - media: cec: avoid decrementing transmit_queue_sz if it is 0 - media: cec: check 'transmit_in_progress', not 'transmitting' - mm/zsmalloc.c: fix the migrated zspage statistics. - memcg: account security cred as well to kmemcg - mm: move_pages: return valid node id in status if the page is already on the target node - [x86,arm64] pstore/ram: Write new dumps to start of recycled zones - locks: print unsigned ino in /proc/locks - compat_ioctl: block: handle Persistent Reservations - compat_ioctl: block: handle BLKREPORTZONE/BLKRESETZONE - ata: libahci_platform: Export again ahci_platform_<en/dis>able_phys() - libata: Fix retrieving of active qcs - gpiolib: fix up emulated open drain outputs - tracing: Fix lock inversion in trace_event_enable_tgid_record() - tracing: Avoid memory leak in process_system_preds() - tracing: Have the histogram compare functions convert to u64 first - tracing: Fix endianness bug in histogram trigger - apparmor: fix aa_xattrs_match() may sleep while holding a RCU lock - [i386] ALSA: cs4236: fix error return comparison of an unsigned integer - ALSA: firewire-motu: Correct a typo in the clock proc string - exit: panic before exit_mm() on global init exit - [arm64] Revert support for execute-only user mappings - ftrace: Avoid potential division by zero in function profiler - [arm64] drm/msm: include linux/sched/task.h - PM / devfreq: Check NULL governor in available_governors_show - nfsd4: fix up replay_matches_cache() - [x86,arm64] HID: i2c-hid: Reset ALPS touchpads on resume - ACPI: sysfs: Change ACPI_MASKABLE_GPE_MAX to 0x100 - xfs: don't check for AG deadlock for realtime files in bunmapi - [x86] platform/x86: pmc_atom: Add Siemens CONNECT X300 to critclk_systems DMI table - Bluetooth: btusb: fix PM leak in error case of setup - Bluetooth: delete a stray unlock - Bluetooth: Fix memory leak in hci_connect_le_scan - media: flexcop-usb: ensure -EIO is returned on error condition - media: usb: fix memory leak in af9005_identify_state (CVE-2019-18809) - [arm64] dts: meson: odroid-c2: Disable usb_otg bus to avoid power failed warning - [arm64] tty: serial: msm_serial: Fix lockup for sysrq and oops - fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP - bdev: Factor out bdev revalidation into a common helper - bdev: Refresh bdev size for disks without partitioning - scsi: qedf: Do not retry ELS request if qedf_alloc_cmd fails - drm/mst: Fix MST sideband up-reply failure handling - [ppc64el] pseries/hvconsole: Fix stack overread via udbg - [ppc64el] KVM: PPC: Book3S HV: use smp_mb() when setting/clearing host_ipi flag - rxrpc: Fix possible NULL pointer access in ICMP handling - tcp: annotate tp->rcv_nxt lockless reads - net: core: limit nested device depth - ath9k_htc: Modify byte order for an error message - ath9k_htc: Discard undersized packets - xfs: periodically yield scrub threads to the scheduler - net: add annotations on hh->hh_len lockless accesses - ubifs: ubifs_tnc_start_commit: Fix OOB in layout_in_gaps - [s390x] smp: fix physical to logical CPU map for SMT - xen/blkback: Avoid unmapping unmapped grant pages - [x86] perf/x86/intel/bts: Fix the use of page_private() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.95 - bpf: Fix passing modified ctx to ld/abs/ind instruction - regulator: fix use after free issue - ASoC: max98090: fix possible race conditions - netfilter: ctnetlink: netns exit must wait for callbacks - mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() (CVE-2019-14901) - [x86] efi: Update e820 with reserved EFI boot services data to fix kexec breakage - [x86] ASoC: Intel: bytcr_rt5640: Update quirk for Teclast X89 - efi/gop: Return EFI_NOT_FOUND if there are no usable GOPs - efi/gop: Return EFI_SUCCESS if a usable GOP was found - efi/gop: Fix memory leak in __gop_query32/64() - netfilter: uapi: Avoid undefined left-shift in xt_sctp.h - netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets - netfilter: nf_tables: validate NFT_SET_ELEM_INTERVAL_END - netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init() - [arm64] spi: spi-cavium-thunderx: Add missing pci_release_regions() - ASoC: topology: Check return value for soc_tplg_pcm_create() - bnxt_en: Return error if FW returns more data than dump length - [mips*] bpf, mips: Limit to 33 tail calls - [armhf] spi: spi-ti-qspi: Fix a bug when accessing non default CS - [powerpc*] Ensure that swiotlb buffer is allocated from low memory - btrfs: Fix error messages in qgroup_rescan_init - bpf: Clear skb->tstamp in bpf_redirect when necessary - bnx2x: Do not handle requests from VFs after parity - bnx2x: Fix logic to get total no. of PFs per engine - cxgb4: Fix kernel panic while accessing sge_info - net: usb: lan78xx: Fix error message format specifier - rfkill: Fix incorrect check to avoid NULL pointer dereference - iommu/iova: Init the struct iova to fix the possible memleak - [x86] perf/x86/intel: Fix PT PMI handling - fs: avoid softlockups in s_inodes iterators - [arm64,armhf] net: stmmac: Do not accept invalid MTU values - [arm64,armhf] net: stmmac: xgmac: Clear previous RX buffer size - [arm64,armhf] net: stmmac: RX buffer size must be 16 byte aligned - [arm64,armhf] net: stmmac: Always arm TX Timer at end of transmission start - [s390x] dasd/cio: Interpret ccw_device_get_mdc return value correctly - [s390x] dasd: fix memleak in path handling error case - block: fix memleak when __blk_rq_map_user_iov() is failed - llc2: Fix return statement of llc_stat_ev_rx_null_dsap_xid_c (and _test_c) - [x86] hv_netvsc: Fix unwanted rx_table reset - [powerpc*] vcpu: Assume dedicated processors as non-preempt - [powerpc*] spinlocks: Include correct header for static key - [armhf] cpufreq: imx6q: read OCOTP through nvmem for imx6ul/imx6ull - gtp: fix bad unlock balance in gtp_encap_enable_socket - macvlan: do not assume mac_header is set in macvlan_broadcast() - [arm64,armhf] net: dsa: mv88e6xxx: Preserve priority when setting CPU port. - [arm64,armhf] net: stmmac: dwmac-sun8i: Allow all RGMII modes - [arm64,armhf] net: stmmac: dwmac-sunxi: Allow all RGMII modes - net: usb: lan78xx: fix possible skb leak - pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM - sch_cake: avoid possible divide by zero in cake_enqueue() - sctp: free cmd->obj.chunk for the unprocessed SCTP_CMD_REPLY - tcp: fix "old stuff" D-SACK causing SACK to be treated as D-SACK - vxlan: fix tos value before xmit - vlan: fix memory leak in vlan_dev_set_egress_priority - vlan: vlan_changelink() should propagate errors - net: sch_prio: When ungrafting, replace with FIFO - [arm64,armhf] usb: dwc3: gadget: Fix request complete check - USB: core: fix check for duplicate endpoints - USB: serial: option: add Telit ME910G1 0x110a composition - usb: missing parentheses in USE_NEW_SCHEME https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.96 - chardev: Avoid potential use-after-free in 'chrdev_open()' - i2c: fix bus recovery stop mode timing - [arm64,armhf] usb: chipidea: host: Disable port power only if previously enabled - ALSA: usb-audio: Apply the sample rate quirk for Bose Companion 5 - ALSA: hda/realtek - Add new codec supported for ALCS1200A - ALSA: hda/realtek - Set EAPD control to default for ALC222 - [x86] ALSA: hda/realtek - Add quirk for the bass speaker on Lenovo Yoga X1 7th gen - kernel/trace: Fix do not unregister tracepoints when register sched_migrate_task fail - tracing: Have stack tracer compile when MCOUNT_INSN_SIZE is not defined - tracing: Change offset type to s32 in preempt/irq tracepoints - HID: Fix slab-out-of-bounds read in hid_field_extract - HID: uhid: Fix returning EPOLLOUT from uhid_char_poll - HID: hid-input: clear unmapped usages - Input: add safety guards to input_set_keycode() - [arm64,armhf] drm/sun4i: tcon: Set RGB DCLK min. divider based on hardware model - drm/fb-helper: Round up bits_per_pixel if possible - drm/dp_mst: correct the shifting in DP_REMOTE_I2C_READ - can: kvaser_usb: fix interface sanity check - can: gs_usb: gs_usb_probe(): use descriptors of current altsetting - can: can_dropped_invalid_skb(): ensure an initialized headroom in outgoing CAN sk_buffs - gpiolib: acpi: Turn dmi_system_id table into a generic quirk table - gpiolib: acpi: Add honor_wakeup module-option + quirk mechanism - [x86] staging: vt6656: set usb_set_intfdata on driver fail. - USB: serial: option: add ZLP support for 0x1bc7/0x9010 - [arm64,armhf] usb: musb: fix idling for suspend after disconnect interrupt - [arm64,armhf] usb: musb: Disable pullup at init - [arm64,armhf] usb: musb: dma: Correct parameter passed to IRQ handler - [x86] staging: comedi: adv_pci1710: fix AI channels 16-31 for PCI-1713 - staging: rtl8188eu: Add device code for TP-Link TL-WN727N v5.21 - serdev: Don't claim unsupported ACPI serial devices - tty: link tty and port before configuring it as console - tty: always relink the port - mwifiex: fix possible heap overflow in mwifiex_process_country_ie() (CVE-2019-14895) - mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf (CVE-2019-19056) - scsi: bfa: release allocated memory in case of error (CVE-2019-19066) - rtl8xxxu: prevent leaking urb (CVE-2019-19068) - ath10k: fix memory leak (CVE-2019-19078) - HID: hiddev: fix mess in hiddev_open() - USB: Fix: Don't skip endpoint descriptors with maxpacket=0 - netfilter: arp_tables: init netns pointer in xt_tgchk_param struct - netfilter: conntrack: dccp, sctp: handle null timeout argument - netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present - [x86] drm/i915/gen9: Clear residual context state on context switch (CVE-2019-14615) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.97 - hidraw: Return EPOLLOUT from hidraw_poll - HID: hidraw: Fix returning EPOLLOUT from hidraw_poll - HID: hidraw, uhid: Always report EPOLLOUT - cfg80211/mac80211: make ieee80211_send_layer2_update a public function - mac80211: Do not send Layer 2 Update frame before authorization (CVE-2019-5108) - f2fs: Move err variable to function scope in f2fs_fill_dentries() - f2fs: check memory boundary by insane namelen - f2fs: check if file namelen exceeds max value (CVE-2019-9445) - media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap (CVE-2019-15217) - iwlwifi: dbg_ini: fix memory leak in alloc_sgtable (CVE-2019-19058) - iwlwifi: pcie: fix memory leaks in iwl_pcie_ctxt_info_gen3_init (CVE-2019-19059) - RDMA: Fix goto target to release the allocated memory (CVE-2019-19077) - dccp: Fix memleak in __feat_register_sp (CVE-2019-20096) - [x86] drm/i915: Fix use-after-free when destroying GEM context - ASoC: soc-core: Set dpcm_playback / dpcm_capture - [armhf] mtd: onenand: omap2: Pass correct flags for prep_dma_memcpy - [arm64] gpio: zynq: Fix for bug in zynq_gpio_restore_context API - iommu: Remove device link to group on failure - gpio: Fix error message on out-of-range GPIO in lookup table - [s390x] qeth: fix false reporting of VNIC CHAR config failure - [s390x] qeth: Fix vnicc_is_in_use if rx_bcast not set - cifs: Adjust indentation in smb2_open_file - afs: Fix missing cell comparison in afs_test_super() - drm/ttm: fix start page for huge page check in ttm_put_pages() (CVE-2019-19927) - drm/ttm: fix incrementing the page pointer for huge pages (CVE-2019-19927) - btrfs: simplify inode locking for RWF_NOWAIT - RDMA/mlx5: Return proper error value - RDMA/srpt: Report the SCSI residual to the initiator - scsi: enclosure: Fix stale device oops with hot replug - scsi: sd: Clear sdkp->protection_type if disk is reformatted without PI - [x86] platform/x86: asus-wmi: Fix keyboard brightness cannot be set to 0 - [x86] platform/x86: GPD pocket fan: Use default values when wrong modparams are given - xprtrdma: Fix completion wait during device removal - crypto: virtio - implement missing support for output IVs - NFSv2: Fix a typo in encode_sattr() - NFSv4.x: Drop the slot if nfs4_delegreturn_prepare waits for layoutreturn - mei: fix modalias documentation - [armhf] clk: samsung: exynos5420: Preserve CPU clocks configuration during suspend/resume - [armhf] pinctl: ti: iodelay: fix error checking on pinctrl_count_index_with_args call - [x86] pinctrl: lewisburg: Update pin list according to v1.1v6 - scsi: sd: enable compat ioctls for sed-opal - af_unix: add compat_ioctl support - compat_ioctl: handle SIOCOUTQNSD - [arm64,armhf] PCI: dwc: Fix find_next_bit() usage - PCI/PTM: Remove spurious "d" from granularity message - [powerpc*] powernv: Disable native PCIe port management - [armhf] tty: serial: imx: use the sg count from dma_map_sg - [i386] tty: serial: pch_uart: correct usage of dma_unmap_sg - mtd: spi-nor: fix silent truncation in spi_nor_read() - mtd: spi-nor: fix silent truncation in spi_nor_read_raw() - rtlwifi: Remove unnecessary NULL check in rtl_regd_init - f2fs: fix potential overflow - scsi: libcxgbi: fix NULL pointer dereference in cxgbi_device_destroy() - [mips*] cacheinfo: report shared CPU map - [arm64] drm/arm/mali: make malidp_mw_connector_helper_funcs static - [arm64] dmaengine: k3dma: Avoid null pointer traversal - [amd64] ioat: ioat_alloc_ring() failure handling. - ocfs2: call journal flush to mark journal as empty after journal recovery when mount https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.98 - clk: Don't try to enable critical clocks if prepare failed - iio: buffer: align the size of scan bytes to size of the largest element - USB: serial: simple: Add Motorola Solutions TETRA MTP3xxx and MTP85xx - USB: serial: option: Add support for Quectel RM500Q - USB: serial: opticon: fix control-message timeouts - USB: serial: option: add support for Quectel RM500Q in QDL mode - USB: serial: suppress driver bind attributes - USB: serial: ch341: handle unbound port at reset_resume - USB: serial: io_edgeport: handle unbound ports on URB completion - USB: serial: io_edgeport: add missing active-port sanity check - USB: serial: keyspan: handle unbound ports - USB: serial: quatech2: handle unbound ports - [x86] scsi: fnic: fix invalid stack access - scsi: mptfusion: Fix double fetch bug in ioctl - [armhf] dts: imx6q-dhcom: Fix SGTL5000 VDDIO regulator connection - ALSA: dice: fix fallback from protocol extension into limited functionality - ALSA: seq: Fix racy access for queue timer in proc read - ALSA: usb-audio: fix sync-ep altsetting sanity check - [arm64] dts: allwinner: a64: olinuxino: Fix SDIO supply regulator - block: fix an integer overflow in logical block size - [armhf] dts: am571x-idk: Fix gpios property to have the correct gpio number - LSM: generalize flag passing to security_capable - ptrace: reintroduce usage of subjective credentials in ptrace_has_cap() - usb: core: hub: Improved device recognition on remote wakeup - [x86] resctrl: Fix an imbalance in domain_remove_cpu() - [x86] CPU/AMD: Ensure clearing of SME/SEV features is maintained - [amd64] x86/efistub: Disable paging at mixed mode entry - [x86] resctrl: Fix potential memory leak - perf hists: Fix variable name's inconsistency in hists__for_each() macro - perf report: Fix incorrectly added dimensions as switch perf data file - mm/shmem.c: thp, shmem: fix conflict of above-47bit hint address and PMD alignment - mm: memcg/slab: call flush_memcg_workqueue() only if memcg workqueue is valid - btrfs: rework arguments of btrfs_unlink_subvol - btrfs: fix invalid removal of root ref - btrfs: do not delete mismatched root refs - btrfs: fix memory leak in qgroup accounting - mm/page-writeback.c: avoid potential division by zero in wb_min_max_ratio() - [armhf] dts: imx6qdl: Add Engicam i.Core 1.5 MX6 - [armhf] dts: imx6q-icore-mipi: Use 1.5 version of i.Core MX6DL - [arm64,armhf] net: stmmac: 16KB buffer must be 16 byte aligned - [arm64,armhf] net: stmmac: Enable 16KB buffer size - mm/huge_memory.c: make __thp_get_unmapped_area static - mm/huge_memory.c: thp: fix conflict of above-47bit hint address and PMD alignment - bpf: Fix incorrect verifier simulation of ARSH under ALU32 - cfg80211: fix deadlocks in autodisconnect work - cfg80211: fix memory leak in cfg80211_cqm_rssi_update - cfg80211: fix page refcount issue in A-MSDU decap - netfilter: fix a use-after-free in mtype_destroy() - netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct - netfilter: nft_tunnel: fix null-attribute check - netfilter: nf_tables: remove WARN and add NLA_STRING upper limits - netfilter: nf_tables: store transaction list locally while requesting module - netfilter: nf_tables: fix flowtable list del corruption - NFC: pn533: fix bulk-message timeout - batman-adv: Fix DAT candidate selection on little endian systems - macvlan: use skb_reset_mac_header() in macvlan_queue_xmit() - [x86] hv_netvsc: Fix memory leak when removing rndis device - [arm64] net: hns: fix soft lockup when there is not enough memory - net: usb: lan78xx: limit size of local TSO packets - ptp: free ptp device pin descriptors properly - r8152: add missing endpoint sanity check - tcp: fix marked lost packets not being retransmitted - xen/blkfront: Adjust indentation in xlvbd_alloc_gendisk - tcp: refine rule to allow EPOLLOUT generation under mem pressure - [arm64] dts: meson-gxl-s905x-khadas-vim: fix gpio-keys-polled node - cfg80211: check for set_wiphy_params - tick/sched: Annotate lockless access to last_jiffies_update - drm/nouveau/bar/nv50: check bar1 vmm return value - drm/nouveau/bar/gf100: ensure BAR is mapped - drm/nouveau/mmu: qualify vmm during dtor - reiserfs: fix handling of -EOPNOTSUPP in reiserfs_for_each_xattr - scsi: esas2r: unlock on error in esas2r_nvram_read_direct() - scsi: qla4xxx: fix double free bug - scsi: bnx2i: fix potential use after free - scsi: target: core: Fix a pr_debug() argument - scsi: qla2xxx: Fix qla2x00_request_irqs() for MSI - scsi: qla2xxx: fix rports not being mark as lost in sync fabric scan - scsi: core: scsi_trace: Use get_unaligned_be*() - perf probe: Fix wrong address verification . [ Joe Richey ] * [cloud-amd64] tpm: Enable TPM drivers for Cloud (Closes: #946237) . [ Salvatore Bonaccorso ] * Refresh powerpc-fix-mcpu-options-for-spe-only-compiler.patch (Context changes in 4.19.88) * Drop 0027-RDMA-hns-Fix-the-bug-with-updating-rq-head-pointer-w.patch * Drop 0028-RDMA-hns-Bugfix-for-the-scene-without-receiver-queue.patch * [rt] Refresh 0199-net-move-xmit_recursion-to-per-task-variable-on-RT.patch (Context changes in 4.19.88) * [rt] Update to 4.19.90-rt35: - Update "workqueue: rework" for workqueue changes in 4.19.90 * [rt] Drop 0245-Revert-arm64-preempt-Fix-big-endian-when-checking-pr.patch * Refresh 0013-scsi-hisi_sas-Relocate-some-codes-to-avoid-an-unused.patch for context changes in 4.19.93. * [rt] Refresh 0253-watchdog-prevent-deferral-of-watchdogd-wakeup-on-RT.patch (Context changes in 4.19.93) * [rt] Refresh 0199-net-move-xmit_recursion-to-per-task-variable-on-RT.patch (Context changes in 4.19.97) . [ Ben Hutchings ] * [rt] Update to 4.19.94-rt38: - Refresh "x86/ioapic: Don't let setaffinity unmask threaded EOI interrupt too early" which was partly included in 4.19.92 * aufs: Update support patchset to aufs4.19.63+ 20200113; no functional changes * Bump ABI to 8 * libertas: Fix two buffer overflows at parsing bss descriptor (CVE-2019-14896, CVE-2019-14897) * wimax: i2400: fix memory leak (CVE-2019-19051) * wimax: i2400: Fix memory leak in i2400m_op_rfkill_sw_toggle (CVE-2019-19051) * [amd64/cloud-amd64] hwrandom: Enable HW_RANDOM_VIRTIO (Closes: #914511) . [ Noah Meyerhans ] * random: try to actively add entropy rather than passively wait for it (Closes: #948519) . [ Aurelien Jarno ] * [mips*/malta] Enable POWER_RESET_PIIX4_POWEROFF. linux-signed-i386 (4.19.87+1) buster; urgency=medium . * Sign kernel from linux 4.19.87-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.68 - seq_file: fix problem when seeking mid-record - mm/hmm: fix bad subpage pointer in try_to_unmap_one - mm: mempolicy: make the behavior consistent when MPOL_MF_MOVE* and MPOL_MF_STRICT were specified - mm: mempolicy: handle vma with unmovable pages mapped correctly in mbind - mm/memcontrol.c: fix use after free in mem_cgroup_iter() - mm/usercopy: use memory range to be accessed for wraparound check - Revert "pwm: Set class for exported channels in sysfs" - cpufreq: schedutil: Don't skip freq update when limits change - [x86] ALSA: hda/realtek - Add quirk for HP Envy x360 - ALSA: hda - Apply workaround for another AMD chip 1022:1487 - ALSA: hda - Fix a memory leak bug - ALSA: hda - Add a generic reboot_notify - ALSA: hda - Let all conexant codec enter D3 when rebooting - HID: holtek: test for sanity of intfdata - HID: hiddev: avoid opening a disconnected device - HID: hiddev: do cleanup in failure of opening a device - Input: kbtab - sanity check for endpoint type - Input: iforce - add sanity checks - net: usb: pegasus: fix improper read if get_registers() fail - netfilter: ebtables: also count base chain policies - xen/pciback: remove set but not used variable 'old_state' - [armhf,arm64] irqchip/gic-v3-its: Free unused vpt_page when alloc vpe table fail - perf header: Fix divide by zero error if f_header.attr_size==0 - perf header: Fix use of unitialized value warning - libata: zpodd: Fix small read overflow in zpodd_get_mech_type() - Btrfs: fix deadlock between fiemap and transaction commits - scsi: hpsa: correct scsi command status issue after reset - scsi: qla2xxx: Fix possible fcport null-pointer dereferences - drm/amdgpu: fix a potential information leaking bug - ata: libahci: do not complain in case of deferred probe - kbuild: modpost: handle KBUILD_EXTRA_SYMBOLS only for external modules - [arm64] efi: fix variable 'si' set but not used - [arm64] unwind: Prohibit probing on return_address() - [arm64] mm: fix variable 'pud' set but not used - IB/core: Add mitigation for Spectre V1 - IB/mlx5: Fix MR registration flow to use UMR properly - IB/mad: Fix use-after-free in ib mad completion handling - [arm64] drm: msm: Fix add_gpu_components - [armhf] drm/exynos: fix missing decrement of retry counter - ocfs2: remove set but not used variable 'last_hash' - asm-generic: fix -Wtype-limits compiler warnings - [arm64] KVM: regmap: Fix unexpected switch fall-through - [armhf,arm64] KVM: Sync ICH_VMCR_EL2 back when about to block - [x86] staging: comedi: dt3000: Fix signed integer overflow 'divider * base' - [x86] staging: comedi: dt3000: Fix rounding up of timer divisor - USB: core: Fix races in character device registration and deregistraion - usb: cdc-acm: make sure a refcount is taken early enough - USB: CDC: fix sanity checks in CDC union parser - USB: serial: option: add D-Link DWM-222 device ID - USB: serial: option: Add support for ZTE MF871A - USB: serial: option: add the BroadMobi BM818 card - USB: serial: option: Add Motorola modem UARTs - [x86] drm/i915/cfl: Add a new CFL PCI ID. - [arm64] ftrace: Ensure module ftrace trampoline is coherent with I-side - Input: psmouse - fix build error of multiple definition - bnx2x: Fix VF's VLAN reconfiguration in reload. - bonding: Add vlan tx offload to hw_enc_features - net: dsa: Check existence of .port_mdb_add callback before calling it - net/mlx4_en: fix a memory leak bug - net/packet: fix race in tpacket_snd() - sctp: fix memleak in sctp_send_reset_streams - sctp: fix the transport error_count check - team: Add vlan tx offload to hw_enc_features - tipc: initialise addr_trail_end when setting node addresses - xen/netback: Reset nr_frags before freeing skb - net/mlx5e: Only support tx/rx pause setting for port owner - net/mlx5e: Use flow keys dissector to parse packets for ARFS - [arm64] mmc: sdhci-of-arasan: Do now show error message in case of deffered probe https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.69 - HID: Add 044f:b320 ThrustMaster, Inc. 2 in 1 DT - [mips*] kernel: only use i8253 clocksource with periodic clockevent - [mips*] fix cacheinfo - netfilter: ebtables: fix a memory leak bug in compat - ASoC: dapm: Fix handling of custom_stop_condition on DAPM graph walks - bonding: Force slave speed check after link state recovery for 802.3ad - [armhf,arm64] net: mvpp2: Don't check for 3 consecutive Idle frames for 10G links - can: dev: call netif_carrier_off() in register_candev() - can: gw: Fix error path of cgw_module_init - [armhf,arm64] ASoC: rockchip: Fix mono capture - [armhf] ASoC: ti: davinci-mcasp: Correct slot_width posed constraint - net: usb: qmi_wwan: Add the BroadMobi BM818 card - qed: RDMA - Fix the hw_ver returned in device attributes - isdn: mISDN: hfcsusb: Fix possible null-pointer dereferences in start_isoc_chain() - mac80211_hwsim: Fix possible null-pointer dereferences in hwsim_dump_radio_nl() - netfilter: ipset: Actually allow destination MAC address for hash:ip,mac sets too - netfilter: ipset: Copy the right MAC address in bitmap:ip,mac and hash:ip,mac sets - netfilter: ipset: Fix rename concurrency with listing - rxrpc: Fix potential deadlock - rxrpc: Fix the lack of notification when sendmsg() fails on a DATA packet - isdn: hfcsusb: Fix mISDN driver crash caused by transfer buffer on the stack - net: phy: phy_led_triggers: Fix a possible null-pointer dereference in phy_led_trigger_change_speed() - can: sja1000: force the string buffer NULL-terminated - can: peak_usb: force the string buffer NULL-terminated - net/ethernet/qlogic/qed: force the string buffer NULL-terminated - NFSv4: Fix a potential sleep while atomic in nfs4_do_reclaim() - NFS: Fix regression whereby fscache errors are appearing on 'nofsc' mounts - HID: quirks: Set the INCREMENT_USAGE_ON_DUPLICATE quirk on Saitek X52 - HID: input: fix a4tech horizontal wheel custom usage - [armhf,arm64] drm/rockchip: Suspend DP late - SMB3: Fix potential memory leak when processing compound chain - SMB3: Kernel oops mounting a encryptData share with CONFIG_DEBUG_VIRTUAL - [s390x] put _stext and _etext into .text section - net: cxgb3_main: Fix a resource leak in a error path in 'init_one()' - [armhf,arm64] net: stmmac: Fix issues when number of Queues >= 4 - [armhf,arm64] net: stmmac: tc: Do not return a fragment entry - [arm64] net: hisilicon: make hip04_tx_reclaim non-reentrant - [arm64] net: hisilicon: fix hip04-xmit never return TX_BUSY - [arm64] net: hisilicon: Fix dma_map_single failed on arm64 - libata: have ata_scsi_rw_xlat() fail invalid passthrough requests - libata: add SG safety checks in SFF pio transfers - [x86] lib/cpu: Address missing prototypes warning - [x86] drm/vmwgfx: fix memory leak when too many retries have occurred - block, bfq: handle NULL return value by bfq_init_rq() - perf ftrace: Fix failure to set cpumask when only one cpu is present - perf cpumap: Fix writing to illegal memory in handling cpumap mask - perf pmu-events: Fix missing "cpu_clk_unhalted.core" event - [arm64] KVM: Don't write junk to sysregs on reset - [armhf] KVM: Don't write junk to CP15 registers on reset - HID: wacom: correct misreported EKR ring values - HID: wacom: Correct distance scale for 2nd-gen Intuos devices - Revert "dm bufio: fix deadlock with loop device" (regression in 4.19.61) - ceph: clear page dirty before invalidate page - ceph: don't try fill file_lock on unsuccessful GETFILELOCK reply - libceph: fix PG split vs OSD (re)connect race - drm/nouveau: Don't retry infinitely when receiving no data on i2c over AUX - gpiolib: never report open-drain/source lines as 'input' to user-space - [x86] Drivers: hv: vmbus: Fix virt_to_hvpfn() for X86_PAE - userfaultfd_release: always remove uffd flags and clear vm_userfaultfd_ctx - [i386] retpoline: Don't clobber RFLAGS during CALL_NOSPEC on i386 - [x86] apic: Handle missing global clockevent gracefully - [x86] CPU/AMD: Clear RDRAND CPUID bit on AMD family 15h/16h - [x86] boot: Save fields explicitly, zero out everything else - [x86] boot: Fix boot regression caused by bootparam sanitizing - dm kcopyd: always complete failed jobs - dm btree: fix order of block initialization in btree_split_beneath - dm integrity: fix a crash due to BUG_ON in __journal_read_write() - dm raid: add missing cleanup in raid_ctr() - dm space map metadata: fix missing store of apply_bops() return value - dm table: fix invalid memory accesses with too high sector number - dm zoned: improve error handling in reclaim - dm zoned: improve error handling in i/o map code - dm zoned: properly handle backing device failure - genirq: Properly pair kobject_del() with kobject_add() - mm, page_owner: handle THP splits correctly - mm/zsmalloc.c: migration can leave pages in ZS_EMPTY indefinitely - mm/zsmalloc.c: fix race condition in zs_destroy_pool - xfs: don't trip over uninitialized buffer on extent read of corrupted inode - xfs: Move fs/xfs/xfs_attr.h to fs/xfs/libxfs/xfs_attr.h - xfs: Add helper function xfs_attr_try_sf_addname - xfs: Add attibute set and helper functions - xfs: Add attibute remove and helper functions - xfs: always rejoin held resources during defer roll - dm zoned: fix potential NULL dereference in dmz_do_reclaim() - [ppc64el] Allow flush_(inval_)dcache_range to work across ranges >4GB - rxrpc: Fix local endpoint refcounting - rxrpc: Fix read-after-free in rxrpc_queue_local() - rxrpc: Fix local endpoint replacement - rxrpc: Fix local refcounting https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.70 - nvme-multipath: revalidate nvme_ns_head gendisk in nvme_validate_ns - afs: Fix the CB.ProbeUuid service handler to reply correctly - afs: Fix loop index mixup in afs_deliver_vl_get_entry_by_name_u() - fs: afs: Fix a possible null-pointer dereference in afs_put_read() - afs: Only update d_fsdata if different in afs_d_revalidate() - nvmet-loop: Flush nvme_delete_wq when removing the port - nvme: fix a possible deadlock when passthru commands sent to a multipath device - nvme-pci: Fix async probe remove race - [armhf] omap-dma/omap_vout_vrfb: fix off-by-one fi value - iommu/dma: Handle SG length overflow better - usb: gadget: composite: Clear "suspended" on reset/disconnect - usb: gadget: mass_storage: Fix races between fsg_disable and fsg_set_alt - xen/blkback: fix memory leaks - [arm64] cpufeature: Don't treat granule sizes as strict - drm/ast: Fixed reboot test may cause system hanged - [x86] tools: hv: fix KVP and VSS daemons exit code - [x86] drm/i915: fix broadwell EU computation - [arm*] watchdog: bcm2835_wdt: Fix module autoload - scsi: ufs: Fix RX_TERMINATION_FORCE_ENABLE define value - [armhf] drm/tilcdc: Register cpufreq notifier after we have initialized crtc - ipv6/addrconf: allow adding multicast addr if IFA_F_MCAUTOJOIN is set - ipv6: Default fib6_type to RTN_UNICAST when not set - net/smc: make sure EPOLLOUT is raised - tcp: make sure EPOLLOUT wont be missed - ipv4/icmp: fix rt dst dev null pointer dereference - mm/zsmalloc.c: fix build when CONFIG_COMPACTION=n - ALSA: usb-audio: Check mixer unit bitmap yet more strictly - ALSA: line6: Fix memory leak at line6_init_pcm() error path - ALSA: hda - Fixes inverted Conexant GPIO mic mute led - ALSA: seq: Fix potential concurrent access to the deleted pool - ALSA: usb-audio: Fix invalid NULL check in snd_emuusb_set_samplerate() - ALSA: usb-audio: Add implicit fb quirk for Behringer UFX1604 - [x86] kvm: skip populating logical dest map if apic is not sw enabled - [x86] KVM: Don't update RIP or do single-step on faulting emulation - [amd64] uprobes: Fix detection of 32-bit user mode - [x86] apic: Do not initialize LDR and DFR for bigsmp - ftrace: Fix NULL pointer dereference in t_probe_next() - ftrace: Check for successful allocation of hash - ftrace: Check for empty hash and comment the race with registering probes - usb-storage: Add new JMS567 revision to unusual_devs - USB: cdc-wdm: fix race between write and disconnect due to flag abuse - usb: hcd: use managed device resources - [armhf,arm64] usb: chipidea: udc: don't do hardware access if gadget has stopped - usb: host: ohci: fix a race condition between shutdown and irq - usb: host: xhci: rcar: Fix typo in compatible string matching - USB: storage: ums-realtek: Update module parameter description for auto_delink_en - USB: storage: ums-realtek: Whitelist auto-delink support - [x86] mei: me: add Tiger Lake point LP device ID - mmc: core: Fix init of SD cards reporting an invalid VDD range - stm class: Fix a double free of stm_source_device - [x86] intel_th: pci: Add support for another Lewisburg PCH - [x86] intel_th: pci: Add Tiger Lake support - [x86] typec: tcpm: fix a typo in the comparison of pdo_max_voltage - lib: logic_pio: Fix RCU usage - lib: logic_pio: Avoid possible overlap for unregistering regions - lib: logic_pio: Add logic_pio_unregister_range() - [x86] drm/amdgpu: Add APTX quirk for Dell Latitude 5495 - [x86] drm/i915: Don't deballoon unused ggtt drm_mm_node in linux guest - [x86] drm/i915: Call dma_set_max_seg_size() in i915_driver_hw_probe() - [arm64] bus: hisi_lpc: Unregister logical PIO range to avoid potential use-after-free - [arm64] bus: hisi_lpc: Add .remove method to avoid driver unbind crash - [x86] VMCI: Release resource if the work is already queued - [x86] crypto: ccp - Ignore unconfigured CCP device on suspend/resume - Revert "cfg80211: fix processing world regdomain when non modular" - mac80211: fix possible sta leak - mac80211: Don't memset RXCB prior to PAE intercept - mac80211: Correctly set noencrypt for PAE frames - [ppc64el] KVM: Book3S: Fix incorrect guest-to-user-translation error handling - [armhf,arm64] KVM: vgic: Fix potential deadlock when ap_list is long - [armhf,arm64] KVM: vgic-v2: Handle SGI bits in GICD_I{S,C}PENDR0 as WI - NFS: Clean up list moves of struct nfs_page - NFSv4/pnfs: Fix a page lock leak in nfs_pageio_resend() - NFS: Pass error information to the pgio error cleanup routine - NFS: Ensure O_DIRECT reports an error if the bytes read/written is 0 - [x86] i2c: piix4: Fix port selection for AMD Family 16h Model 30h - mt76: mt76x0u: do not reset radio on resume https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.71 - Revert "Input: elantech - enable SMBus on new (2018+) systems" (regression in 4.19.67) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.72 - mld: fix memory leak in mld_del_delrec() - net: fix skb use after free in netpoll - net: sched: act_sample: fix psample group handling on overwrite - net_sched: fix a NULL pointer deref in ipt action - [armhf,arm64] net: stmmac: dwmac-rk: Don't fail if phy regulator is absent - tcp: inherit timestamp on mtu probe - tcp: remove empty skb from write queue in error cases - net/rds: Fix info leak in rds6_inc_info_copy() (CVE-2019-16714) - [x86] boot: Preserve boot_params.secure_boot from sanitizing - [arm*] spi: bcm2835aux: unifying code between polling and interrupt driven code - [arm*] spi: bcm2835aux: remove dangerous uncontrolled read of fifo - [arm*] spi: bcm2835aux: fix corruptions for longer spi transfers - netfilter: nf_tables: use-after-free in failing rule with bound set - [x86] hv_netvsc: Fix a warning of suspicious RCU usage - Bluetooth: btqca: Add a short delay before downloading the NVM - [ppc64el] ibmveth: Convert multicast list size for little-endian system - gpio: Fix build error of function redefinition - netfilter: nft_flow_offload: skip tcp rst and fin packets - scsi: qla2xxx: Fix gnl.l memory leak on adapter init failure - scsi: target: tcmu: avoid use-after-free after command timeout - cxgb4: fix a memory leak bug - liquidio: add cleanup in octeon_setup_iq() - net: myri10ge: fix memory leaks - lan78xx: Fix memory leaks - vfs: fix page locking deadlocks when deduping files - cx82310_eth: fix a memory leak bug - net: kalmia: fix memory leaks - net: cavium: fix driver name - wimax/i2400m: fix a memory leak bug - kprobes: Fix potential deadlock in kprobe_optimizer() - HID: cp2112: prevent sleeping function called from invalid context - [amd64] boot/compressed: Fix boot on machines with broken E820 table - [x86] Input: hyperv-keyboard: Use in-place iterator API in the channel callback - [x86] Tools: hv: kvp: eliminate 'may be used uninitialized' warning - nvme-multipath: fix possible I/O hang when paths are updated - IB/mlx4: Fix memory leaks - infiniband: hfi1: fix a memory leak bug - infiniband: hfi1: fix memory leaks - ceph: fix buffer free while holding i_ceph_lock in __ceph_setxattr() - ceph: fix buffer free while holding i_ceph_lock in __ceph_build_xattrs_blob() - ceph: fix buffer free while holding i_ceph_lock in fill_inode() - [armhf,arm64] KVM: Only skip MMIO insn once - afs: Fix leak in afs_lookup_cell_rcu() - [armhf,arm64] KVM: VGIC: Properly initialise private IRQ affinity - [amd64] boot/compressed: Fix missing initialization in find_trampoline_placement() - libceph: allow ceph_buffer_put() to receive a NULL ceph_buffer https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.73 - ALSA: hda - Fix potential endless loop at applying quirks - ALSA: hda/realtek - Fix overridden device-specific initialization - [x86] ALSA: hda/realtek - Add quirk for HP Pavilion 15 - [x86] ALSA: hda/realtek - Enable internal speaker & headset mic of ASUS UX431FL - [x86] ALSA: hda/realtek - Fix the problem of two front mics on a ThinkCentre - sched/fair: Don't assign runtime for throttled cfs_rq - [x86] drm/vmwgfx: Fix double free in vmw_recv_msg() - [ppc64el] tm: Fix FP/VMX unavailable exceptions inside a transaction (CVE-2019-15030) - batman-adv: fix uninit-value in batadv_netlink_get_ifindex() - batman-adv: Only read OGM tvlv_len after buffer len check - [x86] hv_sock: Fix hang when a connection is closed - Blk-iolatency: warn on negative inflight IO counter - blk-iolatency: fix STS_AGAIN handling - {nl,mac}80211: fix interface combinations on crypto controlled devices - timekeeping: Use proper ktime_add when adding nsecs in coarse offset - selftests: fib_rule_tests: use pre-defined DEV_ADDR - [x86] ftrace: Fix warning and considate ftrace_jmp_replace() and ftrace_call_replace() - [ppc64el] mark start_here_multiplatform as __ref - [arm64] dts: rockchip: enable usb-host regulators at boot on rk3328-rock64 - nvme-fc: use separate work queue to avoid warning - [armhf] clk: s2mps11: Add used attribute to s2mps11_dt_match - [arm64] remoteproc: qcom: q6v5: shore up resource probe handling - modules: always page-align module section allocations - kernel/module: Fix mem leak in module_add_modinfo_attrs - [x86] drm/i915: Re-apply "Perform link quality check, unconditionally during long pulse" - scsi: qla2xxx: Move log messages before issuing command to firmware - keys: Fix the use of the C++ keyword "private" in uapi/linux/keyctl.h - [x86] Drivers: hv: kvp: Fix two "this statement may fall through" warnings - [x86] hibernate: Fix nosave_regions setup for hibernation - [arm64] remoteproc: qcom: q6v5-mss: add SCM probe dependency - drm/amdgpu/gfx9: Update gfx9 golden settings. - drm/amdgpu: Update gc_9_0 golden settings. - [x86] KVM: hyperv: enforce vp_index < KVM_MAX_VCPUS - [x86] KVM: hyperv: consistently use 'hv_vcpu' for 'struct kvm_vcpu_hv' variables - [x86] KVM: hyperv: keep track of mismatched VP indexes - [x86] KVM: hyperv: define VP assist page helpers - [x86] kvm/lapic: preserve gfn_to_hva_cache len on cache reinit - [x86] drm/i915: Fix intel_dp_mst_best_encoder() - [x86] drm/i915: Rename PLANE_CTL_DECOMPRESSION_ENABLE - [x86] drm/i915/gen9+: Fix initial readout for Y tiled framebuffers - drm/atomic_helper: Disallow new modesets on unregistered connectors - [x86] Drivers: hv: kvp: Fix the recent regression caused by incorrect clean-up - powerplay: Respect units on max dcfclk watermark - drm/amd/pp: Fix truncated clock value when set watermark - drm/amd/dm: Understand why attaching path/tile properties are needed - [s390x] zcrypt: reinit ap queue state machine during device probe - [x86] drm/i915: Restore sane defaults for KMS on GEM error load - [x86] drm/i915: Cleanup gt powerstate from gem - [ppc64el] KVM: Book3S HV: Fix race between kvm_unmap_hva_range and MMU mode switch - Btrfs: clean up scrub is_dev_replace parameter - Btrfs: fix deadlock with memory reclaim during scrub - btrfs: Remove extent_io_ops::fill_delalloc - btrfs: Fix error handling in btrfs_cleanup_ordered_extents - scsi: megaraid_sas: Fix combined reply queue mode detection - scsi: megaraid_sas: Add check for reset adapter bit - scsi: megaraid_sas: Use 63-bit DMA addressing - [ppc64el] pkeys: Fix handling of pkey state across fork() - btrfs: volumes: Make sure no dev extent is beyond device boundary - btrfs: Use real device structure to verify dev extent - IB/uverbs: Fix OOPs upon device disassociation - drm/vblank: Allow dynamic per-crtc max_vblank_count - [x86] drm/i915/ilk: Fix warning when reading emon_status with no output - tpm: Fix some name collisions with drivers/char/tpm.h - bcache: replace hard coded number with BUCKET_GC_GEN_MAX - bcache: treat stale && dirty keys as bad keys - [x86] KVM: VMX: Compare only a single byte for VMCS' "launched" in vCPU-run - [armhf] iio: adc: exynos-adc: Add S5PV210 variant - [armhf] iio: adc: exynos-adc: Use proper number of channels for Exynos4x12 - mt76: fix corrupted software generated tx CCMP PN - drm/nouveau: Don't WARN_ON VCPI allocation failures - iwlwifi: fix devices with PCI Device ID 0x34F0 and 11ac RF modules - iwlwifi: add new card for 9260 series - spi: spi-gpio: fix SPI_CS_HIGH capability - [ppc64el] kvm: Save and restore host AMR/IAMR/UAMOR - btrfs: scrub: pass fs_info to scrub_setup_ctx - btrfs: scrub: move scrub_setup_ctx allocation out of device_list_mutex - btrfs: scrub: fix circular locking dependency warning - btrfs: init csum_list before possible free - [arm64] PCI: qcom: Fix error handling in runtime PM support - [arm64] PCI: qcom: Don't deassert reset GPIO during probe - CIFS: Fix error paths in writeback code - CIFS: Fix leaking locked VFS cache pages in writeback retry - [x86] drm/i915: Handle vm_mmap error during I915_GEM_MMAP ioctl with WC set - [x86] drm/i915: Sanity check mmap length against object size - [x86] usb: typec: tcpm: Try PD-2.0 if sink does not respond to 3.0 source-caps - IB/mlx5: Reset access mask when looping inside page fault handler - kvm: mmu: Fix overflow on kvm mmu page limit calculation - [x86] kvm: move kvm_load/put_guest_xcr0 into atomic context - [x86] KVM: Always use 32-bit SMRAM save state for 32-bit kernels - cifs: Fix lease buffer length error (CVE-2019-15918) - ext4: protect journal inode's blocks using block_validity - [x86] PCI: Reset Lenovo ThinkPad P50 nvgpu at boot if necessary - dm mpath: fix missing call of path selector type->end_io - blk-mq: free hw queue's resource in hctx's release handler - mmc: sdhci-pci: Add support for Intel CML - PCI: dwc: Use devm_pci_alloc_host_bridge() to simplify code - cifs: smbd: take an array of reqeusts when sending upper layer data - dm crypt: move detailed message into debug level - [x86] drm/amdkfd: Add missing Polaris10 ID - kvm: Check irqchip mode before assign irqfd - drm/amdgpu: fix ring test failure issue during s3 in vce 3.0 (V2) - drm/amdgpu/{uvd,vcn}: fetch ring's read_ptr after alloc - Btrfs: fix race between block group removal and block group allocation - cifs: add spinlock for the openFileList to cifsInodeInfo - [arm64] clk: tegra: Fix maximum audio sync clock for Tegra124/210 - [arm64] clk: tegra210: Fix default rates for HDA clocks - IB/hfi1: Avoid hardlockup with flushlist_lock - apparmor: reset pos on failure to unpack for various functions - scsi: target/core: Use the SECTOR_SHIFT constant - scsi: target/iblock: Fix overrun in WRITE SAME emulation - [s390x] scsi: zfcp: fix request object use-after-free in send path causing wrong traces - cifs: Properly handle auto disabling of serverino option - [x86] ALSA: hda - Don't resume forcibly i915 HDMI/DP codec - [x86] KVM: optimize check for valid PAT value - [x86] KVM: VMX: Always signal #GP on WRMSR to MSR_IA32_CR_PAT with bad value - [x86] KVM: VMX: Fix handling of #MC that occurs during VM-Entry - [x86] KVM: VMX: check CPUID before allowing read/write of IA32_XSS - [ppc64el] KVM: Use ccr field in pt_regs struct embedded in vcpu struct - [ppc64el] KVM: Book3S HV: Fix CR0 setting in TM emulation - RDMA/srp: Document srp_parse_in() arguments - RDMA/srp: Accept again source addresses that do not have a port number - btrfs: correctly validate compression type - resource: Include resource end in walk_*() interfaces - resource: Fix find_next_iomem_res() iteration issue - resource: fix locking in find_next_iomem_res() - pstore: Fix double-free in pstore_mkfile() failure path - dm thin metadata: check if in fail_io mode when setting needs_check - [armhf,arm64] drm/panel: Add support for Armadeus ST0700 Adapt - [x86] ALSA: hda - Fix intermittent CORB/RIRB stall on Intel chips - [ppc64el] mm: Limit rma_size to 1TB when running without HV mode - iommu/iova: Remove stale cached32_node - gpio: don't WARN() on NULL descs if gpiolib is disabled - mm/migrate.c: initialize pud_entry in migrate_vma() - NFSv4: Fix delegation state recovery - bcache: only clear BTREE_NODE_dirty bit when it is set - bcache: add comments for mutex_lock(&b->write_lock) - bcache: fix race in btree_flush_write() - [x86] drm/i915: Make sure cdclk is high enough for DP audio on VLV/CHV - [s390x] virtio: fix race on airq_areas[] - drm/atomic_helper: Allow DPMS On<->Off changes for unregistered connectors - ext4: don't perform block validity checks on the journal inode - ext4: fix block validity checks for journal inodes using indirect blocks - ext4: unsigned int compared against zero - [x86] PCI: Reset both NVIDIA GPU and HDA in ThinkPad P50 workaround - [ppc64el] tm: Remove msr_tm_active() - [ppc64el] tm: Fix restoring FP/VMX facility incorrectly on interrupts (CVE-2019-15031) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.74 - bridge/mdb: remove wrong use of NLM_F_MULTI - cdc_ether: fix rndis support for Mediatek based smartphones - ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()' - isdn/capi: check message length in capi_write() - net: Fix null de-reference of device refcount - net: gso: Fix skb_segment splat when splitting gso_size mangled skb having linear-headed frag_list - net: phylink: Fix flow control resolution - net: sched: fix reordering issues - sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero - sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()' - sctp: use transport pf_retrans in sctp_do_8_2_transport_strike - tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR - tipc: add NULL pointer check before calling kfree_rcu - tun: fix use-after-free when register netdev failed - gpiolib: acpi: Add gpiolib_acpi_run_edge_events_on_boot option and blacklist - gpio: fix line flag validation in linehandle_create - Btrfs: fix assertion failure during fsync and use of stale transaction - ixgbe: Prevent u8 wrapping of ITR value to something less than 10us - genirq: Prevent NULL pointer dereference in resend_irqs() - [s390x] KVM: kvm_s390_vm_start_migration: check dirty_bitmap before using it as target for memset() - [s390x] KVM: Do not leak kernel stack data in the KVM_S390_INTERRUPT ioctl - [x86] KVM: work around leak of uninitialized stack contents - [x86] KVM: nVMX: handle page fault in vmread - [x86] purgatory: Change compiler flags from -mcmodel=kernel to -mcmodel=large to fix kexec relocation errors - [ppc64el] Add barrier_nospec to raw_copy_in_user() - [arm64] drm/meson: Add support for XBGR8888 & ABGR8888 formats - [armhf,arm64] clk: rockchip: Don't yell about bad mmc phases when getting - PCI: Always allow probing with driver_override - gpio: fix line flag validation in lineevent_create - ubifs: Correctly use tnc_next() in search_dh_cookie() - driver core: Fix use-after-free and double free on glue directory - firmware: ti_sci: Always request response from firmware - [x86] drm: panel-orientation-quirks: Add extra quirk table entry for GPD MicroPC - Revert "Bluetooth: btusb: driver to enable the usb-wakeup feature" - modules: fix BUG when load module with rodata=n - rsi: fix a double free bug in rsi_91x_deinit() (CVE-2019-15504) - nvmem: Use the same permissions for eeprom as for nvmem https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.75 - netfilter: nf_flow_table: set default timeout after successful insertion - HID: wacom: generic: read HID_DG_CONTACTMAX from any feature report - RDMA/restrack: Release task struct which was hold by CM_ID object - [x86] Input: elan_i2c - remove Lenovo Legion Y7000 PnpID - [ppc64el] mm/radix: Use the right page size for vmemmap mapping - USB: usbcore: Fix slab-out-of-bounds bug during device reset - media: tm6000: double free if usb disconnect while streaming - ip6_gre: fix a dst leak in ip6erspan_tunnel_xmit - udp: correct reuseport selection with connected sockets - xen-netfront: do not assume sk_buff_head list is empty in error handling - net_sched: let qdisc_put() accept NULL pointer - mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings (CVE-2019-14814, CVE-2019-14815, CVE-2019-14816) - nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds - ieee802154: hwsim: Fix error handle path in hwsim_init_module - ieee802154: hwsim: unregister hw while hwsim_subscribe_all_others fails - [armhf] dts: am57xx: Disable voltage switching for SD card - [armhf] OMAP2+: Fix missing SYSC_HAS_RESET_STATUS for dra7 epwmss - [armhf] bus: ti-sysc: Fix using configured sysc mask value - [s390x] bpf: fix lcgr instruction encoding - [armhf] OMAP2+: Fix omap4 errata warning on other SoCs - [armhf] dts: dra74x: Fix iodelay configuration for mmc3 - [armhf] bus: ti-sysc: Simplify cleanup upon failures in sysc_probe() - [s390x] bpf: use 32-bit index for tail calls - netfilter: ebtables: Fix argument order to ADD_COUNTER - netfilter: nft_flow_offload: missing netlink attribute policy - netfilter: xt_nfacct: Fix alignment mismatch in xt_nfacct_match_info - NFSv4: Fix return values for nfs4_file_open() - NFSv4: Fix return value in nfs_finish_open() - NFS: Fix initialisation of I/O result struct in nfs_pgio_rpcsetup - xdp: unpin xdp umem pages in error path - qed: Add cleanup in qed_slowpath_start() - [armel,armhf] 8874/1: mm: only adjust sections of valid mm structures - batman-adv: Only read OGM2 tvlv_len after buffer len check - bpf: allow narrow loads of some sk_reuseport_md fields with offset > 0 - r8152: Set memory to all 0xFFs on failed reg reads - [x86] apic: Fix arch_dynirq_lower_bound() bug for DT enabled machines - netfilter: xt_physdev: Fix spurious error message in physdev_mt_check - netfilter: nf_conntrack_ftp: Fix debug output - NFSv2: Fix eof handling - NFSv2: Fix write regression - kallsyms: Don't let kallsyms_lookup_size_offset() fail on retrieving the first symbol - cifs: set domainName when a domain-key is used in multiuser - cifs: Use kzfree() to zero out the password - [armhf,arm64] usb: host: xhci-tegra: Set DMA mask correctly - [armel,armhf] 8901/1: add a criteria for pfn_valid of arm - sky2: Disable MSI on yet another ASUS boards (P6Xxxx) - i2c: designware: Synchronize IRQs when unregistering slave client - [x86] perf/intel: Restrict period on Nehalem - [x86] perf/amd/ibs: Fix sample bias for dispatched micro-ops - amd-xgbe: Fix error path in xgbe_mod_init() - [x86] tools/power x86_energy_perf_policy: Fix argument parsing - [x86] tools/power turbostat: fix buffer overrun - net: aquantia: fix out of memory condition on rx side - [armhf] dmaengine: ti: omap-dma: Add cleanup in omap_dma_probe() - [x86] uaccess: Don't leak the AC flags into __get_user() argument evaluation - [x86] hyper-v: Fix overflow bug in fill_gva_list() - keys: Fix missing null pointer check in request_key_auth_describe() - [x86] iommu/amd: Flush old domains in kdump kernel - [x86] iommu/amd: Fix race in increase_address_space() - [arm64] PCI: kirin: Fix section mismatch warning - ovl: fix regression caused by overlapping layers detection - floppy: fix usercopy direction - binfmt_elf: move brk out of mmap when doing direct loader exec - [arm64] kpti: Whitelist Cortex-A CPUs that don't implement the CSV3 field - media: technisat-usb2: break out of loop at end of buffer (CVE-2019-15505) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.76 - Revert "Bluetooth: validate BLE connection interval updates" - RDMA/restrack: Protect from reentry to resource return path - [ppc64el] xive: Fix bogus error code returned by OPAL - IB/core: Add an unbound WQ type to the new CQ API - HID: prodikeys: Fix general protection fault during probe - HID: sony: Fix memory corruption issue on cleanup. - HID: logitech: Fix general protection fault caused by Logitech driver - HID: hidraw: Fix invalid read in hidraw_ioctl - HID: Add quirk for HP X500 PIXART OEM mouse - mtd: cfi_cmdset_0002: Use chip_good() to retry in do_write_oneword() - CIFS: fix deadlock in cached root handling - net/mlx5e: Set ECN for received packets using CQE indication - net/mlx5e: don't set CHECKSUM_COMPLETE on SCTP packets - mlx5: fix get_ip_proto() - net/mlx5e: Allow reporting of checksum unnecessary - net/mlx5e: XDP, Avoid checksum complete when XDP prog is loaded - net/mlx5e: Rx, Fixup skb checksum for packets with tail padding - net/mlx5e: Rx, Check ip headers sanity - iwlwifi: mvm: send BCAST management frames to the right station - iwlwifi: mvm: always init rs_fw with 20MHz bandwidth rates - media: tvp5150: fix switch exit in set control handler - [x86] ASoC: Intel: cht_bsw_max98090_ti: Enable codec clock once and keep it enabled - ALSA: usb-audio: Add Hiby device family to quirks for native DSD support - ALSA: usb-audio: Add DSD support for EVGA NU Audio - ALSA: dice: fix wrong packet parameter for Alesis iO26 - [x86] ALSA: hda - Add laptop imic fixup for ASUS M9V laptop - [x86] ALSA: hda - Apply AMD controller workaround for Raven platform - objtool: Clobber user CFLAGS variable - power: supply: sysfs: ratelimit property read error message - scsi: qla2xxx: Turn off IOCB timeout timer on IOCB completion - scsi: qla2xxx: Remove all rports if fabric scan retry fails - scsi: qla2xxx: Return switch command on a timeout - Revert "drm/amd/powerplay: Enable/Disable NBPSTATE on On/OFF of UVD" - bpf: libbpf: retry loading program on EAGAIN - [armhf,arm64] irqchip/gic-v3-its: Fix LPI release for Multi-MSI devices - f2fs: check all the data segments against all node ones - [x86] PCI: hv: Avoid use of hv_pci_dev->pci_slot after freeing it - bcache: remove redundant LIST_HEAD(journal) from run_cache_set() - initramfs: don't free a non-existent initrd - blk-mq: change gfp flags to GFP_NOIO in blk_mq_realloc_hw_ctxs - blk-mq: move cancel of requeue_work to the front of blk_exit_queue - Revert "f2fs: avoid out-of-range memory access" - dm zoned: fix invalid memory access - f2fs: fix to do sanity check on segment bitmap of LFS curseg - drm: Flush output polling on shutdown - net: don't warn in inet diag when IPV6 is disabled - Bluetooth: btrtl: HCI reset on close for Realtek BT chip - [x86] ACPI: video: Add new hw_changes_brightness quirk, set it on PB Easynote MZ35 - drm/nouveau/disp/nv50-: fix center/aspect-corrected scaling - xfs: don't crash on null attr fork xfs_bmapi_read - netfilter: nft_socket: fix erroneous socket assignment - Bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices - net_sched: check cops->tcf_block in tc_bind_tclass() - net/rds: An rds_sock is added too early to the hash table - net/rds: Check laddr_check before calling it - f2fs: use generic EFSBADCRC/EFSCORRUPTED https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.77 - arcnet: provide a buffer big enough to actually receive packets - cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize - macsec: drop skb sk before calling gro_cells_receive - net/phy: fix DP83865 10 Mbps HDX loopback disable function - net/sched: act_sample: don't push mac header on ip6gre ingress - net_sched: add max len check for TCA_KIND - nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs (CVE-2019-19081) - openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC - ppp: Fix memory leak in ppp_write - sch_netem: fix a divide by zero in tabledist() - skge: fix checksum byte order - usbnet: ignore endpoints with invalid wMaxPacketSize - usbnet: sanity checking of packet sizes and device mtu - net: sched: fix possible crash in tcf_action_destroy() - tcp: better handle TCP_USER_TIMEOUT in SYN_SENT state - net/mlx5: Add device ID of upcoming BlueField-2 - mISDN: enforce CAP_NET_RAW for raw sockets (CVE-2019-17055) - appletalk: enforce CAP_NET_RAW for raw sockets (CVE-2019-17054) - ax25: enforce CAP_NET_RAW for raw sockets (CVE-2019-17052) - ieee802154: enforce CAP_NET_RAW for raw sockets (CVE-2019-17053) - nfc: enforce CAP_NET_RAW for raw sockets (CVE-2019-17056) - nfp: flower: prevent memory leak in nfp_flower_spawn_phy_reprs (CVE-2019-19080) - ALSA: hda: Flush interrupts on disabling - [armhf] ASoC: sgtl5000: Fix of unmute outputs on probe - [armhf] ASoC: sgtl5000: Fix charge pump source assignment - [arm*] dmaengine: bcm2835: Print error in case setting DMA mask fails - media: dib0700: fix link error for dibx000_i2c_set_speed - media: hdpvr: Add device num check and handling - time/tick-broadcast: Fix tick_broadcast_offline() lockdep complaint - sched/fair: Fix imbalance due to CPU affinity - sched/core: Fix CPU controller for !RT_GROUP_SCHED - [x86] apic: Make apic_pending_intr_clear() more robust - sched/deadline: Fix bandwidth accounting at all levels after offline migration - [x86] reboot: Always use NMI fallback when shutdown via reboot vector IPI fails - [x86] apic: Soft disable APIC before initializing it - ALSA: hda - Show the fatal CORB/RIRB error more clearly - ALSA: i2c: ak4xxx-adda: Fix a possible null pointer dereference in build_adc_controls() - EDAC/mc: Fix grain_bits calculation - media: iguanair: add sanity checks - base: soc: Export soc_device_register/unregister APIs - ALSA: usb-audio: Skip bSynchAddress endpoint check if it is invalid - [arm64] prefetch: fix a -Wtype-limits warning - md/raid1: end bio when the device faulty - md: don't call spare_active in md_reap_sync_thread if all member devices can't work - md: don't set In_sync if array is frozen - ACPI / processor: don't print errors for processorIDs == 0xff - loop: Add LOOP_SET_DIRECT_IO to compat ioctl - [x86] EDAC, pnd2: Fix ioremap() size in dnv_rd_reg() - efi: cper: print AER info of PCIe fatal error - sched/fair: Use rq_lock/unlock in online_fair_sched_group - idle: Prevent late-arriving interrupts from disrupting offline - media: gspca: zero usb_buf on error - perf config: Honour $PERF_CONFIG env var to specify alternate .perfconfig - perf test vfs_getname: Disable ~/.perfconfig to get default output - media: em28xx: modules workqueue not inited for 2nd device - media: rc: imon: Allow iMON RC protocol for ffdc 7e device - [arm64] perf record: Support aarch64 random socket_id assignment - [armhf] media: omap3isp: Don't set streaming state on random subdevs - media: radio/si470x: kill urb on error - media: hdpvr: add terminating 0 at end of string - led: triggers: Fix a memory leak bug - nbd: add missing config put - media: mceusb: fix (eliminate) TX IR signal length limit - media: dvb-frontends: use ida for pll number - posix-cpu-timers: Sanitize bogus WARNONS - media: dvb-core: fix a memory leak bug - libperf: Fix alignment trap with xyarray contents in 'perf stat' - [amd64] EDAC/amd64: Recognize DRAM device type ECC capability - [amd64] EDAC/amd64: Decode syndrome before translating address - PM / devfreq: passive: Use non-devm notifiers - PM / devfreq: exynos-bus: Correct clock enable sequence - media: cec-notifier: clear cec_adap in cec_notifier_unregister - media: saa7146: add cleanup in hexium_attach() - media: cpia2_usb: fix memory leaks - media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate() - perf trace beauty ioctl: Fix off-by-one error in cmd->string table - [x86] ASoC: es8316: fix headphone mixer volume table - ACPI / CPPC: do not require the _PSD method - sched/cpufreq: Align trace event behavior of fast switching - [x86] apic/vector: Warn when vector space exhaustion breaks affinity - [arm64] kpti: ensure patched kernel text is fetched from PoU - [x86] mm/pti: Do not invoke PTI functions when PTI is disabled - [x86] mm/pti: Handle unaligned address gracefully in pti_clone_pagetable() - nvmet: fix data units read and written counters in SMART log - nvme-multipath: fix ana log nsid lookup when nsid is not found - ALSA: firewire-motu: add support for MOTU 4pre - iommu/amd: Silence warnings under memory pressure - libata/ahci: Drop PCS quirk for Denverton and beyond - iommu/iova: Avoid false sharing on fq_timer_on - libtraceevent: Change users plugin directory - [armhf] dts: exynos: Mark LDO10 as always-on on Peach Pit/Pi Chromebooks - ACPI: custom_method: fix memory leaks - ACPI / PCI: fix acpi_pci_irq_enable() memory leak - closures: fix a race on wakeup from closure_sync - hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap' - md/raid1: fail run raid1 array when active disk less than one - dmaengine: ti: edma: Do not reset reserved paRAM slots - kprobes: Prohibit probing on BUG() and WARN() address - [s390x] crypto: xts-aes-s390 fix extra run-time crypto self tests finding - [x86] cpu: Add Tiger Lake to Intel family - [x86] platform: intel_pmc_core: Do not ioremap RAM - ASoC: dmaengine: Make the pcm->name equal to pcm->id if the name is not set - raid5: don't set STRIPE_HANDLE to stripe which is in batch list - mmc: core: Clarify sdio_irq_pending flag for MMC_CAP2_SDIO_IRQ_NOTHREAD - mmc: sdhci: Fix incorrect switch to HS mode - mmc: core: Add helper function to indicate if SDIO IRQs is enabled - [armhf,arm64] mmc: dw_mmc: Re-store SDIO IRQs mask at system resume - raid5: don't increment read_errors on EILSEQ return - libertas: Add missing sentinel at end of if_usb.c fw_table - e1000e: add workaround for possible stalled packet - ALSA: hda - Drop unsol event handler for Intel HDMI codecs - drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2) - media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() - [x86] ALSA: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93 - [x86] iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems - btrfs: extent-tree: Make sure we only allocate extents from block groups with the same type - [armhf] media: omap3isp: Set device on omap3isp subdevs - PM / devfreq: passive: fix compiler warning - iwlwifi: fw: don't send GEO_TX_POWER_LIMIT command to FW version 36 - ALSA: firewire-tascam: handle error code when getting current source of clock - ALSA: firewire-tascam: check intermediate state of clock status and retry - scsi: scsi_dh_rdac: zero cdb in send_mode_select() - scsi: qla2xxx: Fix Relogin to prevent modifying scan_state flag - printk: Do not lose last line in kmsg buffer dump - IB/mlx5: Free mpi in mp_slave mode - IB/hfi1: Define variables as unsigned long to fix KASAN warning - randstruct: Check member structs in is_pure_ops_struct() - ceph: use ceph_evict_inode to cleanup inode's resource - [x86] ALSA: hda/realtek - PCI quirk for Medion E4254 - blk-mq: add callback of .cleanup_rq - scsi: implement .cleanup_rq callback - [ppc64el] imc: Dont create debugfs files for cpu-less nodes - fuse: fix missing unlock_page in fuse_writepage() - [x86] KVM: always stop emulation on page fault - [x86] KVM: set ctxt->have_exception in x86_decode_insn() - [x86] KVM: Manually calculate reserved bits when loading PDPTRS - [x86] media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table - media: don't drop front-end reference count for ->detach - binfmt_elf: Do not move brk for INTERP-less ET_EXEC - [x86] ASoC: Intel: NHLT: Fix debug print format - [x86] ASoC: Intel: Skylake: Use correct function to access iomem space - [x86] ASoC: Intel: Fix use of potentially uninitialized variable - [arm64] Revert "arm64: Remove unnecessary ISBs from set_{pte,pmd,pud}" - [arm64] tlb: Ensure we execute an ISB following walk cache invalidation - [arm64] dts: rockchip: limit clock rate of MMC controllers for RK3328 - alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP - regulator: Defer init completion for a while after late_initcall - efifb: BGRT: Improve efifb_bgrt_sanity_check - gfs2: clear buf_in_tr when ending a transaction in sweep_bh_for_rgrps - memcg, oom: don't require __GFP_FS when invoking memcg OOM killer - memcg, kmem: do not fail __GFP_NOFAIL charges - i40e: check __I40E_VF_DISABLE bit in i40e_sync_filters_subtask - block: fix null pointer dereference in blk_mq_rq_timed_out() - smb3: allow disabling requesting leases - ovl: Fix dereferencing possible ERR_PTR() - ovl: filter of trusted xattr results in audit - btrfs: fix allocation of free space cache v1 bitmap pages - Btrfs: fix use-after-free when using the tree modification log - btrfs: Relinquish CPUs in btrfs_compare_trees - btrfs: qgroup: Fix the wrong target io_tree when freeing reserved data space - btrfs: qgroup: Fix reserved data space leak if we have multiple reserve calls - Btrfs: fix race setting up and completing qgroup rescan workers - md/raid6: Set R5_ReadError when there is read failure on parity disk - md: don't report active array_state until after revalidate_disk() completes. - md: only call set_in_sync() when it is expected to succeed. - cfg80211: Purge frame registrations on iftype change - /dev/mem: Bail out upon SIGKILL. - ext4: fix warning inside ext4_convert_unwritten_extents_endio - ext4: fix punch hole for inline_data file systems - quota: fix wrong condition in is_quota_modification() - hwrng: core - don't wait on add_early_randomness() - CIFS: fix max ea value size - CIFS: Fix oplock handling for SMB 2.1+ protocols - md/raid0: avoid RAID0 data corruption due to layout confusion. - fuse: fix deadlock with aio poll and fuse_iqueue::waitq.lock - mm/compaction.c: clear total_{migrate,free}_scanned before scanning a new zone - drm/amd/display: Restore backlight brightness after system resume https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.78 - tpm: use tpm_try_get_ops() in tpm-sysfs.c. - tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations - [armhf,arm64] drm/panel: simple: fix AUO g185han01 horizontal blanking - [armhf,arm64] drm/panel: check failure cases in the probe func - [armhf,arm64] drm/rockchip: Check for fast link training before enabling psr - gpu: drm: radeon: Fix a possible null-pointer dereference in radeon_connector_set_property() - [ppc64el] PCI: rpaphp: Avoid a sometimes-uninitialized warning - ipmi_si: Only schedule continuously in the thread in maintenance mode - [armhf,arm64] clk: sunxi-ng: v3s: add missing clock slices for MMC2 module clocks - drm/amd/display: fix issue where 252-255 values are clipped - drm/amd/display: reprogram VM config when system resume - [ppc64el] powernv/ioda2: Allocate TCE table levels on demand for default DMA window - [ppc64el] xmon: Check for HV mode when dumping XIVE info from OPAL - [ppc64el] rtas: use device model APIs and serialization during LPM - [ppc64el] futex: Fix warning: 'oldval' may be used uninitialized in this function - [ppc64el] pseries/mobility: use cond_resched when updating device tree - [armhf,arm64] pinctrl: tegra: Fix write barrier placement in pmx_writel - [ppc64el] eeh: Clear stale EEH_DEV_NO_HANDLER flag - vfio_pci: Restore original state on release - drm/nouveau/volt: Fix for some cards having 0 maximum voltage - [x86] pinctrl: amd: disable spurious-firing GPIO IRQs - drm/amd/display: support spdif - drm/amdgpu/si: fix ASIC tests - [ppc64el] exception: machine check use correct cfar for late handler - pstore: fs superblock limits - [ppc64el] pseries: correctly track irq state in default idle - [arm64] pinctrl: meson-gxbb: Fix wrong pinning definition for uart_c - [ppc64el] dump kernel log before carrying out fadump or kdump - [arm64] mbox: qcom: add APCS child device for QCS404 - scsi: core: Reduce memory required for SCSI logging - dma-buf/sw_sync: Synchronize signal vs syncpt free - ext4: fix potential use after free after remounting with noblock_validity - [mips*] tlbex: Explicitly cast _PAGE_NO_EXEC to a boolean - [x86] i2c-cht-wc: Fix lockdep warning - [x86] mfd: intel-lpss: Remove D3cold delay - HID: wacom: Fix several minor compiler warnings - [armel,armhf] 8898/1: mm: Don't treat faults reported from cache maintenance as writes - [armhf] rtc: snvs: fix possible race condition - HID: apple: Fix stuck function keys when using FN - [arm64] PCI: rockchip: Propagate errors for optional regulators - [armhf] PCI: imx6: Propagate errors for optional regulators - [armel,armhf] 8903/1: ensure that usable memory in bank 0 starts from a PMD-aligned address - fat: work around race with userspace's read via blockdev while mounting - pktcdvd: remove warning on attempting to register non-passthrough dev - [s390x] hypfs: Fix error number left in struct pointer member - ocfs2: wait for recovering done after direct unlock request - [arm64] consider stack randomization for mmap base only when necessary - [mips*] properly account for stack randomization and stack guard gap - [armel,armhf] properly account for stack randomization and stack guard gap - [armel,armhf] use STACK_TOP when computing mmap base address - block: mq-deadline: Fix queue restart handling - bpf: fix use after free in prog symbol exposure - cxgb4:Fix out-of-bounds MSI-X info array access - erspan: remove the incorrect mtu limit for erspan - hso: fix NULL-deref on tty open - ipv6: drop incoming packets having a v4mapped source address - ipv6: Handle missing host route in __ipv6_ifa_notify - net: ipv4: avoid mixed n_redirects and rate_tokens usage - net: qlogic: Fix memory leak in ql_alloc_large_buffers - net: Unpublish sk from sk_reuseport_cb before call_rcu - nfc: fix memory leak in llcp_sock_bind() - qmi_wwan: add support for Cinterion CLS8 devices - rxrpc: Fix rxrpc_recvmsg tracepoint - sch_dsmark: fix potential NULL deref in dsmark_init() - udp: fix gso_segs calculations - vsock: Fix a lockdep warning in __vsock_release() - udp: only do GSO if # of segs > 1 - net/rds: Fix error handling in rds_ib_add_one() - xen-netfront: do not use ~0U as error return value for xennet_fill_frags() - tipc: fix unlimited bundling of small messages - sch_cbq: validate TCA_CBQ_WRROPT to avoid crash - NFC: fix attrs checks in netlink interface - kexec: bail out upon SIGKILL when allocating memory. - 9p/cache.c: Fix memory leak in v9fs_cache_session_get_cookie https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.79 - [s390x] process: avoid potential reading of freed stack - [s390x] KVM: Test for bad access register and size at the start of S390_MEM_OP - [s390x] topology: avoid firing events before kobjs are created - [s390x] cio: exclude subchannels with no parent from pseudo check - [ppc64el] KVM: Book3S HV: Fix race in re-enabling XIVE escalation interrupts - [ppc64el] KVM: Book3S HV: Check for MMU ready on piggybacked virtual cores - [ppc64el] KVM: Book3S HV: Don't lose pending doorbell request on migration on P9 - [x86] KVM: Fix userspace set invalid CR4 - [x86] KVM: nVMX: handle page fault in vmread fix - nbd: fix max number of supported devs - PM / devfreq: tegra: Fix kHz to Hz conversion - ASoC: Define a set of DAPM pre/post-up events - [armhf] ASoC: sgtl5000: Improve VAG power and mute control - [ppc64el] mce: Fix MCE handling for huge pages - [ppc64el] mce: Schedule work from irq_work - [ppc64el] powernv: Restrict OPAL symbol map to only be readable by root - [ppc64el] powernv/ioda: Fix race in TCE level allocation - [ppc64el] book3s64/mm: Don't do tlbie fixup for some hardware revisions - tools lib traceevent: Fix "robust" test of do_generate_dynamic_list_file - [x86] crypto: qat - Silence smp_processor_id() warning - crypto: skcipher - Unmap pages after an external error - [mips*el/loongson-3] Treat Loongson Extensions as ASEs - power: supply: sbs-battery: use correct flags field - power: supply: sbs-battery: only return health when battery present - tracing: Make sure variable reference alias has correct var_ref_idx - usercopy: Avoid HIGHMEM pfn warning - timer: Read jiffies once when forwarding base clk - [x86] PCI: vmd: Fix shadow offsets to reflect spec changes - PCI: Restore Resizable BAR size bits correctly for 1MB BARs - [armhf] watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout - perf stat: Fix a segmentation fault when using repeat forever - [armhf] drm/omap: fix max fclk divider for omap36xx - [arm64] drm/msm/dsi: Fix return value check for clk_get_parent - drm/nouveau/kms/nv50-: Don't create MSTMs for eDP connectors - [x86] drm/i915/gvt: update vgpu workload head pointer correctly - mmc: sdhci: improve ADMA error reporting - Revert "locking/pvqspinlock: Don't wait if vCPU is preempted" - xen/xenbus: fix self-deadlock after killing user process - ieee802154: atusb: fix use-after-free at disconnect - [s390x] cio: avoid calling strlen on null pointer - cfg80211: initialize on-stack chandefs - [arm64] cpufeature: Detect SSBS and advertise to userspace - ima: always return negative code for error - ima: fix freeing ongoing ahash_request - fs: nfs: Fix possible null-pointer dereferences in encode_attrs() - 9p: Transport error uninitialized - 9p: avoid attaching writeback_fid on mmap with type PRIVATE - xen/pci: reserve MCFG areas earlier - ceph: fix directories inode i_blkbits initialization - ceph: reconnect connection if session hang in opening state - watchdog: aspeed: Add support for AST2600 - netfilter: nf_tables: allow lookups in dynamic sets - drm/amdgpu: Fix KFD-related kernel oops on Hawaii - drm/amdgpu: Check for valid number of registers to read - pNFS: Ensure we do clear the return-on-close layout stateid on fatal errors - [x86] purgatory: Disable the stackleak GCC plugin for the purgatory - ntb: point to right memory window index - thermal: Fix use-after-free when unregistering thermal zone device - thermal_hwmon: Sanitize thermal_zone type - libnvdimm/region: Initialize bad block for volatile namespaces - fuse: fix memleak in cuse_channel_open - libnvdimm/nfit_test: Fix acpi_handle redefinition - sched/membarrier: Call sync_core only before usermode for same mm - sched/membarrier: Fix private expedited registration check - sched/core: Fix migration to invalid CPU in __set_cpus_allowed_ptr() - kernel/elfcore.c: include proper prototypes - nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs - drm/radeon: Bail earlier when radeon.cik_/si_support=0 is passed - [ppc64el] KVM: HV: XIVE: Free escalation interrupts before disabling the VP - [x86] KVM: nVMX: Fix consistency check on injected exception error code - nbd: fix crash when the blksize is zero - [ppc64el] pseries: Fix cpu_hotplug_lock acquisition in resize_hpt() - [ppc64el] radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag - tools lib traceevent: Do not free tep->cmdlines in add_new_comm() on failure - tick: broadcast-hrtimer: Fix a race in bc_set_next - perf tools: Fix segfault in cpu_cache_level__read() - perf stat: Reset previous counts on repeat with interval - [arm64] ssbd: Add support for PSTATE.SSBS rather than trapping to EL3 - [arm64] KVM: Set SCTLR_EL2.DSSBS if SSBD is forcefully disabled and !vhe - [arm64] docs: Document SSBS HWCAP - [arm64] fix SSBS sanitization - [arm64] Add sysfs vulnerability show for spectre-v1 - [arm64] add sysfs vulnerability show for meltdown - [arm64] enable generic CPU vulnerabilites support - [arm64] Always enable ssb vulnerability detection - [arm64] Provide a command line to disable spectre_v2 mitigation - [arm64] Advertise mitigation of Spectre-v2, or lack thereof - [arm64] Always enable spectre-v2 vulnerability detection - [arm64] add sysfs vulnerability show for spectre-v2 - [arm64] add sysfs vulnerability show for speculative store bypass - [arm64] ssbs: Don't treat CPUs with SSBS as unaffected by SSB - [arm64] Force SSBS on context switch - [arm64] Use firmware to detect CPUs that are not affected by Spectre-v2 - [arm64] speculation: Support 'mitigations=' cmdline option - vfs: Fix EOVERFLOW testing in put_compat_statfs64 - cfg80211: add and use strongly typed element iteration macros - cfg80211: Use const more consistently in for_each_element macros - nl80211: validate beacon head (CVE-2019-16746) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.80 - panic: ensure preemption is disabled during panic() - f2fs: use EINVAL for superblock with invalid magic - USB: rio500: Remove Rio 500 kernel driver - USB: yurex: Don't retry on unexpected errors - USB: yurex: fix NULL-derefs on disconnect - USB: usb-skeleton: fix runtime PM after driver unbind - USB: usb-skeleton: fix NULL-deref on disconnect - xhci: Fix false warning message about wrong bounce buffer write length - xhci: Prevent device initiated U1/U2 link pm if exit latency is too long - xhci: Check all endpoints for LPM timeout - xhci: Fix USB 3.1 capability detection on early xHCI 1.1 spec based hosts - usb: xhci: wait for CNR controller not ready bit in xhci resume - xhci: Prevent deadlock when xhci adapter breaks during init - xhci: Increase STS_SAVE timeout in xhci_suspend() - USB: adutux: fix use-after-free on disconnect - USB: adutux: fix NULL-derefs on disconnect - USB: adutux: fix use-after-free on release - USB: iowarrior: fix use-after-free on disconnect - USB: iowarrior: fix use-after-free on release - USB: iowarrior: fix use-after-free after driver unbind - USB: usblp: fix runtime PM after driver unbind - USB: chaoskey: fix use-after-free on release - USB: ldusb: fix NULL-derefs on driver unbind - serial: uartlite: fix exit path null pointer - USB: serial: keyspan: fix NULL-derefs on open() and write() - USB: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20 - USB: serial: option: add Telit FN980 compositions - USB: serial: option: add support for Cinterion CLS8 devices - USB: serial: fix runtime PM after driver unbind - USB: usblcd: fix I/O after disconnect - USB: microtek: fix info-leak at probe - USB: dummy-hcd: fix power budget for SuperSpeed mode - USB: legousbtower: fix slab info leak at probe - USB: legousbtower: fix deadlock on disconnect - USB: legousbtower: fix potential NULL-deref on disconnect - USB: legousbtower: fix open after failed reset request - USB: legousbtower: fix use-after-free on release - [x86] mei: me: add comet point (lake) LP device ids - [x86] mei: avoid FW version request on Ibex Peak and earlier - [armhf,arm64] iio: adc: axp288: Override TS pin bias current for some models - efivar/ssdt: Don't iterate over EFI vars if no SSDT override was specified - perf llvm: Don't access out-of-scope array - perf inject jit: Fix JIT_CODE_MOVE filename - blk-wbt: fix performance regression in wbt scale_up/scale_down - CIFS: Gracefully handle QueryInfo errors during open - CIFS: Force revalidate inode when dentry is stale - CIFS: Force reval dentry if LOOKUP_REVAL flag is set - kernel/sysctl.c: do not override max_threads provided by userspace - mm/vmpressure.c: fix a signedness bug in vmpressure_register_event() - gpiolib: don't clear FLAG_IS_OUT when emulating open-drain/open-source - cifs: use cifsInodeInfo->open_file_lock while iterating to avoid a panic - btrfs: fix incorrect updating of log root tree - btrfs: fix uninitialized ret in ref-verify - NFS: Fix O_DIRECT accounting of number of bytes read/written - [mips*] elf_hwcap: Export userspace ASEs - ACPICA: ACPI 6.3: PPTT add additional fields in Processor Structure Flags - ACPI/PPTT: Add support for ACPI 6.3 thread flag - [arm64] topology: Use PPTT to determine if PE is a thread - vfs: Fix the locking in dcache_readdir() and friends - media: stkwebcam: fix runtime PM after driver unbind - [arm64] sve: Fix wrong free for task->thread.sve_state - [rt] tracing/hwlat: Report total time spent in all NMIs during the sample - [rt] tracing/hwlat: Don't ignore outer-loop duration when calculating max_latency - ftrace: Get a reference counter for the trace_array on filter files - tracing: Get trace_array reference for available_tracers files - hwmon: Fix HWMON_P_MIN_ALARM mask - [x86] asm: Fix MWAITX C-state hint value - [x86] PCI: vmd: Fix config addressing when using bus offsets - perf/hw_breakpoint: Fix arch_hw_breakpoint use-before-initialization https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.81 - nvme-pci: Fix a race in controller removal - scsi: ufs: skip shutdown if hba is not powered - scsi: megaraid: disable device when probe failed after enabled device - scsi: qla2xxx: Fix unbound sleep in fcport delete path. - [armhf] OMAP2+: Fix missing reset done flag for am3 and am43 - [armhf] OMAP2+: Fix warnings with broken omap2_set_init_voltage() - xen/efi: Set nonblocking callbacks - nl80211: fix null pointer dereference - mac80211: fix txq null pointer dereference - netfilter: nft_connlimit: disable bh on garbage collection - [mips*el/loongson-3] Fix the link time qualifier of 'serial_exit()' - [arm64] net: hisilicon: Fix usage of uninitialized variable in function mdio_sc_cfg_reg_write() - lib: textsearch: fix escapes in example code - r8152: Set macpassthru in reset_resume callback - libata/ahci: Fix PCS quirk application - md/raid0: fix warning message for parameter default_layout - ocfs2: fix panic due to ocfs2_wq is null - ipv4: fix race condition between route lookup and invalidation - net: avoid potential infinite loop in tc_ctl_action() - net: ipv6: fix listify ip6_rcv_finish in case of forwarding - [armhf,arm64] net: stmmac: disable/enable ptp_ref_clk in suspend/resume flow - sctp: change sctp_prot .no_autobind with true - memfd: Fix locking when tagging pins - USB: legousbtower: fix memleak on disconnect - ALSA: hda/realtek - Add support for ALC711 - [x86] ALSA: hda/realtek - Enable headset mic on Asus MJ401TA - ALSA: usb-audio: Disable quirks for BOSS Katana amplifiers - ALSA: hda - Force runtime PM on Nvidia HDMI codecs - USB: serial: ti_usb_3410_5052: fix port-close races - USB: ldusb: fix memleak on disconnect - USB: usblp: fix use-after-free on disconnect - USB: ldusb: fix read info leaks - [mips*] tlbex: Fix build_restore_pagemask KScratch restore - staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS - [s390x] scsi: zfcp: fix reaction on bit error threshold notification - scsi: sd: Ignore a failure to sync cache due to lack of authorization - scsi: core: save/restore command resid for error handling - scsi: core: try to get module before removing device - scsi: ch: Make it possible to open a ch device multiple times again - Input: synaptics-rmi4 - avoid processing unknown IRQs - ACPI: CPPC: Set pcc_data[pcc_ss_id] to NULL in acpi_cppc_processor_exit() - cfg80211: wext: avoid copying malformed SSIDs (CVE-2019-17133) - mac80211: Reject malformed SSID elements - [x86] drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50 - drm/ttm: Restore ttm prefaulting - drm/amdgpu: Bail earlier when amdgpu.cik_/si_support is not set to 1 - drivers/base/memory.c: don't access uninitialized memmaps in soft_offline_page_store() - fs/proc/page.c: don't access uninitialized memmaps in fs/proc/page.c - mm/memory-failure.c: don't access uninitialized memmaps in memory_failure() - mm/slub: fix a deadlock in show_slab_objects() - mm/page_owner: don't access uninitialized memmaps when reading /proc/pagetypeinfo - hugetlbfs: don't access uninitialized memmaps in pfn_range_valid_gigantic() - mm/memory-failure: poison read receives SIGKILL instead of SIGBUS if mmaped more than once - EDAC/ghes: Fix Use after free in ghes_edac remove path - [arm64] Enable workaround for Cavium TX2 erratum 219 when running SMT - CIFS: avoid using MID 0xFFFF - CIFS: Fix use after free of file info structures - perf/aux: Fix AUX output stopping - tracing: Fix race in perf_trace_buf initialization - dm cache: fix bugs when a GFP_NOWAIT allocation fails - [amd64] boot: Make level2_kernel_pgt pages invalid outside kernel area - [x86] apic/x2apic: Fix a NULL pointer deref when handling a dying cpu - [x86] pinctrl: cherryview: restore Strago DMI workaround for all versions - [arm64] pinctrl: armada-37xx: fix control of pins 32 and up - [arm64] pinctrl: armada-37xx: swap polarity on LED group - btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group() - Btrfs: add missing extents release on file extent cluster relocation error - Btrfs: check for the full sync flag while holding the inode lock during fsync - btrfs: tracepoints: Fix bad entry members of qgroup events - memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()' - cpufreq: Avoid cpufreq_suspend() deadlock on system shutdown - xen/netback: fix error path of xenvif_connect_data() - PCI: PM: Fix pci_power_up() - blk-rq-qos: fix first node deletion of rq_qos_del() - RDMA/cxgb4: Do not dma memory off of the stack (CVE-2019-17075) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.82 - zram: fix race between backing_dev_show and backing_dev_store - dm snapshot: introduce account_start_copy() and account_end_copy() - dm snapshot: rework COW throttling to fix deadlock - Btrfs: fix inode cache block reserve leak on failure to allocate data space - Btrfs: fix memory leak due to concurrent append writes with fiemap - btrfs: qgroup: Always free PREALLOC META reserve in btrfs_delalloc_release_extents() - btrfs: tracepoints: Fix wrong parameter order for qgroup events - wil6210: fix freeing of rx buffers in EDMA mode - f2fs: flush quota blocks after turnning it off - scsi: lpfc: Fix a duplicate 0711 log message number. - f2fs: fix to recover inode's i_gc_failures during POR - f2fs: fix to recover inode->i_flags of inode block during POR - [x86] HID: i2c-hid: add Direkt-Tek DTLAPY133-1 to descriptor override - [arm64,armel,armhf] usb: dwc2: fix unbalanced use of external vbus-supply - [x86] tools/power turbostat: fix goldmont C-state limit decoding - [x86] cpu: Add Atom Tremont (Jacobsville) - [arm64] drm/msm/dpu: handle failures while initializing displays - bcache: fix input overflow to writeback_rate_minimum - PCI: Fix Switchtec DMA aliasing quirk dmesg noise - Btrfs: fix deadlock on tree root leaf when finding free extent - netfilter: ipset: Make invalid MAC address checks consistent - HID: i2c-hid: Disable runtime PM for LG touchscreen - HID: i2c-hid: Ignore input report if there's no data present on Elan touchpanels - HID: i2c-hid: Add Odys Winbook 13 to descriptor override - [x86] platform/x86: Add the VLV ISP PCI ID to atomisp2_pm - [x86] platform/x86: Fix config space access for intel_atomisp2_pm - ath10k: assign 'n_cipher_suites = 11' for WCN3990 to enable WPA3 - HID: Add ASUS T100CHI keyboard dock battery quirks - NFSv4: Ensure that the state manager exits the loop on SIGKILL - HID: steam: fix boot loop with bluetooth firmware - HID: steam: fix deadlock with input devices. - [arm64,armhf] usb: dwc3: gadget: early giveback if End Transfer already completed - [arm64,armhf] usb: dwc3: gadget: clear DWC3_EP_TRANSFER_STARTED on cmd complete - ALSA: usb-audio: Cleanup DSD whitelist - usb: handle warm-reset port requests on hub resume - [armhf] rtc: pcf8523: set xtal load capacitance from DT - [arm64] Add MIDR encoding for HiSilicon Taishan CPUs - [arm64] kpti: Whitelist HiSilicon Taishan v110 CPUs - scsi: lpfc: Correct localport timeout duration error - CIFS: Respect SMB2 hdr preamble size in read responses - cifs: add credits from unmatched responses/messages - ALSA: hda/realtek - Apply ALC294 hp init also for S4 resume - ext4: disallow files with EXT4_JOURNAL_DATA_FL from EXT4_IOC_SWAP_BOOT - exec: load_script: Do not exec truncated interpreter path - [arm64,armhf] net: dsa: mv88e6xxx: Release lock while requesting IRQ - PCI/PME: Fix possible use-after-free on remove - [arm64,armhf] iio: adc: meson_saradc: Fix memory allocation order - [x86] iio: fix center temperature of bmc150-accel-core - perf map: Fix overlapped map handling - perf script brstackinsn: Fix recovery from LBR/binary mismatch - perf jevents: Fix period for Intel fixed counters - perf tools: Propagate get_cpuid() error - perf annotate: Propagate perf_env__arch() error - perf annotate: Fix the signedness of failure returns - perf annotate: Propagate the symbol__annotate() error return - perf annotate: Return appropriate error code for allocation failures - staging: rtl8188eu: fix null dereference when kzalloc fails - RDMA/hfi1: Prevent memory leak in sdma_init (CVE-2019-19065) - RDMA/iwcm: Fix a lock inversion issue - [x86] HID: hyperv: Use in-place iterator API in the channel callback - nfs: Fix nfsi->nrequests count error on nfs_inode_remove_request - [arm64] ftrace: Ensure synchronisation in PLT setup for Neoverse-N1 - [arm64] gpio: max77620: Use correct unit for debounce times - fs: cifs: mute -Wunused-const-variable message - [armhf] serial: mctrl_gpio: Check for NULL pointer - efi/cper: Fix endianness of PCIe class code - [x86] efi/x86: Do not clean dummy variable in kexec path - [x86] xen: Return from panic notifier - ocfs2: clear zero in unaligned direct IO - fs: ocfs2: fix possible null-pointer dereferences in ocfs2_xa_prepare_entry() - fs: ocfs2: fix a possible null-pointer dereference in ocfs2_write_end_nolock() - fs: ocfs2: fix a possible null-pointer dereference in ocfs2_info_scan_inode_alloc() - [arm64] armv8_deprecated: Checking return value for memory allocation - [x86] cpu: Add Comet Lake to the Intel CPU models header - sched/vtime: Fix guest/system mis-accounting on task switch - [x86] perf/x86/amd: Change/fix NMI latency mitigation to use a timestamp - drm/amdgpu: fix memory leak - iio: imu: adis16400: release allocated memory on failure (CVE-2019-19060) - [x86] virt: vbox: fix memory leak in hgcm_call_preprocess_linaddr (CVE-2019-19048) - NFSv4: Fix leak of clp->cl_acceptor string - tracing: Initialize iter->seq after zeroing in tracing_read_pipe() - ALSA: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360 - iwlwifi: exclude GEO SAR support for 3168 - nbd: verify socket is supported during setup - USB: legousbtower: fix a signedness bug in tower_probe() - [x86] thunderbolt: Use 32-bit writes when writing ring producer/consumer - ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe() (CVE-2019-15098) - fuse: flush dirty data/metadata before non-truncate setattr - fuse: truncate pending writes on O_TRUNC - ALSA: bebob: Fix prototype of helper function to return negative value - ALSA: hda/realtek - Fix 2 front mics of codec 0x623 - ALSA: hda/realtek - Add support for ALC623 - UAS: Revert commit 3ae62a42090f ("UAS: fix alignment of scatter/gather segments") - USB: gadget: Reject endpoints with 0 maxpacket value - usb-storage: Revert commit 747668dbc061 ("usb-storage: Set virt_boundary_mask to avoid SG overflows") - USB: ldusb: fix ring-buffer locking - USB: ldusb: fix control-message timeout - usb: xhci: fix __le32/__le64 accessors in debugfs code - USB: serial: whiteheat: fix potential slab corruption - USB: serial: whiteheat: fix line-speed endianness - scsi: target: cxgbit: Fix cxgbit_fw4_ack() - HID: i2c-hid: add Trekstor Primebook C11B to descriptor override - HID: Fix assumption that devices have inputs - HID: fix error message in hid_open_report() - nl80211: fix validation of mesh path nexthop - [s390x] cmm: fix information leak in cmm_timeout_handler() - [s390x] idle: fix cpu idle time calculation - [arm64] Ensure VM_WRITE|VM_SHARED ptes are clean by default - rtlwifi: Fix potential overflow on P2P code (CVE-2019-17666) - [arm64] dmaengine: qcom: bam_dma: Fix resource leak - [armhf] dmaengine: cppi41: Fix cppi41_dma_prep_slave_sg() when idle - NFS: Fix an RCU lock leak in nfs4_refresh_delegation_stateid() - batman-adv: Avoid free/alloc race when handling OGM buffer - llc: fix sk_buff leak in llc_sap_state_process() - llc: fix sk_buff leak in llc_conn_service() - rxrpc: Fix call ref leak - rxrpc: rxrpc_peer needs to hold a ref on the rxrpc_local record - rxrpc: Fix trace-after-put looking at the put peer record - NFC: pn533: fix use-after-free and memleaks - bonding: fix potential NULL deref in bond_update_slave_arr - net: usb: sr9800: fix uninitialized local variable - sch_netem: fix rcu splat in netem_enqueue() - ALSA: timer: Simplify error path in snd_timer_open() - ALSA: timer: Fix mutex deadlock at releasing card - ALSA: usb-audio: DSD auto-detection for Playback Designs - ALSA: usb-audio: Update DSD support quirks for Oppo and Rotel - ALSA: usb-audio: Add DSD support for Gustard U16/X26 USB Interface - [ppc64el] powerpc/powernv: Fix CPU idle to be called with IRQs disabled - Revert "ALSA: hda: Flush interrupts on disabling" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.83 - regulator: of: fix suspend-min/max-voltage parsing - [arm64] dts: allwinner: a64: pine64-plus: Add PHY regulator delay - [arm64] arm64: dts: allwinner: a64: sopine-baseboard: Add PHY regulator delay - [armhf] regulator: ti-abb: Fix timeout in ti_abb_wait_txdone/ti_abb_clear_all_txdone - [x86] ASoC: rt5682: add NULL handler to set_jack function - [armhf] regulator: pfuze100-regulator: Variable "val" in pfuze100_regulator_probe() could be uninitialized - [arm64,armhf] ASoc: rockchip: i2s: Fix RPM imbalance - [armel,armhf] mm: fix alignment handler faults under memory pressure - scsi: qla2xxx: fix a potential NULL pointer dereference - scsi: scsi_dh_alua: handle RTPG sense code correctly during state transitions - drm/amdgpu: fix potential VM faults - scsi: target: core: Do not overwrite CDB byte 1 - tracing: Fix "gfp_t" format for synthetic events - of: unittest: fix memory leak in unittest_data_add (CVE-2019-19049) - [arm64,armhf] irqchip/gic-v3-its: Use the exact ITSList for VMOVP - cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs - nbd: protect cmd->status with cmd->lock - nbd: handle racing with error'ed out commands - cxgb4: fix panic when attaching to ULD fail - dccp: do not leak jiffies on the wire - erspan: fix the tun_info options_len check for erspan - inet: stop leaking jiffies on the wire - net: annotate accesses to sk->sk_incoming_cpu - net: annotate lockless accesses to sk->sk_napi_id - [armhf] net: dsa: bcm_sf2: Fix IMP setup for port different than 8 - net: fix sk_page_frag() recursion from memory reclaim - [arm64] net: hisilicon: Fix ping latency when deal with high throughput - net/mlx4_core: Dynamically set guaranteed amount of counters per VF - netns: fix GFP flags in rtnl_net_notifyid() - net: usb: lan78xx: Disable interrupts before calling generic_handle_irq() - net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol() - udp: fix data-race in udp_set_dev_scratch() - vxlan: check tun_info options_len properly - net: add skb_queue_empty_lockless() - udp: use skb_queue_empty_lockless() - net: use skb_queue_empty_lockless() in poll() handlers - net: use skb_queue_empty_lockless() in busy poll contexts - net: add READ_ONCE() annotation in __skb_wait_for_more_packets() - ipv4: fix route update on metric change. - net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget - r8169: fix wrong PHY ID issue with RTL8168dp - net/mlx5e: Fix ethtool self test: link speed - [armhf] net: dsa: b53: Do not clear existing mirrored port mask - [armhf] net: phy: bcm7xxx: define soft_reset for 40nm EPHY - net: usb: lan78xx: Connect PHY before registering MAC - [arm64,armhf] net: dsa: fix switch tree list - r8152: add device id for Lenovo ThinkPad USB-C Dock Gen 2 - net/flow_dissector: switch to siphash - wireless: Skip directory when generating certificates - [x86] platform/x86: pmc_atom: Add Siemens SIMATIC IPC227E to critclk_systems DMI table - [ppc64el] powerpc/mm: Fixup tlbie vs mtpidr/mtlpidr ordering issue on POWER9 - usb: gadget: udc: core: Fix segfault if udc_bind_to_driver() for pending driver fails https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.84 - bonding: fix state transition issue in link monitoring - CDC-NCM: handle incomplete transfer of MTU - ipv4: Fix table id reference in fib_sync_down_addr - [mips*] net: ethernet: octeon_mgmt: Account for second possible VLAN header - net: fix data-race in neigh_event_send() - net: usb: qmi_wwan: add support for DW5821e with eSIM support - nfc: netlink: fix double device reference drop - qede: fix NULL pointer deref in __qede_remove() - ipv6: fixes rt6_probe() and fib6_nh->last_probe init - [arm64] net: hns: Fix the stray netpoll locks causing deadlock in NAPI path - ALSA: timer: Fix incorrectly assigned timer instance - ALSA: bebob: fix to detect configured source of sampling clock for Focusrite Saffire Pro i/o series - ALSA: hda/ca0132 - Fix possible workqueue stall - mm: memcontrol: fix network errors from failing __GFP_ATOMIC charges - mm, meminit: recalculate pcpu batch and high limits after init completes - mm: thp: handle page cache THP correctly in PageTransCompoundMap - mm, vmstat: hide /proc/pagetypeinfo from normal users - dump_stack: avoid the livelock of the dump_lock - perf tools: Fix time sorting - drm/radeon: fix si_enable_smc_cac() failed issue - HID: wacom: generic: Treat serial number and related fields as unsigned - [arm64] Do not mask out PTE_RDONLY in pte_same() - ceph: fix use-after-free in __ceph_remove_cap() - ceph: add missing check in d_revalidate snapdir handling - [armhf] sunxi: Fix CPU powerdown on A83T - netfilter: nf_tables: Align nft_expr private data to 64-bit - netfilter: ipset: Fix an error code in ip_set_sockfn_get() - [x86] intel_th: pci: Add Comet Lake PCH support - [x86] intel_th: pci: Add Jasper Lake PCH support - [x86] apic/32: Avoid bogus LDR warnings - SMB3: Fix persistent handles reconnect - can: usb_8dev: fix use-after-free on disconnect - [armhf] can: flexcan: disable completely the ECC mechanism - can: peak_usb: fix a potential out-of-sync while decoding packets - can: rx-offload: can_rx_offload_queue_sorted(): fix error handling, avoid skb mem leak - can: gs_usb: gs_can_open(): prevent memory leak (CVE-2019-19052) - can: dev: add missing of_node_put() after calling of_get_child_by_name() - can: mcba_usb: fix use-after-free on disconnect - can: peak_usb: fix slab info leak - configfs: stash the data we need into configfs_buffer at open time - configfs_register_group() shouldn't be (and isn't) called in rmdirable parts - configfs: new object reprsenting tree fragments - configfs: provide exclusion between IO and removals - configfs: fix a deadlock in configfs_symlink() - ALSA: usb-audio: More validations of descriptor units - ALSA: usb-audio: Simplify parse_audio_unit() - ALSA: usb-audio: Unify the release of usb_mixer_elem_info objects - ALSA: usb-audio: Remove superfluous bLength checks - ALSA: usb-audio: Clean up check_input_term() - ALSA: usb-audio: Fix possible NULL dereference at create_yamaha_midi_quirk() - ALSA: usb-audio: remove some dead code - ALSA: usb-audio: Fix copy&paste error in the validator - sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices - sched/fair: Fix -Wunused-but-set-variable warnings - usbip: Fix vhci_urb_enqueue() URB null transfer buffer error path - usbip: Implement SG support to vhci-hcd and stub driver - [arm64,armhf] PCI: tegra: Enable Relaxed Ordering only for Tegra20 & Tegra30 - [amd64] HID: intel-ish-hid: fix wrong error handling in ishtp_cl_alloc_tx_ring() - RDMA/mlx5: Clear old rate limit when closing QP - iw_cxgb4: fix ECN check on the passive accept - RDMA/qedr: Fix reported firmware version - net/mlx5e: TX, Fix consumer index of error cqe dump - net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq (CVE-2019-19045) - scsi: qla2xxx: fixup incorrect usage of host_byte - RDMA/uverbs: Prevent potential underflow - net: openvswitch: free vport unless register_netdevice() succeeds - scsi: lpfc: Honor module parameter lpfc_use_adisc - scsi: qla2xxx: Initialized mailbox to prevent driver load failure - netfilter: nf_flow_table: set timeout before insertion into hashes - ipvs: don't ignore errors in case refcounting ip_vs module fails - ipvs: move old_secure_tcp into struct netns_ipvs - bonding: fix unexpected IFF_BONDING bit unset - macsec: fix refcnt leak in module exit routine - usb: gadget: composite: Fix possible double free memory bug - [arm64] usb: dwc3: pci: prevent memory leak in dwc3_pci_probe (CVE-2019-18813) - usb: gadget: configfs: fix concurrent issue between composite APIs - [arm64,armhf] usb: dwc3: remove the call trace of USBx_GFLADJ - [x86] perf/x86/amd/ibs: Fix reading of the IBS OpData register and thus precise RIP validity - [x86] perf/x86/amd/ibs: Handle erratum #420 only on the affected CPU family (10h) - [x86] perf/x86/uncore: Fix event group support - USB: Skip endpoints with 0 maxpacket length - USB: ldusb: use unsigned size format specifiers - usbip: tools: Fix read_usb_vudc_device() error path handling - RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case - [arm64] RDMA/hns: Prevent memory leaks of eq->buf_list - scsi: qla2xxx: stop timer in shutdown path - nvme-multipath: fix possible io hang after ctrl reconnect - [amd64] fjes: Handle workqueue allocation failure - [arm64] net: hisilicon: Fix "Trying to free already-free IRQ" - drm/amdgpu: If amdgpu_ib_schedule fails return back the error. - [x86] hv_netvsc: Fix error handling in netvsc_attach() - [arm64,armhf] usb: dwc3: gadget: fix race when disabling ep with cancelled xfers - NFSv4: Don't allow a cached open with a revoked delegation - igb: Fix constant media auto sense switching when no cable is connected - e1000: fix memory leaks - [x86] pinctrl: intel: Avoid potential glitches if pin is in GPIO mode - ocfs2: protect extent tree in ocfs2_prepare_inode_for_write() - [x86] pinctrl: cherryview: Fix irq_valid_mask calculation - blkcg: make blkcg_print_stat() print stats only for online blkgs - [x86] iio: imu: mpu6050: Add support for the ICM 20602 IMU - [x86] iio: imu: inv_mpu6050: fix no data on MPU6050 - mm/filemap.c: don't initiate writeback if mapping has no dirty pages - cgroup,writeback: don't switch wbs immediately on dead wbs if the memcg is dead - usbip: Fix free of unallocated memory in vhci tx - netfilter: ipset: Copy the right MAC address in hash:ip,mac IPv6 sets - net: prevent load/store tearing on sk->sk_stamp - [x86] iio: imu: mpu6050: Fix FIFO layout for ICM20602 - vsock/virtio: fix sock refcnt holding during the shutdown - x86/cpu: Add Tremont to the cpu vulnerability whitelist https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.85 - scsi: core: Handle drivers which set sg_tablesize to zero - ax88172a: fix information leak on short answers - ipmr: Fix skb headroom in ipmr_get_route(). - net: gemini: add missed free_netdev - net: usb: qmi_wwan: add support for Foxconn T77W968 LTE modules - slip: Fix memory leak in slip_open error path - ALSA: usb-audio: Fix missing error check at mixer resolution test - ALSA: usb-audio: not submit urb for stopped endpoint - ALSA: usb-audio: Fix incorrect NULL check in create_yamaha_midi_quirk() - ALSA: usb-audio: Fix incorrect size check for processing/extension units - Btrfs: fix log context list corruption after rename exchange operation - Input: ff-memless - kill timer in destroy() - Input: synaptics-rmi4 - fix video buffer size - Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver - Input: synaptics-rmi4 - do not consume more data than we have (F11, F12) - Input: synaptics-rmi4 - clear IRQ enables for F54 - Input: synaptics-rmi4 - destroy F54 poller workqueue when removing - IB/hfi1: Ensure full Gen3 speed in a Gen4 system - IB/hfi1: Use a common pad buffer for 9B and 16B packets - i2c: acpi: Force bus speed to 400KHz if a Silead touchscreen is present - ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable - ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either - [armhf] net: ethernet: dwmac-sun8i: Use the correct function in exit path - [x86] iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros - mm: mempolicy: fix the wrong return value and potential pages leak of mbind - mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm() - mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup() - iio: adc: max9611: explicitly cast gain_selectors - tee: optee: take DT status property into account - ath10k: fix kernel panic by moving pci flush after napi_disable - clk: sunxi-ng: h6: fix PWM gate/reset offset - soundwire: Initialize completion for defer messages - [x86] soundwire: intel: Fix uninitialized adev deref - [arm64] dts: allwinner: a64: Orange Pi Win: Fix SD card node - [arm64] dts: allwinner: a64: Olinuxino: fix DRAM voltage - [arm64] dts: allwinner: a64: NanoPi-A64: Fix DCDC1 voltage - ALSA: pcm: signedness bug in snd_pcm_plug_alloc() - [arm64] soc/tegra: pmc: Fix pad voltage configuration for Tegra186 - [arm64] dts: tegra210-p2180: Correct sdmmc4 vqmmc-supply - y2038: make do_gettimeofday() and get_seconds() inline - rtc: sysfs: fix NULL check in rtc_add_groups() - remoteproc/davinci: Use %zx for formating size_t - extcon: cht-wc: Return from default case to avoid warnings - cfg80211: Avoid regulatory restore when COUNTRY_IE_IGNORE is set - ALSA: seq: Do error checks at creating system ports - ath10k: skip resetting rx filter for WCN3990 - ath9k: fix tx99 with monitor mode interface - wil6210: drop Rx multicast packets that are looped-back to STA - wil6210: set edma variables only for Talyn-MB devices - wil6210: prevent usage of tx ring 0 for eDMA - wil6210: fix invalid memory access for rx_buff_mgmt debugfs - ath10k: limit available channels via DT ieee80211-freq-limit - ice: Update request resource command to latest specification - ice: Prevent control queue operations during reset - gfs2: Don't set GFS2_RDF_UPTODATE when the lvb is updated - ice: Fix and update driver version string - ASoC: dapm: Don't fail creating new DAPM control on NULL pinctrl - ASoC: dpcm: Properly initialise hw->rate_max - ASoC: meson: axg-fifo: report interrupt request failure - ASoC: AMD: Change MCLK to 48Mhz - pinctrl: ingenic: Probe driver at subsys_initcall - [armhf] dts: exynos: Use i2c-gpio for HDMI-DDC on Arndale - [armhf] dts: exynos: Fix HDMI-HPD line handling on Arndale - [armhf] dts: exynos: Fix sound in Snow-rev5 Chromebook - liquidio: fix race condition in instruction completion processing - [arm64] dts: stratix10: i2c clock running out of spec - [armhf] dts: exynos: Fix regulators configuration on Peach Pi/Pit Chromebooks - i40evf: Validate the number of queues a PF sends - i40e: use correct length for strncpy - i40evf: set IFF_UNICAST_FLT flag for the VF - i40e: Check and correct speed values for link on open - i40evf: Don't enable vlan stripping when rx offload is turned on - i40e: hold the rtnl lock on clearing interrupt scheme - i40evf: cancel workqueue sync for adminq when a VF is removed - i40e: Prevent deleting MAC address from VF when set by PF - IB/rxe: avoid back-to-back retries - IB/rxe: fixes for rdma read retry - iwlwifi: drop packets with bad status in CD - iwlwifi: don't WARN on trying to dump dead firmware - iwlwifi: mvm: avoid sending too many BARs - media: vicodec: fix out-of-range values when decoding - media: i2c: Fix pm_runtime_get_if_in_use() usage in sensor drivers - media: ov772x: Disable clk on error path - rtl8187: Fix warning generated when strncpy() destination length matches the sixe argument - mwifiex: do no submit URB in suspended state - mwifex: free rx_cmd skb in suspended state - brcmfmac: fix wrong strnchr usage - mt76: Fix comparisons with invalid hardware key index - soc: imx: gpc: fix PDN delay - ASoC: rsnd: ssi: Fix issue in dma data address assignment - net: hns3: Fix for multicast failure - net: hns3: Fix error of checking used vlan id - net: hns3: Fix for loopback selftest failed problem - net: hns3: Change the dst mac addr of loopback packet - net/mlx5: Fix atomic_mode enum values - net: phy: mscc: read 'vsc8531,vddmac' as an u32 - net: phy: mscc: read 'vsc8531, edge-slowdown' as an u32 - [armhf] dts: meson8: fix the clock controller register size - [armhf] dts: meson8b: fix the clock controller register size - mtd: rawnand: marvell: use regmap_update_bits() for syscon access - mtd: rawnand: fsl_ifc: check result of SRAM initialization - mtd: rawnand: fsl_ifc: fixup SRAM init for newer ctrl versions - mtd: rawnand: qcom: don't include dma-direct.h - IB/mlx5: Change TX affinity assignment in RoCE LAG mode - qxl: fix null-pointer crash during suspend - mac80211: fix saving a few HE values - cfg80211: validate wmm rule when setting - f2fs: avoid wrong decrypted data from disk - net: lan78xx: Bail out if lan78xx_get_endpoints fails - rtnetlink: move type calculation out of loop - ASoC: sgtl5000: avoid division by zero if lo_vag is zero - ath10k: avoid possible memory access violation - [armhf] dts: exynos: Disable pull control for S5M8767 PMIC - ath10k: wmi: disable softirq's while calling ieee80211_rx - i2c: mediatek: Use DMA safe buffers for i2c transactions - IB/mlx5: Don't hold spin lock while checking device state - IB/ipoib: Ensure that MTU isn't less than minimum permitted - RDMA/core: Rate limit MAD error messages - RDMA/core: Follow correct unregister order between sysfs and cgroup - udf: Fix crash during mount - ASoC: dapm: Avoid uninitialised variable warning - [x86] ASoC: Intel: hdac_hdmi: Limit sampling rates at dai creation - ata: Disable AHCI ALPM feature for Ampere Computing eMAG SATA - [powerpc] make PowerMac cache node search conditional on CONFIG_PPC_PMAC - [armhf] dts: omap3-gta04: give spi_lcd node a label so that we can overwrite in other DTS files - [armhf] dts: omap3-gta04: fixes for tvout / venc - [armhf] dts: omap3-gta04: tvout: enable as display1 alias - [armhf] dts: omap3-gta04: fix touchscreen tsc2007 - [armhf] dts: omap3-gta04: make NAND partitions compatible with recent U-Boot - [armhf] dts: omap3-gta04: keep vpll2 always on - f2fs: submit bio after shutdown - failover: Fix error return code in net_failover_create - sched/debug: Explicitly cast sched_feat() to bool - sched/debug: Use symbolic names for task state constants - firmware: arm_scmi: use strlcpy to ensure NULL-terminated strings - [arm64] dts: rockchip: Fix VCC5V0_HOST_EN on rk3399-sapphire - [armhf] dts: exynos: Disable pull control for PMIC IRQ line on Artik5 board - usb: mtu3: disable vbus rise/fall interrupts of ltssm - EDAC, sb_edac: Return early on ADDRV bit and address type test - [armhf] rtc: pl030: fix possible race condition - ath9k: add back support for using active monitor interfaces for tx99 - dmaengine: at_xdmac: remove a stray bottom half unlock - RDMA/hns: Fix an error code in hns_roce_v2_init_eq_table() - IB/hfi1: Missing return value in error path for user sdma - signal: Always ignore SIGKILL and SIGSTOP sent to the global init - signal: Properly deliver SIGILL from uprobes - signal: Properly deliver SIGSEGV from x86 uprobes - f2fs: fix memory leak of write_io in fill_super() - f2fs: fix memory leak of percpu counter in fill_super() - f2fs: fix setattr project check upon fssetxattr ioctl - scsi: qla2xxx: Use correct qpair for ABTS/CMD - scsi: qla2xxx: Fix iIDMA error - scsi: qla2xxx: Defer chip reset until target mode is enabled - scsi: qla2xxx: Terminate Plogi/PRLI if WWN is 0 - scsi: qla2xxx: Fix deadlock between ATIO and HW lock - scsi: qla2xxx: Increase abort timeout value - scsi: qla2xxx: Check for Register disconnect - scsi: qla2xxx: Fix port speed display on chip reset - scsi: qla2xxx: Fix dropped srb resource. - scsi: qla2xxx: Fix duplicate switch's Nport ID entries - scsi: lpfc: Fix GFT_ID and PRLI logic for RSCN - scsi: lpfc: Correct invalid EQ doorbell write on if_type=6 - scsi: lpfc: Fix errors in log messages. - scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir() - [armhf] imx6: register pm_power_off handler if "fsl,pmic-stby-poweroff" is set - scsi: pm80xx: Corrected dma_unmap_sg() parameter - scsi: pm80xx: Fixed system hang issue during kexec boot - kprobes: Don't call BUG_ON() if there is a kprobe in use on free list - net: aquantia: fix hw_atl_utils_fw_upload_dwords - Drivers: hv: vmbus: Fix synic per-cpu context initialization - nvmem: core: return error code instead of NULL from nvmem_device_get - media: dt-bindings: adv748x: Fix decimal unit addresses - [x86] ALSA: hda: Fix implicit definition of pci_iomap() on SH - media: fix: media: pci: meye: validate offset to avoid arbitrary access - media: dvb: fix compat ioctl translation - net: bcmgenet: Fix speed selection for reverse MII - [arm64] dts: meson: libretech: update board model - [arm64] dts: meson-axg: use the proper compatible for ethmac - [x86] ALSA: intel8x0m: Register irq handler after register initializations - [arm64] dts: renesas: salvator-common: adv748x: Override secondary addresses - [arm64] dts: renesas: r8a77965: Attach the SYS-DMAC to the IPMMU - [arm64] dts: renesas: r8a77965: Fix HS-USB compatible - [arm64] dts: renesas: r8a77965: Fix clock/reset for usb2_phy1 - pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map() - llc: avoid blocking in llc_sap_close() - [armhf] dts: qcom: ipq4019: fix cpu0's qcom,saw2 reg value - [arm64] soc: qcom: wcnss_ctrl: Avoid string overflow - [arm64] dts: broadcom: Fix I2C and SPI bus warnings - [armhf] dts: bcm: Fix SPI bus warnings - [armhf] dts: aspeed: Fix I2C bus warnings - [ppc64el,powerpc*] powerpc/vdso: Correct call frame information - [armhf] dts: socfpga: Fix I2C bus unit-address error - [armhf] dts: sunxi: Fix I2C bus warnings - [armhf] dts: sun9i: Fix I2C bus warnings - android: binder: no outgoing transaction when thread todo has transaction - cxgb4: Fix endianness issue in t4_fwcache() - [arm64] fix for bad_mode() handler to always result in panic - block, bfq: inject other-queue I/O into seeky idle queues on NCQ flash - blok, bfq: do not plug I/O if all queues are weight-raised - [arm64] dts: meson: Fix erroneous SPI bus warnings - power: supply: ab8500_fg: silence uninitialized variable warnings - component: fix loop condition to call unbind() if bind() fails - kernfs: Fix range checks in kernfs_get_target_path - ip_gre: fix parsing gre header in ipgre_err - scsi: ufshcd: Fix NULL pointer dereference for in ufshcd_init - [armhf] dts: rockchip: Fix erroneous SPI bus dtc warnings on rk3036 - [arm64] dts: rockchip: Fix I2C bus unit-address error on rk3399-puma-haikou - [x86] ACPI / LPSS: Exclude I2C busses shared with PUNIT from pmc_atom_d3_mask - netfilter: nf_tables: avoid BUG_ON usage - ath9k: Fix a locking bug in ath9k_add_interface() - [s390x] qeth: uninstall IRQ handler on device removal - [s390x] qeth: invoke softirqs after napi_schedule() - media: vsp1: Fix vsp1_regs.h license header - media: vsp1: Fix YCbCr planar formats pitch calculation - media: ov2680: don't register the v4l2 subdevice before checking chip ID - PCI/ACPI: Correct error message for ASPM disabling - net: socionext: Fix two sleep-in-atomic-context bugs in ave_rxfifo_reset() - PCI: mediatek: Fix unchecked return value - [armhf] dts: xilinx: Fix I2C and SPI bus warnings - serial: uartps: Fix suspend functionality - serial: samsung: Enable baud clock for UART reset procedure in resume - serial: mxs-auart: Fix potential infinite loop - tty: serial: qcom_geni_serial: Fix serial when not used as console - [arm64] dts: ti: k3-am65: Change #address-cells and #size-cells of interconnect to 2 - samples/bpf: fix a compilation failure - spi: mediatek: Don't modify spi_transfer when transfer. - ASoC: rt5682: Fix the boost volume at the begining of playback - ipmi_si_pci: fix NULL device in ipmi_si error message - ipmi_si: fix potential integer overflow on large shift - ipmi:dmi: Ignore IPMI SMBIOS entries with a zero base address - ipmi: fix return value of ipmi_set_my_LUN - net: hns3: fix return type of ndo_start_xmit function - net: cavium: fix return type of ndo_start_xmit function - net: ibm: fix return type of ndo_start_xmit function - [ppc64el,powerpc*] iommu: Avoid derefence before pointer check - [ppc64el,powerpc*] selftests: Do not fail with reschedule - [ppc64el,powerpc64] hash: Fix stab_rr off by one initialization - [ppc64el,powerpc64] pseries/memory-hotplug: Only update DT once per memory DLPAR request - [ppc64el,powerpc64] pseries: Disable CPU hotplug across migrations - [ppc64el,powerpc*] Fix duplicate const clang warning in user access code - RDMA/i40iw: Fix incorrect iterator type - OPP: Protect dev_list with opp_table lock - of/unittest: Fix I2C bus unit-address error - libfdt: Ensure INT_MAX is defined in libfdt_env.h - power: supply: twl4030_charger: fix charging current out-of-bounds - power: supply: twl4030_charger: disable eoc interrupt on linear charge - net: mvpp2: fix the number of queues per cpu for PPv2.2 - net: marvell: fix return type of ndo_start_xmit function - net: toshiba: fix return type of ndo_start_xmit function - net: xilinx: fix return type of ndo_start_xmit function - net: broadcom: fix return type of ndo_start_xmit function - net: amd: fix return type of ndo_start_xmit function - net: sun: fix return type of ndo_start_xmit function - net: hns3: Fix for setting speed for phy failed problem - net: hns3: Fix cmdq registers initialization issue for vf - net: hns3: Clear client pointer when initialize client failed or unintialize finished - net: hns3: Fix client initialize state issue when roce client initialize failed - net: hns3: Fix parameter type for q_id in hclge_tm_q_to_qs_map_cfg() - nfp: provide a better warning when ring allocation fails - usb: chipidea: imx: enable OTG overcurrent in case USB subsystem is already started - usb: chipidea: Fix otg event handler - usb: usbtmc: Fix ioctl USBTMC_IOCTL_ABORT_BULK_OUT - [s390x] zcrypt: enable AP bus scan without a valid default domain - [s390x] vdso: avoid 64-bit vdso mapping for compat tasks - [s390x] vdso: correct CFI annotations of vDSO functions - brcmfmac: increase buffer for obtaining firmware capabilities - brcmsmac: Use kvmalloc() for ucode allocations - mlxsw: spectrum: Init shaper for TCs 8..15 - PCI: portdrv: Initialize service drivers directly - [armhf] dts: am335x-evm: fix number of cpsw - [armhf] dts: ti: Fix SPI and I2C bus warnings - f2fs: avoid infinite loop in f2fs_alloc_nid - f2fs: fix to recover inode's uid/gid during POR - [armhf] dts: ux500: Correct SCU unit address - [armhf] dts: ux500: Fix LCDA clock line muxing - [armhf] dts: ste: Fix SPI controller node names - spi: pic32: Use proper enum in dmaengine_prep_slave_rg - crypto: chacha20 - Fix chacha20_block() keystream alignment (again) - cpufeature: avoid warning when compiling with clang - [armhf] crypto: crc32 - avoid warning when compiling with Clang - [armel] dts: marvell: Fix SPI and I2C bus warnings - [x86] mce-inject: Reset injection struct after injection - [armhf,arm64] dts: clearfog: fix sdhci supply property name - bnx2x: Ignore bandwidth attention in single function mode - PCI/AER: Take reference on error devices - PCI/AER: Don't read upstream ports below fatal errors - PCI/ERR: Use slot reset if available - samples/bpf: fix compilation failure - net: phy: mdio-bcm-unimac: Allow configuring MDIO clock divider - net: micrel: fix return type of ndo_start_xmit function - net: freescale: fix return type of ndo_start_xmit function - [x86] CPU: Use correct macros for Cyrix calls - [x86] CPU: Change query logic so CPUID is enabled before testing - EDAC: Correct DIMM capacity unit symbol - [mips*] kexec: Relax memory restriction - [arm64] dts: rockchip: Fix microSD in rk3399 sapphire board - mlxsw: Make MLXSW_SP1_FWREV_MINOR a hard requirement - media: imx: work around false-positive warning, again - media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init() - media: au0828: Fix incorrect error messages - media: davinci: Fix implicit enum conversion warning - [armhf] dts: rockchip: explicitly set vcc_sd0 pin to gpio on rk3188-radxarock - usb: gadget: uvc: configfs: Drop leaked references to config items - usb: gadget: uvc: configfs: Prevent format changes after linking header - usb: gadget: uvc: configfs: Sort frame intervals upon writing - [armhf] dts: exynos: Correct audio subsystem parent clock on Peach Chromebooks - i2c: aspeed: fix invalid clock parameters for very large divisors - gpiolib: Fix gpio_direction_* for single direction GPIOs - phy: brcm-sata: allow PHY_BRCM_SATA driver to be built for DSL SoCs - phy: renesas: rcar-gen3-usb2: fix vbus_ctrl for role sysfs - phy: phy-twl4030-usb: fix denied runtime access - [armhf] dts: imx6ull: update vdd_soc voltage for 900MHz operating point - usb: gadget: uvc: Factor out video USB request queueing - usb: gadget: uvc: Only halt video streaming endpoint in bulk mode - coresight: Use ERR_CAST instead of ERR_PTR - coresight: Fix handling of sinks - coresight: perf: Fix per cpu path management - coresight: perf: Disable trace path upon source error - coresight: tmc-etr: Handle driver mode specific ETR buffers - coresight: etm4x: Configure EL2 exception level when kernel is running in HYP - coresight: tmc: Fix byte-address alignment for RRP - coresight: dynamic-replicator: Handle multiple connections - slimbus: ngd: register ngd driver only once. - slimbus: ngd: return proper error code instead of zero - silmbus: ngd: register controller after power up. - misc: kgdbts: Fix restrict error - misc: genwqe: should return proper error value. - vmbus: keep pointer to ring buffer page - vfio/pci: Fix potential memory leak in vfio_msi_cap_len - vfio/pci: Mask buggy SR-IOV VF INTx support - iw_cxgb4: Use proper enumerated type in c4iw_bar2_addrs - scsi: libsas: always unregister the old device if going to discover new - f2fs: fix remount problem of option io_bits - phy: lantiq: Fix compile warning - [arm64] dts: fsl: Fix I2C and SPI bus warnings - [armhf] dts: imx51-zii-rdu1: Fix the rtc compatible string - [arm64] tegra: I2C on Tegra194 is not compatible with Tegra114 - [armhf] dts: tegra30: fix xcvr-setup-use-fuses - [armhf] dts: tegra20: restore address order - [armhf] tegra: apalis_t30: fix mmc1 cmd pull-up - [armhf] tegra: apalis_t30: fix mcp2515 can controller interrupt polarity - [armhf] tegra: colibri_t30: fix mcp2515 can controller interrupt polarity - [armhf] dts: paz00: fix wakeup gpio keycode - net: smsc: fix return type of ndo_start_xmit function - net: faraday: fix return type of ndo_start_xmit function - PCI/ERR: Run error recovery callbacks for all affected devices - f2fs: update i_size after DIO completion - f2fs: fix to recover inode's project id during POR - f2fs: mark inode dirty explicitly in recover_inode() - RDMA: Fix dependencies for rdma_user_mmap_io - EDAC: Raise the maximum number of memory controllers - firmware: dell_rbu: Make payload memory uncachable - Bluetooth: hci_serdev: clear HCI_UART_PROTO_READY to avoid closing proto races - Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS - Bluetooth: btrsi: fix bt tx timeout issue - [x86] hyperv: Suppress "PCI: Fatal: No config space access function found" - crypto: s5p-sss: Fix race in error handling - crypto: s5p-sss: Fix Fix argument list alignment - crypto: fix a memory leak in rsa-kcs1pad's encryption mode - iwlwifi: dbg: don't crash if the firmware crashes in the middle of a debug dump - iwlwifi: fix non_shared_ant for 22000 devices - iwlwifi: pcie: read correct prph address for newer devices - iwlwifi: api: annotate compressed BA notif array sizes - iwlwifi: pcie: gen2: build A-MSDU only for GSO - iwlwifi: pcie: fit reclaim msg to MAX_MSG_LEN - iwlwifi: mvm: use correct FIFO length - iwlwifi: mvm: Allow TKIP for AP mode - scsi: NCR5380: Clear all unissued commands on host reset - scsi: NCR5380: Have NCR5380_select() return a bool - scsi: NCR5380: Withhold disconnect privilege for REQUEST SENSE - scsi: NCR5380: Use DRIVER_SENSE to indicate valid sense data - scsi: NCR5380: Check for invalid reselection target - scsi: NCR5380: Don't clear busy flag when abort fails - scsi: NCR5380: Don't call dsprintk() following reselection interrupt - scsi: NCR5380: Handle BUS FREE during reselection - scsi: NCR5380: Check for bus reset - [arm64] dts: amd: Fix SPI bus warnings - [arm64] dts: lg: Fix SPI controller node names - rtc: isl1208: avoid possible sysfs race - rtc: tx4939: fixup nvmem name and register size - rtc: armada38x: fix possible race condition - netfilter: masquerade: don't flush all conntracks if only one address deleted on device - usb: xhci-mtk: fix ISOC error when interval is zero - usb: usbtmc: uninitialized symbol 'actual' in usbtmc_ioctl_clear - fuse: use READ_ONCE on congestion_threshold and max_background - IB/iser: Fix possible NULL deref at iser_inv_desc() - media: ov2680: fix null dereference at power on - [s390x] vdso: correct vdso mapping for compat tasks - net: phy: mdio-bcm-unimac: mark PM functions as __maybe_unused - memfd: Use radix_tree_deref_slot_protected to avoid the warning. - slcan: Fix memory leak in error path https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.86 - spi: mediatek: use correct mata->xfer_len when in fifo transfer - i2c: mediatek: modify threshold passed to i2c_get_dma_safe_msg_buf() - tee: optee: add missing of_node_put after of_device_is_available - Revert "OPP: Protect dev_list with opp_table lock" - net: cdc_ncm: Signedness bug in cdc_ncm_set_dgram_size() - idr: Fix idr_get_next race with idr_remove - mm/memory_hotplug: don't access uninitialized memmaps in shrink_pgdat_span() - mm/memory_hotplug: fix updating the node span - [arm64] uaccess: Ensure PAN is re-enabled after unhandled uaccess fault - fbdev: Ditch fb_edid_add_monspecs - [i386] bpf, x32: Fix bug for BPF_ALU64 | BPF_NEG - [i386] bpf, x32: Fix bug with ALU64 {LSH, RSH, ARSH} BPF_X shift by 0 - [i386] bpf, x32: Fix bug with ALU64 {LSH, RSH, ARSH} BPF_K shift by 0 - [i386] bpf, x32: Fix bug for BPF_JMP | {BPF_JSGT, BPF_JSLE, BPF_JSLT, BPF_JSGE} - net: ovs: fix return type of ndo_start_xmit function - net: xen-netback: fix return type of ndo_start_xmit function - [armhf] dts: dra7: Enable workaround for errata i870 in PCIe host mode - [armhf] dts: omap5: enable OTG role for DWC3 controller - [arm64] net: hns3: Fix for netdev not up problem when setting mtu - [arm64] net: hns3: Fix loss of coal configuration while doing reset - f2fs: return correct errno in f2fs_gc - [armhf] dts: sun8i: h3-h5: ir register size should be the whole memory block - [armhf] dts: sun8i: h3: bpi-m2-plus: Fix address for external RGMII Ethernet PHY - tcp: up initial rmem to 128KB and SYN rwin to around 64KB - SUNRPC: Fix priority queue fairness - ACPI / LPSS: Make acpi_lpss_find_device() also find PCI devices - ACPI / LPSS: Resume BYT/CHT I2C controllers from resume_noirq - f2fs: keep lazytime on remount - IB/hfi1: Error path MAD response size is incorrect - IB/hfi1: Ensure ucast_dlid access doesnt exceed bounds - mt76x2: fix tx power configuration for VHT mcs 9 - mt76x2: disable WLAN core before probe - mt76: fix handling ps-poll frames - [arm64,armhf] iommu/io-pgtable-arm: Fix race handling in split_blk_unmap() - [arm64,armhf] iommu/arm-smmu-v3: Fix unexpected CMD_SYNC timeout - [arm64,armhf] kvm: Fix stage2_flush_memslot for 4 level page table - [arm64] numa: Report correct memblock range for the dummy node - ath10k: fix vdev-start timeout on error - rtlwifi: btcoex: Use proper enumerated types for Wi-Fi only interface - ata: ahci_brcm: Allow using driver or DSL SoCs - PM / devfreq: Fix devfreq_add_device() when drivers are built as modules. - PM / devfreq: Fix handling of min/max_freq == 0 - PM / devfreq: stopping the governor before device_unregister() - ath9k: fix reporting calculated new FFT upper max - selftests/tls: Fix recv(MSG_PEEK) & splice() test cases - usb: gadget: udc: fotg210-udc: Fix a sleep-in-atomic-context bug in fotg210_get_status() - usb: dwc3: gadget: Check ENBLSLPM before sending ep command - nl80211: Fix a GET_KEY reply attribute - [arm64,armhf] irqchip/irq-mvebu-icu: Fix wrong private data retrieval - watchdog: core: fix null pointer dereference when releasing cdev - watchdog: w83627hf_wdt: Support NCT6796D, NCT6797D, NCT6798D - [ppc64el,powerpc64] Inform the userspace about TCE update failures - printk: Do not miss new messages when replaying the log - printk: CON_PRINTBUFFER console registration is a bit racy - dmaengine: ep93xx: Return proper enum in ep93xx_dma_chan_direction - dmaengine: timb_dma: Use proper enum in td_prep_slave_sg - [x86] ALSA: hda: Fix mismatch for register mask and value in ext controller. - ext4: fix build error when DX_DEBUG is defined - clk: keystone: Enable TISCI clocks if K3_ARCH - sunrpc: Fix connect metrics - [x86] PCI: Apply VMD's AERSID fixup generically - mei: samples: fix a signedness bug in amt_host_if_call() - cxgb4: Use proper enum in cxgb4_dcb_handle_fw_update - cxgb4: Use proper enum in IEEE_FAUX_SYNC - [ppc64el,powerpc*] Fix DTL buffer registration - [ppc64el,powerpc*] Fix how we iterate over the DTL entries - [ppc64el,powerpc*] xive: Move a dereference below a NULL test - mtd: rawnand: sh_flctl: Use proper enum for flctl_dma_fifo0_transfer - PM / hibernate: Check the success of generating md5 digest before hibernation - tools: PCI: Fix compilation warnings - ice: Fix forward to queue group logic - md: allow metadata updates while suspending an array - fix - ixgbe: Fix ixgbe TX hangs with XDP_TX beyond queue limit - i40e: Use proper enum in i40e_ndo_set_vf_link_state - ixgbe: Fix crash with VFs and flow director on interface flap - IB/mthca: Fix error return code in __mthca_init_one() - IB/rxe: avoid srq memory leak - RDMA/hns: Bugfix for reserved qp number - RDMA/hns: Submit bad wr when post send wr exception - RDMA/hns: Bugfix for CM test - RDMA/hns: Limit the size of extend sge of sq - IB/mlx4: Avoid implicit enumerated type conversion - rpmsg: glink: smem: Support rx peak for size less than 4 bytes - msm/gpu/a6xx: Force of_dma_configure to setup DMA for GMU - OPP: Return error on error from dev_pm_opp_get_opp_count() - ACPICA: Never run _REG on system_memory and system_IO - cpuidle: menu: Fix wakeup statistics updates for polling state - ASoC: qdsp6: q6asm-dai: checking NULL vs IS_ERR() - [ppc64el,powerpc*] time: Use clockevents_register_device(), fixing an issue with large decrementer - [ppc64el,powerpc64] radix: Explicitly flush ERAT with local LPID invalidation - ata: ep93xx: Use proper enums for directions - qed: Avoid implicit enum conversion in qed_ooo_submit_tx_buffers - media: rc: ir-rc6-decoder: enable toggle bit for Kathrein RCU-676 remote - media: pxa_camera: Fix check for pdev->dev.of_node - media: rcar-vin: fix redeclaration of symbol - media: i2c: adv748x: Support probing a single output - [x86] ALSA: hda/sigmatel - Disable automute for Elo VuPoint - bnxt_en: return proper error when FW returns HWRM_ERR_CODE_RESOURCE_ACCESS_DENIED - [ppc64el,powerpc64] Book3S PR: Exiting split hack mode needs to fixup both PC and LR - USB: serial: cypress_m8: fix interrupt-out transfer length - usb: dwc2: disable power_down on rockchip devices - mtd: physmap_of: Release resources on error - cpu/SMT: State SMT is disabled even with nosmt and without "=force" - brcmfmac: reduce timeout for action frame scan - brcmfmac: fix full timeout waiting for action frame on-channel tx - qtnfmac: request userspace to do OBSS scanning if FW can not - qtnfmac: pass sgi rate info flag to wireless core - qtnfmac: inform wireless core about supported extended capabilities - qtnfmac: drop error reports for out-of-bounds key indexes - [armhf] clk: samsung: Use NOIRQ stage for Exynos5433 clocks suspend/resume - [armhf] clk: samsung: exynos5420: Define CLK_SECKEY gate clock only or Exynos5420 - [armhf] clk: samsung: Use clk_hw API for calling clk framework from clk notifiers - printk: Correct wrong casting - NFSv4.x: fix lock recovery during delegation recall - dmaengine: ioat: fix prototype of ioat_enumerate_channels - media: ov5640: fix framerate update - media: cec-gpio: select correct Signal Free Time - gfs2: slow the deluge of io error messages - i2c: omap: use core to detect 'no zero length' quirk - i2c: qup: use core to detect 'no zero length' quirk - i2c: tegra: use core to detect 'no zero length' quirk - i2c: zx2967: use core to detect 'no zero length' quirk - Input: st1232 - set INPUT_PROP_DIRECT property - Input: silead - try firmware reload after unsuccessful resume - soc: fsl: bman_portals: defer probe after bman's probe - net: hns3: Fix for rx vlan id handle to support Rev 0x21 hardware - tc-testing: fix build of eBPF programs - remoteproc: Check for NULL firmwares in sysfs interface - remoteproc: qcom: q6v5: Fix a race condition on fatal crash - kexec: Allocate decrypted control pages for kdump if SME is enabled - [x86] olpc: Fix build error with CONFIG_MFD_CS5535=m - dmaengine: rcar-dmac: set scatter/gather max segment size - xfrm: use correct size to initialise sp->ovec - ACPI / SBS: Fix rare oops when removing modules - iwlwifi: mvm: don't send keys when entering D3 - xsk: proper AF_XDP socket teardown ordering - [amd64] fsgsbase: Fix ptrace() to read the FS/GS base accurately - mmc: renesas_sdhi_internal_dmac: Whitelist r8a774a1 - mmc: tmio: Fix SCC error detection - mmc: renesas_sdhi_internal_dmac: set scatter/gather max segment size - fbdev: sbuslib: use checked version of put_user() - fbdev: sbuslib: integer overflow in sbusfb_ioctl_helper() - fbdev: fix broken menu dependencies - reset: Fix potential use-after-free in __of_reset_control_get() - bcache: account size of buckets used in uuid write to ca->meta_sectors_written - bcache: recal cached_dev_sectors on detach - [x86] platform: mlx-platform: Properly use mlxplat_mlxcpld_msn201x_items - media: dw9714: Fix error handling in probe function - media: dw9807-vcm: Fix probe error handling - media: cx18: Don't check for address of video_dev - mtd: spi-nor: cadence-quadspi: Use proper enum for dma_[un]map_single - mtd: devices: m25p80: Make sure WRITE_EN is issued before each write - [x86] intel_rdt: Introduce utility to obtain CDP peer - [x86] intel_rdt: CBM overlap should also check for overlap with CDP peer - mmc: mmci: expand startbiterr to irqmask and error check - [s390x] kasan: avoid vdso instrumentation - [s390x] kasan: avoid instrumentation of early C code - [s390x] kasan: avoid user access code instrumentation - [i386] proc/vmcore: Fix i386 build error of missing copy_oldmem_page_encrypted() - backlight: lm3639: Unconditionally call led_classdev_unregister - mfd: ti_am335x_tscadc: Keep ADC interface on if child is wakeup capable - printk: Give error on attempt to set log buffer length to over 2G - media: isif: fix a NULL pointer dereference bug - GFS2: Flush the GFS2 delete workqueue before stopping the kernel threads - media: cx231xx: fix potential sign-extension overflow on large shift - media: venus: vdec: fix decoded data size - [x86] ALSA: hda/ca0132 - Fix input effect controls for desktop cards - lightnvm: pblk: fix rqd.error return value in pblk_blk_erase_sync - lightnvm: pblk: fix incorrect min_write_pgs - lightnvm: pblk: guarantee emeta on line close - lightnvm: pblk: fix write amplificiation calculation - lightnvm: pblk: guarantee mw_cunits on read buffer - lightnvm: do no update csecs and sos on 1.2 - lightnvm: pblk: fix error handling of pblk_lines_init() - lightnvm: pblk: consider max hw sectors supported for max_write_pgs - [x86] kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error - bpf: btf: Fix a missing check bug - net: fix generic XDP to handle if eth header was mangled - gpio: syscon: Fix possible NULL ptr usage - spi: fsl-lpspi: Prevent FIFO under/overrun by default - pinctrl: gemini: Mask and set properly - spi: spidev: Fix OF tree warning logic - [armel,armhf] 8802/1: Call syscall_trace_exit even when system call skipped - [x86] mm: Do not warn about PCI BIOS W+X mappings - orangefs: rate limit the client not running info message - pinctrl: gemini: Fix up TVC clock group - scsi: arcmsr: clean up clang warning on extraneous parentheses - [x86] hwmon: (k10temp) Support all Family 15h Model 6xh and Model 7xh processors - hwmon: (nct6775) Fix names of DIMM temperature sources - hwmon: (pwm-fan) Silence error on probe deferral - hwmon: (ina3221) Fix INA3221_CONFIG_MODE macros - hwmon: (npcm-750-pwm-fan) Change initial pwm target to 255 - selftests: forwarding: Have lldpad_app_wait_set() wait for unknown, too - net: sched: avoid writing on noop_qdisc - netfilter: nft_compat: do not dump private area - misc: cxl: Fix possible null pointer dereference - mac80211: minstrel: fix using short preamble CCK rates on HT clients - mac80211: minstrel: fix CCK rate group streams value - mac80211: minstrel: fix sampling/reporting of CCK rates in HT mode - spi: rockchip: initialize dma_slave_config properly - mlxsw: spectrum_switchdev: Check notification relevance based on upper device - [armhf] dts: omap5: Fix dual-role mode on Super-Speed port - tcp: start receiver buffer autotuning sooner - ACPI / LPSS: Use acpi_lpss_* instead of acpi_subsys_* functions for hibernate - PM / devfreq: Fix static checker warning in try_then_request_governor - tools: PCI: Fix broken pcitest compilation - [ppc64el,powerpc*] time: Fix clockevent_decrementer initalisation for PR KVM - mmc: tmio: fix SCC error handling to avoid false positive CRC error - [x86] resctrl: Fix rdt_find_domain() return value and checks https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.87 - mlxsw: spectrum_router: Fix determining underlay for a GRE tunnel - net/mlx4_en: fix mlx4 ethtool -N insertion - net/mlx4_en: Fix wrong limitation for number of TX rings - net: rtnetlink: prevent underflows in do_setvfinfo() - net/sched: act_pedit: fix WARN() in the traffic path - net: sched: ensure opts_len <= IP_TUNNEL_OPTS_MAX in act_tunnel_key - sfc: Only cancel the PPS workqueue if it exists - net/mlx5e: Fix set vf link state error flow - net/mlxfw: Verify FSM error code translation doesn't exceed array size - net/mlx5: Fix auto group size calculation - vhost/vsock: split packets to send using multiple buffers - gpio: max77620: Fixup debounce delays - tools: gpio: Correctly add make dependencies for gpio_utils - nbd:fix memory leak in nbd_get_socket() - virtio_console: allocate inbufs in add_port() only if it is needed - Revert "fs: ocfs2: fix possible null-pointer dereferences in ocfs2_xa_prepare_entry()" - mm/ksm.c: don't WARN if page is still mapped in remove_stable_node() - [x86] drm/amd/powerplay: issue no PPSMC_MSG_GetCurrPkgPwr on unsupported ASICs - [x86] drm/i915/pmu: "Frequency" is reported as accumulated cycles - [x86] drm/i915/userptr: Try to acquire the page lock around set_page_dirty() - mwifiex: Fix NL80211_TX_POWER_LIMITED - ALSA: isight: fix leak of reference to firewire unit in error path of .probe callback - crypto: testmgr - fix sizeof() on COMP_BUF_SIZE - printk: lock/unlock console only for new logbuf entries - printk: fix integer overflow in setup_log_buf() - pinctrl: madera: Fix uninitialized variable bug in madera_mux_set_mux - PCI: cadence: Write MSI data with 32bits - gfs2: Fix marking bitmaps non-full - pty: fix compat ioctls - synclink_gt(): fix compat_ioctl() - [ppc64] Fix signedness bug in update_flash_db() - [powerpc] boot: Fix opal console in boot wrapper - [ppc64*,powerpc] boot: Disable vector instructions - [ppc64*,powerpc] eeh: Fix null deref for devices removed during EEH - [ppc64*,powerpc] eeh: Fix use of EEH_PE_KEEP on wrong field - EDAC, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() - mt76: do not store aggregation sequence number for null-data frames - mt76x0: phy: fix restore phase in mt76x0_phy_recalibrate_after_assoc - brcmsmac: AP mode: update beacon when TIM changes - ath10k: set probe request oui during driver start - ath10k: allocate small size dma memory in ath10k_pci_diag_write_mem - skd: fixup usage of legacy IO API - cdrom: don't attempt to fiddle with cdo->capability - spi: sh-msiof: fix deferred probing - mmc: mediatek: fill the actual clock for mmc debugfs - mmc: mediatek: fix cannot receive new request when msdc_cmd_is_ready fail - PCI: mediatek: Fix class type for MT7622 to PCI_CLASS_BRIDGE_PCI - btrfs: defrag: use btrfs_mod_outstanding_extents in cluster_pages_for_defrag - btrfs: handle error of get_old_root - gsmi: Fix bug in append_to_eventlog sysfs handler - misc: mic: fix a DMA pool free failure - w1: IAD Register is yet readable trough iad sys file. Fix snprintf (%u for unsigned, count for max size). - [m68k] fix command-line parsing when passed from u-boot - RDMA/bnxt_re: Avoid NULL check after accessing the pointer - RDMA/bnxt_re: Fix qp async event reporting - RDMA/bnxt_re: Avoid resource leak in case the NQ registration fails - pinctrl: sunxi: Fix a memory leak in 'sunxi_pinctrl_build_state()' - pwm: lpss: Only set update bit if we are actually changing the settings - amiflop: clean up on errors during setup - qed: Align local and global PTT to propagate through the APIs. - scsi: ips: fix missing break in switch - nfp: bpf: protect against mis-initializing atomic counters - [x86] KVM: nVMX: reset cache/shadows when switching loaded VMCS - [x86] KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode() - [x86] KVM: Fix invvpid and invept register operand size in 64-bit mode - clk: tegra: Fixes for MBIST work around - scsi: isci: Use proper enumerated type in atapi_d2h_reg_frame_handler - scsi: isci: Change sci_controller_start_task's return type to sci_status - scsi: bfa: Avoid implicit enum conversion in bfad_im_post_vendor_event - scsi: iscsi_tcp: Explicitly cast param in iscsi_sw_tcp_host_get_param - nvmet: avoid integer overflow in the discard code - nvmet-fcloop: suppress a compiler warning - nvme-pci: fix hot removal during error handling - PCI: mediatek: Fixup MSI enablement logic by enabling MSI before clocks - clk: mmp2: fix the clock id for sdh2_clk and sdh3_clk - ASoC: tegra_sgtl5000: fix device_node refcounting - scsi: dc395x: fix dma API usage in srb_done - scsi: dc395x: fix DMA API usage in sg_update_list - scsi: zorro_esp: Limit DMA transfers to 65535 bytes - net: dsa: mv88e6xxx: Fix 88E6141/6341 2500mbps SERDES speed - net: fix warning in af_unix - xfs: fix use-after-free race in xfs_buf_rele - xfs: clear ail delwri queued bufs on unmount of shutdown fs - kprobes, x86/ptrace.h: Make regs_get_kernel_stack_nth() not fault on bad stack - ACPI / scan: Create platform device for INT33FE ACPI nodes - PM / Domains: Deal with multiple states but no governor in genpd - ALSA: i2c/cs8427: Fix int to char conversion - macintosh/windfarm_smu_sat: Fix debug output - PCI: vmd: Detach resources after stopping root bus - USB: misc: appledisplay: fix backlight update_status return code - usbip: tools: fix atoi() on non-null terminated string - sctp: use sk_wmem_queued to check for writable space - dm raid: avoid bitmap with raid4/5/6 journal device - selftests/bpf: fix file resource leak in load_kallsyms - SUNRPC: Fix a compile warning for cmpxchg64() - sunrpc: safely reallow resvport min/max inversion - atm: zatm: Fix empty body Clang warnings - [s390x] perf: Return error when debug_register fails - swiotlb: do not panic on mapping failures - spi: omap2-mcspi: Set FIFO DMA trigger level to word length - [x86] intel_rdt: Prevent pseudo-locking from using stale pointers - sparc: Fix parport build warnings. - [ppc64*,powerpc] pseries: Export raw per-CPU VPA data via debugfs - [ppc64*,powerpc] mm/radix: Fix off-by-one in split mapping logic - [ppc64*,powerpc] mm/radix: Fix overuse of small pages in splitting logic - [ppc64*,powerpc] mm/radix: Fix small page at boundary when splitting - [ppc64*] radix: Fix radix__flush_tlb_collapsed_pmd double flushing pmd - selftests/bpf: fix return value comparison for tests in test_libbpf.sh - tools: bpftool: fix completion for "bpftool map update" - ceph: fix dentry leak in ceph_readdir_prepopulate - ceph: only allow punch hole mode in fallocate - thermal: armada: fix a test in probe() - f2fs: fix to spread clear_cold_data() - f2fs: spread f2fs_set_inode_flags() - mISDN: Fix type of switch control variable in ctrl_teimanager - qlcnic: fix a return in qlcnic_dcb_get_capability() - net: ethernet: ti: cpsw: unsync mcast entries while switch promisc mode - mfd: arizona: Correct calling of runtime_put_sync - mfd: mc13xxx-core: Fix PMIC shutdown when reading ADC values - [x86] mfd: intel_soc_pmic_bxtwc: Chain power button IRQs as well - mfd: max8997: Enale irq-wakeup unconditionally - net: socionext: Stop PHY before resetting netsec - fs/cifs: fix uninitialised variable warnings - spi: uniphier: fix incorrect property items - selftests/ftrace: Fix to test kprobe $comm arg only if available - selftests: watchdog: fix message when /dev/watchdog open fails - selftests: watchdog: Fix error message. - selftests: kvm: Fix -Wformat warnings - selftests: fix warning: "_GNU_SOURCE" redefined - net: ethernet: cadence: fix socket buffer corruption problem - bpf: devmap: fix wrong interface selection in notifier_call - bpf, btf: fix a missing check bug in btf_parse - [sparc64] Rework xchg() definition to avoid warnings. - [arm64] lib: use C string functions with KASAN enabled - fs/ocfs2/dlm/dlmdebug.c: fix a sleep-in-atomic-context bug in dlm_print_one_mle() - mm/page-writeback.c: fix range_cyclic writeback vs writepages deadlock - tools/testing/selftests/vm/gup_benchmark.c: fix 'write' flag usage - mm: thp: fix MADV_DONTNEED vs migrate_misplaced_transhuge_page race condition - macsec: update operstate when lower device changes - macsec: let the administrator set UP state even if lowerdev is down - block: fix the DISCARD request merge - i2c: uniphier-f: make driver robust against concurrency - i2c: uniphier-f: fix occasional timeout error - i2c: uniphier-f: fix race condition when IRQ is cleared - um: Make line/tty semantics use true write IRQ - vfs: avoid problematic remapping requests into partial EOF block - ipv4/igmp: fix v1/v2 switchback timeout based on rfc3376, 8.12 - [ppc64*,powerpc] xmon: Relax frame size for clang - [ppc64*,powerpc] selftests/ptrace: Fix out-of-tree build - [ppc64*,powerpc] selftests/signal: Fix out-of-tree build - [ppc64*,powerpc] selftests/switch_endian: Fix out-of-tree build - [ppc64*,powerpc] selftests/cache_shape: Fix out-of-tree build - block: call rq_qos_exit() after queue is frozen - mm/gup_benchmark.c: prevent integer overflow in ioctl - linux/bitmap.h: handle constant zero-size bitmaps correctly - linux/bitmap.h: fix type of nbits in bitmap_shift_right() - lib/bitmap.c: fix remaining space computation in bitmap_print_to_pagebuf - hfsplus: fix BUG on bnode parent update - hfs: fix BUG on bnode parent update - hfsplus: prevent btree data loss on ENOSPC - hfs: prevent btree data loss on ENOSPC - hfsplus: fix return value of hfsplus_get_block() - hfs: fix return value of hfs_get_block() - hfsplus: update timestamps on truncate() - hfs: update timestamp on truncate() - fs/hfs/extent.c: fix array out of bounds read of array extent - kernel/panic.c: do not append newline to the stack protector panic string - mm/memory_hotplug: make add_memory() take the device_hotplug_lock - mm/memory_hotplug: fix online/offline_pages called w.o. mem_hotplug_lock - [ppc64*,powerprc] powerpc/powernv: hold device_hotplug_lock when calling device_online() - igb: shorten maximum PHC timecounter update interval - fm10k: ensure completer aborts are marked as non-fatal after a resume - [arm64] net: hns3: bugfix for buffer not free problem during resetting - [arm64] net: hns3: bugfix for reporting unknown vector0 interrupt repeatly problem - [arm64] net: hns3: bugfix for is_valid_csq_clean_head() - [arm64] net: hns3: bugfix for hclge_mdio_write and hclge_mdio_read - ntb_netdev: fix sleep time mismatch - [x86] ntb: intel: fix return value for ndev_vec_mask() - irq/matrix: Fix memory overallocation - nvme-pci: fix conflicting p2p resource adds - [arm64] makefile fix build of .i file in external module case - [x86] tools/power turbosat: fix AMD APIC-id output - mm: handle no memcg case in memcg_kmem_charge() properly - ocfs2: without quota support, avoid calling quota recovery - ocfs2: don't use iocb when EIOCBQUEUED returns - ocfs2: don't put and assigning null to bh allocated outside - ocfs2: fix clusters leak in ocfs2_defrag_extent() - net: do not abort bulk send on BQL status - sched/topology: Fix off by one bug - sched/fair: Don't increase sd->balance_interval on newidle balance - openvswitch: fix linking without CONFIG_NF_CONNTRACK_LABELS - [armhf] dts: imx6sx-sdb: Fix enet phy regulator - [arm64] sunxi-ng: enable so-said LDOs for A64 SoC's pll-mipi clock - soc: bcm: brcmstb: Fix re-entry point with a THUMB2_KERNEL - audit: print empty EXECVE args - sock_diag: fix autoloading of the raw_diag module - net: bpfilter: fix iptables failure if bpfilter_umh is disabled - nds32: Fix bug in bitfield.h - media: ov13858: Check for possible null pointer - btrfs: avoid link error with CONFIG_NO_AUTO_INLINE - wil6210: fix debugfs memory access alignment - wil6210: fix L2 RX status handling - wil6210: fix RGF_CAF_ICR address for Talyn-MB - wil6210: fix locking in wmi_call - ath10k: snoc: fix unbalanced clock error handling - wlcore: Fix the return value in case of error in 'wlcore_vendor_cmd_smart_config_start()' - rtl8xxxu: Fix missing break in switch - brcmsmac: never log "tid x is not agg'able" by default - wireless: airo: potential buffer overflow in sprintf() - rtlwifi: rtl8192de: Fix misleading REG_MCUFWDL information - net: dsa: bcm_sf2: Turn on PHY to allow successful registration - scsi: mpt3sas: Fix Sync cache command failure during driver unload - scsi: mpt3sas: Don't modify EEDPTagMode field setting on SAS3.5 HBA devices - scsi: mpt3sas: Fix driver modifying persistent data in Manufacturing page11 - scsi: megaraid_sas: Fix msleep granularity - scsi: megaraid_sas: Fix goto labels in error handling - scsi: lpfc: fcoe: Fix link down issue after 1000+ link bounces - scsi: lpfc: Fix odd recovery in duplicate FLOGIs in point-to-point - scsi: lpfc: Correct loss of fc4 type on remote port address change - usb: typec: tcpm: charge current handling for sink during hard reset - dlm: fix invalid free - dlm: don't leak kernel pointer to userspace - vrf: mark skb for multicast or link-local as enslaved to VRF - clk: tegra20: Turn EMC clock gate into divider - ACPICA: Use %d for signed int print formatting instead of %u - net: bcmgenet: return correct value 'ret' from bcmgenet_power_down - of: unittest: allow base devicetree to have symbol metadata - of: unittest: initialize args before calling of_*parse_*() - tools: bpftool: pass an argument to silence open_obj_pinned() - cfg80211: Prevent regulatory restore during STA disconnect in concurrent interfaces - pinctrl: qcom: spmi-gpio: fix gpio-hog related boot issues - pinctrl: bcm2835: Use define directive for BCM2835_PINCONF_PARAM_PULL - pinctrl: lpc18xx: Use define directive for PIN_CONFIG_GPIO_PIN_INT - pinctrl: zynq: Use define directive for PIN_CONFIG_IO_STANDARD - PCI: keystone: Use quirk to limit MRRS for K2G - nvme-pci: fix surprise removal - spi: omap2-mcspi: Fix DMA and FIFO event trigger size mismatch - i2c: uniphier-f: fix timeout error after reading 8 bytes - mm/memory_hotplug: Do not unlock when fails to take the device_hotplug_lock - ipv6: Fix handling of LLA with VRF and sockets bound to VRF - cfg80211: call disconnect_wk when AP stops - mm/page_io.c: do not free shared swap slots - Bluetooth: Fix invalid-free in bcsp_close() - KVM: MMU: Do not treat ZONE_DEVICE pages as being reserved - ath10k: Fix a NULL-ptr-deref bug in ath10k_usb_alloc_urb_from_pipe - ath9k_hw: fix uninitialized variable data - md/raid10: prevent access of uninitialized resync_pages offset - mm/memory_hotplug: don't access uninitialized memmaps in shrink_zone_span() - net: phy: dp83867: fix speed 10 in sgmii mode - net: phy: dp83867: increase SGMII autoneg timer duration - ocfs2: remove ocfs2_is_o2cb_active() - [arm*] 8904/1: skip nomap memblocks while finding the lowmem/highmem boundary - ARC: perf: Accommodate big-endian CPU - [x86] insn: Fix awk regexp warnings - [x86] speculation: Fix incorrect MDS/TAA mitigation status - [x86] speculation: Fix redundant MDS mitigation message - nbd: prevent memory leak - y2038: futex: Move compat implementation into futex.c - futex: Prevent robust futex exit race - ALSA: usb-audio: Fix NULL dereference at parsing BADD - nfc: port100: handle command failure cleanly - media: vivid: Set vid_cap_streaming and vid_out_streaming to true - media: vivid: Fix wrong locking that causes race conditions on streaming stop (CVE-2019-18683) - media: usbvision: Fix races among open, close, and disconnect - cpufreq: Add NULL checks to show() and store() methods of cpufreq - media: uvcvideo: Fix error path in control parsing failure - media: b2c2-flexcop-usb: add sanity checking - media: cxusb: detect cxusb_ctrl_msg error in query - media: imon: invalid dereference in imon_touch_event - virtio_ring: fix return code on DMA mapping fails - USBIP: add config dependency for SGL_ALLOC - usbip: tools: fix fd leakage in the function of read_attr_usbip_status - usbip: Fix uninitialized symbol 'nents' in stub_recv_cmd_submit() - usb-serial: cp201x: support Mark-10 digital force gauge - USB: chaoskey: fix error case of a timeout - appledisplay: fix error handling in the scheduled work - USB: serial: mos7840: add USB ID to support Moxa UPort 2210 - USB: serial: mos7720: fix remote wakeup - USB: serial: mos7840: fix remote wakeup - USB: serial: option: add support for DW5821e with eSIM support - USB: serial: option: add support for Foxconn T77W968 LTE modules - staging: comedi: usbduxfast: usbduxfast_ai_cmdtest rounding error - [ppc64*] support nospectre_v2 cmdline option - [ppc64*] book3s: Fix link stack flush on context switch (CVE-2019-18660) - [ppc64*, powerpc] PPC: Book3S HV: Flush link stack on guest exit to host kernel - PM / devfreq: Fix kernel oops on governor module load . [ Romain Perier ] * [armel/rpi] Enable CONFIG_BRCMFMAC_SDIO (Closes: #940530) * [armhf, arm64] Backport devicetree for enabling support for the Raspberry PI 3 A+ . [ Salvatore Bonaccorso ] * ixgbe: Fix secpath usage for IPsec TX offload (Closes: #930443) * ipv4: Return -ENETUNREACH if we can't create route but saddr is valid (Closes: #945023) * [x86] KVM: x86: introduce is_pae_paging (Regression in 4.19.77) * [rt] Refresh 0011-sched-fair-Robustify-CFS-bandwidth-timer-locking.patch (context changes in 4.19.84) . [ Bastian Blank ] * [amd64/cloud-amd64] Re-enable RTC drivers. (closes: #931341) . [ Noah Meyerhans ] * drivers/net/ethernet/amazon: Backport driver fixes from Linux 5.4 (Closes: #941291) * Bump ABI to 7 . [ Ben Hutchings ] * debian/bin/genpatch-rt: Fix series generation from git * [rt] Update to 4.19.82-rt30: - Drop changes in "fs/dcache: disable preemption on i_dir_seq's write side" that conflict with "Fix the locking in dcache_readdir() and friends" - Rewrite "fs/aio: simple simple work" using kthread_work - Rewrite "thermal: Defer thermal wakups to threads" using kthread_work - Rewrite "block: blk-mq: move blk_queue_usage_counter_release() into process context" using kthread_work - workqueue: rework . [ Benjamin Poirier ] * tools/perf: Add python3 support to scripts (Closes: #944641) . [ Aurelien Jarno ] * [rt] Refresh 0025-NFSv4-replace-seqcount_t-with-a-seqlock_t.patch (context changes in 4.19.86) * [rt] Refresh 0202-net-Qdisc-use-a-seqlock-instead-seqcount.patch (context changes in 4.19.86) * [rt] Refresh 0057-printk-Add-a-printk-kill-switch.patch (context changes in 4.19.87) * [rt] Refresh 0207-printk-Make-rt-aware.patch (context changes in 4.19.87) linux-signed-i386 (4.19.67+2+deb10u2) buster-security; urgency=high . * Sign kernel from linux 4.19.67-2+deb10u2 . * [x86] Add mitigation for TSX Asynchronous Abort (CVE-2019-11135): - KVM: x86: use Intel speculation bugs and features as derived in generic x86 code - x86/msr: Add the IA32_TSX_CTRL MSR - x86/cpu: Add a helper function x86_read_arch_cap_msr() - x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default - x86/speculation/taa: Add mitigation for TSX Async Abort - x86/speculation/taa: Add sysfs reporting for TSX Async Abort - kvm/x86: Export MDS_NO=0 to guests when TSX is enabled - x86/tsx: Add "auto" option to the tsx= cmdline parameter - x86/speculation/taa: Add documentation for TSX Async Abort - x86/tsx: Add config options to set tsx=on|off|auto - x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs TSX is now disabled by default; see Documentation/admin-guide/hw-vuln/tsx_async_abort.rst * [x86] KVM: Add mitigation for Machine Check Error on Page Size Change (aka iTLB multi-hit, CVE-2018-12207): - kvm: Convert kvm_lock to a mutex - kvm: x86: Do not release the page inside mmu_set_spte() - KVM: x86: make FNAME(fetch) and __direct_map more similar - KVM: x86: remove now unneeded hugepage gfn adjustment - KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON - KVM: x86: add tracepoints around __direct_map and FNAME(fetch) - kvm: x86, powerpc: do not allow clearing largepages debugfs entry - KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active - x86/bugs: Add ITLB_MULTIHIT bug infrastructure - cpu/speculation: Uninline and export CPU mitigations helpers - kvm: mmu: ITLB_MULTIHIT mitigation - kvm: Add helper function for creating VM worker threads - kvm: x86: mmu: Recovery of shattered NX large pages - Documentation: Add ITLB_MULTIHIT documentation * [x86] i915: Mitigate local privilege escalation on gen9 (CVE-2019-0155): - drm/i915: Rename gen7 cmdparser tables - drm/i915: Disable Secure Batches for gen6+ - drm/i915: Remove Master tables from cmdparser - drm/i915: Add support for mandatory cmdparsing - drm/i915: Support ro ppgtt mapped cmdparser shadow buffers - drm/i915: Allow parsing of unsized batches - drm/i915: Add gen9 BCS cmdparsing - drm/i915/cmdparser: Use explicit goto for error paths - drm/i915/cmdparser: Add support for backward jumps - drm/i915/cmdparser: Ignore Length operands during command matching - drm/i915/cmdparser: Fix jump whitelist clearing * [x86] i915: Mitigate local denial-of-service on gen8/gen9 (CVE-2019-0154): - drm/i915: Lower RM timeout to avoid DSI hard hangs - drm/i915/gen8+: Add RC6 CTX corruption WA linux-signed-i386 (4.19.67+2+deb10u2~bpo9+1) stretch-backports; urgency=medium . * Sign kernel from linux 4.19.67-2+deb10u2~bpo9+1 . * Rebuild for stretch-backports; no further changes required mariadb-10.3 (1:10.3.22-0+deb10u1) buster; urgency=high . * SECURITY UPDATE: New upstream version 10.3.22. Includes fixes for the following security vulnerabilities: - CVE-2020-2574 * Includes new upstream version 10.3.21 - Drop systemd service patch applied upstream - Update symbols to match latest libmariadb_3 * Previous release 10.3.20 includes fix for the regression introduced in the 10.3.19 release: - MDEV-20987: InnoDB fails to start when FTS table has FK relation * Previous release 10.3.19 includes fixes for the following security vulnerabilities: - CVE-2019-2938 - CVE-2019-2974 * Prefer salsa-ci.yml naming over gitlab-ci.yml since we inherit Salsa-CI mariadb-10.3 (1:10.3.21-2) unstable; urgency=medium . [ Otto Kekäläinen ] * Update Python dependencies and recommends to Python 3 (Closes: #945697) * Remove deprecated basedir config from debian.cnf (Closes: #947553) . [ James Clarke ] * Fix RocksDB on GNU/kFreeBSD (Closes: #920994) * Use versioned symbols on GNU/kFreeBSD mariadb-10.3 (1:10.3.21-1) unstable; urgency=low . [ Faustin Lammler ] * Remove no more needed lintian overrides . [ Otto Kekäläinen ] * New upstream version 10.3.21 mariadb-10.3 (1:10.3.20-1) unstable; urgency=high . * New upstream version 10.3.20. Includes fix for regression: - MDEV-20987: InnoDB fails to start when FTS table has FK relation * Remove obsolete fields Name, Contact from debian/upstream/metadata * Gitlab-CI: Print artifact sizes to ensure it stays under 100 MB * Gitlab-CI: Adapt CI jobs for Debian Sid work * Update README.Maintainer with current Debian and Ubuntu release statuses mariadb-10.3 (1:10.3.19-1) unstable; urgency=high . [ Otto Kekäläinen ] * New upstream version 10.3.17. Includes security fixes for: - CVE-2019-2938 - CVE-2019-2974 * Update symbols to match latest libmariadb_3 * Drop systemd service patch applied upstream . [ Faustin Lammler ] * Fix typo in Readme mariadb-10.3 (1:10.3.18-1) unstable; urgency=medium . * New upstream version 10.3.18. Fixes regression introduced in 10.3.17 (MDEV-20247: Replication hangs with "preparing" and never starts) (Closes: #939819) * Minort Gitlab-CI improvements mediawiki (1:1.31.6-1~deb10u1) buster-security; urgency=medium . * New upstream version 1.31.6 (security release), fixing CVE-2019-19709. mediawiki (1:1.31.5-3) unstable; urgency=medium . * In autopkgtests, skip testing against mysql-server if it isn't available, such as in Debian testing * Move packaging git repository to Salsa and update relevant documentation * Set up and configure Salsa CI * Sync d/upstream/signing-key.asc with upstream mediawiki (1:1.31.5-2) unstable; urgency=medium . * Add extra debugging information to autopkgtests * Backport patches from upstream for Postgresql 12 compatibility (Closes: #944650) mediawiki (1:1.31.5-1) unstable; urgency=medium . * New upstream version 1.31.5 * Incorporate MySQL autopkgtest improvements from Lars Tangvald and Robie Basak from Ubuntu: * Use a different method besides MySQL 8.0's default authentication because PHP doesn't currently support it. * Explicitly test MySQL and MariaDB regardless of which one is the default. * Standards-Version: 4.4.1, no changes needed mediawiki (1:1.31.4-1) unstable; urgency=medium . * New upstream version 1.31.4 (security release), fixing CVE-2019-16738. mesa (18.3.6-2+deb10u1) buster; urgency=medium . * Call shmget() with permission 0600 instead of 0777 (CVE-2019-5068) (Closes: #944298) mnemosyne (2.6.1+ds-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. . [ Julien Puydt ] * Add depends on PIL (Closes: #947032). modsecurity (3.0.3-1+deb10u1) buster; urgency=medium . * Fixes CVE-2019-19886 (Closes: #949682) mosquitto (1.5.7-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Restrict topic hierarchy to 200 levels to prevent possible stack overflow (CVE-2019-11779) (Closes: #940654) netty (1:4.1.33-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Correctly handle whitespaces in HTTP header names as defined by RFC7230#section-3.2.4 (CVE-2019-16869) (Closes: #941266) node-kind-of (6.0.2+dfsg-1+deb10u1) buster; urgency=medium . * Team upload * fix type checking vul in ctorName (Closes: #948095, CVE-2019-20149) nss (2:3.42.1-1+deb10u2) buster-security; urgency=medium . * CVE-2019-11745 CVE-2019-17007 ntpsec (1.1.3+dfsg1-2+deb10u1) buster; urgency=medium . * Backport fix for slow DNS retries (Closes: 924192) * ntpdate.8: Remove duplicated -o option * ntpdate.8: Remove -p option (Closes: 926877) * ntpdate.8: Remove -e option * ntpdate.8: Remove inaccurate BUGS section * Update ntpdate-debian.8 to match ntpdate.8 * Fix ntpdate -s (syslog) to fix the if-up hook (Closes: 931414) numix-gtk-theme (2.6.7-4+deb10u1) buster; urgency=medium . * debian/control: + Revert Jeremy Bicha's work-around ("Add Breaks: murrine-themes") for to-be-finally resolved Debian bug #838994 (in gtk2-engines-murrine). (Closes: #891493). nvidia-graphics-drivers-legacy-340xx (340.108-3~deb10u1) buster; urgency=medium . * Rebuild for buster. . nvidia-graphics-drivers-legacy-340xx (340.108-3) unstable; urgency=medium . * Bump Standards-Version to 4.5.0. No changes needed. . nvidia-graphics-drivers-legacy-340xx (340.108-2) unstable; urgency=medium . * Restore kmem_cache_create_usercopy.patch. (Closes: #948032, #948195) * Add NEWS entry w.r.t. EoL state. * Use substitution to keep Standards-Version in sync (430.64-5). . nvidia-graphics-drivers-legacy-340xx (340.108-1) unstable; urgency=medium . * The 340.xx legacy driver series has been declared as End-of-Life by NVIDIA. No further updates fixing security issues, critical bugs, or adding support for new Xorg or Linux releases will be issued. https://nvidia.custhelp.com/app/answers/detail/a_id/3142 . * New upstream legacy 340xx branch release 340.108 (2019-12-23). - Updated the nvidia-drm kernel module for compatibility with the removal of the DRIVER_PRIME flag in recent Linux kernel versions. - Updated nvidia-bug-report.sh to search the systemd journal for gdm-x-session logs. - Fixed a build failure, "too many arguments to function 'get_user_pages'", when building the NVIDIA kernel module for Linux kernel v4.4.168. - Fixed a build failure, "implicit declaration of function do_gettimeofday", when building the NVIDIA kernel module for Linux kernel 5.0 release candidates. * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Add buildfix_kernel_4.11.patch (replacing vm-fault.patch) and (parts of) buildfix_kernel_5.2.patch from Ubuntu to fix more vm-fault issues during kernel module build for Linux 5.2+. * Refresh patches. * Allow alternative libnvidia-{tesla,legacy-*}-cuda1 packages to substitute libcuda1 in third-party packages (430.64-3). - Add Provides: libcuda.so.1 (= ${nvidia:Version}). - Generate alternative versioned dependency on libcuda.so.1 through the symbols file. . nvidia-graphics-drivers-legacy-340xx (340.107-8) unstable; urgency=medium . * Create and commit tarball symlinks for legacy branches (430.64-1). * Allow alternative libnvidia-{tesla,legacy-*}-ml1 packages to substitute libnvidia-ml1 (430.64-2). - Add Provides: libnvidia-ml.so.1 (= ${nvidia:Version}). - Generate alternative versioned dependency on libnvidia-ml.so.1 through the symbols file. * Add buildfix_kernel_5.4.patch from Ubuntu to fix kernel module build for Linux 5.4. (Closes: #946137) . nvidia-graphics-drivers-legacy-340xx (340.107-7) unstable; urgency=medium . * Add buildfix_kernel_5.3.patch from Ubuntu to fix kernel module build for Linux 5.3. (Closes: #941788) * Bump Standards-Version to 4.4.1. No changes needed. . nvidia-graphics-drivers-legacy-340xx (340.107-6) unstable; urgency=medium . * Add conftest-include-guard.patch to restore compatibility with older kernels. . nvidia-graphics-drivers-legacy-340xx (340.107-5) unstable; urgency=medium . * Add buildfix_kernel_4.11.patch (replacing vm-fault.patch), buildfix_kernel_5.0.patch, buildfix_kernel_5.2.patch from Ubuntu to fix kernel module build for Linux 5.2. (Closes: #934295, #923815) * Bump Standards-Version to 4.4.0. No changes needed. nvidia-graphics-drivers-legacy-340xx (340.108-3~deb9u1) stretch; urgency=medium . * Rebuild for stretch. . nvidia-graphics-drivers-legacy-340xx (340.108-3~deb10u1) buster; urgency=medium . * Rebuild for buster. . nvidia-graphics-drivers-legacy-340xx (340.108-3) unstable; urgency=medium . * Bump Standards-Version to 4.5.0. No changes needed. . nvidia-graphics-drivers-legacy-340xx (340.108-2) unstable; urgency=medium . * Restore kmem_cache_create_usercopy.patch. (Closes: #948032, #948195) * Add NEWS entry w.r.t. EoL state. * Use substitution to keep Standards-Version in sync (430.64-5). . nvidia-graphics-drivers-legacy-340xx (340.108-1) unstable; urgency=medium . * The 340.xx legacy driver series has been declared as End-of-Life by NVIDIA. No further updates fixing security issues, critical bugs, or adding support for new Xorg or Linux releases will be issued. https://nvidia.custhelp.com/app/answers/detail/a_id/3142 . * New upstream legacy 340xx branch release 340.108 (2019-12-23). - Updated the nvidia-drm kernel module for compatibility with the removal of the DRIVER_PRIME flag in recent Linux kernel versions. - Updated nvidia-bug-report.sh to search the systemd journal for gdm-x-session logs. - Fixed a build failure, "too many arguments to function 'get_user_pages'", when building the NVIDIA kernel module for Linux kernel v4.4.168. - Fixed a build failure, "implicit declaration of function do_gettimeofday", when building the NVIDIA kernel module for Linux kernel 5.0 release candidates. * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Add buildfix_kernel_4.11.patch (replacing vm-fault.patch) and (parts of) buildfix_kernel_5.2.patch from Ubuntu to fix more vm-fault issues during kernel module build for Linux 5.2+. * Refresh patches. * Allow alternative libnvidia-{tesla,legacy-*}-cuda1 packages to substitute libcuda1 in third-party packages (430.64-3). - Add Provides: libcuda.so.1 (= ${nvidia:Version}). - Generate alternative versioned dependency on libcuda.so.1 through the symbols file. . nvidia-graphics-drivers-legacy-340xx (340.107-8) unstable; urgency=medium . * Create and commit tarball symlinks for legacy branches (430.64-1). * Allow alternative libnvidia-{tesla,legacy-*}-ml1 packages to substitute libnvidia-ml1 (430.64-2). - Add Provides: libnvidia-ml.so.1 (= ${nvidia:Version}). - Generate alternative versioned dependency on libnvidia-ml.so.1 through the symbols file. * Add buildfix_kernel_5.4.patch from Ubuntu to fix kernel module build for Linux 5.4. (Closes: #946137) . nvidia-graphics-drivers-legacy-340xx (340.107-7) unstable; urgency=medium . * Add buildfix_kernel_5.3.patch from Ubuntu to fix kernel module build for Linux 5.3. (Closes: #941788) * Bump Standards-Version to 4.4.1. No changes needed. . nvidia-graphics-drivers-legacy-340xx (340.107-6) unstable; urgency=medium . * Add conftest-include-guard.patch to restore compatibility with older kernels. . nvidia-graphics-drivers-legacy-340xx (340.107-5) unstable; urgency=medium . * Add buildfix_kernel_4.11.patch (replacing vm-fault.patch), buildfix_kernel_5.0.patch, buildfix_kernel_5.2.patch from Ubuntu to fix kernel module build for Linux 5.2. (Closes: #934295, #923815) * Bump Standards-Version to 4.4.0. No changes needed. . nvidia-graphics-drivers-legacy-340xx (340.107-4) unstable; urgency=medium . * use-nv-kernel-ARCH.o_shipped.patch: Simplify for better kernel compatibility. (Closes: #922479) * Drop versioned constraints that are satisfied in wheezy (390.87-7). * Bump Standards-Version to 4.3.0. No changes needed. . nvidia-graphics-drivers-legacy-340xx (340.107-3) unstable; urgency=medium . * Synchronize the module build debhelper sequence with debhelper 10 (390.87-1). * Pass the private library directory to dh_shlibdeps using the -l option instead of LD_LIBRARY_PATH, fixing FTBFS with dpkg 1.19.1 (390.87-3). * Add Build-Depends-Package to symbols files where appropriate and override symbols-file-missing-build-depends-package-field elsewhere (390.87-3). * Clean up and unify rule style in debian/rules (390.87-3). * Bump Standards-Version to 4.2.1. No changes needed. * Add debian/rules targets for archiving the tarballs in a separate repository using sparse checkouts and git-lfs as storage backend (390.87-3). * Refresh patches. . nvidia-graphics-drivers-legacy-340xx (340.107-2) unstable; urgency=high . * Backport kmem_cache_create_usercopy.patch from 390.67-2 for the 340.xx series, fixing "Bad or missing usercopy whitelist? Kernel memory exposure attempt detected from SLUB object 'nvidia_stack_cache'" on Linux kernels that have disabled CONFIG_HARDENED_USERCOPY_FALLBACK (i.e. linux-image-4.16.0-2-* or newer). (Closes: #899998) . nvidia-graphics-drivers-legacy-340xx (340.107-1) unstable; urgency=medium . * New upstream legacy 340xx branch release 340.107 (2018-06-06). - Added support for X.Org xserver ABI 24 (xorg-server 1.20). - Improved nvidia-bug-report.sh to check for kern.log which is the default kernel log-file location for many Debian-based Linux distributions. - Fixed a bug which could cause X servers that export a Video Driver ABI earlier than 0.8 to crash when running X11 applications which call XRenderAddTraps(). * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Convert packaging repository from SVN to GIT. * Bump Standards-Version to 4.1.4. No changes needed. * Add xorg-video-abi-24 (xserver 1.20) as alternative dependency. (Closes: #900789, #900338) * nvidia-drm-outputclass.conf: Prepend (in a backwards-compatible way) ModulePath "/usr/lib/xorg/modules/linux" since xserver 1.20 no longer does that (390.67-1). nvidia-graphics-drivers-legacy-340xx (340.108-2) unstable; urgency=medium . * Restore kmem_cache_create_usercopy.patch. (Closes: #948032, #948195) * Add NEWS entry w.r.t. EoL state. * Use substitution to keep Standards-Version in sync (430.64-5). nvidia-graphics-drivers-legacy-340xx (340.108-2~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. nvidia-graphics-drivers-legacy-340xx (340.108-1) unstable; urgency=medium . * New upstream legacy 340xx branch release 340.108 (2019-12-23). - Updated the nvidia-drm kernel module for compatibility with the removal of the DRIVER_PRIME flag in recent Linux kernel versions. - Updated nvidia-bug-report.sh to search the systemd journal for gdm-x-session logs. - Fixed a build failure, "too many arguments to function 'get_user_pages'", when building the NVIDIA kernel module for Linux kernel v4.4.168. - Fixed a build failure, "implicit declaration of function do_gettimeofday", when building the NVIDIA kernel module for Linux kernel 5.0 release candidates. * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Add buildfix_kernel_4.11.patch (replacing vm-fault.patch) and (parts of) buildfix_kernel_5.2.patch from Ubuntu to fix more vm-fault issues during kernel module build for Linux 5.2+. * Refresh patches. * Allow alternative libnvidia-{tesla,legacy-*}-cuda1 packages to substitute libcuda1 in third-party packages (430.64-3). - Add Provides: libcuda.so.1 (= ${nvidia:Version}). - Generate alternative versioned dependency on libcuda.so.1 through the symbols file. nvidia-graphics-drivers-legacy-340xx (340.107-8) unstable; urgency=medium . * Create and commit tarball symlinks for legacy branches (430.64-1). * Allow alternative libnvidia-{tesla,legacy-*}-ml1 packages to substitute libnvidia-ml1 (430.64-2). - Add Provides: libnvidia-ml.so.1 (= ${nvidia:Version}). - Generate alternative versioned dependency on libnvidia-ml.so.1 through the symbols file. * Add buildfix_kernel_5.4.patch from Ubuntu to fix kernel module build for Linux 5.4. (Closes: #946137) nvidia-graphics-drivers-legacy-340xx (340.107-7) unstable; urgency=medium . * Add buildfix_kernel_5.3.patch from Ubuntu to fix kernel module build for Linux 5.3. (Closes: #941788) * Bump Standards-Version to 4.4.1. No changes needed. nvidia-graphics-drivers-legacy-340xx (340.107-6) unstable; urgency=medium . * Add conftest-include-guard.patch to restore compatibility with older kernels. nvidia-graphics-drivers-legacy-340xx (340.107-5) unstable; urgency=medium . * Add buildfix_kernel_4.11.patch (replacing vm-fault.patch), buildfix_kernel_5.0.patch, buildfix_kernel_5.2.patch from Ubuntu to fix kernel module build for Linux 5.2. (Closes: #934295) * Bump Standards-Version to 4.4.0. No changes needed. nyancat (1.5.1-1+build1~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster. . nyancat (1.5.1-1+build1) unstable; urgency=medium . * Non-maintainer upload. * No-change rebuild in a clean environment to add the systemd unit for nyancat-server. (Closes: #947292) nyancat (1.5.1-1+build1~deb9u1) stretch; urgency=medium . * Non-maintainer upload. * Rebuild for stretch. . nyancat (1.5.1-1+build1) unstable; urgency=medium . * Non-maintainer upload. * No-change rebuild in a clean environment to add the systemd unit for nyancat-server. (Closes: #947292) openconnect (8.02-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Close HTTPS connection on failure returns from process_http_response() * Fix buffer overflow with chunked HTTP handling (CVE-2019-16239) (Closes: #940871) openjdk-11 (11.0.6+10-1~deb10u1) buster-security; urgency=medium . * Rebuild for Buster openjdk-11 (11.0.6+10-1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. openjdk-11 (11.0.6+7-1) unstable; urgency=medium . * OpenJDK 11.0.5+7 build (early access). openjdk-11 (11.0.5+10-2) unstable; urgency=medium . * Fix the jtreg consistency check when building without jtreg. * Don't call dh_strip_nondeterminism when building for older releases. * Fix disabling the zero build on arm64 on trusty. openjdk-11 (11.0.5+10-1) unstable; urgency=high . * OpenJDK 11.0.5+10 build (release). - S8209901: Canonical file handling. - S8213429, CVE-2019-2933: Windows file handling redux. - S8218573, CVE-2019-2945: Better socket support. - S8218877: Help transform transformers. - S8219914: Change the environment variable for Java Access Bridge logging to have a directory. - S8220186: Improve use of font temporary files. - S8220302, CVE-2019-2949: Better Kerberos ccache handling. - S8221497: Optional Panes in Swing. - S8221858, CVE-2019-2958: Build Better Processes. - S8222684, CVE-2019-2964: Better support for patterns. - S8222690, CVE-2019-2962: Better Glyph Images. - S8223163: Better pattern recognition. - S8223505, CVE-2019-2973: Better pattern compilation. - S8223518, CVE-2019-2975: Unexpected exception in jjs. - S8223886: Add in font table referene. - S8223892, CVE-2019-2978: Improved handling of jar files. - S8224025: Fix for JDK-8220302 is not complete. - S8224062, CVE-2019-2977: Improve String index handling. - S8224532, CVE-2019-2981: Better Path supports. - S8224915, CVE-2019-2983: Better serial attributes. - S8225286, CVE-2019-2987: Better rendering of native glyphs. - S8225292, CVE-2019-2988: Better Graphics2D drawing. - S8225298, CVE-2019-2989: Improve TLS connection support. - S8225597, CVE-2019-2992: Enhance font glyph mapping. - S8226765, CVE-2019-2999: Commentary on Javadoc comments. - S8227601: Better collection of references. - S8228825, CVE-2019-2894: Enhance ECDSA operations. openjdk-11 (11.0.5+10-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security openjdk-11 (11.0.5+10-1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. openjdk-11 (11.0.5+9-1) unstable; urgency=medium . * OpenJDK 11.0.5+9 build (early access). * Bump standards version. * Use dh_strip_nondeterminism (Emmanuel Bourg). Closes: #933389. * Fix 8230708, server build on sparc64 (Adrian Glaubitz). Closes: #939565. * Fix FTBFS with DEB_BUILD_PROFILES=nocheck (Helmut Grohne). Closes: #939521. * Add more breaks to the openjdk-11-jre-headless package. Closes: #935624. * Fix debug and src symlinks. Closes: #893134, #910694, #910696. openjdk-11 (11.0.5+6-2) unstable; urgency=medium . * Fix 8230708, build failure on sparc64 (Adrian Glaubitz). * Disable the zero build on armhf. openjdk-11 (11.0.5+6-1) unstable; urgency=medium . * OpenJDK 11.0.5+6 build (early access). . [ Matthias Klose ] * Tighten dependency on jtreg. * Build using GCC 9 on recent development releases. * Refresh patches. . [ Tiago Stürmer Daitx ] * Properly generate Breaks: rules for bionic (fix typo). * Remove libgtk-3-dev from build-deps: libgtk-3-dev is not actually required, package builds fine without it; libgtk2.0-0 or libgtk-3-0 should be explicitly declared instead in bdeps and tests; libxrandr-dev should be explicitly added as it is required and was being included due to libgtk-3-dev dependency. * Set minimum dependency on jtreg based on testsuite requirements. * Fail during pre-build if installed jtreg version is lower then the minimum required version. * Improve and fix build tests and autopkgtests: - Depend on default-jre-headless so jtreg will use the JRE from /usr/default-java; remove JT_JAVA exports as it no longer needs to be set. - Update debian/tests/hotspot,jdk,langtools to ignore jtreg-autopkgtest.sh return code. - Create debian/tests/jtdiff-autopkgtest.in as it depends on debian/rules variables. - debian/tests/jtreg-autopkgtest.sh: + Enable retry of failed tests to trim out flaky tests. + Fix unbound variable. + Keep .jtr files from failed tests only. - debian/tests/jtdiff-autopkgtest.sh: + Fail only if an actual regression is detected. + Add the super-diff comparison from jtdiff. - debian/rules: + Preserve all JTreport directories in the test output directory. + Use JDK_DIR instead of JDK_TO_TEST for autopkgtest generation. + Package all .jtr files from JTwork as jtreg-autopkgtest.sh makes sure it contains only failing tests. openjdk-11 (11.0.4+11-1) unstable; urgency=high . * OpenJDK 11.0.4+11 build (release). - S8212328, CVE-2019-2762: Exceptional throw cases. - S8213431, CVE-2019-2766: Improve file protocol handling. - S8213432, CVE-2019-2769: Better copies of CopiesList. - S8216381, CVE-2019-2786: More limited privilege usage. - S8217563: Improve realm maintenance. - S8218863: Better endpoint checks. - S8218873: Improve JSSE endpoint checking. - S8218876, CVE-2019-7317: Improve PNG support options. - S8219775: Certificate validation improvements. - S8220517: Enhanced GIF support. - S8221345, CVE-2019-2818: Better Poly1305 support. - S8221518, CVE-2019-2816: Normalize normalization. - S8222678, CVE-2019-2821: Improve TLS negotiation. * Fix more build issues for Ubuntu precise builds. * Bump standards version. openjpeg2 (2.3.0-2+deb10u1) buster; urgency=high . * Backport security fixes: * CVE-2018-21010: heap buffer overflow in color_apply_icc_profile (Closes: #939553). * CVE-2018-20847: improper computation of values in the function opj_get_encoding_parameters, leading to an integer overflow (Closes: #931294). opensmtpd (6.0.3p1-5+deb10u3) buster-security; urgency=high . * Fix two major security bugs (Closes: #950121) (CVE-2020-7247) 1. smtpd can crash on opportunistic TLS downgrade, causing a denial of service. OpenBSD 6.6 errata 018: https://ftp.openbsd.org/pub/OpenBSD/patches/6.6/common/018_smtpd_tls.patch.sig 2. Fix privilege escalation vulnerability: An incorrect check allows an attacker to trick mbox delivery into executing arbitrary commands as root and lmtp delivery into executing arbitrary commands as an unprivileged user. OpenBSD 6.6 errata 019: https://ftp.openbsd.org/pub/OpenBSD/patches/6.6/common/019_smtpd_exec.patch.sig opensmtpd (6.0.3p1-5+deb10u2) buster; urgency=medium . * Handle non-zero exit code from hostname during config phase (Closes: #948824) opensmtpd (6.0.3p1-5+deb10u1) buster; urgency=medium . * Warn users of change of smtpd.conf syntax (Closes: #944268) * Install smtpctl setgid opensmtpq (Closes: #945910) openssh (1:7.9p1-10+deb10u2) buster; urgency=medium . * Apply upstream patch to deny (non-fatally) ipc in the seccomp sandbox, fixing failures with OpenSSL 1.1.1d and Linux < 3.19 on some architectures (closes: #946242). Note that this also drops the previous change to allow ipc on s390, since upstream has security concerns with that and it doesn't currently seem to be needed. php-horde (5.2.20+debian0-1+deb10u1) buster; urgency=high . * Fix CVE-2019-12095: Stored XSS vuln in the Horde Cloud Block. php-horde-text-filter (2.3.5-3+deb10u1) buster; urgency=medium . * QA upload. * Mark package as orphaned (See #942282) . [ IOhannes m zmölnig ] * Fixed regular-expressions (used e.g. for displaying plain-text mails) (Closes: #931255, #935816) * Switched upstream branch in the packaging git on salsa to 'debian-buster' postfix (3.4.8-0+10debu1) buster; urgency=medium . [Scott Kitterman] . * Refactor running status detection in sysv init based on upstream postfix-script so it works in docker. Closes: #941293 . [Wietse Venema] . * 3.4.8 - Bugfix (introduced: Postfix 2.8): don't gratuitously enable all after-220 tests when only one such test is enabled. This made selective tests impossible with 'good' clients. File: postscreen/postscreen_smtpd.c. . - Bugfix: the 20180903 postscreen fix for a misleading "PIPELINING after BDAT" warning looked at the wrong variable. The warning now says "BDAT without valid RCPT", and the error is no longer treated as a command PIPELINING error (but sending BDAT is still a client error, because postscreen rejects all RCPT commands and does not announce PIPELINING support). File: postscreen/postscreen_smtpd.c. . - Usability: the parser for key/certificate chain files rejected inputs that contain an EC PARAMETERS object. While this is technically correct (the documentation says what types are allowed) this is surprising behavior because the legacy cert/key parameters will accept such inputs. For now, the parser skips object types that it does not know about for usability, and logs a warning because ignoring inputs is not kosher. Viktor and Wietse. File: tls/tls_certkey.c. postfix (3.4.7-2) unstable; urgency=medium . [Andreas Hasenack] . * Update autopkgtest to use python3. Closes: #943212 LP: #1845334 . [Scott Kitterman] . * Update smtp_tls_CApath to /etc/ssl/certs so it actually works. Closes: #923083 * Refactor running status detection in sysv init based on upstream postfix-script so it works in docker. Closes: #941293 postfix (3.4.7-1) unstable; urgency=medium . [Andreas Hasenack] . * * d/p/80_glibc2.30-ftbfs.diff: fix build with glibc 2.30 (LP: #1842923) . [Scott Kitterman] . * Refresh patches * Modernize default TLS setup: - Drop addition of smtpd_tls_session_cache_database to TLS parameters (no longer needed since TLS session tickets are used now). Closes: #934803 - Replace use of obsolescent smtpd_use_tls=yes with smtpd_tls_security_level=may in default TLS setting. Closes: #520936 - Add smtp_tls_security_level=may to default TLS settings so that both client and server TLS are now enabled be default for new installations. Closes: #163144 - Stop copying smtp_tls_CAfile into chroot, not needed per postfix docs - Also copy smtpd_tls_CApath files into chroot. Closes: #579248 - Add smtp_tls_CApath using /usr/share/ca-certificates/ to default TLS configuration so postfix smtp client can use the system certificate store to verify smtp server certificates, add ca-certificates to postfix Recommends. Closes: #923083 * Bump standards version to 4.4.0 without further change * Fix spelling errors in Debian provided man pages . [Christian Göttsche] . * Fix debian/rules so build flags are applied Closes: #879668 . [Wietse Venema] . * 3.4.6 * 3.4.7 postgresql-11 (11.6-0+deb10u1) buster; urgency=medium . * New upstream version. postgresql-11 (11.5-3sid2) unstable; urgency=medium . * Fix arch-only build. postgresql-11 (11.5-3sid1) unstable; urgency=medium . * Stop building lib packages, postgresql-12 is already in unstable. (Closes: #941845) . postgresql-11 (11.5-3) unstable; urgency=medium . * Use llvm 9. (Closes: #940261) * debian/tests/installcheck: Disable llvm bitcode compilation, not needed. postgresql-11 (11.5-2) unstable; urgency=medium . * Disable building plpython2 by default. (Closes: #937310) postgresql-common (200+deb10u3) buster-security; urgency=medium . * pg_ctlcluster: Drop privileges before creating socket and stats temp directories outside /var/run/postgresql. The default configuration is not affected by this change. Users with directories on volatile storage (tmpfs) in other locations have to make sure the parent directory is writable for the cluster owner. (CVE-2019-3466, discovered by Rich Mirch) print-manager (4:18.12.1-2+deb10u1) buster; urgency=medium . * Team upload. * Backport fix_crash_when_cups_returns_jobs_with_duplicate_id.patch. This fixes a longstanding bug when multiple print job IDs are given the same ID, and so it was not easy to reproduce (Closes: #910879). proftpd-dfsg (1.3.6-4+deb10u3) buster; urgency=medium . * Cherry pick patch from upstream: - for upstream 861 (CVE-2019-19269) (Closes: #946345) - for upstream 859 (CVE-2019-19270) (Closes: #946346) upstream_pull_859_861_CVE-2019-19270_CVE-2019-19269 prosody-modules (0.0~hg20190203.b54e98d5c4a1+dfsg-1+deb10u1) buster-security; urgency=high . * fix for CVE-2020-8086 pykaraoke (0.7.5-1.2+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Fix path to fonts. (Closes: #948385) pykaraoke (0.7.5-1.2+deb9u1) stretch; urgency=medium . * Non-maintainer upload. * Fix path to fonts. (Closes: #948385) python-apt (1.8.4.1) buster-security; urgency=high . * SECURITY UPDATE: Check that repository is trusted before downloading files from it (LP: #1858973) - apt/cache.py: Add checks to fetch_archives() and commit() - apt/package.py: Add checks to fetch_binary() and fetch_source() - CVE-2019-15796 * SECURITY UPDATE: Do not use MD5 for verifying downloadeds (Closes: #944696) (#LP: #1858972) - apt/package.py: Use all hashes when fetching packages, and check that we have trusted hashes when downloading - CVE-2019-15795 * To work around the new checks, the parameter allow_unauthenticated=True can be passed to the functions. It defaults to the value of the APT::Get::AllowUnauthenticated option. * Automatic changes and fixes for external regressions: - Adjustments to test suite and CI to fix CI regressions - testcommon: Avoid reading host apt.conf files - Automatic mirror list update python-django (1:1.11.27-1~deb10u1) buster-security; urgency=high . * New upstream security release. (Closes: #946937) <https://www.djangoproject.com/weblog/2019/dec/18/security-releases/> . - CVE-2019-19844: Potential account hijack via password reset form. . By submitting a suitably crafted email address making use of Unicode characters, that compared equal to an existing user email when lower-cased for comparison, an attacker could be sent a password reset token for the matched account. . In order to avoid this vulnerability, password reset requests now compare the submitted email using the stricter, recommended algorithm for case-insensitive comparison of two identifiers from Unicode Technical Report 36, section 2.11.2(B)(2). Upon a match, the email containing the reset token will be sent to the email address on record rather than the submitted address. python-ecdsa (0.13-3+deb10u1) buster-security; urgency=high . * Add patch for strict error checking in DER decoding integers. Fix: - CVE-2019-14853 - CVE-2019-14859 * Add python{3}-pytest as Build Dependency python-evtx (0.6.1-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. . [ Hilko Bengen ] * Fix hexdump import (Closes: #942353) python-internetarchive (1.8.1-1+deb10u1) buster; urgency=medium . * hotfix: close file after getting md5 (Closes: #950289) python3.7 (3.7.3-2+deb10u1) buster; urgency=medium . * CVE-2019-9740 * CVE-2019-9947 * CVE-2019-9948 * CVE-2019-10160 * CVE-2019-16056 * CVE-2019-16935 qemu (1:3.1+dfsg-8+deb10u3) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * target/i386: add PSCHANGE_MC_NO feature qtbase-opensource-src (5.11.3+dfsg1-1+deb10u2) buster; urgency=medium . [ Dmitry Shachnev ] * Backport upstream patch to add support for non-PPD printers and avoid silent fallback to a printer supporting PPD (closes: #911702, #911844). * Backport upstream patch to fix crash in QStyleSheetStyle::repolish() when using QLabels with rich text (closes: #935909). . [ Melvin Vermeeren ] * Backport upstream patch to fix graphics tablet hover events (closes: #935627). qtwebengine-opensource-src (5.11.3+dfsg-2+deb10u1) buster; urgency=medium . * Fix PDF parsing by adding the missing non-const overrides for CPDF_Dictionary::GetDict() and CPDF_Reference::GetDict(). This also fixes QWebEnginePage::print() method (closes: #919504). * Use ui/webui/resources/js/jstemplate_compiled.js provided by upstream instead of an empty file (closes: #882805). * Backport upstream patch to disable executable stack (closes: #887875). quassel (1:0.13.1-1+deb10u2) buster; urgency=medium . * Actually delete quassel-core.NEWS as intended . quassel (1:0.13.1-1+deb10u1) buster; urgency=medium . [ Felix Geyer ] * Fix quasselcore AppArmor denials when the config is saved. (Closes: #940482) . [ Scott Kitterman ] * Correct default channel for Debian quassel (1:0.13.1-1+deb10u1) buster; urgency=medium . [ Felix Geyer ] * Fix quasselcore AppArmor denials when the config is saved. (Closes: #940482) . [ Scott Kitterman ] * Correct default channel for Debian qwinff (0.2.1-1+deb10u1) buster; urgency=medium . * debian/rules: Export DATA_PATH to fix crashing caused by incorrect file detection. (Closes: #945602) raspi3-firmware (1.20190215-1+deb10u2) buster; urgency=medium . * Fix serial console output sent to bluetooth port with kernel 5.x. Thanks to Thorsten Glaser (Closes: #941974) ros-ros-comm (1.14.3+ds1-5+deb10u1) stable; urgency=high . * Add https://github.com/ros/ros_comm/pull/1771 (Fix CVE-2019-13566, CVE-2019-13465) * Add https://github.com/ros/ros_comm/pull/1741 (Fix CVE-2019-13445) roundcube (1.3.10+dfsg.1-1~deb10u1) buster; urgency=medium . * d/control: revert bump of Standards-Version, as we want to release to stable. * d/upstream/signing-key.asc: revert Minimize OpenPGP certificate. * Add patch to Fix "Retry to connect to IMAP server" (Closes: #947320) ruby2.5 (2.5.5-3+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix for wrong fnmatch patttern (CVE-2019-15845) * Loop with String#scan without creating substrings (CVE-2019-16201) * WEBrick: prevent response splitting and header injection (CVE-2019-16254) * lib/shell/command-processor.rb (Shell#[]): prevent unknown command (CVE-2019-16255) schleuder (3.4.0-2+deb10u2) buster; urgency=medium . * debian/patches: - Pull in upstream patch to add missing List-Id header to notification mails sent to admins. (Closes: #948980) - Pull in upstream patch to handle decryption problems gracefully: Handle incoming mails encrypted to an absent key, using symmetric encryption or containing PGP-garbage in a more graceful manner: Don't throw an exception, don't notify (and annoy) the admins, instead inform the sender of the mail how to do better. (Closes: #948981) - Pull in upstream patch to default to ASCII-8BIT encoding. This should ensure Schleuder is able to handle mails with different charsets. (Closes: #948982) schleuder (3.4.0-2+deb10u1) buster; urgency=medium . * debian/patches: - Extend existing patch which fixes problems related to the use of "protected headers": Fix recognizing keywords in mails with "protected headers" and empty subject. Previously, if the subject was unset, keywords were not recognized and the original "protected headers" could leak. This approach, extending the existing patch, instead of adding a new one, reduces noise and keeps the diff small, as the same part of the code is targeted. (Closes: #940524) - Add patch to strip non-self-signatures when refreshing or fetching keys. (Closes: #940526) - Add patch to error out if the argument provided to `refresh_keys` is not an existing list. (Closes: #940527) simplesamlphp (1.16.3-1+deb10u2) buster; urgency=medium . * Fix incompatibility with PHP 7.3 (closes: #944820). slurm-llnl (18.08.5.2-1+deb10u1) buster-security; urgency=high . * FIX CVE-2019-12838 by escaping strings in archive files in accounting_storage/mysql sogo-connector (68.0.1-2~deb10u1) buster; urgency=medium . * Rebuild for Buster * [a92f899] d/gbp.conf: adjust to debian/buster sogo-connector (68.0.1-1) unstable; urgency=medium . * [0e43d2d] d/control: move Maintainer to Debian Mozilla Extension Maintainers sogo-connector (68.0.1-1~exp1) unstable; urgency=medium . * [74a8e5f] New upstream version 68.0.1 * [5c78ff2] d/control: add new package webext-sogo-connector - The source of the package is now web-extension based only, no old transitional xul stuff is included. So make this visible by moving the main binary package over to webext-* syntax. * [b292c29] d/control: remove B-D on make and mozilla-devscripts - Drop Build-Depends on make and mozilla-devscripts, they are not needed any more. * [1dadf9c] d/control: adding Rules-Requires-Root: no * [1d3e119] d/rules: updating build targets - Clean up all non needed xul-* helpers, makes the mostly needed target reduced to the quite the minimum. * [ec0863d] webext-sogo-connector adding install sequencer file * [366a931] webext-sogo-connector: adding linking sequencer file * [1c7252f] webext-sogo-connector: adding docs sequencer file * [48e8b6a] d/xul-ext-sogo-connector.lintian-overrides: drop file - xul-ext-sogo-connector is now a transitional package, we don't need this lintian file any more. sogo-connector (68.0.0-1) unstable; urgency=medium . * [63605f6] New upstream version 68.0.0 (Closes: #945061) * [f021239] d/control: bump Standards-Version to 4.4.1 * [cece803] d/control: drop B-D on python-ply (Closes: #939479) * [86ab883] rebuild patch queue from patch-queue branch - removed patches: removing-the-COPYING-file.patch sogo-connector.xpt-prepare-option-for-rebuild-the-.x.patch * [00917e3] remove now obsolete *.idl files - The package build isn't depending on some old files from the non existing package thunderbird-dev any more. The build doesn't uses *.idl files now. * [4b96f9a] d/copyright: update date information * [3efbfa0] d/watch: switch over to git mode * [324d0b8] d/rules: rewrite targets due modified source for TB 68 - Rewrite the control of the package build. There is no local run of some Make targets needed any more. spamassassin (3.4.2-1+deb10u2) buster-security; urgency=medium . * Security update to address - CVE-2020-1930. Arbitrary code execution via malicious rule files. - CVE-2020-1931. Arbitrary code execution via malicious rule files. (Closes: #950258) spamassassin (3.4.2-1+deb10u1) buster-security; urgency=high . * Security update to address CVE-2018-11805. Malicious rule or configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios. (Closes: 946652) * Security update to address CVE-2019-12420. Messages can be crafted in a way to use excessive resources, resulting in a denial of service. (Closes: 946653) spf-engine (2.9.2-0+deb10u1) buster; urgency=medium . * New upstream bugfix release: * Improve documentation based on user feedbacK: Add mention in policyd-spf.conf (5) in the TestOnly entry that to get both TestOnly behavior and no header field appended, Header_Type = None also needs to be set (LP: #1849994) * Fix priviledge managment at startup so Unix sockets work: Milter: Move drop_privileges before Milter.runmilter and delete own_socketfile so that the milter interface runs as the correct user without race conditions about changing ownership of the socket file when it hasn't been created yet (When the milter is started, it will create the socket based on uMask, so we don't need to manually change it) spf-engine (2.9.1-1) unstable; urgency=medium . [ Ondřej Nový ] * Bump Standards-Version to 4.4.0. . [ Scott Kitterman ] * New upstream release * Put upstream provided init file where dh_installinit expects to find it so it is properly registered on install * Update debian/patches/0001-install-conf-fix.patch for missed change needed in sysv init spip (3.2.4-1+deb10u2) buster-security; urgency=medium . * Backport security fix from 3.2.7 - Critical security fix, allowing identified authors to inject content into database - Update security screen to 1.3.13 * Fix PHP 7.3 compatibility issue. The regex were wrong, and started failing with PHP 7.3, causing plugins to be disabled and impossible to be enable back on upgrade. sudo (1.8.27-1+deb10u2) buster; urgency=medium . * Non-maintainer upload. * Fix a buffer overflow when pwfeedback is enabled and input is a not a tty (CVE-2019-18634) (Closes: #950371) symfony (3.4.22+dfsg-2+deb10u1) buster-security; urgency=medium . * Drop failing tests with recent PHP (Closes: #930003) * Backport security fixes from 3.4.35 - [HttpKernel] Use constant time comparison in UriSigner [CVE-2019-18887] - [Cache] forbid serializing AbstractAdapter and TagAwareAdapter instances [CVE-2019-18889] - [HttpFoundation] fix guessing mime-types of files with leading dash [CVE-2019-18888] systemd (241-7~deb10u3) buster; urgency=medium . * core: set fs.file-max sysctl to LONG_MAX rather than ULONG_MAX. Since kernel 5.2 (but also stable kernels like 4.19.53) the kernel thankfully returns proper errors when we write a value out of range to the sysctl. Which however breaks writing ULONG_MAX to request the maximum value. Hence let's write the new maximum value instead, LONG_MAX. (Closes: #945018) * core: change ownership/mode of the execution directories also for static users. This ensures that execution directories like CacheDirectory and StateDirectory are properly chowned to the user specified in User= before launching the service. (Closes: #919231) thunderbird (1:68.4.1-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security thunderbird (1:68.4.1-1~deb9u1) stretch-security; urgency=medium . * Rebuild for stretch-security thunderbird (1:68.3.1-1) unstable; urgency=medium . [ Emilio Pozuelo Monfort ] * [6f59313] Fix MOZ_BUILD_DATE to have the expected format . [ Carsten Schoenert ] * [5d0f4b1] d/rules: don't use SOURCE_DATE_EPOCH for MOZ_BUILD_DATE (Closes: #946588) * [1467af5] New upstream version 68.3.1 thunderbird (1:68.3.0-2) unstable; urgency=medium . * [0625d30] rebuild patch queue from patch-queue branch added patches: fixes/Bug-1531309-Don-t-use-__PRETTY_FUNCTION__-or-__FUNCTION__.patch fixes/Update-bindgen-in-ESR68.-r-glandium-a-RyanVM.patch * [ea8d98c] Breaks: add versioned birdtray package thunderbird (1:68.3.0-2~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security [ Emilio Pozuelo Monfort ] * [de88895] Fix MOZ_BUILD_DATE to have the expected format (cherry-picked from debian/sid) . [ Carsten Schoenert ] * [a077b71] d/rules: don't use SOURCE_DATE_EPOCH for MOZ_BUILD_DATE (cherry-picked from debian/sid) (Closes: #946588) thunderbird (1:68.3.0-2~deb9u1) stretch-security; urgency=medium . * Rebuild for stretch-security thunderbird (1:68.3.0-1) unstable; urgency=medium . * [fe289ec] /u/b/thunderbird: export variable DICPATH before start (Closes: #944295) * [a9a48c6] New upstream version 68.3.0 Fixed CVE issues in upstream version 68.3 (MFSA 2019-38): CVE-2019-17008: Use-after-free in worker destruction CVE-2019-13722: Stack corruption due to incorrect number of arguments in WebRTC code CVE-2019-11745: Out of bounds write in NSS when encrypting with a block cipher CVE-2019-17009: Updater temporary files accessible to unprivileged processes CVE-2019-17010: Use-after-free when performing device orientation checks CVE-2019-17005: Buffer overflow in plain text serializer CVE-2019-17011: Use-after-free when retrieving a document in antitracking CVE-2019-17012: Memory safety bugs fixed in Firefox 71, Firefox ESR 68.3, and Thunderbird 68.3 * [fb23473] d/control: increase B-D version on NSS to 3.44.3 * [6f59938] Breaks: adding more non compatible packaged AddOns thunderbird (1:68.2.2-1) unstable; urgency=medium . * [198d539] xul-ext-compactheader: allow also version << 3.0.0 * [0e93753] d/control: add incompatibility with jsunit << 0.2.2 * [87c84cb] New upstream version 68.2.2 This upstream version has removed the source for calendar-google-provider, thus we can't provide the related binary package any more. * [a3cea2a] rebuild patch queue from patch-queue branch rebuild patch queue from patch-queue branch . removed patches (included upstream): debian/patches/fixes/Bug-1470701-Use-run-time-page-size-when-changing-map.patch debian/patches/fixes/Bug-1505608-Try-to-ensure-the-bss-section-of-the-elf.patch debian/patches/fixes/Bug-1526744-find-dupes.py-Calculate-md5-by-chunk.patch debian/patches/fixes/Build-also-gdata-provider-as-xpi-file.patch debian/patches/fixes/rust-ignore-not-available-documentation.patch debian/patches/porting-kfreebsd-hurd/Fix-GNU-non-Linux-failure-to-build-because-of-ipc-ch.patch debian/patches/porting-mips/Bug-1444303-MIPS-Fix-build-failures-after-Bug-1425580-par.patch debian/patches/porting-mips/Bug-1444834-MIPS-Stubout-MacroAssembler-speculationBarrie.patch debian/patches/porting-powerpc/powerpc-Don-t-use-static-page-sizes-on-powerpc.patch debian/patches/porting-sparc64/Bug-1434726-Early-startup-crash-on-Linux-sparc64-in-HashI.patch * [1730f5f] d/control: remove references to calendar-google-provider Don't build calendar-google-provider any more and remove any references from other binary packages. * [1b0bbb8] d/rules: remove any calendar-google-provider stuff * [92f681c] thunderbird.NEWS: Adding hint about removal of gdata Give out an announcement about the removal of a possible previously installed package calendar-google-provider. thunderbird (1:68.2.2-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security * [2c1bd00] d/mozconfig.default: use internal version of nspr, nss, sqlite and icu * [94d6ae4] d/control: remove lib{nspr4,nss3,sqlite3}-dev from B-D thunderbird (1:68.2.2-1~deb9u1) stretch-security; urgency=medium . [ Carsten Schoenert ] * Rebuild for stretch-security * [038dcd9] use nodejs-mozilla within stretch-security The package nodejs isn't available for stretch, but nodejs-mozilla is usable. Thanks for backporting! * [4bdcd39] d/mozconfig.default: remove option for hunspell Thunderbird 68 isn't using external (or internal) hunspell features any more. This requires the usage of external dictionaries provided by AddOns. * [e368b15] d/mozconfig.default: remove doubled sqlite option Removed a doubled disabled option for libsqlite3, the merge from buster was bringing already this option as a disabled option. * [8ddc95c] use internal libvpx library within stretch-security Also libvpx is to old on stretch and we switch to the internal version from the Thunderbird source. thunderbird (1:68.2.1-1) unstable; urgency=medium . [ intrigeri ] * [c48e2cb] AppArmor: update profile from upstream at commit a27a1a5 (Closes: #941290) . [ Carsten Schoenert ] * [98497ae] New upstream version 68.2.0 Fixed CVE issues in upstream version 68.2 (MFSA 2019-35): CVE-2019-15903: Heap overflow in expat library in XML_GetCurrentLineNumber CVE-2019-11757: Use-after-free when creating index updates in IndexedDB CVE-2019-11758: Potentially exploitable crash due to 360 Total Security CVE-2019-11759: Stack buffer overflow in HKDF output CVE-2019-11760: Stack buffer overflow in WebRTC networking CVE-2019-11761: Unintended access to a privileged JSONView object CVE-2019-11762: document.domain-based origin isolation has same-origin-property violation CVE-2019-11763: Incorrect HTML parsing results in XSS bypass technique CVE-2019-11764: Memory safety bugs fixed in Thunderbird 68.2 (Closes: #925841) * [a104c51] d/control: increase Standards-Version to 4.4.1 * [6c9d012] xul-ext-dispmua: set current min usable version * [b3bf16f] New upstream version 68.2.1 * [8f89b90] d/control: decrease build architecture list Decreasing the current list of build architectures. Not meant to keep this forever, removed RC architectures needing support and volunteering to get them back. (Closes: #921258) thunderbird (1:68.1.2-1~exp1) experimental; urgency=medium . * [81f4144] xul-ext-compactheader: increase minimal usable version * [a815589] Update the global information about TB in Debian * [bb5f5f7] rebuild patch queue from patch-queue branch * [6fe7d3f] xul-ext-sogo-connector: increase minimal usable version * [2e29af5] New upstream version 68.1.2 thunderbird (1:68.1.1-1~exp1) experimental; urgency=medium . [ intrigeri ] * [3f49653] AppArmor: update profile from upstream at commit ed52e4a . [ Carsten Schoenert ] * [348f476] New upstream version 68.0~b5 * [2a2f101] New upstream version 68.1.1 Fixed CVE issues in upstream version 68.1 (MFSA 2019-20): CVE-2019-11711: Script injection within domain through inner window reuse CVE-2019-11712: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects CVE-2019-11713: Use-after-free with HTTP/2 cached stream CVE-2019-11714: NeckoChild can trigger crash when accessed off of main thread CVE-2019-11729: Empty or malformed p256-ECDH public keys may trigger a segmentation fault CVE-2019-11715: HTML parsing error can contribute to content XSS CVE-2019-11716: globalThis not enumerable until accessed CVE-2019-11717: Caret character improperly escaped in origins CVE-2019-11719: Out-of-bounds read when importing curve25519 private key CVE-2019-11720: Character encoding XSS vulnerability CVE-2019-11721: Domain spoofing through unicode latin 'kra' character CVE-2019-11730: Same-origin policy treats all files in a directory as having the same-origin CVE-2019-11723: Cookie leakage during add-on fetching across private browsing boundaries CVE-2019-11724: Retired site input.mozilla.org has remote troubleshooting permissions CVE-2019-11725: Websocket resources bypass safebrowsing protections CVE-2019-11727: PKCS#1 v1.5 signatures can be used for TLS 1.3 CVE-2019-11728: Port scanning through Alt-Svc header CVE-2019-11710: Memory safety bugs fixed in Firefox 68 and Thunderbird 68 CVE-2019-11709: Memory safety bugs fixed in Firefox 68, Firefox ESR 60.8, and Thunderbird 68 . Fixed CVE issues in upstream version 68.1 (MFSA 2019-20): CVE-2019-11739: Covert Content Attack on S/MIME encryption using a crafted multipart/alternative message CVE-2019-11746: Use-after-free while manipulating video CVE-2019-11744: XSS by breaking out of title and textarea elements using innerHTML CVE-2019-11742: Same-origin policy violation with SVG filters and canvas to steal cross-origin images CVE-2019-11752: Use-after-free while extracting a key value in IndexedDB CVE-2019-11743: Cross-origin access to unload event attributes CVE-2019-11740: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, Firefox ESR 60.9, Thunderbird 68.1, and Thunderbird 60.9 . Fixed CVE issues in upstream version 68.1.1 (MFSA 2019-32): CVE-2019-11755: Spoofing a message author via a crafted S/MIME message . * [9342624] rebuild patch queue from patch-queue branch added patches: debian-hacks/Set-program-name-from-the-remoting-name.patch debian-hacks/Use-remoting-name-for-call-to-gdk_set_program_class.patch debian-hacks/Work-around-Debian-bug-844357.patch fixes/Allow-.js-preference-files-to-set-locked-prefs-with-lockP.patch fixes/Bug-1556197-amend-Bug-1544631-for-fixing-mips32.patch fixes/Bug-1560340-Only-add-confvars.sh-as-a-dependency-to-confi.patch porting-armhf/Bug-1526653-Include-struct-definitions-for-user_vfp-and-u.patch . removed patch (fixed upstream): porting-mips/Fix-CPU_ARCH-test-for-libjpeg-on-mips.patch porting/Work-around-GCC-ICE-on-mips-i386-and-s390x.patch . * [25cb500] d/control: increase various versions in B-D * [ee5b713] d/control: remove B-D on librust-cbindgen-dev Use librust-toml-dev instead, we only need some files from this package, librust-cbindgen-dev is a metapackage which is broken while packaging. * [442a6b1] d/rules: work around cargo needs a HOME dir * [4894a4c] d/control: increase Standards-Version to 4.4.0 No further changes needed. * [bb47b68] d/control: update upstream homepage for Thunderbird Since some time Mozilla Thunderbird has a new homepage placed on URI https://www.thunderbird.net/ * [a3b680e] d/source.filter: update the filter sequences New Thunderbird upstream versions bringing some new unwanted files within the source. * [7290ff4] d/control: remove transitional lightning l10n packages The Lightning l10n packages moved into transitional packages before Buster was released, now after the Buster release removing these transitional packages. All required l10n files are available in the packages thunderbird-$(locale) even for Lightning. * [3d1d27d] enigmail: increase minimal usable version Thunderbird 68.x needs at least Enigmal in version 2.1, but increase the version on Enigmail to the most recent version which is released while packaging. * [66069d9] calendar-exchange-provider: removed from Breaks This package isn't alive in unstable and testing. * [3b9f936] d/control: remove Xb-Xul-AppId field Thunderbird don't has any Xul based AddOns since version 68.0 * [7d8cd7d] lintian-overrides: remove not needed overrides thunderbird (1:68.0~b1-1) experimental; urgency=medium . * [0eabe70] New upstream version 68.0~b1 * [2febf67] rebuild patch queue from patch-queue branch added patch: debian-hacks/Downgrade-SQlite-version-to-3.27.2.patch * [cfa5973] d/s/lintian-overrides: adjust overrides for needed files * [46077e2] d/copyright: update after upstream changes thunderbird (1:67.0~b3-1) experimental; urgency=medium . [ intrigeri ] * [9ad75ad] d/rules: drop useless usage of dpkg-parsechangelog . [ Carsten Schoenert ] * [d6f6747] New upstream version 67.0~b3 * [90f73be] rebuild patch queue from patch-queue branch removed patch: fixes/Bug-1515641-Turn-enable-av1-around.-r-nalexander.patch * [7dd5c54] d/control: increase various B-D versions Increasing the version for the build depending packages of cargo, cbindgen, libnspr4-dev, libnss3-dev, libsqlite3-dev and rustc. thunderbird (1:66.0~b1-1) experimental; urgency=medium . [ Carsten Schoenert ] * [afe31d9] New upstream version 66.0~b1 * [4ec53cc] apparmor: update profile from upstream (commit 7ace41b1) (cherry-picked from debian/sid) * [b3657a0] d/rules: make dh_clean more robust Remove some regenerated files in dh_clean to the build will not fail in case the build needs to be started twice within the same build environment. (cherry-picked from debian/sid) * [dceb027] d/rules: move disable debug option into configure step Adding the option '--disable-debug-symbols' to the file mozconfig.default in case the build is running on a 32bit architecture instead of expanding the variable 'CONFIGURE_FLAGS'. The configuration approach for this option taken from firefox-esr was not working for the thunderbird package. (cherry-picked from debian/sid) * [f7f02a9] d/rules: reorder LDFLAGS for better readability Make the used additional options for LDFLAGS better readable by reordering the various used options. Also adding the option '-Wl, --as-needed' to the list of used options here. (cherry-picked from debian/sid) * [79801fb] d/rules: use 'compress-debug-sections' only on 64bit Do not set 'LDFLAGS += -Wl,--compress-debug-sections=zlib' globally, lets use this option only if we are on a 64bit architecture as otherwise the build is failing on 32bit architectures again. We don't want to build any debug information on 32bit anyway so we don't need this option on these platforms. (cherry-picked from debian/sid) * [11f9e14] d/mozconfig.default: adding option for mipsel We don't have set up any options for the mipsel platform before, but the build needs some additional options too on this platform to succeed. (cherry-picked from debian/sid) * [e46e178] d/mozconfig.default: disable ion on mips and mipsel The build will fail on mips{,el} if we have enabled ION, the JavaScript JIT compiler on these platforms will loose some performance by this. (cherry-picked from debian/sid) . [ Alexander Nitsch ] * [31b87e9] Make the logo SVG square The original SVG source isn't completely square, modifying the SVG file so all generated other files from the input are also exactly square. * [c0f19a3] Add script for generating PNGs from logo SVG * [c153c5f] Update icon PNGs to be properly scaled . [ Carsten Schoenert ] * [c372e1f] d/source.filter: add some configure scripts Filter out some files that are named 'configure', they are rebuild later anyway. The filtering of these files is moved from gbp.conf to source.filter. (cherry-picked from debian/sid) * [a40c5df] d/c-lightning-l10n-t.sh: drop version checking Remove an old check for a version string within the file install.rdf. It's not created any more by upstream since > 60.0. * [05b325e] d/source.filter: don't ignore files in root folder Try to not ignore files which are in the top root folder of the upstream source tarball. * [d2ca267] rebuild patch queue from patch-queue branch added patch: fixes/Bug-1515641-Turn-enable-av1-around.-r-nalexander.patch . modified (refreshed) patches: porting-armel/Avoid-using-vmrs-vmsr-on-armel.patch porting-armel/Bug-1463035-Remove-MOZ_SIGNAL_TRAMPOLINE.-r-darchons.patch porting-kfreebsd-hurd/Allow-ipc-code-to-build-on-GNU-hurd.patch porting-kfreebsd-hurd/Allow-ipc-code-to-build-on-GNU-kfreebsd.patch porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch porting-kfreebsd-hurd/Fix-GNU-non-Linux-failure-to-build-because-of-ipc-ch.patch porting-kfreebsd-hurd/adding-missed-HURD-adoptions.patch porting-kfreebsd-hurd/ipc-chromium-fix-if-define-for-kFreeBSD-and-Hurd.patch porting-m68k/Add-m68k-support-to-Thunderbird.patch . removed patches (applied upstream): fixes/Fix-big-endian-build-for-SKIA.patch porting-kfreebsd-hurd/Fix-GNU-non-Linux-failure-to-build-because-of-ipc-ch.patch porting-s390x/FTBFS-s390x-Use-jit-none-AtomicOperations-sparc.h-on-s390.patch * [cb1dde9] d/control: increase version in B-D for libsqlite3-dev * [54e8890] d/mozconfig.default: add new configure option We need to disable the usage of libav1 for an successful build. The used configure option was added by the new added patch to the patch queue. * [ecd3ade] d/copyright: update after upstream changes * [af58ed8] d/source.filter: add extra content to ignore thunderbird (1:65.0~b1-1) experimental; urgency=medium . * [e5956ef] Merge tag 'debian/1%60.4.0-1' into debian/experimental * [389748b] d/source.filter: adjust files to filter while repack Rework of the file filter list due new upstream version but also to no filter out files we obviously need later, e.g. for the omni.jar archive. * [4b86a78] New upstream version 65.0~b1 * [3db29ed] rebuild patch queue from patch-queue branch removed patches (fixed upstream): debian-hacks/icu-use-locale.h-instead-of-xlocale.h.patch debian-hacks/shellutil.py-ignore-tilde-as-special-character.patch fixes/Build-also-gdata-provider-as-xpi-file.patch fixes/Use-msse-2-fpmath-C-CXXFLAGS-only-on-x86_64-platforms.patch porting-mips/Bug-1444303-MIPS-Fix-build-failures-after-Bug-1425580-par.patch porting-mips/Bug-1444834-MIPS-Stubout-MacroAssembler-speculationBarrie.patch porting-sparc64/Bug-1434726-Early-startup-crash-on-Linux-sparc64-in-HashI.patch . removed patches (dropped for Debian specific build): debian-hacks/Don-t-build-testing-suites-and-stuff.patch debian-hacks/Don-t-build-testing-suites-and-stuff-part-2.patch adjusted patches: . debian-hacks/Add-another-preferences-directory-for-applications-p.patch debian-hacks/stop-configure-if-with-system-bz2-was-passed-but-no-.patch patches/fixes/Fix-big-endian-build-for-SKIA.patch (but currently disabled) porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch porting-kfreebsd-hurd/adding-missed-HURD-adoptions.patch porting-kfreebsd-hurd/ipc-chromium-fix-if-define-for-kFreeBSD-and-Hurd.patch porting-s390x/FTBFS-s390x-Use-jit-none-AtomicOperations-sparc.h-on-s390.patch * [e918c6c] d/control: increase versions in B-D New Thunderbirds version typically need other packages available with higher versions like NSS, NSPR, rust ... Also adding cbindgen and nodejs()!!). * [b6c63bf] d/mozconfig.default: remove dead options More old configure option are now not available anymore and we need to drop them. * [0f959ad] remove GCC specific options LLVM's clang is now widely used, and clang isn't knowing the GCC options '-fno-schedule-insns2' and '-fno-lifetime-dse', removing these options from CFLAGS and CXXFLAGS. * [d0b1f4b] d/rules: work around about strong quotings in .mk files After the configuration of the source some Makefiles in the build folder 'obj-thunderbird' have a strong qouting on some entries. This will later provoke a build failure if we don't remove the single quotes before in the Makefiles. * [093053e] copyright: update after upstream changes * [95eaacf] d/s/lintian-overrides: adjust overrides for needed files thunderbird (1:60.9.0-1) unstable; urgency=medium . * [5f7ba31] New upstream version 60.9.0 Fixed CVE issues in upstream version 60.8.0 (MFSA 2019-29) CVE-2019-11746: Use-after-free while manipulating video CVE-2019-11744: XSS by breaking out of title and textarea elements using innerHTML CVE-2019-11742: Same-origin policy violation with SVG filters and canvas to steal cross-origin images CVE-2019-11752: Use-after-free while extracting a key value in IndexedDB CVE-2019-11743: Cross-origin access to unload event attributes CVE-2019-11740: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, Firefox ESR 60.9, and Thunderbird 60.9 tiff (4.1.0+git191117-2~deb10u1) buster-security; urgency=high . * Security backport for Buster. * Relax Standards-Version to 4.3.0 . . tiff (4.1.0+git191117-2) unstable; urgency=medium . * Backport upstream fix for rowsperstrip parse regression in OJPEGReadHeaderInfo() (closes: #945402). . tiff (4.1.0+git191117-1) unstable; urgency=medium . * Git snapshot, fixing the following issues: - missing TIFFClose in rgb2ycbcr tool, - missing checks on TIFFGetField in tiffcrop tool, - broken sanity check in OJPEG, - missing generated .sh files for tests. . tiff (4.1.0-1) unstable; urgency=medium . * New upstream release. * Update Standards-Version to 4.4.1 . . tiff (4.0.10+git191003-1) unstable; urgency=high . * Git snapshot, fixing the following security issue: - TIFFReadAndRealloc(): avoid too large memory allocation attempts. . tiff (4.0.10+git190903-1) unstable; urgency=high . * Git snapshot, fixing the following security issues: - setByteArray(): avoid potential signed integer overflow, - EstimateStripByteCounts(): avoid several unsigned integer overflows, - tif_ojpeg: avoid two unsigned integer overflows, - OJPEGWriteHeaderInfo(): avoid unsigned integer overflow on strile dimensions close to UINT32_MAX, - _TIFFPartialReadStripArray(): avoid unsigned integer overflow, - JPEG: avoid use of uninitialized memory on corrupted files, - TIFFFetchDirectory(): fix invalid cast from uint64 to tmsize_t, - allocChoppedUpStripArrays(): avoid unsigned integer overflow, - tif_ojpeg: avoid use of uninitialized memory on edge/broken file, - ByteCountLooksBad and EstimateStripByteCounts: avoid unsigned integer overflows. . tiff (4.0.10+git190818-1) unstable; urgency=high . * Git snapshot, fixing the following security issues: - RGBA interface: fix integer overflow potentially causing write heap buffer overflow, - setByteArray(): avoid potential signed integer overflow. . tiff (4.0.10+git190814-1) unstable; urgency=high . * Git snapshot, fixing the following security issues: - TryChopUpUncompressedBigTiff(): avoid potential division by zero, - fix vulnerability introduced by defer strile loading, - fix vulnerability in 'D' (DeferStrileLoad) mode, - return infinite distance when denominator is zero, - OJPEG: avoid use of uninitialized memory on corrupted files, - OJPEG: fix integer division by zero on corrupted subsampling factors, - OJPEGReadBufferFill(): avoid very long processing time on corrupted files, - TIFFClientOpen(): fix memory leak if one of the required callbacks is not provided, - CVE-2019-14973, fix integer overflow in _TIFFCheckMalloc() and other implementation-defined behaviour (closes: #934780). * Update libtiff5 symbols. * Update Standards-Version to 4.4.0 . tiff (4.1.0+git191117-1) unstable; urgency=medium . * Git snapshot, fixing the following issues: - missing TIFFClose in rgb2ycbcr tool, - missing checks on TIFFGetField in tiffcrop tool, - broken sanity check in OJPEG, - missing generated .sh files for tests. tiff (4.1.0-1) unstable; urgency=medium . * New upstream release. * Update Standards-Version to 4.4.1 . tiff (4.0.10+git191003-1) unstable; urgency=high . * Git snapshot, fixing the following security issue: - TIFFReadAndRealloc(): avoid too large memory allocation attempts. tiff (4.0.10+git190903-1) unstable; urgency=high . * Git snapshot, fixing the following security issues: - setByteArray(): avoid potential signed integer overflow, - EstimateStripByteCounts(): avoid several unsigned integer overflows, - tif_ojpeg: avoid two unsigned integer overflows, - OJPEGWriteHeaderInfo(): avoid unsigned integer overflow on strile dimensions close to UINT32_MAX, - _TIFFPartialReadStripArray(): avoid unsigned integer overflow, - JPEG: avoid use of uninitialized memory on corrupted files, - TIFFFetchDirectory(): fix invalid cast from uint64 to tmsize_t, - allocChoppedUpStripArrays(): avoid unsigned integer overflow, - tif_ojpeg: avoid use of uninitialized memory on edge/broken file, - ByteCountLooksBad and EstimateStripByteCounts: avoid unsigned integer overflows. tiff (4.0.10+git190818-1) unstable; urgency=high . * Git snapshot, fixing the following security issues: - RGBA interface: fix integer overflow potentially causing write heap buffer overflow, - setByteArray(): avoid potential signed integer overflow. tiff (4.0.10+git190814-1) unstable; urgency=high . * Git snapshot, fixing the following security issues: - TryChopUpUncompressedBigTiff(): avoid potential division by zero, - fix vulnerability introduced by defer strile loading, - fix vulnerability in 'D' (DeferStrileLoad) mode, - return infinite distance when denominator is zero, - OJPEG: avoid use of uninitialized memory on corrupted files, - OJPEG: fix integer division by zero on corrupted subsampling factors, - OJPEGReadBufferFill(): avoid very long processing time on corrupted files, - TIFFClientOpen(): fix memory leak if one of the required callbacks is not provided, - CVE-2019-14973, fix integer overflow in _TIFFCheckMalloc() and other implementation-defined behaviour (closes: #934780). * Update libtiff5 symbols. * Update Standards-Version to 4.4.0 . tifffile (20181128-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. . [ Andreas Tille ] * Fix wrapper script Closes: #939511, #938668 tigervnc (1.9.0+dfsg-3+deb10u1) buster; urgency=high . [ Joachim Falk ] * Fix CVE-2019-15691, CVE-2019-15692, CVE-2019-15693, CVE-2019-15694, and CVE-2019-15695 (Closes: #947428) tightvnc (1:1.3.9-9+deb10u1) buster; urgency=medium . * Security upload. (Closes: #945364). * CVE-2014-6053: Check malloc() return value on client->server ClientCutText message. * CVE-2018-20020: Fix heap out-of-bound write vulnerability inside structure in VNC client code. * CVE-2018-20021: CWE-835: Infinite loop vulnerability in VNC client code. * CVE-2018-20022: CWE-665: Improper Initialization vulnerability. * CVE-2018-7225: Uninitialized and potentially sensitive data could be accessed by remote attackers because the msg.cct.length in rfbserver.c was not sanitized. * CVE-2019-15678: LibVNCClient: ignore server-sent cut text longer than 1MB. * Extra patch similar to the fix for CVE-2019-15678: LibVNCClient: ignore server-sent reason strings longer than 1MB (see CVE-2018-20748/ libvncserver). * CVE-2019-15679: rfbproto.c/InitialiseRFBConnection: Check desktop name length received before allocating memory for it and limit it to 1MB. * CVE-2019-15680: Fix null-pointer-deref issue in vncviewer/zlib.c. * CVE-2019-15681: rfbserver: don't leak stack memory to the remote. tightvnc (1:1.3.9-9+deb9u1) stretch; urgency=medium . * Security upload. (Closes: #945364). * CVE-2014-6053: Check malloc() return value on client->server ClientCutText message. * CVE-2019-8287 (aka CVE-2018-20020): Fix heap out-of-bound write vulnerability inside structure in VNC client code. * CVE-2018-20021: CWE-835: Infinite loop vulnerability in VNC client code. * CVE-2018-20022: CWE-665: Improper Initialization vulnerability. * CVE-2018-7225: Uninitialized and potentially sensitive data could be accessed by remote attackers because the msg.cct.length in rfbserver.c was not sanitized. * CVE-2019-15678: LibVNCClient: ignore server-sent cut text longer than 1MB. * Extra patch similar to the fix for CVE-2019-15678: LibVNCClient: ignore server-sent reason strings longer than 1MB (see CVE-2018-20748/ libvncserver). * CVE-2019-15679: rfbproto.c/InitialiseRFBConnection: Check desktop name length received before allocating memory for it and limit it to 1MB. * CVE-2019-15680: Fix null-pointer-deref issue in vncviewer/zlib.c. * CVE-2019-15681: rfbserver: don't leak stack memory to the remote. uif (1.1.9-1+deb10u1) buster; urgency=medium . * debian/patches: + Add 1001_use-iptables-legacy.patch. Work-around iptables->nftables switch in Debian. Full nftables support is being worked on on the upstream side. (Closes: #932265). unhide (20130526-3+deb10u1) buster; urgency=medium . * Team Upload. * debian/patch/allocate-pid-arrays-from-heap.patch: Added to fix a stack exhausting. Thanks to Bernhard Übelacker <bernhardu@mailbox.org>. (Closes: #945864) webkit2gtk (2.26.3-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security. + This fixes CVE-2019-8835, CVE-2019-8844 and CVE-2019-8846. See https://webkitgtk.org/security/WSA-2020-0001.html. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. webkit2gtk (2.26.3-1~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. webkit2gtk (2.26.3-1~bpo9+1) stretch-backports-sloppy; urgency=medium . * Rebuild for stretch-backports-sloppy. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Versions of GStreamer < 1.13 had GStreamerGL in the "bad" set, so depend on libgstreamer-plugins-bad1.0-dev and don't require GStreamer 1.13. Don't install libgstreamer-plugins-bad1.0-dev in armel or armhf: the usage of two different GL implementations causes a build failure (see WebKit bug #175127). + Remove build dependencies on libwoff-dev and libopenjp2-7-dev. + Don't recommend gstreamer1.0-gl, that package is not available in this Debian release. + Build depend on clang-7. + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. * debian/rules: + Build with -DENABLE_MEDIA_SOURCE=OFF. This feature requires a more recent version of GStreamer. + Build with -DUSE_OPENJPEG=OFF. This feature requires a more recent version of libopenjp2-7-dev. + Pass CC and CXX to dh_auto_configure so it uses clang instead of gcc. * debian/patches/is-same-v.patch: + Define std::is_same_v and std::is_pod_v. * debian/patches/fix-gtkdoc-generation.patch: + Fix gtk-doc generation. * debian/patches/safe-multiply.patch: + Fix link errors in 32-bit CPUs with clang * debian/libwebkit2gtk-4.0-37.symbols: + Mark webkit_emoji_chooser_get_type as optional, this requires a more recent version of GTK. * debian/patches/fix-atomics-build.patch: + Use libatomic in libWTF. This fixes the armel build. webkit2gtk (2.26.2-1) unstable; urgency=medium . * New upstream release. * debian/rules: + Stop building with -O1 for armhf and friends, the build seems to work just fine with -O2 now. * debian/control: + Require bubblewrap >= 0.3.1. * debian/patches/force-single-process.patch: + Remove this patch, the fixed version of Geary (3.34.1) is now in unstable. * The WebKitGTK security advisory WSA-2019-0005 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2019-8768 (fixed in 2.24.0). + CVE-2019-8735 (fixed in 2.24.2). + CVE-2019-8726 (fixed in 2.24.3). + CVE-2019-8674, CVE-2019-8707, CVE-2019-8719, CVE-2019-8733 and CVE-2019-8763 (fixed in 2.24.4). + CVE-2019-8625, CVE-2019-8720, CVE-2019-8769 and CVE-2019-8771 (fixed in 2.26.0). webkit2gtk (2.26.2-1~deb10+1) buster-security; urgency=high . * Rebuild for buster-security. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. * The WebKitGTK security advisory WSA-2019-0006 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2019-8765, CVE-2019-8821, CVE-2019-8822 (fixed in 2.24.4) + CVE-2019-8710, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8782, CVE-2019-8808, CVE-2019-8815 (fixed in 2.26.0) + CVE-2019-8783, CVE-2019-8811, CVE-2019-8813, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823 (fixed in 2.26.1) + CVE-2019-8812, CVE-2019-8814 (fixed in 2.26.2) webkit2gtk (2.26.2-1~bpo9+1) stretch-backports-sloppy; urgency=medium . * Rebuild for stretch-backports-sloppy. * debian/control: + Versions of GStreamer < 1.13 had GStreamerGL in the "bad" set, so depend on libgstreamer-plugins-bad1.0-dev and don't require GStreamer 1.13. Don't install libgstreamer-plugins-bad1.0-dev in armel or armhf: the usage of two different GL implementations causes a build failure (see WebKit bug #175127). + Remove build dependency on libwoff-dev, this is not available in this Debian release. + Don't recommend gstreamer1.0-gl, that package is not available in this Debian release. + Don't depend on libopenjp2-7-dev. + Build depend on clang-7. + Remove Breaks for Evolution < 3.34.1. * debian/rules: + Build with -DENABLE_MEDIA_SOURCE=OFF. This feature requires a more recent version of GStreamer. + Build with -DUSE_OPENJPEG=OFF. This feature requires a more recent version of libopenjp2-7-dev. + Pass CC and CXX to dh_auto_configure so it uses clang instead of gcc. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/patches/is-same-v.patch: + Define std::is_same_v * debian/patches/fix-gtkdoc-generation.patch: + Fix gtk-doc generation. * debian/patches/safe-multiply.patch: + Fix link errors in 32-bit CPUs with clang * debian/libwebkit2gtk-4.0-37.symbols: + Mark webkit_emoji_chooser_get_type as optional, this requires a more recent version of GTK. * debian/patches/is-same-v.patch: + Define also std::is_pod_v * debian/patches/fix-atomics-build.patch: + Use libatomic in libWTF. This fixes the armel build. * The WebKitGTK security advisory WSA-2019-0006 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2019-8765, CVE-2019-8821, CVE-2019-8822 (fixed in 2.24.4) + CVE-2019-8710, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8782, CVE-2019-8808, CVE-2019-8815 (fixed in 2.26.0) + CVE-2019-8783, CVE-2019-8811, CVE-2019-8813, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823 (fixed in 2.26.1) + CVE-2019-8812, CVE-2019-8814 (fixed in 2.26.2) webkit2gtk (2.26.1-3) unstable; urgency=medium . * debian/rules: + Use -DWTF_CPU_ARM64_CORTEXA53=OFF to fix the arm64 build. * debian/patches/force-single-process.patch: + Don't use this workaround for Evolution anymore, the fixed version is now in unstable. * debian/control: + Add Breaks for Evolution < 3.34.1. + Update Standards-Version to 4.4.1 (no changes). wordpress (5.0.4+dfsg1-1+deb10u1) buster-security; urgency=medium . * Backport of the 5.3.1 security release Closes: #946905 - CVE-2019-20043 an unprivileged user could make a post sticky via the REST API. - CVE-2019-20042 cross-site scripting (XSS) could be stored in well-crafted links - CVE-2019-20041 hardening wp_kses_bad_protocol() to ensure that it is aware of the named colon attribute. - CVE-2019-16780 and CVE-2019-16781 stored XSS vulnerability using block editor content. * Backport of the 5.2.4 security release Closes: #942459 - CVE-2019-17674 Stored XSS in the Customizer - CVE-2019-17671 Viewing unauthenticated posts - CVE-2019-17672 Stored XSS to inject javascript into style tags - CVE-2019-17673 Poisoning JSON GET requests - CVE-2019-17669 SSRF in URL vaidation - CVE-2019-17675 Referer validation in admin screens * Backport of 5.2.3 security release, Closes: #939543 - CVE-2019-16223 XSS in post previews - CVE-2019-16218 XSS in stored comments - CVE-2019-16220 Open redirect due to validation and sanitization - CVE-2019-16217 XSS in media uploads - CVE-2019-16219 XSS in shortcode previews - CVE-2019-16221 XSS in dashboard - CVE-2019-16222 XSS in URL sanitization x2goclient (4.1.2.1-2+deb10u1) buster; urgency=medium . * debian/patches: + Add libssh-regression-fix-CVE-2019-14889.patch. In src/sshprocess.cpp: strip ~/, ~user{,/}, ${HOME}{,/} and $HOME{,/} from destination paths in scp mode. Fixes: #1428. This was already necessary for pascp (PuTTY- based Windows solution for Kerberos support), but newer libssh versions with the CVE-2019-14889 also interpret paths as literal strings. (Closes: #947129). xen (4.11.3+24-g14b62ab3e5-1~deb10u1) buster-security; urgency=high . * Rebuild for buster-security xmltooling (3.0.4-1+deb10u1) buster; urgency=medium . * [7c6eb12] This branch is for buster updates * [97e580e] New patch: CPPXT-145 - DataSealer is sharing non-thread safe keys. Thanks to Scott Cantor (Closes: #950135) ====================================== Sat, 16 Nov 2019 - Debian 10.2 released ====================================== ========================================================================= [Date: Sat, 16 Nov 2019 08:47:52 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: firefox-esr | 60.8.0esr-1~deb10u1 | armel firefox-esr | 60.9.0esr-1~deb10u1 | armel Closed bugs: 944637 ------------------- Reason ------------------- RoQA; no longer supportable ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 16 Nov 2019 08:56:22 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: firefox-esr-l10n-as | 60.9.0esr-1~deb10u1 | all firefox-esr-l10n-bn-bd | 60.9.0esr-1~deb10u1 | all firefox-esr-l10n-bn-in | 60.9.0esr-1~deb10u1 | all firefox-esr-l10n-en-za | 60.9.0esr-1~deb10u1 | all firefox-esr-l10n-mai | 60.9.0esr-1~deb10u1 | all firefox-esr-l10n-ml | 60.9.0esr-1~deb10u1 | all firefox-esr-l10n-or | 60.9.0esr-1~deb10u1 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by firefox-esr - based on source metadata) ---------------------------------------------- ========================================================================= aegisub (3.2.2+dfsg-4+deb10u1) buster; urgency=medium . * Add libhunspell-dev to Build-Depends: fixes SEGV when right-clicking in the subtitles text box. * Apply patch provided in #935724: fixes crash when selecting a language from the bottom of the "Spell checker language" list by defining a maximum languages constant. * Closes: #935724. akonadi (4:18.08.3-7~deb10u1) buster; urgency=medium . * Rebuild for buster. akonadi (4:18.08.3-6) unstable; urgency=medium . * Team upload. . [ Sandro Knauß ] * Fix "Akonadi don't anwser any requests and ends in deadlock" (Closes: #935981) by adding upstream patches. - Akonadi-fix-dangling-transaction-after-itemsync-fail.patch - ItemSync-skip-handling-remote-items-if-local-changes.patch apache2 (2.4.38-3+deb10u3) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Annoatate patch for CVE-2019-10092: Add missing APLOGNO's in modules/proxy/mod_proxy.c and modules/proxy/mod_proxy_ftp.c apache2 (2.4.38-3+deb10u2) buster-security; urgency=medium . * Fix CVE-2019-10092 patch (Closes: #941202) base-files (10.3+deb10u2) buster; urgency=medium . * Change /etc/debian_version to 10.2, for Debian 10.2 point release. bird (1.6.6-1+deb10u1) buster-security; urgency=medium . * [CVE-2019-16159]: Fix stack-based buffer overflow (Closes: #939990) capistrano (3.11.0-3+deb10u1) buster; urgency=medium . * Add upstream patch to fix failure on removal of old releases (when too many old releases). More information at: https://github.com/capistrano/capistrano/pull/2027 . For this patch to be applied, another one also had to be applied, although with very low impact: https://github.com/capistrano/capistrano/pull/1995 . They are, respectively, batch-rm-part2.patch and batch-rm-part1.patch. . This has been fixed upstream on the release 3.11.1 using the same patches. chromium (78.0.3904.97-1~deb10u1) buster-security; urgency=medium . * New upstream stable release. - CVE-2019-5869: Use-after-free in Blink. Reported by Zhe Jin - CVE-2019-5870: Use-after-free in media. Reported by Guang Gong - CVE-2019-5871: Heap overflow in Skia. Reported by Anonymous - CVE-2019-5872: Use-after-free in Mojo. Reported by Zhe Jin - CVE-2019-5874: External URIs may trigger other browsers. Reported by James Lee - CVE-2019-5875: URL bar spoof. Reported by Khalil Zhani - CVE-2019-5876: Use-after-free in media. Reported by Man Yue Mo - CVE-2019-5877: Out-of-bounds access in V8. Reported by Guang Gong - CVE-2019-5878: Use-after-free in V8. Reported by Guang Gong - CVE-2019-5879: Extensions can read some local files. Reported by Jinseo Kim - CVE-2019-5880: SameSite cookie bypass. Reported by Jun Kokatsu - CVE-2019-13659: URL spoof. Reported by Lnyas Zhang - CVE-2019-13660: Full screen notification overlap. Reported by Wenxu Wu - CVE-2019-13661: Full screen notification spoof. Reported by Wenxu Wu - CVE-2019-13662: CSP bypass. Reported by David Erceg - CVE-2019-13663: IDN spoof. Reported by Lnyas Zhang - CVE-2019-13664: CSRF bypass. Reported by thomas "zemnmez" shadwell - CVE-2019-13665: Multiple file download protection bypass. Reported by Jun Kokatsu - CVE-2019-13666: Side channel using storage size estimate. Reported by Tom Van Goethem - CVE-2019-13667: URI bar spoof when using external app URIs. Reported by Khalil Zhani - CVE-2019-13668: Global window leak via console. Reported by David Erceg - CVE-2019-13669: HTTP authentication spoof. Reported by Khalil Zhani - CVE-2019-13670: V8 memory corruption in regex. Reported by Guang Gong - CVE-2019-13671: Dialog box fails to show origin. Reported by xisigr - CVE-2019-13673: Cross-origin information leak using devtools. Reported by David Erceg - CVE-2019-13674: IDN spoofing. Reported by Khalil Zhani - CVE-2019-13675: Extensions can be disabled by trailing slash. Reported by Jun Kokatsu - CVE-2019-13676: Google URI shown for certificate warning. Reported by Wenxu Wu - CVE-2019-13677: Chrome web store origin needs to be isolated. Reported by Jun Kokatsu - CVE-2019-13678: Download dialog spoofing. Reported by Ronni Skansing - CVE-2019-13679: User gesture needed for printing. Reported by Conrad Irwin - CVE-2019-13680: IP address spoofing to servers. Reported by Thijs Alkemade - CVE-2019-13681: Bypass on download restrictions. Reported by David Erceg - CVE-2019-13682: Site isolation bypass. Reported by Jun Kokatsu - CVE-2019-13683: Exceptions leaked by devtools. Reported by David Erceg - CVE-2019-13685: Use-after-free in UI. Reported by Khalil Zhani - CVE-2019-13686: Use-after-free in offline pages. Reported by Brendon - CVE-2019-13687: Use-after-free in media. Reported by Man Yue Mo - CVE-2019-13688: Use-after-free in media. Reported by Man Yue Mo Tiszka - CVE-2019-13691: Omnibox spoof. Reported by David Erceg - CVE-2019-13692: SOP bypass. Reported by Jun Kokatsu - CVE-2019-13693: Use-after-free in IndexedDB. Reported by Guang Gong - CVE-2019-13694: Use-after-free in WebRTC. Reported by banananapenguin - CVE-2019-13695: Use-after-free in audio. Reported by Man Yue Mo - CVE-2019-13696: Use-after-free in V8. Reported by Guang Gong - CVE-2019-13697: Cross-origin size leak. Reported by Luan Herrera - CVE-2019-13699: Use-after-free in media. Reported by Man Yue Mo - CVE-2019-13700: Buffer overrun in Blink. Reported by Man Yue Mo - CVE-2019-13701: URL spoof in navigation. Reported by David Erceg - CVE-2019-13702: Privilege elevation in Installer. Reported by Phillip Langlois and Edward Torkington - CVE-2019-13703: URL bar spoofing. Reported by Khalil Zhani - CVE-2019-13704: CSP bypass. Reported by Jun Kokatsu - CVE-2019-13705: Extension permission bypass. Reported by Luan Herrera - CVE-2019-13706: Out-of-bounds read in PDFium. Reported by pdknsk - CVE-2019-13707: File storage disclosure. Reported by Andrea Palazzo - CVE-2019-13708: HTTP authentication spoof. Reported by Khalil Zhani - CVE-2019-13709: File download protection bypass. Reported by Zhong Zhaochen - CVE-2019-13710: File download protection bypass. Reported by bernardo.mrod - CVE-2019-13711: Cross-context information leak. Reported by David Erceg - CVE-2019-13713: Cross-origin data leak. Reported by David Erceg - CVE-2019-13714: CSS injection. Reported by Jun Kokatsu - CVE-2019-13715: Address bar spoofing. Reported by xisigr - CVE-2019-13716: Service worker state error. Reported by Barron Hagerman - CVE-2019-13717: Notification obscured. Reported by xisigr - CVE-2019-13718: IDN spoof. Reported by Khalil Zhani - CVE-2019-13719: Notification obscured. Reported by Khalil Zhani - CVE-2019-13720: Use-after-free in audio. Reported by Anton Ivanov and Alexey Kulaev - CVE-2019-13721: Use-after-free in PDFium. Reported by banananapenguin chromium (78.0.3904.87-1) unstable; urgency=medium . * New upstream stable release. - CVE-2019-5869: Use-after-free in Blink. Reported by Zhe Jin - CVE-2019-5870: Use-after-free in media. Reported by Guang Gong - CVE-2019-5871: Heap overflow in Skia. Reported by Anonymous - CVE-2019-5872: Use-after-free in Mojo. Reported by Zhe Jin - CVE-2019-5874: External URIs may trigger other browsers. Reported by James Lee - CVE-2019-5875: URL bar spoof. Reported by Khalil Zhani - CVE-2019-5876: Use-after-free in media. Reported by Man Yue Mo - CVE-2019-5877: Out-of-bounds access in V8. Reported by Guang Gong - CVE-2019-5878: Use-after-free in V8. Reported by Guang Gong - CVE-2019-5879: Extensions can read some local files. Reported by Jinseo Kim - CVE-2019-5880: SameSite cookie bypass. Reported by Jun Kokatsu - CVE-2019-13659: URL spoof. Reported by Lnyas Zhang - CVE-2019-13660: Full screen notification overlap. Reported by Wenxu Wu - CVE-2019-13661: Full screen notification spoof. Reported by Wenxu Wu - CVE-2019-13662: CSP bypass. Reported by David Erceg - CVE-2019-13663: IDN spoof. Reported by Lnyas Zhang - CVE-2019-13664: CSRF bypass. Reported by thomas "zemnmez" shadwell - CVE-2019-13665: Multiple file download protection bypass. Reported by Jun Kokatsu - CVE-2019-13666: Side channel using storage size estimate. Reported by Tom Van Goethem - CVE-2019-13667: URI bar spoof when using external app URIs. Reported by Khalil Zhani - CVE-2019-13668: Global window leak via console. Reported by David Erceg - CVE-2019-13669: HTTP authentication spoof. Reported by Khalil Zhani - CVE-2019-13670: V8 memory corruption in regex. Reported by Guang Gong - CVE-2019-13671: Dialog box fails to show origin. Reported by xisigr - CVE-2019-13673: Cross-origin information leak using devtools. Reported by David Erceg - CVE-2019-13674: IDN spoofing. Reported by Khalil Zhani - CVE-2019-13675: Extensions can be disabled by trailing slash. Reported by Jun Kokatsu - CVE-2019-13676: Google URI shown for certificate warning. Reported by Wenxu Wu - CVE-2019-13677: Chrome web store origin needs to be isolated. Reported by Jun Kokatsu - CVE-2019-13678: Download dialog spoofing. Reported by Ronni Skansing - CVE-2019-13679: User gesture needed for printing. Reported by Conrad Irwin - CVE-2019-13680: IP address spoofing to servers. Reported by Thijs Alkemade - CVE-2019-13681: Bypass on download restrictions. Reported by David Erceg - CVE-2019-13682: Site isolation bypass. Reported by Jun Kokatsu - CVE-2019-13683: Exceptions leaked by devtools. Reported by David Erceg - CVE-2019-13685: Use-after-free in UI. Reported by Khalil Zhani - CVE-2019-13686: Use-after-free in offline pages. Reported by Brendon - CVE-2019-13687: Use-after-free in media. Reported by Man Yue Mo - CVE-2019-13688: Use-after-free in media. Reported by Man Yue Mo Tiszka - CVE-2019-13691: Omnibox spoof. Reported by David Erceg - CVE-2019-13692: SOP bypass. Reported by Jun Kokatsu - CVE-2019-13693: Use-after-free in IndexedDB. Reported by Guang Gong - CVE-2019-13694: Use-after-free in WebRTC. Reported by banananapenguin - CVE-2019-13695: Use-after-free in audio. Reported by Man Yue Mo - CVE-2019-13696: Use-after-free in V8. Reported by Guang Gong - CVE-2019-13697: Cross-origin size leak. Reported by Luan Herrera - CVE-2019-13699: Use-after-free in media. Reported by Man Yue Mo - CVE-2019-13700: Buffer overrun in Blink. Reported by Man Yue Mo - CVE-2019-13701: URL spoof in navigation. Reported by David Erceg - CVE-2019-13702: Privilege elevation in Installer. Reported by Phillip Langlois and Edward Torkington - CVE-2019-13703: URL bar spoofing. Reported by Khalil Zhani - CVE-2019-13704: CSP bypass. Reported by Jun Kokatsu - CVE-2019-13705: Extension permission bypass. Reported by Luan Herrera - CVE-2019-13706: Out-of-bounds read in PDFium. Reported by pdknsk - CVE-2019-13707: File storage disclosure. Reported by Andrea Palazzo - CVE-2019-13708: HTTP authentication spoof. Reported by Khalil Zhani - CVE-2019-13709: File download protection bypass. Reported by Zhong Zhaochen - CVE-2019-13710: File download protection bypass. Reported by bernardo.mrod - CVE-2019-13711: Cross-context information leak. Reported by David Erceg - CVE-2019-13713: Cross-origin data leak. Reported by David Erceg - CVE-2019-13714: CSS injection. Reported by Jun Kokatsu - CVE-2019-13715: Address bar spoofing. Reported by xisigr - CVE-2019-13716: Service worker state error. Reported by Barron Hagerman - CVE-2019-13717: Notification obscured. Reported by xisigr - CVE-2019-13718: IDN spoof. Reported by Khalil Zhani - CVE-2019-13719: Notification obscured. Reported by Khalil Zhani - CVE-2019-13720: Use-after-free in audio. Reported by Anton Ivanov and Alexey Kulaev - CVE-2019-13721: Use-after-free in PDFium. Reported by banananapenguin * Drop support for building with gcc 6 and gtk 2. chromium (76.0.3809.100-1) unstable; urgency=medium . * New upstream security release. - CVE-2019-5867: Out-of-bounds read in V8. Reported by Lucas Pinheiro - CVE-2019-5868: Use-after-free in PDFium ExecuteFieldAction. Reported by banananapenguin chromium (76.0.3809.87-2) unstable; urgency=medium . * Fix inverted logic in enum comparison (closes: #933598). chromium (76.0.3809.87-1) unstable; urgency=medium . * New upstream stable release. - CVE-2019-5847: V8 sealed/frozen elements cause crash. Reported by m3plex - CVE-2019-5848: Font sizes may expose sensitive information. Reported by Mark Amery - CVE-2019-5850: Use-after-free in offline page fetcher. Reported by Brendon Tiszka - CVE-2019-5851: Use-after-poison in offline audio context. Reported by Zhe Jin - CVE-2019-5852: Object leak of utility functions. Reported by David Erceg - CVE-2019-5853: Memory corruption in regexp length check. Reported by yngwei and sakura - CVE-2019-5854: Integer overflow in PDFium text rendering. Reported by Zhen Zhou - CVE-2019-5855: Integer overflow in PDFium. Reported by Zhen Zhou - CVE-2019-5856: Insufficient checks on filesystem: URI permissions. Reported by Yongke Wang - CVE-2019-5857: Comparison of -0 and null yields crash. Reported by cloudfuzzer - CVE-2019-5858: Insufficient filtering of Open URL service parameters. Reported by evi1m0 - CVE-2019-5859: res: URIs can load alternative browsers. Reported by James Lee - CVE-2019-5860: Use-after-free in PDFium. Reported by Anonymous - CVE-2019-5861: Click location incorrectly checked. Reported by Robin Linus - CVE-2019-5862: AppCache not robust to compromised renderers. Reported by Jun Kokatsu - CVE-2019-5864: Insufficient port filtering in CORS for extensions. Reported by Devin Grindle - CVE-2019-5865: Site isolation bypass from compromised renderer. Reported by Ivan Fratric * Use legacy call to avoid error in icu 6.3 (closes: #932049). chromium (76.0.3809.71-1) unstable; urgency=medium . * New upstream beta release. * Recommend system-config-printer (closes: #929106). * Add -fno-delete-null-pointer-checks back into the build flags. chromium (76.0.3809.62-1) unstable; urgency=medium . * New upstream beta release. - Fixes error restoring multiple profiles on startup (closes: #930469). * Update standards version to 4.4.0. chromium (75.0.3770.90-1) unstable; urgency=medium . [ Riku Voipio ] * Fix build on armhf (closes: #930348). . [ Michael Gilbert ] * New upstream security release. - CVE-2019-5842: Use-after-free in Blink. Reported by BUGFENSE * Disable hardware accelerated video (closes: #926032). * Fix signedness error when built with gcc (closes: #914886). - Thanks to Maciej S. Szmigiero. chromium (75.0.3770.80-1) unstable; urgency=medium . * New upstream stable release. - CVE-2019-5824: Parameter passing error in media player. Reported by leecraso and Guang Gong - CVE-2019-5825: Out-of-bounds write in V8. Reported by Gengming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu - CVE-2019-5826: Use-after-free in IndexedDB. Reported by Gengming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu - CVE-2019-5827: Out-of-bounds access issue in SQLite. Reported by mlfbrown - CVE-2019-5828: Use after free in ServiceWorker. Reported by leecraso and Guang Gong - CVE-2019-5829: Use after free in Download Manager. Reported by Lucas Pinheiro - CVE-2019-5830: Incorrectly credentialed requests in CORS. Reported by Andrew Krasichkov - CVE-2019-5831: Incorrect map processing in V8. Reported by yngwei - CVE-2019-5832: Incorrect CORS handling in XHR. Reported by Sergey Shekyan - CVE-2019-5833: Inconsistent security UI placement. Reported by Khalil Zhani - CVE-2019-5834: URL spoof in Omnibox on iOS. Reported by Khalil Zhani - CVE-2019-5835: Out of bounds read in Swiftshader. Reported by Wenxiang Qian - CVE-2019-5836: Heap buffer overflow in Angle. Reported by Omair - CVE-2019-5837: Cross-origin resources size disclosure in Appcache. Reported by Adam Iwaniuk - CVE-2019-5838: Overly permissive tab access in Extensions. Reported by David Erceg - CVE-2019-5839: Incorrect handling of certain code points in Blink. Reported by Masato Kinugawa - CVE-2019-5840: Popup blocker bypass. Reported by Eliya Stein and Jerome Dangu chromium (75.0.3770.10-1) experimental; urgency=medium . * New upstream development release. - Fixes crash when launching chromium a second time (closes: #927913). * Document how to use widevine in README.debian (closes: #929026). * Apply vaapi update from the Fedora chromium 73 package (closes: #926032). chromium (74.0.3729.108-1) unstable; urgency=medium . * New upstream stable release. - Eliminates flood of vsync error messages (closes: #901831). - Correctly shuts down when SIGTERM is recieved (closes: #924901). - Fixes regression in hardware accelerated video (closes: #926032). - CVE-2019-5805: Use after free in PDFium. Reported by Anonymous - CVE-2019-5806: Integer overflow in Angle. Reported by Wen Xu - CVE-2019-5807: Memory corruption in V8. Reported by TimGMichaud - CVE-2019-5808: Use after free in Blink. Reported by cloudfuzzer - CVE-2019-5809: Use after free in Blink. Reported by Mark Brand - CVE-2019-5810: User information disclosure in Autofill. Reported by Mark Amery - CVE-2019-5811: CORS bypass in Blink. Reported by Jun Kokatsu - CVE-2019-5813: Out of bounds read in V8. Reported by Aleksandar Nikolic - CVE-2019-5814: CORS bypass in Blink. Reported by @AaylaSecura1138 - CVE-2019-5815: Heap buffer overflow in Blink. Reported by Nicolas Grégoire - CVE-2019-5818: Uninitialized value in media reader. Reported by Adrian Tolbaru - CVE-2019-5819: Incorrect escaping in developer tools. Reported by Svyat Mitin - CVE-2019-5820: Integer overflow in PDFium. Reported by pdknsk - CVE-2019-5821: Integer overflow in PDFium. Reported by pdknsk - CVE-2019-5822: CORS bypass in download manager. Reported by Jun Kokatsu - CVE-2019-5823: Forced navigation from service worker. Reported by David Erceg cron (3.0pl1-134+deb10u1) buster; urgency=medium . [ Laurent Bigonville ] * Stop using obsolete SELinux API (Closes: #924716) cyrus-imapd (3.0.8-6+deb10u1) buster; urgency=medium . * Add patch to fix data loss on upgrade from versions ≤ 3.0.0 (Closes: #933163) debian-edu-config (2.10.65+deb10u2) buster; urgency=medium . [ Wolfgang Schweer ] * Adjust share/debian-edu-config/d-i/finish-install: (Closes: #941574) - Use 'dpkg-reconfigure -u --no-reload debian-edu-config' to add post-up stanza to /etc/network/interfaces eth0 entry conditionally. * Cope with Firefox-ESR ini files that need to be different (as of version 68.2.0esr) to further allow centralized configuration: (Closes: #944013) - Add share/debian-edu-config/profiles.ini.ff (Firefox-ESR profiles.ini). - Add share/debian-edu-config/installs.ini (now needed in addition for users that don't have a Firefox-ESR profile, i.e. new users). - Adjust share/debian-edu-config/tools/gosa-create which is used to copy the related Firefox-ESR ini files. - Ajust Makefile. - Adjust ldap-tools/ldap-debian-edu-install (fix for the first user). debian-installer (20190702+deb10u2) buster; urgency=medium . [ Samuel Thibault ] * build/util/grub-gencfg: Set gfxpayload=keep in submenus too, to fix unreadable fonts on hidpi displays in netboot images booted with EFI. (See: #935546) debian-installer-netboot-images (20190702+deb10u2) buster; urgency=medium . * Update to 20190702+deb10u2, from buster-proposed-updates. dino-im (0.0.git20181129-1+deb10u1) buster-security; urgency=high . * Fix check of source of a carbons message (CVE-2019-16235) * Check roster push authorization (CVE-2019-16236) * Fix check of source of MAM message (CVE-2019-16237) distro-info-data (0.41+deb10u1) buster; urgency=medium . [ Stefano Rivera ] * Add Ubuntu 20.04 LTS, Focal Fossa. dkimpy-milter (1.0.2-1) buster; urgency=medium . * New upstream release * Put upstream init file where dh_installinit expects to find it so it is properly registered * Update debian/watch to point to 1.0 version for stable updates * Update and rename d/p/0001-update-upstream-unit-and-init-file-paths.patch so sysv init paths are correct too docker.io (18.09.1+dfsg1-7.1+deb10u1) buster-security; urgency=medium . [ Arnaud Rebillout ] * Add upstream patch for CVE-2019-13139 (Closes: #933002). * Add upstream patches for CVE-2019-13509 (Closes: #932673). . [ Felix Geyer ] * Add upstream patch for CVE-2019-14271 * Cherry-pick upstream commits to fix test failures with golang >= 1.11.6-1+deb10u1 e2fsprogs (1.44.5-1+deb10u2) buster-security; urgency=high . * Fix CVE-2019-5094: potential buffer overrun in e2fsck (Closes: #941139) emacs (1:26.1+1-3.2+deb10u1) buster; urgency=high . * Update the EPLA packaging key (previous key expires 2019-09-23) via the upstream commit f16785d361097df9fddfcc0b60ae6f0d92e7e911. Add the old and new keyrings to debian/ and debian/source/include-binaries since debian/patches/ can't handle git binary diffs. Thanks to Stefan Monnier for reporting the problem and providing the patch. exim4 (4.92-8+deb10u3) buster-security; urgency=high . * 78_02-Fix-buffer-overflow-in-string_vformat.-Bug-2449.patch: Fix buffer overflow in string_vformat. exim4 (4.92-8+deb10u3~bpo9+1) stretch-backports; urgency=high . * Rebuild for stretch-backports. . exim4 (4.92-8+deb10u3) buster-security; urgency=high . * 78_02-Fix-buffer-overflow-in-string_vformat.-Bug-2449.patch: Fix buffer overflow in string_vformat. exim4 (4.92-8+deb10u2) buster-security; urgency=high . * 78_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch Fix SNI related buffer overflow. CVE-2019-15846 exim4 (4.92-8+deb10u2~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. . exim4 (4.92-8+deb10u2) buster-security; urgency=high . * 78_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch Fix SNI related buffer overflow. CVE-2019-15846 expat (2.2.6-2+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * xmlparse.c: Deny internal entities closing the doctype (CVE-2019-15903) (Closes: #939394) fence-agents (4.3.3-2+deb10u1) buster; urgency=medium . * Update patch for removing fence_amt_ws (Closes: #934519) file (1:5.35-4+deb10u1) buster-security; urgency=high . * Cherry-pick commit to restrict the number of CDF_VECTOR elements. Closes: #942830 [CVE-2019-18218] firefox-esr (68.2.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2019-33, also known as: CVE-2019-15903, CVE-2019-11757, CVE-2019-11758, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764. . firefox-esr (68.1.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2019-26, also known as CVE-2019-11746, CVE-2019-11744, CVE-2019-11742, CVE-2019-11752, CVE-2019-9812, CVE-2019-11743, CVE-2019-11748, CVE-2019-11749, CVE-2019-11750, CVE-2019-11738, CVE-2019-11747, CVE-2019-11735, CVE-2019-11740. . * debian/upstream.mk: Read source repo and revision from json when getting upstream info. Instead of the .txt file that doesn't exist as of 69. * debian/control*: - Remove unused build dependency against python-ply. - Remove python-minimal build dependency. All supported versions of Debian have a new enough version. * debian/l10n/gen, debian/latest_nightly.py, debian/rules, debian/symbols.mk, debian/upstream.mk, debian/watch: Use explicit python2.7 instead of python. . firefox-esr (68.0.2esr-1) unstable; urgency=medium . * New upstream ESR release. . firefox (68.0.2-3) unstable; urgency=medium . * debian/control.in: Take source package name from preprocessing. . * build/moz.configure/old.configure: Avoid race condition creating old-configure. bz#1574761. * dom/media/systemservices/CamerasChild.cpp, dom/media/systemservices/CamerasParent.cpp, dom/media/systemservices/VideoEngine.cpp, dom/media/webrtc/MediaEngineRemoteVideoSource.cpp: Don't use __PRETTY_FUNCTION__ or __FUNCTION__ as format strings. bz#1531309. Closes: #925680. . firefox (68.0.2-2) unstable; urgency=medium . * debian/rules: Fix MOZ_APP_REMOTINGNAME. Upstream build system changes made the config.status editing trick stop working. Export the variable for configure to pick it instead. Closes: #932256 . firefox (68.0.2-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2019-24, also known as CVE-2019-11733. . * debian/control*, debian/rules: Don't build against system vpx >= 1.8.0. It has API changes that cause FTBFS. . firefox (68.0.1-2) unstable; urgency=medium . * debian/rules: Work around https://github.com/rust-lang/cargo/issues/7147. . firefox (68.0.1-1) unstable; urgency=medium . * New upstream release. . * debian/rules: - Hook stamps/dh_install-l10n to override_dh_install-indep rather than binary-indep. - Pass make job server down through dh_auto_build. * debian/rules, debian/dh: Wrap dh to ensure debian/rules is invoked with parallelism. . firefox (68.0-3) unstable; urgency=medium . * debian/browser.README.Debian.in: Fix a reference to iceweasel in README.Debian. Thanks Edward Betts. * debian/rules: - Only exclude "-g" from dpkg-buildflags output. All the other flags that used to be excluded either already match upstream or add reproducibility. - Don't unexpectedly reset LDFLAGS. - [firefox-esr] Remove iceweasel transitional packages on bullseye. - Disable dh_strip_nondeterminism. Upstream build system already avoids non-determinism it would strip, so there is no need for it further modifying files. - Avoid arch:all builds building arch:any stuff. - Move AUTOCONF_DIRS cleanup after dh_clean. - Add rust flags to improve reproducibility. - Only touch or remove configure when it wasn't there to begin with. - Call configure using its full path. - Factor common configure arguments. - Build langpacks with --disable-compile-environment, and pass less configure arguments. - Build each langpack from a separate build directory. This means time wasted running configure more times, but all locales can now be built in parallel. * debian/symbols.mk, debian/symbols.apt.conf, debian/symbols.sources.list: Miscellaneous changes to symbols download script. * debian/make.mk: Exclude symbols.mk variables from dump output. * debian/browser.mozconfig.in: Remove redundant --prefix=/usr. * debian/control.in, debian/rules, debian/symbols.mk, debian/upstream.mk: Remove packaging scripts compatibility with Wheezy. . * moz.configure: Only add confvars.sh as a dependency to config.status when it exists. bz#1560340. . firefox (68.0-2) unstable; urgency=medium . * debian/rules, debian/upstream.mk: Account for next Debian release. * debian/rules, debian/control: Build against system sqlite again. . * gfx/skia/skia/third_party/skcms/src/Transform_inl.h: Work around GCC ICE on mips*, i386 and s390x. Closes: #931757 * python/mozbuild/mozbuild/action/langpack_manifest.py: Use build id as langpack version for reproducibility. bz#1565504. . firefox (68.0-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2019-21, also known as: CVE-2019-9811, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11714, CVE-2019-11715, CVE-2019-11716, CVE-2019-11717, CVE-2019-11718, CVE-2019-11720, CVE-2019-11721, CVE-2019-11730, CVE-2019-11723, CVE-2019-11724, CVE-2019-11725, CVE-2019-11727, CVE-2019-11728, CVE-2019-11710, CVE-2019-11709. . * debian/control*: Bump nss, sqlite, rustc, cargo and cbindgen build dependencies. Remove Build-Conflicts with nss 3.44-1, since we now build-depend on a more recent version. * debian/rules, debian/control: Don't build against system sqlite, as Debian doesn't have the required version yet. * [firefox-esr] debian/l10n/browser-l10n.control*, debian/l10n/gen: Don't generate iceweasel l10n transition packages for locales that were never offered with iceweasel. * debian/control, debian/l10n/browser-l10n.control.in: Add transition dependencies for Bengali l10n. There is now only one Bengali l10n package instead of two. * debian/rules: Disable JIT at build time on mips because it fails to build. . * build/gyp.mozbuild: Revert patch that disables libyuv assembly on mips64. It apparently compiles, now. . firefox (67.0.4-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2019-19, also known as CVE-2019-11708. . firefox (67.0.3-2) unstable; urgency=medium . * python/mozbuild/mozbuild/action/node.py: Attempt to work around make issue happening on arch: all buildd. . firefox (67.0.3-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2019-18, also known as CVE-2019-11707. . firefox (67.0.2-1) unstable; urgency=medium . * New upstream release. . firefox (67.0.1-1) unstable; urgency=medium . * New upstream release. . firefox (67.0-4) unstable; urgency=medium . * debian/rules: Work around FTBFS on mips* by disabling webrtc Build fails because of missing configurations for mips*. * debian/control*: Build-Conflicts with libnss3-dev 2:3.44-1. Closes: #929846. . * js/src/jit/mips32/MacroAssembler-mips32-inl.h: Fix FTBFS on mips/mipsel. bz#1556197. . firefox (67.0-3) unstable; urgency=medium . * media/webrtc/trunk/webrtc/system_wrappers/source/cpu_features.cc: Remove WebRtc_GetCPUFeaturesARM from cpu_features.cc. It is already in cpu_features_linux.c (and is not in cpu_features.cc in webrtc upstream). Fixes FTBFS on armhf. bz#1523162. . firefox (67.0-2) unstable; urgency=medium . * debian/extra-stuff/addonsInfo.jsm: - Avoid running -dumps-addons-info without a running Firefox counting as a crash. - Support addons in resource:// locations in -dump-addons-info . * js/src/wasm/WasmSignalHandlers.cpp: Include struct definitions for user_vfp and user_vfp_exc. Fixes FTBFS on armhf. bz#1526653. * js/src/jit/mips*/MacroAssembler-mips*-inl.h, js/src/jit/mips*/Trampoline-mips*.cpp: Fix functions: branchTestBigInt, negPtr, generateVMWrapper on MIPS. bz#1544631. * toolkit/modules/sessionstore/PrivacyFilter.jsm: Update and harden form data filtering for privacy to account for no data being passed in. bz#1553413. . firefox (67.0-1) experimental; urgency=medium . * New upstream release. * Fixes for mfsa2019-13, also known as: CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820, CVE-2019-9821, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-7317, CVE-2019-11695, CVE-2019-11696, CVE-2019-11697, CVE-2019-11698, CVE-2019-11699, CVE-2019-11701, CVE-2019-9814, CVE-2019-9800. * Upload to experimental because the required cbindgen is not available in unstable. . * debian/control*: Bump nspr, sqlite, rustc, cargo and cbindgen build dependencies. * debian/extra-stuff/addonsInfo.*, debian/extra-stuff/moz.build, debian/installer/package-manifest.browser, debian/rules: Modernize addonsInfo per bz#1431533, bz#1432992, bz#1514594, bz#1524688, etc. . firefox (66.0.5-1) unstable; urgency=medium . * New upstream release. - Additional fixes for addon signature validation. . firefox (66.0.4-1) unstable; urgency=medium . * New upstream release. - Fixes issues with addon signature validation. Closes: #928417. Note: this didn't affect addons installed via Debian packages. . firefox (66.0.1-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2019-09, also known as: CVE-2019-9810, CVE-2019-9813. . * debian/control*: Bump nss, sqlite, rustc, cargo and cbindgen build dependencies. . firefox (66.0-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2019-07, also known as: CVE-2019-9790, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9795, CVE-2019-9796, CVE-2019-9797, CVE-2019-9799, CVE-2019-9802, CVE-2019-9803, CVE-2019-9805, CVE-2019-9806, CVE-2019-9807, CVE-2019-9809, CVE-2019-9808, CVE-2019-9789, CVE-2019-9788. . * debian/browser.mozconfig.in: Adjust to the upstream change wrt Google API key configure options. * debian/control*: Add nasm build dependency on amd64 and i386. . firefox (65.0.1-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2019-04, also known as: CVE-2018-18356, CVE-2019-5795, CVE-2018-18511. . * debian/rules, debian/upstream.mk: Manually set the update channel. Closes: #921381, #921121, #921654. * debian/rules: Build with -mfp32 on mips and mipsel. This should fix the FTBFS. . firefox (65.0-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2019-01, also known as: CVE-2018-18500, CVE-2018-18503, CVE-2018-18504, CVE-2018-18505, CVE-2018-18506, CVE-2018-18502, CVE-2018-18501. . * debian/control*: Bump nss, sqlite, rustc, cargo and cbindgen build dependencies. * debian/browser.install.in: Install libmozwayland.so. . firefox (64.0-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2018-29, also known as: CVE-2018-12407, CVE-2018-17466, CVE-2018-18492, CVE-2018-18493, CVE-2018-18494, CVE-2018-18495, CVE-2018-18496, CVE-2018-18497, CVE-2018-18498, CVE-2018-12406, CVE-2018-12405. . * debian/rules, debian/browser.install.in: Properly copy the watermark to /usr/share/icons/hicolor/symbolic/apps. * debian/rules: Disable debug symbols on 32-bits architectures, that requires too much memory. * debian/browser.mozconfig.in: - Remove --enable-pie option, it's the default, now. - Remove --disable-nodejs now that it's required. * debian/control*: - Bump rustc, cargo, cbindgen, nss and sqlite dependencies. - Add nodejs build dependency. * debian/browser-symbolic.svg.in: Import the watermark used for the symbolic icon in the debian/ directory. . firefox (63.0.3-1) unstable; urgency=medium . * New upstream release. . * debian/control*: Build depend on unversioned clang/llvm. Closes: #912802. * debian/rules: Use embedded libevent in backports. Closes: #910397. * debian/rules: Use GNU gold linker on i386 because BFD ld fails to link libxul.so (memory exhausted). . * build/unix/elfhack/test.c: Try to ensure the bss section of the elfhack testcase stays large enough. bz#1505608. * memory/build/mozjemalloc.cpp: Fix run sizes for size classes >= 16KB on systems with large pages. bz#1507035. Closes: #911898. * media/libaom/moz.build: Use NEON_FLAGS instead of VPX_ASFLAGS for libaom neon code. * gfx/cairo/libpixman/src/pixman-vmx.c: Protect #include <config.h> in pixman-vmx.c like in other pixman-*.c files . firefox (63.0.1-1) unstable; urgency=medium . * New upstream release. * debian/google.key: Use new Google API key, courtesy of Francois Marier. . firefox (63.0-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2018-26, also known as: CVE-2018-12392, CVE-2018-12393, CVE-2018-12395, CVE-2018-12396, CVE-2018-12397, CVE-2018-12398, CVE-2018-12399, CVE-2018-12401, CVE-2018-12402, CVE-2018-12403, CVE-2018-12388, CVE-2018-12390. . * debian/control*: - Bump nss dependency. - Add build dependency on cbindgen. * debian/browser.mozconfig.in: Disable nodejs until it's actually necessary. * debian/rules: Add -Wl,--compress-debug-sections=zlib to LDFLAGS to work around elfhack failing with unstripped binaries larger than 2GiB. . firefox (62.0.3-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2018-24, also known as: CVE-2018-12386, CVE-2018-12387. . * debian/extra-stuff/addonsInfo.js: Fixes to work with recent versions of Firefox. Closes: #909056. * debian/control*, debian/browser.mozconfig.in: Build ALSA support. Closes: #864987, #900062, #908349 . firefox (62.0.2-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2018-22, also known as CVE-2018-12385. * Ignore locale change events for the search service on shutdown. bz#1489820. Closes: #908932. . * debian/control*: - Remove the sqlite and nss dependencies when not building against the system libraries. - Enforce nss, nspr and sqlite dependencies to the same versions as build dependencies. There are subtle non-ABI differences between versions that Firefox might be relying on (be it features, behavior changes/fixes, etc.) and can cause subtle problems when older versions are used. Closes: #908225, #908520. - Add a suggestion for pulseaudio. * debian/rules, debian/control: Add libavcodec-extra* packages to the list of recommends. Closes: #909130 . * js/src/jit/BaselineJIT.h: Disable baseline JIT when SSE2 is not supported at runtime. bz#1492064. Closes: #908396, #908449. * gfx/2d/Swizzle.cpp: Use Swizzle fallback when SSE2 is not supported. bz#1492065. Closes: #877445. . firefox (62.0-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2018-20, also known as: CVE-2018-12377, CVE-2018-12378, CVE-2018-12383, CVE-2018-12375, CVE-2018-12376. . * debian/control*: - Bump nss and sqlite build dependencies. - Build depend on llvm/clang 6.0 for buster. Closes: #906175. * debian/browser.mozconfig.in, debian/control*, debian/rules: Remove build dependency on libbz2-dev. It's not used anymore. * debian/noinstall.in: Remove the dictionaries directory, not part of the packaged Firefox anymore. * debian/l10n/gen: Use iso-codes json data instead of XML when present. Closes: #907611. . * widget/gtk/nsAppShell.cpp: Use remoting name for call to gdk_set_program_class. Closes: #907574. . firefox (61.0.1-1) unstable; urgency=medium . * New upstream release. . firefox (61.0-2) unstable; urgency=medium . * debian/browser.mozconfig.in, debian/control*, debian/rules: Remove build dependency on system libhunspell. Using system hunspell lacks features required by Firefox. Next version of Firefox doesn't allow to build against system hunspell anyways. Closes: #900469. * debian/browser.links.in, debian/rules, debian/vendor.js: Use the spellchecker.dictionary_path pref to set the hunspell directory. * debian/browser.mozconfig.in: Allow unsigned addons in app and system scopes. * debian/rules: Work around the effect the above has on the --{enable,with}-system-* check. * debian/control*: Remove old conflicts. Thanks Sylvestre Ledru. Closes: #882956. * debian/l10n/recommends, debian/l10n/browser-l10n.control, debian/control: Update dictionary recommendations, following these rules: - Transitional myspell packages are not listed except when stable doesn't have the corresponding hunspell package. - Both hunspell and myspell packages are listed if they are different. Closes: #813832, #825843 * debian/copyright, debian/rules: Refer to /usr/share/common-licenses/MPL* instead of installing our own copy. Closes: #704303. * debian/make.mk: Use the same code as dump target for the dump-% target. * debian/control*, debian/rules: Add Recommends on all supported libavcodec libraries for h264 playback. Closes: #901600. . * toolkit/modules/AppConstants.jsm, toolkit/modules/moz.build, toolkit/moz.configure, toolkit/mozapps/extensions/internal/XPIInstall.jsm, toolkit/mozapps/extensions/content/extensions.js, toolkit/mozapps/extensions/internal/XPIDatabase.jsm: Change how addon signature requirement relaxation is done. Closes: #899390. . firefox (61.0-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2018-15, also known as: CVE-2018-12359, CVE-2018-12360, CVE-2018-12361, CVE-2018-12358, CVE-2018-12362, CVE-2018-5156, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12371, CVE-2018-12366, CVE-2018-12367, CVE-2018-12369, CVE-2018-12370, CVE-2018-5186, CVE-2018-5187, CVE-2018-5188. . * debian/control*: - Bump nss and sqlite build dependencies. - Add a build dependency on python3. * debian/browser.install.in: Adjust to upstream changes. * debian/vendor.js: Relax the addon signature requirements. . * toolkit/mozapps/extensions/content/extensions.js, toolkit/mozapps/extensions/internal/XPIDatabase.jsm: Allow to relax the addon signature requirements. firefox-esr (68.2.0esr-1~deb9u2) stretch-security; urgency=medium . * Don't set the NASM make variable on architectures without nasm, fixes FTBFS on !x86. * Output icu build log to stdout rather than to a file. firefox-esr (68.2.0esr-1~deb9u1) stretch-security; urgency=medium . * New upstream release. * Fixes for mfsa2019-33, also known as: CVE-2019-15903, CVE-2019-11757, CVE-2019-11758, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764. firefox-esr (68.1.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2019-26, also known as CVE-2019-11746, CVE-2019-11744, CVE-2019-11742, CVE-2019-11752, CVE-2019-9812, CVE-2019-11743, CVE-2019-11748, CVE-2019-11749, CVE-2019-11750, CVE-2019-11738, CVE-2019-11747, CVE-2019-11735, CVE-2019-11740. . * debian/upstream.mk: Read source repo and revision from json when getting upstream info. Instead of the .txt file that doesn't exist as of 69. * debian/control*: - Remove unused build dependency against python-ply. - Remove python-minimal build dependency. All supported versions of Debian have a new enough version. * debian/l10n/gen, debian/latest_nightly.py, debian/rules, debian/symbols.mk, debian/upstream.mk, debian/watch: Use explicit python2.7 instead of python. firefox-esr (68.0.2esr-1) unstable; urgency=medium . * New upstream ESR release. firefox-esr (60.9.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. Fixes for mfsa2019-27, also known as: CVE-2019-11746, CVE-2019-11744, CVE-2019-11742, CVE-2019-11752, CVE-2019-9812, CVE-2019-11743, CVE-2019-11740. firefox-esr (60.9.0esr-1~deb9u1) stretch-security; urgency=medium . * New upstream release. Fixes for mfsa2019-27, also known as: CVE-2019-11746, CVE-2019-11744, CVE-2019-11742, CVE-2019-11752, CVE-2019-9812, CVE-2019-11743, CVE-2019-11740. firefox-esr (60.8.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2019-22, also known as: CVE-2019-9811, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11729, CVE-2019-11715, CVE-2019-11717, CVE-2019-11719, CVE-2019-11730, CVE-2019-11709. flatpak (1.2.5-0+deb10u1) buster; urgency=medium . * New upstream stable release - Allow runtimes (not just apps) to use extra_data, which is required by the new org.freedesktop.Platform.openh264 extension - Support apps that specify several required Flatpak versions, such as 1.4.2;1.2.5; for runtimes that require the above feature - Backport some crash bug fixes from 1.4.x - Fix installation of bundles - Set looser permissions on the /run/host/monitor directory, to work better with tools like Fedora Toolbox on the host system - Do not wrongly remove extensions as "unused" if they are referenced by the 'versions' extension key rather than by 'version' * d/gbp.conf: Use debian/buster packaging branch * d/watch: Only look for 1.2.x releases flightcrew (0.7.2+dfsg-13+deb10u1) buster; urgency=high . * Fix CVE-2019-13241 for Buster. * Fix CVE-2019-13032 for Buster. Closes: #931246 fonts-noto-cjk (1:20170601+repack1-3+deb10u1) buster; urgency=medium . * Team upload. * debian/70-fonts-noto-cjk.conf: Use "prepend" instead of "prepend_first". This fixes over-aggressive font selection of Noto CJK fonts in modern web browsers under Chinese locale. (Closes: #907999) fonts-noto-cjk (1:20170601+repack1-3+deb10u1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. freetype (2.9.1-3+deb10u1) buster; urgency=medium . * debian/control: - Demote Recommends: freetype2-doc to Suggests (Closes: #919284). * debian/patches: - Add an upstream patch to properly handle phantom points for variable hinted fonts (Closes: #932303). fribidi (1.0.5-3.1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Truncate isolate_level to FRIBIDI_BIDI_MAX_EXPLICIT_LEVEL (CVE-2019-18397) ghostscript (9.27~dfsg-2+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * make .forceput inaccessible (CVE-2019-14811, CVE-2019-14812, CVE-2019-14813) * PDF interpreter - review .forceput security (CVE-2019-14817) glib2.0 (2.58.3-2+deb10u2) buster; urgency=medium . * Team upload * d/p/credentials-Invalid-Linux-struct-ucred-means-no-informati.patch, d/p/GDBus-prefer-getsockopt-style-credentials-passing-APIs.patch: Ensure libdbus clients can authenticate with a GDBusServer like the one in ibus, backported from upstream 2.62.x branch (Closes: #941018) * d/p/Add-a-test-for-GDBusServer-authentication.patch, d/p/gdbus-server-auth-test-Create-temporary-directory-for-Uni.patch, d/p/gdbus-server-auth-test-Include-gcredentialsprivate.h.patch: Backport regression test for #941018 * Build-depend on libdbus-1-dev for better test coverage * d/control.in: Set branch to debian/buster in Vcs-Git gnome-shell (3.30.2-11~deb10u1) buster; urgency=medium . * Team upload * Recompile for Debian 10 * d/gbp.conf: Change packaging branch to debian/buster . gnome-shell (3.30.2-11) unstable; urgency=medium . * Team upload * d/gnome-shell.bug-control: Include related packages in bug reports . gnome-shell (3.30.2-10) unstable; urgency=medium . * Team upload * Update to upstream gnome-3-30 branch, commit 3.30.2-22-gd41669189 - d/p/dialog-Really-set-ellipsize-mode-in-subtitle-and-body.patch: Fix truncation of long messages in Shell-modal dialogs (LP: #1809788) - d/p/osk-layouts-Fix-French-layout.patch: Update metadata to reflect upstream backport (no functional changes) - d/p/boxpointer-Unset-the-sourceActor-on-destruction.patch: Avoid crash on reallocation of dead actors (LP: #1831555) gnome-shell (3.30.2-10) unstable; urgency=medium . * Team upload * Update to upstream gnome-3-30 branch, commit 3.30.2-22-gd41669189 - d/p/dialog-Really-set-ellipsize-mode-in-subtitle-and-body.patch: Fix truncation of long messages in Shell-modal dialogs (LP: #1809788) - d/p/osk-layouts-Fix-French-layout.patch: Update metadata to reflect upstream backport (no functional changes) - d/p/boxpointer-Unset-the-sourceActor-on-destruction.patch: Avoid crash on reallocation of dead actors (LP: #1831555) gnome-sound-recorder (3.28.2-2~deb10u1) buster; urgency=medium . * Team upload * Rebuild for Debian 10 - d/gbp.conf: Set packaging branch to debian/buster gnustep-base (1.26.0-4+deb10u1) buster; urgency=medium . * debian/gnustep-base-runtime.preinst: New file; handle the poor upgrade from stretch to buster which left the gdomap daemon enabled (Closes: #939119). Thanks to Alan Jenkins. * debian/NEWS: Document that the gdomap daemon is disabled forcefully. * debian/patches/gdomap-udp-amplification.patch: New; fix UDP amplification vulnerability. Patch by Alan Jenkins. * debian/patches/series: Update. * debian/gbp.conf: Set debian-branch to buster. golang-1.11 (1.11.6-1+deb10u3) buster-security; urgency=high . * crypto/dsa: prevent bad public keys from causing panic https://github.com/golang/go/issues/34960 CVE-2019-17596 golang-1.11 (1.11.6-1+deb10u2) buster-security; urgency=high . * Fix normalization of headers with spaces before the colon. https://github.com/golang/go/issues/34541 CVE-2019-16276 * Refresh patches * Adapt gbp.conf for security branch graphite-web (1.1.4-3+deb10u1) buster; urgency=high . [ Utkarsh Gupta ] * Add patch to remove the 'send_email' function to avoid SSRF attack. This was insecure, not used in the code, and was undocumented as well. (Fixes: CVE-2017-18638) . [ Thomas Goirand ] * Avoid hourly error in cron with no whisper db (Closes: #940554). Thanks to Alexandre Rossi <niol@zincube.net> for the patch. ibus (1.5.19-4+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * bus: Implement GDBusAuthObserver callback (CVE-2019-14822) inn2 (2.6.3-1+deb10u2) buster; urgency=medium . * Backported upstream changeset 10344 to fix negotiation of DHE ciphersuites. (See #931256.) * Backported upstream changeset 10348 to fix upstream changeset 10344. inn2 (2.6.3-1+deb10u1) buster; urgency=medium . * Backported upstream changeset 10344 to fix negotiation of DHE ciphersuites. (See #931256.) jackson-databind (2.9.8-3+deb10u1) buster-security; urgency=high . * Fix CVE-2019-12384, CVE-2019-14439, CVE-2019-14540, CVE-2019-16335, CVE-2019-16942 and CVE-2019-16943. Several deserialization flaws were discovered in jackson-databind which could allow an unauthenticated user to perform code execution. The issue was resolved by extending the blacklist and blocking more classes from polymorphic deserialization. lemonldap-ng (2.0.2+ds-7+deb10u2) buster-security; urgency=high . * Add patch to fix OIDC vulnerabilities (Closes: CVE-2019-15941) libapache-mod-auth-kerb (5.4-2.4~deb10u1) buster; urgency=medium . * Rebuild for buster . libapache-mod-auth-kerb (5.4-2.4) unstable; urgency=medium . * Non-maintainer upload. * Apply patch from upstream issue tracker to fix crash (Closes: #934043) libapreq2 (2.13-7~deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Rebuild for buster-security . libapreq2 (2.13-7) unstable; urgency=high . * Source-only upload. . libapreq2 (2.13-6) unstable; urgency=high . * 05-nested-multipart-null-dereference.patch: New patch by Max Kellermann, fixes a NULL pointer dereference bug with nested multipart form submission. (Closes: #939937) libapreq2 (2.13-7~deb9u1) stretch-security; urgency=high . * Non-maintainer upload by the Security Team. * Rebuild for stretch-security . libapreq2 (2.13-7) unstable; urgency=high . * Source-only upload. . libapreq2 (2.13-6) unstable; urgency=high . * 05-nested-multipart-null-dereference.patch: New patch by Max Kellermann, fixes a NULL pointer dereference bug with nested multipart form submission. (Closes: #939937) libapreq2 (2.13-6) unstable; urgency=high . * 05-nested-multipart-null-dereference.patch: New patch by Max Kellermann, fixes a NULL pointer dereference bug with nested multipart form submission. (Closes: #939937) libarchive (3.3.3-4+deb10u1) buster-security; urgency=medium . * Non-maintainer upload by the LTS team. * CVE-2019-18408 Fix use after free in case parts of the archive are corrupt but the archive contains several headers. libdate-holidays-de-perl (2.00-2+deb10u1) buster; urgency=medium . * Mark International Childrens Day (Sep 20th) as a holiday in Thuringia from 2019 on libdatetime-timezone-perl (1:2.23-1+2019c) buster; urgency=medium . * Update to Olson database version 2019c. This update contains contemporary changes for Fiji and Norfolk Island. libofx (1:0.9.14-1+deb10u1) buster; urgency=medium . * Add upstream patch to fix CVE-2019-9656 (Closes: #924350). libreoffice (1:6.1.5-3+deb10u5) buster; urgency=medium . * debian/patches/Postgresql-12-no-adsrc.diff: add from libreoffice-6-3 branch; fix the postgresql driver with PostgreSQL 12 (closes: #943873) libreoffice (1:6.1.5-3+deb10u4) buster-security; urgency=medium . * debian/patches/expand-pyuno-path-separators.diff. debian/patches/construct-final-url-from-parsed-output.diff, debian/patches/an-absolute-uri-is-invalid-input.diff, debian/patches/Improve-check-for-absolute-URI.diff, debian/patches/Improve-check.diff: add from libreoffice-6-3(-0,-1) branch - more fixes... (CVE-2019-9854/CVE-2019-9855) * debian/patches/allow-link-updates-in-an-intermediate-linked-document.diff: add from libreoffice-6-2 branch - fix regression from CVE-2018-6871 libreoffice (1:6.1.5-3+deb10u4~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. . * debian/patches/apparmor-{cleanups,mesa,opencl}.diff, debian/patches/series, debian/rules: revert this and apparmor >= 2.13.1 recommends; stretch doesn't have apparmor on per default but let's go sure * debian/control.in, debian/patches/series, debian/libreoffice-base-drivers.NEWS, debian/patches/use-mariadb-java-instead-of-mysql-java.diff: revert for stretch-backports... * debian/patches/disableClassPathURLCheck.diff: revert configure check for stretch-backports . * tarballs/*, debian/source/include-binaries: include needed internal stuff . libreoffice (1:6.1.5-3+deb10u4) buster-security; urgency=medium . * debian/patches/expand-pyuno-path-separators.diff. debian/patches/construct-final-url-from-parsed-output.diff, debian/patches/an-absolute-uri-is-invalid-input.diff, debian/patches/Improve-check-for-absolute-URI.diff, debian/patches/Improve-check.diff: add from libreoffice-6-3(-0,-1) branch - more fixes... (CVE-2019-9854/CVE-2019-9855) * debian/patches/allow-link-updates-in-an-intermediate-linked-document.diff: add from libreoffice-6-2 branch - fix regression from CVE-2018-6871 . libreoffice (1:6.1.5-3+deb10u3) buster-security; urgency=high . * debian/patches/expand-LibreLogo-checks-to-global-events.diff, debian/patches/decode-url-escape-codes-and-check-each-path-segment.diff: debian/patches/keep-name-percent-encoded.diff debian/patches/Properly-obtain-location.diff: backport from libreoffice-6-3-0 branch - more fixes for CVE-2019-9848 and CVE-2018-16858 (CVE-2019-9850/CVE-2019-9851/CVE-2019-9852/CVE-2019-9853) libsixel (1.8.2-1+deb10u1) buster; urgency=high . * d/patches/0001-Add-malloc-size-check.patch: fix CVE-2018-19756 * d/patches/0002-assign-default-error-message.patch: fix CVE-2018-19757 * d/patches/0003-add-limitation-to-width-and-height.patch: fix CVE-2018-19759 * d/patches/0004-position-error-check.patch: fix CVE-2018-19761 * d/patches/0005-size-check.patch: fix CVE-2018-19762 * d/patches/0006-prevent-to-access-heap-overflow.patch: fix CVE-2018-19763 * d/patches/0007-check-error-for-jpeg_read_scanlines.patch: fix CVE-2019-3573 * d/patches/0008-check-number-of-repeat_count.patch: fix CVE-2019-3574 * security fix, closes: #931311 libxslt (1.1.32-2.2~deb10u1) buster; urgency=medium . * Rebuild for buster . libxslt (1.1.32-2.2) unstable; urgency=medium . * Non-maintainer upload. * Fix dangling pointer in xsltCopyText (CVE-2019-18197) (Closes: #942646) libxslt (1.1.32-2.1) unstable; urgency=medium . * Non-maintainer upload. * Fix security framework bypass (CVE-2019-11068) (Closes: #926895, #933743) * Fix uninitialized read of xsl:number token (CVE-2019-13117) (Closes: #931321, #933743) * Fix uninitialized read with UTF-8 grouping chars (CVE-2019-13118) (Closes: #931320, #933743) linux (4.19.67-2+deb10u1) buster-security; urgency=high . [ Romain Perier ] * ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit (CVE-2019-15117) * ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term (CVE-2019-15118) . [ Salvatore Bonaccorso ] * vhost: make sure log_num < in_num (CVE-2019-14835) * [x86] ptrace: fix up botched merge of spectrev1 fix (CVE-2019-15902) * KVM: coalesced_mmio: add bounds checking (CVE-2019-14821) linux (4.19.67-2+deb10u1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports; no further changes required . linux (4.19.67-2+deb10u1) buster-security; urgency=high . [ Romain Perier ] * ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit (CVE-2019-15117) * ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term (CVE-2019-15118) . [ Salvatore Bonaccorso ] * vhost: make sure log_num < in_num (CVE-2019-14835) * [x86] ptrace: fix up botched merge of spectrev1 fix (CVE-2019-15902) * KVM: coalesced_mmio: add bounds checking (CVE-2019-14821) linux-signed-amd64 (4.19.67+2+deb10u1) buster-security; urgency=high . * Sign kernel from linux 4.19.67-2+deb10u1 . [ Romain Perier ] * ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit (CVE-2019-15117) * ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term (CVE-2019-15118) . [ Salvatore Bonaccorso ] * vhost: make sure log_num < in_num (CVE-2019-14835) * [x86] ptrace: fix up botched merge of spectrev1 fix (CVE-2019-15902) * KVM: coalesced_mmio: add bounds checking (CVE-2019-14821) linux-signed-amd64 (4.19.67+2+deb10u1~bpo9+1) stretch-backports; urgency=medium . * Sign kernel from linux 4.19.67-2+deb10u1~bpo9+1 . * Rebuild for stretch-backports; no further changes required linux-signed-arm64 (4.19.67+2+deb10u1) buster-security; urgency=high . * Sign kernel from linux 4.19.67-2+deb10u1 . [ Romain Perier ] * ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit (CVE-2019-15117) * ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term (CVE-2019-15118) . [ Salvatore Bonaccorso ] * vhost: make sure log_num < in_num (CVE-2019-14835) * [x86] ptrace: fix up botched merge of spectrev1 fix (CVE-2019-15902) * KVM: coalesced_mmio: add bounds checking (CVE-2019-14821) linux-signed-arm64 (4.19.67+2+deb10u1~bpo9+1) stretch-backports; urgency=medium . * Sign kernel from linux 4.19.67-2+deb10u1~bpo9+1 . * Rebuild for stretch-backports; no further changes required linux-signed-i386 (4.19.67+2+deb10u1) buster-security; urgency=high . * Sign kernel from linux 4.19.67-2+deb10u1 . [ Romain Perier ] * ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit (CVE-2019-15117) * ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term (CVE-2019-15118) . [ Salvatore Bonaccorso ] * vhost: make sure log_num < in_num (CVE-2019-14835) * [x86] ptrace: fix up botched merge of spectrev1 fix (CVE-2019-15902) * KVM: coalesced_mmio: add bounds checking (CVE-2019-14821) linux-signed-i386 (4.19.67+2+deb10u1~bpo9+1) stretch-backports; urgency=medium . * Sign kernel from linux 4.19.67-2+deb10u1~bpo9+1 . * Rebuild for stretch-backports; no further changes required lucene-solr (3.6.2+dfsg-20+deb10u1) buster; urgency=medium . * Team upload. * Disable obsolete call to ContextHandler in solr-jetty9.xml. Install solr-permissions.conf into /etc/systemd/system/jetty9.service.d/ and override read-only permissions of Jetty9 which will allow the service to start out-of-the-box again. Thanks to Stephan Beirer for the report. (Closes: #933854, #933857) mariadb-10.3 (1:10.3.18-0+deb10u1) buster; urgency=high . * New upstream version 10.3.18. Fixes regression introduced in 10.3.17 (MDEV-20247: Replication hangs with "preparing" and never starts) (Closes: #939819) mariadb-10.3 (1:10.3.17-1) unstable; urgency=high . * New upstream version 10.3.17. Includes security fixes for: - CVE-2019-2737 - CVE-2019-2739 - CVE-2019-2740 - CVE-2019-2758 - CVE-2019-2805 * Multiple Gitlab-CI/Salsa-CI improvements * Dependency in resolveip is still included (Closes: #910902) * Update libmariadb3 symbols to match MariaDB Connector C 3.1 API * Add Lintian override for new test binary wsrep_check_version * Gitlab-CI: Clean away one excess comment left from b9d633b38 mediawiki (1:1.31.4-1~deb10u1) buster-security; urgency=medium . * New upstream version 1.31.4 (security release), fixing CVE-2019-16738. Add an additional patch, already merged upstream, to fix a fatal error caused by the upstream security patch. modsecurity-crs (3.1.0-1+deb10u1) buster; urgency=medium . * Add upstream patch to fix php script upload rules. CVE-2019-13464 (Closes: #943773) mutter (3.30.2-9~deb10u1) buster; urgency=medium . * Team upload * Rebuild for Debian 10 * d/gbp.conf: Set packaging branch to debian/buster . mutter (3.30.2-9) unstable; urgency=medium . * Team upload * d/libmutter-3-0.bug-control: Include GL drivers in bug reports * d/p/renderer-native-Fix-EGLSurface-destruction-order.patch: Fix attribution * d/p/wayland-output-Set-user-data-of-xdg_output-resource.patch: Add bug references for #932428, #932767 and #932781, and retroactively mark them as closed by this patch in the previous changelog entry, based on feedback from bug reporters . mutter (3.30.2-8) unstable; urgency=medium . * Team upload * Update to upstream gnome-3-30 branch at 3.30.2-42-g2a81dc45e - d/p/clutter-x11-Consider-remapped-keys-when-guessing-the-keyc.patch: Fix repeated inputs from extended characters (long-press) in on-screen keyboard - d/p/compositor-Destroy-window-actors-list-on-destruction.patch, d/p/window-actor-Set-actor-as-compositor-private-in-window-be.patch, d/p/surface-actor-x11-Assign-X11-Display-only-if-we-have-reso.patch, d/p/surface-actor-x11-Bind-the-surface-actor-resources-to-win.patch, Fix intermittent crashes on exit/reload - d/p/compositor-Disconnect-from-stage-signals-on-destruction.patch: Fix stuck windows if an application stops responding and one of its windows gets unmanaged - d/p/clutter-x11-Implement-keycode-remap-to-keysyms-on-virtual.patch: Fix missing inputs from extended characters (long-press) in on-screen keyboard - d/p/cursor-renderer-native-Free-MetaCursorNativePrivate-struc.patch: Fix a small memory leak - d/p/wayland-seat-Use-g_free-to-cleanup-MetaWaylandSeat.patch: Fix an incorrect free-function that could lead to memory corruption - d/p/cogl-pipeline-Don-t-try-to-access-to-free-d-pointer-data.patch: Fix use-after-free - d/p/renderer-native-add-missing-eglTerminate-in-EGLDevice-err.patch: Avoid reusing an amdgpu display connection if EGL is missing the desired extensions - d/p/workspace-Focus-only-ancestors-that-are-focusable.patch, d/p/window-x11-Focus-the-default-window-with-delay-while-wait.patch, d/p/window-x11-Add-lost-definition-for-TAKE_FOCUS_FALLBACK_DE.patch, d/p/window-x11-Focus-a-window-in-the-active-workspace-as-take.patch, d/p/window-x11-Remove-double-definition-of-MetaStack.patch: Fix crashes involving window focus with some applications, notably JetBrains IDE - d/p/window-Emit-an-error-and-return-when-trying-to-activate-a.patch: Fix crashes when an unmanaged window is activated - d/p/window-x11-Don-t-double-check-for-unmanaging-windows.patch, d/p/window-x11-Accept-any-focusable-window-as-fallback-focus.patch, d/p/stack-Add-a-function-to-get-a-sorted-list-of-focus-candid.patch, d/p/window-x11-Use-any-focusable-window-as-fallback-delayed-f.patch: Fix hang when windows take focus but do not accept input - d/p/Updated-Spanish-translation.patch: Update translations - d/p/tests-Add-accept_focus-command-to-runner-and-client.patch, d/p/tests-Add-can_take_focus-command-to-runner-and-client.patch, d/p/tests-stacking-Add-tests-with-no-input-and-no-take-focus-.patch, d/p/test-runner-Add-assert_focused-command.patch, d/p/tests-Verify-focused-window-in-closed-transient-tests.patch, d/p/test-runner-Add-sleep-command.patch, d/p/test-runner-Add-dispatch-command.patch, d/p/Makefile-tests-Fix-paths-for-stacking-metatests.patch, d/p/test-client-Add-x11-events-GSource-handler.patch, d/p/tests-Add-accept_take_focus-command.patch: Improve test coverage related to the above bug fixes * d/p/wayland-output-Set-user-data-of-xdg_output-resource.patch: Backport patch from 3.32.1 to fix use-after-free in Wayland monitor management (Closes: #932428, #932767, #932781) * d/libmutter-3-0.symbols: Add meta_stack_get_default_focus_candidates(), which is added by a patch * d/gbp.conf: Set branch to debian/unstable * d/p/renderer-native-Use-g_set_error-instead-of-_cogl_set_erro.patch, d/p/renderer-native-Make-sure-we-re-not-destroying-an-active-.patch, d/p/renderer-native-Fix-EGLSurface-destruction-order.patch: Backport patches from upstream gnome-3-32 branch to fix another use-after-free crash that can be triggered by suspend/resume mutter (3.30.2-8) unstable; urgency=medium . * Team upload * Update to upstream gnome-3-30 branch at 3.30.2-42-g2a81dc45e - d/p/clutter-x11-Consider-remapped-keys-when-guessing-the-keyc.patch: Fix repeated inputs from extended characters (long-press) in on-screen keyboard - d/p/compositor-Destroy-window-actors-list-on-destruction.patch, d/p/window-actor-Set-actor-as-compositor-private-in-window-be.patch, d/p/surface-actor-x11-Assign-X11-Display-only-if-we-have-reso.patch, d/p/surface-actor-x11-Bind-the-surface-actor-resources-to-win.patch, Fix intermittent crashes on exit/reload - d/p/compositor-Disconnect-from-stage-signals-on-destruction.patch: Fix stuck windows if an application stops responding and one of its windows gets unmanaged - d/p/clutter-x11-Implement-keycode-remap-to-keysyms-on-virtual.patch: Fix missing inputs from extended characters (long-press) in on-screen keyboard - d/p/cursor-renderer-native-Free-MetaCursorNativePrivate-struc.patch: Fix a small memory leak - d/p/wayland-seat-Use-g_free-to-cleanup-MetaWaylandSeat.patch: Fix an incorrect free-function that could lead to memory corruption - d/p/cogl-pipeline-Don-t-try-to-access-to-free-d-pointer-data.patch: Fix use-after-free - d/p/renderer-native-add-missing-eglTerminate-in-EGLDevice-err.patch: Avoid reusing an amdgpu display connection if EGL is missing the desired extensions - d/p/workspace-Focus-only-ancestors-that-are-focusable.patch, d/p/window-x11-Focus-the-default-window-with-delay-while-wait.patch, d/p/window-x11-Add-lost-definition-for-TAKE_FOCUS_FALLBACK_DE.patch, d/p/window-x11-Focus-a-window-in-the-active-workspace-as-take.patch, d/p/window-x11-Remove-double-definition-of-MetaStack.patch: Fix crashes involving window focus with some applications, notably JetBrains IDE - d/p/window-Emit-an-error-and-return-when-trying-to-activate-a.patch: Fix crashes when an unmanaged window is activated - d/p/window-x11-Don-t-double-check-for-unmanaging-windows.patch, d/p/window-x11-Accept-any-focusable-window-as-fallback-focus.patch, d/p/stack-Add-a-function-to-get-a-sorted-list-of-focus-candid.patch, d/p/window-x11-Use-any-focusable-window-as-fallback-delayed-f.patch: Fix hang when windows take focus but do not accept input - d/p/Updated-Spanish-translation.patch: Update translations - d/p/tests-Add-accept_focus-command-to-runner-and-client.patch, d/p/tests-Add-can_take_focus-command-to-runner-and-client.patch, d/p/tests-stacking-Add-tests-with-no-input-and-no-take-focus-.patch, d/p/test-runner-Add-assert_focused-command.patch, d/p/tests-Verify-focused-window-in-closed-transient-tests.patch, d/p/test-runner-Add-sleep-command.patch, d/p/test-runner-Add-dispatch-command.patch, d/p/Makefile-tests-Fix-paths-for-stacking-metatests.patch, d/p/test-client-Add-x11-events-GSource-handler.patch, d/p/tests-Add-accept_take_focus-command.patch: Improve test coverage related to the above bug fixes * d/p/wayland-output-Set-user-data-of-xdg_output-resource.patch: Backport patch from 3.32.1 to fix use-after-free in Wayland monitor management (potentially fixes #932428, #932767, #932781) * d/libmutter-3-0.symbols: Add meta_stack_get_default_focus_candidates(), which is added by a patch * d/gbp.conf: Set branch to debian/unstable * d/p/renderer-native-Use-g_set_error-instead-of-_cogl_set_erro.patch, d/p/renderer-native-Make-sure-we-re-not-destroying-an-active-.patch, d/p/renderer-native-Fix-EGLSurface-destruction-order.patch: Backport patches from upstream gnome-3-32 branch to fix another use-after-free crash that can be triggered by suspend/resume ncurses (6.1+20181013-2+deb10u2) buster; urgency=medium . * Cherry-pick tic fixes from upstream patchlevels 20191012, 20191015 and 20191019 (Closes: #942401). - Check for invalid hashcode in _nc_find_type_entry and nc_find_entry (CVE-2019-17594). - Check for missing character after backslash in fmt_entry (CVE-2019-17595). - Check for acsc with odd length in dump_entry in check for one-one mapping. - Check for missing character after backslash in write_it. - Modify tic to exit if it cannot remove a conflicting name, because treating that as a partial success can cause an infinite loop in use-resolution. ndppd (0.2.5-4+deb10u1) buster; urgency=medium . * Patch to avoid word writable pid file, that was breaking daemon init scripts. (Closes: #942117) * postinst script fixing pid file permissions for pre 0.2.5-4+deb10u1 running daemons. network-manager (1.14.6-2+deb10u1) stable; urgency=medium . * core: fix file permissions for "/var/lib/NetworkManager/secret_key" Patch cherry-picked from upstream. * Fix permissions of /var/lib/NetworkManager/secret_key on upgrades. The file mode is supposed to be 0600. (Closes: #941609) * Install directories as created by upstream build system. Drop network-manager.dirs and instead use the directories created by the upstream build system. Fix permissions of /var/lib/NetworkManager to be 0700 as it contains possibly sensitive data and should not be world-readable. * d/gbp.conf: Set debian-branch to buster nghttp2 (1.36.0-2+deb10u1) buster-security; urgency=high . * Fix CVE-2019-9511 and CVE-2019-9513. node-fstream (1.0.10-1+deb10u1) buster; urgency=medium . * Team upload * Clobber a Link if it's in the way of a File (Closes: #931408, CVE-2019-13173) node-set-value (0.4.0-1+deb10u1) buster; urgency=medium . * Team upload * Fix prototype pollution (Closes: #941189, CVE-2019-10747) * Add test for CVE-2019-10747 node-yarnpkg (1.13.0-1+deb10u1) buster; urgency=medium . * Team upload * Add patch to force using https for the regular registries (Closes: #941354, CVE-2019-5448) nx-libs (2:3.5.99.19-3+deb10u2) buster; urgency=medium . * debian/patches: + Fix 0033_Screen.c-fix-two-memleaks.patch. Was not fully cherry-picked. Fixes double free issue. (Closes: #940103). + Add 0051-Screen.c-initialize-RandR-only-on-startup.patch. Regression fix introduced with +deb10u1 upload (by patch 0014). open-vm-tools (2:10.3.10-1+deb10u2) buster; urgency=medium . * [d512626] Fix memory leaks and error handling. From the upstream stable-10.3.10-vix-memory-leaks branch: commit 26b9edbeb79d1c67b9ae73a0c97c48999c1fb503 Fix leaks in ListAliases and ListMappedAliases commit 7b874f37f970aab2adddb063a8363594f47abf70 End VGAuth impersonation in the case of error. commit 015db4c06a8be65eb96cf62421e8b5366993452f Fix memory leaks in 'vix' tools plugin. Thanks to Oliver Kurth (Closes: #941955) opendmarc (1.3.2-6+deb10u1) buster-security; urgency=high . * CVE-2019-16378: https://github.com/trusteddomainproject/OpenDMARC/pull/48 to address incorrect DMARC pass results with multi-from mail (Closes: #940081) openssh (1:7.9p1-10+deb10u1) buster-security; urgency=high . * Apply upstream patch to deny (non-fatally) shmget/shmat/shmdt in preauth privsep child, coping with changes in OpenSSL 1.1.1d that broke OpenSSH on Linux kernels before 3.19 (closes: #941663). openssl (1.1.1d-0+deb10u2) buster-security; urgency=medium . * Reenable AES-CBC-HMAC-SHA ciphers (Closes: #941987). openssl (1.1.1d-0+deb10u1) buster-security; urgency=medium . * New upstream version - CVE-2019-1549 (Fixed a fork protection issue). - CVE-2019-1547 (Compute ECC cofactors if not provided during EC_GROUP construction). - CVE-2019-1563 (Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey). * Update symbol list openvswitch (2.10.0+2018.08.28+git.8ca7c82b7d+ds1-12+deb10u1) buster; urgency=medium . * Some fixups in debian/ifupdown.sh to allow setting-up the MTU. * Document how to do Bond + Bridge + VLAN + MTU. * Correct dependency on python3-six instead of python-six (Closes: #931104). pam-python (1.0.6-1.1+deb10u1) buster-security; urgency=high . * Backport fix CVE-2019-16729 backport from 1.0.7. pam-python (1.0.6-1.1+deb9u1) stretch-security; urgency=high . * Backport fix CVE-2019-16729 backport from 1.0.7. php7.3 (7.3.11-1~deb10u1) buster-security; urgency=medium . * New upstream version 7.3.11 php7.3 (7.3.10-1) unstable; urgency=medium . * New upstream version 7.3.10 php7.3 (7.3.9-1) unstable; urgency=medium . * New upstream version 7.3.9 php7.3 (7.3.9-1~deb10u1) buster-security; urgency=high . * New upstream version 7.3.9 * php7.3-curl: Add Breaks against php7.0-curl for smoother upgrades from stretch. (Closes: #929689) php7.3 (7.3.8-1) unstable; urgency=medium . * New upstream version 7.3.8 * Rebase patches for PHP 7.3.8 php7.3 (7.3.6-1) unstable; urgency=medium . [ Ondřej Surý ] * New upstream version 7.3.6 . [ Andreas Beckmann ] * php7.3-curl: Add Breaks against php7.0-curl for smoother upgrades from stretch. (Closes: #929689) picard (2.1.2-1+deb10u1) buster; urgency=medium . * debian/gbp.conf: Work in buster branch * debian/patches: Update translations to fix crash with Spanish locale (Closes: #941464) plasma-applet-redshift-control (1.0.18-2+deb10u1) buster; urgency=medium . * Import upstream-submitted patch to fix manual mode for redshift >= 1.12 (Closes: #910901) postfix (3.4.7-0+deb10u1) buster; urgency=medium . [Wietse Venema] . * 3.4.6 - Documentation: tlsext_padding is not a tls_ssl_options feature. File: proto/postconf.proto. - Portability: added "#undef sun" to util/unix_dgram_connect.c (documented for completeness - no impact on Debian) - Bugfix (introduced: Postfix 2.3): a censoring filter broke multiline Milter responses for header/body events. Problem report by Andreas Thienemann. Files: util/printable.c, util/stringops.h, smtpd/smtpd.c - Bugfix (introduced: Postfix 3.3): "smtp_mx_address_limit = 0" no longer meant 'unlimited'. Problem report by Luc Pardon. File: smtp/smtp_addr.c. - Documentation: updated the BUGS section in the smtp(8) manpage about TLS connection reuse. File: smtp/smtp.c. - Workaround for implementations that hang Postfix while shutting down a TLS session, until Postfix times out. With "tls_fast_shutdown_enable = yes" (the default), Postfix no longer waits for the TLS peer to respond to a TLS 'close' request. This is recommended with TLSv1.0 and later. Files: global/mail_params.h, tls/tls_session.c, and documentation. - Bugfix (introduced: Postfix 3.0): the code to reset Postfix SMTP server command counts was not called after a HaProxy handshake failure, causing stale numbers to be reported. The command counts are now reset in the function that reports the counts. File: smtpd/smtpd.c. * 3.4.7 - Bugfix: the documentation said tls_fast_shutdown_enable, but the code said tls_fast_shutdown. Viktor Dukhovni. Changed the code because no-one is expected to override the default. File: global/mail_params.h. - Workaround for poor TCP loopback performance on LINUX, where getsockopt(..., TCP_MAXSEG, ..) reports a TCP maximal segment size that is 1/2 to 1/3 of the MTU. For example, with kernel 5.1.16-300.fc30.x86_64 the TCP client and server announce an mss of 65495 in the TCP handshake, but getsockopt() returns 32741 (less than half). As a matter of principle, Postfix won't turn on client-side TCP_NODELAY because that hides application performance bugs, and because that still suffers from server-side delayed ACKs. Instead, Postfix avoids sending "small" writes back-to-back, by choosing a VSTREAM buffer size that is a multiple of the reported MSS. This workaround bumps the multiplier from 2x to 4x. File: util/vstream_tweak.c. - Bugfix (introduced: 20051222): the Dovecot client could segfault (null pointer read) or cause an SMTP server assertion to fail when talking to a fake Dovecot server. The client now logs a proper error instead. Problem reported by Tim Düsterhus. File: xsasl/xsasl_dovecot_server.c. - Bugfix (introduced: Postfix 3.4): don't whitewash OpenSSL error results after a plaintext output error. The code could loop, and with some OpenSSL error results could flood the log with error messages (see below for a specific case). Problem reported by Andreas Schulze. File: tlsproxy/tlsproxy.c. - Bitrot: don't invoke SSL_shutdown() when the SSL engine thinks it is processing a TLS handshake. The commit at https://github.com/openssl/openssl/commit/64193c8218540499984cd63cda41f3cd491f3f59 changed the error status, incompatibly, from SSL_ERROR_NONE into SSL_ERROR_SSL. File: tlsproxy/tlsproxxy.c. proftpd-dfsg (1.3.6-4+deb10u2) buster-security; urgency=medium . * Add patch from upstream to address CVE-2019-18217. (Closes: #942831) python-cryptography (2.6.1-3+deb10u2) buster; urgency=medium . * Cherrypick 92241410b5b0591d849443b3023992334a4be0a2 and 9a22851fab924fd58482fdad3f8dd23dc3987f91 from upstream which addresses a memory leak triggerable when parsing x509 certificate extensions like AIA, thanks to Valentin Gutierrez for the report (Closes: #941413) python-cryptography (2.6.1-3+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport two patches to fix the testsute with newer openssl. * Ignore test_load_ecdsa_no_named_curve in the testsuite because it known to break with newer openssl (Closes: #940547). python-flask-rdf (0.2.1-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Add Depends on python{3,}-rdflib. (Closes: #896358, #896385) python-oslo.messaging (8.1.4-1+deb10u1) buster; urgency=medium . * New upstream point release, with an important fix: - Fix switch connection destination when a rabbitmq cluster node disappear. python-werkzeug (0.14.1+dfsg1-4+deb10u1) buster; urgency=medium . * Unique debugger PIN in Docker containers (Closes: #940935, CVE-2019-14806) python2.7 (2.7.16-2+deb10u1) buster; urgency=medium . * CVE-2018-20852 * CVE-2019-10160 * CVE-2019-16056 (Closes: #940901) * CVE-2019-16935 * CVE-2019-9740 * CVE-2019-9947 qemu (1:3.1+dfsg-8+deb10u2) buster-security; urgency=medium . * slirp-fix-heap-overflow-in-ip_reass-on-big-packet-input-CVE-2019-14378.patch Closes: #933741, CVE-2019-14378 (slirp heap buffer overflow) * qemu-bridge-helper-restrict-interface-name-to-IFNAMSIZ-CVE-2019-13164.patch Closes: #931351, CVE-2019-13164 (qemu-bridge-helper ifname overflow) * linux-user-sanitize-interp_info-for-mips-only.patch Closes: #933650 (some mips binaries fails to start) qemu (1:3.1+dfsg-8) unstable; urgency=high . * sun4u-add-power_mem_read-routine-CVE-2019-5008.patch fixes a null-pointer dereference in sparc/sun4u emulated hw Closes: #927439, CVE-2019-5008 * enable-md-no.patch & enable-md-clear.patch mitigation for MDS (Microarchitectural Data Sampling) issues Closes: #929067, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 * qxl-check-release-info-object-CVE-2019-12155.patch fixes null-pointer deref in qxl cleanup code Closes: #929353, CVE-2019-12155 * aarch32-exception-return-to-switch-from-hyp-mon.patch fixes booting U-Boot in UEFI mode on aarch32 Closes: #927763 * stop qemu-system-common pre-depending on adduser Closes: #929261 qtbase-opensource-src (5.11.3+dfsg1-1+deb10u1) buster-security; urgency=high . * Fix crash when text contains too many directional chars (CVE-2019-18281). quota (4.04-2+deb10u1) buster; urgency=medium . * With permission of maintainer, backport fix to stable to prevent rpc.rquotad spinning at 100% CPU. Closes: #931855. rpcbind (1.2.5-0.3+deb10u1) buster; urgency=medium . * Add 00-rmt-calls.patch (Closes: #939877): + Add command line option to enable remote calls at runtime + Refresh debian/patches * debian/control: Update maintainer information * Add debian/README.debian explaining remote calls activation for Debian systems * Add debian/NEWS ruby-loofah (2.2.3-1+deb10u1) stable-security; urgency=high . * Team upload . * debian/patches - add 0002-Fix-CVE-2019-15587.patch (Closes: #942894) (CVE-2019-15587) shelldap (1.4.0-4+deb10u1) buster; urgency=medium . * Repair SASL authentications, add a 'sasluser' option (Closes: #941411) + Don't provide a password for sasl authentication + Fix sasl for DIGEST-MD5, PLAIN, and LOGIN mechanisms simplesamlphp (1.16.3-1+deb10u1) buster-security; urgency=high . * Fix security issue CVE-2019-3465. sogo (4.0.7-1+deb10u1) buster; urgency=medium . * Omit signedViewer altogether when not using openssl. Thanks Hanno Stock <hanno.stock@indurad.com> for the patch. (Closes: #889994) * Set debian-branch to buster in gbp.conf. spf-engine (2.9.1-0+deb10u1) buster; urgency=medium . * New upstream bugfix release * Put upstream provided init file where dh_installinit expects to find it so it is properly registered on install * Update debian/watch so limit itself to version 2.9.x updates for buster * Update debian/patches/0001-install-conf-fix.patch for missed change needed in sysv init spip (3.2.4-1+deb10u1) buster-security; urgency=medium . * Backport security fixes from 3.2.5 - Critical security fix, allowing unidentified visitor to modify any published content and execute other modifications in database [CVE-2019-16391] - Other security fixes: + better sanitization on redirections [CVE-2019-16393] + don’t disclose if user exists when resetting password [CVE-2019-16394] + better error message sanitization on login page [CVE-2019-16392] - Update security screen to 1.3.12 * Add d/gbp.conf for buster * Add CVE ID to previous changelog entry * Refresh patch headers standardskriver (0.0.3-2+deb10u1) buster; urgency=medium . * debian/patches: + Add 0001_RawConfigParser-use-new-method-read_file-instead-of-.patch. Fix deprecation warning by config.RawConfigParser. + Add 0002_standardskriver-Use-ip-command-rather-than-deprecate.patch. Use external "ip" command rather than deprecated "ifconfig" command. This fixes (essential) local system's IPv4 detection. (Closes: #944244). sudo (1.8.27-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Treat an ID of -1 as invalid since that means "no change" (CVE-2019-14287) * Fix test failure in plugins/sudoers/regress/testsudoers/test5.sh swi-prolog (8.0.2+dfsg-3+deb10u1) buster; urgency=medium . * Add patch to fix pack-server. SWI-Prolog upstream servers were switched from http to https, so pack_install stopped working. This patch changes pack_install to use https. (Closes: #939257) systemd (241-7~deb10u2) buster; urgency=medium . * core: never propagate reload failure to service result. Fixes a regression introduced in v239 where the main process of a service unit gets killed on reload if ExecReload fails. (Closes: #936032) * shared/seccomp: add sync_file_range2. Some architectures need the arguments to be reordered because of alignment issues. Otherwise, it's the same as sync_file_range. Fixes sync_file_range failures in nspawn containers on arm, ppc. (Closes: #935091) * core: factor root_directory application out of apply_working_directory. Fixes RootDirectory not working when used in combination with User. (Closes: #939408) * shared/bus-util: drop trusted annotation from bus_open_system_watch_bind_with_description(). This ensures that access controls on systemd-resolved's D-Bus interface are enforced properly. (CVE-2019-15718, Closes: #939353) * login: add a missing error check for session_set_leader() Fixes assertion due to insufficient function return check. (Closes: #939998) * d/e/r/73-usb-net-by-mac.rules: import net.ifnames only for network devices (Closes: #934589) * d/e/r/73-usb-net-by-mac.rules: skip if iface name was provided by user-space * namespace: make MountFlags=shared work again (Closes: #939551) * mount/generators: do not make unit wanted by its device unit. Among other things, this fixes StopWhenUnneeded=true being broken for mount units. (Closes: #941758) tcpdump (4.9.3-1~deb10u1) buster-security; urgency=high . * New upstream release, with fixes for 24 different CVEs (closes: #941698). This is an upstream update on top of the 4.9.2-3 package and does not include other changes from the 4.9.3 package in bullseye. * Disable tests that require a newer libpcap version. tcpdump (4.9.3-1~deb9u1) stretch-security; urgency=high . * New upstream release, with fixes for 24 different CVEs (closes: #941698). This is an upstream update on top of the 4.9.2-1~deb9u1 package. * Disable tests that require a newer libpcap version. tcpdump (4.9.3~git20190901-2) unstable; urgency=medium . * Disable failing IKEv2 test again to fix build on ppc64el. tcpdump (4.9.3~git20190901-1) unstable; urgency=low . * New upstream snapshot from the tcpdump-4.9 branch: + Includes fix for CVE-2017-16808 (closes: #881862). + Fixes ESP decryption on ppc64el (and others), re-enable tests. * Drop root privileges by default (closes: #935112): + debian/rules: Configure --with-user=tcpdump. + debian/tcpdump.post{inst,rm}: Create/delete a 'tcpdump' system group and user. + debian/control: Add dependency on adduser. + debian/patches/drop-privs-after-opening-savefile.diff: New patch (from Fedora) to drop root privileges *after* opening the savefile when possible, to alleviate possible inconvenience if the target directory is not writable by user tcpdump. + debian/patches/drop-privs-silently.diff: New patch (from Fedora) to drop root privileges silently. + debian/usr.sbin.tcpdump: Add chown capability, and update rules about device discovery. + debian/NEWS: Mention how to run tcpdump as root. * Bump Standards-Version to 4.4.0. thunderbird (1:60.9.0-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security * [9802e1d] Revert "Use gcc-8 and g++-8 due broken build with GCC-9" thunderbird (1:60.9.0-1~deb9u1) stretch-security; urgency=medium . [ Carsten Schoenert ] * Rebuild for stretch-security thunderbird (1:60.8.0-2) unstable; urgency=medium . * [41e9047] d/rules: work around carge needs a HOME dir * [c67707c] Use gcc-8 and g++-8 due broken build with GCC-9 thunderbird (1:60.8.0-1) unstable; urgency=medium . * [49f4e91] New upstream version 60.8.0 Fixed CVE issues in upstream version 60.8.0 (MFSA 2019-23) CVE-2019-9811: Sandbox escape via installation of malicious language pack CVE-2019-11711: Script injection within domain through inner window reuse CVE-2019-11712: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects CVE-2019-11713: Use-after-free with HTTP/2 cached stream CVE-2019-11729: Empty or malformed p256-ECDH public keys may trigger a segmentation fault CVE-2019-11715: HTML parsing error can contribute to content XSS CVE-2019-11717: Caret character improperly escaped in origins CVE-2019-11719: Out-of-bounds read when importing curve25519 private key CVE-2019-11730: Same-origin policy treats all files in a directory as having the same-origin CVE-2019-11709: Memory safety bugs fixed in Firefox 68, Firefox ESR 60.8, and Thunderbird 60.8 tmpreaper (1.6.14+deb10u1) buster; urgency=medium . * Non-maintainer upload with maintainer approval. * Add `--protect '/tmp/systemd-private*/*'` to cron job to prevent breaking systemd services that have PrivateTmp=true (closes: #881725). trafficserver (8.0.2+ds-1+deb10u1) buster-security; urgency=high . * Add patch for security backport from 8.0.4 for CVE-2019-9512, CVE-2019-9514, and CVE-2019-9515. (Closes: #934887) * Add patch for security backport from 8.0.5 for fixes CVE-2019-9518 (Closes: #935314) trapperkeeper-webserver-jetty9-clojure (1.7.0-2+deb10u1) buster; urgency=medium . [ Manfred Stock ] * Add patch for SSL compatibility with newer Jetty (closes: #930562). tzdata (2019c-0+deb10u1) buster; urgency=medium . * New upstream version, affecting the following future timestamps: - Fiji's next DST transitions will be 2019-11-10 and 2020-01-12 instead of 2019-11-03 and 2020-01-19. - Norfolk Island will observe Australian-style DST starting in spring 2019. The first transition is on 2019-10-06. tzdata (2019c-0+deb9u1) stretch; urgency=medium . * New upstream version, affecting the following future timestamps: - Fiji's next DST transitions will be 2019-11-10 and 2020-01-12 instead of 2019-11-03 and 2020-01-19. - Norfolk Island will observe Australian-style DST starting in spring 2019. The first transition is on 2019-10-06. tzdata (2019b-2) unstable; urgency=medium . * Change provides to tzdata-bullseye from tzdata-buster. tzdata (2019b-1) unstable; urgency=medium . * New upstream version, affecting the following past and future timestamps: - Brazil has canceled DST and will stay on standard time indefinitely. - Predictions for Morocco now go through 2087 instead of 2037. - Palestine's 2019 spring transition was 03-29 at 00:00, not 03-30 at 01:00. Guess future transitions to be March's last Friday at 00:00. - Many corrections to historical Hong Kong transitions from 1941 to 1947. ublock-origin (1.22.2+dfsg-1~deb10u1) buster; urgency=medium . * Backport of 1.22.2+dfsg-1 to Buster. (Closes: #943470, #925337) ublock-origin (1.22.2+dfsg-1~deb9u1) stretch; urgency=medium . * Backport of 1.22.2+dfsg-1 to Stretch. (Closes: #943470, #925337) ublock-origin (1.19.0+dfsg-2) unstable; urgency=medium . * Upload to unstable. * Declare compliance with Debian Policy 4.4.0. ublock-origin (1.19.0+dfsg-1) experimental; urgency=medium . [ Michael Meskes ] * Change package layout to allow for different file for each browser while at the same time keeping firefox working despite its dislike for symlinks. (Closes: #926586) . [ Markus Koschany ] * New upstream version 1.19.0+dfsg. ublock-origin (1.18.10+dfsg-1) experimental; urgency=medium . * New upstream version 1.18.10+dfsg. * Fix ublock-origin being disabled with Firefox 66. (Closes: #925337) * Switch to compat level 12. uim (1:1.8.8-4+deb10u2) buster; urgency=medium . [ HIGUCHI Daisuke (VDR dai) ] * resurrect libuim-data as a transitional package (Closes: #939588). After upgrading from stretch to buster, if purging libuim-data, its postrm script deletes /var/lib/uim/*.scm files required by uim. This libuim-data transitional package can be removed safely. . [ NOKUBI Takatsugu ] * d/control: uim-data depends libuim-data dummy package, change the description. * d/libuim-data.postint: re-register all modules, fix #939588 unbound (1.9.0-2+deb10u1) buster-security; urgency=high . * Apply NLnet Labs patch for CVE-2019-16866 (Closes: #941692) vanguards (0.3.1-2~deb10u1) buster; urgency=medium . * Rebuild for buster stable updates * Includes important security fix to prevent a reload of tor's configuration via SIGHUP causing a denial-of-service for vanguards protections. Details on this issue can be seen at: - https://github.com/mikeperry-tor/vanguards/issues/40 vanguards (0.3.1-2~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. vanguards (0.3.1-1) unstable; urgency=medium . * New upstream version 0.3.1 varnish (6.1.1-1+deb10u1) buster-security; urgency=medium . * CVE-2019-15892, thanks to sesse for the backport webkit2gtk (2.26.1-3~deb10u1) buster-security; urgency=high . * Rebuild for buster-security. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. * The WebKitGTK security advisory WSA-2019-0005 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2019-8768 (fixed in 2.24.0). + CVE-2019-8735 (fixed in 2.24.2). + CVE-2019-8726 (fixed in 2.24.3). + CVE-2019-8674, CVE-2019-8707, CVE-2019-8719, CVE-2019-8733 and CVE-2019-8763 (fixed in 2.24.4). + CVE-2019-8625, CVE-2019-8720, CVE-2019-8769 and CVE-2019-8771 (fixed in 2.26.0). webkit2gtk (2.26.1-3~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. webkit2gtk (2.26.1-3~bpo9+2) stretch-backports-sloppy; urgency=medium . * debian/patches/is-same-v.patch: + Define also std::is_pod_v * debian/patches/fix-atomics-build.patch: + Use libatomic in libWTF. This fixes the armel build. webkit2gtk (2.26.1-3~bpo9+1) stretch-backports-sloppy; urgency=medium . * Rebuild for stretch-backports-sloppy. * debian/control: + Versions of GStreamer < 1.13 had GStreamerGL in the "bad" set, so depend on libgstreamer-plugins-bad1.0-dev and don't require GStreamer 1.13. Don't install libgstreamer-plugins-bad1.0-dev in armel or armhf: the usage of two different GL implementations causes a build failure (see WebKit bug #175127). + Remove build dependency on libwoff-dev, this is not available in this Debian release. + Don't recommend gstreamer1.0-gl, that package is not available in this Debian release. + Don't depend on libopenjp2-7-dev. + Build depend on clang-7. + Remove Breaks for Evolution < 3.34.1. + Require Bubblewrap 0.3.1. * debian/rules: + Build with -DENABLE_MEDIA_SOURCE=OFF. This feature requires a more recent version of GStreamer. + Build with -DUSE_OPENJPEG=OFF. This feature requires a more recent version of libopenjp2-7-dev. + Pass CC and CXX to dh_auto_configure so it uses clang instead of gcc. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/patches/is-same-v.patch: + Define std::is_same_v * debian/patches/fix-gtkdoc-generation.patch: + Fix gtk-doc generation. * debian/patches/safe-multiply.patch: + Fix link errors in 32-bit CPUs with clang * debian/libwebkit2gtk-4.0-37.symbols: + Mark webkit_emoji_chooser_get_type as optional, this requires a more recent version of GTK. webkit2gtk (2.26.1-2) unstable; urgency=medium . * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary. * debian/gbp.conf: + Update upstream branch name. webkit2gtk (2.26.1-1) experimental; urgency=medium . [ Jeremy Bicha ] * Suggest instead of Recommend gstreamer1.0-libav on Ubuntu . [ Alberto Garcia ] * New upstream release. webkit2gtk (2.26.0-1) experimental; urgency=medium . * New upstream release. * debian/watch: + Scan stable releases only. * debian/copyright: + Remove nonexistent files. * Add a dummy libwebkit2gtk-4.0-37-gtk2 with a transition plan for people who still need to use Flash. + debian/control: - Add the package, suggest browser-plugin-freshplayer-pepperflash. + debian/libwebkit2gtk-4.0-37-gtk2.NEWS: - Add news item about the Flash transition plan. webkit2gtk (2.25.92-1) experimental; urgency=medium . * New upstream development release. * Refresh all patches. * debian/source/lintian-overrides: + Update source-is-missing override. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. webkit2gtk (2.25.4-1) experimental; urgency=medium . * New upstream development release. * Refresh all patches. * debian/source/lintian-overrides: + Update source-is-missing override. * Use the CLoop Javascript interpreter in i386 and stop telling gcc to use SSE2 instructions (Closes: #930935). + debian/rules: - Build with -DENABLE_JIT=OFF -DENABLE_C_LOOP=ON and stop using -msse2 -mfpmath=sse. + debian/patches/dont-detect-sse2.patch: - Don't check for SSE2 support. + debian/NEWS: - Remove item about the requirement to have an SSE2-capable CPU. * WebKitGTK 2.25.3 no longer ships the GTK 2 plugin process: + debian/control: - Drop build dependency on libgtk2.0-dev. - Remove the libwebkit2gtk-4.0-37-gtk2 package. + debian/NEWS: - Add item explaining the removal of the GTK 2 plugin process. + debian/libwebkit2gtk-4.0-37-gtk2.install: - Drop this file. * debian/control: + Recommend gstreamer1.0-libav. This package allows the user to play most internet videos (Closes: #870814). + Update Standards-Version to 4.4.0 (no changes). * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. webkit2gtk (2.25.2-1) experimental; urgency=medium . * New upstream development release. * debian/patches/webdriver-path.patch, debian/patches/fix-ftbfs-hurd.patch: + Remove. * debian/patches/detect-woff.patch + Refresh. * debian/rules: + Build with -DUSE_WPE_RENDERER=OFF. webkit2gtk (2.25.1-1) experimental; urgency=medium . * New upstream development release. * Refresh all patches. * debian/rules: + Don't add -msse2 manually to CFLAGS, WebKitGTK does this automatically now. * debian/control: + Add build and runtime dependencies on bubblewrap, xdg-dbus-proxy and libseccomp-dev (ENABLE_BUBBLEWRAP_SANDBOX is now on by default). * debian/patches/webdriver-path.patch: + Fix name of the WebKitWebDriver executable. * debian/watch, debian/gbp.conf: + Update for 2.25.x packages in experimental. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. webkit2gtk (2.24.4-1) unstable; urgency=medium . * New upstream release (Closes: #931807). * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. webkit2gtk (2.24.4-1~deb10u1) buster-security; urgency=high . * Rebuild for buster-security. * The WebKitGTK security advisory WSA-2019-0004 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2019-8671, CVE-2019-8672, CVE-2019-8677, CVE-2019-8679 and CVE-2019-8686 (fixed in 2.24.2) + CVE-2019-8666, CVE-2019-8673, CVE-2019-8676, CVE-2019-8681, CVE-2019-8687, CVE-2019-8689, and CVE-2019-8690 (fixed in 2.24.3) + CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8669, CVE-2019-8678, CVE-2019-8680, CVE-2019-8683, CVE-2019-8684 and CVE-2019-8688 (fixed in 2.24.4) . webkit2gtk (2.24.4-1) unstable; urgency=medium . * New upstream release (Closes: #931807). * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. webkit2gtk (2.24.4-1~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. webkit2gtk (2.24.4-1~bpo9+1) stretch-backports-sloppy; urgency=medium . * Rebuild for stretch-backports-sloppy. * debian/control: + Versions of GStreamer < 1.13 had GStreamerGL in the "bad" set, so depend on libgstreamer-plugins-bad1.0-dev and don't require GStreamer 1.13. Don't install libgstreamer-plugins-bad1.0-dev in armel or armhf: the usage of two different GL implementations causes a build failure (see WebKit bug #175127). + Remove build dependency on libwoff-dev, this is not available in this Debian release. + Don't recommend gstreamer1.0-gl, that package is not available in this Debian release. + Don't depend on libopenjp2-7-dev. * debian/rules: + Build with -DENABLE_MEDIA_SOURCE=OFF. This feature requires a more recent version of GStreamer. + Build with -DUSE_OPENJPEG=OFF. This feature requires a more recent version of libopenjp2-7-dev. webkit2gtk (2.24.3-1) unstable; urgency=medium . * New upstream release (Closes: #929749). * debian/control: + Recommend gstreamer1.0-libav. This package allows the user to play most internet videos (Closes: #870814). wpa (2:2.7+git20190128+0c1e29f-6+deb10u1) buster-security; urgency=medium . * SECURITY UPDATE: - AP mode PMF disconnection protection bypass. More details: + https://w1.fi/security/2019-7/ Closes: #940080 (CVE-2019-16275) - Timing-based side-channel attack against WPA3's Dragonfly handshake when using Brainpool curves. More details: + https://w1.fi/security/2019-6/ + https://wpa3.mathyvanhoef.com/ Closes: #934180 (CVE-2019-13377) ====================================== Sat, 07 Sep 2019 - Debian 10.1 released ====================================== ========================================================================= [Date: Sat 7 Sep 07:51:55 UTC 2019] [ftpmaster: Stable point release] Removed the following packages from stable: pump | 0.8.24-7.1 | source, amd64, arm64, armel, armhf, i386, mips, mipsel, ppc64el, s390x pump | 0.8.24-7.1+b1 | mips64el ------------------- Reason ------------------- RoST; unmaintained; security issues ---------------------------------------------- ========================================================================= [Date: Sat 7 Sep 07:51:55 UTC 2019] [ftpmaster: Stable point release] Removed the following packages from stable: All binary and D-I packages related to linux-4.19.0-5 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= acme-tiny (1:4.0.4-1+deb10u1) buster; urgency=medium . * Add upstream patch to fix ACME protocol change effective on November 1st 2019, https://github.com/diafygi/acme-tiny/issues/226 android-sdk-meta (25.0.0+11+deb10u1) buster; urgency=medium . * fix version: this adds on top of package from sid android-sdk-meta (25.0.0+11) unstable; urgency=medium . [ Jeff Muizelaar ] * Add some more Amazon devices . [ Hans-Christoph Steiner ] * fix DEB_REVISION parsing to work with more than one digit * remove broken screenshot2 symlink (Closes: #924175) * Suggests: proguard-gui for symlinks (Closes: #923935) * document udev rule for providing device access to the console user * update udev rules to latest upstream version (Closes: #931215) * sync new devices in 51-android.rules from upstream * Standards-Version 4.3.0 no changes * sync whitespace in 51-android.rules with upstream * sync comments in 51-android.rules with upstream * sync manufacturer order in 51-android.rules from upstream android-sdk-meta (25.0.0+11~deb10u2) buster; urgency=medium . * fix regex for adding Debian version to binary packages (Closes: #935938) android-sdk-meta (25.0.0+11~deb10u1) buster; urgency=medium . [ Jeff Muizelaar ] * Add some more Amazon devices . [ Hans-Christoph Steiner ] * fix DEB_REVISION parsing to work with more than one digit * remove broken screenshot2 symlink (Closes: #924175) * Suggests: proguard-gui for symlinks (Closes: #923935) * document udev rule for providing device access to the console user * update udev rules to latest upstream version (Closes: #931215) * sync new devices in 51-android.rules from upstream * Standards-Version 4.3.0 no changes * sync whitespace in 51-android.rules with upstream * sync comments in 51-android.rules with upstream * sync manufacturer order in 51-android.rules from upstream apache2 (2.4.38-3+deb10u1) buster-security; urgency=high . * Add patch to limit cross-site scripting in mod_proxy (Closes: CVE-2019-10092) * Add patch to fix stack buffer overflow and NULL pointer dereference in mod_remoteip (Closes: CVE-2019-10097) * Import http2 modules from 2.4.41 (Closes: CVE-2019-9517, CVE-2019-10082 and CVE-2019-10081 * Add patch to set PCRE_DOTALL by default (Closes: CVE-2019-10098) apt-setup (1:0.151~deb10u1) buster; urgency=medium . * Rebuild for buster. asterisk (1:16.2.1~dfsg-1+deb10u1) buster; urgency=medium . * AST-2019-002 / CVE-2019-12827 Buffer overflow in res_pjsip_messaging (Closes: #931980) * AST-2019-003 / CVE-2019-13161 Remote Crash Vulnerability in chan_sip (Closes: #931981) * d/gbp.conf: Update for Buster branch babeltrace (1.5.6-2+deb10u1) buster; urgency=medium . [ Andreas Beckmann ] * Non-maintainer upload. * Backport symbols fix from 1.5.7-1. . [ Michael Jeanson ] * Bump ctf symbols depends to post merge version (Closes: #931147) backup-manager (0.7.14-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Fix purging of remote archives via FTP or SSH. Thanks to Thomas Parmelan (Closes: #895901) base-files (10.3+deb10u1) buster; urgency=medium . * Change /etc/debian_version to 10.1, for Debian 10.1 point release. basez (1.6-3+deb10u1) buster; urgency=medium . * Properly decode base64url encoded strings (closes: #931041) basez (1.6-3+deb9u1) stretch; urgency=medium . * Properly decode base64url encoded strings (closes: #931041) bro (2.5.5-1+deb10u1) buster-security; urgency=medium . * Add patches for CVE-2018-16807, CVE-2018-17019 (Closes: #908614, #908779) bzip2 (1.0.6-9.2~deb10u1) buster; urgency=medium . * Rebuild for buster . bzip2 (1.0.6-9.2) unstable; urgency=medium . * Non-maintainer upload. * Accept as many selectors as the file format allows (Closes: #931278) cacti (1.2.2+ds1-2+deb10u1) buster; urgency=medium . * Depends i.s.o. Recommends on php-gmp as this is now a requirement of the upstream code (Closes: #930252) * Fix reading of snmp gauges (0001-Resolving-issue-2474.patch) (Closes: #930254) * Fix upgrade from stretch (0001-Resolving-issue-2482.patch); the upgrade code attempted to drop a non-existing primary key (Closes: #931702) calamares-settings-debian (10.0.20-1+deb10u1) buster; urgency=medium . * Fix permissions for initramfs image when full-desk encryption is enabled. (CVE-2019-13179) (Closes: #931373) clamav (0.101.4+dfsg-0+deb10u1) buster; urgency=medium . * Import 0.101.4 - CVE-2019-12625 (Add scan time limit to limit the processing zip-bombs) (Closes:934359) - CVE-2019-12900 (An out of bounds write was possible within ClamAV's NSIS bzip) - update symbols file (bump to 101.4 and drop unused cli_strnstr). clamav (0.101.4+dfsg-0+deb9u1) stretch; urgency=medium . * Import 0.101.4 (Closes: 921190) - CVE-2019-12625 (Add scan time limit to limit the processing zip-bombs) (Closes:934359) - CVE-2019-12900 (An out of bounds write was possible within ClamAV's NSIS bzip) - update symbols file (bump to 101.4 and drop unused cli_strnstr). clamav (0.101.2+dfsg-3) unstable; urgency=medium . * Cherry-pick a fix from 0.101.3 to address a vulnerability to non-recursive zip bombs. clamav (0.101.2+dfsg-2) unstable; urgency=medium . * Remove python from build-depends: - Only needed for llvm, which is currently (and probably permanently) disabled - Support python2 removal, if this comes back, it will need to be python3 clamav (0.101.2+dfsg-1+deb10u1) buster; urgency=medium . * Cherry-pick a fix from 0.101.3 to address a vulnerability to non-recursive zip bombs. cloudkitty (8.0.0-4+deb10u1) buster; urgency=medium . * Add upstream patch to fix FTBFS after we updated SQLAlchemy to fix CVE-2019-7164 CVE-2019-7548 (SQL injection) (see debian bug 922669 and 929321 for more info) (Closes: #930996). console-setup (1.193~deb10u1) buster; urgency=medium . * Rebuild for buster. console-setup (1.192) unstable; urgency=medium . * Remove Christian Perrier from Uploaders, with many thanks for all his contributions over the years! (Closes: #927511) * Merge patch by Iain Lane to fix internationalization issues when switching locales with Perl >= 5.28 (Closes: #924657, LP: #1817453). cryptsetup (2:2.1.0-5+deb10u2) buster; urgency=medium . * Cherry pick upstream commit 8f8f0b32: Fix mapped segments overflow on 32bit architectures. Regression since 2:2.1.0-1. (Closes: #935702) cryptsetup (2:2.1.0-5+deb10u1) buster; urgency=high . * Backport upstream commits c03e3fe8, 725720df and fe4e1de5 to fix support for LUKS2 headers without any bound keyslot. Adding a new key slot using the volume key was failing, both via the crypt_keyslot_add_by_volume_key() API call and with `luksAddKey --master-key`. The former in particular might yield data loss if, in order to change a passphrase, an application destroys the keyslot before adding a new one (using the volume key), cf. #928893. Note that doing so is *unsafe*: applications should instead use crypt_keyslot_change_by_passphrase() from libcryptsetup >=1.6.0. Trying to open LUKS2 volume by supplying the volume key on the command line was also failing if there were no bound keyslot on the header. (Closes: #934715) cups (2.2.10-6+deb10u1) buster; urgency=medium . * Fix multiple security/disclosure issues (Closes: #934957) - CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows - Fixed IPP buffer overflow - Fixed memory disclosure issue in the scheduler - Fixed DoS issues in the scheduler dbconfig-common (2.0.11+deb10u1) buster; urgency=medium . [ Marius Burkard ] * Fix regression with /bin/sh pointing to bash due to changes in its POSIX behaviour (Closes: #934027) . [ Paul Gevers ] * tests: use sh instead of hardcoded *sh to catch issues like the above debian-edu-config (2.10.65+deb10u1) buster; urgency=medium . [ Wolfgang Schweer ] * Adjust ltsp-build-client/Debian-custom/001-ltsp-setting. (Closes: #928756) - Use PXE option 'ipappend 2' for LTSP client boot. This option makes sure that all DHCP server information is getting through to LTSP clients. (LTSP used this option before, but switched to 'ipappend 3' during the Buster development cycle to ease setups with ProxyDHCP.) * Adjust share/debian-edu-config/sudo-ldap.conf. (Closes: #929964) - Fix sudo-ldap configuration. (The LDAP URI is needed on LDAP clients.) * Set environment variable to deal with Firefox profile. (Closes: #930122) This is a workaround for bug #930125, preventing firefox-esr startup issues if the mozilla profile is on an NFS share). - Ship share/debian-edu-config/edu-firefox-nfs with NSS_SDB_USE_CACHE="yes" as content. Thanks to Mike Gabriel for spotting the issue and providing this information. - Add instructions to cf3/cf.workarounds to link the 'edu-firefox-nfs' file to appropriate files below '/etc/X11/Xsession.d' and '/etc/profile.d'. * Adjust cf3/cf.homes: Set correct LTSP chroot path. (Closes: #931680) - While the reported arch is i686, LTSP uses i386. Set arch accordingly. * Adjust share/debian-edu-config/tools/kerberos-kdc-init. (Closes: #931366) - Remove outdated (and now wrong) logging section. * Fix loss of dynamically allocated v4 IP address. (Closes: #933580) - Drop etc/network/if-up.d/hostname. This script doesn't work anymore due to changed behaviour of the ifupdown/dhclient/systemd combination and now also causes the loss of a dynamically allocated ipv4 IP address after 20 to 30 minutes after booting. - Add code to d/debian-edu-config.postinstall to implement the intended hostname update just after rebooting the system after a change. - Adjust Makefile. * Provide Debian Edu RootCA certificate for download. (Closes: #933183) - Adjust share/debian-edu-config/tools/create-debian-edu-certs to copy the rootCA file to the web server directory at certificate generation time. - Adjust cf3/cf.finalize to care for the rootCA file as well. - Adjust cf3/cf.workarounds to copy the rootCA file to the web server directory upon main server upgrade. * Add LDAP server certificate to the initial LTSP NBD image. (Closes: #932828) - etc/ltsp/ltsp-build-client.conf: Don't create the image by default. - cf3/edu.cf: Define new class 'ltspimages'. - cf3/cf.finalize: Add code to include the LDAP server certificate for all possible use cases, to generate the image and to adjust various rights. * Changes to debian-edu-config.fetch-ldap-cert from 2.10.67). - Use independent conditions to make sure that the LDAP server certificate is only downloaded once for both host and LTSP chroot. (Closes: #934380) - Add code to validate the LDAP server certificate in case the Debian Edu RootCA certificate is available for download. . [ Mike Gabriel ] * Changes to debian-edu-config.fetch-ldap-cert (from 2.10.66): - Make the script (and with it Debian Edu buster workstations) work in a Debian Edu environment where the main server (TJENER) is still on Debian Edu 8 or 9. (Closes: #926933) - Retrieve TJENER's PKI server certificate only once per host to improve security. This re-introduces the behaviour of fetch-ldap-cert in stretch and earlier. (Closes: #931413). * Changes to debian-edu-config.fetch-ldap-cert (from 2.10.67): - White-space-only change: Fix broken and inconsistent indentations. - Fully inline-document fetch-ldap-cert script. - Add "-f" option to all curl calls that don't have it set so far. This assures that curl bails out with a non-zero exit code, if anything goes wrong while retrieving certificate files. - Also report a successful certificate verification if we verified the LDAP server certificate using the Debian Edu RootCA. - Really check that the LDAP server uses a certificate issued by the "Debian Edu RootCA", not just by (some) "RootCA". - Add 2x FIXME about BUNDLECRT file removal from host and from LTSP chroots. - LTSP chroot certificate copying: only log those actions, if they are actually about to happen.. - Silence curl stderr and gnutls-cli stdout+stderr. - Certificate retrieval: Fix upgrade path for RootCA deployment. Re-run CERTFILE (and ROOTCACRT retrieval) until we have both on the client. This will lead to repetitive downloads of the CERTFILE on system boot. To get rid of this, people must upgrade their TJENERs from Debian Edu 10.0 to 10.1. Then it will stop. This hack is necessary to assure distribution of the RootCA to all clients that don't have it, yet. - Detach dependency of ROOTCACRT chroot copying and BUNDLECRT chroot copying from chroot copying of the CERTFILE. The chroot may have the CERTFILE, but not the ROOTCACRT, yet. This assures a smooth upgrade path from Debian Edu 10.0 to Debian Edu 10.1. - Do a simple validity check if a directory under /opt/ltsp really is a chroot (and e.g. not the SquashFS images' directory). debian-edu-doc (2.10.19~deb10u1) buster; urgency=medium . * Upload to buster. . debian-edu-doc (2.10.19) unstable; urgency=medium . * Update Debian Edu Buster manual from the wiki. * Update Debian Edu ITIL manual from the wiki. * Bump standards version to 4.4.0, no changes needed. . [ Translation updates ] * Buster manual: - Japanese: hoxp18 - German: Wolfgang Schweer - Italian: Claudio Carboncini - Chinese (Simplified): Ma Yong - French: Jean-Pierre Giraud debian-installer (20190702+deb10u1) buster; urgency=medium . [ Samuel Thibault ] * build/boot/x86: Restore 'd' shortcut for the dark theme. 'c' can obviously not work in grub (Closes: #935545). . [ Cyril Brulebois ] * Enable proposed-updates for the buster stable branch. . [ Julien Cristau ] * Bump linux ABI to 4.19.0-6. debian-installer-netboot-images (20190702+deb10u1) buster; urgency=medium . * Update to 20190702+deb10u1 images, from buster-proposed-updates * Set DISTRIBUTION_FALLBACK to buster in debian/rules, and attempt a build against this distribution instead of buster-proposed-updates if the first build against the latter doesn't succeed. This should fix the FTBFS within buster once the point release has happened, as d-i disappears from s-p-u (Closes: #902226). With thanks to Santiago Vila for the initial report. * Make get-images.sh clean up temporary files on error and not only on exit, to make sure they don't interfere with a later attempt against a different distribution (see above). dehydrated (0.6.2-2+deb10u1) buster; urgency=medium . * Add three more patches from upstream. Fixing the following bug: + Fixed fetching of account information. + Followup fixes for account ID handling, and APIv1 compatibility. devscripts (2.19.5+deb10u1) buster; urgency=medium . [ Thomas Goirand ] * debchange: + Target buster-backports with --bpo. Closes: #931614 devscripts (2.19.5+deb10u1~bpo9+2) stretch-backports; urgency=medium . * Source only upload for stretch-backports. devscripts (2.19.5+deb10u1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. dma (0.11-1+deb10u1) buster; urgency=medium . * d/p/0002-crypto-Don-t-limit-to-TLSv1-only.patch: Do not limit SSL connection to TLSv1 (Closes: #871429) * d/p/0003-properly-deal-with-SSL_connect-return-value.patch: Properly check the return code of SSL_connect() dosbox (0.74-2-3+deb10u1) buster-security; urgency=medium . * Apply upstream fixes for two security issues: - CVE-2019-7165: long lines in batch files would overflow the parsing buffer; - CVE-2019-12594: programs running inside DOSBox could access /proc. along with a number of buffer overrun fixes. Closes: #931222. dovecot (1:2.3.4.1-5+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix CVE-2019-11500 - lib-imap: Don't accept strings with NULs - lib-imap: Make sure str_unescape() won't be writing past allocated memory - lib-managesieve: Don't accept strings with NULs - lib-managesieve: Make sure str_unescape() won't be writing past allocated memory dovecot (1:2.3.4.1-5+deb10u1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. . dovecot (1:2.3.4.1-5+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix CVE-2019-11500 - lib-imap: Don't accept strings with NULs - lib-imap: Make sure str_unescape() won't be writing past allocated memory - lib-managesieve: Don't accept strings with NULs - lib-managesieve: Make sure str_unescape() won't be writing past allocated memory . dovecot (1:2.3.4.1-5) unstable; urgency=medium . * [bd00402] Fix CVE-2019-11494 and CVE-2019-11499 (Closes: #928235) - submission-login: fix null pointer dereference when client disconnects during authentication (CVE-2019-11494) - submission-login: fix assert-crash when receiving an invalid authentication message over TLS (CVE-2019-11499) dpdk (18.11.2-2+deb10u1) buster; urgency=medium . * Rebuild for buster. . dpdk (18.11.2-2) unstable; urgency=medium . [ Christian Ehrhardt ] * d/control: set VCS to be Salsa based * d/README.source: add info about salsa git usage . dpdk (18.11.2-1) experimental; urgency=medium . [ Christian Ehrhardt ] * Merge stable update to 18.11.2; For a list of changes see http://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html#id1 - refresh 0004-build-bump-minimum-Meson-version-to-0.47.1.patch for 18.11.2 - drop changes upstream in 18.11.2 0002-build-use-generic-march-on-arm64-when-using-default.patch lp-1827102-kni-fix-build-with-Linux-5.1.patch . [ Santiago Ruano Rincón ] * debian/rules: clean doc files . dpdk (18.11.1-3) experimental; urgency=medium . * d/control: add dependencies to libdpdk-dev: libelf-dev and libjansson-dev to avoid pkg-config issues * d/control: drop unused build dependency to libcap-dev . dpdk (18.11.1-2) experimental; urgency=medium . [ Christian Ehrhardt ] * d/control: drop shlibs:Depends from dpdk as it has no binaries anymore * d/p/lp-1827102-kni-fix-build-with-Linux-5.1.patch fix kni DKMS build with Linux 5.1 kernels (LP: #1827102) . [ Luca Boccassi ] * Bump Standards-Version to 4.3.0, no changes. . dpdk (18.11.1-1) experimental; urgency=medium . [ Christian Ehrhardt ] * Merge stable update to 18.11.1; For a list of changes see https://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html - refresh 0004-build-bump-minimum-Meson-version-to-0.47.1.patch for 18.11.1 - drop changes upstream in 18.11.1 0001-doc-fix-garbage-text-in-generated-HTML-guides.patch 0003-build-mention-march-in-pkg-config-description.patch 0001-kni-fix-build-for-dev_open-in-Linux-5.0.patch 0002-kni-fix-build-for-igb_ndo_bridge_setlink-in-Linux-5..patch * d/control: fix usability issue with mlx PMDs which might need rdma-core to be installed. In most cases users will want this, to be able to drop rdma-core if unwanted in some cases this is only a recommends added to librte-pmd-mlx4-18.11 and librte-pmd-mlx5-18.11 (Closes: #925141) dpdk (18.11.2-2) unstable; urgency=medium . [ Christian Ehrhardt ] * d/control: set VCS to be Salsa based * d/README.source: add info about salsa git usage . dpdk (18.11.2-1) experimental; urgency=medium . [ Christian Ehrhardt ] * Merge stable update to 18.11.2; For a list of changes see http://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html#id1 - refresh 0004-build-bump-minimum-Meson-version-to-0.47.1.patch for 18.11.2 - drop changes upstream in 18.11.2 0002-build-use-generic-march-on-arm64-when-using-default.patch lp-1827102-kni-fix-build-with-Linux-5.1.patch . [ Santiago Ruano Rincón ] * debian/rules: clean doc files . dpdk (18.11.1-3) experimental; urgency=medium . * d/control: add dependencies to libdpdk-dev: libelf-dev and libjansson-dev to avoid pkg-config issues * d/control: drop unused build dependency to libcap-dev . dpdk (18.11.1-2) experimental; urgency=medium . [ Christian Ehrhardt ] * d/control: drop shlibs:Depends from dpdk as it has no binaries anymore * d/p/lp-1827102-kni-fix-build-with-Linux-5.1.patch fix kni DKMS build with Linux 5.1 kernels (LP: #1827102) . [ Luca Boccassi ] * Bump Standards-Version to 4.3.0, no changes. . dpdk (18.11.1-1) experimental; urgency=medium . [ Christian Ehrhardt ] * Merge stable update to 18.11.1; For a list of changes see https://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html - refresh 0004-build-bump-minimum-Meson-version-to-0.47.1.patch for 18.11.1 - drop changes upstream in 18.11.1 0001-doc-fix-garbage-text-in-generated-HTML-guides.patch 0003-build-mention-march-in-pkg-config-description.patch 0001-kni-fix-build-for-dev_open-in-Linux-5.0.patch 0002-kni-fix-build-for-igb_ndo_bridge_setlink-in-Linux-5..patch * d/control: fix usability issue with mlx PMDs which might need rdma-core to be installed. In most cases users will want this, to be able to drop rdma-core if unwanted in some cases this is only a recommends added to librte-pmd-mlx4-18.11 and librte-pmd-mlx5-18.11 (Closes: #925141) dpdk (18.11.2-1) experimental; urgency=medium . [ Christian Ehrhardt ] * Merge stable update to 18.11.2; For a list of changes see http://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html#id1 - refresh 0004-build-bump-minimum-Meson-version-to-0.47.1.patch for 18.11.2 - drop changes upstream in 18.11.2 0002-build-use-generic-march-on-arm64-when-using-default.patch lp-1827102-kni-fix-build-with-Linux-5.1.patch . [ Santiago Ruano Rincón ] * debian/rules: clean doc files dpdk (18.11.1-3) experimental; urgency=medium . * d/control: add dependencies to libdpdk-dev: libelf-dev and libjansson-dev to avoid pkg-config issues * d/control: drop unused build dependency to libcap-dev dpdk (18.11.1-2) experimental; urgency=medium . [ Christian Ehrhardt ] * d/control: drop shlibs:Depends from dpdk as it has no binaries anymore * d/p/lp-1827102-kni-fix-build-with-Linux-5.1.patch fix kni DKMS build with Linux 5.1 kernels (LP: #1827102) . [ Luca Boccassi ] * Bump Standards-Version to 4.3.0, no changes. dpdk (18.11.1-1) experimental; urgency=medium . [ Christian Ehrhardt ] * Merge stable update to 18.11.1; For a list of changes see https://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html - refresh 0004-build-bump-minimum-Meson-version-to-0.47.1.patch for 18.11.1 - drop changes upstream in 18.11.1 0001-doc-fix-garbage-text-in-generated-HTML-guides.patch 0003-build-mention-march-in-pkg-config-description.patch 0001-kni-fix-build-for-dev_open-in-Linux-5.0.patch 0002-kni-fix-build-for-igb_ndo_bridge_setlink-in-Linux-5..patch * d/control: fix usability issue with mlx PMDs which might need rdma-core to be installed. In most cases users will want this, to be able to drop rdma-core if unwanted in some cases this is only a recommends added to librte-pmd-mlx4-18.11 and librte-pmd-mlx5-18.11 (Closes: #925141) . [ Luca Boccassi ] * Bump Standards-Version to 4.3.0, no changes. dput-ng (1.25+deb10u1) buster; urgency=medium . [ Kunal Mehta ] * Add buster-backports and stretch-backports-sloppy codenames. MR: !7 . [ Mattia Rizzolo ] * autopkgtest: add missing test dependencies and restrictions. e2fsprogs (1.44.5-1+deb10u1) buster; urgency=medium . * Fix e4defrag crashes on 32-bit architectures (Closes: #920767) enigmail (2:2.0.12+ds1-1~deb10u1) buster; urgency=medium . * upload upstream version to Debian stable - addresses CVE-2019-12269 (Closes: #929363) - uses "advanced" version of WKD - switches to using keys.openpgp.org as the default keyserver - avoid decrypting/verifying quoted inline-PGP - un-mangling MS Exchange: ensure that message structure is as expected to avoid data loss - only include Subject: line in legacy-display part for protected headers * move Vcs-Git fields to DEP-14 branch debian/buster * refresh patches enigmail (2:2.0.11+ds1-2) unstable; urgency=medium . * minimize legacy-display protected headers for encrypted mails enigmail (2:2.0.11+ds1-1) unstable; urgency=medium . * new upstream release * refresh patches * use the older import-show with --dry-run instead of show-only epiphany-browser (3.32.1.2-3~deb10u1) buster; urgency=medium . * Team upload * Rebuild for Debian 10 - d/gbp.conf: Set packaging branch to debian/buster . epiphany-browser (3.32.1.2-3) unstable; urgency=medium . * Team upload * d/gbp.conf: Set packaging branch to debian/unstable and upstream branch to upstream/3.32.x * d/p/lib-Give-libephymisc-a-RUNPATH-pointing-for-our-private-l.patch: Ensure that the web extension loads our bundled copy of libdazzle, even though it only depends on libdazzle transitively via libephymisc. Thanks to Carlos Alberto Lopez Perez for clarifying precisely which component was failing to load. (Closes: #927731) erlang-p1-pkix (1.0.0-3+deb10u1) buster; urgency=medium . * Added upstream patch to fix handling of GnuTLS certificates (Closes: #933040) exim4 (4.92-8+deb10u1) buster-security; urgency=high . * Fix remote command execution vulnerability related to "${sort}"-expansion. CVE-2019-13917 OVE-20190718-0006 exim4 (4.92-8+deb10u1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. . exim4 (4.92-8+deb10u1) buster-security; urgency=high . * Fix remote command execution vulnerability related to "${sort}"-expansion. CVE-2019-13917 OVE-20190718-0006 facter (3.11.0-2+deb10u1) buster; urgency=medium . * Fix parsing of Linux route non-kv flags (e.g. onlink) (Closes: #918250) fdroidserver (1.1.4-1~deb10u1) buster; urgency=medium . * New upstream release targeted for Debian/buster * remove upstreamed patches fdroidserver (1.1.4-1~deb10u1~bpo9+1) stretch-backports; urgency=medium . * rebuild for stretch-backports fdroidserver (1.1.3-3) unstable; urgency=medium . * conditionally disable tests that can't work with apksigner fdroidserver (1.1.3-2) unstable; urgency=medium . * fix Recommends test, MD5 test fails with apksigner present fdroidserver (1.1.3-1) unstable; urgency=medium . * New upstream version 1.1.3 to fix test suite fdroidserver (1.1.2-1) unstable; urgency=medium . * New upstream version 1.1.2 (Closes: #929905) ffmpeg (7:4.1.4-1~deb10u1) buster-security; urgency=medium . * New upstream release fig2dev (1:3.2.7a-5+deb10u1) buster; urgency=medium . * 40_circle_arrowhead: Do not segfault on circle/half circle arrowheads with a magnification larger 42. This fixes CVE-2019-14275. (Closes: #933075). * Adapt salsa CI pipeline to buster release. firefox-esr (60.8.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2019-22, also known as: CVE-2019-9811, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11729, CVE-2019-11715, CVE-2019-11717, CVE-2019-11719, CVE-2019-11730, CVE-2019-11709. firefox-esr (60.8.0esr-1~deb9u1) stretch-security; urgency=medium . * New upstream release. * Fixes for mfsa2019-22, also known as: CVE-2019-9811, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11729, CVE-2019-11715, CVE-2019-11717, CVE-2019-11719, CVE-2019-11730, CVE-2019-11709. firmware-nonfree (20190114-2) buster; urgency=medium . [ Ben Hutchings ] * Update to linux-support 4.19.0-5 * amd-graphics: Trigger update-initramfs when installed (Closes: #928510) * cavium, netronome: Trigger update-initramfs when installed * atheros: Add Qualcomm Atheros QCA9377 rev 1.0 firmware version WLAN.TF.2.1-00021-QCARMSWP-1 (Closes: #903437, #919632, #927917) * realtek: Add Realtek RTL8822CU Bluetooth firmware * atheros: Revert change of QCA9377 rev 1.0 firmware in 20180518-1 (Closes: #919632) . [ Raphaël Hertzog ] * misc-nonfree: Add firmware for MediaTek MT76x0/MT76x2u wireless chips (Closes: #919452) * misc-nonfree: Add firmware for MediaTek MT7622/MT7668 bluetooth chips . [ Romain Perier ] * misc-nonfree: Add GV100 signed firmware (Closes: #928672) freeorion (0.4.8-1+deb10u1) buster; urgency=medium . * Backport "Fix save or load game crash" patch to Buster. fuse-emulator (1.5.7+dfsg1-2~deb10u1) buster; urgency=medium . * Rebuild for buster. . fuse-emulator (1.5.7+dfsg1-2) unstable; urgency=medium . * debian/patches/prefer-x11-over-wayland.patch: - Prefer the X11 GDK backend over the Wayland one, as the latter is known to have problems (see upstream bug #367) (Closes: #872994). * debian/patches/show-fuse-icon.patch: - Show the Fuse icon on the GTK window and About dialog. fusiondirectory (1.2.3-4+deb10u1) buster; urgency=medium . * debian/patches: + Add 0001_CVE-2019-11187_stricter-ldap-error-check.patch. Perform stricter check on LDAP success/failure (CVE-2019-11187). * debian/control: + Add to D (fusiondirectory): php-xml. (Closes: #931959). gcab (1.2-3~deb10u1) buster; urgency=medium . * Rebuild for Buster. ghostscript (9.27~dfsg-2+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * protect use of .forceput with executeonly (CVE-2019-10216) glib2.0 (2.58.3-2+deb10u1) buster; urgency=medium . * Team upload * d/p/keyfile-settings-Use-tighter-permissions.patch: Backport patch from upstream 2.60.0 so that the GKeyFile settings backend creates ~/.config and configuration files with restrictive permissions (Closes: #931234, CVE-2019-13012) * d/gbp.conf: Swap branch to debian/buster gnome-bluetooth (3.28.2-4~deb10u1) buster; urgency=medium . * Team upload * d/p/client-Disconnect-all-signal-handlers-when-client-is-disp.patch: Mark as applied upstream for 3.33.91 * d/gbp.conf: Set packaging branch to debian/buster * Rebuild for buster . gnome-bluetooth (3.28.2-4) unstable; urgency=medium . * Team upload * d/p/client-Disconnect-all-signal-handlers-when-client-is-disp.patch: Add proposed patch to avoid GNOME Shell crashes when gnome-shell-extension-bluetooth-quick-connect is used (Closes: #932405) * d/gbp.conf: Set Debian branch to debian/unstable gnome-control-center (1:3.30.3-2~deb10u1) buster; urgency=medium . * Team upload * Rebuild for Debian 10 * d/gbp.conf: Set packaging branch to debian/buster . gnome-control-center (1:3.30.3-2) unstable; urgency=medium . * Team upload * d/patches: Mark more patches as forwarded upstream * d/patches: Sort non-upstreamable patches to end of patch series * d/patches: Update to upstream gnome-3-30 commit 3.30.3-7-gf41ae4269 - d/p/info-Fix-crashes-when-retrieving-disk-size.patch: Fix crash when the Details -> Overview (info-overview) panel is selected (Closes: #933529) - d/p/universal-access-Fix-duplicate-settings-call.patch, d/p/universal-access-Fix-leaks-checking-settings.patch: Fix memory leaks in Universal Access panel - d/p/universal-access-Don-t-use-widget-names-for-GSettings-key.patch: Fix a regression that caused the Universal Access -> Zoom mouse tracking options to have no effect - Update translations: is, ja * d/gbp.conf: Set branch to debian/unstable gnupg2 (2.2.12-1+deb10u1) buster; urgency=medium . * drop unneeded patch for printing revocation certificates * backport bugfix and stability patches from upstream 2.2.13 * backport bugfix and stability patches from upstream 2.2.14 * backport documentation, stability, ssh, and WKD patches from upstream 2.2.15 * backport documentation and bugfix patches from upstream 2.2.16 * import bugfixes and cleanup around secret key handling from 2.2.14 * backport bugfixes, documentation, WKD, and keyserver fixes from 2.2.17 * import efficiency and security fixes from upstream STABLE-BRANCH-2-2 * avoid using SKS pool CA unless the keyserver is hkps.pool.sks-keyservers.net * drop import-clean from default keyserver options, to avoid data loss * use keys.openpgp.org as the default keyserver * enable merging certificate updates even if update has no user ID * update Vcs-Git: to point to debian/buster branch * Adopt migrate-pubring-from-classic-gpg robustness fixes (Closes: #931385) * add new CI test: debian/tests/simple-tests * debian/tests/gpgv-win32: make arch-specific (Closes: #905563) gnupg2 (2.2.12-1+deb10u1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. * debian/control: - Update Build-Depends: libgpg-error-dev (>= 1.35), due to the following patches depends on it, which introduces gpgrt.h: debian/patches/from-2.2.13/Silence-compiler-warnings-new-with-gcc-8.patch gnuplot (5.2.6+dfsg1-1+deb10u1) buster; urgency=medium . * [7b7626a] Fix incomplete/unsafe initialization of ARGV array. (Closes: #926658) golang-1.11 (1.11.6-1+deb10u1) buster-security; urgency=high . * Fix Denial of Service vulnerabilities in the HTTP/2 implementation. https://github.com/golang/go/issues/33631 CVE-2019-9512, CVE-2019-9514 * Fix multiple Parsing Issues in URL.Parse https://github.com/golang/go/issues/29098 CVE-2019-14809 gosa (2.7.4+reloaded3-8+deb10u1) buster; urgency=medium . * debian/changelog: + post-upload fix of patch-1045 explanation... * debian/patches: + Add 1046_CVE-2019-11187_stricter-ldap-error-check.patch. Perform stricter check on LDAP success/failure (CVE-2019-11187). h2o (2.2.5+dfsg2-2+deb10u1) buster-security; urgency=high . * [d9b7843] Fix HTTP/2 DoS attack vulnerabilities. CVE-2019-9512 CVE-2019-9514 CVE-2019-9515. (Closes: #934886) hfst (3.15.0-1.1~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster. . hfst (3.15.0-1.1) unstable; urgency=medium . * Non-maintainer upload. * hfst: Add Breaks: libhfst45-dev for smoother upgrades from stretch. (Closes: #931169) initramfs-tools (0.133+deb10u1) buster; urgency=medium . [ Ben Hutchings ] * [998371a] hooks/resume: Disable resume when there are no suitable swap devices. Thanks to Trek <trek00@inbox.ru> (Closes: #916696) * [d653197] hook-functions: Include all keyboard driver modules when MODULES=most. Thanks to Alper Nebi Yasak <alpernebiyasak@gmail.com> * [5681ccb] hook-functions: Include cros_ec_spi and SPI drivers when MODULES=most. Thanks to Alper Nebi Yasak <alpernebiyasak@gmail.com> * [8d62542] resume: Set plymouth status only if there is a suspend image (Closes: #928736) * [073586a] hook-functions: Fix copy_file with target of "/bin" (Closes: #928689) * [a78d9a5] unmkinitramfs: Work around lz4cat filename check. Thanks to Dimitri John Ledkov <xnox@ubuntu.com> (Closes: #930366) * [48a35de] update-initramfs(8): Update description of "-k all" option . [ Alper Nebi Yasak ] * [1abb6f6] hook-functions: Include extcon-usbc-cros-ec when MODULES=most * [db6d4e2] hook-functions: Include extcon drivers when MODULES=dep . [ Uwe Kleine-König ] * [360fb48] mkinitramfs: suppress warning when using bzip2 or lzma (Closes: #930754) jython (2.7.1+repack1-4~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster. . jython (2.7.1+repack1-4) unstable; urgency=medium . * Team upload. * Preserve the backward compatibility with Java 7 (Closes: #934111) * Adjusted the Vcs-* fields kconfig (5.54.0-1+deb10u1) buster-security; urgency=medium . * CVE-2019-14744 lacme (0.5-1+deb10u1) buster; urgency=medium . * Link to RFC 8555 <https://tools.ietf.org/html/rfc8555> instead of the ACME I-D URL. * Issue GET and POST-as-GET requests (RFC 8555 sec. 6.3) for the authorizations, order and certificate URLs. Let's Encrypt will remove support of unauthenticated GETs from the V2 API on 01 Nov 2019. Closes: #935799. libblockdev (2.20-7+deb10u1) buster; urgency=medium . [ intrigeri ] * Use existing cryptsetup API for changing keyslot passphrase. Cherry-pick upstream fix to use existing cryptsetup API for atomically changing a keyslot passphrase, instead of deleting the old keyslot before adding the new one. This avoids data loss when attempting to change the passphrase of a LUKS2 device via udisks2, e.g. from GNOME Disks. Deleting a keyslot and then adding one is risky: if anything goes wrong before the new keyslot is successfully added, no usable keyslot is left and the device cannot be unlocked anymore. There's little chances this causes actual problems with LUKS1, but LUKS2 defaults to the memory-hard Argon2 key derivation algorithm, which is implemented in cryptsetup with the assumption that it runs as root with no MEMLOCK ulimit; this assumption is wrong when run by udisks2.service under LimitMEMLOCK=65536, which breaks adding the new keyslot, and makes us hit the problematic situation (user data loss) every time. With this change, changing a LUKS2 passphrase via udisks2 will still fail in some cases, until the MEMLOCK ulimit problem is solved in cryptsetup or workaround'ed in udisks2. But at least, if it fails, it will fail _atomically_ and the original passphrase will still work. (Closes: #928893) libdatetime-timezone-perl (1:2.23-1+2019b) buster; urgency=medium . * Update to Olson database version 2019b. This update contains contemporary changes for Brazil and Palestine. libjavascript-beautifier-perl (0.25-1+deb10u1) buster; urgency=medium . * Team upload * Add missing "=>" operator (ES6) (Closes: #931379) libreoffice (1:6.1.5-3+deb10u3) buster-security; urgency=high . * debian/patches/expand-LibreLogo-checks-to-global-events.diff, debian/patches/decode-url-escape-codes-and-check-each-path-segment.diff: debian/patches/keep-name-percent-encoded.diff debian/patches/Properly-obtain-location.diff: backport from libreoffice-6-3-0 branch - more fixes for CVE-2019-9848 and CVE-2018-16858 (CVE-2019-9850/CVE-2019-9851) libreoffice (1:6.1.5-3+deb10u2) buster-security; urgency=high . * debian/patches/More-uses-of-referer-URL-with-SvxBrushItem.diff: add patch from libreoffice-6-2 branch to fix CVE-2019-9849 libreoffice (1:6.1.5-3+deb10u2~bpo9+1) stretch-backports; urgency=high . * Rebuild for stretch-backports. . * debian/patches/apparmor-{cleanups,mesa,opencl}.diff, debian/patches/series, debian/rules: revert this and apparmor >= 2.13.1 recommends; stretch doesn't have apparmor on per default but let's go sure * debian/control.in, debian/patches/series, debian/libreoffice-base-drivers.NEWS, debian/patches/use-mariadb-java-instead-of-mysql-java.diff: revert for stretch-backports... * debian/patches/disableClassPathURLCheck.diff: revert configure check for stretch-backports . * tarballs/*, debian/source/include-binaries: include needed internal stuff . libreoffice (1:6.1.5-3+deb10u2) buster-security; urgency=high . * debian/patches/More-uses-of-referer-URL-with-SvxBrushItem.diff: add patch from libreoffice-6-2 branch to fix CVE-2019-9849 . libreoffice (1:6.1.5-3+deb10u1) buster-security; urgency=high . * debian/patches/sanitize-LibreLogo-calls.diff, debian/patches/explictly-exclude-LibreLogo-from-XScript-usage.diff: add from git; fixing CVE-2019-9848 libreoffice (1:6.1.5-3+deb10u1) buster-security; urgency=high . * debian/patches/sanitize-LibreLogo-calls.diff, debian/patches/explictly-exclude-LibreLogo-from-XScript-usage.diff: add from git; fixing CVE-2019-9848 libsdl2-image (2.0.4+dfsg1-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Multiple security issues (Closes: #932754): - CVE-2019-5058: buffer overflow in do_layer_surface (IMG_xcf.c). - CVE-2019-5052: integer overflow and subsequent buffer overflow in IMG_pcx.c. - CVE-2019-7635: heap buffer overflow in Blit1to4 (IMG_bmp.c). - CVE-2019-12216, CVE-2019-12217, CVE-2019-12218, CVE-2019-12219, CVE-2019-12220, CVE-2019-12221, CVE-2019-12222, CVE-2019-5051: OOB R/W in IMG_LoadPCX_RW (IMG_pcx.c). libtk-img (1:1.4.8+dfsg-1+deb10u1) buster; urgency=medium . * Switch from the internal copies of Jpeg, Zlib and PixarLog codecs to the libtiff ones (closes: #931422). libxslt (1.1.32-2.1~deb10u1) buster; urgency=medium . * Rebuild for buster . libxslt (1.1.32-2.1) unstable; urgency=medium . * Non-maintainer upload. * Fix security framework bypass (CVE-2019-11068) (Closes: #926895, #933743) * Fix uninitialized read of xsl:number token (CVE-2019-13117) (Closes: #931321, #933743) * Fix uninitialized read with UTF-8 grouping chars (CVE-2019-13118) (Closes: #931320, #933743) linux (4.19.67-2) buster; urgency=medium . [ Salvatore Bonaccorso ] * dm: disable DISCARD if the underlying storage no longer supports it (Closes: #934331) * xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT (CVE-2019-15538) . [ Ben Hutchings ] * KVM: Ignore ABI changes * [ppc64el] Disable PPC_TRANSACTIONAL_MEM (Closes: #866122) * [ppc64el] Avoid ABI change for disabling TM * netfilter: conntrack: Use consistent ct id hash calculation (fixes regression in 4.19.44) . [ Cyril Brulebois ] * [arm] Backport DTB support for Rasperry Pi Compute Module 3. * [arm64] Backport DTB support for Rasperry Pi Compute Module 3. linux (4.19.67-1) buster; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.38 - netfilter: nft_compat: use refcnt_t type for nft_xt reference count - netfilter: nft_compat: make lists per netns - netfilter: nf_tables: split set destruction in deactivate and destroy phase - netfilter: nft_compat: destroy function must not have side effects - netfilter: nf_tables: warn when expr implements only one of activate/deactivate - netfilter: nf_tables: unbind set in rule from commit path - netfilter: nft_compat: don't use refcount_inc on newly allocated entry - netfilter: nft_compat: use .release_ops and remove list of extension - netfilter: nf_tables: fix set double-free in abort path - netfilter: nf_tables: bogus EBUSY when deleting set after flush - netfilter: nf_tables: bogus EBUSY in helper removal from transaction - net/ibmvnic: Fix RTNL deadlock during device reset - net: mvpp2: fix validate for PPv2.1 - ext4: fix some error pointer dereferences - tipc: handle the err returned from cmd header function - loop: do not print warn message if partition scan is successful - [armhf,arm64] drm/rockchip: fix for mailbox read validation. - vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock - ipvs: fix warning on unused variable - [ppc64el] vdso32: fix CLOCK_MONOTONIC on PPC64 - [armhf,arm64] net: dsa: mv88e6xxx: add call to mv88e6xxx_ports_cmode_init to probe for new DSA framework - cifs: fix memory leak in SMB2_read - cifs: do not attempt cifs operation on smb2+ rename error - tracing: Fix a memory leak by early error exit in trace_pid_write() - zram: pass down the bvec we need to read into in the work struct - trace: Fix preempt_enable_no_resched() abuse - IB/rdmavt: Fix frwr memory registration - RDMA/mlx5: Do not allow the user to write to the clock page - sched/numa: Fix a possible divide-by-zero - ceph: only use d_name directly when parent is locked - ceph: ensure d_name stability in ceph_dentry_hash() - ceph: fix ci->i_head_snapc leak - nfsd: Don't release the callback slot unless it was actually held - sunrpc: don't mark uninitialised items as VALID. - [x86] perf/intel: Update KBL Package C-state events to also include PC8/PC9/PC10 counters - Input: synaptics-rmi4 - write config register values to the right offset - [armhf] 8857/1: efi: enable CP15 DMB instructions before cleaning the cache - [ppc64el] mm/radix: Make Radix require HUGETLB_PAGE - [arm*] drm/vc4: Fix memory leak during gpu reset. - [x86] Revert "drm/i915/fbdev: Actually configure untiled displays" - USB: Add new USB LPM helpers - USB: Consolidate LPM checks to avoid enabling LPM twice - slip: make slhc_free() silently accept an error pointer - [x86] intel_th: gth: Fix an off-by-one in output unassigning - fs/proc/proc_sysctl.c: Fix a NULL pointer dereference - workqueue: Try to catch flush_work() without INIT_WORK(). - sched/deadline: Correctly handle active 0-lag timers - NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family. - netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON - fm10k: Fix a potential NULL pointer dereference - tipc: check bearer name with right length in tipc_nl_compat_bearer_enable - tipc: check link name with right length in tipc_nl_compat_link_set - net: netrom: Fix error cleanup path of nr_proto_init - net/rds: Check address length before reading address family - rxrpc: fix race condition in rxrpc_input_packet() - [x86] retpolines: Raise limit for generating indirect calls from switch-case - [x86] retpolines: Disable switch jump tables when retpolines are enabled - mm: Fix warning in insert_pfn() - [x86] fpu: Don't export __kernel_fpu_{begin,end}() - ipv4: add sanity checks in ipv4_link_failure() - ipv4: set the tcp_min_rtt_wlen range from 0 to one day - net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query - net: rds: exchange of 8K and 1M pool - net/rose: fix unbound loop in rose_loopback_timer() - [armhf,arm64] net: stmmac: move stmmac_check_ether_addr() to driver probe - team: fix possible recursive locking when add slaves - [arm64] net: hns: Fix WARNING when hns modules installed - net/mlx5e: Fix the max MTU check in case of XDP - net/mlx5e: Fix use-after-free after xdp_return_frame https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.39 - selinux: use kernel linux/socket.h for genheaders and mdp - Revert "ACPICA: Clear status of GPEs before enabling them" - [arm*] dts: bcm283x: Fix hdmi hpd gpio pull - [s390x] limit brk randomization to 32MB - net: ieee802154: fix a potential NULL pointer dereference - ieee802154: hwsim: propagate genlmsg_reply return code - [armhf,arm64] net: stmmac: don't set own bit too early for jumbo frames - qlcnic: Avoid potential NULL pointer dereference - xsk: fix umem memory leak on cleanup - netfilter: nft_set_rbtree: check for inactive element after flag mismatch - netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING - netfilter: fix NETFILTER_XT_TARGET_TEE dependencies - netfilter: ip6t_srh: fix NULL pointer dereferences - [s390x] qeth: fix race when initializing the IP address table - [armhf] imx51: fix a leaked reference by adding missing of_node_put - [arm64] KVM: Reset the PMU in preemptible context - [armhf,arm64] KVM: vgic-its: Take the srcu lock when writing to guest memory - [armhf,arm64] KVM: vgic-its: Take the srcu lock when parsing the memslots - [x86] usb: dwc3: pci: add support for Comet Lake PCH ID - usb: gadget: net2280: Fix overrun of OUT messages - usb: gadget: net2280: Fix net2280_dequeue() - [x86] i2c: i801: Add support for Intel Comet Lake - staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc - staging: rtlwifi: rtl8822b: fix to avoid potential NULL pointer dereference - staging: rtl8712: uninitialized memory in read_bbreg_hdl() - staging: rtlwifi: Fix potential NULL pointer dereference of kzalloc - [arm64] net: macb: Add null check for PCLK and HCLK - net/sched: don't dereference a->goto_chain to read the chain index - [armhf] dts: imx6qdl: Fix typo in imx6qdl-icore-rqs.dtsi - [armhf,arm64] drm/tegra: hub: Fix dereference before check - NFS: Fix a typo in nfs_init_timeout_values() - drm: Fix drm_release() and device unplug - [arm64] drm/meson: Fix invalid pointer in meson_drv_unbind() - [arm64] drm/meson: Uninstall IRQ handler - scsi: mpt3sas: Fix kernel panic during expander reset - scsi: aacraid: Insure we don't access PCIe space during AER/EEH - scsi: qla4xxx: fix a potential NULL pointer dereference - leds: trigger: netdev: fix refcnt leak on interface rename - [x86] realmode: Don't leak the trampoline kernel address - usb: u132-hcd: fix resource leak - ceph: fix use-after-free on symlink traversal - [s390x] scsi: zfcp: reduce flood of fcrscn1 trace records on multi- element RSCN - [x86] mm: Don't exceed the valid physical address space - libata: fix using DMA buffers on stack - gpio: of: Fix of_gpiochip_add() error path - nvme-multipath: relax ANA state check - perf machine: Update kernel map address and re-order properly - [x86] iommu/amd: Reserve exclusion range in iova-domain - ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK - leds: trigger: netdev: use memcpy in device_name_store https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.40 - ipv4: ip_do_fragment: Preserve skb_iif during fragmentation - ipv6: A few fixes on dereferencing rt->from - ipv6: fix races in ip6_dst_destroy() - ipv6/flowlabel: wait rcu grace period before put_pid() - ipv6: invert flowlabel sharing check in process and user mode - l2ip: fix possible use-after-free - l2tp: use rcu_dereference_sk_user_data() in l2tp_udp_encap_recv() - [armhf] net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc - net: phy: marvell: Fix buffer overrun with stats counters - rxrpc: Fix net namespace cleanup - sctp: avoid running the sctp state machine recursively - packet: validate msg_namelen in send directly - bnxt_en: Improve multicast address setup logic. - bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one() - bnxt_en: Fix uninitialized variable usage in bnxt_rx_pkt(). - [x86] KVM: Whitelist port 0x7e for pre-incrementing %rip - [x86] KVM: nVMX: Fix size checks in vmx_set_nested_state - ALSA: line6: use dynamic buffers - ath10k: Drop WARN_ON()s that always trigger during system resume https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.41 - iwlwifi: fix driver operation for 5350 - mwifiex: Make resume actually do something useful again on SDIO cards - mac80211: don't attempt to rename ERR_PTR() debugfs dirs - [armhf] i2c: imx: correct the method of getting private data in notifier_call - i2c: Remove unnecessary call to irq_find_mapping - i2c: Clear client->irq in i2c_device_remove - i2c: Allow recovery of the initial IRQ by an I2C client device. - i2c: Prevent runtime suspend of adapter when Host Notify is required - [x86] ALSA: hda/realtek - Add new Dell platform for headset mode - [x86] ALSA: hda/realtek - Fixed Dell AIO speaker noise - [x86] ALSA: hda/realtek - Apply the fixup for ASUS Q325UAR - USB: yurex: Fix protection fault after device removal - USB: w1 ds2490: Fix bug caused by improper use of altsetting array - USB: dummy-hcd: Fix failure to give back unlinked URBs - usb: usbip: fix isoc packet num validation in get_pipe - USB: core: Fix unterminated string returned by usb_string() - USB: core: Fix bug caused by duplicate interface PM usage counter - nvme-loop: init nvmet_ctrl fatal_err_work when allocate - [arm64] dts: rockchip: fix rk3328-roc-cc gmac2io tx/rx_delay - HID: logitech: check the return value of create_singlethread_workqueue - HID: debug: fix race condition with between rdesc_show() and device removal - rtc: cros-ec: Fail suspend/resume if wake IRQ can't be configured - batman-adv: Reduce claim hash refcnt only for removed entry - batman-adv: Reduce tt_local hash refcnt only for removed entry - batman-adv: Reduce tt_global hash refcnt only for removed entry - batman-adv: fix warning in function batadv_v_elp_get_throughput - [armhf] dts: rockchip: Fix gpu opp node names for rk3288 - [arm64] reset: meson-audio-arb: Fix missing .owner setting of reset_controller_dev - igb: Fix WARN_ONCE on runtime suspend - HID: quirks: Fix keyboard + touchpad on Lenovo Miix 630 - net/mlx5: E-Switch, Fix esw manager vport indication for more vport commands - bonding: show full hw address in sysfs for slave entries - [armhf,arm64] net: stmmac: use correct DMA buffer size in the RX descriptor - [armhf,arm64] net: stmmac: ratelimit RX error logs - [armhf,arm64] net: stmmac: don't stop NAPI processing when dropping a packet - [armhf,arm64] net: stmmac: don't overwrite discard_frame status - [armhf,arm64] net: stmmac: fix dropping of multi-descriptor RX frames - [armhf,arm64] net: stmmac: don't log oversized frames - jffs2: fix use-after-free on symlink traversal - debugfs: fix use-after-free on symlink traversal - [armhf] mfd: twl-core: Disable IRQ while suspended - block: use blk_free_flush_queue() to free hctx->fq in blk_mq_init_hctx - HID: input: add mapping for Assistant key - vfio/pci: use correct format characters - scsi: core: add new RDAC LENOVO/DE_Series device - [x86] scsi: storvsc: Fix calculation of sub-channel count - [arm64] fix wrong check of on_sdei_stack in nmi context - [arm64] net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw() - [arm64] net: hns: Use NAPI_POLL_WEIGHT for hns driver - [arm64] net: hns: Fix probabilistic memory overwrite when HNS driver initialized - [arm64] net: hns: fix ICMP6 neighbor solicitation messages discard problem - [arm64] net: hns: Fix WARNING when remove HNS driver with SMMU enabled - libcxgb: fix incorrect ppmax calculation - [x86] KVM: SVM: prevent DBG_DECRYPT and DBG_ENCRYPT overflow - hugetlbfs: fix memory leak for resv_map - fs: stream_open - opener for stream-like files so that read and write can run simultaneously without deadlock - [armel] orion: don't use using 64-bit DMA masks - block: pass no-op callback to INIT_WORK(). - [x86] perf/amd: Update generic hardware cache events for Family 17h - Bluetooth: btusb: request wake pin with NOAUTOEN - Bluetooth: mediatek: fix up an error path to restore bdev->tx_state - [arm64] clk: qcom: Add missing freq for usb30_master_clk on 8998 - scsi: RDMA/srpt: Fix a credit leak for aborted commands - [x86] ASoC: Intel: bytcr_rt5651: Revert "Fix DMIC map headsetmic mapping" - [x86] platform: intel_pmc_core: Fix PCH IP name - [x86] platform: intel_pmc_core: Handle CFL regmap properly - IB/core: Unregister notifier before freeing MAD security - IB/core: Fix potential memory leak while creating MAD agents - IB/core: Destroy QP if XRC QP fails - selinux: avoid silent denials in permissive mode under RCU walk - selinux: never allow relabeling on context mounts - mac80211: Honor SW_CRYPTO_CONTROL for unicast keys in AP VLAN mode - [ppc64el] mm/hash: Handle mmap_min_addr correctly in get_unmapped_area topdown search - [x86] mce: Improve error message when kernel cannot recover, p2 - [x86] clk: Add system specific quirk to mark clocks as critical - [x86] mm/KASLR: Fix the size of the direct mapping section - [x86] mm: Fix a crash with kmemleak_scan() - [x86] mm/tlb: Revert "x86/mm: Align TLB invalidation info" - media: v4l2: i2c: ov7670: Fix PLL bypass register values https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.42 - [armhf,arm64] net: stmmac: Use bfsize1 in ndesc_init_rx_desc - [x86] Drivers: hv: vmbus: Remove the undesired put_cpu_ptr() in hv_synic_cleanup() - ASoC: hdmi-codec: fix S/PDIF DAI - ASoC:soc-pcm:fix a codec fixup issue in TDM case - [x86] ASoC:intel:skl:fix a simultaneous playback & capture issue on hda platform - [arm64] clk: meson-gxbb: round the vdec dividers to closest - ASoC: dapm: Fix NULL pointer dereference in snd_soc_dapm_free_kcontrol - [armhf] drm/omap: hdmi4_cec: Fix CEC clock handling for PM - IB/hfi1: Eliminate opcode tests on mr deref - IB/hfi1: Fix the allocation of RSM table - [x86] perf/intel: Fix handling of wakeup_events for multi-entry PEBS - [x86] perf/intel: Initialize TFA MSR - linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() - drm/amd/display: fix cursor black issue - objtool: Add rewind_stack_do_exit() to the noreturn list - slab: fix a crash by reading /proc/slab_allocators - [armhf,arm64] drm/sun4i: tcon top: Fix NULL/invalid pointer dereference in sun8i_tcon_top_un/bind - virtio_pci: fix a NULL pointer reference in vp_del_vqs - [x86] RDMA/vmw_pvrdma: Fix memory leak on pvrdma_pci_remove - [arm64] RDMA/hns: Fix bug that caused srq creation to fail - scsi: csiostor: fix missing data copy in csio_scsi_err_handler() - [x86] ASoC: Intel: kbl: fix wrong number of channels - virtio-blk: limit number of hw queues by nr_cpu_ids - nvme-fc: correct csn initialization and increments on error - [x86] platform: pmc_atom: Drop __initconst on dmi table - perf/core: Fix perf_event_disable_inatomic() race - [x86] iommu/amd: Set exclusion range correctly - genirq: Prevent use-after-free and work list corruption - usb: dwc3: Fix default lpm_nyet_threshold value - USB: serial: f81232: fix interrupt worker not stop - USB: cdc-acm: fix unthrottle races - usb-storage: Set virt_boundary_mask to avoid SG overflows - [x86] intel_th: pci: Add Comet Lake support - [arm64] cpufreq: armada-37xx: fix frequency calculation for opp - scsi: lpfc: change snprintf to scnprintf for possible overflow - scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines - scsi: qla2xxx: Fix device staying in blocked state - UAS: fix alignment of scatter/gather segments - [x86] ASoC: Intel: avoid Oops if DMA setup fails - locking/futex: Allow low-level atomic operations to return -EAGAIN - [arm64] futex: Bound number of LDXR/STXR loops in FUTEX_WAKE_OP https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.43 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.44 - bfq: update internal depth state when queue depth changes - [x86] platform: sony-laptop: Fix unintentional fall-through - [x86] platform: thinkpad_acpi: Disable Bluetooth for some machines - [x86] platform: dell-laptop: fix rfkill functionality - hwmon: (pwm-fan) Disable PWM if fetching cooling data fails - kernfs: fix barrier usage in __kernfs_new_node() - [x86] virt: vbox: Sanity-check parameter types for hgcm-calls coming from userspace - USB: serial: fix unthrottle races - acpi/nfit: Always dump _DSM output payload - libnvdimm/namespace: Fix a potential NULL pointer dereference - HID: input: add mapping for Expose/Overview key - HID: input: add mapping for keyboard Brightness Up/Down/Toggle keys - HID: input: add mapping for "Toggle Display" key - libnvdimm/btt: Fix a kmemdup failure check - [s390x] dasd: Fix capacity calculation for large volumes - mac80211: fix unaligned access in mesh table hash function - mac80211: Increase MAX_MSG_LEN - cfg80211: Handle WMM rules in regulatory domain intersection - mac80211: fix memory accounting with A-MSDU aggregation - nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands - libnvdimm/pmem: fix a possible OOB access when read and write pmem - [s390x] 3270: fix lockdep false positive on view->lock - drm/amd/display: extending AUX SW Timeout - mISDN: Check address length before reading address family - vxge: fix return of a free'd memblock on a failed dma mapping - qede: fix write to free'd pointer error and double free of ptp - afs: Unlock pages for __pagevec_release() - drm/amd/display: If one stream full updates, full update all planes - [s390x] pkey: add one more argument space for debug feature entry - [x86] reboot, efi: Use EFI reboot for Acer TravelMate X514-51T - [x86] KVM: fix spectrev1 gadgets - [x86] KVM: avoid misreporting level-triggered irqs as edge-triggered in tracing - tools lib traceevent: Fix missing equality check for strcmp - ipmi: ipmi_si_hardcode.c: init si_type array to fix a crash - scsi: aic7xxx: fix EISA support - mm: fix inactive list balancing between NUMA nodes and cgroups - init: initialize jump labels before command line option parsing - ipvs: do not schedule icmp errors from tunnels - netfilter: ctnetlink: don't use conntrack/expect object addresses as id - netfilter: nf_tables: prevent shift wrap in nft_chain_parse_hook() - [s390x] ctcm: fix ctcm_new_device error return code - [armhf,arm64] drm/sun4i: Set device driver data at bind time for use in unbind - [armhf,arm64] drm/sun4i: Fix component unbinding and component master deletion - netfilter: fix nf_l4proto_log_invalid to log invalid packets - [armhf] gpu: ipu-v3: dp: fix CSC handling - [armhf] drm/imx: don't skip DP channel disable for background plane - [armhf,arm64] drm/sun4i: Unbind components before releasing DRM and memory - Input: synaptics-rmi4 - fix possible double free - [arm64] RDMA/hns: Bugfix for mapping user db - mm/memory_hotplug.c: drop memory device reference after find_memory_block() - [ppc64el] smp: Fix NMI IPI timeout - [ppc64el] smp: Fix NMI IPI xmon timeout - [armhf,arm64] net: dsa: mv88e6xxx: fix few issues in mv88e6390x_port_set_cmode - mm/memory.c: fix modifying of page protection by insert_pfn() - usb: typec: Fix unchecked return value - netfilter: nf_tables: use-after-free in dynamic operations - netfilter: nf_tables: add missing ->release_ops() in error path of newrule() (Closes: #934168) - net: fec: manage ahb clock in runtime pm - net: strparser: partially revert "strparser: Call skb_unclone conditionally" - NFC: nci: Add some bounds checking in nci_hci_cmd_received() - nfc: nci: Potential off by one in ->pipes[] array - [x86] kprobes: Avoid kretprobe recursion bug - mwl8k: Fix rate_idx underflow - rtlwifi: rtl8723ae: Fix missing break in switch statement - bonding: fix arp_validate toggling in active-backup mode - bridge: Fix error path for kobject_init_and_add() - ipv4: Fix raw socket lookup for local traffic - net: dsa: Fix error cleanup path in dsa_init_module - [armhf] net: ethernet: stmmac: dwmac-sun8i: enable support of unicast filtering - [arm64] net: macb: Change interrupt and napi enable order in open - packet: Fix error path in packet_init - selinux: do not report error on connect(AF_UNSPEC) - vlan: disable SIOCSHWTSTAMP in container - vrf: sit mtu should not be updated when vrf netdev is the link - tuntap: fix dividing by zero in ebpf queue selection - tuntap: synchronize through tfiles array instead of tun->numqueues - isdn: bas_gigaset: use usb_fill_int_urb() properly - tipc: fix hanging clients using poll with EPOLLOUT flag - [ppc64el] book3s/64: check for NULL pointer in pgd_alloc() - [ppc64el] powernv/idle: Restore IAMR after idle - [x86] PCI: hv: Fix a memory leak in hv_eject_device_work() - [x86] PCI: hv: Add hv_pci_remove_slots() when we unload the driver - [x86] PCI: hv: Add pci_destroy_slot() in pci_devices_present_work(), if necessary https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.45 - locking/rwsem: Prevent decrement of reader count before increment - [x86] speculation/mds: Revert CPU buffer clear on double fault exit - [x86] speculation/mds: Improve CPU buffer clear documentation - objtool: Fix function fallthrough detection - [arm64] dts: rockchip: Disable DCMDs on RK3399's eMMC controller. - [armhf] dts: exynos: Fix interrupt for shared EINTs on Exynos5260 - [armhf] dts: exynos: Fix audio (microphone) routing on Odroid XU3 - [arm64] mmc: sdhci-of-arasan: Add DTS property to disable DCMDs. - [armhf] exynos: Fix a leaked reference by adding missing of_node_put - [armhf] power: supply: axp288_charger: Fix unchecked return value - [armhf,arm64] power: supply: axp288_fuel_gauge: Add ACEPC T8 and T11 mini PCs to the blacklist - [arm64] mmap: Ensure file offset is treated as unsigned - [arm64] arch_timer: Ensure counter register reads occur with seqlock held - [arm64] compat: Reduce address limit - [arm64] Clear OSDLR_EL1 on CPU boot - [arm64] Save and restore OSDLR_EL1 across suspend/resume - [x96] sched: Save [ER]FLAGS on context switch - crypto: salsa20 - don't access already-freed walk.iv - crypto: chacha20poly1305 - set cra_name correctly - [x86] crypto: ccp - Do not free psp_master when PLATFORM_INIT fails - [ppc64el] crypto: vmx - fix copy-paste error in CTR mode - crypto: skcipher - don't WARN on unprocessed data after slow walk step - crypto: crct10dif-generic - fix use via crypto_shash_digest() - [x86] crypto: crct10dif-pcl - fix use via crypto_shash_digest() - [arm64] crypto: gcm-aes-ce - fix no-NEON fallback code - crypto: gcm - fix incompatibility between "gcm" and "gcm_base" - [armhf,arm64] crypto: aes-neonbs - don't access already-freed walk.iv - mmc: core: Fix tag set memory leak - ALSA: line6: toneport: Fix broken usage of timer for delayed execution - ALSA: usb-audio: Fix a memory leak bug - ALSA: hda/hdmi - Read the pin sense from register when repolling - ALSA: hda/hdmi - Consider eld_valid when reporting jack event - ALSA: hda/realtek - EAPD turn on later - ALSA: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) - [armhf,arm64] ASoC: max98090: Fix restore of DAPM Muxes - ASoC: codec: hdac_hdmi add device_link to card device - [arm64] bpf: remove prefetch insn in xadd mapping - mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses - mm/hugetlb.c: don't put_page in lock of hugetlb_lock - hugetlb: use same fault hash key for shared and private mappings - ocfs2: fix ocfs2 read inode data panic in ocfs2_iget - userfaultfd: use RCU to free the task struct when fork fails - ACPI: PM: Set enable_for_wake for wakeup GPEs during suspend-to-idle - [arm64] mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values - mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write - tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 - tty/vt: fix write/write race in ioctl(KDSKBSENT) handler - jbd2: check superblock mapped prior to committing - ext4: make sanity check in mballoc more strict - ext4: ignore e_value_offs for xattrs with value-in-ea-inode - ext4: avoid drop reference to iloc.bh twice - ext4: fix use-after-free race with debug_want_extra_isize - ext4: actually request zeroing of inode table after grow - ext4: fix ext4_show_options for file systems w/o journal - btrfs: Check the first key and level for cached extent buffer - btrfs: Correctly free extent buffer in case btree_read_extent_buffer_pages fails - Btrfs: send, flush dellaloc in order to avoid data loss - Btrfs: do not start a transaction during fiemap - Btrfs: do not start a transaction at iterate_extent_inodes() - bcache: fix a race between cache register and cacheset unregister - bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim() - ipmi:ssif: compare block number correctly for multi-part return messages - crypto: ccm - fix incompatibility between "ccm" and "ccm_base" - fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount - ext4: fix data corruption caused by overlapping unaligned and aligned IO - ext4: fix use-after-free in dx_release() - ext4: avoid panic during forced reboot due to aborted journal - [x86] ALSA: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) - ALSA: hda/realtek - Fixup headphone noise via runtime suspend - [x86] ALSA: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug - jbd2: fix potential double free - [x86] KVM: Skip EFER vs. guest CPUID checks for host-initiated writes - [x86] KVM: lapic: Busy wait for timer to expire when using hv_timer - xen/pvh: set xen_domain_type to HVM in xen_pvh_init - libnvdimm/namespace: Fix label tracking error - iov_iter: optimize page_copy_sane() - pstore: Centralize init/exit routines - pstore: Allocate compression during late_initcall() - pstore: Refactor compression initialization - ext4: don't update s_rev_level if not required https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.46 - ipv6: fix src addr routing with the exception table - ipv6: prevent possible fib6 leaks - net: Always descend into dsa/ - net: avoid weird emergency message - net/mlx4_core: Change the error print to info print - net: test nouarg before dereferencing zerocopy pointers - net: usb: qmi_wwan: add Telit 0x1260 and 0x1261 compositions - nfp: flower: add rcu locks when accessing netdev for tunnels - ppp: deflate: Fix possible crash in deflate_init - rtnetlink: always put IFLA_LINK for links with a link-netnsid - tipc: switch order of device registration to fix a crash - vsock/virtio: free packets during the socket release - vsock/virtio: Initialize core virtio vsock before registering the driver - net/mlx5: Imply MLXFW in mlx5_core - net/mlx5e: Fix ethtool rxfh commands when CONFIG_MLX5_EN_RXNFC is disabled - stm class: Fix channel free in stm output free path - stm class: Fix channel bitmap on 32-bit systems - brd: re-enable __GFP_HIGHMEM in brd_insert_page() - proc: prevent changes to overridden credentials - Revert "MD: fix lock contention for flush bios" - md: batch flush requests. - md: add mddev->pers to avoid potential NULL pointer dereference - dcache: sort the freeing-without-RCU-delay mess for good. - [x86] intel_th: msu: Fix single mode with IOMMU - p54: drop device reference count if fails to enable device - of: fix clang -Wunsequenced for be32_to_cpu() - cifs: fix strcat buffer overflow and reduce raciness in smb21_set_oplock_level() - [armhf] phy: ti-pipe3: fix missing bit-wise or operator when assigning val - NFS4: Fix v4.0 client state corruption when mount - PNFS fallback to MDS if no deviceid found - [arm64] clk: hi3660: Mark clk_gate_ufs_subsys as critical - [armhf,arm64] clk: tegra: Fix PLLM programming on Tegra124+ when PMC overrides divider - [arm64] clk: rockchip: fix wrong clock definitions for rk3328 - udlfb: delete the unused parameter for dlfb_handle_damage - udlfb: fix sleeping inside spinlock - udlfb: introduce a rendering mutex - fuse: fix writepages on 32bit - fuse: honor RLIMIT_FSIZE in fuse_file_fallocate - ovl: fix missing upper fs freeze protection on copy up for ioctl - [armhf] iommu/tegra-smmu: Fix invalid ASID bits on Tegra30/114 - ceph: flush dirty inodes before proceeding with remount - [amd64] Add gap to int3 to allow for call emulation - [amd64] Allow breakpoints to emulate call instructions - [amd64] ftrace: Emulate call function while updating in breakpoint handler - tracing: Fix partial reading of trace event's id file - [armhf,arm64] memory: tegra: Fix integer overflow on tick value calculation - [x86] perf intel-pt: Fix instructions sampling rate - [x86] perf intel-pt: Fix improved sample timestamp - [x86] perf intel-pt: Fix sample timestamp wrt non-taken branches - fbdev/efifb: Ignore framebuffer memmap entries that lack any memory types - PCI: Mark AMD Stoney Radeon R7 GPU ATS as broken - PCI: Mark Atheros AR9462 to avoid bus reset - PCI: Init PCIe feature bits for managed host bridge alloc - PCI/AER: Change pci_aer_init() stub to return void - PCI: Factor out pcie_retrain_link() function - PCI: Work around Pericom PCIe-to-PCI bridge Retrain Link erratum - dm cache metadata: Fix loading discard bitset - dm zoned: Fix zone report handling - dm delay: fix a crash when invalid device is specified - dm integrity: correctly calculate the size of metadata area - dm mpath: always free attached_handler_name in parse_path() - fuse: Add FOPEN_STREAM to use stream_open() - xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - xfrm6_tunnel: Fix potential panic when unloading xfrm6_tunnel module - vti4: ipip tunnel deregistration fixes. - xfrm: clean up xfrm protocol checks - esp4: add length check for UDP encapsulation - xfrm: Honor original L3 slave device in xfrmi policy lookup - xfrm4: Fix uninitialized memory read in _decode_session4 - [armhf,arm64] clk: sunxi-ng: nkmp: Avoid GENMASK(-1, 0) - securityfs: fix use-after-free on symlink traversal - apparmorfs: fix use-after-free on symlink traversal - PCI: Fix issue with "pci=disable_acs_redir" parameter being ignored - [x86] kvm: hyper-v: deal with buggy TLB flush requests from WS2012 - mac80211: Fix kernel panic due to use of txq after free - net: ieee802154: fix missing checks for regmap_update_bits - [armhf,arm64] KVM: Ensure vcpu target is unset on reset failure - bpf: Fix preempt_enable_no_resched() abuse - qmi_wwan: new Wistron, ZTE and D-Link devices - iwlwifi: mvm: check for length correctness in iwl_mvm_create_skb() - sched/cpufreq: Fix kobject memleak - [x86] mm/mem_encrypt: Disable all instrumentation for early SME setup - ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour - perf bench numa: Add define for RUSAGE_THREAD if not present - [x86] perf/intel: Fix race in intel_pmu_disable_event() - md/raid: raid5 preserve the writeback action after the parity check - driver core: Postpone DMA tear-down until after devres release for probe failure - bpf: relax inode permission check for retrieving bpf program - bpf: add map_lookup_elem_sys_only for lookups from syscall side - bpf, lru: avoid messing with eviction heuristics upon syscall lookup https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.47 - [x86] Hide the int3_emulate_call/jmp functions from UML - ext4: do not delete unlinked inode from orphan list on failed truncate - ext4: wait for outstanding dio during truncate in nojournal mode - f2fs: Fix use of number of devices - [x86] KVM: fix return value for reserved EFER - bio: fix improper use of smp_mb__before_atomic() - sbitmap: fix improper use of smp_mb__before_atomic() - Revert "scsi: sd: Keep disk read-only when re-reading partition" - [ppc64el] crypto: vmx - CTR: always increment IV as quadword - [arm*] mmc: sdhci-iproc: cygnus: Set NO_HISPD bit to fix HS50 data hold time problem - [arm*] mmc: sdhci-iproc: Set NO_HISPD bit to fix HS50 data hold time problem - [x86] kvm: svm/avic: fix off-by-one in checking host APIC ID - libnvdimm/pmem: Bypass CONFIG_HARDENED_USERCOPY overhead - [arm64] kernel: kaslr: reduce module randomization range to 2 GB - [arm64] iommu: handle non-remapped addresses in ->mmap and ->get_sgtable - gfs2: Fix sign extension bug in gfs2_update_stats - btrfs: don't double unlock on error in btrfs_punch_hole - Btrfs: do not abort transaction at btrfs_update_root() after failure to COW path - Btrfs: avoid fallback to transaction commit during fsync of files with holes - Btrfs: fix race between ranged fsync and writeback of adjacent ranges - btrfs: sysfs: Fix error path kobject memory leak - btrfs: sysfs: don't leak memory when failing add fsid - udlfb: fix some inconsistent NULL checking - fbdev: fix divide error in fb_var_to_videomode - NFSv4.2 fix unnecessary retry in nfs4_copy_file_range - NFSv4.1 fix incorrect return value in copy_file_range - bpf: add bpf_jit_limit knob to restrict unpriv allocations - [arm64] errata: Add workaround for Cortex-A76 erratum #1463225 - btrfs: honor path->skip_locking in backref code - ovl: relax WARN_ON() for overlapping layers use case - fbdev: fix WARNING in __alloc_pages_nodemask bug - media: cpia2: Fix use-after-free in cpia2_exit - media: serial_ir: Fix use-after-free in serial_ir_init_module - media: vb2: add waiting_in_dqbuf flag - media: vivid: use vfree() instead of kfree() for dev->bitmap_cap - ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit - bpf: devmap: fix use-after-free Read in __dev_map_entry_free - batman-adv: mcast: fix multicast tt/tvlv worker locking - at76c50x-usb: Don't register led_trigger if usb_register_driver failed - acct_on(): don't mess with freeze protection - gfs2: Fix lru_count going negative - cxgb4: Fix error path in cxgb4_init_module - NFS: make nfs_match_client killable - IB/hfi1: Fix WQ_MEM_RECLAIM warning - gfs2: Fix occasional glock use-after-free - mmc: core: Verify SD bus width - [arm64] dmaengine: tegra210-dma: free dma controller in remove() - net: ena: gcc 8: fix compilation warning - [x86] hv_netvsc: fix race that may miss tx queue wakeup - Bluetooth: Ignore CC events not matching the last HCI command - [x86] ASoC: Intel: kbl_da7219_max98357a: Map BTN_0 to KEY_PLAYPAUSE - [armhf,arm64] usb: dwc2: gadget: Increase descriptors count for ISOC's - [armhf,arm64] usb: dwc3: move synchronize_irq() out of the spinlock protected block - ASoC: hdmi-codec: unlock the device on startup errors - [ppc64el] perf: Return accordingly on invalid chip-id in - [ppc64el] boot: Fix missing check of lseek() return value - [ppc64el] perf: Fix loop exit condition in nest_imc_event_init - [armhf] ASoC: imx: fix fiq dependencies - [amd64] spi: pxa2xx: fix SCR (divisor) calculation - brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() - ACPI / property: fix handling of data_nodes in acpi_get_next_subnode() - drm/nouveau/bar/nv50: ensure BAR is mapped - [armel,armhf] vdso: Remove dependency with the arch_timer driver internals - [ppc64el] watchdog: Use hrtimers for per-CPU heartbeat - sched/cpufreq: Fix kobject memleak - scsi: qla2xxx: Fix a qla24xx_enable_msix() error path - scsi: qla2xxx: Fix abort handling in tcm_qla2xxx_write_pending() - scsi: qla2xxx: Avoid that lockdep complains about unsafe locking in tcm_qla2xxx_close_session() - scsi: qla2xxx: Fix hardirq-unsafe locking - [x86] modules: Avoid breaking W^X while loading modules - Btrfs: fix data bytes_may_use underflow with fallocate due to failed quota reserve - btrfs: fix panic during relocation after ENOSPC before writeback happens - btrfs: Don't panic when we can't find a root key - iwlwifi: pcie: don't crash on invalid RX interrupt - scsi: qedi: Abort ep termination if offload not scheduled - [s390x] kexec_file: Fix detection of text segment in ELF loader - sched/nohz: Run NOHZ idle load balancer on HK_FLAG_MISC CPUs - w1: fix the resume command API - [s390x] qeth: address type mismatch warning - [armhf,arm64] dmaengine: pl330: _stop: clear interrupt status - mac80211/cfg80211: update bss channel on channel switch - mwifiex: prevent an array overflow - rsi: Fix NULL pointer dereference in kmalloc - nvme: set 0 capacity if namespace block size exceeds PAGE_SIZE - nvme-rdma: fix a NULL deref when an admin connect times out - [armhf,arm64] crypto: sun4i-ss - Fix invalid calculation of hash end - bcache: avoid potential memleak of list of journal_replay(s) in the CACHE_SYNC branch of run_cache_set - bcache: return error immediately in bch_journal_replay() - bcache: fix failure in journal relplay - bcache: add failure check to run_cache_set() for journal replay - bcache: avoid clang -Wunintialized warning - RDMA/cma: Consider scope_id while binding to ipv6 ll address - vfio-ccw: Do not call flush_workqueue while holding the spinlock - vfio-ccw: Release any channel program when releasing/removing vfio-ccw mdev - [x86] mm: Remove in_nmi() warning from 64-bit implementation of vmalloc_fault() - mm/uaccess: Use 'unsigned long' to placate UBSAN warnings on older GCC versions - Bluetooth: hci_qca: Give enough time to ROME controller to bootup. - HID: logitech-hidpp: use RAP instead of FAP to get the protocol version - [armhf] pinctrl: samsung: fix leaked of_node references - [armhf] clk: rockchip: undo several noc and special clocks as critical on rk3288 - [arm64] perf/arm-cci: Remove broken race mitigation - media: au0828: stop video streaming only when last user stops - audit: fix a memory leak bug - media: au0828: Fix NULL pointer dereference in au0828_analog_stream_enable() - media: pvrusb2: Prevent a buffer overflow - block: fix use-after-free on gendisk - [ppc64el] numa: improve control of topology updates - [ppc64el] Fix booting large kernels with STRICT_KERNEL_RWX - random: fix CRNG initialization when random.trust_cpu=1 - random: add a spinlock_t to struct batched_entropy - cgroup: protect cgroup->nr_(dying_)descendants by css_set_lock - sched/core: Check quota and period overflow at usec to nsec conversion - sched/rt: Check integer overflow at usec to nsec conversion - sched/core: Handle overflow in cpu_shares_write_u64 - [arm*] staging: vc04_services: handle kzalloc failure - [arm64] drm/msm: a5xx: fix possible object reference leak - irq_work: Do not raise an IPI when queueing work on the local CPU - [x86] thunderbolt: Take domain lock in switch sysfs attribute callbacks - [s390x] qeth: handle error from qeth_update_from_chp_desc() - USB: core: Don't unbind interfaces following device reset failure - [amd64] irq: Limit IST stack overflow check to #DB stack - [armhf] drm: etnaviv: avoid DMA API warning when importing buffers - [armhf,arm64] phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode - i40e: Able to add up to 16 MAC filters on an untrusted VF - i40e: don't allow changes to HW VLAN stripping on active port VLANs - ACPI/IORT: Reject platform device creation on NUMA node mapping failure - [arm64] vdso: Fix clock_getres() for CLOCK_REALTIME - RDMA/cxgb4: Fix null pointer dereference on alloc_skb failure - [x86] perf/msr: Add Icelake support - [x86] perf/intel/rapl: Add Icelake support - [x86] perf/intel/cstate: Add Icelake support - hwmon: (vt1211) Use request_muxed_region for Super-IO accesses - hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses - hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses - hwmon: (pc87427) Use request_muxed_region for Super-IO accesses - hwmon: (f71805f) Use request_muxed_region for Super-IO accesses - scsi: libsas: Do discovery on empty PHY to update PHY info - mmc: core: make pwrseq_emmc (partially) support sleepy GPIO controllers - [armhf,arm64] mmc_spi: add a status check for spi_sync_locked - drm/amdgpu: fix old fence check in amdgpu_fence_emit - PM / core: Propagate dev->power.wakeup_path when no callbacks - [armhf] clk: rockchip: Fix video codec clocks on rk3288 - [armhf] clk: rockchip: Make rkpwm a critical clock on rk3288 - [s390x] zcrypt: initialize variables before_use - [x86] microcode: Fix the ancient deprecated microcode loading method - [s390x] mm: silence compiler warning when compiling without CONFIG_PGSTE - [s390x] cio: fix cio_irb declaration - qmi_wwan: Add quirk for Quectel dynamic config - block: sed-opal: fix IOC_OPAL_ENABLE_DISABLE_MBR - rtlwifi: fix a potential NULL pointer dereference - mwifiex: Fix mem leak in mwifiex_tm_cmd - brcmfmac: fix missing checks for kmemdup - b43: shut up clang -Wuninitialized variable warning - brcmfmac: convert dev_init_lock mutex to completion - brcmfmac: fix WARNING during USB disconnect in case of unempty psq - brcmfmac: fix race during disconnect when USB completion is in progress - brcmfmac: fix Oops when bringing up interface during USB disconnect - [arm64] rtc: xgene: fix possible race condition - rtlwifi: fix potential NULL pointer dereference - scsi: ufs: Fix regulator load and icc-level configuration - scsi: ufs: Avoid configuring regulator with undefined voltage range - [arm64] cpu_ops: fix a leaked reference by adding missing of_node_put - wil6210: fix return code of wmi_mgmt_tx and wmi_mgmt_tx_ext - [x86] uaccess, signal: Fix AC=1 bloat - [amd64] ia32: Fix ia32_restore_sigcontext() AC leak - [x86] uaccess: Fix up the fixup - chardev: add additional check for minor range overlap - [arm64] RDMA/hns: Fix bad endianess of port_pd variable - HID: core: move Usage Page concatenation to Main item - [armhf] ASoC: eukrea-tlv320: fix a leaked reference by adding missing of_node_put - cxgb3/l2t: Fix undefined behaviour - HID: logitech-hidpp: change low battery level threshold from 31 to 30 percent - [armhf] spi: tegra114: reset controller on probe - kobject: Don't trigger kobject_uevent(KOBJ_REMOVE) twice. - [armhf] media: wl128x: prevent two potential buffer overflows - media: gspca: Kill URBs on USB device disconnect - efifb: Omit memory map check on legacy boot - [x86] thunderbolt: property: Fix a missing check of kzalloc - [x86] thunderbolt: Fix to check the return value of kmemdup - timekeeping: Force upper bound for setting CLOCK_REALTIME - scsi: qedf: Add missing return in qedf_post_io_req() in the fcport offload check - virtio_console: initialize vtermno value for ports - tty: ipwireless: fix missing checks for ioremap - overflow: Fix -Wtype-limits compilation warnings - [x86] mce: Fix machine_check_poll() tests for error types - rcutorture: Fix cleanup path for invalid torture_type strings - [x86] mce: Handle varying MCA bank counts - rcuperf: Fix cleanup path for invalid perf_type strings - usb: core: Add PM runtime calls to usb_hcd_platform_shutdown - scsi: qla4xxx: avoid freeing unallocated dma memory - scsi: lpfc: avoid uninitialized variable warning - selinux: avoid uninitialized variable warning - batman-adv: allow updating DAT entry timeouts on incoming ARP Replies - dmaengine: tegra210-adma: use devm_clk_*() helpers - [armhf] hwrng: omap - Set default quality - [x86] thunderbolt: Fix to check return value of ida_simple_get - [x86] thunderbolt: Fix to check for kmemdup failure - drm/amd/display: fix releasing planes when exiting odm - [x86] thunderbolt: property: Fix a NULL pointer dereference - e1000e: Disable runtime PM on CNP+ - igb: Exclude device from suspend direct complete optimization - media: dvbsky: Avoid leaking dvb frontend - drm/amd/display: Fix Divide by 0 in memory calculations - drm/amd/display: Set stream->mode_changed when connectors change - scsi: ufs: fix a missing check of devm_reset_control_get - media: gspca: do not resubmit URBs when streaming has stopped - media: go7007: avoid clang frame overflow warning with KASAN - scsi: lpfc: Fix FDMI manufacturer attribute value - scsi: lpfc: Fix fc4type information for FDMI - media: saa7146: avoid high stack usage with clang - scsi: lpfc: Fix SLI3 commands being issued on SLI4 devices - [i386] spi : spi-topcliff-pch: Fix to handle empty DMA buffers - [armhf] drm/omap: dsi: Fix PM for display blank with paired dss_pll calls - [armhf] spi: imx: stop buffer overflow in RX FIFO flush - spi: Fix zero length xfer bug - [armhf] ASoC: davinci-mcasp: Fix clang warning without CONFIG_PM - drm/drv: Hold ref on parent device during drm_device lifetime - drm: Wake up next in drm_read() chain if we are forced to putback the event - [s390x] vfio-ccw: Prevent quiesce function going into an infinite loop - NFS: Fix a double unlock from nfs_match,get_client https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.48 - bonding/802.3ad: fix slave link initialization transition states - cxgb4: offload VLAN flows regardless of VLAN ethtype - ipv4/igmp: fix another memory leak in igmpv3_del_delrec() - ipv4/igmp: fix build error if !CONFIG_IP_MULTICAST - ipv6: Consider sk_bound_dev_if when binding a raw socket to an address - ipv6: Fix redirect with VRF - llc: fix skb leak in llc_build_and_send_ui_pkt() - [armhf,arm64] net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT - net-gro: fix use-after-free read in napi_gro_frags() - [armhf,arm64] net: mvneta: Fix err code path of probe - [armhf,arm64] net: mvpp2: fix bad MVPP2_TXQ_SCHED_TOKEN_CNTR_REG queue value - net: phy: marvell10g: report if the PHY fails to boot firmware - net: sched: don't use tc_action->order during action dump - [armhf,arm64] net: stmmac: fix reset gpio free missing - usbnet: fix kernel crash after disconnect - net/mlx5: Avoid double free in fs init error unwinding path - tipc: Avoid copying bytes beyond the supplied data - net/mlx5: Allocate root ns memory using kzalloc to match kfree - net/mlx5e: Disable rxhash when CQE compress is enabled - [armhf,arm64] net: stmmac: dma channel control register need to be init first - bnxt_en: Fix aggregation buffer leak under OOM condition. - [ppc64el] crypto: vmx - ghash: do nosimd fallback manually - include/linux/compiler*.h: define asm_volatile_goto - compiler.h: give up __compiletime_assert_fallback() - jump_label: move 'asm goto' support test to Kconfig - tipc: fix modprobe tipc failed after switch order of device registration https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.49 - include/linux/bitops.h: sanitize rotate primitives - xhci: update bounce buffer with correct sg num - xhci: Use %zu for printing size_t type - xhci: Convert xhci_handshake() to use readl_poll_timeout_atomic() - usb: xhci: avoid null pointer deref when bos field is NULL - usbip: usbip_host: fix BUG: sleeping function called from invalid context - usbip: usbip_host: fix stub_dev lock context imbalance regression - USB: Fix slab-out-of-bounds write in usb_get_bos_descriptor - USB: sisusbvga: fix oops in error path of sisusb_probe - USB: Add LPM quirk for Surface Dock GigE adapter - USB: rio500: refuse more than one device at a time - USB: rio500: fix memory leak in close after disconnect - media: usb: siano: Fix general protection fault in smsusb - media: usb: siano: Fix false-positive "uninitialized variable" warning - media: smsusb: better handle optional alignment - brcmfmac: fix NULL pointer derefence during USB disconnect - [s390x] scsi: zfcp: fix missing zfcp_port reference put on -EBUSY from port_remove - [s390x] scsi: zfcp: fix to prevent port_remove with pure auto scan LUNs (only sdevs) - tracing: Avoid memory leak in predicate_parse() - Btrfs: fix wrong ctime and mtime of a directory after log replay - Btrfs: fix race updating log root item during fsync - Btrfs: fix fsync not persisting changed attributes of a directory - Btrfs: incremental send, fix file corruption when no-holes feature is enabled - [s390x] crypto: fix gcm-aes-s390 selftest failures - [s390x] crypto: fix possible sleep during spinlock aquired - [ppc64el] KVM: Book3S HV: XIVE: Do not clear IRQ data of passthrough interrupts - [ppc64el] perf: Fix MMCRA corruption by bhrb_filter - ALSA: line6: Assure canceling delayed work at disconnection - ALSA: hda/realtek - Set default power save node to 0 - [s390x] KVM: Do not report unusabled IDs via KVM_CAP_MAX_VCPU_ID - drm/nouveau/i2c: Disable i2c bus access after ->fini() - [arm64] tty: serial: msm_serial: Fix XON/XOFF - memcg: make it work on sparse non-0-node systems - kernel/signal.c: trace_signal_deliver when signal_group_exit - [arm64] Fix the arm64_personality() syscall wrapper redirection - vt/fbcon: deinitialize resources in visual_init() after failed memory allocation - [arm*] staging: vc04_services: prevent integer overflow in create_pagelist() - [x86] staging: wlan-ng: fix adapter initialization failure - cifs: fix memory leak of pneg_inbuf on -EOPNOTSUPP ioctl case - CIFS: cifs_read_allocate_pages: don't iterate through whole page array on ENOMEM - Revert "lockd: Show pid of lockd for remote locks" - [armhf,arm64] drm/tegra: gem: Fix CPU-cache maintenance for BO's allocated using get_pages() - [x86] drm/vmwgfx: Don't send drm sysfs hotplug events on initial master set - [armhf,arm64] drm/sun4i: Fix sun8i HDMI PHY clock initialization - [armhf,arm64] drm/sun4i: Fix sun8i HDMI PHY configuration for > 148.5 MHz - [armhf,arm64] drm/rockchip: shutdown drm subsystem on shutdown - drm/lease: Make sure implicit planes are leased - [x86] ftrace: Do not call function graph from dynamic trampolines - [x86] ftrace: Set trampoline pages as executable - [x86] kprobes: Set instruction page as executable - scsi: lpfc: Fix backport of faf5a744f4f8 ("scsi: lpfc: avoid uninitialized variable warning") - media: uvcvideo: Fix uvc_alloc_entity() allocation alignment https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.50 - ethtool: fix potential userspace buffer overflow - Fix memory leak in sctp_process_init - ipv4: not do cache for local delivery if bc_forwarding is enabled - ipv6: fix the check before getting the cookie in rt6_get_cookie - neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit - [armhf] net: ethernet: ti: cpsw_ethtool: fix ethtool ring param set - net/mlx4_en: ethtool, Remove unsupported SFP EEPROM high pages query - [armhf,arm64] net: mvpp2: Use strscpy to handle stat strings - net: rds: fix memory leak in rds_ib_flush_mr_pool - net: sfp: read eeprom in maximum 16 byte increments - packet: unconditionally free po->rollover - pktgen: do not sleep with the thread lock held. - ipv6: use READ_ONCE() for inet->hdrincl as in ipv4 - ipv6: fix EFAULT on sendto with icmpv6 and hdrincl - rcu: locking and unlocking need to always be at least barriers - NFSv4.1: Again fix a race where CB_NOTIFY_LOCK fails to wake a waiter - NFSv4.1: Fix bug only first CB_NOTIFY_LOCK is handled - fuse: fallocate: fix return with locked inode - pstore: Remove needless lock during console writes - pstore: Convert buf_lock to semaphore - pstore: Set tfm to NULL on free_buf_for_compression - pstore/ram: Run without kernel crash dump region - [x86] power: Fix 'nosmt' vs hibernation triple fault during resume - [s390x] mm: fix address space detection in exception handling - xen-blkfront: switch kcalloc to kvcalloc for large array allocation - [ppc64el] genwqe: Prevent an integer overflow in the ioctl - test_firmware: Use correct snprintf() limit - [x86] drm/gma500/cdv: Check vbt config bits when detecting lvds panels - [arm64] drm/msm: fix fb references in async update - drm: add non-desktop quirk for Valve HMDs - drm: add non-desktop quirks to Sensics and OSVR headsets. - drm/amdgpu/psp: move psp version specific function pointers to early_init - drm/radeon: prefer lower reference dividers - drm/amdgpu: remove ATPX_DGPU_REQ_POWER_FOR_DISPLAYS check when hotplug-in - [x86] drm/i915: Fix I915_EXEC_RING_MASK - [x86] drm/i915/fbc: disable framebuffer compression on GeminiLake - [x86] drm/i915: Maintain consistent documentation subsection ordering - drm: don't block fb changes for async plane updates - [x86] drm/i915/gvt: Initialize intel_gvt_gtt_entry in stack - TTY: serial_core, add ->install - ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled - ethtool: check the return value of get_regs_len https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.51 - fs/fat/file.c: issue flush after the writeback of FAT - sysctl: return -EINVAL if val violates minmax - ipc: prevent lockup on alloc_msg and free_msg - [armhf] prevent tracing IPI_CPU_BACKTRACE - hugetlbfs: on restore reserve error path retain subpool reservation - mem-hotplug: fix node spanned pages when we have a node with only ZONE_MOVABLE - mm/cma.c: fix crash on CMA allocation if bitmap allocation fails - initramfs: free initrd memory if opening /initrd.image fails - mm/cma.c: fix the bitmap status to show failed allocation reason - mm: page_mkclean vs MADV_DONTNEED race - mm/cma_debug.c: fix the break condition in cma_maxchunk_get() - mm/slab.c: fix an infinite loop in leaks_show() - kernel/sys.c: prctl: fix false positive in validate_prctl_map() - drivers: thermal: tsens: Don't print error message on -EPROBE_DEFER - [x86] mfd: intel-lpss: Set the device in reset state when init - drm/nouveau/disp/dp: respect sink limits when selecting failsafe link configuration - [armhf] mfd: twl6040: Fix device init errors for ACCCTL register - [x86] perf/intel: Allow PEBS multi-entry in watermark mode - drm/nouveau/kms/gf119-gp10x: push HeadSetControlOutputResource() mthd when encoders change - [arm64] drm/bridge: adv7511: Fix low refresh rate selection - objtool: Don't use ignore flag for fake jumps - drm/nouveau/kms/gv100-: fix spurious window immediate interlocks - bpf: fix undefined behavior in narrow load handling - [arm64] pwm: meson: Use the spin-lock only to protect register modifications - ntp: Allow TAI-UTC offset to be set to zero - f2fs: fix to avoid panic in do_recover_data() - f2fs: fix to avoid panic in f2fs_inplace_write_data() - f2fs: fix to avoid panic in f2fs_remove_inode_page() - f2fs: fix to do sanity check on free nid - f2fs: fix to clear dirty inode in error path of f2fs_iget() - f2fs: fix to avoid panic in dec_valid_block_count() - f2fs: fix to use inline space only if inline_xattr is enable - f2fs: fix to do sanity check on valid block count of segment - f2fs: fix to do checksum even if inode page is uptodate - percpu: remove spurious lock dependency between percpu and sched - configfs: fix possible use-after-free in configfs_register_group - [armhf,arm64] PCI: dwc: Free MSI in dw_pcie_host_init() error path - [armhf,arm64] PCI: dwc: Free MSI IRQ page in dw_pcie_free_msi() - ovl: do not generate duplicate fsnotify events for "fake" path - mmc: mmci: Prevent polling for busy detection in IRQ context - netfilter: nf_flow_table: fix missing error check for rhashtable_insert_fast - netfilter: nf_conntrack_h323: restore boundary check correctness - [mips*] Make sure dt memory regions are valid - netfilter: nf_tables: fix base chain stat rcu_dereference usage - [armhf] watchdog: imx2_wdt: Fix set_timeout for big timeout values - watchdog: fix compile time error of pretimeout governors - blk-mq: move cancel of requeue_work into blk_mq_release - [x86] iommu/vt-d: Set intel_iommu_gfx_mapped correctly - nvme-pci: unquiesce admin queue on shutdown - nvme-pci: shutdown on timeout during deletion - netfilter: nf_flow_table: check ttl value in flow offload data path - netfilter: nf_flow_table: fix netdev refcnt leak - ALSA: hda - Register irq handler after the chip initialization - nvmem: core: fix read buffer in place - [armhf,arm64] nvmem: sunxi_sid: Support SID on A83T and H5 - fuse: retrieve: cap requested size to negotiated max_write - nfsd: allow fh_want_write to be called twice - nfsd: avoid uninitialized variable warning - vfio: Fix WARNING "do not call blocking ops when !TASK_RUNNING" - [armhf,arm64] iommu/arm-smmu-v3: Don't disable SMMU in kdump kernel - [x86] net: thunderbolt: Unregister ThunderboltIP protocol handler when suspending - [x86] PCI: Fix PCI IRQ routing table memory leak - i40e: Queues are reserved despite "Invalid argument" error - platform/chrome: cros_ec_proto: check for NULL transfer function - [armhf] clk: rockchip: Turn on "aclk_dmac1" for suspend on rk3288 - [armhf] soc: rockchip: Set the proper PWM for rk3288 - [armhf] dts: imx51: Specify IMX5_CLK_IPG as "ahb" clock to SDMA - [armhf] dts: imx50: Specify IMX5_CLK_IPG as "ahb" clock to SDMA - [armhf] dts: imx53: Specify IMX5_CLK_IPG as "ahb" clock to SDMA - [armhf] dts: imx6sx: Specify IMX6SX_CLK_IPG as "ahb" clock to SDMA - [armhf] dts: imx6sll: Specify IMX6SLL_CLK_IPG as "ipg" clock to SDMA - [armhf] dts: imx6ul: Specify IMX6UL_CLK_IPG as "ipg" clock to SDMA - [armhf] dts: imx6sx: Specify IMX6SX_CLK_IPG as "ipg" clock to SDMA - [armhf] dts: imx6qdl: Specify IMX6QDL_CLK_IPG as "ipg" clock to SDMA - [ppc64el] PCI: rpadlpar: Fix leaked device_node references in add/remove paths - drm/amd/display: Use plane->color_space for dpp if specified - [armhf] OMAP2+: pm33xx-core: Do not Turn OFF CEFUSE as PPA may be using it - [x86] platform: intel_pmc_ipc: adding error handling - [arm64] net: hns3: return 0 and print warning when hit duplicate MAC - scsi: qla2xxx: Reset the FCF_ASYNC_{SENT|ACTIVE} flags - [x86] video: hgafb: fix potential NULL pointer dereference - block, bfq: increase idling for weight-raised queues - [arm64] PCI: xilinx: Check for __get_free_pages() failure - ice: Add missing case in print_link_msg for printing flow control - [x86] dmaengine: idma64: Use actual device for DMA transfers - [armhf] pwm: tiehrpwm: Update shadow register for disabling PWMs - [armhf] dts: exynos: Always enable necessary APIO_1V8 and ABB_1V8 regulators on Arndale Octa - pwm: Fix deadlock warning when removing PWM device - [armhf] exynos: Fix undefined instruction during Exynos5422 resume - [x86] usb: typec: fusb302: Check vconn is off when we start toggling - soc: renesas: Identify R-Car M3-W ES1.3 - percpu: do not search past bitmap when allocating an area - ovl: check the capability before cred overridden - ovl: support stacked SEEK_HOLE/SEEK_DATA - [arm*] drm/vc4: fix fb references in async update - ALSA: seq: Cover unsubscribe_port() in list_mutex https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.52 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.53 - drm/nouveau: add kconfig option to turn off nouveau legacy contexts. (v3) - nouveau: Fix build with CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT disabled - HID: multitouch: handle faulty Elo touch device - HID: wacom: Don't set tool type until we're in range - HID: wacom: Don't report anything prior to the tool entering range - HID: wacom: Send BTN_TOUCH in response to INTUOSP2_BT eraser contact - HID: wacom: Correct button numbering 2nd-gen Intuos Pro over Bluetooth - HID: wacom: Sync INTUOSP2_BT touch state after each frame if necessary - ALSA: oxfw: allow PCM capture for Stanton SCS.1m - ALSA: hda/realtek - Update headset mode for ALC256 - ALSA: firewire-motu: fix destruction of data for isochronous resources - libata: Extend quirks for the ST1000LM024 drives with NOLPM quirk - mm/list_lru.c: fix memory leak in __memcg_init_list_lru_node - fs/ocfs2: fix race in ocfs2_dentry_attach_lock() - mm/vmscan.c: fix trying to reclaim unevictable LRU page - signal/ptrace: Don't leak unitialized kernel memory with PTRACE_PEEK_SIGINFO - ptrace: restore smp_rmb() in __ptrace_may_access() - [armhf,arm64] iommu/arm-smmu: Avoid constant zero in TLBI writes - bcache: fix stack corruption by PRECEDING_KEY() - bcache: only set BCACHE_DEV_WB_RUNNING when cached device attached - cgroup: Use css_tryget() instead of css_tryget_online() in task_get_css() - [x86] drm/i915/sdvo: Implement proper HDMI audio support for SDVO - ALSA: seq: Fix race of get-subscription call vs port-delete ioctls - Drivers: misc: fix out-of-bounds access in function param_set_kgdbts_var - f2fs: fix to avoid accessing xattr across the boundary - scsi: qedi: remove memset/memcpy to nfunc and use func instead (CVE-2019-15090) - scsi: qedi: remove set but not used variables 'cdev' and 'udev' - scsi: lpfc: correct rcu unlock issue in lpfc_nvme_info_show - scsi: lpfc: add check for loss of ndlp when sending RRQ - [arm64] mm: Inhibit huge-vmap with ptdump - nvme: fix srcu locking on error return in nvme_get_ns_from_disk - nvme: remove the ifdef around nvme_nvm_ioctl - nvme: merge nvme_ns_ioctl into nvme_ioctl - nvme: release namespace SRCU protection before performing controller ioctls - nvme: fix memory leak for power latency tolerance - [x86] platform: pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI table - [x86] platform: pmc_atom: Add several Beckhoff Automation boards to critclk_systems DMI table - scsi: bnx2fc: fix incorrect cast to u64 on shift operation - libnvdimm: Fix compilation warnings with W=1 - tracing: Prevent hist_field_var_ref() from accessing NULL tracing_map_elts - usbnet: ipheth: fix racing condition - [armhf,arm64] KVM: Move cc/it checks under hyp's Makefile to avoid instrumentation - [x86] KVM: pmu: mask the result of rdpmc according to the width of the counters - [x86] KVM: pmu: do not mask the value that is written to fixed PMUs - [s390x] KVM: fix memory slot handling for KVM_SET_USER_MEMORY_REGION - [x86] drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an invalid read - [x86] drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() - [armhf,arm64] usb: dwc2: Fix DMA cache alignment issues - [armhf,arm64] usb: dwc2: host: Fix wMaxPacketSize handling (fix webcam regression) - USB: Fix chipmunk-like voice when using Logitech C270 for recording audio. - USB: usb-storage: Add new ID to ums-realtek - USB: serial: pl2303: add Allied Telesis VT-Kit3 - USB: serial: option: add support for Simcom SIM7500/SIM7600 RNDIS mode - USB: serial: option: add Telit 0x1260 and 0x1261 compositions - timekeeping: Repair ktime_get_coarse*() granularity - [x86] microcode, cpuhotplug: Add a microcode loader CPU hotplug callback - [x86] mm/KASLR: Compute the size of the vmemmap section properly - [x86] resctrl: Prevent NULL pointer dereference when local MBM is disabled - drm/edid: abstract override/firmware EDID retrieval - drm: add fallback override/firmware EDID modes workaround - [armhf] rtc: pcf8523: don't return invalid date when battery is low https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.54 - ax25: fix inconsistent lock state in ax25_destroy_timer - be2net: Fix number of Rx queues used for flow hashing - [x86] hv_netvsc: Set probe mode to sync - ipv6: flowlabel: fl6_sock_lookup() must use atomic_inc_not_zero - lapb: fixed leak of control-blocks. - neigh: fix use-after-free read in pneigh_get_next - net: openvswitch: do not free vport if register_netdevice() is failed. - sctp: Free cookie before we memdup a new one - tipc: purge deferredq list for each grp member in tipc_group_delete - vsock/virtio: set SOCK_DONE on peer shutdown - net/mlx5: Avoid reloading already removed devices - [armhf,arm64] net: mvpp2: prs: Fix parser range for VID filtering - [armhf,arm64] net: mvpp2: prs: Use the correct helpers when removing all VID filters - [arm*] Staging: vc04_services: Fix a couple error codes - [x86] perf/intel/ds: Fix EVENT vs. UEVENT PEBS constraints - netfilter: nf_queue: fix reinject verdict handling - ipvs: Fix use-after-free in ip_vs_in - [armhf] clk: ti: clkctrl: Fix clkdm_clk handling - [ppc64el] powernv: Return for invalid IMC domain - usb: xhci: Fix a potential null pointer dereference in xhci_debugfs_create_endpoint() - mISDN: make sure device name is NUL terminated - [x86] CPU/AMD: Don't force the CPB cap when running under a hypervisor - perf/ring_buffer: Fix exposing a temporarily decreased data_head - perf/ring_buffer: Add ordering to rb->nest increment - perf/ring-buffer: Always use {READ,WRITE}_ONCE() for rb->user_page data - [armhf,arm64] net: stmmac: update rx tail pointer register to fix rx dma hang issue. - ACPI/PCI: PM: Add missing wakeup.flags.valid checks - [armhf] drm/etnaviv: lock MMU while dumping core - net: aquantia: tx clean budget logic error - net: aquantia: fix LRO with FCS error - i2c: dev: fix potential memory leak in i2cdev_ioctl_rdwr - ALSA: hda - Force polling mode on CNL for fixing codec communication - configfs: Fix use-after-free when accessing sd->s_dentry - perf data: Fix 'strncat may truncate' build failure with recent gcc - perf namespace: Protect reading thread's namespace - [s390x] perf record: Fix s390 missing module symbol and warning for non-root users - xenbus: Avoid deadlock during suspend due to open transactions - [ppc64el] KVM: Book3S: Use new mutex to synchronize access to rtas token list - [ppc64el] KVM: Book3S HV: Don't take kvm->lock around kvm_for_each_vcpu - [arm64] fix syscall_fn_t type - [arm64] use the correct function type in SYSCALL_DEFINE0 - [arm64] use the correct function type for __arm64_sys_ni_syscall - net: phylink: ensure consistent phy interface mode - net: phy: dp83867: Set up RGMII TX delay - scsi: libcxgbi: add a check for NULL pointer in cxgbi_check_route() - scsi: smartpqi: properly set both the DMA mask and the coherent DMA mask - scsi: scsi_dh_alua: Fix possible null-ptr-deref - scsi: libsas: delete sas port if expander discover failed - ocfs2: fix error path kobject memory leak - coredump: fix race condition between collapse_huge_page() and core dumping - Abort file_remove_privs() for non-reg. files https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.55 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.56 - tracing: Silence GCC 9 array bounds warning - objtool: Support per-function rodata sections - ovl: support the FS_IOC_FS[SG]ETXATTR ioctls - ovl: fix wrong flags check in FS_IOC_FS[SG]ETXATTR ioctls - ovl: make i_ino consistent with st_ino in more cases - ovl: detect overlapping layers - ovl: don't fail with disconnected lower NFS - ovl: fix bogus -Wmaybe-unitialized warning - [s390x] jump_label: Use "jdd" constraint on gcc9 - [s390x] ap: rework assembler functions to use unions for in/out register variables - mmc: sdhci: sdhci-pci-o2micro: Correctly set bus width when tuning - mmc: core: API to temporarily disable retuning for SDIO CRC errors - mmc: core: Add sdio_retune_hold_now() and sdio_retune_release() - mmc: core: Prevent processing SDIO IRQs when the card is suspended - scsi: ufs: Avoid runtime suspend possibly being blocked forever - [armhf,arm64] usb: chipidea: udc: workaround for endpoint conflict issue - xhci: detect USB 3.2 capable host controllers correctly - usb: xhci: Don't try to recover an endpoint if port is in error state. - IB/hfi1: Validate fault injection opcode user input - IB/hfi1: Silence txreq allocation warnings - [x86] Input: synaptics - enable SMBus on ThinkPad E480 and E580 - Input: uinput - add compat ioctl number translation for UI_*_FF_UPLOAD - [x86] Input: silead - add MSSL0017 to acpi_device_id - apparmor: fix PROFILE_MEDIATES for untrusted input - apparmor: enforce nullbyte at end of tag string - brcmfmac: sdio: Disable auto-tuning around commands expected to fail - brcmfmac: sdio: Don't tune while the card is off - parport: Fix mem leak in parport_register_dev_model - IB/rdmavt: Fix alloc_qpn() WARN_ON() - IB/hfi1: Insure freeze_work work_struct is canceled on shutdown - IB/{qib, hfi1, rdmavt}: Correct ibv_devinfo max_mr value - IB/hfi1: Validate page aligned for a given virtual address - [mips*] uprobes: remove set but not used variable 'epc' - [armhf,arm64] net: dsa: mv88e6xxx: avoid error message on remove from VLAN 0 - [arm64] net: hns: Fix loopback test failed at copper ports - mdesc: fix a missing-check bug in get_vdev_port_node_info() - [arm64] drm/arm/mali-dp: Add a loop around the second set CVAL and try 5 times - [arm64] drm/arm/hdlcd: Actually validate CRTC modes - [arm64] drm/arm/hdlcd: Allow a bit of clock tolerance - nvmet: fix data_len to 0 for bdev-backed write_zeroes - scsi: ufs: Check that space was properly alloced in copy_query_response - scsi: smartpqi: unlock on error in pqi_submit_raid_request_synchronous() - net: ipvlan: Fix ipvlan device tso disabled while NETIF_F_IP_CSUM is set - [s390x] qeth: fix VLAN attribute in bridge_hostnotify udev event - hwmon: (core) add thermal sensors only if dev->of_node is present - hwmon: (pmbus/core) Treat parameters as paged if on multiple pages - nvme: Fix u32 overflow in the number of namespace list calculation - btrfs: start readahead also in seed devices - [armhf] can: flexcan: fix timeout when set small bitrate - can: purge socket error queue on sock destruct - [ppc64el] bpf: use unsigned division instruction for 64-bit operations - [armhf] imx: cpuidle-imx6sx: Restrict the SW2ISO increase to i.MX6SX - [armhf] dts: dra76x: Update MMC2_HS200_MANUAL1 iodelay values - [armhf] dts: am57xx-idk: Remove support for voltage switching for SD card - [arm64] sve: <uapi/asm/ptrace.h> should not depend on <uapi/linux/prctl.h> - [arm64] ssbd: explicitly depend on <linux/prctl.h> - [x86] drm/vmwgfx: Use the backdoor port if the HB port is not available - Bluetooth: Align minimum encryption key size for LE and BR/EDR connections (CVE-2019-9506) - Bluetooth: Fix regression with minimum encryption key size alignment - SMB3: retry on STATUS_INSUFFICIENT_RESOURCES instead of failing write - cfg80211: fix memory leak of wiphy device name - mac80211: drop robust management frames from unknown TA - {nl,mac}80211: allow 4addr AP operation on crypto controlled devices - mac80211: handle deauthentication/disassociation from TDLS peer - nl80211: fix station_info pertid memory leak - mac80211: Do not use stack memory with scatterlist for GMAC - [x86] resctrl: Don't stop walking closids when a locksetup group is found https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.57 - perf ui helpline: Use strlcpy() as a shorter form of strncpy() + explicit set nul - perf help: Remove needless use of strncpy() - perf header: Fix unchecked usage of strncpy() - [arm64] Don't unconditionally add -Wno-psabi to KBUILD_CFLAGS - IB/hfi1: Close PSM sdma_progress sleep window - 9p/xen: fix check for xenbus_read error in front_probe - 9p: Use a slab for allocating requests - 9p: embed fcall in req to round down buffer allocs - 9p: add a per-client fcall kmem_cache - 9p: rename p9_free_req() function - 9p: Add refcount to p9_req_t - 9p/rdma: do not disconnect on down_interruptible EAGAIN - 9p: Rename req to rreq in trans_fd - 9p: acl: fix uninitialized iattr access - 9p/rdma: remove useless check in cm_event_handler - 9p: p9dirent_read: check network-provided name length - 9p: potential NULL dereference - 9p/trans_fd: abort p9_read_work if req status changed - 9p/trans_fd: put worker reqs on destroy - net/9p: include trans_common.h to fix missing prototype warning. - qmi_wwan: Fix out-of-bounds read - [armhf,arm64] Revert "usb: dwc3: gadget: Clear req->needs_extra_trb flag on cleanup" - [armhf,arm64] usb: dwc3: gadget: combine unaligned and zero flags - [armhf,arm64] usb: dwc3: gadget: track number of TRBs per request - [armhf,arm64] usb: dwc3: gadget: use num_trbs when skipping TRBs on ->dequeue() - [armhf,arm64] usb: dwc3: gadget: extract dwc3_gadget_ep_skip_trbs() - [armhf,arm64] usb: dwc3: gadget: introduce cancelled_list - [armhf,arm64] usb: dwc3: gadget: move requests to cancelled_list - [armhf,arm64] usb: dwc3: gadget: remove wait_end_transfer - [armhf,arm64] usb: dwc3: gadget: Clear req->needs_extra_trb flag on cleanup - fs/proc/array.c: allow reporting eip/esp for all coredumping threads - mm/mempolicy.c: fix an incorrect rebind node in mpol_rebind_nodemask - fs/binfmt_flat.c: make load_flat_shared_library() work - [armhf] clk: socfpga: stratix10: fix divider entry for the emac clocks - mm: soft-offline: return -EBUSY if set_hwpoison_free_buddy_page() fails - mm: hugetlb: soft-offline: dissolve_free_huge_page() return zero on !PageHuge - mm/page_idle.c: fix oops because end_pfn is larger than max_pfn - dm log writes: make sure super sector log updates are written in order - [x86] scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck() - [x86] speculation: Allow guests to use SSBD even if host does not - [x86] microcode: Fix the microcode load on CPU hotplug for real - [x86] resctrl: Prevent possible overrun during bitmap operations - [x86] KVM: mmu: Allocate PAE root array when using SVM's 32-bit NPT - NFS/flexfiles: Use the correct TCP timeout for flexfiles I/O - cpu/speculation: Warn on unsupported mitigations= parameter - SUNRPC: Clean up initialisation of the struct rpc_rqst - [mips*] irqchip/mips-gic: Use the correct local interrupt map registers - eeprom: at24: fix unexpected timeout under high load - af_packet: Block execution of tasks waiting for transmit to complete in AF_PACKET - bonding: Always enable vlan tx offload - ipv4: Use return value of inet_iif() for __raw_v4_lookup in the while loop - net/packet: fix memory leak in packet_set_ring() - net: remove duplicate fetch in sock_getsockopt - [armhf,arm64] net: stmmac: fixed new system time seconds value calculation - [armhf,arm64] net: stmmac: set IC bit when transmitting frames with HW timestamp - sctp: change to hold sk after auth shkey is created successfully - team: Always enable vlan tx offload - tipc: change to use register_pernet_device - tipc: check msg->req data len in tipc_nl_compat_bearer_disable - tun: wake up waitqueues after IFF_UP is set - bpf: simplify definition of BPF_FIB_LOOKUP related flags - bpf: lpm_trie: check left child of last leftmost node for NULL - bpf: fix nested bpf tracepoints with per-cpu data - bpf: fix unconnected udp hooks - bpf: udp: Avoid calling reuseport's bpf_prog from udp_gro - bpf: udp: ipv6: Avoid running reuseport's bpf_prog from __udp6_lib_err - [arm64] futex: Avoid copying out uninitialised stack in failed cmpxchg() - [arm64] bpf: use more scalable stadd over ldxr / stxr loop in xadd - futex: Update comments and docs about return values of arch futex code - RDMA: Directly cast the sockaddr union to sockaddr - tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb - [armhf,arm64] usb: dwc3: Reset num_trbs after skipping - [arm64] insn: Fix ldadd instruction encoding https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.58 - Bluetooth: Fix faulty expression for minimum encryption key size check - block: Fix a NULL pointer dereference in generic_make_request() - md/raid0: Do not bypass blocking queue entered for raid0 bios - netfilter: nf_flow_table: ignore DF bit setting - netfilter: nft_flow_offload: set liberal tracking mode for tcp - netfilter: nft_flow_offload: don't offload when sequence numbers need adjustment - netfilter: nft_flow_offload: IPCB is only valid for ipv4 family - ASoC: soc-pcm: BE dai needs prepare when pause release after resume - spi: bitbang: Fix NULL pointer dereference in spi_unregister_master - [armhf,arm64] ASoC: max98090: remove 24-bit format support if RJ is 0 - [x86] CPU: Add more Icelake model numbers - ALSA: hdac: fix memory release for SST and SOF drivers - scsi: hpsa: correct ioaccel2 chaining - [x86] drm: panel-orientation-quirks: Add quirk for GPD pocket2 - [x86] drm: panel-orientation-quirks: Add quirk for GPD MicroPC - [x86] platform: asus-wmi: Only Tell EC the OS will handle display hotkeys from asus_nb_wmi - [x86] platform: intel-vbtn: Report switch events when event wakes device - [x86] platform: mlx-platform: Fix parent device in i2c-mux-reg device registration - i2c: pca-platform: Fix GPIO lookup code - cpuset: restore sanity to cpuset_cpus_allowed_fallback() - mm/mlock.c: change count_mm_mlocked_page_nr return type - tracing: avoid build warning with HAVE_NOP_MCOUNT - module: Fix livepatch/ftrace module text permissions race - ftrace: Fix NULL pointer dereference in free_ftrace_func_mapper() - [x86] drm/i915/dmc: protect against reading random memory - crypto: user - prevent operating on larval algorithms - crypto: cryptd - Fix skcipher instance memory leak - ALSA: seq: fix incorrect order of dest_client/dest_ports arguments - ALSA: firewire-lib/fireworks: fix miss detection of received MIDI messages - ALSA: line6: Fix write on zero-sized buffer - ALSA: usb-audio: fix sign unintended sign extension on left shifts - [x86] ALSA: hda/realtek: Add quirks for several Clevo notebook barebones - [x86] ALSA: hda/realtek - Change front mic location for Lenovo M710q - lib/mpi: Fix karactx leak in mpi_powm - fs/userfaultfd.c: disable irqs for fault_pending and event locks - tracing/snapshot: Resize spare buffer if size changed - [armhf] dts: armada-xp-98dx3236: Switch to armada-38x-uart serial node - drm/amd/powerplay: use hardware fan control if no powerplay fan table - drm/amdgpu/gfx9: use reset default for PA_SC_FIFO_SIZE - [armhf] drm/etnaviv: add missing failure path to destroy suballoc - [armhf] drm/imx: notify drm core before sending event during crtc disable - drm/imx: only send event on crtc disable if kept disabled - [x86] ftrace: Remove possible deadlock between register_kprobe() and ftrace_run_update_code() - mm/vmscan.c: prevent useless kswapd loops - btrfs: Ensure replaced device doesn't have pending chunk allocation - tty: rocket: fix incorrect forward declaration of 'rp_init()' - net/smc: move unhash before release of clcsock - drm/fb-helper: generic: Don't take module ref for fbcon - f2fs: don't access node/meta inode mapping after iput - mac80211: mesh: fix missing unlock on error in table_path_del() - scsi: tcmu: fix use after free - [amd64] boot/compressed: Do not corrupt EDX on EFER.LME=1 setting - [arm64] net: hns: Fixes the missing put_device in positive leg for roce reset - ALSA: hda: Initialize power_state field properly - rds: Fix warning. - ip6: fix skb leak in ip6frag_expire_frag_queue() - netfilter: ipv6: nf_defrag: fix leakage of unqueued fragments - [arm64] net: hns: fix unsigned comparison to less than zero - bpf: fix bpf_jit_limit knob for PAGE_SIZE >= 64K - netfilter: ipv6: nf_defrag: accept duplicate fragments again - [x86] KVM: degrade WARN to pr_warn_ratelimited - [x86] KVM: LAPIC: Fix pending interrupt in IRR blocked by software disable LAPIC - nfsd: Fix overflow causing non-working mounts on 1 TB machines - svcrdma: Ignore source port when computing DRC hash - [mips*] Fix bounds check virt_addr_valid - [mips*] Add missing EHB in mtc0 -> mfc0 sequence. - [arm64] dmaengine: qcom: bam_dma: Fix completed descriptors count - [armhf] dmaengine: imx-sdma: remove BD_INTR for channel0 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.59 - [x86] Input: elantech - enable middle button support on 2 ThinkPads - mac80211: fix rate reporting inside cfg80211_calculate_bitrate_he() - bpf: sockmap, fix use after free from sleep in psock backlog workqueue - mac80211: mesh: fix RCU warning - mac80211: free peer keys before vif down in mesh - iwlwifi: Fix double-free problems in iwl_req_fw_callback() - can: af_can: Fix error path of can_init() - net: phy: rename Asix Electronics PHY driver - [armhf] dts: am335x phytec boards: Fix cd-gpios active level - [s390x] boot: disable address-of-packed-member warning - [x86] drm/vmwgfx: Honor the sg list segment size limitation - [x86] drm/vmwgfx: fix a warning due to missing dma_parms - [armhf] Input: imx_keypad - make sure keyboard can always wake up system - [armhf,arm64] KVM: vgic: Fix kvm_device leak in vgic_its_destroy - mac80211: only warn once on chanctx_conf being NULL - mac80211: do not start any work during reconfigure flow - bpf, devmap: Fix premature entry free on destroying map - bpf, devmap: Add missing bulk queue free - bpf, devmap: Add missing RCU read lock on flush - [amd64] bpf: fix stack layout of JITed bpf code - qmi_wwan: add support for QMAP padding in the RX path - qmi_wwan: avoid RCU stalls on device disconnect when in QMAP mode - qmi_wwan: extend permitted QMAP mux_id value range - mmc: core: complete HS400 before checking status - md: fix for divide error in status_resync - bnx2x: Check if transceiver implements DDM before access - drm: return -EFAULT if copy_to_user() fails - ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL - net: lio_core: fix potential sign-extension overflow on large shift - scsi: qedi: Check targetname while finding boot target information - quota: fix a problem about transfer quota - [armhf,arm64] net: dsa: mv88e6xxx: fix shift of FID bits in mv88e6185_g1_vtu_loadpurge() - NFS4: Only set creation opendata if O_CREAT - net :sunrpc :clnt :Fix xps refcount imbalance on the error path - fscrypt: don't set policy for a dead directory - udf: Fix incorrect final NOT_ALLOCATED (hole) extent length - media: stv0297: fix frequency range limit - ALSA: usb-audio: Fix parse of UAC2 Extension Units - ALSA: hda/realtek - Headphone Mic can't record after S3 - block, bfq: NULL out the bic when it's no longer valid - [arm64] perf pmu: Fix uncore PMU alias list for ARM64 - [x86] ptrace: Fix possible spectre-v1 in ptrace_get_debugreg() - [x86] tls: Fix possible spectre-v1 in do_get_thread_area() - USB: serial: ftdi_sio: add ID for isodebug v1 - USB: serial: option: add support for GosunCn ME3630 RNDIS mode - Revert "serial: 8250: Don't service RX FIFO if interrupts are disabled" - p54usb: Fix race between disconnect and firmware loading - usb: gadget: ether: Fix race between gether_disconnect and rx_submit - [armhf,arm64] usb: dwc2: use a longer AHB idle timeout in dwc2_core_reset() - [x86] drivers/usb/typec/tps6598x.c: fix portinfo width - [x86] drivers/usb/typec/tps6598x.c: fix 4CC cmd write - [i386] staging: comedi: dt282x: fix a null pointer deref on interrupt - [x86] staging: comedi: amplc_pci230: fix null pointer deref on interrupt - HID: Add another Primax PIXART OEM mouse quirk - binder: fix memory leak in error path - carl9170: fix misuse of device driver API - [x86] VMCI: Fix integer overflow in VMCI handle arrays - staging: rtl8712: reduce stack usage, again https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.60 - Revert "e1000e: fix cyclic resets at link up with active tx" - e1000e: start network tx queue only when link is up - [x86] Input: synaptics - enable SMBUS on T480 thinkpad trackpad - nilfs2: do not use unexported cpu_to_le32()/le32_to_cpu() in uapi header - drivers: base: cacheinfo: Ensure cpu hotplug work is done before Intel RDT - firmware: improve LSM/IMA security behaviour - [armhf,arm64] irqchip/gic-v3-its: Fix command queue pointer comparison bug - [armhf] clk: ti: clkctrl: Fix returning uninitialized data - [amd64,arm64] efi/bgrt: Drop BGRT status field reserved bits check - perf/core: Fix perf_sample_regs_user() mm check - [armhf] omap2: remove incorrect __init annotation - afs: Fix uninitialised spinlock afs_volume::cb_break_lock - [x86] apic: Fix integer overflow on 10 bit left shift of cpu_khz - be2net: fix link failure after ethtool offline test - ppp: mppe: Add softdep to arc4 - sis900: fix TX completion - [armhf] dts: imx6ul: fix PWM[1-4] interrupts - [armhf] pinctrl: mcp23s08: Fix add_data and irqchip_add_nested call order - dm table: don't copy from a NULL pointer in realloc_argv() - dm verity: use message limit for data block corruption message - [amd64] boot: Fix crash if kernel image crosses page table boundary - [amd64] boot: Add missing fixup_pointer() for next_early_pgt access - HID: chicony: add another quirk for PixArt mouse - HID: multitouch: Add pointstick support for ALPS Touchpad - cpu/hotplug: Fix out-of-bounds read when setting fail state - linux/kernel.h: fix overflow for DIV_ROUND_UP_ULL - genirq: Delay deactivation in free_irq() - genirq: Fix misleading synchronize_irq() documentation - genirq: Add optional hardware synchronization for shutdown - [x86] ioapic: Implement irq_get_irqchip_state() callback - [x86] irq: Handle spurious interrupt after shutdown gracefully - [x86] irq: Seperate unused system vectors from spurious entry again - [s390x] fix stfle zero padding - [s390x] qdio: (re-)initialize tiqdio list entries - [s390x] qdio: don't touch the dsci in tiqdio_add_input_queues() - regmap-irq: do not write mask register if mask_base is zero - drm/udl: introduce a macro to convert dev to udl. - drm/udl: Replace drm_dev_unref with drm_dev_put - drm/udl: move to embedding drm device inside udl device. - [i386] entry: Fix ENDPROC of common_spurious https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.61 - [arm64] efi: Mark __efistub_stext_offset as an absolute symbol explicitly - scsi: iscsi: set auth_protocol back to NULL if CHAP_A value is not supported - [armhf] dmaengine: imx-sdma: fix use-after-free on probe error path - wil6210: fix potential out-of-bounds read - ath10k: Do not send probe response template for mesh - ath9k: Check for errors when reading SREV register - ath6kl: add some bounds checking - ath10k: add peer id check in ath10k_peer_find_by_id - wil6210: fix spurious interrupts in 3-msi - ath: DFS JP domain W56 fixed pulse type 3 RADAR detection - regmap: debugfs: Fix memory leak in regmap_debugfs_init - batman-adv: fix for leaked TVLV handler. - media: dvb: usb: fix use after free in dvb_usb_device_exit - media: marvell-ccic: fix DMA s/g desc number calculation - media: media_device_enum_links32: clean a reserved field - [armhf,arm64] net: stmmac: dwmac1000: Clear unused address entries - [armhf,arm64] net: stmmac: dwmac4/5: Clear unused address entries - qed: Set the doorbell address correctly - signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig - af_key: fix leaks in key_pol_get_resp and dump_sp. - xfrm: Fix xfrm sel prefix length validation - fscrypt: clean up some BUG_ON()s in block encryption/decryption - perf annotate TUI browser: Do not use member from variable within its own initialization - media: mc-device.c: don't memset __user pointer contents - media: saa7164: fix remove_proc_entry warning - net: phy: Check against net_device being NULL - tua6100: Avoid build warnings. - batman-adv: Fix duplicated OGMs on NETDEV_UP - [armhf] media: wl128x: Fix some error handling in fm_v4l2_init_video_device() - [arm64] net: hns3: set ops to null when unregister ad_dev - cpupower : frequency-set -r option misses the last cpu in related cpu list - [armhf,arm64] net: stmmac: dwmac4: fix flow control issue - [armhf,arm64] net: stmmac: modify default value of tx-frames - [arm64] crypto: inside-secure - do not rely on the hardware last bit for result descriptors - [s390x] qdio: handle PENDING state for QEBSM devices - net: sfp: add mutex to prevent concurrent state checks - ipset: Fix memory accounting for hash types on resize - perf cs-etm: Properly set the value of 'old' and 'head' in snapshot mode - [s390x] perf report: Fix OOM error in TUI mode on s390 - [arm64] irqchip/meson-gpio: Add support for Meson-G12A SoC - media: uvcvideo: Fix access to uninitialized fields on probe error - iommu: Fix a leak in iommu_insert_resv_region - [armhf] gpio: omap: fix lack of irqstatus_raw0 for OMAP4 - [armhf] gpio: omap: ensure irq is enabled before wakeup - regmap: fix bulk writes on paged registers - bpf: silence warning messages in core - selinux: fix empty write to keycreate file - [x86] cpu: Add Ice Lake NNPI to Intel family - [arm64] ASoC: meson: axg-tdm: fix sample clock inversion - rcu: Force inlining of rcu_read_lock() - [x86] cpufeatures: Add FDP_EXCPTN_ONLY and ZERO_FCS_FDS - qed: iWARP - Fix tc for MPA ll2 connection - [arm64] net: hns3: fix for skb leak when doing selftest - block: null_blk: fix race condition for null_del_dev - blkcg, writeback: dead memcgs shouldn't contribute to writeback ownership arbitration - xfrm: fix sa selector validation - sched/core: Add __sched tag for io_schedule() - sched/fair: Fix "runnable_avg_yN_inv" not used warnings - [x86] perf/intel/uncore: Handle invalid event coding for free-running counter - [x86] atomic: Fix smp_mb__{before,after}_atomic() - perf evsel: Make perf_evsel__name() accept a NULL argument - vhost_net: disable zerocopy by default - ipoib: correcly show a VF hardware address - [x86] cacheinfo: Fix a -Wtype-limits warning - blk-iolatency: only account submitted bios - ACPICA: Clear status of GPEs on first direct enable - EDAC/sysfs: Fix memory leak when creating a csrow object - nvme: fix possible io failures when removing multipathed ns - nvme-pci: properly report state change failure in nvme_reset_work - nvme-pci: set the errno on ctrl state change error - lightnvm: pblk: fix freeing of merged pages - [arm64] Do not enable IRQs for ct_user_exit - ipsec: select crypto ciphers for xfrm_algo - ipvs: defer hook registration to avoid leaks - media: i2c: fix warning same module names - ntp: Limit TAI-UTC offset - timer_list: Guard procfs specific code - [arm64] acpi: ignore 5.1 FADTs that are reported as 5.0 - media: hdpvr: fix locking and a missing msleep - [armhf] net: stmmac: sun8i: force select external PHY when no internal one - rtlwifi: rtl8192cu: fix error handle when usb probe failed - mt7601u: do not schedule rx_tasklet when the device has been disconnected - mt7601u: fix possible memory leak when the device is disconnected - ipvs: fix tinfo memory leak in start_sync_thread - ath10k: add missing error handling - ath10k: fix PCIE device wake up failed - perf tools: Increase MAX_NR_CPUS and MAX_CACHES - [x86] ASoC: Intel: hdac_hdmi: Set ops to NULL on remove - libata: don't request sense data on !ZAC ATA devices - [armhf] clocksource/drivers/exynos_mct: Increase priority over ARM arch timer - xsk: Properly terminate assignment in xskq_produce_flush_desc - rslib: Fix decoding of shortened codes - rslib: Fix handling of of caller provided syndrome - ixgbe: Check DDM existence in transceiver before access - crypto: serpent - mark __serpent_setkey_sbox noinline - wil6210: drop old event after wmi_call timeout - EDAC: Fix global-out-of-bounds write when setting edac_mc_poll_msec - bcache: check CACHE_SET_IO_DISABLE in allocator code - bcache: check CACHE_SET_IO_DISABLE bit in bch_journal() - bcache: acquire bch_register_lock later in cached_dev_free() - bcache: check c->gc_thread by IS_ERR_OR_NULL in cache_set_flush() - bcache: fix potential deadlock in cached_def_free() - [arm64] net: hns3: fix a -Wformat-nonliteral compile warning - [arm64] net: hns3: add some error checking in hclge_tm module - ath10k: destroy sdio workqueue while remove sdio module - [armhf,arm64] net: mvpp2: prs: Don't override the sign bit in SRAM parser shift - igb: clear out skb->tstamp after reading the txtime - iwlwifi: mvm: Drop large non sta frames - perf stat: Make metric event lookup more robust - perf stat: Fix group lookup for metric group - bnx2x: Prevent ptp_task to be rescheduled indefinitely - net: usb: asix: init MAC address buffers - rxrpc: Fix oops in tracepoint - bpf, libbpf, smatch: Fix potential NULL pointer dereference - bonding: validate ip header before check IPPROTO_IGMP - gpiolib: Fix references to gpiod_[gs]et_*value_cansleep() variants - [ppc64el] tools: bpftool: Fix json dump crash on powerpc - Bluetooth: hci_bcsp: Fix memory leak in rx_skb - Bluetooth: Add new 13d3:3491 QCA_ROME device - Bluetooth: Add new 13d3:3501 QCA_ROME device - Bluetooth: 6lowpan: search for destination address in all peers - [ppc64el] perf tests: Fix record+probe_libc_inet_pton.sh for powerpc64 - Bluetooth: Check state in l2cap_disconnect_rsp - gtp: add missing gtp_encap_disable_sock() in gtp_encap_enable() - Bluetooth: validate BLE connection interval updates - gtp: fix suspicious RCU usage - gtp: fix Illegal context switch in RCU read-side critical section. - gtp: fix use-after-free in gtp_encap_destroy() - gtp: fix use-after-free in gtp_newlink() - [armel/marvell,armhf] net: mvmdio: defer probe of orion-mdio if a clock is not ready - iavf: fix dereference of null rx_buffer pointer - floppy: fix out-of-bounds read in next_valid_format - floppy: fix invalid pointer dereference in drive_name - xen: let alloc_xenballooned_pages() fail if not enough memory free - scsi: core: Fix race on creating sense cache - scsi: megaraid_sas: Fix calculation of target ID - crypto: ghash - fix unaligned memory access in ghash_setkey() - [x86] crypto: ccp - Validate the the error value used to index error messages - [arm64] crypto: sha1-ce - correct digest for empty data in finup - [arm64] crypto: sha2-ce - correct digest for empty data in finup - crypto: chacha20poly1305 - fix atomic sleep when using async algorithm - [x86] crypto: ccp - memset structure fields to zero before reuse - [x86] crypto: ccp/gcm - use const time tag comparison. - Revert "bcache: set CACHE_SET_IO_DISABLE in bch_cached_dev_error()" - bcache: Revert "bcache: fix high CPU occupancy during journal" - bcache: Revert "bcache: free heap cache_set->flush_btree in bch_journal_free" - bcache: ignore read-ahead request failure on backing device - bcache: fix mistaken sysfs entry for io_error counter - bcache: destroy dc->writeback_write_wq if failed to create dc->writeback_thread - Input: alps - don't handle ALPS cs19 trackpoint-only device - [x86] Input: synaptics - whitelist Lenovo T580 SMBus intertouch - Input: alps - fix a mismatch between a condition check and its comment - [armhf] regulator: s2mps11: Fix buck7 and buck8 wrong voltages - [arm64] tegra: Update Jetson TX1 GPU regulator timings - iwlwifi: pcie: don't service an interrupt that was masked - iwlwifi: pcie: fix ALIVE interrupt handling for gen2 devices w/o MSI-X - iwlwifi: don't WARN when calling iwl_get_shared_mem_conf with RF-Kill - iwlwifi: fix RF-Kill interrupt while FW load for gen2 devices - NFSv4: Handle the special Linux file open access mode - pnfs/flexfiles: Fix PTR_ERR() dereferences in ff_layout_track_ds_error - pNFS: Fix a typo in pnfs_update_layout - pnfs: Fix a problem where we gratuitously start doing I/O through the MDS - lib/scatterlist: Fix mapping iterator when sg->offset is greater than PAGE_SIZE - ASoC: dapm: Adapt for debugfs API change - raid5-cache: Need to do start() part job after adding journal device - ALSA: seq: Break too long mutex context in the write loop - [x86] ALSA: hda/realtek - Fixed Headphone Mic can't record on Dell platform - [x86] ALSA: hda/realtek: apply ALC891 headset fixup to one Dell machine - media: v4l2: Test type instead of cfg->type in v4l2_ctrl_new_custom() - media: videobuf2-core: Prevent size alignment wrapping buffer size to 0 - media: videobuf2-dma-sg: Prevent size from overflowing - [x86] KVM: vPMU: refine kvm_pmu err msg when event creation failed - [arm64] tegra: Fix AGIC register range - fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys inodes. - kconfig: fix missing choice values in auto.conf - drm/nouveau/i2c: Enable i2c pads & busses during preinit - padata: use smp_mb in padata_reorder to avoid orphaned padata jobs - dm zoned: fix zone state management race - xen/events: fix binding user event channels to cpus - 9p/xen: Add cleanup path in p9_trans_xen_init - 9p/virtio: Add cleanup path in p9_virtio_init - [x86] boot: Fix memory leak in default_get_smp_config() - [x86] perf/intel: Fix spurious NMI on fixed counter - [x86] perf/amd/uncore: Do not set 'ThreadMask' and 'SliceMask' for non-L3 PMCs - [x86] perf/amd/uncore: Set the thread mask for F17h L3 PMCs - drm/edid: parse CEA blocks embedded in DisplayID - [x86] intel_th: pci: Add Ice Lake NNPI support - [x86] PCI: hv: Fix a use-after-free bug in hv_eject_device_work() - PCI: Do not poll for PME if the device is in D3cold - [arm64] PCI: qcom: Ensure that PERST is asserted for at least 100 ms - Btrfs: fix data loss after inode eviction, renaming it, and fsync it - Btrfs: fix fsync not persisting dentry deletions due to inode evictions - Btrfs: add missing inode version, ctime and mtime updates when punching hole - IB/mlx5: Report correctly tag matching rendezvous capability - HID: wacom: generic: only switch the mode on devices with LEDs - HID: wacom: generic: Correct pad syncing - HID: wacom: correct touch resolution x/y typo - libnvdimm/pfn: fix fsdax-mode namespace info-block zero-fields - coda: pass the host file in vma->vm_file on mmap - include/asm-generic/bug.h: fix "cut here" for WARN_ON for __WARN_TAINT architectures - xfs: fix pagecache truncation prior to reflink - xfs: flush removing page cache in xfs_reflink_remap_prep - xfs: don't overflow xattr listent buffer - xfs: rename m_inotbt_nores to m_finobt_nores - xfs: don't ever put nlink > 0 inodes on the unlinked list - xfs: reserve blocks for ifree transaction during log recovery - xfs: fix reporting supported extra file attributes for statx() - xfs: serialize unaligned dio writes against all other dio writes - xfs: abort unaligned nowait directio early - [ppc64el] watchpoint: Restore NV GPRs while returning from exception - [ppc64el] powernv/npu: Fix reference leak - [ppc64el] pseries: Fix oops in hotplug memory notifier - [arm64] mmc: sdhci-msm: fix mutex while in spinlock - eCryptfs: fix a couple type promotion bugs - [x86] intel_th: msu: Fix single mode with disabled IOMMU - Bluetooth: Add SMP workaround Microsoft Surface Precision Mouse bug - usb: Handle USB3 remote wakeup for LPM enabled devices correctly - blk-throttle: fix zero wait time for iops throttled group - blk-iolatency: clear use_delay when io.latency is set to zero - blkcg: update blkcg_print_stat() to handle larger outputs - [armel/marvell,armhf] net: mvmdio: allow up to four clocks to be specified for orion-mdio - dm bufio: fix deadlock with loop device https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.62 - bnx2x: Prevent load reordering in tx completion processing - [x86] hv_netvsc: Fix extra rcu_read_unlock in netvsc_recv_callback() - igmp: fix memory leak in igmpv3_del_delrec() - ipv4: don't set IPv6 only flags to IPv4 addresses - ipv6: rt6_check should return NULL if 'from' is NULL - ipv6: Unlink sibling route in case of failure - [armhf,arm64] net: dsa: mv88e6xxx: wait after reset deactivation - net: make skb_dst_force return true when dst is refcounted - net: neigh: fix multiple neigh timer scheduling - net: openvswitch: fix csum updates for MPLS actions - net: phy: sfp: hwmon: Fix scaling of RX power - [armhf,arm64] net: stmmac: Re-work the queue selection for TSO packets - nfc: fix potential illegal memory access - r8169: fix issue with confused RX unit after PHY power-down on RTL8411b - rxrpc: Fix send on a connected, but unbound socket - sctp: fix error handling on stream scheduler initialization - [x86] sky2: Disable MSI on ASUS P6T - tcp: be more careful in tcp_fragment() - tcp: fix tcp_set_congestion_control() use from bpf hook - tcp: Reset bytes_acked and bytes_received when disconnecting - vrf: make sure skb->data contains ip header to make routing - net/mlx5e: IPoIB, Add error path in mlx5_rdma_setup_rn - macsec: fix use-after-free of skb during RX - macsec: fix checksumming after decryption - netrom: fix a memory leak in nr_rx_frame() - netrom: hold sock when setting skb->destructor - net_sched: unset TCQ_F_CAN_BYPASS when adding filters - sctp: not bind the socket in sctp_connect - net: bridge: mcast: fix stale nsrcs pointer in igmp3/mld2 report handling - net: bridge: mcast: fix stale ipv6 hdr pointer when handling v6 query - net: bridge: don't cache ether dest pointer on input - net: bridge: stp: don't cache eth dest pointer before skb pull - dma-buf: balance refcount inbalance - dma-buf: Discard old fence_excl on retrying get_fences_rcu for realloc - perf/core: Fix exclusive events' grouping - perf/core: Fix race between close() and fork() - ext4: don't allow any modifications to an immutable file - ext4: enforce the immutable flag on open files - mm: add filemap_fdatawait_range_keep_errors() - jbd2: introduce jbd2_inode dirty range scoping - ext4: use jbd2_inode dirty range scoping - ext4: allow directory holes - [x86] KVM: nVMX: do not use dangling shadow VMCS after guest reset - [x86] KVM: nVMX: Clear pending KVM_REQ_GET_VMCS12_PAGES when leaving nested - mm: vmscan: scan anonymous pages on file refaults - net: sched: verify that q!=NULL before setting q->flags https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.63 - [x86] hvsock: fix epollout hang from race condition - [armhf,arm64] drm/panel: simple: Fix panel_simple_dsi_probe - [x86] staging: vt6656: use meaningful error code during buffer allocation - usb: core: hub: Disable hub-initiated U1/U2 - [armhf,arm64] pinctrl: rockchip: fix leaked of_node references - drm/amd/display: Fill prescale_params->scale for RGB565 - drm/amdgpu/sriov: Need to initialize the HDP_NONSURFACE_BAStE - drm/amd/display: Disable ABM before destroy ABM struct - drm/amdkfd: Fix a potential memory leak - drm/amdkfd: Fix sdma queue map issue - drm/edid: Fix a missing-check bug in drm_load_edid_firmware() - PCI: Return error if cannot probe VF - [armhf,arm64] gpu: host1x: Increase maximum DMA segment size - drm/crc-debugfs: User irqsafe spinlock in drm_crtc_add_crc_entry - drm/crc-debugfs: Also sprinkle irqrestore over early exits - memstick: Fix error cleanup path of memstick_init - [arm64] tty: serial: msm_serial: avoid system lockup condition - serial: 8250: Fix TX interrupt handling condition - drm/amd/display: Always allocate initial connector state state - drm/virtio: Add memory barriers for capset cache. - drm/amd/display: fix compilation error - [ppc64el] pseries/mobility: prevent cpu hotplug during DT update - [armhf,arm64] drm/rockchip: Properly adjust to a true clock in adjusted_mode - [armhf] serial: imx: fix locking in set_termios() - tty: serial_core: Set port active bit in uart_port_activate - usb: gadget: Zero ffs_io_data - mmc: sdhci: sdhci-pci-o2micro: Check if controller supports 8-bit width - [ppc64el] pci/of: Fix OF flags parsing for 64bit BARs - [arm64] drm/msm: Depopulate platform on probe failure - [arm64] PCI: xilinx-nwl: Fix Multi MSI data programming - iio: iio-utils: Fix possible incorrect mask calculation - [ppc64el] cacheflush: fix variable set but not used - [ppc64el] xmon: Fix disabling tracing while in xmon - [ppc64el] recordmcount: Fix spurious mcount entries on powerpc - mfd: core: Set fwnode for created devices - [arm64] mfd: hi655x-pmic: Fix missing return value check for devm_regmap_init_mmio_clk - mm/swap: fix release_pages() when releasing devmap pages - RDMA/i40iw: Set queue pair state when being queried - IB/mlx5: Fixed reporting counters on 2nd port for Dual port RoCE - [ppc64el] mm: Handle page table allocation failures - IB/ipoib: Add child to parent list only if device initialized - [arm64] assembler: Switch ESB-instruction with a vanilla nop if !ARM64_HAS_RAS - perf stat: Fix use-after-freed pointer detected by the smatch tool - perf top: Fix potential NULL pointer dereference detected by the smatch tool - perf session: Fix potential NULL pointer dereference found by the smatch tool - perf annotate: Fix dereferencing freed memory found by the smatch tool - perf hists browser: Fix potential NULL pointer dereference found by the smatch tool - RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM - [armhf] PCI: dwc: pci-dra7xx: Fix compilation when !CONFIG_GPIOLIB - [ppc64el] boot: add {get, put}_unaligned_be32 to xz_config.h - block: init flush rq ref count to 1 - f2fs: avoid out-of-range memory access - mailbox: handle failed named mailbox channel request - dlm: check if workqueues are NULL before flushing/destroying - [ppc64el] eeh: Handle hugepages in ioremap space - block/bio-integrity: fix a memory leak bug - 9p: pass the correct prototype to read_cache_page - mm/gup.c: mark undo_dev_pagemap as __maybe_unused - mm/gup.c: remove some BUG_ONs from get_gate_page() - memcg, fsnotify: no oom-kill for remote memcg charging - mm/mmu_notifier: use hlist_add_head_rcu() - proc: use down_read_killable mmap_sem for /proc/pid/smaps_rollup - proc: use down_read_killable mmap_sem for /proc/pid/pagemap - proc: use down_read_killable mmap_sem for /proc/pid/clear_refs - proc: use down_read_killable mmap_sem for /proc/pid/map_files - cxgb4: reduce kernel stack usage in cudbg_collect_mem_region() - proc: use down_read_killable mmap_sem for /proc/pid/maps - locking/lockdep: Fix lock used or unused stats error - mm: use down_read_killable for locking mmap_sem in access_remote_vm - locking/lockdep: Hide unused 'class' variable - usb: wusbcore: fix unbalanced get/put cluster_id - [x86] usb: pci-quirks: Correct AMD PLL quirk detection - btrfs: inode: Don't compress if NODATASUM or NODATACOW set - [x86] sysfb_efi: Add quirks for some devices with swapped width and height - [x86] speculation/mds: Apply more accurate check on hypervisor platform - binder: prevent transactions to context manager from its own process. - fpga-manager: altera-ps-spi: Fix build error - [x86] mei: me: add mule creek canyon (EHL) device ids - [x86] hpet: Fix division by zero in hpet_time_div() - ALSA: ac97: Fix double free of ac97_codec_device - ALSA: line6: Fix wrong altsetting for LINE6_PODHD500_1 - ALSA: hda - Add a conexant codec entry to let mute led work - [ppc64el] xive: Fix loop exit-condition in xive_find_target_in_mask() - libnvdimm/bus: Stop holding nvdimm_bus_list_mutex over __nd_ioctl() - access: avoid the RCU grace period for the temporary subjective credentials https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.64 - [x86] hv_sock: Add support for delayed close - vsock: correct removal of socket from the list - NFS: Fix dentry revalidation on NFSv4 lookup - NFS: Refactor nfs_lookup_revalidate() - NFSv4: Fix lookup revalidate of regular files - [armhf,arm64] usb: dwc2: Disable all EP's on disconnect - [armhf,arm64] usb: dwc2: Fix disable all EP's on disconnect - [arm64] compat: Provide definition for COMPAT_SIGMINSTKSZ (Closes: #904385). - binder: fix possible UAF when freeing buffer - ISDN: hfcsusb: checking idx of ep configuration - media: au0828: fix null dereference in error path - ath10k: Change the warning message string - media: cpia2_usb: first wake up, then free in disconnect - media: pvrusb2: use a different format for warnings - NFS: Cleanup if nfs_match_client is interrupted - media: radio-raremono: change devm_k*alloc to k*alloc - [x86] iommu/vt-d: Don't queue_iova() if there is no flush queue - vhost: introduce vhost_exceeds_weight() - vhost_net: fix possible infinite loop (CVE-2019-3900) - vhost: vsock: add weight support - vhost: scsi: add weight support (CVE-2019-3900) - sched/fair: Don't free p->numa_faults with concurrent readers - sched/fair: Use RCU accessors consistently for ->numa_group - /proc/<pid>/cmdline: remove all the special cases - /proc/<pid>/cmdline: add back the setproctitle() special case - drivers/pps/pps.c: clear offset flags in PPS_SETPARAMS ioctl - Fix allyesconfig output. - ceph: hold i_ceph_lock when removing caps for freeing inode - block, scsi: Change the preempt-only flag into a counter - scsi: core: Avoid that a kernel warning appears during system resume - ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.65 - [armhf] dts: rockchip: Make rk3288-veyron-minnie run at hs200 - [armhf] dts: rockchip: Make rk3288-veyron-mickey's emmc work again - [armhf] dts: rockchip: Mark that the rk3288 timer might stop in suspend - ftrace: Enable trampoline when rec count returns back to one - [armhf,arm64] dmaengine: tegra-apb: Error out if DMA_PREP_INTERRUPT flag is unset - [arm64] dts: rockchip: fix isp iommu clocks and power domain - kernel/module.c: Only return -EEXIST for modules that have finished loading - [arm64] clk: tegra210: fix PLLU and PLLU_OUT1 - fs/adfs: super: fix use-after-free bug - btrfs: fix minimum number of chunk errors for DUP - btrfs: qgroup: Don't hold qgroup_ioctl_lock in btrfs_qgroup_inherit() - cifs: Fix a race condition with cifs_echo_request - ceph: fix improper use of smp_mb__before_atomic() - ceph: return -ERANGE if virtual xattr value didn't fit in buffer - ACPI: blacklist: fix clang warning for unused DMI table - [s390x] scsi: zfcp: fix GCC compiler warning emitted with -Wmaybe-uninitialized - perf version: Fix segfault due to missing OPT_END() - [x86] kvm: avoid constant-conversion warning - ACPI: fix false-positive -Wuninitialized warning - be2net: Signal that the device cannot transmit during reconfiguration - [x86] apic: Silence -Wtype-limits compiler warnings - mm/cma.c: fail if fixed declaration can't be honored - lib/test_overflow.c: avoid tainting the kernel and fix wrap size - lib/test_string.c: avoid masking memset16/32/64 failures - coda: add error handling for fget - coda: fix build using bare-metal toolchain - uapi linux/coda_psdev.h: move upc_req definition from uapi to kernel side headers - drivers/rapidio/devices/rio_mport_cdev.c: NUL terminate some strings - ipc/mqueue.c: only perform resource calculation if user valid - [x86] xen/pv: Fix a boot up hang revealed by int3 self test - [x86] kvm: Don't call kvm_spurious_fault() from .fixup - [x86] paravirt: Fix callee-saved function ELF sizes - [x86] boot: Remove multiple copy of static function sanitize_boot_params() - drm/nouveau: fix memory leak in nouveau_conn_reset() - kconfig: Clear "written" flag to avoid data loss - Btrfs: fix incremental send failure after deduplication - Btrfs: fix race leading to fs corruption after transaction abort - [armhf,arm64] mmc: dw_mmc: Fix occasional hang after tuning on eMMC - [arm64] mmc: meson-mx-sdio: Fix misuse of GENMASK macro - gpiolib: fix incorrect IRQ requesting of an active-low lineevent - IB/hfi1: Fix Spectre v1 vulnerability - mtd: rawnand: micron: handle on-die "ECC-off" devices correctly - selinux: fix memory leak in policydb_init() - ALSA: hda: Fix 1-minute detection delay when i915 module is not available (Closes: #931507) - mm: vmscan: check if mem cgroup is disabled or not before calling memcg slab shrinker - [s390x] dasd: fix endless loop after read unit address configuration - [arm*] drivers/perf: arm_pmu: Fix failure path in PM notifier - [arm64] compat: Allow single-byte watchpoints on all addresses - [arm64] cpufeature: Fix feature comparison for CTR_EL0.{CWG,ERG} - nbd: replace kill_bdev() with __invalidate_device() again - xen/swiotlb: fix condition for calling xen_destroy_contiguous_region() - IB/mlx5: Fix unreg_umr to ignore the mkey state - IB/mlx5: Use direct mkey destroy command upon UMR unreg failure - IB/mlx5: Move MRs to a kernel PD when freeing them to the MR cache - IB/mlx5: Fix clean_mr() to work in the expected order - IB/mlx5: Fix RSS Toeplitz setup to be aligned with the HW specification - IB/hfi1: Check for error on call to alloc_rsm_map_table - [x86] drm/i915/gvt: fix incorrect cache entry for guest page mapping - eeprom: at24: make spd world-readable again - objtool: Support GCC 9 cold subfunction naming scheme - gcc-9: properly declare the {pv,hv}clock_page storage - [x86] vdso: Prevent segfaults due to hoisted vclock reads - scsi: mpt3sas: Use 63-bit DMA addressing on SAS35 HBA https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.66 - scsi: fcoe: Embed fc_rport_priv in fcoe_rport structure - gcc-9: don't warn about uninitialized variable - driver core: Establish order of operations for device_add and device_del via bitflag - drivers/base: Introduce kill_device() - libnvdimm/bus: Prevent duplicate device_unregister() calls - libnvdimm/region: Register badblocks before namespaces - libnvdimm/bus: Prepare the nd_ioctl() path to be re-entrant - libnvdimm/bus: Fix wait_nvdimm_bus_probe_idle() ABBA deadlock - HID: wacom: fix bit shift for Cintiq Companion 2 - HID: Add quirk for HP X1200 PIXART OEM mouse - IB: directly cast the sockaddr union to aockaddr - atm: iphase: Fix Spectre v1 vulnerability - bnx2x: Disable multi-cos feature. - ife: error out when nla attributes are empty - ip6_gre: reload ipv6h in prepare_ip6gre_xmit_ipv6 - ip6_tunnel: fix possible use-after-free on xmit - ipip: validate header length in ipip_tunnel_xmit - [armhf,arm64] mvpp2: fix panic on module removal - [armhf,arm64] mvpp2: refactor MTU change code - net: bridge: delete local fdb on device init failure - net: bridge: mcast: don't delete permanent entries when fast leave is enabled - net: fix ifindex collision during namespace removal - net/mlx5e: always initialize frag->last_in_page - net/mlx5: Use reversed order when unregister devices - net: phylink: Fix flow control for fixed-link - net: sched: Fix a possible null-pointer dereference in dequeue_func() - net sched: update vlan action for batched events operations - net: sched: use temporary variable for actions indexes - net/smc: do not schedule tx_work in SMC_CLOSED state - tipc: compat: allow tipc commands without arguments - tun: mark small packets as owned by the tap sock - net/mlx5: Fix modify_cq_in alignment - net/mlx5e: Prevent encap flow counter update async to user query - r8169: don't use MSI before RTL8168d - compat_ioctl: pppoe: fix PPPOEIOCSFWD handling - cgroup: Call cgroup_release() before __exit_signal() - cgroup: Implement css_task_iter_skip() - cgroup: Include dying leaders with live threads in PROCS iterations - cgroup: css_task_iter_skip()'d iterators must be advanced before accessed - cgroup: Fix css_task_iter_advance_css_set() cset skip condition - [arm*] spi: bcm2835: Fix 3-wire mode if DMA is enabled https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.67 - [x86] crypto: ccp - Fix oops by properly managing allocated structures - [x86] crypto: ccp - Add support for valid authsize values less than 16 - [x86] crypto: ccp - Ignore tag length when decrypting GCM ciphertext - usb: usbfs: fix double-free of usb memory upon submiturb error - usb: iowarrior: fix deadlock on disconnect - sound: fix a memory leak bug - [arm64,mips*/octeon] mmc: cavium: Set the correct dma max segment size for mmc_host - [arm64,mips*/octeon] mmc: cavium: Add the missing dma unmap when the dma has finished. - loop: set PF_MEMALLOC_NOIO for the worker thread - Input: usbtouchscreen - initialize PM mutex before using it - [x86] Input: elantech - enable SMBus on new (2018+) systems - [x86] Input: synaptics - enable RMI mode for HP Spectre X360 - [x86] mm: Check for pfn instead of page in vmalloc_sync_one() - [x86] mm: Sync also unmappings in vmalloc_sync_all() - mm/vmalloc: Sync unmappings in __purge_vmap_area_lazy() - [s390x] perf annotate: Fix s390 gap between kernel end and module start - perf db-export: Fix thread__exec_comm() - [s390x] perf record: Fix module size on s390 - [x86] purgatory: Use CFLAGS_REMOVE rather than reset KBUILD_CFLAGS - gfs2: gfs2_walk_metadata fix - usb: yurex: Fix use-after-free in yurex_delete - [x86] usb: typec: tcpm: free log buf memory when remove debug file - [x86] usb: typec: tcpm: remove tcpm dir if no children - [x86] usb: typec: tcpm: Add NULL check before dereferencing config - [x86] usb: typec: tcpm: Ignore unsupported/unknown alternate mode requests - can: peak_usb: fix potential double kfree_skb() - netfilter: nfnetlink: avoid deadlock due to synchronous request_module - [s390x] vfio-ccw: Set pa_nr to 0 if memory allocation fails for pa_iova_pfn - netfilter: Fix rpfilter dropping vrf packets by mistake - netfilter: conntrack: always store window size un-scaled - netfilter: nft_hash: fix symhash with modulus one - drm/amd/display: Wait for backlight programming completion in set backlight level - drm/amd/display: use encoder's engine id to find matched free audio device - drm/amd/display: Fix dc_create failure handling and 666 color depths - drm/amd/display: Only enable audio if speaker allocation exists - drm/amd/display: Increase size of audios array - [x86] iscsi_ibft: make ISCSI_IBFT dependson ACPI instead of ISCSI_IBFT_FIND - nl80211: fix NL80211_HE_MAX_CAPABILITY_LEN - mac80211: don't warn about CW params when not using them - allocate_flower_entry: should check for null deref - hwmon: (nct6775) Fix register address and added missed tolerance for nct6106 - drm: silence variable 'conn' set but not used - [s390x] qdio: add sanity checks to the fast-requeue path - ALSA: compress: Fix regression on compressed capture streams - ALSA: compress: Prevent bypasses of set_params - ALSA: compress: Don't allow paritial drain operations on capture streams - ALSA: compress: Be more restrictive about when a drain is allowed - perf tools: Fix proper buffer size for feature processing - perf probe: Avoid calling freeing routine multiple times for same pointer - drbd: dynamically allocate shash descriptor - ACPI/IORT: Fix off-by-one check in iort_dev_find_its_id() - nvme: fix multipath crash when ANA is deactivated - scsi: megaraid_sas: fix panic on loading firmware crashdump - [ppc64el] scsi: ibmvfc: fix WARN_ON during event pool release - scsi: scsi_dh_alua: always use a 2 second delay before retrying RTPG - test_firmware: fix a memory leak bug - tty/ldsem, locking/rwsem: Add missing ACQUIRE to read_failed sleep loop - perf/core: Fix creating kernel counters for PMUs that override event->cpu - [s390x] dma: provide proper ARCH_ZONE_DMA_BITS value - HID: sony: Fix race condition between rumble and device remove. - [x86] purgatory: Do not use __builtin_memcpy and __builtin_memset - ALSA: usb-audio: fix a memory leak bug - can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices - can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices - hwmon: (nct7802) Fix wrong detection of in4 presence - [x86] drm/i915: Fix wrong escape clock divisor init for GLK - ALSA: firewire: fix a memory leak bug - ALSA: hiface: fix multiple memory leak bugs - ALSA: hda - Don't override global PCM hw info flag - [x86] ALSA: hda - Workaround for crackled sound on AMD controller (1022:1457) - mac80211: don't WARN on short WMM parameters from AP - dax: dax_layout_busy_page() should not unmap cow pages - SMB3: Fix deadlock in validate negotiate hits reconnect - smb3: send CAP_DFS capability during session setup - NFSv4: Fix an Oops in nfs4_do_setattr - [x86] KVM: Fix leak vCPU's VMCS value into other pCPU - mwifiex: fix 802.11n/WPA detection - iwlwifi: don't unmap as page memory that was mapped as single - iwlwifi: mvm: fix an out-of-bound access - iwlwifi: mvm: don't send GEO_TX_POWER_LIMIT on version < 41 - iwlwifi: mvm: fix version check for GEO_TX_POWER_LIMIT support . [ Steve McIntyre ] * [arm64] Improve support for the Huawei TaiShan server platform (Closes: #930554): - Enable the HNS/ROCE Infiniband driver - Backport fixes from 4.20 and 4.21 for HNS3 networking, hisi_sas SAS and HNS/ROCE Infiniband - Add module:drivers/scsi/hisi_sas/* to the ABI ignore list . [ Uwe Kleine-König ] * [armhf] Add support for all i.MX6 variants. * rtc-s35390a: backport fix to make hwclock able to read the time (Closes: #932845) . [ Ben Hutchings ] * [rt] Update to 4.19.59-rt24: - Fix build failure after "genirq: Prevent use-after-free and work list corruption": + Update "genirq: Do not invoke the affinity callback via a workqueue on RT" + kthread: add a global worker thread. + genirq: Do not invoke the affinity callback via a workqueue on RT + genirq: Handle missing work_struct in irq_set_affinity_notifier() - Update "irqwork: push most work into softirq context" to resolve conflict with "irq_work: Do not raise an IPI when queueing work on the local CPU" - Drop "random: avoid preempt_disable()ed section" - arm: imx6: cpuidle: Use raw_spinlock_t - rcu: Don't allow to change rcu_normal_after_boot on RT - sched/core: Drop a preempt_disable_rt() statement - timers: Redo the notification of canceling timers on -RT - Fix futex regression in 4.19.21: + Revert "futex: Ensure lock/unlock symetry versus pi_lock and hash bucket lock" + Revert "futex: Fix bug on when a requeued RT task times out" + Revert "rtmutex: Handle the various new futex race conditions" + Revert "futex: workaround migrate_disable/enable in different context" + futex: Make the futex_hash_bucket lock raw + futex: Delay deallocation of pi_state - mm/zswap: Do not disable preemption in zswap_frontswap_store() * Bump ABI to 6 linux (4.19.37-6) unstable; urgency=high . [ John Paul Adrian Glaubitz ] * [sh4]: Check for kprobe trap number before trying to handle a kprobe trap . [ Salvatore Bonaccorso ] * tcp: refine memory limit test in tcp_fragment() (Closes: #930904) * ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME (CVE-2019-13272) . [ Steve McIntyre ] * [arm64] Improve support for the Huawei TaiShan server platform (Closes: #930554): - Enable the HNS/ROCE Infiniband driver - Backport fixes from 4.20 and 4.21 for HNS3 networking, hisi_sas SAS and HNS/ROCE Infiniband - Add module:drivers/scsi/hisi_sas/* to the ABI ignore list . [ Cyril Brulebois ] * [arm] Backport DTB support for Rasperry Pi Compute Module 3. * [arm64] Backport DTB support for Rasperry Pi Compute Module 3. linux (4.19.37-5+deb10u2) buster-security; urgency=high . [ Romain Perier ] * [x86] x86/insn-eval: Fix use-after-free access to LDT entry (CVE-2019-13233) * [powerpc*] mm/64s/hash: Reallocate context ids on fork (CVE-2019-12817) * nfc: Ensure presence of required attributes in the deactivate_target handler (CVE-2019-12984) * binder: fix race between munmap() and direct reclaim (CVE-2019-1999) * scsi: libsas: fix a race condition when smp task timeout (CVE-2018-20836) * Input: gtco - bounds check collection indent level (CVE-2019-13631) * floppy: fix out-of-bounds read in copy_buffer (CVE-2019-14283) * inet: switch IP ID generator to siphash (CVE-2019-10638) * floppy: fix div-by-zero in setup_format_params (CVE-2019-14284) * Bluetooth: hci_uart: check for missing tty operations (CVE-2019-10207) * [powerpc/tm] Fix oops on sigreturn on systems without TM (CVE-2019-13648) . [ Salvatore Bonaccorso ] * [x86] cpufeatures: Carve out CQM features retrieval * [x86] cpufeatures: Combine word 11 and 12 into a new scattered features word * [x86] speculation: Prepare entry code for Spectre v1 swapgs mitigations * [x86] speculation: Enable Spectre v1 swapgs mitigations (CVE-2019-1125) * [amd64] entry: Use JMP instead of JMPQ * [x86] speculation/swapgs: Exclude ATOMs from speculation through SWAPGS * Documentation: Add section about CPU vulnerabilities for Spectre * Documentation: Add swapgs description to the Spectre v1 documentation . [ Ben Hutchings ] * [x86] cpufeatures: Avoid ABI change for swapgs mitigations: - Move swapgs feature bits to existing scattered words - Revert "x86/cpufeatures: Combine word 11 and 12 into a new scattered features word" * inet: Avoid ABI change for IP ID hash change linux (4.19.37-5+deb10u2~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports; no further changes required . linux (4.19.37-5+deb10u2) buster-security; urgency=high . [ Romain Perier ] * [x86] x86/insn-eval: Fix use-after-free access to LDT entry (CVE-2019-13233) * [powerpc*] mm/64s/hash: Reallocate context ids on fork (CVE-2019-12817) * nfc: Ensure presence of required attributes in the deactivate_target handler (CVE-2019-12984) * binder: fix race between munmap() and direct reclaim (CVE-2019-1999) * scsi: libsas: fix a race condition when smp task timeout (CVE-2018-20836) * Input: gtco - bounds check collection indent level (CVE-2019-13631) * floppy: fix out-of-bounds read in copy_buffer (CVE-2019-14283) * inet: switch IP ID generator to siphash (CVE-2019-10638) * floppy: fix div-by-zero in setup_format_params (CVE-2019-14284) * Bluetooth: hci_uart: check for missing tty operations (CVE-2019-10207) * [powerpc/tm] Fix oops on sigreturn on systems without TM (CVE-2019-13648) . [ Salvatore Bonaccorso ] * [x86] cpufeatures: Carve out CQM features retrieval * [x86] cpufeatures: Combine word 11 and 12 into a new scattered features word * [x86] speculation: Prepare entry code for Spectre v1 swapgs mitigations * [x86] speculation: Enable Spectre v1 swapgs mitigations (CVE-2019-1125) * [amd64] entry: Use JMP instead of JMPQ * [x86] speculation/swapgs: Exclude ATOMs from speculation through SWAPGS * Documentation: Add section about CPU vulnerabilities for Spectre * Documentation: Add swapgs description to the Spectre v1 documentation . [ Ben Hutchings ] * [x86] cpufeatures: Avoid ABI change for swapgs mitigations: - Move swapgs feature bits to existing scattered words - Revert "x86/cpufeatures: Combine word 11 and 12 into a new scattered features word" * inet: Avoid ABI change for IP ID hash change . linux (4.19.37-5+deb10u1) buster-security; urgency=high . * tcp: refine memory limit test in tcp_fragment() (Closes: #930904) * ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME (CVE-2019-13272) . linux (4.19.37-5) unstable; urgency=medium . [ Romain Perier ] * [sparc64] Fix device naming inconsistency between sunhv_console and sunhv_reg (Closes: #926539) . [ Ben Hutchings ] * tcp: Avoid ABI change for DoS fixes (Closes: #930743) * Add ABI reference for 4.19.0-5 linux (4.19.37-5+deb10u1) buster-security; urgency=high . * tcp: refine memory limit test in tcp_fragment() (Closes: #930904) * ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME (CVE-2019-13272) linux-latest (105+deb10u1) buster; urgency=medium . * Update to 4.19.0-6 linux-signed-amd64 (4.19.67+2) buster; urgency=medium . * Sign kernel from linux 4.19.67-2 . [ Salvatore Bonaccorso ] * dm: disable DISCARD if the underlying storage no longer supports it (Closes: #934331) * xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT (CVE-2019-15538) . [ Ben Hutchings ] * KVM: Ignore ABI changes * [ppc64el] Disable PPC_TRANSACTIONAL_MEM (Closes: #866122) * [ppc64el] Avoid ABI change for disabling TM * netfilter: conntrack: Use consistent ct id hash calculation (fixes regression in 4.19.44) . [ Cyril Brulebois ] * [arm] Backport DTB support for Rasperry Pi Compute Module 3. * [arm64] Backport DTB support for Rasperry Pi Compute Module 3. linux-signed-amd64 (4.19.67+1) buster; urgency=medium . * Sign kernel from linux 4.19.67-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.38 - netfilter: nft_compat: use refcnt_t type for nft_xt reference count - netfilter: nft_compat: make lists per netns - netfilter: nf_tables: split set destruction in deactivate and destroy phase - netfilter: nft_compat: destroy function must not have side effects - netfilter: nf_tables: warn when expr implements only one of activate/deactivate - netfilter: nf_tables: unbind set in rule from commit path - netfilter: nft_compat: don't use refcount_inc on newly allocated entry - netfilter: nft_compat: use .release_ops and remove list of extension - netfilter: nf_tables: fix set double-free in abort path - netfilter: nf_tables: bogus EBUSY when deleting set after flush - netfilter: nf_tables: bogus EBUSY in helper removal from transaction - net/ibmvnic: Fix RTNL deadlock during device reset - net: mvpp2: fix validate for PPv2.1 - ext4: fix some error pointer dereferences - tipc: handle the err returned from cmd header function - loop: do not print warn message if partition scan is successful - [armhf,arm64] drm/rockchip: fix for mailbox read validation. - vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock - ipvs: fix warning on unused variable - [ppc64el] vdso32: fix CLOCK_MONOTONIC on PPC64 - [armhf,arm64] net: dsa: mv88e6xxx: add call to mv88e6xxx_ports_cmode_init to probe for new DSA framework - cifs: fix memory leak in SMB2_read - cifs: do not attempt cifs operation on smb2+ rename error - tracing: Fix a memory leak by early error exit in trace_pid_write() - zram: pass down the bvec we need to read into in the work struct - trace: Fix preempt_enable_no_resched() abuse - IB/rdmavt: Fix frwr memory registration - RDMA/mlx5: Do not allow the user to write to the clock page - sched/numa: Fix a possible divide-by-zero - ceph: only use d_name directly when parent is locked - ceph: ensure d_name stability in ceph_dentry_hash() - ceph: fix ci->i_head_snapc leak - nfsd: Don't release the callback slot unless it was actually held - sunrpc: don't mark uninitialised items as VALID. - [x86] perf/intel: Update KBL Package C-state events to also include PC8/PC9/PC10 counters - Input: synaptics-rmi4 - write config register values to the right offset - [armhf] 8857/1: efi: enable CP15 DMB instructions before cleaning the cache - [ppc64el] mm/radix: Make Radix require HUGETLB_PAGE - [arm*] drm/vc4: Fix memory leak during gpu reset. - [x86] Revert "drm/i915/fbdev: Actually configure untiled displays" - USB: Add new USB LPM helpers - USB: Consolidate LPM checks to avoid enabling LPM twice - slip: make slhc_free() silently accept an error pointer - [x86] intel_th: gth: Fix an off-by-one in output unassigning - fs/proc/proc_sysctl.c: Fix a NULL pointer dereference - workqueue: Try to catch flush_work() without INIT_WORK(). - sched/deadline: Correctly handle active 0-lag timers - NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family. - netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON - fm10k: Fix a potential NULL pointer dereference - tipc: check bearer name with right length in tipc_nl_compat_bearer_enable - tipc: check link name with right length in tipc_nl_compat_link_set - net: netrom: Fix error cleanup path of nr_proto_init - net/rds: Check address length before reading address family - rxrpc: fix race condition in rxrpc_input_packet() - [x86] retpolines: Raise limit for generating indirect calls from switch-case - [x86] retpolines: Disable switch jump tables when retpolines are enabled - mm: Fix warning in insert_pfn() - [x86] fpu: Don't export __kernel_fpu_{begin,end}() - ipv4: add sanity checks in ipv4_link_failure() - ipv4: set the tcp_min_rtt_wlen range from 0 to one day - net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query - net: rds: exchange of 8K and 1M pool - net/rose: fix unbound loop in rose_loopback_timer() - [armhf,arm64] net: stmmac: move stmmac_check_ether_addr() to driver probe - team: fix possible recursive locking when add slaves - [arm64] net: hns: Fix WARNING when hns modules installed - net/mlx5e: Fix the max MTU check in case of XDP - net/mlx5e: Fix use-after-free after xdp_return_frame https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.39 - selinux: use kernel linux/socket.h for genheaders and mdp - Revert "ACPICA: Clear status of GPEs before enabling them" - [arm*] dts: bcm283x: Fix hdmi hpd gpio pull - [s390x] limit brk randomization to 32MB - net: ieee802154: fix a potential NULL pointer dereference - ieee802154: hwsim: propagate genlmsg_reply return code - [armhf,arm64] net: stmmac: don't set own bit too early for jumbo frames - qlcnic: Avoid potential NULL pointer dereference - xsk: fix umem memory leak on cleanup - netfilter: nft_set_rbtree: check for inactive element after flag mismatch - netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING - netfilter: fix NETFILTER_XT_TARGET_TEE dependencies - netfilter: ip6t_srh: fix NULL pointer dereferences - [s390x] qeth: fix race when initializing the IP address table - [armhf] imx51: fix a leaked reference by adding missing of_node_put - [arm64] KVM: Reset the PMU in preemptible context - [armhf,arm64] KVM: vgic-its: Take the srcu lock when writing to guest memory - [armhf,arm64] KVM: vgic-its: Take the srcu lock when parsing the memslots - [x86] usb: dwc3: pci: add support for Comet Lake PCH ID - usb: gadget: net2280: Fix overrun of OUT messages - usb: gadget: net2280: Fix net2280_dequeue() - [x86] i2c: i801: Add support for Intel Comet Lake - staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc - staging: rtlwifi: rtl8822b: fix to avoid potential NULL pointer dereference - staging: rtl8712: uninitialized memory in read_bbreg_hdl() - staging: rtlwifi: Fix potential NULL pointer dereference of kzalloc - [arm64] net: macb: Add null check for PCLK and HCLK - net/sched: don't dereference a->goto_chain to read the chain index - [armhf] dts: imx6qdl: Fix typo in imx6qdl-icore-rqs.dtsi - [armhf,arm64] drm/tegra: hub: Fix dereference before check - NFS: Fix a typo in nfs_init_timeout_values() - drm: Fix drm_release() and device unplug - [arm64] drm/meson: Fix invalid pointer in meson_drv_unbind() - [arm64] drm/meson: Uninstall IRQ handler - scsi: mpt3sas: Fix kernel panic during expander reset - scsi: aacraid: Insure we don't access PCIe space during AER/EEH - scsi: qla4xxx: fix a potential NULL pointer dereference - leds: trigger: netdev: fix refcnt leak on interface rename - [x86] realmode: Don't leak the trampoline kernel address - usb: u132-hcd: fix resource leak - ceph: fix use-after-free on symlink traversal - [s390x] scsi: zfcp: reduce flood of fcrscn1 trace records on multi- element RSCN - [x86] mm: Don't exceed the valid physical address space - libata: fix using DMA buffers on stack - gpio: of: Fix of_gpiochip_add() error path - nvme-multipath: relax ANA state check - perf machine: Update kernel map address and re-order properly - [x86] iommu/amd: Reserve exclusion range in iova-domain - ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK - leds: trigger: netdev: use memcpy in device_name_store https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.40 - ipv4: ip_do_fragment: Preserve skb_iif during fragmentation - ipv6: A few fixes on dereferencing rt->from - ipv6: fix races in ip6_dst_destroy() - ipv6/flowlabel: wait rcu grace period before put_pid() - ipv6: invert flowlabel sharing check in process and user mode - l2ip: fix possible use-after-free - l2tp: use rcu_dereference_sk_user_data() in l2tp_udp_encap_recv() - [armhf] net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc - net: phy: marvell: Fix buffer overrun with stats counters - rxrpc: Fix net namespace cleanup - sctp: avoid running the sctp state machine recursively - packet: validate msg_namelen in send directly - bnxt_en: Improve multicast address setup logic. - bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one() - bnxt_en: Fix uninitialized variable usage in bnxt_rx_pkt(). - [x86] KVM: Whitelist port 0x7e for pre-incrementing %rip - [x86] KVM: nVMX: Fix size checks in vmx_set_nested_state - ALSA: line6: use dynamic buffers - ath10k: Drop WARN_ON()s that always trigger during system resume https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.41 - iwlwifi: fix driver operation for 5350 - mwifiex: Make resume actually do something useful again on SDIO cards - mac80211: don't attempt to rename ERR_PTR() debugfs dirs - [armhf] i2c: imx: correct the method of getting private data in notifier_call - i2c: Remove unnecessary call to irq_find_mapping - i2c: Clear client->irq in i2c_device_remove - i2c: Allow recovery of the initial IRQ by an I2C client device. - i2c: Prevent runtime suspend of adapter when Host Notify is required - [x86] ALSA: hda/realtek - Add new Dell platform for headset mode - [x86] ALSA: hda/realtek - Fixed Dell AIO speaker noise - [x86] ALSA: hda/realtek - Apply the fixup for ASUS Q325UAR - USB: yurex: Fix protection fault after device removal - USB: w1 ds2490: Fix bug caused by improper use of altsetting array - USB: dummy-hcd: Fix failure to give back unlinked URBs - usb: usbip: fix isoc packet num validation in get_pipe - USB: core: Fix unterminated string returned by usb_string() - USB: core: Fix bug caused by duplicate interface PM usage counter - nvme-loop: init nvmet_ctrl fatal_err_work when allocate - [arm64] dts: rockchip: fix rk3328-roc-cc gmac2io tx/rx_delay - HID: logitech: check the return value of create_singlethread_workqueue - HID: debug: fix race condition with between rdesc_show() and device removal - rtc: cros-ec: Fail suspend/resume if wake IRQ can't be configured - batman-adv: Reduce claim hash refcnt only for removed entry - batman-adv: Reduce tt_local hash refcnt only for removed entry - batman-adv: Reduce tt_global hash refcnt only for removed entry - batman-adv: fix warning in function batadv_v_elp_get_throughput - [armhf] dts: rockchip: Fix gpu opp node names for rk3288 - [arm64] reset: meson-audio-arb: Fix missing .owner setting of reset_controller_dev - igb: Fix WARN_ONCE on runtime suspend - HID: quirks: Fix keyboard + touchpad on Lenovo Miix 630 - net/mlx5: E-Switch, Fix esw manager vport indication for more vport commands - bonding: show full hw address in sysfs for slave entries - [armhf,arm64] net: stmmac: use correct DMA buffer size in the RX descriptor - [armhf,arm64] net: stmmac: ratelimit RX error logs - [armhf,arm64] net: stmmac: don't stop NAPI processing when dropping a packet - [armhf,arm64] net: stmmac: don't overwrite discard_frame status - [armhf,arm64] net: stmmac: fix dropping of multi-descriptor RX frames - [armhf,arm64] net: stmmac: don't log oversized frames - jffs2: fix use-after-free on symlink traversal - debugfs: fix use-after-free on symlink traversal - [armhf] mfd: twl-core: Disable IRQ while suspended - block: use blk_free_flush_queue() to free hctx->fq in blk_mq_init_hctx - HID: input: add mapping for Assistant key - vfio/pci: use correct format characters - scsi: core: add new RDAC LENOVO/DE_Series device - [x86] scsi: storvsc: Fix calculation of sub-channel count - [arm64] fix wrong check of on_sdei_stack in nmi context - [arm64] net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw() - [arm64] net: hns: Use NAPI_POLL_WEIGHT for hns driver - [arm64] net: hns: Fix probabilistic memory overwrite when HNS driver initialized - [arm64] net: hns: fix ICMP6 neighbor solicitation messages discard problem - [arm64] net: hns: Fix WARNING when remove HNS driver with SMMU enabled - libcxgb: fix incorrect ppmax calculation - [x86] KVM: SVM: prevent DBG_DECRYPT and DBG_ENCRYPT overflow - hugetlbfs: fix memory leak for resv_map - fs: stream_open - opener for stream-like files so that read and write can run simultaneously without deadlock - [armel] orion: don't use using 64-bit DMA masks - block: pass no-op callback to INIT_WORK(). - [x86] perf/amd: Update generic hardware cache events for Family 17h - Bluetooth: btusb: request wake pin with NOAUTOEN - Bluetooth: mediatek: fix up an error path to restore bdev->tx_state - [arm64] clk: qcom: Add missing freq for usb30_master_clk on 8998 - scsi: RDMA/srpt: Fix a credit leak for aborted commands - [x86] ASoC: Intel: bytcr_rt5651: Revert "Fix DMIC map headsetmic mapping" - [x86] platform: intel_pmc_core: Fix PCH IP name - [x86] platform: intel_pmc_core: Handle CFL regmap properly - IB/core: Unregister notifier before freeing MAD security - IB/core: Fix potential memory leak while creating MAD agents - IB/core: Destroy QP if XRC QP fails - selinux: avoid silent denials in permissive mode under RCU walk - selinux: never allow relabeling on context mounts - mac80211: Honor SW_CRYPTO_CONTROL for unicast keys in AP VLAN mode - [ppc64el] mm/hash: Handle mmap_min_addr correctly in get_unmapped_area topdown search - [x86] mce: Improve error message when kernel cannot recover, p2 - [x86] clk: Add system specific quirk to mark clocks as critical - [x86] mm/KASLR: Fix the size of the direct mapping section - [x86] mm: Fix a crash with kmemleak_scan() - [x86] mm/tlb: Revert "x86/mm: Align TLB invalidation info" - media: v4l2: i2c: ov7670: Fix PLL bypass register values https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.42 - [armhf,arm64] net: stmmac: Use bfsize1 in ndesc_init_rx_desc - [x86] Drivers: hv: vmbus: Remove the undesired put_cpu_ptr() in hv_synic_cleanup() - ASoC: hdmi-codec: fix S/PDIF DAI - ASoC:soc-pcm:fix a codec fixup issue in TDM case - [x86] ASoC:intel:skl:fix a simultaneous playback & capture issue on hda platform - [arm64] clk: meson-gxbb: round the vdec dividers to closest - ASoC: dapm: Fix NULL pointer dereference in snd_soc_dapm_free_kcontrol - [armhf] drm/omap: hdmi4_cec: Fix CEC clock handling for PM - IB/hfi1: Eliminate opcode tests on mr deref - IB/hfi1: Fix the allocation of RSM table - [x86] perf/intel: Fix handling of wakeup_events for multi-entry PEBS - [x86] perf/intel: Initialize TFA MSR - linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() - drm/amd/display: fix cursor black issue - objtool: Add rewind_stack_do_exit() to the noreturn list - slab: fix a crash by reading /proc/slab_allocators - [armhf,arm64] drm/sun4i: tcon top: Fix NULL/invalid pointer dereference in sun8i_tcon_top_un/bind - virtio_pci: fix a NULL pointer reference in vp_del_vqs - [x86] RDMA/vmw_pvrdma: Fix memory leak on pvrdma_pci_remove - [arm64] RDMA/hns: Fix bug that caused srq creation to fail - scsi: csiostor: fix missing data copy in csio_scsi_err_handler() - [x86] ASoC: Intel: kbl: fix wrong number of channels - virtio-blk: limit number of hw queues by nr_cpu_ids - nvme-fc: correct csn initialization and increments on error - [x86] platform: pmc_atom: Drop __initconst on dmi table - perf/core: Fix perf_event_disable_inatomic() race - [x86] iommu/amd: Set exclusion range correctly - genirq: Prevent use-after-free and work list corruption - usb: dwc3: Fix default lpm_nyet_threshold value - USB: serial: f81232: fix interrupt worker not stop - USB: cdc-acm: fix unthrottle races - usb-storage: Set virt_boundary_mask to avoid SG overflows - [x86] intel_th: pci: Add Comet Lake support - [arm64] cpufreq: armada-37xx: fix frequency calculation for opp - scsi: lpfc: change snprintf to scnprintf for possible overflow - scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines - scsi: qla2xxx: Fix device staying in blocked state - UAS: fix alignment of scatter/gather segments - [x86] ASoC: Intel: avoid Oops if DMA setup fails - locking/futex: Allow low-level atomic operations to return -EAGAIN - [arm64] futex: Bound number of LDXR/STXR loops in FUTEX_WAKE_OP https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.43 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.44 - bfq: update internal depth state when queue depth changes - [x86] platform: sony-laptop: Fix unintentional fall-through - [x86] platform: thinkpad_acpi: Disable Bluetooth for some machines - [x86] platform: dell-laptop: fix rfkill functionality - hwmon: (pwm-fan) Disable PWM if fetching cooling data fails - kernfs: fix barrier usage in __kernfs_new_node() - [x86] virt: vbox: Sanity-check parameter types for hgcm-calls coming from userspace - USB: serial: fix unthrottle races - acpi/nfit: Always dump _DSM output payload - libnvdimm/namespace: Fix a potential NULL pointer dereference - HID: input: add mapping for Expose/Overview key - HID: input: add mapping for keyboard Brightness Up/Down/Toggle keys - HID: input: add mapping for "Toggle Display" key - libnvdimm/btt: Fix a kmemdup failure check - [s390x] dasd: Fix capacity calculation for large volumes - mac80211: fix unaligned access in mesh table hash function - mac80211: Increase MAX_MSG_LEN - cfg80211: Handle WMM rules in regulatory domain intersection - mac80211: fix memory accounting with A-MSDU aggregation - nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands - libnvdimm/pmem: fix a possible OOB access when read and write pmem - [s390x] 3270: fix lockdep false positive on view->lock - drm/amd/display: extending AUX SW Timeout - mISDN: Check address length before reading address family - vxge: fix return of a free'd memblock on a failed dma mapping - qede: fix write to free'd pointer error and double free of ptp - afs: Unlock pages for __pagevec_release() - drm/amd/display: If one stream full updates, full update all planes - [s390x] pkey: add one more argument space for debug feature entry - [x86] reboot, efi: Use EFI reboot for Acer TravelMate X514-51T - [x86] KVM: fix spectrev1 gadgets - [x86] KVM: avoid misreporting level-triggered irqs as edge-triggered in tracing - tools lib traceevent: Fix missing equality check for strcmp - ipmi: ipmi_si_hardcode.c: init si_type array to fix a crash - scsi: aic7xxx: fix EISA support - mm: fix inactive list balancing between NUMA nodes and cgroups - init: initialize jump labels before command line option parsing - ipvs: do not schedule icmp errors from tunnels - netfilter: ctnetlink: don't use conntrack/expect object addresses as id - netfilter: nf_tables: prevent shift wrap in nft_chain_parse_hook() - [s390x] ctcm: fix ctcm_new_device error return code - [armhf,arm64] drm/sun4i: Set device driver data at bind time for use in unbind - [armhf,arm64] drm/sun4i: Fix component unbinding and component master deletion - netfilter: fix nf_l4proto_log_invalid to log invalid packets - [armhf] gpu: ipu-v3: dp: fix CSC handling - [armhf] drm/imx: don't skip DP channel disable for background plane - [armhf,arm64] drm/sun4i: Unbind components before releasing DRM and memory - Input: synaptics-rmi4 - fix possible double free - [arm64] RDMA/hns: Bugfix for mapping user db - mm/memory_hotplug.c: drop memory device reference after find_memory_block() - [ppc64el] smp: Fix NMI IPI timeout - [ppc64el] smp: Fix NMI IPI xmon timeout - [armhf,arm64] net: dsa: mv88e6xxx: fix few issues in mv88e6390x_port_set_cmode - mm/memory.c: fix modifying of page protection by insert_pfn() - usb: typec: Fix unchecked return value - netfilter: nf_tables: use-after-free in dynamic operations - netfilter: nf_tables: add missing ->release_ops() in error path of newrule() (Closes: #934168) - net: fec: manage ahb clock in runtime pm - net: strparser: partially revert "strparser: Call skb_unclone conditionally" - NFC: nci: Add some bounds checking in nci_hci_cmd_received() - nfc: nci: Potential off by one in ->pipes[] array - [x86] kprobes: Avoid kretprobe recursion bug - mwl8k: Fix rate_idx underflow - rtlwifi: rtl8723ae: Fix missing break in switch statement - bonding: fix arp_validate toggling in active-backup mode - bridge: Fix error path for kobject_init_and_add() - ipv4: Fix raw socket lookup for local traffic - net: dsa: Fix error cleanup path in dsa_init_module - [armhf] net: ethernet: stmmac: dwmac-sun8i: enable support of unicast filtering - [arm64] net: macb: Change interrupt and napi enable order in open - packet: Fix error path in packet_init - selinux: do not report error on connect(AF_UNSPEC) - vlan: disable SIOCSHWTSTAMP in container - vrf: sit mtu should not be updated when vrf netdev is the link - tuntap: fix dividing by zero in ebpf queue selection - tuntap: synchronize through tfiles array instead of tun->numqueues - isdn: bas_gigaset: use usb_fill_int_urb() properly - tipc: fix hanging clients using poll with EPOLLOUT flag - [ppc64el] book3s/64: check for NULL pointer in pgd_alloc() - [ppc64el] powernv/idle: Restore IAMR after idle - [x86] PCI: hv: Fix a memory leak in hv_eject_device_work() - [x86] PCI: hv: Add hv_pci_remove_slots() when we unload the driver - [x86] PCI: hv: Add pci_destroy_slot() in pci_devices_present_work(), if necessary https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.45 - locking/rwsem: Prevent decrement of reader count before increment - [x86] speculation/mds: Revert CPU buffer clear on double fault exit - [x86] speculation/mds: Improve CPU buffer clear documentation - objtool: Fix function fallthrough detection - [arm64] dts: rockchip: Disable DCMDs on RK3399's eMMC controller. - [armhf] dts: exynos: Fix interrupt for shared EINTs on Exynos5260 - [armhf] dts: exynos: Fix audio (microphone) routing on Odroid XU3 - [arm64] mmc: sdhci-of-arasan: Add DTS property to disable DCMDs. - [armhf] exynos: Fix a leaked reference by adding missing of_node_put - [armhf] power: supply: axp288_charger: Fix unchecked return value - [armhf,arm64] power: supply: axp288_fuel_gauge: Add ACEPC T8 and T11 mini PCs to the blacklist - [arm64] mmap: Ensure file offset is treated as unsigned - [arm64] arch_timer: Ensure counter register reads occur with seqlock held - [arm64] compat: Reduce address limit - [arm64] Clear OSDLR_EL1 on CPU boot - [arm64] Save and restore OSDLR_EL1 across suspend/resume - [x96] sched: Save [ER]FLAGS on context switch - crypto: salsa20 - don't access already-freed walk.iv - crypto: chacha20poly1305 - set cra_name correctly - [x86] crypto: ccp - Do not free psp_master when PLATFORM_INIT fails - [ppc64el] crypto: vmx - fix copy-paste error in CTR mode - crypto: skcipher - don't WARN on unprocessed data after slow walk step - crypto: crct10dif-generic - fix use via crypto_shash_digest() - [x86] crypto: crct10dif-pcl - fix use via crypto_shash_digest() - [arm64] crypto: gcm-aes-ce - fix no-NEON fallback code - crypto: gcm - fix incompatibility between "gcm" and "gcm_base" - [armhf,arm64] crypto: aes-neonbs - don't access already-freed walk.iv - mmc: core: Fix tag set memory leak - ALSA: line6: toneport: Fix broken usage of timer for delayed execution - ALSA: usb-audio: Fix a memory leak bug - ALSA: hda/hdmi - Read the pin sense from register when repolling - ALSA: hda/hdmi - Consider eld_valid when reporting jack event - ALSA: hda/realtek - EAPD turn on later - ALSA: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) - [armhf,arm64] ASoC: max98090: Fix restore of DAPM Muxes - ASoC: codec: hdac_hdmi add device_link to card device - [arm64] bpf: remove prefetch insn in xadd mapping - mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses - mm/hugetlb.c: don't put_page in lock of hugetlb_lock - hugetlb: use same fault hash key for shared and private mappings - ocfs2: fix ocfs2 read inode data panic in ocfs2_iget - userfaultfd: use RCU to free the task struct when fork fails - ACPI: PM: Set enable_for_wake for wakeup GPEs during suspend-to-idle - [arm64] mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values - mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write - tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 - tty/vt: fix write/write race in ioctl(KDSKBSENT) handler - jbd2: check superblock mapped prior to committing - ext4: make sanity check in mballoc more strict - ext4: ignore e_value_offs for xattrs with value-in-ea-inode - ext4: avoid drop reference to iloc.bh twice - ext4: fix use-after-free race with debug_want_extra_isize - ext4: actually request zeroing of inode table after grow - ext4: fix ext4_show_options for file systems w/o journal - btrfs: Check the first key and level for cached extent buffer - btrfs: Correctly free extent buffer in case btree_read_extent_buffer_pages fails - Btrfs: send, flush dellaloc in order to avoid data loss - Btrfs: do not start a transaction during fiemap - Btrfs: do not start a transaction at iterate_extent_inodes() - bcache: fix a race between cache register and cacheset unregister - bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim() - ipmi:ssif: compare block number correctly for multi-part return messages - crypto: ccm - fix incompatibility between "ccm" and "ccm_base" - fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount - ext4: fix data corruption caused by overlapping unaligned and aligned IO - ext4: fix use-after-free in dx_release() - ext4: avoid panic during forced reboot due to aborted journal - [x86] ALSA: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) - ALSA: hda/realtek - Fixup headphone noise via runtime suspend - [x86] ALSA: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug - jbd2: fix potential double free - [x86] KVM: Skip EFER vs. guest CPUID checks for host-initiated writes - [x86] KVM: lapic: Busy wait for timer to expire when using hv_timer - xen/pvh: set xen_domain_type to HVM in xen_pvh_init - libnvdimm/namespace: Fix label tracking error - iov_iter: optimize page_copy_sane() - pstore: Centralize init/exit routines - pstore: Allocate compression during late_initcall() - pstore: Refactor compression initialization - ext4: don't update s_rev_level if not required https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.46 - ipv6: fix src addr routing with the exception table - ipv6: prevent possible fib6 leaks - net: Always descend into dsa/ - net: avoid weird emergency message - net/mlx4_core: Change the error print to info print - net: test nouarg before dereferencing zerocopy pointers - net: usb: qmi_wwan: add Telit 0x1260 and 0x1261 compositions - nfp: flower: add rcu locks when accessing netdev for tunnels - ppp: deflate: Fix possible crash in deflate_init - rtnetlink: always put IFLA_LINK for links with a link-netnsid - tipc: switch order of device registration to fix a crash - vsock/virtio: free packets during the socket release - vsock/virtio: Initialize core virtio vsock before registering the driver - net/mlx5: Imply MLXFW in mlx5_core - net/mlx5e: Fix ethtool rxfh commands when CONFIG_MLX5_EN_RXNFC is disabled - stm class: Fix channel free in stm output free path - stm class: Fix channel bitmap on 32-bit systems - brd: re-enable __GFP_HIGHMEM in brd_insert_page() - proc: prevent changes to overridden credentials - Revert "MD: fix lock contention for flush bios" - md: batch flush requests. - md: add mddev->pers to avoid potential NULL pointer dereference - dcache: sort the freeing-without-RCU-delay mess for good. - [x86] intel_th: msu: Fix single mode with IOMMU - p54: drop device reference count if fails to enable device - of: fix clang -Wunsequenced for be32_to_cpu() - cifs: fix strcat buffer overflow and reduce raciness in smb21_set_oplock_level() - [armhf] phy: ti-pipe3: fix missing bit-wise or operator when assigning val - NFS4: Fix v4.0 client state corruption when mount - PNFS fallback to MDS if no deviceid found - [arm64] clk: hi3660: Mark clk_gate_ufs_subsys as critical - [armhf,arm64] clk: tegra: Fix PLLM programming on Tegra124+ when PMC overrides divider - [arm64] clk: rockchip: fix wrong clock definitions for rk3328 - udlfb: delete the unused parameter for dlfb_handle_damage - udlfb: fix sleeping inside spinlock - udlfb: introduce a rendering mutex - fuse: fix writepages on 32bit - fuse: honor RLIMIT_FSIZE in fuse_file_fallocate - ovl: fix missing upper fs freeze protection on copy up for ioctl - [armhf] iommu/tegra-smmu: Fix invalid ASID bits on Tegra30/114 - ceph: flush dirty inodes before proceeding with remount - [amd64] Add gap to int3 to allow for call emulation - [amd64] Allow breakpoints to emulate call instructions - [amd64] ftrace: Emulate call function while updating in breakpoint handler - tracing: Fix partial reading of trace event's id file - [armhf,arm64] memory: tegra: Fix integer overflow on tick value calculation - [x86] perf intel-pt: Fix instructions sampling rate - [x86] perf intel-pt: Fix improved sample timestamp - [x86] perf intel-pt: Fix sample timestamp wrt non-taken branches - fbdev/efifb: Ignore framebuffer memmap entries that lack any memory types - PCI: Mark AMD Stoney Radeon R7 GPU ATS as broken - PCI: Mark Atheros AR9462 to avoid bus reset - PCI: Init PCIe feature bits for managed host bridge alloc - PCI/AER: Change pci_aer_init() stub to return void - PCI: Factor out pcie_retrain_link() function - PCI: Work around Pericom PCIe-to-PCI bridge Retrain Link erratum - dm cache metadata: Fix loading discard bitset - dm zoned: Fix zone report handling - dm delay: fix a crash when invalid device is specified - dm integrity: correctly calculate the size of metadata area - dm mpath: always free attached_handler_name in parse_path() - fuse: Add FOPEN_STREAM to use stream_open() - xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - xfrm6_tunnel: Fix potential panic when unloading xfrm6_tunnel module - vti4: ipip tunnel deregistration fixes. - xfrm: clean up xfrm protocol checks - esp4: add length check for UDP encapsulation - xfrm: Honor original L3 slave device in xfrmi policy lookup - xfrm4: Fix uninitialized memory read in _decode_session4 - [armhf,arm64] clk: sunxi-ng: nkmp: Avoid GENMASK(-1, 0) - securityfs: fix use-after-free on symlink traversal - apparmorfs: fix use-after-free on symlink traversal - PCI: Fix issue with "pci=disable_acs_redir" parameter being ignored - [x86] kvm: hyper-v: deal with buggy TLB flush requests from WS2012 - mac80211: Fix kernel panic due to use of txq after free - net: ieee802154: fix missing checks for regmap_update_bits - [armhf,arm64] KVM: Ensure vcpu target is unset on reset failure - bpf: Fix preempt_enable_no_resched() abuse - qmi_wwan: new Wistron, ZTE and D-Link devices - iwlwifi: mvm: check for length correctness in iwl_mvm_create_skb() - sched/cpufreq: Fix kobject memleak - [x86] mm/mem_encrypt: Disable all instrumentation for early SME setup - ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour - perf bench numa: Add define for RUSAGE_THREAD if not present - [x86] perf/intel: Fix race in intel_pmu_disable_event() - md/raid: raid5 preserve the writeback action after the parity check - driver core: Postpone DMA tear-down until after devres release for probe failure - bpf: relax inode permission check for retrieving bpf program - bpf: add map_lookup_elem_sys_only for lookups from syscall side - bpf, lru: avoid messing with eviction heuristics upon syscall lookup https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.47 - [x86] Hide the int3_emulate_call/jmp functions from UML - ext4: do not delete unlinked inode from orphan list on failed truncate - ext4: wait for outstanding dio during truncate in nojournal mode - f2fs: Fix use of number of devices - [x86] KVM: fix return value for reserved EFER - bio: fix improper use of smp_mb__before_atomic() - sbitmap: fix improper use of smp_mb__before_atomic() - Revert "scsi: sd: Keep disk read-only when re-reading partition" - [ppc64el] crypto: vmx - CTR: always increment IV as quadword - [arm*] mmc: sdhci-iproc: cygnus: Set NO_HISPD bit to fix HS50 data hold time problem - [arm*] mmc: sdhci-iproc: Set NO_HISPD bit to fix HS50 data hold time problem - [x86] kvm: svm/avic: fix off-by-one in checking host APIC ID - libnvdimm/pmem: Bypass CONFIG_HARDENED_USERCOPY overhead - [arm64] kernel: kaslr: reduce module randomization range to 2 GB - [arm64] iommu: handle non-remapped addresses in ->mmap and ->get_sgtable - gfs2: Fix sign extension bug in gfs2_update_stats - btrfs: don't double unlock on error in btrfs_punch_hole - Btrfs: do not abort transaction at btrfs_update_root() after failure to COW path - Btrfs: avoid fallback to transaction commit during fsync of files with holes - Btrfs: fix race between ranged fsync and writeback of adjacent ranges - btrfs: sysfs: Fix error path kobject memory leak - btrfs: sysfs: don't leak memory when failing add fsid - udlfb: fix some inconsistent NULL checking - fbdev: fix divide error in fb_var_to_videomode - NFSv4.2 fix unnecessary retry in nfs4_copy_file_range - NFSv4.1 fix incorrect return value in copy_file_range - bpf: add bpf_jit_limit knob to restrict unpriv allocations - [arm64] errata: Add workaround for Cortex-A76 erratum #1463225 - btrfs: honor path->skip_locking in backref code - ovl: relax WARN_ON() for overlapping layers use case - fbdev: fix WARNING in __alloc_pages_nodemask bug - media: cpia2: Fix use-after-free in cpia2_exit - media: serial_ir: Fix use-after-free in serial_ir_init_module - media: vb2: add waiting_in_dqbuf flag - media: vivid: use vfree() instead of kfree() for dev->bitmap_cap - ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit - bpf: devmap: fix use-after-free Read in __dev_map_entry_free - batman-adv: mcast: fix multicast tt/tvlv worker locking - at76c50x-usb: Don't register led_trigger if usb_register_driver failed - acct_on(): don't mess with freeze protection - gfs2: Fix lru_count going negative - cxgb4: Fix error path in cxgb4_init_module - NFS: make nfs_match_client killable - IB/hfi1: Fix WQ_MEM_RECLAIM warning - gfs2: Fix occasional glock use-after-free - mmc: core: Verify SD bus width - [arm64] dmaengine: tegra210-dma: free dma controller in remove() - net: ena: gcc 8: fix compilation warning - [x86] hv_netvsc: fix race that may miss tx queue wakeup - Bluetooth: Ignore CC events not matching the last HCI command - [x86] ASoC: Intel: kbl_da7219_max98357a: Map BTN_0 to KEY_PLAYPAUSE - [armhf,arm64] usb: dwc2: gadget: Increase descriptors count for ISOC's - [armhf,arm64] usb: dwc3: move synchronize_irq() out of the spinlock protected block - ASoC: hdmi-codec: unlock the device on startup errors - [ppc64el] perf: Return accordingly on invalid chip-id in - [ppc64el] boot: Fix missing check of lseek() return value - [ppc64el] perf: Fix loop exit condition in nest_imc_event_init - [armhf] ASoC: imx: fix fiq dependencies - [amd64] spi: pxa2xx: fix SCR (divisor) calculation - brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() - ACPI / property: fix handling of data_nodes in acpi_get_next_subnode() - drm/nouveau/bar/nv50: ensure BAR is mapped - [armel,armhf] vdso: Remove dependency with the arch_timer driver internals - [ppc64el] watchdog: Use hrtimers for per-CPU heartbeat - sched/cpufreq: Fix kobject memleak - scsi: qla2xxx: Fix a qla24xx_enable_msix() error path - scsi: qla2xxx: Fix abort handling in tcm_qla2xxx_write_pending() - scsi: qla2xxx: Avoid that lockdep complains about unsafe locking in tcm_qla2xxx_close_session() - scsi: qla2xxx: Fix hardirq-unsafe locking - [x86] modules: Avoid breaking W^X while loading modules - Btrfs: fix data bytes_may_use underflow with fallocate due to failed quota reserve - btrfs: fix panic during relocation after ENOSPC before writeback happens - btrfs: Don't panic when we can't find a root key - iwlwifi: pcie: don't crash on invalid RX interrupt - scsi: qedi: Abort ep termination if offload not scheduled - [s390x] kexec_file: Fix detection of text segment in ELF loader - sched/nohz: Run NOHZ idle load balancer on HK_FLAG_MISC CPUs - w1: fix the resume command API - [s390x] qeth: address type mismatch warning - [armhf,arm64] dmaengine: pl330: _stop: clear interrupt status - mac80211/cfg80211: update bss channel on channel switch - mwifiex: prevent an array overflow - rsi: Fix NULL pointer dereference in kmalloc - nvme: set 0 capacity if namespace block size exceeds PAGE_SIZE - nvme-rdma: fix a NULL deref when an admin connect times out - [armhf,arm64] crypto: sun4i-ss - Fix invalid calculation of hash end - bcache: avoid potential memleak of list of journal_replay(s) in the CACHE_SYNC branch of run_cache_set - bcache: return error immediately in bch_journal_replay() - bcache: fix failure in journal relplay - bcache: add failure check to run_cache_set() for journal replay - bcache: avoid clang -Wunintialized warning - RDMA/cma: Consider scope_id while binding to ipv6 ll address - vfio-ccw: Do not call flush_workqueue while holding the spinlock - vfio-ccw: Release any channel program when releasing/removing vfio-ccw mdev - [x86] mm: Remove in_nmi() warning from 64-bit implementation of vmalloc_fault() - mm/uaccess: Use 'unsigned long' to placate UBSAN warnings on older GCC versions - Bluetooth: hci_qca: Give enough time to ROME controller to bootup. - HID: logitech-hidpp: use RAP instead of FAP to get the protocol version - [armhf] pinctrl: samsung: fix leaked of_node references - [armhf] clk: rockchip: undo several noc and special clocks as critical on rk3288 - [arm64] perf/arm-cci: Remove broken race mitigation - media: au0828: stop video streaming only when last user stops - audit: fix a memory leak bug - media: au0828: Fix NULL pointer dereference in au0828_analog_stream_enable() - media: pvrusb2: Prevent a buffer overflow - block: fix use-after-free on gendisk - [ppc64el] numa: improve control of topology updates - [ppc64el] Fix booting large kernels with STRICT_KERNEL_RWX - random: fix CRNG initialization when random.trust_cpu=1 - random: add a spinlock_t to struct batched_entropy - cgroup: protect cgroup->nr_(dying_)descendants by css_set_lock - sched/core: Check quota and period overflow at usec to nsec conversion - sched/rt: Check integer overflow at usec to nsec conversion - sched/core: Handle overflow in cpu_shares_write_u64 - [arm*] staging: vc04_services: handle kzalloc failure - [arm64] drm/msm: a5xx: fix possible object reference leak - irq_work: Do not raise an IPI when queueing work on the local CPU - [x86] thunderbolt: Take domain lock in switch sysfs attribute callbacks - [s390x] qeth: handle error from qeth_update_from_chp_desc() - USB: core: Don't unbind interfaces following device reset failure - [amd64] irq: Limit IST stack overflow check to #DB stack - [armhf] drm: etnaviv: avoid DMA API warning when importing buffers - [armhf,arm64] phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode - i40e: Able to add up to 16 MAC filters on an untrusted VF - i40e: don't allow changes to HW VLAN stripping on active port VLANs - ACPI/IORT: Reject platform device creation on NUMA node mapping failure - [arm64] vdso: Fix clock_getres() for CLOCK_REALTIME - RDMA/cxgb4: Fix null pointer dereference on alloc_skb failure - [x86] perf/msr: Add Icelake support - [x86] perf/intel/rapl: Add Icelake support - [x86] perf/intel/cstate: Add Icelake support - hwmon: (vt1211) Use request_muxed_region for Super-IO accesses - hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses - hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses - hwmon: (pc87427) Use request_muxed_region for Super-IO accesses - hwmon: (f71805f) Use request_muxed_region for Super-IO accesses - scsi: libsas: Do discovery on empty PHY to update PHY info - mmc: core: make pwrseq_emmc (partially) support sleepy GPIO controllers - [armhf,arm64] mmc_spi: add a status check for spi_sync_locked - drm/amdgpu: fix old fence check in amdgpu_fence_emit - PM / core: Propagate dev->power.wakeup_path when no callbacks - [armhf] clk: rockchip: Fix video codec clocks on rk3288 - [armhf] clk: rockchip: Make rkpwm a critical clock on rk3288 - [s390x] zcrypt: initialize variables before_use - [x86] microcode: Fix the ancient deprecated microcode loading method - [s390x] mm: silence compiler warning when compiling without CONFIG_PGSTE - [s390x] cio: fix cio_irb declaration - qmi_wwan: Add quirk for Quectel dynamic config - block: sed-opal: fix IOC_OPAL_ENABLE_DISABLE_MBR - rtlwifi: fix a potential NULL pointer dereference - mwifiex: Fix mem leak in mwifiex_tm_cmd - brcmfmac: fix missing checks for kmemdup - b43: shut up clang -Wuninitialized variable warning - brcmfmac: convert dev_init_lock mutex to completion - brcmfmac: fix WARNING during USB disconnect in case of unempty psq - brcmfmac: fix race during disconnect when USB completion is in progress - brcmfmac: fix Oops when bringing up interface during USB disconnect - [arm64] rtc: xgene: fix possible race condition - rtlwifi: fix potential NULL pointer dereference - scsi: ufs: Fix regulator load and icc-level configuration - scsi: ufs: Avoid configuring regulator with undefined voltage range - [arm64] cpu_ops: fix a leaked reference by adding missing of_node_put - wil6210: fix return code of wmi_mgmt_tx and wmi_mgmt_tx_ext - [x86] uaccess, signal: Fix AC=1 bloat - [amd64] ia32: Fix ia32_restore_sigcontext() AC leak - [x86] uaccess: Fix up the fixup - chardev: add additional check for minor range overlap - [arm64] RDMA/hns: Fix bad endianess of port_pd variable - HID: core: move Usage Page concatenation to Main item - [armhf] ASoC: eukrea-tlv320: fix a leaked reference by adding missing of_node_put - cxgb3/l2t: Fix undefined behaviour - HID: logitech-hidpp: change low battery level threshold from 31 to 30 percent - [armhf] spi: tegra114: reset controller on probe - kobject: Don't trigger kobject_uevent(KOBJ_REMOVE) twice. - [armhf] media: wl128x: prevent two potential buffer overflows - media: gspca: Kill URBs on USB device disconnect - efifb: Omit memory map check on legacy boot - [x86] thunderbolt: property: Fix a missing check of kzalloc - [x86] thunderbolt: Fix to check the return value of kmemdup - timekeeping: Force upper bound for setting CLOCK_REALTIME - scsi: qedf: Add missing return in qedf_post_io_req() in the fcport offload check - virtio_console: initialize vtermno value for ports - tty: ipwireless: fix missing checks for ioremap - overflow: Fix -Wtype-limits compilation warnings - [x86] mce: Fix machine_check_poll() tests for error types - rcutorture: Fix cleanup path for invalid torture_type strings - [x86] mce: Handle varying MCA bank counts - rcuperf: Fix cleanup path for invalid perf_type strings - usb: core: Add PM runtime calls to usb_hcd_platform_shutdown - scsi: qla4xxx: avoid freeing unallocated dma memory - scsi: lpfc: avoid uninitialized variable warning - selinux: avoid uninitialized variable warning - batman-adv: allow updating DAT entry timeouts on incoming ARP Replies - dmaengine: tegra210-adma: use devm_clk_*() helpers - [armhf] hwrng: omap - Set default quality - [x86] thunderbolt: Fix to check return value of ida_simple_get - [x86] thunderbolt: Fix to check for kmemdup failure - drm/amd/display: fix releasing planes when exiting odm - [x86] thunderbolt: property: Fix a NULL pointer dereference - e1000e: Disable runtime PM on CNP+ - igb: Exclude device from suspend direct complete optimization - media: dvbsky: Avoid leaking dvb frontend - drm/amd/display: Fix Divide by 0 in memory calculations - drm/amd/display: Set stream->mode_changed when connectors change - scsi: ufs: fix a missing check of devm_reset_control_get - media: gspca: do not resubmit URBs when streaming has stopped - media: go7007: avoid clang frame overflow warning with KASAN - scsi: lpfc: Fix FDMI manufacturer attribute value - scsi: lpfc: Fix fc4type information for FDMI - media: saa7146: avoid high stack usage with clang - scsi: lpfc: Fix SLI3 commands being issued on SLI4 devices - [i386] spi : spi-topcliff-pch: Fix to handle empty DMA buffers - [armhf] drm/omap: dsi: Fix PM for display blank with paired dss_pll calls - [armhf] spi: imx: stop buffer overflow in RX FIFO flush - spi: Fix zero length xfer bug - [armhf] ASoC: davinci-mcasp: Fix clang warning without CONFIG_PM - drm/drv: Hold ref on parent device during drm_device lifetime - drm: Wake up next in drm_read() chain if we are forced to putback the event - [s390x] vfio-ccw: Prevent quiesce function going into an infinite loop - NFS: Fix a double unlock from nfs_match,get_client https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.48 - bonding/802.3ad: fix slave link initialization transition states - cxgb4: offload VLAN flows regardless of VLAN ethtype - ipv4/igmp: fix another memory leak in igmpv3_del_delrec() - ipv4/igmp: fix build error if !CONFIG_IP_MULTICAST - ipv6: Consider sk_bound_dev_if when binding a raw socket to an address - ipv6: Fix redirect with VRF - llc: fix skb leak in llc_build_and_send_ui_pkt() - [armhf,arm64] net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT - net-gro: fix use-after-free read in napi_gro_frags() - [armhf,arm64] net: mvneta: Fix err code path of probe - [armhf,arm64] net: mvpp2: fix bad MVPP2_TXQ_SCHED_TOKEN_CNTR_REG queue value - net: phy: marvell10g: report if the PHY fails to boot firmware - net: sched: don't use tc_action->order during action dump - [armhf,arm64] net: stmmac: fix reset gpio free missing - usbnet: fix kernel crash after disconnect - net/mlx5: Avoid double free in fs init error unwinding path - tipc: Avoid copying bytes beyond the supplied data - net/mlx5: Allocate root ns memory using kzalloc to match kfree - net/mlx5e: Disable rxhash when CQE compress is enabled - [armhf,arm64] net: stmmac: dma channel control register need to be init first - bnxt_en: Fix aggregation buffer leak under OOM condition. - [ppc64el] crypto: vmx - ghash: do nosimd fallback manually - include/linux/compiler*.h: define asm_volatile_goto - compiler.h: give up __compiletime_assert_fallback() - jump_label: move 'asm goto' support test to Kconfig - tipc: fix modprobe tipc failed after switch order of device registration https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.49 - include/linux/bitops.h: sanitize rotate primitives - xhci: update bounce buffer with correct sg num - xhci: Use %zu for printing size_t type - xhci: Convert xhci_handshake() to use readl_poll_timeout_atomic() - usb: xhci: avoid null pointer deref when bos field is NULL - usbip: usbip_host: fix BUG: sleeping function called from invalid context - usbip: usbip_host: fix stub_dev lock context imbalance regression - USB: Fix slab-out-of-bounds write in usb_get_bos_descriptor - USB: sisusbvga: fix oops in error path of sisusb_probe - USB: Add LPM quirk for Surface Dock GigE adapter - USB: rio500: refuse more than one device at a time - USB: rio500: fix memory leak in close after disconnect - media: usb: siano: Fix general protection fault in smsusb - media: usb: siano: Fix false-positive "uninitialized variable" warning - media: smsusb: better handle optional alignment - brcmfmac: fix NULL pointer derefence during USB disconnect - [s390x] scsi: zfcp: fix missing zfcp_port reference put on -EBUSY from port_remove - [s390x] scsi: zfcp: fix to prevent port_remove with pure auto scan LUNs (only sdevs) - tracing: Avoid memory leak in predicate_parse() - Btrfs: fix wrong ctime and mtime of a directory after log replay - Btrfs: fix race updating log root item during fsync - Btrfs: fix fsync not persisting changed attributes of a directory - Btrfs: incremental send, fix file corruption when no-holes feature is enabled - [s390x] crypto: fix gcm-aes-s390 selftest failures - [s390x] crypto: fix possible sleep during spinlock aquired - [ppc64el] KVM: Book3S HV: XIVE: Do not clear IRQ data of passthrough interrupts - [ppc64el] perf: Fix MMCRA corruption by bhrb_filter - ALSA: line6: Assure canceling delayed work at disconnection - ALSA: hda/realtek - Set default power save node to 0 - [s390x] KVM: Do not report unusabled IDs via KVM_CAP_MAX_VCPU_ID - drm/nouveau/i2c: Disable i2c bus access after ->fini() - [arm64] tty: serial: msm_serial: Fix XON/XOFF - memcg: make it work on sparse non-0-node systems - kernel/signal.c: trace_signal_deliver when signal_group_exit - [arm64] Fix the arm64_personality() syscall wrapper redirection - vt/fbcon: deinitialize resources in visual_init() after failed memory allocation - [arm*] staging: vc04_services: prevent integer overflow in create_pagelist() - [x86] staging: wlan-ng: fix adapter initialization failure - cifs: fix memory leak of pneg_inbuf on -EOPNOTSUPP ioctl case - CIFS: cifs_read_allocate_pages: don't iterate through whole page array on ENOMEM - Revert "lockd: Show pid of lockd for remote locks" - [armhf,arm64] drm/tegra: gem: Fix CPU-cache maintenance for BO's allocated using get_pages() - [x86] drm/vmwgfx: Don't send drm sysfs hotplug events on initial master set - [armhf,arm64] drm/sun4i: Fix sun8i HDMI PHY clock initialization - [armhf,arm64] drm/sun4i: Fix sun8i HDMI PHY configuration for > 148.5 MHz - [armhf,arm64] drm/rockchip: shutdown drm subsystem on shutdown - drm/lease: Make sure implicit planes are leased - [x86] ftrace: Do not call function graph from dynamic trampolines - [x86] ftrace: Set trampoline pages as executable - [x86] kprobes: Set instruction page as executable - scsi: lpfc: Fix backport of faf5a744f4f8 ("scsi: lpfc: avoid uninitialized variable warning") - media: uvcvideo: Fix uvc_alloc_entity() allocation alignment https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.50 - ethtool: fix potential userspace buffer overflow - Fix memory leak in sctp_process_init - ipv4: not do cache for local delivery if bc_forwarding is enabled - ipv6: fix the check before getting the cookie in rt6_get_cookie - neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit - [armhf] net: ethernet: ti: cpsw_ethtool: fix ethtool ring param set - net/mlx4_en: ethtool, Remove unsupported SFP EEPROM high pages query - [armhf,arm64] net: mvpp2: Use strscpy to handle stat strings - net: rds: fix memory leak in rds_ib_flush_mr_pool - net: sfp: read eeprom in maximum 16 byte increments - packet: unconditionally free po->rollover - pktgen: do not sleep with the thread lock held. - ipv6: use READ_ONCE() for inet->hdrincl as in ipv4 - ipv6: fix EFAULT on sendto with icmpv6 and hdrincl - rcu: locking and unlocking need to always be at least barriers - NFSv4.1: Again fix a race where CB_NOTIFY_LOCK fails to wake a waiter - NFSv4.1: Fix bug only first CB_NOTIFY_LOCK is handled - fuse: fallocate: fix return with locked inode - pstore: Remove needless lock during console writes - pstore: Convert buf_lock to semaphore - pstore: Set tfm to NULL on free_buf_for_compression - pstore/ram: Run without kernel crash dump region - [x86] power: Fix 'nosmt' vs hibernation triple fault during resume - [s390x] mm: fix address space detection in exception handling - xen-blkfront: switch kcalloc to kvcalloc for large array allocation - [ppc64el] genwqe: Prevent an integer overflow in the ioctl - test_firmware: Use correct snprintf() limit - [x86] drm/gma500/cdv: Check vbt config bits when detecting lvds panels - [arm64] drm/msm: fix fb references in async update - drm: add non-desktop quirk for Valve HMDs - drm: add non-desktop quirks to Sensics and OSVR headsets. - drm/amdgpu/psp: move psp version specific function pointers to early_init - drm/radeon: prefer lower reference dividers - drm/amdgpu: remove ATPX_DGPU_REQ_POWER_FOR_DISPLAYS check when hotplug-in - [x86] drm/i915: Fix I915_EXEC_RING_MASK - [x86] drm/i915/fbc: disable framebuffer compression on GeminiLake - [x86] drm/i915: Maintain consistent documentation subsection ordering - drm: don't block fb changes for async plane updates - [x86] drm/i915/gvt: Initialize intel_gvt_gtt_entry in stack - TTY: serial_core, add ->install - ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled - ethtool: check the return value of get_regs_len https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.51 - fs/fat/file.c: issue flush after the writeback of FAT - sysctl: return -EINVAL if val violates minmax - ipc: prevent lockup on alloc_msg and free_msg - [armhf] prevent tracing IPI_CPU_BACKTRACE - hugetlbfs: on restore reserve error path retain subpool reservation - mem-hotplug: fix node spanned pages when we have a node with only ZONE_MOVABLE - mm/cma.c: fix crash on CMA allocation if bitmap allocation fails - initramfs: free initrd memory if opening /initrd.image fails - mm/cma.c: fix the bitmap status to show failed allocation reason - mm: page_mkclean vs MADV_DONTNEED race - mm/cma_debug.c: fix the break condition in cma_maxchunk_get() - mm/slab.c: fix an infinite loop in leaks_show() - kernel/sys.c: prctl: fix false positive in validate_prctl_map() - drivers: thermal: tsens: Don't print error message on -EPROBE_DEFER - [x86] mfd: intel-lpss: Set the device in reset state when init - drm/nouveau/disp/dp: respect sink limits when selecting failsafe link configuration - [armhf] mfd: twl6040: Fix device init errors for ACCCTL register - [x86] perf/intel: Allow PEBS multi-entry in watermark mode - drm/nouveau/kms/gf119-gp10x: push HeadSetControlOutputResource() mthd when encoders change - [arm64] drm/bridge: adv7511: Fix low refresh rate selection - objtool: Don't use ignore flag for fake jumps - drm/nouveau/kms/gv100-: fix spurious window immediate interlocks - bpf: fix undefined behavior in narrow load handling - [arm64] pwm: meson: Use the spin-lock only to protect register modifications - ntp: Allow TAI-UTC offset to be set to zero - f2fs: fix to avoid panic in do_recover_data() - f2fs: fix to avoid panic in f2fs_inplace_write_data() - f2fs: fix to avoid panic in f2fs_remove_inode_page() - f2fs: fix to do sanity check on free nid - f2fs: fix to clear dirty inode in error path of f2fs_iget() - f2fs: fix to avoid panic in dec_valid_block_count() - f2fs: fix to use inline space only if inline_xattr is enable - f2fs: fix to do sanity check on valid block count of segment - f2fs: fix to do checksum even if inode page is uptodate - percpu: remove spurious lock dependency between percpu and sched - configfs: fix possible use-after-free in configfs_register_group - [armhf,arm64] PCI: dwc: Free MSI in dw_pcie_host_init() error path - [armhf,arm64] PCI: dwc: Free MSI IRQ page in dw_pcie_free_msi() - ovl: do not generate duplicate fsnotify events for "fake" path - mmc: mmci: Prevent polling for busy detection in IRQ context - netfilter: nf_flow_table: fix missing error check for rhashtable_insert_fast - netfilter: nf_conntrack_h323: restore boundary check correctness - [mips*] Make sure dt memory regions are valid - netfilter: nf_tables: fix base chain stat rcu_dereference usage - [armhf] watchdog: imx2_wdt: Fix set_timeout for big timeout values - watchdog: fix compile time error of pretimeout governors - blk-mq: move cancel of requeue_work into blk_mq_release - [x86] iommu/vt-d: Set intel_iommu_gfx_mapped correctly - nvme-pci: unquiesce admin queue on shutdown - nvme-pci: shutdown on timeout during deletion - netfilter: nf_flow_table: check ttl value in flow offload data path - netfilter: nf_flow_table: fix netdev refcnt leak - ALSA: hda - Register irq handler after the chip initialization - nvmem: core: fix read buffer in place - [armhf,arm64] nvmem: sunxi_sid: Support SID on A83T and H5 - fuse: retrieve: cap requested size to negotiated max_write - nfsd: allow fh_want_write to be called twice - nfsd: avoid uninitialized variable warning - vfio: Fix WARNING "do not call blocking ops when !TASK_RUNNING" - [armhf,arm64] iommu/arm-smmu-v3: Don't disable SMMU in kdump kernel - [x86] net: thunderbolt: Unregister ThunderboltIP protocol handler when suspending - [x86] PCI: Fix PCI IRQ routing table memory leak - i40e: Queues are reserved despite "Invalid argument" error - platform/chrome: cros_ec_proto: check for NULL transfer function - [armhf] clk: rockchip: Turn on "aclk_dmac1" for suspend on rk3288 - [armhf] soc: rockchip: Set the proper PWM for rk3288 - [armhf] dts: imx51: Specify IMX5_CLK_IPG as "ahb" clock to SDMA - [armhf] dts: imx50: Specify IMX5_CLK_IPG as "ahb" clock to SDMA - [armhf] dts: imx53: Specify IMX5_CLK_IPG as "ahb" clock to SDMA - [armhf] dts: imx6sx: Specify IMX6SX_CLK_IPG as "ahb" clock to SDMA - [armhf] dts: imx6sll: Specify IMX6SLL_CLK_IPG as "ipg" clock to SDMA - [armhf] dts: imx6ul: Specify IMX6UL_CLK_IPG as "ipg" clock to SDMA - [armhf] dts: imx6sx: Specify IMX6SX_CLK_IPG as "ipg" clock to SDMA - [armhf] dts: imx6qdl: Specify IMX6QDL_CLK_IPG as "ipg" clock to SDMA - [ppc64el] PCI: rpadlpar: Fix leaked device_node references in add/remove paths - drm/amd/display: Use plane->color_space for dpp if specified - [armhf] OMAP2+: pm33xx-core: Do not Turn OFF CEFUSE as PPA may be using it - [x86] platform: intel_pmc_ipc: adding error handling - [arm64] net: hns3: return 0 and print warning when hit duplicate MAC - scsi: qla2xxx: Reset the FCF_ASYNC_{SENT|ACTIVE} flags - [x86] video: hgafb: fix potential NULL pointer dereference - block, bfq: increase idling for weight-raised queues - [arm64] PCI: xilinx: Check for __get_free_pages() failure - ice: Add missing case in print_link_msg for printing flow control - [x86] dmaengine: idma64: Use actual device for DMA transfers - [armhf] pwm: tiehrpwm: Update shadow register for disabling PWMs - [armhf] dts: exynos: Always enable necessary APIO_1V8 and ABB_1V8 regulators on Arndale Octa - pwm: Fix deadlock warning when removing PWM device - [armhf] exynos: Fix undefined instruction during Exynos5422 resume - [x86] usb: typec: fusb302: Check vconn is off when we start toggling - soc: renesas: Identify R-Car M3-W ES1.3 - percpu: do not search past bitmap when allocating an area - ovl: check the capability before cred overridden - ovl: support stacked SEEK_HOLE/SEEK_DATA - [arm*] drm/vc4: fix fb references in async update - ALSA: seq: Cover unsubscribe_port() in list_mutex https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.52 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.53 - drm/nouveau: add kconfig option to turn off nouveau legacy contexts. (v3) - nouveau: Fix build with CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT disabled - HID: multitouch: handle faulty Elo touch device - HID: wacom: Don't set tool type until we're in range - HID: wacom: Don't report anything prior to the tool entering range - HID: wacom: Send BTN_TOUCH in response to INTUOSP2_BT eraser contact - HID: wacom: Correct button numbering 2nd-gen Intuos Pro over Bluetooth - HID: wacom: Sync INTUOSP2_BT touch state after each frame if necessary - ALSA: oxfw: allow PCM capture for Stanton SCS.1m - ALSA: hda/realtek - Update headset mode for ALC256 - ALSA: firewire-motu: fix destruction of data for isochronous resources - libata: Extend quirks for the ST1000LM024 drives with NOLPM quirk - mm/list_lru.c: fix memory leak in __memcg_init_list_lru_node - fs/ocfs2: fix race in ocfs2_dentry_attach_lock() - mm/vmscan.c: fix trying to reclaim unevictable LRU page - signal/ptrace: Don't leak unitialized kernel memory with PTRACE_PEEK_SIGINFO - ptrace: restore smp_rmb() in __ptrace_may_access() - [armhf,arm64] iommu/arm-smmu: Avoid constant zero in TLBI writes - bcache: fix stack corruption by PRECEDING_KEY() - bcache: only set BCACHE_DEV_WB_RUNNING when cached device attached - cgroup: Use css_tryget() instead of css_tryget_online() in task_get_css() - [x86] drm/i915/sdvo: Implement proper HDMI audio support for SDVO - ALSA: seq: Fix race of get-subscription call vs port-delete ioctls - Drivers: misc: fix out-of-bounds access in function param_set_kgdbts_var - f2fs: fix to avoid accessing xattr across the boundary - scsi: qedi: remove memset/memcpy to nfunc and use func instead (CVE-2019-15090) - scsi: qedi: remove set but not used variables 'cdev' and 'udev' - scsi: lpfc: correct rcu unlock issue in lpfc_nvme_info_show - scsi: lpfc: add check for loss of ndlp when sending RRQ - [arm64] mm: Inhibit huge-vmap with ptdump - nvme: fix srcu locking on error return in nvme_get_ns_from_disk - nvme: remove the ifdef around nvme_nvm_ioctl - nvme: merge nvme_ns_ioctl into nvme_ioctl - nvme: release namespace SRCU protection before performing controller ioctls - nvme: fix memory leak for power latency tolerance - [x86] platform: pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI table - [x86] platform: pmc_atom: Add several Beckhoff Automation boards to critclk_systems DMI table - scsi: bnx2fc: fix incorrect cast to u64 on shift operation - libnvdimm: Fix compilation warnings with W=1 - tracing: Prevent hist_field_var_ref() from accessing NULL tracing_map_elts - usbnet: ipheth: fix racing condition - [armhf,arm64] KVM: Move cc/it checks under hyp's Makefile to avoid instrumentation - [x86] KVM: pmu: mask the result of rdpmc according to the width of the counters - [x86] KVM: pmu: do not mask the value that is written to fixed PMUs - [s390x] KVM: fix memory slot handling for KVM_SET_USER_MEMORY_REGION - [x86] drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an invalid read - [x86] drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() - [armhf,arm64] usb: dwc2: Fix DMA cache alignment issues - [armhf,arm64] usb: dwc2: host: Fix wMaxPacketSize handling (fix webcam regression) - USB: Fix chipmunk-like voice when using Logitech C270 for recording audio. - USB: usb-storage: Add new ID to ums-realtek - USB: serial: pl2303: add Allied Telesis VT-Kit3 - USB: serial: option: add support for Simcom SIM7500/SIM7600 RNDIS mode - USB: serial: option: add Telit 0x1260 and 0x1261 compositions - timekeeping: Repair ktime_get_coarse*() granularity - [x86] microcode, cpuhotplug: Add a microcode loader CPU hotplug callback - [x86] mm/KASLR: Compute the size of the vmemmap section properly - [x86] resctrl: Prevent NULL pointer dereference when local MBM is disabled - drm/edid: abstract override/firmware EDID retrieval - drm: add fallback override/firmware EDID modes workaround - [armhf] rtc: pcf8523: don't return invalid date when battery is low https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.54 - ax25: fix inconsistent lock state in ax25_destroy_timer - be2net: Fix number of Rx queues used for flow hashing - [x86] hv_netvsc: Set probe mode to sync - ipv6: flowlabel: fl6_sock_lookup() must use atomic_inc_not_zero - lapb: fixed leak of control-blocks. - neigh: fix use-after-free read in pneigh_get_next - net: openvswitch: do not free vport if register_netdevice() is failed. - sctp: Free cookie before we memdup a new one - tipc: purge deferredq list for each grp member in tipc_group_delete - vsock/virtio: set SOCK_DONE on peer shutdown - net/mlx5: Avoid reloading already removed devices - [armhf,arm64] net: mvpp2: prs: Fix parser range for VID filtering - [armhf,arm64] net: mvpp2: prs: Use the correct helpers when removing all VID filters - [arm*] Staging: vc04_services: Fix a couple error codes - [x86] perf/intel/ds: Fix EVENT vs. UEVENT PEBS constraints - netfilter: nf_queue: fix reinject verdict handling - ipvs: Fix use-after-free in ip_vs_in - [armhf] clk: ti: clkctrl: Fix clkdm_clk handling - [ppc64el] powernv: Return for invalid IMC domain - usb: xhci: Fix a potential null pointer dereference in xhci_debugfs_create_endpoint() - mISDN: make sure device name is NUL terminated - [x86] CPU/AMD: Don't force the CPB cap when running under a hypervisor - perf/ring_buffer: Fix exposing a temporarily decreased data_head - perf/ring_buffer: Add ordering to rb->nest increment - perf/ring-buffer: Always use {READ,WRITE}_ONCE() for rb->user_page data - [armhf,arm64] net: stmmac: update rx tail pointer register to fix rx dma hang issue. - ACPI/PCI: PM: Add missing wakeup.flags.valid checks - [armhf] drm/etnaviv: lock MMU while dumping core - net: aquantia: tx clean budget logic error - net: aquantia: fix LRO with FCS error - i2c: dev: fix potential memory leak in i2cdev_ioctl_rdwr - ALSA: hda - Force polling mode on CNL for fixing codec communication - configfs: Fix use-after-free when accessing sd->s_dentry - perf data: Fix 'strncat may truncate' build failure with recent gcc - perf namespace: Protect reading thread's namespace - [s390x] perf record: Fix s390 missing module symbol and warning for non-root users - xenbus: Avoid deadlock during suspend due to open transactions - [ppc64el] KVM: Book3S: Use new mutex to synchronize access to rtas token list - [ppc64el] KVM: Book3S HV: Don't take kvm->lock around kvm_for_each_vcpu - [arm64] fix syscall_fn_t type - [arm64] use the correct function type in SYSCALL_DEFINE0 - [arm64] use the correct function type for __arm64_sys_ni_syscall - net: phylink: ensure consistent phy interface mode - net: phy: dp83867: Set up RGMII TX delay - scsi: libcxgbi: add a check for NULL pointer in cxgbi_check_route() - scsi: smartpqi: properly set both the DMA mask and the coherent DMA mask - scsi: scsi_dh_alua: Fix possible null-ptr-deref - scsi: libsas: delete sas port if expander discover failed - ocfs2: fix error path kobject memory leak - coredump: fix race condition between collapse_huge_page() and core dumping - Abort file_remove_privs() for non-reg. files https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.55 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.56 - tracing: Silence GCC 9 array bounds warning - objtool: Support per-function rodata sections - ovl: support the FS_IOC_FS[SG]ETXATTR ioctls - ovl: fix wrong flags check in FS_IOC_FS[SG]ETXATTR ioctls - ovl: make i_ino consistent with st_ino in more cases - ovl: detect overlapping layers - ovl: don't fail with disconnected lower NFS - ovl: fix bogus -Wmaybe-unitialized warning - [s390x] jump_label: Use "jdd" constraint on gcc9 - [s390x] ap: rework assembler functions to use unions for in/out register variables - mmc: sdhci: sdhci-pci-o2micro: Correctly set bus width when tuning - mmc: core: API to temporarily disable retuning for SDIO CRC errors - mmc: core: Add sdio_retune_hold_now() and sdio_retune_release() - mmc: core: Prevent processing SDIO IRQs when the card is suspended - scsi: ufs: Avoid runtime suspend possibly being blocked forever - [armhf,arm64] usb: chipidea: udc: workaround for endpoint conflict issue - xhci: detect USB 3.2 capable host controllers correctly - usb: xhci: Don't try to recover an endpoint if port is in error state. - IB/hfi1: Validate fault injection opcode user input - IB/hfi1: Silence txreq allocation warnings - [x86] Input: synaptics - enable SMBus on ThinkPad E480 and E580 - Input: uinput - add compat ioctl number translation for UI_*_FF_UPLOAD - [x86] Input: silead - add MSSL0017 to acpi_device_id - apparmor: fix PROFILE_MEDIATES for untrusted input - apparmor: enforce nullbyte at end of tag string - brcmfmac: sdio: Disable auto-tuning around commands expected to fail - brcmfmac: sdio: Don't tune while the card is off - parport: Fix mem leak in parport_register_dev_model - IB/rdmavt: Fix alloc_qpn() WARN_ON() - IB/hfi1: Insure freeze_work work_struct is canceled on shutdown - IB/{qib, hfi1, rdmavt}: Correct ibv_devinfo max_mr value - IB/hfi1: Validate page aligned for a given virtual address - [mips*] uprobes: remove set but not used variable 'epc' - [armhf,arm64] net: dsa: mv88e6xxx: avoid error message on remove from VLAN 0 - [arm64] net: hns: Fix loopback test failed at copper ports - mdesc: fix a missing-check bug in get_vdev_port_node_info() - [arm64] drm/arm/mali-dp: Add a loop around the second set CVAL and try 5 times - [arm64] drm/arm/hdlcd: Actually validate CRTC modes - [arm64] drm/arm/hdlcd: Allow a bit of clock tolerance - nvmet: fix data_len to 0 for bdev-backed write_zeroes - scsi: ufs: Check that space was properly alloced in copy_query_response - scsi: smartpqi: unlock on error in pqi_submit_raid_request_synchronous() - net: ipvlan: Fix ipvlan device tso disabled while NETIF_F_IP_CSUM is set - [s390x] qeth: fix VLAN attribute in bridge_hostnotify udev event - hwmon: (core) add thermal sensors only if dev->of_node is present - hwmon: (pmbus/core) Treat parameters as paged if on multiple pages - nvme: Fix u32 overflow in the number of namespace list calculation - btrfs: start readahead also in seed devices - [armhf] can: flexcan: fix timeout when set small bitrate - can: purge socket error queue on sock destruct - [ppc64el] bpf: use unsigned division instruction for 64-bit operations - [armhf] imx: cpuidle-imx6sx: Restrict the SW2ISO increase to i.MX6SX - [armhf] dts: dra76x: Update MMC2_HS200_MANUAL1 iodelay values - [armhf] dts: am57xx-idk: Remove support for voltage switching for SD card - [arm64] sve: <uapi/asm/ptrace.h> should not depend on <uapi/linux/prctl.h> - [arm64] ssbd: explicitly depend on <linux/prctl.h> - [x86] drm/vmwgfx: Use the backdoor port if the HB port is not available - Bluetooth: Align minimum encryption key size for LE and BR/EDR connections (CVE-2019-9506) - Bluetooth: Fix regression with minimum encryption key size alignment - SMB3: retry on STATUS_INSUFFICIENT_RESOURCES instead of failing write - cfg80211: fix memory leak of wiphy device name - mac80211: drop robust management frames from unknown TA - {nl,mac}80211: allow 4addr AP operation on crypto controlled devices - mac80211: handle deauthentication/disassociation from TDLS peer - nl80211: fix station_info pertid memory leak - mac80211: Do not use stack memory with scatterlist for GMAC - [x86] resctrl: Don't stop walking closids when a locksetup group is found https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.57 - perf ui helpline: Use strlcpy() as a shorter form of strncpy() + explicit set nul - perf help: Remove needless use of strncpy() - perf header: Fix unchecked usage of strncpy() - [arm64] Don't unconditionally add -Wno-psabi to KBUILD_CFLAGS - IB/hfi1: Close PSM sdma_progress sleep window - 9p/xen: fix check for xenbus_read error in front_probe - 9p: Use a slab for allocating requests - 9p: embed fcall in req to round down buffer allocs - 9p: add a per-client fcall kmem_cache - 9p: rename p9_free_req() function - 9p: Add refcount to p9_req_t - 9p/rdma: do not disconnect on down_interruptible EAGAIN - 9p: Rename req to rreq in trans_fd - 9p: acl: fix uninitialized iattr access - 9p/rdma: remove useless check in cm_event_handler - 9p: p9dirent_read: check network-provided name length - 9p: potential NULL dereference - 9p/trans_fd: abort p9_read_work if req status changed - 9p/trans_fd: put worker reqs on destroy - net/9p: include trans_common.h to fix missing prototype warning. - qmi_wwan: Fix out-of-bounds read - [armhf,arm64] Revert "usb: dwc3: gadget: Clear req->needs_extra_trb flag on cleanup" - [armhf,arm64] usb: dwc3: gadget: combine unaligned and zero flags - [armhf,arm64] usb: dwc3: gadget: track number of TRBs per request - [armhf,arm64] usb: dwc3: gadget: use num_trbs when skipping TRBs on ->dequeue() - [armhf,arm64] usb: dwc3: gadget: extract dwc3_gadget_ep_skip_trbs() - [armhf,arm64] usb: dwc3: gadget: introduce cancelled_list - [armhf,arm64] usb: dwc3: gadget: move requests to cancelled_list - [armhf,arm64] usb: dwc3: gadget: remove wait_end_transfer - [armhf,arm64] usb: dwc3: gadget: Clear req->needs_extra_trb flag on cleanup - fs/proc/array.c: allow reporting eip/esp for all coredumping threads - mm/mempolicy.c: fix an incorrect rebind node in mpol_rebind_nodemask - fs/binfmt_flat.c: make load_flat_shared_library() work - [armhf] clk: socfpga: stratix10: fix divider entry for the emac clocks - mm: soft-offline: return -EBUSY if set_hwpoison_free_buddy_page() fails - mm: hugetlb: soft-offline: dissolve_free_huge_page() return zero on !PageHuge - mm/page_idle.c: fix oops because end_pfn is larger than max_pfn - dm log writes: make sure super sector log updates are written in order - [x86] scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck() - [x86] speculation: Allow guests to use SSBD even if host does not - [x86] microcode: Fix the microcode load on CPU hotplug for real - [x86] resctrl: Prevent possible overrun during bitmap operations - [x86] KVM: mmu: Allocate PAE root array when using SVM's 32-bit NPT - NFS/flexfiles: Use the correct TCP timeout for flexfiles I/O - cpu/speculation: Warn on unsupported mitigations= parameter - SUNRPC: Clean up initialisation of the struct rpc_rqst - [mips*] irqchip/mips-gic: Use the correct local interrupt map registers - eeprom: at24: fix unexpected timeout under high load - af_packet: Block execution of tasks waiting for transmit to complete in AF_PACKET - bonding: Always enable vlan tx offload - ipv4: Use return value of inet_iif() for __raw_v4_lookup in the while loop - net/packet: fix memory leak in packet_set_ring() - net: remove duplicate fetch in sock_getsockopt - [armhf,arm64] net: stmmac: fixed new system time seconds value calculation - [armhf,arm64] net: stmmac: set IC bit when transmitting frames with HW timestamp - sctp: change to hold sk after auth shkey is created successfully - team: Always enable vlan tx offload - tipc: change to use register_pernet_device - tipc: check msg->req data len in tipc_nl_compat_bearer_disable - tun: wake up waitqueues after IFF_UP is set - bpf: simplify definition of BPF_FIB_LOOKUP related flags - bpf: lpm_trie: check left child of last leftmost node for NULL - bpf: fix nested bpf tracepoints with per-cpu data - bpf: fix unconnected udp hooks - bpf: udp: Avoid calling reuseport's bpf_prog from udp_gro - bpf: udp: ipv6: Avoid running reuseport's bpf_prog from __udp6_lib_err - [arm64] futex: Avoid copying out uninitialised stack in failed cmpxchg() - [arm64] bpf: use more scalable stadd over ldxr / stxr loop in xadd - futex: Update comments and docs about return values of arch futex code - RDMA: Directly cast the sockaddr union to sockaddr - tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb - [armhf,arm64] usb: dwc3: Reset num_trbs after skipping - [arm64] insn: Fix ldadd instruction encoding https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.58 - Bluetooth: Fix faulty expression for minimum encryption key size check - block: Fix a NULL pointer dereference in generic_make_request() - md/raid0: Do not bypass blocking queue entered for raid0 bios - netfilter: nf_flow_table: ignore DF bit setting - netfilter: nft_flow_offload: set liberal tracking mode for tcp - netfilter: nft_flow_offload: don't offload when sequence numbers need adjustment - netfilter: nft_flow_offload: IPCB is only valid for ipv4 family - ASoC: soc-pcm: BE dai needs prepare when pause release after resume - spi: bitbang: Fix NULL pointer dereference in spi_unregister_master - [armhf,arm64] ASoC: max98090: remove 24-bit format support if RJ is 0 - [x86] CPU: Add more Icelake model numbers - ALSA: hdac: fix memory release for SST and SOF drivers - scsi: hpsa: correct ioaccel2 chaining - [x86] drm: panel-orientation-quirks: Add quirk for GPD pocket2 - [x86] drm: panel-orientation-quirks: Add quirk for GPD MicroPC - [x86] platform: asus-wmi: Only Tell EC the OS will handle display hotkeys from asus_nb_wmi - [x86] platform: intel-vbtn: Report switch events when event wakes device - [x86] platform: mlx-platform: Fix parent device in i2c-mux-reg device registration - i2c: pca-platform: Fix GPIO lookup code - cpuset: restore sanity to cpuset_cpus_allowed_fallback() - mm/mlock.c: change count_mm_mlocked_page_nr return type - tracing: avoid build warning with HAVE_NOP_MCOUNT - module: Fix livepatch/ftrace module text permissions race - ftrace: Fix NULL pointer dereference in free_ftrace_func_mapper() - [x86] drm/i915/dmc: protect against reading random memory - crypto: user - prevent operating on larval algorithms - crypto: cryptd - Fix skcipher instance memory leak - ALSA: seq: fix incorrect order of dest_client/dest_ports arguments - ALSA: firewire-lib/fireworks: fix miss detection of received MIDI messages - ALSA: line6: Fix write on zero-sized buffer - ALSA: usb-audio: fix sign unintended sign extension on left shifts - [x86] ALSA: hda/realtek: Add quirks for several Clevo notebook barebones - [x86] ALSA: hda/realtek - Change front mic location for Lenovo M710q - lib/mpi: Fix karactx leak in mpi_powm - fs/userfaultfd.c: disable irqs for fault_pending and event locks - tracing/snapshot: Resize spare buffer if size changed - [armhf] dts: armada-xp-98dx3236: Switch to armada-38x-uart serial node - drm/amd/powerplay: use hardware fan control if no powerplay fan table - drm/amdgpu/gfx9: use reset default for PA_SC_FIFO_SIZE - [armhf] drm/etnaviv: add missing failure path to destroy suballoc - [armhf] drm/imx: notify drm core before sending event during crtc disable - drm/imx: only send event on crtc disable if kept disabled - [x86] ftrace: Remove possible deadlock between register_kprobe() and ftrace_run_update_code() - mm/vmscan.c: prevent useless kswapd loops - btrfs: Ensure replaced device doesn't have pending chunk allocation - tty: rocket: fix incorrect forward declaration of 'rp_init()' - net/smc: move unhash before release of clcsock - drm/fb-helper: generic: Don't take module ref for fbcon - f2fs: don't access node/meta inode mapping after iput - mac80211: mesh: fix missing unlock on error in table_path_del() - scsi: tcmu: fix use after free - [amd64] boot/compressed: Do not corrupt EDX on EFER.LME=1 setting - [arm64] net: hns: Fixes the missing put_device in positive leg for roce reset - ALSA: hda: Initialize power_state field properly - rds: Fix warning. - ip6: fix skb leak in ip6frag_expire_frag_queue() - netfilter: ipv6: nf_defrag: fix leakage of unqueued fragments - [arm64] net: hns: fix unsigned comparison to less than zero - bpf: fix bpf_jit_limit knob for PAGE_SIZE >= 64K - netfilter: ipv6: nf_defrag: accept duplicate fragments again - [x86] KVM: degrade WARN to pr_warn_ratelimited - [x86] KVM: LAPIC: Fix pending interrupt in IRR blocked by software disable LAPIC - nfsd: Fix overflow causing non-working mounts on 1 TB machines - svcrdma: Ignore source port when computing DRC hash - [mips*] Fix bounds check virt_addr_valid - [mips*] Add missing EHB in mtc0 -> mfc0 sequence. - [arm64] dmaengine: qcom: bam_dma: Fix completed descriptors count - [armhf] dmaengine: imx-sdma: remove BD_INTR for channel0 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.59 - [x86] Input: elantech - enable middle button support on 2 ThinkPads - mac80211: fix rate reporting inside cfg80211_calculate_bitrate_he() - bpf: sockmap, fix use after free from sleep in psock backlog workqueue - mac80211: mesh: fix RCU warning - mac80211: free peer keys before vif down in mesh - iwlwifi: Fix double-free problems in iwl_req_fw_callback() - can: af_can: Fix error path of can_init() - net: phy: rename Asix Electronics PHY driver - [armhf] dts: am335x phytec boards: Fix cd-gpios active level - [s390x] boot: disable address-of-packed-member warning - [x86] drm/vmwgfx: Honor the sg list segment size limitation - [x86] drm/vmwgfx: fix a warning due to missing dma_parms - [armhf] Input: imx_keypad - make sure keyboard can always wake up system - [armhf,arm64] KVM: vgic: Fix kvm_device leak in vgic_its_destroy - mac80211: only warn once on chanctx_conf being NULL - mac80211: do not start any work during reconfigure flow - bpf, devmap: Fix premature entry free on destroying map - bpf, devmap: Add missing bulk queue free - bpf, devmap: Add missing RCU read lock on flush - [amd64] bpf: fix stack layout of JITed bpf code - qmi_wwan: add support for QMAP padding in the RX path - qmi_wwan: avoid RCU stalls on device disconnect when in QMAP mode - qmi_wwan: extend permitted QMAP mux_id value range - mmc: core: complete HS400 before checking status - md: fix for divide error in status_resync - bnx2x: Check if transceiver implements DDM before access - drm: return -EFAULT if copy_to_user() fails - ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL - net: lio_core: fix potential sign-extension overflow on large shift - scsi: qedi: Check targetname while finding boot target information - quota: fix a problem about transfer quota - [armhf,arm64] net: dsa: mv88e6xxx: fix shift of FID bits in mv88e6185_g1_vtu_loadpurge() - NFS4: Only set creation opendata if O_CREAT - net :sunrpc :clnt :Fix xps refcount imbalance on the error path - fscrypt: don't set policy for a dead directory - udf: Fix incorrect final NOT_ALLOCATED (hole) extent length - media: stv0297: fix frequency range limit - ALSA: usb-audio: Fix parse of UAC2 Extension Units - ALSA: hda/realtek - Headphone Mic can't record after S3 - block, bfq: NULL out the bic when it's no longer valid - [arm64] perf pmu: Fix uncore PMU alias list for ARM64 - [x86] ptrace: Fix possible spectre-v1 in ptrace_get_debugreg() - [x86] tls: Fix possible spectre-v1 in do_get_thread_area() - USB: serial: ftdi_sio: add ID for isodebug v1 - USB: serial: option: add support for GosunCn ME3630 RNDIS mode - Revert "serial: 8250: Don't service RX FIFO if interrupts are disabled" - p54usb: Fix race between disconnect and firmware loading - usb: gadget: ether: Fix race between gether_disconnect and rx_submit - [armhf,arm64] usb: dwc2: use a longer AHB idle timeout in dwc2_core_reset() - [x86] drivers/usb/typec/tps6598x.c: fix portinfo width - [x86] drivers/usb/typec/tps6598x.c: fix 4CC cmd write - [i386] staging: comedi: dt282x: fix a null pointer deref on interrupt - [x86] staging: comedi: amplc_pci230: fix null pointer deref on interrupt - HID: Add another Primax PIXART OEM mouse quirk - binder: fix memory leak in error path - carl9170: fix misuse of device driver API - [x86] VMCI: Fix integer overflow in VMCI handle arrays - staging: rtl8712: reduce stack usage, again https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.60 - Revert "e1000e: fix cyclic resets at link up with active tx" - e1000e: start network tx queue only when link is up - [x86] Input: synaptics - enable SMBUS on T480 thinkpad trackpad - nilfs2: do not use unexported cpu_to_le32()/le32_to_cpu() in uapi header - drivers: base: cacheinfo: Ensure cpu hotplug work is done before Intel RDT - firmware: improve LSM/IMA security behaviour - [armhf,arm64] irqchip/gic-v3-its: Fix command queue pointer comparison bug - [armhf] clk: ti: clkctrl: Fix returning uninitialized data - [amd64,arm64] efi/bgrt: Drop BGRT status field reserved bits check - perf/core: Fix perf_sample_regs_user() mm check - [armhf] omap2: remove incorrect __init annotation - afs: Fix uninitialised spinlock afs_volume::cb_break_lock - [x86] apic: Fix integer overflow on 10 bit left shift of cpu_khz - be2net: fix link failure after ethtool offline test - ppp: mppe: Add softdep to arc4 - sis900: fix TX completion - [armhf] dts: imx6ul: fix PWM[1-4] interrupts - [armhf] pinctrl: mcp23s08: Fix add_data and irqchip_add_nested call order - dm table: don't copy from a NULL pointer in realloc_argv() - dm verity: use message limit for data block corruption message - [amd64] boot: Fix crash if kernel image crosses page table boundary - [amd64] boot: Add missing fixup_pointer() for next_early_pgt access - HID: chicony: add another quirk for PixArt mouse - HID: multitouch: Add pointstick support for ALPS Touchpad - cpu/hotplug: Fix out-of-bounds read when setting fail state - linux/kernel.h: fix overflow for DIV_ROUND_UP_ULL - genirq: Delay deactivation in free_irq() - genirq: Fix misleading synchronize_irq() documentation - genirq: Add optional hardware synchronization for shutdown - [x86] ioapic: Implement irq_get_irqchip_state() callback - [x86] irq: Handle spurious interrupt after shutdown gracefully - [x86] irq: Seperate unused system vectors from spurious entry again - [s390x] fix stfle zero padding - [s390x] qdio: (re-)initialize tiqdio list entries - [s390x] qdio: don't touch the dsci in tiqdio_add_input_queues() - regmap-irq: do not write mask register if mask_base is zero - drm/udl: introduce a macro to convert dev to udl. - drm/udl: Replace drm_dev_unref with drm_dev_put - drm/udl: move to embedding drm device inside udl device. - [i386] entry: Fix ENDPROC of common_spurious https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.61 - [arm64] efi: Mark __efistub_stext_offset as an absolute symbol explicitly - scsi: iscsi: set auth_protocol back to NULL if CHAP_A value is not supported - [armhf] dmaengine: imx-sdma: fix use-after-free on probe error path - wil6210: fix potential out-of-bounds read - ath10k: Do not send probe response template for mesh - ath9k: Check for errors when reading SREV register - ath6kl: add some bounds checking - ath10k: add peer id check in ath10k_peer_find_by_id - wil6210: fix spurious interrupts in 3-msi - ath: DFS JP domain W56 fixed pulse type 3 RADAR detection - regmap: debugfs: Fix memory leak in regmap_debugfs_init - batman-adv: fix for leaked TVLV handler. - media: dvb: usb: fix use after free in dvb_usb_device_exit - media: marvell-ccic: fix DMA s/g desc number calculation - media: media_device_enum_links32: clean a reserved field - [armhf,arm64] net: stmmac: dwmac1000: Clear unused address entries - [armhf,arm64] net: stmmac: dwmac4/5: Clear unused address entries - qed: Set the doorbell address correctly - signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig - af_key: fix leaks in key_pol_get_resp and dump_sp. - xfrm: Fix xfrm sel prefix length validation - fscrypt: clean up some BUG_ON()s in block encryption/decryption - perf annotate TUI browser: Do not use member from variable within its own initialization - media: mc-device.c: don't memset __user pointer contents - media: saa7164: fix remove_proc_entry warning - net: phy: Check against net_device being NULL - tua6100: Avoid build warnings. - batman-adv: Fix duplicated OGMs on NETDEV_UP - [armhf] media: wl128x: Fix some error handling in fm_v4l2_init_video_device() - [arm64] net: hns3: set ops to null when unregister ad_dev - cpupower : frequency-set -r option misses the last cpu in related cpu list - [armhf,arm64] net: stmmac: dwmac4: fix flow control issue - [armhf,arm64] net: stmmac: modify default value of tx-frames - [arm64] crypto: inside-secure - do not rely on the hardware last bit for result descriptors - [s390x] qdio: handle PENDING state for QEBSM devices - net: sfp: add mutex to prevent concurrent state checks - ipset: Fix memory accounting for hash types on resize - perf cs-etm: Properly set the value of 'old' and 'head' in snapshot mode - [s390x] perf report: Fix OOM error in TUI mode on s390 - [arm64] irqchip/meson-gpio: Add support for Meson-G12A SoC - media: uvcvideo: Fix access to uninitialized fields on probe error - iommu: Fix a leak in iommu_insert_resv_region - [armhf] gpio: omap: fix lack of irqstatus_raw0 for OMAP4 - [armhf] gpio: omap: ensure irq is enabled before wakeup - regmap: fix bulk writes on paged registers - bpf: silence warning messages in core - selinux: fix empty write to keycreate file - [x86] cpu: Add Ice Lake NNPI to Intel family - [arm64] ASoC: meson: axg-tdm: fix sample clock inversion - rcu: Force inlining of rcu_read_lock() - [x86] cpufeatures: Add FDP_EXCPTN_ONLY and ZERO_FCS_FDS - qed: iWARP - Fix tc for MPA ll2 connection - [arm64] net: hns3: fix for skb leak when doing selftest - block: null_blk: fix race condition for null_del_dev - blkcg, writeback: dead memcgs shouldn't contribute to writeback ownership arbitration - xfrm: fix sa selector validation - sched/core: Add __sched tag for io_schedule() - sched/fair: Fix "runnable_avg_yN_inv" not used warnings - [x86] perf/intel/uncore: Handle invalid event coding for free-running counter - [x86] atomic: Fix smp_mb__{before,after}_atomic() - perf evsel: Make perf_evsel__name() accept a NULL argument - vhost_net: disable zerocopy by default - ipoib: correcly show a VF hardware address - [x86] cacheinfo: Fix a -Wtype-limits warning - blk-iolatency: only account submitted bios - ACPICA: Clear status of GPEs on first direct enable - EDAC/sysfs: Fix memory leak when creating a csrow object - nvme: fix possible io failures when removing multipathed ns - nvme-pci: properly report state change failure in nvme_reset_work - nvme-pci: set the errno on ctrl state change error - lightnvm: pblk: fix freeing of merged pages - [arm64] Do not enable IRQs for ct_user_exit - ipsec: select crypto ciphers for xfrm_algo - ipvs: defer hook registration to avoid leaks - media: i2c: fix warning same module names - ntp: Limit TAI-UTC offset - timer_list: Guard procfs specific code - [arm64] acpi: ignore 5.1 FADTs that are reported as 5.0 - media: hdpvr: fix locking and a missing msleep - [armhf] net: stmmac: sun8i: force select external PHY when no internal one - rtlwifi: rtl8192cu: fix error handle when usb probe failed - mt7601u: do not schedule rx_tasklet when the device has been disconnected - mt7601u: fix possible memory leak when the device is disconnected - ipvs: fix tinfo memory leak in start_sync_thread - ath10k: add missing error handling - ath10k: fix PCIE device wake up failed - perf tools: Increase MAX_NR_CPUS and MAX_CACHES - [x86] ASoC: Intel: hdac_hdmi: Set ops to NULL on remove - libata: don't request sense data on !ZAC ATA devices - [armhf] clocksource/drivers/exynos_mct: Increase priority over ARM arch timer - xsk: Properly terminate assignment in xskq_produce_flush_desc - rslib: Fix decoding of shortened codes - rslib: Fix handling of of caller provided syndrome - ixgbe: Check DDM existence in transceiver before access - crypto: serpent - mark __serpent_setkey_sbox noinline - wil6210: drop old event after wmi_call timeout - EDAC: Fix global-out-of-bounds write when setting edac_mc_poll_msec - bcache: check CACHE_SET_IO_DISABLE in allocator code - bcache: check CACHE_SET_IO_DISABLE bit in bch_journal() - bcache: acquire bch_register_lock later in cached_dev_free() - bcache: check c->gc_thread by IS_ERR_OR_NULL in cache_set_flush() - bcache: fix potential deadlock in cached_def_free() - [arm64] net: hns3: fix a -Wformat-nonliteral compile warning - [arm64] net: hns3: add some error checking in hclge_tm module - ath10k: destroy sdio workqueue while remove sdio module - [armhf,arm64] net: mvpp2: prs: Don't override the sign bit in SRAM parser shift - igb: clear out skb->tstamp after reading the txtime - iwlwifi: mvm: Drop large non sta frames - perf stat: Make metric event lookup more robust - perf stat: Fix group lookup for metric group - bnx2x: Prevent ptp_task to be rescheduled indefinitely - net: usb: asix: init MAC address buffers - rxrpc: Fix oops in tracepoint - bpf, libbpf, smatch: Fix potential NULL pointer dereference - bonding: validate ip header before check IPPROTO_IGMP - gpiolib: Fix references to gpiod_[gs]et_*value_cansleep() variants - [ppc64el] tools: bpftool: Fix json dump crash on powerpc - Bluetooth: hci_bcsp: Fix memory leak in rx_skb - Bluetooth: Add new 13d3:3491 QCA_ROME device - Bluetooth: Add new 13d3:3501 QCA_ROME device - Bluetooth: 6lowpan: search for destination address in all peers - [ppc64el] perf tests: Fix record+probe_libc_inet_pton.sh for powerpc64 - Bluetooth: Check state in l2cap_disconnect_rsp - gtp: add missing gtp_encap_disable_sock() in gtp_encap_enable() - Bluetooth: validate BLE connection interval updates - gtp: fix suspicious RCU usage - gtp: fix Illegal context switch in RCU read-side critical section. - gtp: fix use-after-free in gtp_encap_destroy() - gtp: fix use-after-free in gtp_newlink() - [armel/marvell,armhf] net: mvmdio: defer probe of orion-mdio if a clock is not ready - iavf: fix dereference of null rx_buffer pointer - floppy: fix out-of-bounds read in next_valid_format - floppy: fix invalid pointer dereference in drive_name - xen: let alloc_xenballooned_pages() fail if not enough memory free - scsi: core: Fix race on creating sense cache - scsi: megaraid_sas: Fix calculation of target ID - crypto: ghash - fix unaligned memory access in ghash_setkey() - [x86] crypto: ccp - Validate the the error value used to index error messages - [arm64] crypto: sha1-ce - correct digest for empty data in finup - [arm64] crypto: sha2-ce - correct digest for empty data in finup - crypto: chacha20poly1305 - fix atomic sleep when using async algorithm - [x86] crypto: ccp - memset structure fields to zero before reuse - [x86] crypto: ccp/gcm - use const time tag comparison. - Revert "bcache: set CACHE_SET_IO_DISABLE in bch_cached_dev_error()" - bcache: Revert "bcache: fix high CPU occupancy during journal" - bcache: Revert "bcache: free heap cache_set->flush_btree in bch_journal_free" - bcache: ignore read-ahead request failure on backing device - bcache: fix mistaken sysfs entry for io_error counter - bcache: destroy dc->writeback_write_wq if failed to create dc->writeback_thread - Input: alps - don't handle ALPS cs19 trackpoint-only device - [x86] Input: synaptics - whitelist Lenovo T580 SMBus intertouch - Input: alps - fix a mismatch between a condition check and its comment - [armhf] regulator: s2mps11: Fix buck7 and buck8 wrong voltages - [arm64] tegra: Update Jetson TX1 GPU regulator timings - iwlwifi: pcie: don't service an interrupt that was masked - iwlwifi: pcie: fix ALIVE interrupt handling for gen2 devices w/o MSI-X - iwlwifi: don't WARN when calling iwl_get_shared_mem_conf with RF-Kill - iwlwifi: fix RF-Kill interrupt while FW load for gen2 devices - NFSv4: Handle the special Linux file open access mode - pnfs/flexfiles: Fix PTR_ERR() dereferences in ff_layout_track_ds_error - pNFS: Fix a typo in pnfs_update_layout - pnfs: Fix a problem where we gratuitously start doing I/O through the MDS - lib/scatterlist: Fix mapping iterator when sg->offset is greater than PAGE_SIZE - ASoC: dapm: Adapt for debugfs API change - raid5-cache: Need to do start() part job after adding journal device - ALSA: seq: Break too long mutex context in the write loop - [x86] ALSA: hda/realtek - Fixed Headphone Mic can't record on Dell platform - [x86] ALSA: hda/realtek: apply ALC891 headset fixup to one Dell machine - media: v4l2: Test type instead of cfg->type in v4l2_ctrl_new_custom() - media: videobuf2-core: Prevent size alignment wrapping buffer size to 0 - media: videobuf2-dma-sg: Prevent size from overflowing - [x86] KVM: vPMU: refine kvm_pmu err msg when event creation failed - [arm64] tegra: Fix AGIC register range - fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys inodes. - kconfig: fix missing choice values in auto.conf - drm/nouveau/i2c: Enable i2c pads & busses during preinit - padata: use smp_mb in padata_reorder to avoid orphaned padata jobs - dm zoned: fix zone state management race - xen/events: fix binding user event channels to cpus - 9p/xen: Add cleanup path in p9_trans_xen_init - 9p/virtio: Add cleanup path in p9_virtio_init - [x86] boot: Fix memory leak in default_get_smp_config() - [x86] perf/intel: Fix spurious NMI on fixed counter - [x86] perf/amd/uncore: Do not set 'ThreadMask' and 'SliceMask' for non-L3 PMCs - [x86] perf/amd/uncore: Set the thread mask for F17h L3 PMCs - drm/edid: parse CEA blocks embedded in DisplayID - [x86] intel_th: pci: Add Ice Lake NNPI support - [x86] PCI: hv: Fix a use-after-free bug in hv_eject_device_work() - PCI: Do not poll for PME if the device is in D3cold - [arm64] PCI: qcom: Ensure that PERST is asserted for at least 100 ms - Btrfs: fix data loss after inode eviction, renaming it, and fsync it - Btrfs: fix fsync not persisting dentry deletions due to inode evictions - Btrfs: add missing inode version, ctime and mtime updates when punching hole - IB/mlx5: Report correctly tag matching rendezvous capability - HID: wacom: generic: only switch the mode on devices with LEDs - HID: wacom: generic: Correct pad syncing - HID: wacom: correct touch resolution x/y typo - libnvdimm/pfn: fix fsdax-mode namespace info-block zero-fields - coda: pass the host file in vma->vm_file on mmap - include/asm-generic/bug.h: fix "cut here" for WARN_ON for __WARN_TAINT architectures - xfs: fix pagecache truncation prior to reflink - xfs: flush removing page cache in xfs_reflink_remap_prep - xfs: don't overflow xattr listent buffer - xfs: rename m_inotbt_nores to m_finobt_nores - xfs: don't ever put nlink > 0 inodes on the unlinked list - xfs: reserve blocks for ifree transaction during log recovery - xfs: fix reporting supported extra file attributes for statx() - xfs: serialize unaligned dio writes against all other dio writes - xfs: abort unaligned nowait directio early - [ppc64el] watchpoint: Restore NV GPRs while returning from exception - [ppc64el] powernv/npu: Fix reference leak - [ppc64el] pseries: Fix oops in hotplug memory notifier - [arm64] mmc: sdhci-msm: fix mutex while in spinlock - eCryptfs: fix a couple type promotion bugs - [x86] intel_th: msu: Fix single mode with disabled IOMMU - Bluetooth: Add SMP workaround Microsoft Surface Precision Mouse bug - usb: Handle USB3 remote wakeup for LPM enabled devices correctly - blk-throttle: fix zero wait time for iops throttled group - blk-iolatency: clear use_delay when io.latency is set to zero - blkcg: update blkcg_print_stat() to handle larger outputs - [armel/marvell,armhf] net: mvmdio: allow up to four clocks to be specified for orion-mdio - dm bufio: fix deadlock with loop device https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.62 - bnx2x: Prevent load reordering in tx completion processing - [x86] hv_netvsc: Fix extra rcu_read_unlock in netvsc_recv_callback() - igmp: fix memory leak in igmpv3_del_delrec() - ipv4: don't set IPv6 only flags to IPv4 addresses - ipv6: rt6_check should return NULL if 'from' is NULL - ipv6: Unlink sibling route in case of failure - [armhf,arm64] net: dsa: mv88e6xxx: wait after reset deactivation - net: make skb_dst_force return true when dst is refcounted - net: neigh: fix multiple neigh timer scheduling - net: openvswitch: fix csum updates for MPLS actions - net: phy: sfp: hwmon: Fix scaling of RX power - [armhf,arm64] net: stmmac: Re-work the queue selection for TSO packets - nfc: fix potential illegal memory access - r8169: fix issue with confused RX unit after PHY power-down on RTL8411b - rxrpc: Fix send on a connected, but unbound socket - sctp: fix error handling on stream scheduler initialization - [x86] sky2: Disable MSI on ASUS P6T - tcp: be more careful in tcp_fragment() - tcp: fix tcp_set_congestion_control() use from bpf hook - tcp: Reset bytes_acked and bytes_received when disconnecting - vrf: make sure skb->data contains ip header to make routing - net/mlx5e: IPoIB, Add error path in mlx5_rdma_setup_rn - macsec: fix use-after-free of skb during RX - macsec: fix checksumming after decryption - netrom: fix a memory leak in nr_rx_frame() - netrom: hold sock when setting skb->destructor - net_sched: unset TCQ_F_CAN_BYPASS when adding filters - sctp: not bind the socket in sctp_connect - net: bridge: mcast: fix stale nsrcs pointer in igmp3/mld2 report handling - net: bridge: mcast: fix stale ipv6 hdr pointer when handling v6 query - net: bridge: don't cache ether dest pointer on input - net: bridge: stp: don't cache eth dest pointer before skb pull - dma-buf: balance refcount inbalance - dma-buf: Discard old fence_excl on retrying get_fences_rcu for realloc - perf/core: Fix exclusive events' grouping - perf/core: Fix race between close() and fork() - ext4: don't allow any modifications to an immutable file - ext4: enforce the immutable flag on open files - mm: add filemap_fdatawait_range_keep_errors() - jbd2: introduce jbd2_inode dirty range scoping - ext4: use jbd2_inode dirty range scoping - ext4: allow directory holes - [x86] KVM: nVMX: do not use dangling shadow VMCS after guest reset - [x86] KVM: nVMX: Clear pending KVM_REQ_GET_VMCS12_PAGES when leaving nested - mm: vmscan: scan anonymous pages on file refaults - net: sched: verify that q!=NULL before setting q->flags https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.63 - [x86] hvsock: fix epollout hang from race condition - [armhf,arm64] drm/panel: simple: Fix panel_simple_dsi_probe - [x86] staging: vt6656: use meaningful error code during buffer allocation - usb: core: hub: Disable hub-initiated U1/U2 - [armhf,arm64] pinctrl: rockchip: fix leaked of_node references - drm/amd/display: Fill prescale_params->scale for RGB565 - drm/amdgpu/sriov: Need to initialize the HDP_NONSURFACE_BAStE - drm/amd/display: Disable ABM before destroy ABM struct - drm/amdkfd: Fix a potential memory leak - drm/amdkfd: Fix sdma queue map issue - drm/edid: Fix a missing-check bug in drm_load_edid_firmware() - PCI: Return error if cannot probe VF - [armhf,arm64] gpu: host1x: Increase maximum DMA segment size - drm/crc-debugfs: User irqsafe spinlock in drm_crtc_add_crc_entry - drm/crc-debugfs: Also sprinkle irqrestore over early exits - memstick: Fix error cleanup path of memstick_init - [arm64] tty: serial: msm_serial: avoid system lockup condition - serial: 8250: Fix TX interrupt handling condition - drm/amd/display: Always allocate initial connector state state - drm/virtio: Add memory barriers for capset cache. - drm/amd/display: fix compilation error - [ppc64el] pseries/mobility: prevent cpu hotplug during DT update - [armhf,arm64] drm/rockchip: Properly adjust to a true clock in adjusted_mode - [armhf] serial: imx: fix locking in set_termios() - tty: serial_core: Set port active bit in uart_port_activate - usb: gadget: Zero ffs_io_data - mmc: sdhci: sdhci-pci-o2micro: Check if controller supports 8-bit width - [ppc64el] pci/of: Fix OF flags parsing for 64bit BARs - [arm64] drm/msm: Depopulate platform on probe failure - [arm64] PCI: xilinx-nwl: Fix Multi MSI data programming - iio: iio-utils: Fix possible incorrect mask calculation - [ppc64el] cacheflush: fix variable set but not used - [ppc64el] xmon: Fix disabling tracing while in xmon - [ppc64el] recordmcount: Fix spurious mcount entries on powerpc - mfd: core: Set fwnode for created devices - [arm64] mfd: hi655x-pmic: Fix missing return value check for devm_regmap_init_mmio_clk - mm/swap: fix release_pages() when releasing devmap pages - RDMA/i40iw: Set queue pair state when being queried - IB/mlx5: Fixed reporting counters on 2nd port for Dual port RoCE - [ppc64el] mm: Handle page table allocation failures - IB/ipoib: Add child to parent list only if device initialized - [arm64] assembler: Switch ESB-instruction with a vanilla nop if !ARM64_HAS_RAS - perf stat: Fix use-after-freed pointer detected by the smatch tool - perf top: Fix potential NULL pointer dereference detected by the smatch tool - perf session: Fix potential NULL pointer dereference found by the smatch tool - perf annotate: Fix dereferencing freed memory found by the smatch tool - perf hists browser: Fix potential NULL pointer dereference found by the smatch tool - RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM - [armhf] PCI: dwc: pci-dra7xx: Fix compilation when !CONFIG_GPIOLIB - [ppc64el] boot: add {get, put}_unaligned_be32 to xz_config.h - block: init flush rq ref count to 1 - f2fs: avoid out-of-range memory access - mailbox: handle failed named mailbox channel request - dlm: check if workqueues are NULL before flushing/destroying - [ppc64el] eeh: Handle hugepages in ioremap space - block/bio-integrity: fix a memory leak bug - 9p: pass the correct prototype to read_cache_page - mm/gup.c: mark undo_dev_pagemap as __maybe_unused - mm/gup.c: remove some BUG_ONs from get_gate_page() - memcg, fsnotify: no oom-kill for remote memcg charging - mm/mmu_notifier: use hlist_add_head_rcu() - proc: use down_read_killable mmap_sem for /proc/pid/smaps_rollup - proc: use down_read_killable mmap_sem for /proc/pid/pagemap - proc: use down_read_killable mmap_sem for /proc/pid/clear_refs - proc: use down_read_killable mmap_sem for /proc/pid/map_files - cxgb4: reduce kernel stack usage in cudbg_collect_mem_region() - proc: use down_read_killable mmap_sem for /proc/pid/maps - locking/lockdep: Fix lock used or unused stats error - mm: use down_read_killable for locking mmap_sem in access_remote_vm - locking/lockdep: Hide unused 'class' variable - usb: wusbcore: fix unbalanced get/put cluster_id - [x86] usb: pci-quirks: Correct AMD PLL quirk detection - btrfs: inode: Don't compress if NODATASUM or NODATACOW set - [x86] sysfb_efi: Add quirks for some devices with swapped width and height - [x86] speculation/mds: Apply more accurate check on hypervisor platform - binder: prevent transactions to context manager from its own process. - fpga-manager: altera-ps-spi: Fix build error - [x86] mei: me: add mule creek canyon (EHL) device ids - [x86] hpet: Fix division by zero in hpet_time_div() - ALSA: ac97: Fix double free of ac97_codec_device - ALSA: line6: Fix wrong altsetting for LINE6_PODHD500_1 - ALSA: hda - Add a conexant codec entry to let mute led work - [ppc64el] xive: Fix loop exit-condition in xive_find_target_in_mask() - libnvdimm/bus: Stop holding nvdimm_bus_list_mutex over __nd_ioctl() - access: avoid the RCU grace period for the temporary subjective credentials https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.64 - [x86] hv_sock: Add support for delayed close - vsock: correct removal of socket from the list - NFS: Fix dentry revalidation on NFSv4 lookup - NFS: Refactor nfs_lookup_revalidate() - NFSv4: Fix lookup revalidate of regular files - [armhf,arm64] usb: dwc2: Disable all EP's on disconnect - [armhf,arm64] usb: dwc2: Fix disable all EP's on disconnect - [arm64] compat: Provide definition for COMPAT_SIGMINSTKSZ (Closes: #904385). - binder: fix possible UAF when freeing buffer - ISDN: hfcsusb: checking idx of ep configuration - media: au0828: fix null dereference in error path - ath10k: Change the warning message string - media: cpia2_usb: first wake up, then free in disconnect - media: pvrusb2: use a different format for warnings - NFS: Cleanup if nfs_match_client is interrupted - media: radio-raremono: change devm_k*alloc to k*alloc - [x86] iommu/vt-d: Don't queue_iova() if there is no flush queue - vhost: introduce vhost_exceeds_weight() - vhost_net: fix possible infinite loop (CVE-2019-3900) - vhost: vsock: add weight support - vhost: scsi: add weight support (CVE-2019-3900) - sched/fair: Don't free p->numa_faults with concurrent readers - sched/fair: Use RCU accessors consistently for ->numa_group - /proc/<pid>/cmdline: remove all the special cases - /proc/<pid>/cmdline: add back the setproctitle() special case - drivers/pps/pps.c: clear offset flags in PPS_SETPARAMS ioctl - Fix allyesconfig output. - ceph: hold i_ceph_lock when removing caps for freeing inode - block, scsi: Change the preempt-only flag into a counter - scsi: core: Avoid that a kernel warning appears during system resume - ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.65 - [armhf] dts: rockchip: Make rk3288-veyron-minnie run at hs200 - [armhf] dts: rockchip: Make rk3288-veyron-mickey's emmc work again - [armhf] dts: rockchip: Mark that the rk3288 timer might stop in suspend - ftrace: Enable trampoline when rec count returns back to one - [armhf,arm64] dmaengine: tegra-apb: Error out if DMA_PREP_INTERRUPT flag is unset - [arm64] dts: rockchip: fix isp iommu clocks and power domain - kernel/module.c: Only return -EEXIST for modules that have finished loading - [arm64] clk: tegra210: fix PLLU and PLLU_OUT1 - fs/adfs: super: fix use-after-free bug - btrfs: fix minimum number of chunk errors for DUP - btrfs: qgroup: Don't hold qgroup_ioctl_lock in btrfs_qgroup_inherit() - cifs: Fix a race condition with cifs_echo_request - ceph: fix improper use of smp_mb__before_atomic() - ceph: return -ERANGE if virtual xattr value didn't fit in buffer - ACPI: blacklist: fix clang warning for unused DMI table - [s390x] scsi: zfcp: fix GCC compiler warning emitted with -Wmaybe-uninitialized - perf version: Fix segfault due to missing OPT_END() - [x86] kvm: avoid constant-conversion warning - ACPI: fix false-positive -Wuninitialized warning - be2net: Signal that the device cannot transmit during reconfiguration - [x86] apic: Silence -Wtype-limits compiler warnings - mm/cma.c: fail if fixed declaration can't be honored - lib/test_overflow.c: avoid tainting the kernel and fix wrap size - lib/test_string.c: avoid masking memset16/32/64 failures - coda: add error handling for fget - coda: fix build using bare-metal toolchain - uapi linux/coda_psdev.h: move upc_req definition from uapi to kernel side headers - drivers/rapidio/devices/rio_mport_cdev.c: NUL terminate some strings - ipc/mqueue.c: only perform resource calculation if user valid - [x86] xen/pv: Fix a boot up hang revealed by int3 self test - [x86] kvm: Don't call kvm_spurious_fault() from .fixup - [x86] paravirt: Fix callee-saved function ELF sizes - [x86] boot: Remove multiple copy of static function sanitize_boot_params() - drm/nouveau: fix memory leak in nouveau_conn_reset() - kconfig: Clear "written" flag to avoid data loss - Btrfs: fix incremental send failure after deduplication - Btrfs: fix race leading to fs corruption after transaction abort - [armhf,arm64] mmc: dw_mmc: Fix occasional hang after tuning on eMMC - [arm64] mmc: meson-mx-sdio: Fix misuse of GENMASK macro - gpiolib: fix incorrect IRQ requesting of an active-low lineevent - IB/hfi1: Fix Spectre v1 vulnerability - mtd: rawnand: micron: handle on-die "ECC-off" devices correctly - selinux: fix memory leak in policydb_init() - ALSA: hda: Fix 1-minute detection delay when i915 module is not available (Closes: #931507) - mm: vmscan: check if mem cgroup is disabled or not before calling memcg slab shrinker - [s390x] dasd: fix endless loop after read unit address configuration - [arm*] drivers/perf: arm_pmu: Fix failure path in PM notifier - [arm64] compat: Allow single-byte watchpoints on all addresses - [arm64] cpufeature: Fix feature comparison for CTR_EL0.{CWG,ERG} - nbd: replace kill_bdev() with __invalidate_device() again - xen/swiotlb: fix condition for calling xen_destroy_contiguous_region() - IB/mlx5: Fix unreg_umr to ignore the mkey state - IB/mlx5: Use direct mkey destroy command upon UMR unreg failure - IB/mlx5: Move MRs to a kernel PD when freeing them to the MR cache - IB/mlx5: Fix clean_mr() to work in the expected order - IB/mlx5: Fix RSS Toeplitz setup to be aligned with the HW specification - IB/hfi1: Check for error on call to alloc_rsm_map_table - [x86] drm/i915/gvt: fix incorrect cache entry for guest page mapping - eeprom: at24: make spd world-readable again - objtool: Support GCC 9 cold subfunction naming scheme - gcc-9: properly declare the {pv,hv}clock_page storage - [x86] vdso: Prevent segfaults due to hoisted vclock reads - scsi: mpt3sas: Use 63-bit DMA addressing on SAS35 HBA https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.66 - scsi: fcoe: Embed fc_rport_priv in fcoe_rport structure - gcc-9: don't warn about uninitialized variable - driver core: Establish order of operations for device_add and device_del via bitflag - drivers/base: Introduce kill_device() - libnvdimm/bus: Prevent duplicate device_unregister() calls - libnvdimm/region: Register badblocks before namespaces - libnvdimm/bus: Prepare the nd_ioctl() path to be re-entrant - libnvdimm/bus: Fix wait_nvdimm_bus_probe_idle() ABBA deadlock - HID: wacom: fix bit shift for Cintiq Companion 2 - HID: Add quirk for HP X1200 PIXART OEM mouse - IB: directly cast the sockaddr union to aockaddr - atm: iphase: Fix Spectre v1 vulnerability - bnx2x: Disable multi-cos feature. - ife: error out when nla attributes are empty - ip6_gre: reload ipv6h in prepare_ip6gre_xmit_ipv6 - ip6_tunnel: fix possible use-after-free on xmit - ipip: validate header length in ipip_tunnel_xmit - [armhf,arm64] mvpp2: fix panic on module removal - [armhf,arm64] mvpp2: refactor MTU change code - net: bridge: delete local fdb on device init failure - net: bridge: mcast: don't delete permanent entries when fast leave is enabled - net: fix ifindex collision during namespace removal - net/mlx5e: always initialize frag->last_in_page - net/mlx5: Use reversed order when unregister devices - net: phylink: Fix flow control for fixed-link - net: sched: Fix a possible null-pointer dereference in dequeue_func() - net sched: update vlan action for batched events operations - net: sched: use temporary variable for actions indexes - net/smc: do not schedule tx_work in SMC_CLOSED state - tipc: compat: allow tipc commands without arguments - tun: mark small packets as owned by the tap sock - net/mlx5: Fix modify_cq_in alignment - net/mlx5e: Prevent encap flow counter update async to user query - r8169: don't use MSI before RTL8168d - compat_ioctl: pppoe: fix PPPOEIOCSFWD handling - cgroup: Call cgroup_release() before __exit_signal() - cgroup: Implement css_task_iter_skip() - cgroup: Include dying leaders with live threads in PROCS iterations - cgroup: css_task_iter_skip()'d iterators must be advanced before accessed - cgroup: Fix css_task_iter_advance_css_set() cset skip condition - [arm*] spi: bcm2835: Fix 3-wire mode if DMA is enabled https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.67 - [x86] crypto: ccp - Fix oops by properly managing allocated structures - [x86] crypto: ccp - Add support for valid authsize values less than 16 - [x86] crypto: ccp - Ignore tag length when decrypting GCM ciphertext - usb: usbfs: fix double-free of usb memory upon submiturb error - usb: iowarrior: fix deadlock on disconnect - sound: fix a memory leak bug - [arm64,mips*/octeon] mmc: cavium: Set the correct dma max segment size for mmc_host - [arm64,mips*/octeon] mmc: cavium: Add the missing dma unmap when the dma has finished. - loop: set PF_MEMALLOC_NOIO for the worker thread - Input: usbtouchscreen - initialize PM mutex before using it - [x86] Input: elantech - enable SMBus on new (2018+) systems - [x86] Input: synaptics - enable RMI mode for HP Spectre X360 - [x86] mm: Check for pfn instead of page in vmalloc_sync_one() - [x86] mm: Sync also unmappings in vmalloc_sync_all() - mm/vmalloc: Sync unmappings in __purge_vmap_area_lazy() - [s390x] perf annotate: Fix s390 gap between kernel end and module start - perf db-export: Fix thread__exec_comm() - [s390x] perf record: Fix module size on s390 - [x86] purgatory: Use CFLAGS_REMOVE rather than reset KBUILD_CFLAGS - gfs2: gfs2_walk_metadata fix - usb: yurex: Fix use-after-free in yurex_delete - [x86] usb: typec: tcpm: free log buf memory when remove debug file - [x86] usb: typec: tcpm: remove tcpm dir if no children - [x86] usb: typec: tcpm: Add NULL check before dereferencing config - [x86] usb: typec: tcpm: Ignore unsupported/unknown alternate mode requests - can: peak_usb: fix potential double kfree_skb() - netfilter: nfnetlink: avoid deadlock due to synchronous request_module - [s390x] vfio-ccw: Set pa_nr to 0 if memory allocation fails for pa_iova_pfn - netfilter: Fix rpfilter dropping vrf packets by mistake - netfilter: conntrack: always store window size un-scaled - netfilter: nft_hash: fix symhash with modulus one - drm/amd/display: Wait for backlight programming completion in set backlight level - drm/amd/display: use encoder's engine id to find matched free audio device - drm/amd/display: Fix dc_create failure handling and 666 color depths - drm/amd/display: Only enable audio if speaker allocation exists - drm/amd/display: Increase size of audios array - [x86] iscsi_ibft: make ISCSI_IBFT dependson ACPI instead of ISCSI_IBFT_FIND - nl80211: fix NL80211_HE_MAX_CAPABILITY_LEN - mac80211: don't warn about CW params when not using them - allocate_flower_entry: should check for null deref - hwmon: (nct6775) Fix register address and added missed tolerance for nct6106 - drm: silence variable 'conn' set but not used - [s390x] qdio: add sanity checks to the fast-requeue path - ALSA: compress: Fix regression on compressed capture streams - ALSA: compress: Prevent bypasses of set_params - ALSA: compress: Don't allow paritial drain operations on capture streams - ALSA: compress: Be more restrictive about when a drain is allowed - perf tools: Fix proper buffer size for feature processing - perf probe: Avoid calling freeing routine multiple times for same pointer - drbd: dynamically allocate shash descriptor - ACPI/IORT: Fix off-by-one check in iort_dev_find_its_id() - nvme: fix multipath crash when ANA is deactivated - scsi: megaraid_sas: fix panic on loading firmware crashdump - [ppc64el] scsi: ibmvfc: fix WARN_ON during event pool release - scsi: scsi_dh_alua: always use a 2 second delay before retrying RTPG - test_firmware: fix a memory leak bug - tty/ldsem, locking/rwsem: Add missing ACQUIRE to read_failed sleep loop - perf/core: Fix creating kernel counters for PMUs that override event->cpu - [s390x] dma: provide proper ARCH_ZONE_DMA_BITS value - HID: sony: Fix race condition between rumble and device remove. - [x86] purgatory: Do not use __builtin_memcpy and __builtin_memset - ALSA: usb-audio: fix a memory leak bug - can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices - can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices - hwmon: (nct7802) Fix wrong detection of in4 presence - [x86] drm/i915: Fix wrong escape clock divisor init for GLK - ALSA: firewire: fix a memory leak bug - ALSA: hiface: fix multiple memory leak bugs - ALSA: hda - Don't override global PCM hw info flag - [x86] ALSA: hda - Workaround for crackled sound on AMD controller (1022:1457) - mac80211: don't WARN on short WMM parameters from AP - dax: dax_layout_busy_page() should not unmap cow pages - SMB3: Fix deadlock in validate negotiate hits reconnect - smb3: send CAP_DFS capability during session setup - NFSv4: Fix an Oops in nfs4_do_setattr - [x86] KVM: Fix leak vCPU's VMCS value into other pCPU - mwifiex: fix 802.11n/WPA detection - iwlwifi: don't unmap as page memory that was mapped as single - iwlwifi: mvm: fix an out-of-bound access - iwlwifi: mvm: don't send GEO_TX_POWER_LIMIT on version < 41 - iwlwifi: mvm: fix version check for GEO_TX_POWER_LIMIT support . [ Steve McIntyre ] * [arm64] Improve support for the Huawei TaiShan server platform (Closes: #930554): - Enable the HNS/ROCE Infiniband driver - Backport fixes from 4.20 and 4.21 for HNS3 networking, hisi_sas SAS and HNS/ROCE Infiniband - Add module:drivers/scsi/hisi_sas/* to the ABI ignore list . [ Uwe Kleine-König ] * [armhf] Add support for all i.MX6 variants. * rtc-s35390a: backport fix to make hwclock able to read the time (Closes: #932845) . [ Ben Hutchings ] * [rt] Update to 4.19.59-rt24: - Fix build failure after "genirq: Prevent use-after-free and work list corruption": + Update "genirq: Do not invoke the affinity callback via a workqueue on RT" + kthread: add a global worker thread. + genirq: Do not invoke the affinity callback via a workqueue on RT + genirq: Handle missing work_struct in irq_set_affinity_notifier() - Update "irqwork: push most work into softirq context" to resolve conflict with "irq_work: Do not raise an IPI when queueing work on the local CPU" - Drop "random: avoid preempt_disable()ed section" - arm: imx6: cpuidle: Use raw_spinlock_t - rcu: Don't allow to change rcu_normal_after_boot on RT - sched/core: Drop a preempt_disable_rt() statement - timers: Redo the notification of canceling timers on -RT - Fix futex regression in 4.19.21: + Revert "futex: Ensure lock/unlock symetry versus pi_lock and hash bucket lock" + Revert "futex: Fix bug on when a requeued RT task times out" + Revert "rtmutex: Handle the various new futex race conditions" + Revert "futex: workaround migrate_disable/enable in different context" + futex: Make the futex_hash_bucket lock raw + futex: Delay deallocation of pi_state - mm/zswap: Do not disable preemption in zswap_frontswap_store() * Bump ABI to 6 linux-signed-amd64 (4.19.37+6) unstable; urgency=high . * Sign kernel from linux 4.19.37-6 . [ John Paul Adrian Glaubitz ] * [sh4]: Check for kprobe trap number before trying to handle a kprobe trap . [ Salvatore Bonaccorso ] * tcp: refine memory limit test in tcp_fragment() (Closes: #930904) * ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME (CVE-2019-13272) . [ Steve McIntyre ] * [arm64] Improve support for the Huawei TaiShan server platform (Closes: #930554): - Enable the HNS/ROCE Infiniband driver - Backport fixes from 4.20 and 4.21 for HNS3 networking, hisi_sas SAS and HNS/ROCE Infiniband - Add module:drivers/scsi/hisi_sas/* to the ABI ignore list . [ Cyril Brulebois ] * [arm] Backport DTB support for Rasperry Pi Compute Module 3. * [arm64] Backport DTB support for Rasperry Pi Compute Module 3. linux-signed-amd64 (4.19.37+5+deb10u2) buster-security; urgency=high . * Sign kernel from linux 4.19.37-5+deb10u2 . [ Romain Perier ] * [x86] x86/insn-eval: Fix use-after-free access to LDT entry (CVE-2019-13233) * [powerpc*] mm/64s/hash: Reallocate context ids on fork (CVE-2019-12817) * nfc: Ensure presence of required attributes in the deactivate_target handler (CVE-2019-12984) * binder: fix race between munmap() and direct reclaim (CVE-2019-1999) * scsi: libsas: fix a race condition when smp task timeout (CVE-2018-20836) * Input: gtco - bounds check collection indent level (CVE-2019-13631) * floppy: fix out-of-bounds read in copy_buffer (CVE-2019-14283) * inet: switch IP ID generator to siphash (CVE-2019-10638) * floppy: fix div-by-zero in setup_format_params (CVE-2019-14284) * Bluetooth: hci_uart: check for missing tty operations (CVE-2019-10207) * [powerpc/tm] Fix oops on sigreturn on systems without TM (CVE-2019-13648) . [ Salvatore Bonaccorso ] * [x86] cpufeatures: Carve out CQM features retrieval * [x86] cpufeatures: Combine word 11 and 12 into a new scattered features word * [x86] speculation: Prepare entry code for Spectre v1 swapgs mitigations * [x86] speculation: Enable Spectre v1 swapgs mitigations (CVE-2019-1125) * [amd64] entry: Use JMP instead of JMPQ * [x86] speculation/swapgs: Exclude ATOMs from speculation through SWAPGS * Documentation: Add section about CPU vulnerabilities for Spectre * Documentation: Add swapgs description to the Spectre v1 documentation . [ Ben Hutchings ] * [x86] cpufeatures: Avoid ABI change for swapgs mitigations: - Move swapgs feature bits to existing scattered words - Revert "x86/cpufeatures: Combine word 11 and 12 into a new scattered features word" * inet: Avoid ABI change for IP ID hash change linux-signed-amd64 (4.19.37+5+deb10u2~bpo9+1) stretch-backports; urgency=medium . * Sign kernel from linux 4.19.37-5+deb10u2~bpo9+1 . * Rebuild for stretch-backports; no further changes required linux-signed-amd64 (4.19.37+5+deb10u1) buster-security; urgency=high . * Sign kernel from linux 4.19.37-5+deb10u1 . * tcp: refine memory limit test in tcp_fragment() (Closes: #930904) * ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME (CVE-2019-13272) linux-signed-arm64 (4.19.67+2) buster; urgency=medium . * Sign kernel from linux 4.19.67-2 . [ Salvatore Bonaccorso ] * dm: disable DISCARD if the underlying storage no longer supports it (Closes: #934331) * xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT (CVE-2019-15538) . [ Ben Hutchings ] * KVM: Ignore ABI changes * [ppc64el] Disable PPC_TRANSACTIONAL_MEM (Closes: #866122) * [ppc64el] Avoid ABI change for disabling TM * netfilter: conntrack: Use consistent ct id hash calculation (fixes regression in 4.19.44) . [ Cyril Brulebois ] * [arm] Backport DTB support for Rasperry Pi Compute Module 3. * [arm64] Backport DTB support for Rasperry Pi Compute Module 3. linux-signed-arm64 (4.19.67+1) buster; urgency=medium . * Sign kernel from linux 4.19.67-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.38 - netfilter: nft_compat: use refcnt_t type for nft_xt reference count - netfilter: nft_compat: make lists per netns - netfilter: nf_tables: split set destruction in deactivate and destroy phase - netfilter: nft_compat: destroy function must not have side effects - netfilter: nf_tables: warn when expr implements only one of activate/deactivate - netfilter: nf_tables: unbind set in rule from commit path - netfilter: nft_compat: don't use refcount_inc on newly allocated entry - netfilter: nft_compat: use .release_ops and remove list of extension - netfilter: nf_tables: fix set double-free in abort path - netfilter: nf_tables: bogus EBUSY when deleting set after flush - netfilter: nf_tables: bogus EBUSY in helper removal from transaction - net/ibmvnic: Fix RTNL deadlock during device reset - net: mvpp2: fix validate for PPv2.1 - ext4: fix some error pointer dereferences - tipc: handle the err returned from cmd header function - loop: do not print warn message if partition scan is successful - [armhf,arm64] drm/rockchip: fix for mailbox read validation. - vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock - ipvs: fix warning on unused variable - [ppc64el] vdso32: fix CLOCK_MONOTONIC on PPC64 - [armhf,arm64] net: dsa: mv88e6xxx: add call to mv88e6xxx_ports_cmode_init to probe for new DSA framework - cifs: fix memory leak in SMB2_read - cifs: do not attempt cifs operation on smb2+ rename error - tracing: Fix a memory leak by early error exit in trace_pid_write() - zram: pass down the bvec we need to read into in the work struct - trace: Fix preempt_enable_no_resched() abuse - IB/rdmavt: Fix frwr memory registration - RDMA/mlx5: Do not allow the user to write to the clock page - sched/numa: Fix a possible divide-by-zero - ceph: only use d_name directly when parent is locked - ceph: ensure d_name stability in ceph_dentry_hash() - ceph: fix ci->i_head_snapc leak - nfsd: Don't release the callback slot unless it was actually held - sunrpc: don't mark uninitialised items as VALID. - [x86] perf/intel: Update KBL Package C-state events to also include PC8/PC9/PC10 counters - Input: synaptics-rmi4 - write config register values to the right offset - [armhf] 8857/1: efi: enable CP15 DMB instructions before cleaning the cache - [ppc64el] mm/radix: Make Radix require HUGETLB_PAGE - [arm*] drm/vc4: Fix memory leak during gpu reset. - [x86] Revert "drm/i915/fbdev: Actually configure untiled displays" - USB: Add new USB LPM helpers - USB: Consolidate LPM checks to avoid enabling LPM twice - slip: make slhc_free() silently accept an error pointer - [x86] intel_th: gth: Fix an off-by-one in output unassigning - fs/proc/proc_sysctl.c: Fix a NULL pointer dereference - workqueue: Try to catch flush_work() without INIT_WORK(). - sched/deadline: Correctly handle active 0-lag timers - NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family. - netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON - fm10k: Fix a potential NULL pointer dereference - tipc: check bearer name with right length in tipc_nl_compat_bearer_enable - tipc: check link name with right length in tipc_nl_compat_link_set - net: netrom: Fix error cleanup path of nr_proto_init - net/rds: Check address length before reading address family - rxrpc: fix race condition in rxrpc_input_packet() - [x86] retpolines: Raise limit for generating indirect calls from switch-case - [x86] retpolines: Disable switch jump tables when retpolines are enabled - mm: Fix warning in insert_pfn() - [x86] fpu: Don't export __kernel_fpu_{begin,end}() - ipv4: add sanity checks in ipv4_link_failure() - ipv4: set the tcp_min_rtt_wlen range from 0 to one day - net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query - net: rds: exchange of 8K and 1M pool - net/rose: fix unbound loop in rose_loopback_timer() - [armhf,arm64] net: stmmac: move stmmac_check_ether_addr() to driver probe - team: fix possible recursive locking when add slaves - [arm64] net: hns: Fix WARNING when hns modules installed - net/mlx5e: Fix the max MTU check in case of XDP - net/mlx5e: Fix use-after-free after xdp_return_frame https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.39 - selinux: use kernel linux/socket.h for genheaders and mdp - Revert "ACPICA: Clear status of GPEs before enabling them" - [arm*] dts: bcm283x: Fix hdmi hpd gpio pull - [s390x] limit brk randomization to 32MB - net: ieee802154: fix a potential NULL pointer dereference - ieee802154: hwsim: propagate genlmsg_reply return code - [armhf,arm64] net: stmmac: don't set own bit too early for jumbo frames - qlcnic: Avoid potential NULL pointer dereference - xsk: fix umem memory leak on cleanup - netfilter: nft_set_rbtree: check for inactive element after flag mismatch - netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING - netfilter: fix NETFILTER_XT_TARGET_TEE dependencies - netfilter: ip6t_srh: fix NULL pointer dereferences - [s390x] qeth: fix race when initializing the IP address table - [armhf] imx51: fix a leaked reference by adding missing of_node_put - [arm64] KVM: Reset the PMU in preemptible context - [armhf,arm64] KVM: vgic-its: Take the srcu lock when writing to guest memory - [armhf,arm64] KVM: vgic-its: Take the srcu lock when parsing the memslots - [x86] usb: dwc3: pci: add support for Comet Lake PCH ID - usb: gadget: net2280: Fix overrun of OUT messages - usb: gadget: net2280: Fix net2280_dequeue() - [x86] i2c: i801: Add support for Intel Comet Lake - staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc - staging: rtlwifi: rtl8822b: fix to avoid potential NULL pointer dereference - staging: rtl8712: uninitialized memory in read_bbreg_hdl() - staging: rtlwifi: Fix potential NULL pointer dereference of kzalloc - [arm64] net: macb: Add null check for PCLK and HCLK - net/sched: don't dereference a->goto_chain to read the chain index - [armhf] dts: imx6qdl: Fix typo in imx6qdl-icore-rqs.dtsi - [armhf,arm64] drm/tegra: hub: Fix dereference before check - NFS: Fix a typo in nfs_init_timeout_values() - drm: Fix drm_release() and device unplug - [arm64] drm/meson: Fix invalid pointer in meson_drv_unbind() - [arm64] drm/meson: Uninstall IRQ handler - scsi: mpt3sas: Fix kernel panic during expander reset - scsi: aacraid: Insure we don't access PCIe space during AER/EEH - scsi: qla4xxx: fix a potential NULL pointer dereference - leds: trigger: netdev: fix refcnt leak on interface rename - [x86] realmode: Don't leak the trampoline kernel address - usb: u132-hcd: fix resource leak - ceph: fix use-after-free on symlink traversal - [s390x] scsi: zfcp: reduce flood of fcrscn1 trace records on multi- element RSCN - [x86] mm: Don't exceed the valid physical address space - libata: fix using DMA buffers on stack - gpio: of: Fix of_gpiochip_add() error path - nvme-multipath: relax ANA state check - perf machine: Update kernel map address and re-order properly - [x86] iommu/amd: Reserve exclusion range in iova-domain - ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK - leds: trigger: netdev: use memcpy in device_name_store https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.40 - ipv4: ip_do_fragment: Preserve skb_iif during fragmentation - ipv6: A few fixes on dereferencing rt->from - ipv6: fix races in ip6_dst_destroy() - ipv6/flowlabel: wait rcu grace period before put_pid() - ipv6: invert flowlabel sharing check in process and user mode - l2ip: fix possible use-after-free - l2tp: use rcu_dereference_sk_user_data() in l2tp_udp_encap_recv() - [armhf] net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc - net: phy: marvell: Fix buffer overrun with stats counters - rxrpc: Fix net namespace cleanup - sctp: avoid running the sctp state machine recursively - packet: validate msg_namelen in send directly - bnxt_en: Improve multicast address setup logic. - bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one() - bnxt_en: Fix uninitialized variable usage in bnxt_rx_pkt(). - [x86] KVM: Whitelist port 0x7e for pre-incrementing %rip - [x86] KVM: nVMX: Fix size checks in vmx_set_nested_state - ALSA: line6: use dynamic buffers - ath10k: Drop WARN_ON()s that always trigger during system resume https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.41 - iwlwifi: fix driver operation for 5350 - mwifiex: Make resume actually do something useful again on SDIO cards - mac80211: don't attempt to rename ERR_PTR() debugfs dirs - [armhf] i2c: imx: correct the method of getting private data in notifier_call - i2c: Remove unnecessary call to irq_find_mapping - i2c: Clear client->irq in i2c_device_remove - i2c: Allow recovery of the initial IRQ by an I2C client device. - i2c: Prevent runtime suspend of adapter when Host Notify is required - [x86] ALSA: hda/realtek - Add new Dell platform for headset mode - [x86] ALSA: hda/realtek - Fixed Dell AIO speaker noise - [x86] ALSA: hda/realtek - Apply the fixup for ASUS Q325UAR - USB: yurex: Fix protection fault after device removal - USB: w1 ds2490: Fix bug caused by improper use of altsetting array - USB: dummy-hcd: Fix failure to give back unlinked URBs - usb: usbip: fix isoc packet num validation in get_pipe - USB: core: Fix unterminated string returned by usb_string() - USB: core: Fix bug caused by duplicate interface PM usage counter - nvme-loop: init nvmet_ctrl fatal_err_work when allocate - [arm64] dts: rockchip: fix rk3328-roc-cc gmac2io tx/rx_delay - HID: logitech: check the return value of create_singlethread_workqueue - HID: debug: fix race condition with between rdesc_show() and device removal - rtc: cros-ec: Fail suspend/resume if wake IRQ can't be configured - batman-adv: Reduce claim hash refcnt only for removed entry - batman-adv: Reduce tt_local hash refcnt only for removed entry - batman-adv: Reduce tt_global hash refcnt only for removed entry - batman-adv: fix warning in function batadv_v_elp_get_throughput - [armhf] dts: rockchip: Fix gpu opp node names for rk3288 - [arm64] reset: meson-audio-arb: Fix missing .owner setting of reset_controller_dev - igb: Fix WARN_ONCE on runtime suspend - HID: quirks: Fix keyboard + touchpad on Lenovo Miix 630 - net/mlx5: E-Switch, Fix esw manager vport indication for more vport commands - bonding: show full hw address in sysfs for slave entries - [armhf,arm64] net: stmmac: use correct DMA buffer size in the RX descriptor - [armhf,arm64] net: stmmac: ratelimit RX error logs - [armhf,arm64] net: stmmac: don't stop NAPI processing when dropping a packet - [armhf,arm64] net: stmmac: don't overwrite discard_frame status - [armhf,arm64] net: stmmac: fix dropping of multi-descriptor RX frames - [armhf,arm64] net: stmmac: don't log oversized frames - jffs2: fix use-after-free on symlink traversal - debugfs: fix use-after-free on symlink traversal - [armhf] mfd: twl-core: Disable IRQ while suspended - block: use blk_free_flush_queue() to free hctx->fq in blk_mq_init_hctx - HID: input: add mapping for Assistant key - vfio/pci: use correct format characters - scsi: core: add new RDAC LENOVO/DE_Series device - [x86] scsi: storvsc: Fix calculation of sub-channel count - [arm64] fix wrong check of on_sdei_stack in nmi context - [arm64] net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw() - [arm64] net: hns: Use NAPI_POLL_WEIGHT for hns driver - [arm64] net: hns: Fix probabilistic memory overwrite when HNS driver initialized - [arm64] net: hns: fix ICMP6 neighbor solicitation messages discard problem - [arm64] net: hns: Fix WARNING when remove HNS driver with SMMU enabled - libcxgb: fix incorrect ppmax calculation - [x86] KVM: SVM: prevent DBG_DECRYPT and DBG_ENCRYPT overflow - hugetlbfs: fix memory leak for resv_map - fs: stream_open - opener for stream-like files so that read and write can run simultaneously without deadlock - [armel] orion: don't use using 64-bit DMA masks - block: pass no-op callback to INIT_WORK(). - [x86] perf/amd: Update generic hardware cache events for Family 17h - Bluetooth: btusb: request wake pin with NOAUTOEN - Bluetooth: mediatek: fix up an error path to restore bdev->tx_state - [arm64] clk: qcom: Add missing freq for usb30_master_clk on 8998 - scsi: RDMA/srpt: Fix a credit leak for aborted commands - [x86] ASoC: Intel: bytcr_rt5651: Revert "Fix DMIC map headsetmic mapping" - [x86] platform: intel_pmc_core: Fix PCH IP name - [x86] platform: intel_pmc_core: Handle CFL regmap properly - IB/core: Unregister notifier before freeing MAD security - IB/core: Fix potential memory leak while creating MAD agents - IB/core: Destroy QP if XRC QP fails - selinux: avoid silent denials in permissive mode under RCU walk - selinux: never allow relabeling on context mounts - mac80211: Honor SW_CRYPTO_CONTROL for unicast keys in AP VLAN mode - [ppc64el] mm/hash: Handle mmap_min_addr correctly in get_unmapped_area topdown search - [x86] mce: Improve error message when kernel cannot recover, p2 - [x86] clk: Add system specific quirk to mark clocks as critical - [x86] mm/KASLR: Fix the size of the direct mapping section - [x86] mm: Fix a crash with kmemleak_scan() - [x86] mm/tlb: Revert "x86/mm: Align TLB invalidation info" - media: v4l2: i2c: ov7670: Fix PLL bypass register values https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.42 - [armhf,arm64] net: stmmac: Use bfsize1 in ndesc_init_rx_desc - [x86] Drivers: hv: vmbus: Remove the undesired put_cpu_ptr() in hv_synic_cleanup() - ASoC: hdmi-codec: fix S/PDIF DAI - ASoC:soc-pcm:fix a codec fixup issue in TDM case - [x86] ASoC:intel:skl:fix a simultaneous playback & capture issue on hda platform - [arm64] clk: meson-gxbb: round the vdec dividers to closest - ASoC: dapm: Fix NULL pointer dereference in snd_soc_dapm_free_kcontrol - [armhf] drm/omap: hdmi4_cec: Fix CEC clock handling for PM - IB/hfi1: Eliminate opcode tests on mr deref - IB/hfi1: Fix the allocation of RSM table - [x86] perf/intel: Fix handling of wakeup_events for multi-entry PEBS - [x86] perf/intel: Initialize TFA MSR - linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() - drm/amd/display: fix cursor black issue - objtool: Add rewind_stack_do_exit() to the noreturn list - slab: fix a crash by reading /proc/slab_allocators - [armhf,arm64] drm/sun4i: tcon top: Fix NULL/invalid pointer dereference in sun8i_tcon_top_un/bind - virtio_pci: fix a NULL pointer reference in vp_del_vqs - [x86] RDMA/vmw_pvrdma: Fix memory leak on pvrdma_pci_remove - [arm64] RDMA/hns: Fix bug that caused srq creation to fail - scsi: csiostor: fix missing data copy in csio_scsi_err_handler() - [x86] ASoC: Intel: kbl: fix wrong number of channels - virtio-blk: limit number of hw queues by nr_cpu_ids - nvme-fc: correct csn initialization and increments on error - [x86] platform: pmc_atom: Drop __initconst on dmi table - perf/core: Fix perf_event_disable_inatomic() race - [x86] iommu/amd: Set exclusion range correctly - genirq: Prevent use-after-free and work list corruption - usb: dwc3: Fix default lpm_nyet_threshold value - USB: serial: f81232: fix interrupt worker not stop - USB: cdc-acm: fix unthrottle races - usb-storage: Set virt_boundary_mask to avoid SG overflows - [x86] intel_th: pci: Add Comet Lake support - [arm64] cpufreq: armada-37xx: fix frequency calculation for opp - scsi: lpfc: change snprintf to scnprintf for possible overflow - scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines - scsi: qla2xxx: Fix device staying in blocked state - UAS: fix alignment of scatter/gather segments - [x86] ASoC: Intel: avoid Oops if DMA setup fails - locking/futex: Allow low-level atomic operations to return -EAGAIN - [arm64] futex: Bound number of LDXR/STXR loops in FUTEX_WAKE_OP https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.43 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.44 - bfq: update internal depth state when queue depth changes - [x86] platform: sony-laptop: Fix unintentional fall-through - [x86] platform: thinkpad_acpi: Disable Bluetooth for some machines - [x86] platform: dell-laptop: fix rfkill functionality - hwmon: (pwm-fan) Disable PWM if fetching cooling data fails - kernfs: fix barrier usage in __kernfs_new_node() - [x86] virt: vbox: Sanity-check parameter types for hgcm-calls coming from userspace - USB: serial: fix unthrottle races - acpi/nfit: Always dump _DSM output payload - libnvdimm/namespace: Fix a potential NULL pointer dereference - HID: input: add mapping for Expose/Overview key - HID: input: add mapping for keyboard Brightness Up/Down/Toggle keys - HID: input: add mapping for "Toggle Display" key - libnvdimm/btt: Fix a kmemdup failure check - [s390x] dasd: Fix capacity calculation for large volumes - mac80211: fix unaligned access in mesh table hash function - mac80211: Increase MAX_MSG_LEN - cfg80211: Handle WMM rules in regulatory domain intersection - mac80211: fix memory accounting with A-MSDU aggregation - nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands - libnvdimm/pmem: fix a possible OOB access when read and write pmem - [s390x] 3270: fix lockdep false positive on view->lock - drm/amd/display: extending AUX SW Timeout - mISDN: Check address length before reading address family - vxge: fix return of a free'd memblock on a failed dma mapping - qede: fix write to free'd pointer error and double free of ptp - afs: Unlock pages for __pagevec_release() - drm/amd/display: If one stream full updates, full update all planes - [s390x] pkey: add one more argument space for debug feature entry - [x86] reboot, efi: Use EFI reboot for Acer TravelMate X514-51T - [x86] KVM: fix spectrev1 gadgets - [x86] KVM: avoid misreporting level-triggered irqs as edge-triggered in tracing - tools lib traceevent: Fix missing equality check for strcmp - ipmi: ipmi_si_hardcode.c: init si_type array to fix a crash - scsi: aic7xxx: fix EISA support - mm: fix inactive list balancing between NUMA nodes and cgroups - init: initialize jump labels before command line option parsing - ipvs: do not schedule icmp errors from tunnels - netfilter: ctnetlink: don't use conntrack/expect object addresses as id - netfilter: nf_tables: prevent shift wrap in nft_chain_parse_hook() - [s390x] ctcm: fix ctcm_new_device error return code - [armhf,arm64] drm/sun4i: Set device driver data at bind time for use in unbind - [armhf,arm64] drm/sun4i: Fix component unbinding and component master deletion - netfilter: fix nf_l4proto_log_invalid to log invalid packets - [armhf] gpu: ipu-v3: dp: fix CSC handling - [armhf] drm/imx: don't skip DP channel disable for background plane - [armhf,arm64] drm/sun4i: Unbind components before releasing DRM and memory - Input: synaptics-rmi4 - fix possible double free - [arm64] RDMA/hns: Bugfix for mapping user db - mm/memory_hotplug.c: drop memory device reference after find_memory_block() - [ppc64el] smp: Fix NMI IPI timeout - [ppc64el] smp: Fix NMI IPI xmon timeout - [armhf,arm64] net: dsa: mv88e6xxx: fix few issues in mv88e6390x_port_set_cmode - mm/memory.c: fix modifying of page protection by insert_pfn() - usb: typec: Fix unchecked return value - netfilter: nf_tables: use-after-free in dynamic operations - netfilter: nf_tables: add missing ->release_ops() in error path of newrule() (Closes: #934168) - net: fec: manage ahb clock in runtime pm - net: strparser: partially revert "strparser: Call skb_unclone conditionally" - NFC: nci: Add some bounds checking in nci_hci_cmd_received() - nfc: nci: Potential off by one in ->pipes[] array - [x86] kprobes: Avoid kretprobe recursion bug - mwl8k: Fix rate_idx underflow - rtlwifi: rtl8723ae: Fix missing break in switch statement - bonding: fix arp_validate toggling in active-backup mode - bridge: Fix error path for kobject_init_and_add() - ipv4: Fix raw socket lookup for local traffic - net: dsa: Fix error cleanup path in dsa_init_module - [armhf] net: ethernet: stmmac: dwmac-sun8i: enable support of unicast filtering - [arm64] net: macb: Change interrupt and napi enable order in open - packet: Fix error path in packet_init - selinux: do not report error on connect(AF_UNSPEC) - vlan: disable SIOCSHWTSTAMP in container - vrf: sit mtu should not be updated when vrf netdev is the link - tuntap: fix dividing by zero in ebpf queue selection - tuntap: synchronize through tfiles array instead of tun->numqueues - isdn: bas_gigaset: use usb_fill_int_urb() properly - tipc: fix hanging clients using poll with EPOLLOUT flag - [ppc64el] book3s/64: check for NULL pointer in pgd_alloc() - [ppc64el] powernv/idle: Restore IAMR after idle - [x86] PCI: hv: Fix a memory leak in hv_eject_device_work() - [x86] PCI: hv: Add hv_pci_remove_slots() when we unload the driver - [x86] PCI: hv: Add pci_destroy_slot() in pci_devices_present_work(), if necessary https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.45 - locking/rwsem: Prevent decrement of reader count before increment - [x86] speculation/mds: Revert CPU buffer clear on double fault exit - [x86] speculation/mds: Improve CPU buffer clear documentation - objtool: Fix function fallthrough detection - [arm64] dts: rockchip: Disable DCMDs on RK3399's eMMC controller. - [armhf] dts: exynos: Fix interrupt for shared EINTs on Exynos5260 - [armhf] dts: exynos: Fix audio (microphone) routing on Odroid XU3 - [arm64] mmc: sdhci-of-arasan: Add DTS property to disable DCMDs. - [armhf] exynos: Fix a leaked reference by adding missing of_node_put - [armhf] power: supply: axp288_charger: Fix unchecked return value - [armhf,arm64] power: supply: axp288_fuel_gauge: Add ACEPC T8 and T11 mini PCs to the blacklist - [arm64] mmap: Ensure file offset is treated as unsigned - [arm64] arch_timer: Ensure counter register reads occur with seqlock held - [arm64] compat: Reduce address limit - [arm64] Clear OSDLR_EL1 on CPU boot - [arm64] Save and restore OSDLR_EL1 across suspend/resume - [x96] sched: Save [ER]FLAGS on context switch - crypto: salsa20 - don't access already-freed walk.iv - crypto: chacha20poly1305 - set cra_name correctly - [x86] crypto: ccp - Do not free psp_master when PLATFORM_INIT fails - [ppc64el] crypto: vmx - fix copy-paste error in CTR mode - crypto: skcipher - don't WARN on unprocessed data after slow walk step - crypto: crct10dif-generic - fix use via crypto_shash_digest() - [x86] crypto: crct10dif-pcl - fix use via crypto_shash_digest() - [arm64] crypto: gcm-aes-ce - fix no-NEON fallback code - crypto: gcm - fix incompatibility between "gcm" and "gcm_base" - [armhf,arm64] crypto: aes-neonbs - don't access already-freed walk.iv - mmc: core: Fix tag set memory leak - ALSA: line6: toneport: Fix broken usage of timer for delayed execution - ALSA: usb-audio: Fix a memory leak bug - ALSA: hda/hdmi - Read the pin sense from register when repolling - ALSA: hda/hdmi - Consider eld_valid when reporting jack event - ALSA: hda/realtek - EAPD turn on later - ALSA: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) - [armhf,arm64] ASoC: max98090: Fix restore of DAPM Muxes - ASoC: codec: hdac_hdmi add device_link to card device - [arm64] bpf: remove prefetch insn in xadd mapping - mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses - mm/hugetlb.c: don't put_page in lock of hugetlb_lock - hugetlb: use same fault hash key for shared and private mappings - ocfs2: fix ocfs2 read inode data panic in ocfs2_iget - userfaultfd: use RCU to free the task struct when fork fails - ACPI: PM: Set enable_for_wake for wakeup GPEs during suspend-to-idle - [arm64] mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values - mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write - tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 - tty/vt: fix write/write race in ioctl(KDSKBSENT) handler - jbd2: check superblock mapped prior to committing - ext4: make sanity check in mballoc more strict - ext4: ignore e_value_offs for xattrs with value-in-ea-inode - ext4: avoid drop reference to iloc.bh twice - ext4: fix use-after-free race with debug_want_extra_isize - ext4: actually request zeroing of inode table after grow - ext4: fix ext4_show_options for file systems w/o journal - btrfs: Check the first key and level for cached extent buffer - btrfs: Correctly free extent buffer in case btree_read_extent_buffer_pages fails - Btrfs: send, flush dellaloc in order to avoid data loss - Btrfs: do not start a transaction during fiemap - Btrfs: do not start a transaction at iterate_extent_inodes() - bcache: fix a race between cache register and cacheset unregister - bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim() - ipmi:ssif: compare block number correctly for multi-part return messages - crypto: ccm - fix incompatibility between "ccm" and "ccm_base" - fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount - ext4: fix data corruption caused by overlapping unaligned and aligned IO - ext4: fix use-after-free in dx_release() - ext4: avoid panic during forced reboot due to aborted journal - [x86] ALSA: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) - ALSA: hda/realtek - Fixup headphone noise via runtime suspend - [x86] ALSA: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug - jbd2: fix potential double free - [x86] KVM: Skip EFER vs. guest CPUID checks for host-initiated writes - [x86] KVM: lapic: Busy wait for timer to expire when using hv_timer - xen/pvh: set xen_domain_type to HVM in xen_pvh_init - libnvdimm/namespace: Fix label tracking error - iov_iter: optimize page_copy_sane() - pstore: Centralize init/exit routines - pstore: Allocate compression during late_initcall() - pstore: Refactor compression initialization - ext4: don't update s_rev_level if not required https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.46 - ipv6: fix src addr routing with the exception table - ipv6: prevent possible fib6 leaks - net: Always descend into dsa/ - net: avoid weird emergency message - net/mlx4_core: Change the error print to info print - net: test nouarg before dereferencing zerocopy pointers - net: usb: qmi_wwan: add Telit 0x1260 and 0x1261 compositions - nfp: flower: add rcu locks when accessing netdev for tunnels - ppp: deflate: Fix possible crash in deflate_init - rtnetlink: always put IFLA_LINK for links with a link-netnsid - tipc: switch order of device registration to fix a crash - vsock/virtio: free packets during the socket release - vsock/virtio: Initialize core virtio vsock before registering the driver - net/mlx5: Imply MLXFW in mlx5_core - net/mlx5e: Fix ethtool rxfh commands when CONFIG_MLX5_EN_RXNFC is disabled - stm class: Fix channel free in stm output free path - stm class: Fix channel bitmap on 32-bit systems - brd: re-enable __GFP_HIGHMEM in brd_insert_page() - proc: prevent changes to overridden credentials - Revert "MD: fix lock contention for flush bios" - md: batch flush requests. - md: add mddev->pers to avoid potential NULL pointer dereference - dcache: sort the freeing-without-RCU-delay mess for good. - [x86] intel_th: msu: Fix single mode with IOMMU - p54: drop device reference count if fails to enable device - of: fix clang -Wunsequenced for be32_to_cpu() - cifs: fix strcat buffer overflow and reduce raciness in smb21_set_oplock_level() - [armhf] phy: ti-pipe3: fix missing bit-wise or operator when assigning val - NFS4: Fix v4.0 client state corruption when mount - PNFS fallback to MDS if no deviceid found - [arm64] clk: hi3660: Mark clk_gate_ufs_subsys as critical - [armhf,arm64] clk: tegra: Fix PLLM programming on Tegra124+ when PMC overrides divider - [arm64] clk: rockchip: fix wrong clock definitions for rk3328 - udlfb: delete the unused parameter for dlfb_handle_damage - udlfb: fix sleeping inside spinlock - udlfb: introduce a rendering mutex - fuse: fix writepages on 32bit - fuse: honor RLIMIT_FSIZE in fuse_file_fallocate - ovl: fix missing upper fs freeze protection on copy up for ioctl - [armhf] iommu/tegra-smmu: Fix invalid ASID bits on Tegra30/114 - ceph: flush dirty inodes before proceeding with remount - [amd64] Add gap to int3 to allow for call emulation - [amd64] Allow breakpoints to emulate call instructions - [amd64] ftrace: Emulate call function while updating in breakpoint handler - tracing: Fix partial reading of trace event's id file - [armhf,arm64] memory: tegra: Fix integer overflow on tick value calculation - [x86] perf intel-pt: Fix instructions sampling rate - [x86] perf intel-pt: Fix improved sample timestamp - [x86] perf intel-pt: Fix sample timestamp wrt non-taken branches - fbdev/efifb: Ignore framebuffer memmap entries that lack any memory types - PCI: Mark AMD Stoney Radeon R7 GPU ATS as broken - PCI: Mark Atheros AR9462 to avoid bus reset - PCI: Init PCIe feature bits for managed host bridge alloc - PCI/AER: Change pci_aer_init() stub to return void - PCI: Factor out pcie_retrain_link() function - PCI: Work around Pericom PCIe-to-PCI bridge Retrain Link erratum - dm cache metadata: Fix loading discard bitset - dm zoned: Fix zone report handling - dm delay: fix a crash when invalid device is specified - dm integrity: correctly calculate the size of metadata area - dm mpath: always free attached_handler_name in parse_path() - fuse: Add FOPEN_STREAM to use stream_open() - xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - xfrm6_tunnel: Fix potential panic when unloading xfrm6_tunnel module - vti4: ipip tunnel deregistration fixes. - xfrm: clean up xfrm protocol checks - esp4: add length check for UDP encapsulation - xfrm: Honor original L3 slave device in xfrmi policy lookup - xfrm4: Fix uninitialized memory read in _decode_session4 - [armhf,arm64] clk: sunxi-ng: nkmp: Avoid GENMASK(-1, 0) - securityfs: fix use-after-free on symlink traversal - apparmorfs: fix use-after-free on symlink traversal - PCI: Fix issue with "pci=disable_acs_redir" parameter being ignored - [x86] kvm: hyper-v: deal with buggy TLB flush requests from WS2012 - mac80211: Fix kernel panic due to use of txq after free - net: ieee802154: fix missing checks for regmap_update_bits - [armhf,arm64] KVM: Ensure vcpu target is unset on reset failure - bpf: Fix preempt_enable_no_resched() abuse - qmi_wwan: new Wistron, ZTE and D-Link devices - iwlwifi: mvm: check for length correctness in iwl_mvm_create_skb() - sched/cpufreq: Fix kobject memleak - [x86] mm/mem_encrypt: Disable all instrumentation for early SME setup - ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour - perf bench numa: Add define for RUSAGE_THREAD if not present - [x86] perf/intel: Fix race in intel_pmu_disable_event() - md/raid: raid5 preserve the writeback action after the parity check - driver core: Postpone DMA tear-down until after devres release for probe failure - bpf: relax inode permission check for retrieving bpf program - bpf: add map_lookup_elem_sys_only for lookups from syscall side - bpf, lru: avoid messing with eviction heuristics upon syscall lookup https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.47 - [x86] Hide the int3_emulate_call/jmp functions from UML - ext4: do not delete unlinked inode from orphan list on failed truncate - ext4: wait for outstanding dio during truncate in nojournal mode - f2fs: Fix use of number of devices - [x86] KVM: fix return value for reserved EFER - bio: fix improper use of smp_mb__before_atomic() - sbitmap: fix improper use of smp_mb__before_atomic() - Revert "scsi: sd: Keep disk read-only when re-reading partition" - [ppc64el] crypto: vmx - CTR: always increment IV as quadword - [arm*] mmc: sdhci-iproc: cygnus: Set NO_HISPD bit to fix HS50 data hold time problem - [arm*] mmc: sdhci-iproc: Set NO_HISPD bit to fix HS50 data hold time problem - [x86] kvm: svm/avic: fix off-by-one in checking host APIC ID - libnvdimm/pmem: Bypass CONFIG_HARDENED_USERCOPY overhead - [arm64] kernel: kaslr: reduce module randomization range to 2 GB - [arm64] iommu: handle non-remapped addresses in ->mmap and ->get_sgtable - gfs2: Fix sign extension bug in gfs2_update_stats - btrfs: don't double unlock on error in btrfs_punch_hole - Btrfs: do not abort transaction at btrfs_update_root() after failure to COW path - Btrfs: avoid fallback to transaction commit during fsync of files with holes - Btrfs: fix race between ranged fsync and writeback of adjacent ranges - btrfs: sysfs: Fix error path kobject memory leak - btrfs: sysfs: don't leak memory when failing add fsid - udlfb: fix some inconsistent NULL checking - fbdev: fix divide error in fb_var_to_videomode - NFSv4.2 fix unnecessary retry in nfs4_copy_file_range - NFSv4.1 fix incorrect return value in copy_file_range - bpf: add bpf_jit_limit knob to restrict unpriv allocations - [arm64] errata: Add workaround for Cortex-A76 erratum #1463225 - btrfs: honor path->skip_locking in backref code - ovl: relax WARN_ON() for overlapping layers use case - fbdev: fix WARNING in __alloc_pages_nodemask bug - media: cpia2: Fix use-after-free in cpia2_exit - media: serial_ir: Fix use-after-free in serial_ir_init_module - media: vb2: add waiting_in_dqbuf flag - media: vivid: use vfree() instead of kfree() for dev->bitmap_cap - ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit - bpf: devmap: fix use-after-free Read in __dev_map_entry_free - batman-adv: mcast: fix multicast tt/tvlv worker locking - at76c50x-usb: Don't register led_trigger if usb_register_driver failed - acct_on(): don't mess with freeze protection - gfs2: Fix lru_count going negative - cxgb4: Fix error path in cxgb4_init_module - NFS: make nfs_match_client killable - IB/hfi1: Fix WQ_MEM_RECLAIM warning - gfs2: Fix occasional glock use-after-free - mmc: core: Verify SD bus width - [arm64] dmaengine: tegra210-dma: free dma controller in remove() - net: ena: gcc 8: fix compilation warning - [x86] hv_netvsc: fix race that may miss tx queue wakeup - Bluetooth: Ignore CC events not matching the last HCI command - [x86] ASoC: Intel: kbl_da7219_max98357a: Map BTN_0 to KEY_PLAYPAUSE - [armhf,arm64] usb: dwc2: gadget: Increase descriptors count for ISOC's - [armhf,arm64] usb: dwc3: move synchronize_irq() out of the spinlock protected block - ASoC: hdmi-codec: unlock the device on startup errors - [ppc64el] perf: Return accordingly on invalid chip-id in - [ppc64el] boot: Fix missing check of lseek() return value - [ppc64el] perf: Fix loop exit condition in nest_imc_event_init - [armhf] ASoC: imx: fix fiq dependencies - [amd64] spi: pxa2xx: fix SCR (divisor) calculation - brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() - ACPI / property: fix handling of data_nodes in acpi_get_next_subnode() - drm/nouveau/bar/nv50: ensure BAR is mapped - [armel,armhf] vdso: Remove dependency with the arch_timer driver internals - [ppc64el] watchdog: Use hrtimers for per-CPU heartbeat - sched/cpufreq: Fix kobject memleak - scsi: qla2xxx: Fix a qla24xx_enable_msix() error path - scsi: qla2xxx: Fix abort handling in tcm_qla2xxx_write_pending() - scsi: qla2xxx: Avoid that lockdep complains about unsafe locking in tcm_qla2xxx_close_session() - scsi: qla2xxx: Fix hardirq-unsafe locking - [x86] modules: Avoid breaking W^X while loading modules - Btrfs: fix data bytes_may_use underflow with fallocate due to failed quota reserve - btrfs: fix panic during relocation after ENOSPC before writeback happens - btrfs: Don't panic when we can't find a root key - iwlwifi: pcie: don't crash on invalid RX interrupt - scsi: qedi: Abort ep termination if offload not scheduled - [s390x] kexec_file: Fix detection of text segment in ELF loader - sched/nohz: Run NOHZ idle load balancer on HK_FLAG_MISC CPUs - w1: fix the resume command API - [s390x] qeth: address type mismatch warning - [armhf,arm64] dmaengine: pl330: _stop: clear interrupt status - mac80211/cfg80211: update bss channel on channel switch - mwifiex: prevent an array overflow - rsi: Fix NULL pointer dereference in kmalloc - nvme: set 0 capacity if namespace block size exceeds PAGE_SIZE - nvme-rdma: fix a NULL deref when an admin connect times out - [armhf,arm64] crypto: sun4i-ss - Fix invalid calculation of hash end - bcache: avoid potential memleak of list of journal_replay(s) in the CACHE_SYNC branch of run_cache_set - bcache: return error immediately in bch_journal_replay() - bcache: fix failure in journal relplay - bcache: add failure check to run_cache_set() for journal replay - bcache: avoid clang -Wunintialized warning - RDMA/cma: Consider scope_id while binding to ipv6 ll address - vfio-ccw: Do not call flush_workqueue while holding the spinlock - vfio-ccw: Release any channel program when releasing/removing vfio-ccw mdev - [x86] mm: Remove in_nmi() warning from 64-bit implementation of vmalloc_fault() - mm/uaccess: Use 'unsigned long' to placate UBSAN warnings on older GCC versions - Bluetooth: hci_qca: Give enough time to ROME controller to bootup. - HID: logitech-hidpp: use RAP instead of FAP to get the protocol version - [armhf] pinctrl: samsung: fix leaked of_node references - [armhf] clk: rockchip: undo several noc and special clocks as critical on rk3288 - [arm64] perf/arm-cci: Remove broken race mitigation - media: au0828: stop video streaming only when last user stops - audit: fix a memory leak bug - media: au0828: Fix NULL pointer dereference in au0828_analog_stream_enable() - media: pvrusb2: Prevent a buffer overflow - block: fix use-after-free on gendisk - [ppc64el] numa: improve control of topology updates - [ppc64el] Fix booting large kernels with STRICT_KERNEL_RWX - random: fix CRNG initialization when random.trust_cpu=1 - random: add a spinlock_t to struct batched_entropy - cgroup: protect cgroup->nr_(dying_)descendants by css_set_lock - sched/core: Check quota and period overflow at usec to nsec conversion - sched/rt: Check integer overflow at usec to nsec conversion - sched/core: Handle overflow in cpu_shares_write_u64 - [arm*] staging: vc04_services: handle kzalloc failure - [arm64] drm/msm: a5xx: fix possible object reference leak - irq_work: Do not raise an IPI when queueing work on the local CPU - [x86] thunderbolt: Take domain lock in switch sysfs attribute callbacks - [s390x] qeth: handle error from qeth_update_from_chp_desc() - USB: core: Don't unbind interfaces following device reset failure - [amd64] irq: Limit IST stack overflow check to #DB stack - [armhf] drm: etnaviv: avoid DMA API warning when importing buffers - [armhf,arm64] phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode - i40e: Able to add up to 16 MAC filters on an untrusted VF - i40e: don't allow changes to HW VLAN stripping on active port VLANs - ACPI/IORT: Reject platform device creation on NUMA node mapping failure - [arm64] vdso: Fix clock_getres() for CLOCK_REALTIME - RDMA/cxgb4: Fix null pointer dereference on alloc_skb failure - [x86] perf/msr: Add Icelake support - [x86] perf/intel/rapl: Add Icelake support - [x86] perf/intel/cstate: Add Icelake support - hwmon: (vt1211) Use request_muxed_region for Super-IO accesses - hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses - hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses - hwmon: (pc87427) Use request_muxed_region for Super-IO accesses - hwmon: (f71805f) Use request_muxed_region for Super-IO accesses - scsi: libsas: Do discovery on empty PHY to update PHY info - mmc: core: make pwrseq_emmc (partially) support sleepy GPIO controllers - [armhf,arm64] mmc_spi: add a status check for spi_sync_locked - drm/amdgpu: fix old fence check in amdgpu_fence_emit - PM / core: Propagate dev->power.wakeup_path when no callbacks - [armhf] clk: rockchip: Fix video codec clocks on rk3288 - [armhf] clk: rockchip: Make rkpwm a critical clock on rk3288 - [s390x] zcrypt: initialize variables before_use - [x86] microcode: Fix the ancient deprecated microcode loading method - [s390x] mm: silence compiler warning when compiling without CONFIG_PGSTE - [s390x] cio: fix cio_irb declaration - qmi_wwan: Add quirk for Quectel dynamic config - block: sed-opal: fix IOC_OPAL_ENABLE_DISABLE_MBR - rtlwifi: fix a potential NULL pointer dereference - mwifiex: Fix mem leak in mwifiex_tm_cmd - brcmfmac: fix missing checks for kmemdup - b43: shut up clang -Wuninitialized variable warning - brcmfmac: convert dev_init_lock mutex to completion - brcmfmac: fix WARNING during USB disconnect in case of unempty psq - brcmfmac: fix race during disconnect when USB completion is in progress - brcmfmac: fix Oops when bringing up interface during USB disconnect - [arm64] rtc: xgene: fix possible race condition - rtlwifi: fix potential NULL pointer dereference - scsi: ufs: Fix regulator load and icc-level configuration - scsi: ufs: Avoid configuring regulator with undefined voltage range - [arm64] cpu_ops: fix a leaked reference by adding missing of_node_put - wil6210: fix return code of wmi_mgmt_tx and wmi_mgmt_tx_ext - [x86] uaccess, signal: Fix AC=1 bloat - [amd64] ia32: Fix ia32_restore_sigcontext() AC leak - [x86] uaccess: Fix up the fixup - chardev: add additional check for minor range overlap - [arm64] RDMA/hns: Fix bad endianess of port_pd variable - HID: core: move Usage Page concatenation to Main item - [armhf] ASoC: eukrea-tlv320: fix a leaked reference by adding missing of_node_put - cxgb3/l2t: Fix undefined behaviour - HID: logitech-hidpp: change low battery level threshold from 31 to 30 percent - [armhf] spi: tegra114: reset controller on probe - kobject: Don't trigger kobject_uevent(KOBJ_REMOVE) twice. - [armhf] media: wl128x: prevent two potential buffer overflows - media: gspca: Kill URBs on USB device disconnect - efifb: Omit memory map check on legacy boot - [x86] thunderbolt: property: Fix a missing check of kzalloc - [x86] thunderbolt: Fix to check the return value of kmemdup - timekeeping: Force upper bound for setting CLOCK_REALTIME - scsi: qedf: Add missing return in qedf_post_io_req() in the fcport offload check - virtio_console: initialize vtermno value for ports - tty: ipwireless: fix missing checks for ioremap - overflow: Fix -Wtype-limits compilation warnings - [x86] mce: Fix machine_check_poll() tests for error types - rcutorture: Fix cleanup path for invalid torture_type strings - [x86] mce: Handle varying MCA bank counts - rcuperf: Fix cleanup path for invalid perf_type strings - usb: core: Add PM runtime calls to usb_hcd_platform_shutdown - scsi: qla4xxx: avoid freeing unallocated dma memory - scsi: lpfc: avoid uninitialized variable warning - selinux: avoid uninitialized variable warning - batman-adv: allow updating DAT entry timeouts on incoming ARP Replies - dmaengine: tegra210-adma: use devm_clk_*() helpers - [armhf] hwrng: omap - Set default quality - [x86] thunderbolt: Fix to check return value of ida_simple_get - [x86] thunderbolt: Fix to check for kmemdup failure - drm/amd/display: fix releasing planes when exiting odm - [x86] thunderbolt: property: Fix a NULL pointer dereference - e1000e: Disable runtime PM on CNP+ - igb: Exclude device from suspend direct complete optimization - media: dvbsky: Avoid leaking dvb frontend - drm/amd/display: Fix Divide by 0 in memory calculations - drm/amd/display: Set stream->mode_changed when connectors change - scsi: ufs: fix a missing check of devm_reset_control_get - media: gspca: do not resubmit URBs when streaming has stopped - media: go7007: avoid clang frame overflow warning with KASAN - scsi: lpfc: Fix FDMI manufacturer attribute value - scsi: lpfc: Fix fc4type information for FDMI - media: saa7146: avoid high stack usage with clang - scsi: lpfc: Fix SLI3 commands being issued on SLI4 devices - [i386] spi : spi-topcliff-pch: Fix to handle empty DMA buffers - [armhf] drm/omap: dsi: Fix PM for display blank with paired dss_pll calls - [armhf] spi: imx: stop buffer overflow in RX FIFO flush - spi: Fix zero length xfer bug - [armhf] ASoC: davinci-mcasp: Fix clang warning without CONFIG_PM - drm/drv: Hold ref on parent device during drm_device lifetime - drm: Wake up next in drm_read() chain if we are forced to putback the event - [s390x] vfio-ccw: Prevent quiesce function going into an infinite loop - NFS: Fix a double unlock from nfs_match,get_client https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.48 - bonding/802.3ad: fix slave link initialization transition states - cxgb4: offload VLAN flows regardless of VLAN ethtype - ipv4/igmp: fix another memory leak in igmpv3_del_delrec() - ipv4/igmp: fix build error if !CONFIG_IP_MULTICAST - ipv6: Consider sk_bound_dev_if when binding a raw socket to an address - ipv6: Fix redirect with VRF - llc: fix skb leak in llc_build_and_send_ui_pkt() - [armhf,arm64] net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT - net-gro: fix use-after-free read in napi_gro_frags() - [armhf,arm64] net: mvneta: Fix err code path of probe - [armhf,arm64] net: mvpp2: fix bad MVPP2_TXQ_SCHED_TOKEN_CNTR_REG queue value - net: phy: marvell10g: report if the PHY fails to boot firmware - net: sched: don't use tc_action->order during action dump - [armhf,arm64] net: stmmac: fix reset gpio free missing - usbnet: fix kernel crash after disconnect - net/mlx5: Avoid double free in fs init error unwinding path - tipc: Avoid copying bytes beyond the supplied data - net/mlx5: Allocate root ns memory using kzalloc to match kfree - net/mlx5e: Disable rxhash when CQE compress is enabled - [armhf,arm64] net: stmmac: dma channel control register need to be init first - bnxt_en: Fix aggregation buffer leak under OOM condition. - [ppc64el] crypto: vmx - ghash: do nosimd fallback manually - include/linux/compiler*.h: define asm_volatile_goto - compiler.h: give up __compiletime_assert_fallback() - jump_label: move 'asm goto' support test to Kconfig - tipc: fix modprobe tipc failed after switch order of device registration https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.49 - include/linux/bitops.h: sanitize rotate primitives - xhci: update bounce buffer with correct sg num - xhci: Use %zu for printing size_t type - xhci: Convert xhci_handshake() to use readl_poll_timeout_atomic() - usb: xhci: avoid null pointer deref when bos field is NULL - usbip: usbip_host: fix BUG: sleeping function called from invalid context - usbip: usbip_host: fix stub_dev lock context imbalance regression - USB: Fix slab-out-of-bounds write in usb_get_bos_descriptor - USB: sisusbvga: fix oops in error path of sisusb_probe - USB: Add LPM quirk for Surface Dock GigE adapter - USB: rio500: refuse more than one device at a time - USB: rio500: fix memory leak in close after disconnect - media: usb: siano: Fix general protection fault in smsusb - media: usb: siano: Fix false-positive "uninitialized variable" warning - media: smsusb: better handle optional alignment - brcmfmac: fix NULL pointer derefence during USB disconnect - [s390x] scsi: zfcp: fix missing zfcp_port reference put on -EBUSY from port_remove - [s390x] scsi: zfcp: fix to prevent port_remove with pure auto scan LUNs (only sdevs) - tracing: Avoid memory leak in predicate_parse() - Btrfs: fix wrong ctime and mtime of a directory after log replay - Btrfs: fix race updating log root item during fsync - Btrfs: fix fsync not persisting changed attributes of a directory - Btrfs: incremental send, fix file corruption when no-holes feature is enabled - [s390x] crypto: fix gcm-aes-s390 selftest failures - [s390x] crypto: fix possible sleep during spinlock aquired - [ppc64el] KVM: Book3S HV: XIVE: Do not clear IRQ data of passthrough interrupts - [ppc64el] perf: Fix MMCRA corruption by bhrb_filter - ALSA: line6: Assure canceling delayed work at disconnection - ALSA: hda/realtek - Set default power save node to 0 - [s390x] KVM: Do not report unusabled IDs via KVM_CAP_MAX_VCPU_ID - drm/nouveau/i2c: Disable i2c bus access after ->fini() - [arm64] tty: serial: msm_serial: Fix XON/XOFF - memcg: make it work on sparse non-0-node systems - kernel/signal.c: trace_signal_deliver when signal_group_exit - [arm64] Fix the arm64_personality() syscall wrapper redirection - vt/fbcon: deinitialize resources in visual_init() after failed memory allocation - [arm*] staging: vc04_services: prevent integer overflow in create_pagelist() - [x86] staging: wlan-ng: fix adapter initialization failure - cifs: fix memory leak of pneg_inbuf on -EOPNOTSUPP ioctl case - CIFS: cifs_read_allocate_pages: don't iterate through whole page array on ENOMEM - Revert "lockd: Show pid of lockd for remote locks" - [armhf,arm64] drm/tegra: gem: Fix CPU-cache maintenance for BO's allocated using get_pages() - [x86] drm/vmwgfx: Don't send drm sysfs hotplug events on initial master set - [armhf,arm64] drm/sun4i: Fix sun8i HDMI PHY clock initialization - [armhf,arm64] drm/sun4i: Fix sun8i HDMI PHY configuration for > 148.5 MHz - [armhf,arm64] drm/rockchip: shutdown drm subsystem on shutdown - drm/lease: Make sure implicit planes are leased - [x86] ftrace: Do not call function graph from dynamic trampolines - [x86] ftrace: Set trampoline pages as executable - [x86] kprobes: Set instruction page as executable - scsi: lpfc: Fix backport of faf5a744f4f8 ("scsi: lpfc: avoid uninitialized variable warning") - media: uvcvideo: Fix uvc_alloc_entity() allocation alignment https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.50 - ethtool: fix potential userspace buffer overflow - Fix memory leak in sctp_process_init - ipv4: not do cache for local delivery if bc_forwarding is enabled - ipv6: fix the check before getting the cookie in rt6_get_cookie - neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit - [armhf] net: ethernet: ti: cpsw_ethtool: fix ethtool ring param set - net/mlx4_en: ethtool, Remove unsupported SFP EEPROM high pages query - [armhf,arm64] net: mvpp2: Use strscpy to handle stat strings - net: rds: fix memory leak in rds_ib_flush_mr_pool - net: sfp: read eeprom in maximum 16 byte increments - packet: unconditionally free po->rollover - pktgen: do not sleep with the thread lock held. - ipv6: use READ_ONCE() for inet->hdrincl as in ipv4 - ipv6: fix EFAULT on sendto with icmpv6 and hdrincl - rcu: locking and unlocking need to always be at least barriers - NFSv4.1: Again fix a race where CB_NOTIFY_LOCK fails to wake a waiter - NFSv4.1: Fix bug only first CB_NOTIFY_LOCK is handled - fuse: fallocate: fix return with locked inode - pstore: Remove needless lock during console writes - pstore: Convert buf_lock to semaphore - pstore: Set tfm to NULL on free_buf_for_compression - pstore/ram: Run without kernel crash dump region - [x86] power: Fix 'nosmt' vs hibernation triple fault during resume - [s390x] mm: fix address space detection in exception handling - xen-blkfront: switch kcalloc to kvcalloc for large array allocation - [ppc64el] genwqe: Prevent an integer overflow in the ioctl - test_firmware: Use correct snprintf() limit - [x86] drm/gma500/cdv: Check vbt config bits when detecting lvds panels - [arm64] drm/msm: fix fb references in async update - drm: add non-desktop quirk for Valve HMDs - drm: add non-desktop quirks to Sensics and OSVR headsets. - drm/amdgpu/psp: move psp version specific function pointers to early_init - drm/radeon: prefer lower reference dividers - drm/amdgpu: remove ATPX_DGPU_REQ_POWER_FOR_DISPLAYS check when hotplug-in - [x86] drm/i915: Fix I915_EXEC_RING_MASK - [x86] drm/i915/fbc: disable framebuffer compression on GeminiLake - [x86] drm/i915: Maintain consistent documentation subsection ordering - drm: don't block fb changes for async plane updates - [x86] drm/i915/gvt: Initialize intel_gvt_gtt_entry in stack - TTY: serial_core, add ->install - ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled - ethtool: check the return value of get_regs_len https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.51 - fs/fat/file.c: issue flush after the writeback of FAT - sysctl: return -EINVAL if val violates minmax - ipc: prevent lockup on alloc_msg and free_msg - [armhf] prevent tracing IPI_CPU_BACKTRACE - hugetlbfs: on restore reserve error path retain subpool reservation - mem-hotplug: fix node spanned pages when we have a node with only ZONE_MOVABLE - mm/cma.c: fix crash on CMA allocation if bitmap allocation fails - initramfs: free initrd memory if opening /initrd.image fails - mm/cma.c: fix the bitmap status to show failed allocation reason - mm: page_mkclean vs MADV_DONTNEED race - mm/cma_debug.c: fix the break condition in cma_maxchunk_get() - mm/slab.c: fix an infinite loop in leaks_show() - kernel/sys.c: prctl: fix false positive in validate_prctl_map() - drivers: thermal: tsens: Don't print error message on -EPROBE_DEFER - [x86] mfd: intel-lpss: Set the device in reset state when init - drm/nouveau/disp/dp: respect sink limits when selecting failsafe link configuration - [armhf] mfd: twl6040: Fix device init errors for ACCCTL register - [x86] perf/intel: Allow PEBS multi-entry in watermark mode - drm/nouveau/kms/gf119-gp10x: push HeadSetControlOutputResource() mthd when encoders change - [arm64] drm/bridge: adv7511: Fix low refresh rate selection - objtool: Don't use ignore flag for fake jumps - drm/nouveau/kms/gv100-: fix spurious window immediate interlocks - bpf: fix undefined behavior in narrow load handling - [arm64] pwm: meson: Use the spin-lock only to protect register modifications - ntp: Allow TAI-UTC offset to be set to zero - f2fs: fix to avoid panic in do_recover_data() - f2fs: fix to avoid panic in f2fs_inplace_write_data() - f2fs: fix to avoid panic in f2fs_remove_inode_page() - f2fs: fix to do sanity check on free nid - f2fs: fix to clear dirty inode in error path of f2fs_iget() - f2fs: fix to avoid panic in dec_valid_block_count() - f2fs: fix to use inline space only if inline_xattr is enable - f2fs: fix to do sanity check on valid block count of segment - f2fs: fix to do checksum even if inode page is uptodate - percpu: remove spurious lock dependency between percpu and sched - configfs: fix possible use-after-free in configfs_register_group - [armhf,arm64] PCI: dwc: Free MSI in dw_pcie_host_init() error path - [armhf,arm64] PCI: dwc: Free MSI IRQ page in dw_pcie_free_msi() - ovl: do not generate duplicate fsnotify events for "fake" path - mmc: mmci: Prevent polling for busy detection in IRQ context - netfilter: nf_flow_table: fix missing error check for rhashtable_insert_fast - netfilter: nf_conntrack_h323: restore boundary check correctness - [mips*] Make sure dt memory regions are valid - netfilter: nf_tables: fix base chain stat rcu_dereference usage - [armhf] watchdog: imx2_wdt: Fix set_timeout for big timeout values - watchdog: fix compile time error of pretimeout governors - blk-mq: move cancel of requeue_work into blk_mq_release - [x86] iommu/vt-d: Set intel_iommu_gfx_mapped correctly - nvme-pci: unquiesce admin queue on shutdown - nvme-pci: shutdown on timeout during deletion - netfilter: nf_flow_table: check ttl value in flow offload data path - netfilter: nf_flow_table: fix netdev refcnt leak - ALSA: hda - Register irq handler after the chip initialization - nvmem: core: fix read buffer in place - [armhf,arm64] nvmem: sunxi_sid: Support SID on A83T and H5 - fuse: retrieve: cap requested size to negotiated max_write - nfsd: allow fh_want_write to be called twice - nfsd: avoid uninitialized variable warning - vfio: Fix WARNING "do not call blocking ops when !TASK_RUNNING" - [armhf,arm64] iommu/arm-smmu-v3: Don't disable SMMU in kdump kernel - [x86] net: thunderbolt: Unregister ThunderboltIP protocol handler when suspending - [x86] PCI: Fix PCI IRQ routing table memory leak - i40e: Queues are reserved despite "Invalid argument" error - platform/chrome: cros_ec_proto: check for NULL transfer function - [armhf] clk: rockchip: Turn on "aclk_dmac1" for suspend on rk3288 - [armhf] soc: rockchip: Set the proper PWM for rk3288 - [armhf] dts: imx51: Specify IMX5_CLK_IPG as "ahb" clock to SDMA - [armhf] dts: imx50: Specify IMX5_CLK_IPG as "ahb" clock to SDMA - [armhf] dts: imx53: Specify IMX5_CLK_IPG as "ahb" clock to SDMA - [armhf] dts: imx6sx: Specify IMX6SX_CLK_IPG as "ahb" clock to SDMA - [armhf] dts: imx6sll: Specify IMX6SLL_CLK_IPG as "ipg" clock to SDMA - [armhf] dts: imx6ul: Specify IMX6UL_CLK_IPG as "ipg" clock to SDMA - [armhf] dts: imx6sx: Specify IMX6SX_CLK_IPG as "ipg" clock to SDMA - [armhf] dts: imx6qdl: Specify IMX6QDL_CLK_IPG as "ipg" clock to SDMA - [ppc64el] PCI: rpadlpar: Fix leaked device_node references in add/remove paths - drm/amd/display: Use plane->color_space for dpp if specified - [armhf] OMAP2+: pm33xx-core: Do not Turn OFF CEFUSE as PPA may be using it - [x86] platform: intel_pmc_ipc: adding error handling - [arm64] net: hns3: return 0 and print warning when hit duplicate MAC - scsi: qla2xxx: Reset the FCF_ASYNC_{SENT|ACTIVE} flags - [x86] video: hgafb: fix potential NULL pointer dereference - block, bfq: increase idling for weight-raised queues - [arm64] PCI: xilinx: Check for __get_free_pages() failure - ice: Add missing case in print_link_msg for printing flow control - [x86] dmaengine: idma64: Use actual device for DMA transfers - [armhf] pwm: tiehrpwm: Update shadow register for disabling PWMs - [armhf] dts: exynos: Always enable necessary APIO_1V8 and ABB_1V8 regulators on Arndale Octa - pwm: Fix deadlock warning when removing PWM device - [armhf] exynos: Fix undefined instruction during Exynos5422 resume - [x86] usb: typec: fusb302: Check vconn is off when we start toggling - soc: renesas: Identify R-Car M3-W ES1.3 - percpu: do not search past bitmap when allocating an area - ovl: check the capability before cred overridden - ovl: support stacked SEEK_HOLE/SEEK_DATA - [arm*] drm/vc4: fix fb references in async update - ALSA: seq: Cover unsubscribe_port() in list_mutex https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.52 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.53 - drm/nouveau: add kconfig option to turn off nouveau legacy contexts. (v3) - nouveau: Fix build with CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT disabled - HID: multitouch: handle faulty Elo touch device - HID: wacom: Don't set tool type until we're in range - HID: wacom: Don't report anything prior to the tool entering range - HID: wacom: Send BTN_TOUCH in response to INTUOSP2_BT eraser contact - HID: wacom: Correct button numbering 2nd-gen Intuos Pro over Bluetooth - HID: wacom: Sync INTUOSP2_BT touch state after each frame if necessary - ALSA: oxfw: allow PCM capture for Stanton SCS.1m - ALSA: hda/realtek - Update headset mode for ALC256 - ALSA: firewire-motu: fix destruction of data for isochronous resources - libata: Extend quirks for the ST1000LM024 drives with NOLPM quirk - mm/list_lru.c: fix memory leak in __memcg_init_list_lru_node - fs/ocfs2: fix race in ocfs2_dentry_attach_lock() - mm/vmscan.c: fix trying to reclaim unevictable LRU page - signal/ptrace: Don't leak unitialized kernel memory with PTRACE_PEEK_SIGINFO - ptrace: restore smp_rmb() in __ptrace_may_access() - [armhf,arm64] iommu/arm-smmu: Avoid constant zero in TLBI writes - bcache: fix stack corruption by PRECEDING_KEY() - bcache: only set BCACHE_DEV_WB_RUNNING when cached device attached - cgroup: Use css_tryget() instead of css_tryget_online() in task_get_css() - [x86] drm/i915/sdvo: Implement proper HDMI audio support for SDVO - ALSA: seq: Fix race of get-subscription call vs port-delete ioctls - Drivers: misc: fix out-of-bounds access in function param_set_kgdbts_var - f2fs: fix to avoid accessing xattr across the boundary - scsi: qedi: remove memset/memcpy to nfunc and use func instead (CVE-2019-15090) - scsi: qedi: remove set but not used variables 'cdev' and 'udev' - scsi: lpfc: correct rcu unlock issue in lpfc_nvme_info_show - scsi: lpfc: add check for loss of ndlp when sending RRQ - [arm64] mm: Inhibit huge-vmap with ptdump - nvme: fix srcu locking on error return in nvme_get_ns_from_disk - nvme: remove the ifdef around nvme_nvm_ioctl - nvme: merge nvme_ns_ioctl into nvme_ioctl - nvme: release namespace SRCU protection before performing controller ioctls - nvme: fix memory leak for power latency tolerance - [x86] platform: pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI table - [x86] platform: pmc_atom: Add several Beckhoff Automation boards to critclk_systems DMI table - scsi: bnx2fc: fix incorrect cast to u64 on shift operation - libnvdimm: Fix compilation warnings with W=1 - tracing: Prevent hist_field_var_ref() from accessing NULL tracing_map_elts - usbnet: ipheth: fix racing condition - [armhf,arm64] KVM: Move cc/it checks under hyp's Makefile to avoid instrumentation - [x86] KVM: pmu: mask the result of rdpmc according to the width of the counters - [x86] KVM: pmu: do not mask the value that is written to fixed PMUs - [s390x] KVM: fix memory slot handling for KVM_SET_USER_MEMORY_REGION - [x86] drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an invalid read - [x86] drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() - [armhf,arm64] usb: dwc2: Fix DMA cache alignment issues - [armhf,arm64] usb: dwc2: host: Fix wMaxPacketSize handling (fix webcam regression) - USB: Fix chipmunk-like voice when using Logitech C270 for recording audio. - USB: usb-storage: Add new ID to ums-realtek - USB: serial: pl2303: add Allied Telesis VT-Kit3 - USB: serial: option: add support for Simcom SIM7500/SIM7600 RNDIS mode - USB: serial: option: add Telit 0x1260 and 0x1261 compositions - timekeeping: Repair ktime_get_coarse*() granularity - [x86] microcode, cpuhotplug: Add a microcode loader CPU hotplug callback - [x86] mm/KASLR: Compute the size of the vmemmap section properly - [x86] resctrl: Prevent NULL pointer dereference when local MBM is disabled - drm/edid: abstract override/firmware EDID retrieval - drm: add fallback override/firmware EDID modes workaround - [armhf] rtc: pcf8523: don't return invalid date when battery is low https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.54 - ax25: fix inconsistent lock state in ax25_destroy_timer - be2net: Fix number of Rx queues used for flow hashing - [x86] hv_netvsc: Set probe mode to sync - ipv6: flowlabel: fl6_sock_lookup() must use atomic_inc_not_zero - lapb: fixed leak of control-blocks. - neigh: fix use-after-free read in pneigh_get_next - net: openvswitch: do not free vport if register_netdevice() is failed. - sctp: Free cookie before we memdup a new one - tipc: purge deferredq list for each grp member in tipc_group_delete - vsock/virtio: set SOCK_DONE on peer shutdown - net/mlx5: Avoid reloading already removed devices - [armhf,arm64] net: mvpp2: prs: Fix parser range for VID filtering - [armhf,arm64] net: mvpp2: prs: Use the correct helpers when removing all VID filters - [arm*] Staging: vc04_services: Fix a couple error codes - [x86] perf/intel/ds: Fix EVENT vs. UEVENT PEBS constraints - netfilter: nf_queue: fix reinject verdict handling - ipvs: Fix use-after-free in ip_vs_in - [armhf] clk: ti: clkctrl: Fix clkdm_clk handling - [ppc64el] powernv: Return for invalid IMC domain - usb: xhci: Fix a potential null pointer dereference in xhci_debugfs_create_endpoint() - mISDN: make sure device name is NUL terminated - [x86] CPU/AMD: Don't force the CPB cap when running under a hypervisor - perf/ring_buffer: Fix exposing a temporarily decreased data_head - perf/ring_buffer: Add ordering to rb->nest increment - perf/ring-buffer: Always use {READ,WRITE}_ONCE() for rb->user_page data - [armhf,arm64] net: stmmac: update rx tail pointer register to fix rx dma hang issue. - ACPI/PCI: PM: Add missing wakeup.flags.valid checks - [armhf] drm/etnaviv: lock MMU while dumping core - net: aquantia: tx clean budget logic error - net: aquantia: fix LRO with FCS error - i2c: dev: fix potential memory leak in i2cdev_ioctl_rdwr - ALSA: hda - Force polling mode on CNL for fixing codec communication - configfs: Fix use-after-free when accessing sd->s_dentry - perf data: Fix 'strncat may truncate' build failure with recent gcc - perf namespace: Protect reading thread's namespace - [s390x] perf record: Fix s390 missing module symbol and warning for non-root users - xenbus: Avoid deadlock during suspend due to open transactions - [ppc64el] KVM: Book3S: Use new mutex to synchronize access to rtas token list - [ppc64el] KVM: Book3S HV: Don't take kvm->lock around kvm_for_each_vcpu - [arm64] fix syscall_fn_t type - [arm64] use the correct function type in SYSCALL_DEFINE0 - [arm64] use the correct function type for __arm64_sys_ni_syscall - net: phylink: ensure consistent phy interface mode - net: phy: dp83867: Set up RGMII TX delay - scsi: libcxgbi: add a check for NULL pointer in cxgbi_check_route() - scsi: smartpqi: properly set both the DMA mask and the coherent DMA mask - scsi: scsi_dh_alua: Fix possible null-ptr-deref - scsi: libsas: delete sas port if expander discover failed - ocfs2: fix error path kobject memory leak - coredump: fix race condition between collapse_huge_page() and core dumping - Abort file_remove_privs() for non-reg. files https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.55 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.56 - tracing: Silence GCC 9 array bounds warning - objtool: Support per-function rodata sections - ovl: support the FS_IOC_FS[SG]ETXATTR ioctls - ovl: fix wrong flags check in FS_IOC_FS[SG]ETXATTR ioctls - ovl: make i_ino consistent with st_ino in more cases - ovl: detect overlapping layers - ovl: don't fail with disconnected lower NFS - ovl: fix bogus -Wmaybe-unitialized warning - [s390x] jump_label: Use "jdd" constraint on gcc9 - [s390x] ap: rework assembler functions to use unions for in/out register variables - mmc: sdhci: sdhci-pci-o2micro: Correctly set bus width when tuning - mmc: core: API to temporarily disable retuning for SDIO CRC errors - mmc: core: Add sdio_retune_hold_now() and sdio_retune_release() - mmc: core: Prevent processing SDIO IRQs when the card is suspended - scsi: ufs: Avoid runtime suspend possibly being blocked forever - [armhf,arm64] usb: chipidea: udc: workaround for endpoint conflict issue - xhci: detect USB 3.2 capable host controllers correctly - usb: xhci: Don't try to recover an endpoint if port is in error state. - IB/hfi1: Validate fault injection opcode user input - IB/hfi1: Silence txreq allocation warnings - [x86] Input: synaptics - enable SMBus on ThinkPad E480 and E580 - Input: uinput - add compat ioctl number translation for UI_*_FF_UPLOAD - [x86] Input: silead - add MSSL0017 to acpi_device_id - apparmor: fix PROFILE_MEDIATES for untrusted input - apparmor: enforce nullbyte at end of tag string - brcmfmac: sdio: Disable auto-tuning around commands expected to fail - brcmfmac: sdio: Don't tune while the card is off - parport: Fix mem leak in parport_register_dev_model - IB/rdmavt: Fix alloc_qpn() WARN_ON() - IB/hfi1: Insure freeze_work work_struct is canceled on shutdown - IB/{qib, hfi1, rdmavt}: Correct ibv_devinfo max_mr value - IB/hfi1: Validate page aligned for a given virtual address - [mips*] uprobes: remove set but not used variable 'epc' - [armhf,arm64] net: dsa: mv88e6xxx: avoid error message on remove from VLAN 0 - [arm64] net: hns: Fix loopback test failed at copper ports - mdesc: fix a missing-check bug in get_vdev_port_node_info() - [arm64] drm/arm/mali-dp: Add a loop around the second set CVAL and try 5 times - [arm64] drm/arm/hdlcd: Actually validate CRTC modes - [arm64] drm/arm/hdlcd: Allow a bit of clock tolerance - nvmet: fix data_len to 0 for bdev-backed write_zeroes - scsi: ufs: Check that space was properly alloced in copy_query_response - scsi: smartpqi: unlock on error in pqi_submit_raid_request_synchronous() - net: ipvlan: Fix ipvlan device tso disabled while NETIF_F_IP_CSUM is set - [s390x] qeth: fix VLAN attribute in bridge_hostnotify udev event - hwmon: (core) add thermal sensors only if dev->of_node is present - hwmon: (pmbus/core) Treat parameters as paged if on multiple pages - nvme: Fix u32 overflow in the number of namespace list calculation - btrfs: start readahead also in seed devices - [armhf] can: flexcan: fix timeout when set small bitrate - can: purge socket error queue on sock destruct - [ppc64el] bpf: use unsigned division instruction for 64-bit operations - [armhf] imx: cpuidle-imx6sx: Restrict the SW2ISO increase to i.MX6SX - [armhf] dts: dra76x: Update MMC2_HS200_MANUAL1 iodelay values - [armhf] dts: am57xx-idk: Remove support for voltage switching for SD card - [arm64] sve: <uapi/asm/ptrace.h> should not depend on <uapi/linux/prctl.h> - [arm64] ssbd: explicitly depend on <linux/prctl.h> - [x86] drm/vmwgfx: Use the backdoor port if the HB port is not available - Bluetooth: Align minimum encryption key size for LE and BR/EDR connections (CVE-2019-9506) - Bluetooth: Fix regression with minimum encryption key size alignment - SMB3: retry on STATUS_INSUFFICIENT_RESOURCES instead of failing write - cfg80211: fix memory leak of wiphy device name - mac80211: drop robust management frames from unknown TA - {nl,mac}80211: allow 4addr AP operation on crypto controlled devices - mac80211: handle deauthentication/disassociation from TDLS peer - nl80211: fix station_info pertid memory leak - mac80211: Do not use stack memory with scatterlist for GMAC - [x86] resctrl: Don't stop walking closids when a locksetup group is found https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.57 - perf ui helpline: Use strlcpy() as a shorter form of strncpy() + explicit set nul - perf help: Remove needless use of strncpy() - perf header: Fix unchecked usage of strncpy() - [arm64] Don't unconditionally add -Wno-psabi to KBUILD_CFLAGS - IB/hfi1: Close PSM sdma_progress sleep window - 9p/xen: fix check for xenbus_read error in front_probe - 9p: Use a slab for allocating requests - 9p: embed fcall in req to round down buffer allocs - 9p: add a per-client fcall kmem_cache - 9p: rename p9_free_req() function - 9p: Add refcount to p9_req_t - 9p/rdma: do not disconnect on down_interruptible EAGAIN - 9p: Rename req to rreq in trans_fd - 9p: acl: fix uninitialized iattr access - 9p/rdma: remove useless check in cm_event_handler - 9p: p9dirent_read: check network-provided name length - 9p: potential NULL dereference - 9p/trans_fd: abort p9_read_work if req status changed - 9p/trans_fd: put worker reqs on destroy - net/9p: include trans_common.h to fix missing prototype warning. - qmi_wwan: Fix out-of-bounds read - [armhf,arm64] Revert "usb: dwc3: gadget: Clear req->needs_extra_trb flag on cleanup" - [armhf,arm64] usb: dwc3: gadget: combine unaligned and zero flags - [armhf,arm64] usb: dwc3: gadget: track number of TRBs per request - [armhf,arm64] usb: dwc3: gadget: use num_trbs when skipping TRBs on ->dequeue() - [armhf,arm64] usb: dwc3: gadget: extract dwc3_gadget_ep_skip_trbs() - [armhf,arm64] usb: dwc3: gadget: introduce cancelled_list - [armhf,arm64] usb: dwc3: gadget: move requests to cancelled_list - [armhf,arm64] usb: dwc3: gadget: remove wait_end_transfer - [armhf,arm64] usb: dwc3: gadget: Clear req->needs_extra_trb flag on cleanup - fs/proc/array.c: allow reporting eip/esp for all coredumping threads - mm/mempolicy.c: fix an incorrect rebind node in mpol_rebind_nodemask - fs/binfmt_flat.c: make load_flat_shared_library() work - [armhf] clk: socfpga: stratix10: fix divider entry for the emac clocks - mm: soft-offline: return -EBUSY if set_hwpoison_free_buddy_page() fails - mm: hugetlb: soft-offline: dissolve_free_huge_page() return zero on !PageHuge - mm/page_idle.c: fix oops because end_pfn is larger than max_pfn - dm log writes: make sure super sector log updates are written in order - [x86] scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck() - [x86] speculation: Allow guests to use SSBD even if host does not - [x86] microcode: Fix the microcode load on CPU hotplug for real - [x86] resctrl: Prevent possible overrun during bitmap operations - [x86] KVM: mmu: Allocate PAE root array when using SVM's 32-bit NPT - NFS/flexfiles: Use the correct TCP timeout for flexfiles I/O - cpu/speculation: Warn on unsupported mitigations= parameter - SUNRPC: Clean up initialisation of the struct rpc_rqst - [mips*] irqchip/mips-gic: Use the correct local interrupt map registers - eeprom: at24: fix unexpected timeout under high load - af_packet: Block execution of tasks waiting for transmit to complete in AF_PACKET - bonding: Always enable vlan tx offload - ipv4: Use return value of inet_iif() for __raw_v4_lookup in the while loop - net/packet: fix memory leak in packet_set_ring() - net: remove duplicate fetch in sock_getsockopt - [armhf,arm64] net: stmmac: fixed new system time seconds value calculation - [armhf,arm64] net: stmmac: set IC bit when transmitting frames with HW timestamp - sctp: change to hold sk after auth shkey is created successfully - team: Always enable vlan tx offload - tipc: change to use register_pernet_device - tipc: check msg->req data len in tipc_nl_compat_bearer_disable - tun: wake up waitqueues after IFF_UP is set - bpf: simplify definition of BPF_FIB_LOOKUP related flags - bpf: lpm_trie: check left child of last leftmost node for NULL - bpf: fix nested bpf tracepoints with per-cpu data - bpf: fix unconnected udp hooks - bpf: udp: Avoid calling reuseport's bpf_prog from udp_gro - bpf: udp: ipv6: Avoid running reuseport's bpf_prog from __udp6_lib_err - [arm64] futex: Avoid copying out uninitialised stack in failed cmpxchg() - [arm64] bpf: use more scalable stadd over ldxr / stxr loop in xadd - futex: Update comments and docs about return values of arch futex code - RDMA: Directly cast the sockaddr union to sockaddr - tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb - [armhf,arm64] usb: dwc3: Reset num_trbs after skipping - [arm64] insn: Fix ldadd instruction encoding https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.58 - Bluetooth: Fix faulty expression for minimum encryption key size check - block: Fix a NULL pointer dereference in generic_make_request() - md/raid0: Do not bypass blocking queue entered for raid0 bios - netfilter: nf_flow_table: ignore DF bit setting - netfilter: nft_flow_offload: set liberal tracking mode for tcp - netfilter: nft_flow_offload: don't offload when sequence numbers need adjustment - netfilter: nft_flow_offload: IPCB is only valid for ipv4 family - ASoC: soc-pcm: BE dai needs prepare when pause release after resume - spi: bitbang: Fix NULL pointer dereference in spi_unregister_master - [armhf,arm64] ASoC: max98090: remove 24-bit format support if RJ is 0 - [x86] CPU: Add more Icelake model numbers - ALSA: hdac: fix memory release for SST and SOF drivers - scsi: hpsa: correct ioaccel2 chaining - [x86] drm: panel-orientation-quirks: Add quirk for GPD pocket2 - [x86] drm: panel-orientation-quirks: Add quirk for GPD MicroPC - [x86] platform: asus-wmi: Only Tell EC the OS will handle display hotkeys from asus_nb_wmi - [x86] platform: intel-vbtn: Report switch events when event wakes device - [x86] platform: mlx-platform: Fix parent device in i2c-mux-reg device registration - i2c: pca-platform: Fix GPIO lookup code - cpuset: restore sanity to cpuset_cpus_allowed_fallback() - mm/mlock.c: change count_mm_mlocked_page_nr return type - tracing: avoid build warning with HAVE_NOP_MCOUNT - module: Fix livepatch/ftrace module text permissions race - ftrace: Fix NULL pointer dereference in free_ftrace_func_mapper() - [x86] drm/i915/dmc: protect against reading random memory - crypto: user - prevent operating on larval algorithms - crypto: cryptd - Fix skcipher instance memory leak - ALSA: seq: fix incorrect order of dest_client/dest_ports arguments - ALSA: firewire-lib/fireworks: fix miss detection of received MIDI messages - ALSA: line6: Fix write on zero-sized buffer - ALSA: usb-audio: fix sign unintended sign extension on left shifts - [x86] ALSA: hda/realtek: Add quirks for several Clevo notebook barebones - [x86] ALSA: hda/realtek - Change front mic location for Lenovo M710q - lib/mpi: Fix karactx leak in mpi_powm - fs/userfaultfd.c: disable irqs for fault_pending and event locks - tracing/snapshot: Resize spare buffer if size changed - [armhf] dts: armada-xp-98dx3236: Switch to armada-38x-uart serial node - drm/amd/powerplay: use hardware fan control if no powerplay fan table - drm/amdgpu/gfx9: use reset default for PA_SC_FIFO_SIZE - [armhf] drm/etnaviv: add missing failure path to destroy suballoc - [armhf] drm/imx: notify drm core before sending event during crtc disable - drm/imx: only send event on crtc disable if kept disabled - [x86] ftrace: Remove possible deadlock between register_kprobe() and ftrace_run_update_code() - mm/vmscan.c: prevent useless kswapd loops - btrfs: Ensure replaced device doesn't have pending chunk allocation - tty: rocket: fix incorrect forward declaration of 'rp_init()' - net/smc: move unhash before release of clcsock - drm/fb-helper: generic: Don't take module ref for fbcon - f2fs: don't access node/meta inode mapping after iput - mac80211: mesh: fix missing unlock on error in table_path_del() - scsi: tcmu: fix use after free - [amd64] boot/compressed: Do not corrupt EDX on EFER.LME=1 setting - [arm64] net: hns: Fixes the missing put_device in positive leg for roce reset - ALSA: hda: Initialize power_state field properly - rds: Fix warning. - ip6: fix skb leak in ip6frag_expire_frag_queue() - netfilter: ipv6: nf_defrag: fix leakage of unqueued fragments - [arm64] net: hns: fix unsigned comparison to less than zero - bpf: fix bpf_jit_limit knob for PAGE_SIZE >= 64K - netfilter: ipv6: nf_defrag: accept duplicate fragments again - [x86] KVM: degrade WARN to pr_warn_ratelimited - [x86] KVM: LAPIC: Fix pending interrupt in IRR blocked by software disable LAPIC - nfsd: Fix overflow causing non-working mounts on 1 TB machines - svcrdma: Ignore source port when computing DRC hash - [mips*] Fix bounds check virt_addr_valid - [mips*] Add missing EHB in mtc0 -> mfc0 sequence. - [arm64] dmaengine: qcom: bam_dma: Fix completed descriptors count - [armhf] dmaengine: imx-sdma: remove BD_INTR for channel0 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.59 - [x86] Input: elantech - enable middle button support on 2 ThinkPads - mac80211: fix rate reporting inside cfg80211_calculate_bitrate_he() - bpf: sockmap, fix use after free from sleep in psock backlog workqueue - mac80211: mesh: fix RCU warning - mac80211: free peer keys before vif down in mesh - iwlwifi: Fix double-free problems in iwl_req_fw_callback() - can: af_can: Fix error path of can_init() - net: phy: rename Asix Electronics PHY driver - [armhf] dts: am335x phytec boards: Fix cd-gpios active level - [s390x] boot: disable address-of-packed-member warning - [x86] drm/vmwgfx: Honor the sg list segment size limitation - [x86] drm/vmwgfx: fix a warning due to missing dma_parms - [armhf] Input: imx_keypad - make sure keyboard can always wake up system - [armhf,arm64] KVM: vgic: Fix kvm_device leak in vgic_its_destroy - mac80211: only warn once on chanctx_conf being NULL - mac80211: do not start any work during reconfigure flow - bpf, devmap: Fix premature entry free on destroying map - bpf, devmap: Add missing bulk queue free - bpf, devmap: Add missing RCU read lock on flush - [amd64] bpf: fix stack layout of JITed bpf code - qmi_wwan: add support for QMAP padding in the RX path - qmi_wwan: avoid RCU stalls on device disconnect when in QMAP mode - qmi_wwan: extend permitted QMAP mux_id value range - mmc: core: complete HS400 before checking status - md: fix for divide error in status_resync - bnx2x: Check if transceiver implements DDM before access - drm: return -EFAULT if copy_to_user() fails - ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL - net: lio_core: fix potential sign-extension overflow on large shift - scsi: qedi: Check targetname while finding boot target information - quota: fix a problem about transfer quota - [armhf,arm64] net: dsa: mv88e6xxx: fix shift of FID bits in mv88e6185_g1_vtu_loadpurge() - NFS4: Only set creation opendata if O_CREAT - net :sunrpc :clnt :Fix xps refcount imbalance on the error path - fscrypt: don't set policy for a dead directory - udf: Fix incorrect final NOT_ALLOCATED (hole) extent length - media: stv0297: fix frequency range limit - ALSA: usb-audio: Fix parse of UAC2 Extension Units - ALSA: hda/realtek - Headphone Mic can't record after S3 - block, bfq: NULL out the bic when it's no longer valid - [arm64] perf pmu: Fix uncore PMU alias list for ARM64 - [x86] ptrace: Fix possible spectre-v1 in ptrace_get_debugreg() - [x86] tls: Fix possible spectre-v1 in do_get_thread_area() - USB: serial: ftdi_sio: add ID for isodebug v1 - USB: serial: option: add support for GosunCn ME3630 RNDIS mode - Revert "serial: 8250: Don't service RX FIFO if interrupts are disabled" - p54usb: Fix race between disconnect and firmware loading - usb: gadget: ether: Fix race between gether_disconnect and rx_submit - [armhf,arm64] usb: dwc2: use a longer AHB idle timeout in dwc2_core_reset() - [x86] drivers/usb/typec/tps6598x.c: fix portinfo width - [x86] drivers/usb/typec/tps6598x.c: fix 4CC cmd write - [i386] staging: comedi: dt282x: fix a null pointer deref on interrupt - [x86] staging: comedi: amplc_pci230: fix null pointer deref on interrupt - HID: Add another Primax PIXART OEM mouse quirk - binder: fix memory leak in error path - carl9170: fix misuse of device driver API - [x86] VMCI: Fix integer overflow in VMCI handle arrays - staging: rtl8712: reduce stack usage, again https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.60 - Revert "e1000e: fix cyclic resets at link up with active tx" - e1000e: start network tx queue only when link is up - [x86] Input: synaptics - enable SMBUS on T480 thinkpad trackpad - nilfs2: do not use unexported cpu_to_le32()/le32_to_cpu() in uapi header - drivers: base: cacheinfo: Ensure cpu hotplug work is done before Intel RDT - firmware: improve LSM/IMA security behaviour - [armhf,arm64] irqchip/gic-v3-its: Fix command queue pointer comparison bug - [armhf] clk: ti: clkctrl: Fix returning uninitialized data - [amd64,arm64] efi/bgrt: Drop BGRT status field reserved bits check - perf/core: Fix perf_sample_regs_user() mm check - [armhf] omap2: remove incorrect __init annotation - afs: Fix uninitialised spinlock afs_volume::cb_break_lock - [x86] apic: Fix integer overflow on 10 bit left shift of cpu_khz - be2net: fix link failure after ethtool offline test - ppp: mppe: Add softdep to arc4 - sis900: fix TX completion - [armhf] dts: imx6ul: fix PWM[1-4] interrupts - [armhf] pinctrl: mcp23s08: Fix add_data and irqchip_add_nested call order - dm table: don't copy from a NULL pointer in realloc_argv() - dm verity: use message limit for data block corruption message - [amd64] boot: Fix crash if kernel image crosses page table boundary - [amd64] boot: Add missing fixup_pointer() for next_early_pgt access - HID: chicony: add another quirk for PixArt mouse - HID: multitouch: Add pointstick support for ALPS Touchpad - cpu/hotplug: Fix out-of-bounds read when setting fail state - linux/kernel.h: fix overflow for DIV_ROUND_UP_ULL - genirq: Delay deactivation in free_irq() - genirq: Fix misleading synchronize_irq() documentation - genirq: Add optional hardware synchronization for shutdown - [x86] ioapic: Implement irq_get_irqchip_state() callback - [x86] irq: Handle spurious interrupt after shutdown gracefully - [x86] irq: Seperate unused system vectors from spurious entry again - [s390x] fix stfle zero padding - [s390x] qdio: (re-)initialize tiqdio list entries - [s390x] qdio: don't touch the dsci in tiqdio_add_input_queues() - regmap-irq: do not write mask register if mask_base is zero - drm/udl: introduce a macro to convert dev to udl. - drm/udl: Replace drm_dev_unref with drm_dev_put - drm/udl: move to embedding drm device inside udl device. - [i386] entry: Fix ENDPROC of common_spurious https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.61 - [arm64] efi: Mark __efistub_stext_offset as an absolute symbol explicitly - scsi: iscsi: set auth_protocol back to NULL if CHAP_A value is not supported - [armhf] dmaengine: imx-sdma: fix use-after-free on probe error path - wil6210: fix potential out-of-bounds read - ath10k: Do not send probe response template for mesh - ath9k: Check for errors when reading SREV register - ath6kl: add some bounds checking - ath10k: add peer id check in ath10k_peer_find_by_id - wil6210: fix spurious interrupts in 3-msi - ath: DFS JP domain W56 fixed pulse type 3 RADAR detection - regmap: debugfs: Fix memory leak in regmap_debugfs_init - batman-adv: fix for leaked TVLV handler. - media: dvb: usb: fix use after free in dvb_usb_device_exit - media: marvell-ccic: fix DMA s/g desc number calculation - media: media_device_enum_links32: clean a reserved field - [armhf,arm64] net: stmmac: dwmac1000: Clear unused address entries - [armhf,arm64] net: stmmac: dwmac4/5: Clear unused address entries - qed: Set the doorbell address correctly - signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig - af_key: fix leaks in key_pol_get_resp and dump_sp. - xfrm: Fix xfrm sel prefix length validation - fscrypt: clean up some BUG_ON()s in block encryption/decryption - perf annotate TUI browser: Do not use member from variable within its own initialization - media: mc-device.c: don't memset __user pointer contents - media: saa7164: fix remove_proc_entry warning - net: phy: Check against net_device being NULL - tua6100: Avoid build warnings. - batman-adv: Fix duplicated OGMs on NETDEV_UP - [armhf] media: wl128x: Fix some error handling in fm_v4l2_init_video_device() - [arm64] net: hns3: set ops to null when unregister ad_dev - cpupower : frequency-set -r option misses the last cpu in related cpu list - [armhf,arm64] net: stmmac: dwmac4: fix flow control issue - [armhf,arm64] net: stmmac: modify default value of tx-frames - [arm64] crypto: inside-secure - do not rely on the hardware last bit for result descriptors - [s390x] qdio: handle PENDING state for QEBSM devices - net: sfp: add mutex to prevent concurrent state checks - ipset: Fix memory accounting for hash types on resize - perf cs-etm: Properly set the value of 'old' and 'head' in snapshot mode - [s390x] perf report: Fix OOM error in TUI mode on s390 - [arm64] irqchip/meson-gpio: Add support for Meson-G12A SoC - media: uvcvideo: Fix access to uninitialized fields on probe error - iommu: Fix a leak in iommu_insert_resv_region - [armhf] gpio: omap: fix lack of irqstatus_raw0 for OMAP4 - [armhf] gpio: omap: ensure irq is enabled before wakeup - regmap: fix bulk writes on paged registers - bpf: silence warning messages in core - selinux: fix empty write to keycreate file - [x86] cpu: Add Ice Lake NNPI to Intel family - [arm64] ASoC: meson: axg-tdm: fix sample clock inversion - rcu: Force inlining of rcu_read_lock() - [x86] cpufeatures: Add FDP_EXCPTN_ONLY and ZERO_FCS_FDS - qed: iWARP - Fix tc for MPA ll2 connection - [arm64] net: hns3: fix for skb leak when doing selftest - block: null_blk: fix race condition for null_del_dev - blkcg, writeback: dead memcgs shouldn't contribute to writeback ownership arbitration - xfrm: fix sa selector validation - sched/core: Add __sched tag for io_schedule() - sched/fair: Fix "runnable_avg_yN_inv" not used warnings - [x86] perf/intel/uncore: Handle invalid event coding for free-running counter - [x86] atomic: Fix smp_mb__{before,after}_atomic() - perf evsel: Make perf_evsel__name() accept a NULL argument - vhost_net: disable zerocopy by default - ipoib: correcly show a VF hardware address - [x86] cacheinfo: Fix a -Wtype-limits warning - blk-iolatency: only account submitted bios - ACPICA: Clear status of GPEs on first direct enable - EDAC/sysfs: Fix memory leak when creating a csrow object - nvme: fix possible io failures when removing multipathed ns - nvme-pci: properly report state change failure in nvme_reset_work - nvme-pci: set the errno on ctrl state change error - lightnvm: pblk: fix freeing of merged pages - [arm64] Do not enable IRQs for ct_user_exit - ipsec: select crypto ciphers for xfrm_algo - ipvs: defer hook registration to avoid leaks - media: i2c: fix warning same module names - ntp: Limit TAI-UTC offset - timer_list: Guard procfs specific code - [arm64] acpi: ignore 5.1 FADTs that are reported as 5.0 - media: hdpvr: fix locking and a missing msleep - [armhf] net: stmmac: sun8i: force select external PHY when no internal one - rtlwifi: rtl8192cu: fix error handle when usb probe failed - mt7601u: do not schedule rx_tasklet when the device has been disconnected - mt7601u: fix possible memory leak when the device is disconnected - ipvs: fix tinfo memory leak in start_sync_thread - ath10k: add missing error handling - ath10k: fix PCIE device wake up failed - perf tools: Increase MAX_NR_CPUS and MAX_CACHES - [x86] ASoC: Intel: hdac_hdmi: Set ops to NULL on remove - libata: don't request sense data on !ZAC ATA devices - [armhf] clocksource/drivers/exynos_mct: Increase priority over ARM arch timer - xsk: Properly terminate assignment in xskq_produce_flush_desc - rslib: Fix decoding of shortened codes - rslib: Fix handling of of caller provided syndrome - ixgbe: Check DDM existence in transceiver before access - crypto: serpent - mark __serpent_setkey_sbox noinline - wil6210: drop old event after wmi_call timeout - EDAC: Fix global-out-of-bounds write when setting edac_mc_poll_msec - bcache: check CACHE_SET_IO_DISABLE in allocator code - bcache: check CACHE_SET_IO_DISABLE bit in bch_journal() - bcache: acquire bch_register_lock later in cached_dev_free() - bcache: check c->gc_thread by IS_ERR_OR_NULL in cache_set_flush() - bcache: fix potential deadlock in cached_def_free() - [arm64] net: hns3: fix a -Wformat-nonliteral compile warning - [arm64] net: hns3: add some error checking in hclge_tm module - ath10k: destroy sdio workqueue while remove sdio module - [armhf,arm64] net: mvpp2: prs: Don't override the sign bit in SRAM parser shift - igb: clear out skb->tstamp after reading the txtime - iwlwifi: mvm: Drop large non sta frames - perf stat: Make metric event lookup more robust - perf stat: Fix group lookup for metric group - bnx2x: Prevent ptp_task to be rescheduled indefinitely - net: usb: asix: init MAC address buffers - rxrpc: Fix oops in tracepoint - bpf, libbpf, smatch: Fix potential NULL pointer dereference - bonding: validate ip header before check IPPROTO_IGMP - gpiolib: Fix references to gpiod_[gs]et_*value_cansleep() variants - [ppc64el] tools: bpftool: Fix json dump crash on powerpc - Bluetooth: hci_bcsp: Fix memory leak in rx_skb - Bluetooth: Add new 13d3:3491 QCA_ROME device - Bluetooth: Add new 13d3:3501 QCA_ROME device - Bluetooth: 6lowpan: search for destination address in all peers - [ppc64el] perf tests: Fix record+probe_libc_inet_pton.sh for powerpc64 - Bluetooth: Check state in l2cap_disconnect_rsp - gtp: add missing gtp_encap_disable_sock() in gtp_encap_enable() - Bluetooth: validate BLE connection interval updates - gtp: fix suspicious RCU usage - gtp: fix Illegal context switch in RCU read-side critical section. - gtp: fix use-after-free in gtp_encap_destroy() - gtp: fix use-after-free in gtp_newlink() - [armel/marvell,armhf] net: mvmdio: defer probe of orion-mdio if a clock is not ready - iavf: fix dereference of null rx_buffer pointer - floppy: fix out-of-bounds read in next_valid_format - floppy: fix invalid pointer dereference in drive_name - xen: let alloc_xenballooned_pages() fail if not enough memory free - scsi: core: Fix race on creating sense cache - scsi: megaraid_sas: Fix calculation of target ID - crypto: ghash - fix unaligned memory access in ghash_setkey() - [x86] crypto: ccp - Validate the the error value used to index error messages - [arm64] crypto: sha1-ce - correct digest for empty data in finup - [arm64] crypto: sha2-ce - correct digest for empty data in finup - crypto: chacha20poly1305 - fix atomic sleep when using async algorithm - [x86] crypto: ccp - memset structure fields to zero before reuse - [x86] crypto: ccp/gcm - use const time tag comparison. - Revert "bcache: set CACHE_SET_IO_DISABLE in bch_cached_dev_error()" - bcache: Revert "bcache: fix high CPU occupancy during journal" - bcache: Revert "bcache: free heap cache_set->flush_btree in bch_journal_free" - bcache: ignore read-ahead request failure on backing device - bcache: fix mistaken sysfs entry for io_error counter - bcache: destroy dc->writeback_write_wq if failed to create dc->writeback_thread - Input: alps - don't handle ALPS cs19 trackpoint-only device - [x86] Input: synaptics - whitelist Lenovo T580 SMBus intertouch - Input: alps - fix a mismatch between a condition check and its comment - [armhf] regulator: s2mps11: Fix buck7 and buck8 wrong voltages - [arm64] tegra: Update Jetson TX1 GPU regulator timings - iwlwifi: pcie: don't service an interrupt that was masked - iwlwifi: pcie: fix ALIVE interrupt handling for gen2 devices w/o MSI-X - iwlwifi: don't WARN when calling iwl_get_shared_mem_conf with RF-Kill - iwlwifi: fix RF-Kill interrupt while FW load for gen2 devices - NFSv4: Handle the special Linux file open access mode - pnfs/flexfiles: Fix PTR_ERR() dereferences in ff_layout_track_ds_error - pNFS: Fix a typo in pnfs_update_layout - pnfs: Fix a problem where we gratuitously start doing I/O through the MDS - lib/scatterlist: Fix mapping iterator when sg->offset is greater than PAGE_SIZE - ASoC: dapm: Adapt for debugfs API change - raid5-cache: Need to do start() part job after adding journal device - ALSA: seq: Break too long mutex context in the write loop - [x86] ALSA: hda/realtek - Fixed Headphone Mic can't record on Dell platform - [x86] ALSA: hda/realtek: apply ALC891 headset fixup to one Dell machine - media: v4l2: Test type instead of cfg->type in v4l2_ctrl_new_custom() - media: videobuf2-core: Prevent size alignment wrapping buffer size to 0 - media: videobuf2-dma-sg: Prevent size from overflowing - [x86] KVM: vPMU: refine kvm_pmu err msg when event creation failed - [arm64] tegra: Fix AGIC register range - fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys inodes. - kconfig: fix missing choice values in auto.conf - drm/nouveau/i2c: Enable i2c pads & busses during preinit - padata: use smp_mb in padata_reorder to avoid orphaned padata jobs - dm zoned: fix zone state management race - xen/events: fix binding user event channels to cpus - 9p/xen: Add cleanup path in p9_trans_xen_init - 9p/virtio: Add cleanup path in p9_virtio_init - [x86] boot: Fix memory leak in default_get_smp_config() - [x86] perf/intel: Fix spurious NMI on fixed counter - [x86] perf/amd/uncore: Do not set 'ThreadMask' and 'SliceMask' for non-L3 PMCs - [x86] perf/amd/uncore: Set the thread mask for F17h L3 PMCs - drm/edid: parse CEA blocks embedded in DisplayID - [x86] intel_th: pci: Add Ice Lake NNPI support - [x86] PCI: hv: Fix a use-after-free bug in hv_eject_device_work() - PCI: Do not poll for PME if the device is in D3cold - [arm64] PCI: qcom: Ensure that PERST is asserted for at least 100 ms - Btrfs: fix data loss after inode eviction, renaming it, and fsync it - Btrfs: fix fsync not persisting dentry deletions due to inode evictions - Btrfs: add missing inode version, ctime and mtime updates when punching hole - IB/mlx5: Report correctly tag matching rendezvous capability - HID: wacom: generic: only switch the mode on devices with LEDs - HID: wacom: generic: Correct pad syncing - HID: wacom: correct touch resolution x/y typo - libnvdimm/pfn: fix fsdax-mode namespace info-block zero-fields - coda: pass the host file in vma->vm_file on mmap - include/asm-generic/bug.h: fix "cut here" for WARN_ON for __WARN_TAINT architectures - xfs: fix pagecache truncation prior to reflink - xfs: flush removing page cache in xfs_reflink_remap_prep - xfs: don't overflow xattr listent buffer - xfs: rename m_inotbt_nores to m_finobt_nores - xfs: don't ever put nlink > 0 inodes on the unlinked list - xfs: reserve blocks for ifree transaction during log recovery - xfs: fix reporting supported extra file attributes for statx() - xfs: serialize unaligned dio writes against all other dio writes - xfs: abort unaligned nowait directio early - [ppc64el] watchpoint: Restore NV GPRs while returning from exception - [ppc64el] powernv/npu: Fix reference leak - [ppc64el] pseries: Fix oops in hotplug memory notifier - [arm64] mmc: sdhci-msm: fix mutex while in spinlock - eCryptfs: fix a couple type promotion bugs - [x86] intel_th: msu: Fix single mode with disabled IOMMU - Bluetooth: Add SMP workaround Microsoft Surface Precision Mouse bug - usb: Handle USB3 remote wakeup for LPM enabled devices correctly - blk-throttle: fix zero wait time for iops throttled group - blk-iolatency: clear use_delay when io.latency is set to zero - blkcg: update blkcg_print_stat() to handle larger outputs - [armel/marvell,armhf] net: mvmdio: allow up to four clocks to be specified for orion-mdio - dm bufio: fix deadlock with loop device https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.62 - bnx2x: Prevent load reordering in tx completion processing - [x86] hv_netvsc: Fix extra rcu_read_unlock in netvsc_recv_callback() - igmp: fix memory leak in igmpv3_del_delrec() - ipv4: don't set IPv6 only flags to IPv4 addresses - ipv6: rt6_check should return NULL if 'from' is NULL - ipv6: Unlink sibling route in case of failure - [armhf,arm64] net: dsa: mv88e6xxx: wait after reset deactivation - net: make skb_dst_force return true when dst is refcounted - net: neigh: fix multiple neigh timer scheduling - net: openvswitch: fix csum updates for MPLS actions - net: phy: sfp: hwmon: Fix scaling of RX power - [armhf,arm64] net: stmmac: Re-work the queue selection for TSO packets - nfc: fix potential illegal memory access - r8169: fix issue with confused RX unit after PHY power-down on RTL8411b - rxrpc: Fix send on a connected, but unbound socket - sctp: fix error handling on stream scheduler initialization - [x86] sky2: Disable MSI on ASUS P6T - tcp: be more careful in tcp_fragment() - tcp: fix tcp_set_congestion_control() use from bpf hook - tcp: Reset bytes_acked and bytes_received when disconnecting - vrf: make sure skb->data contains ip header to make routing - net/mlx5e: IPoIB, Add error path in mlx5_rdma_setup_rn - macsec: fix use-after-free of skb during RX - macsec: fix checksumming after decryption - netrom: fix a memory leak in nr_rx_frame() - netrom: hold sock when setting skb->destructor - net_sched: unset TCQ_F_CAN_BYPASS when adding filters - sctp: not bind the socket in sctp_connect - net: bridge: mcast: fix stale nsrcs pointer in igmp3/mld2 report handling - net: bridge: mcast: fix stale ipv6 hdr pointer when handling v6 query - net: bridge: don't cache ether dest pointer on input - net: bridge: stp: don't cache eth dest pointer before skb pull - dma-buf: balance refcount inbalance - dma-buf: Discard old fence_excl on retrying get_fences_rcu for realloc - perf/core: Fix exclusive events' grouping - perf/core: Fix race between close() and fork() - ext4: don't allow any modifications to an immutable file - ext4: enforce the immutable flag on open files - mm: add filemap_fdatawait_range_keep_errors() - jbd2: introduce jbd2_inode dirty range scoping - ext4: use jbd2_inode dirty range scoping - ext4: allow directory holes - [x86] KVM: nVMX: do not use dangling shadow VMCS after guest reset - [x86] KVM: nVMX: Clear pending KVM_REQ_GET_VMCS12_PAGES when leaving nested - mm: vmscan: scan anonymous pages on file refaults - net: sched: verify that q!=NULL before setting q->flags https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.63 - [x86] hvsock: fix epollout hang from race condition - [armhf,arm64] drm/panel: simple: Fix panel_simple_dsi_probe - [x86] staging: vt6656: use meaningful error code during buffer allocation - usb: core: hub: Disable hub-initiated U1/U2 - [armhf,arm64] pinctrl: rockchip: fix leaked of_node references - drm/amd/display: Fill prescale_params->scale for RGB565 - drm/amdgpu/sriov: Need to initialize the HDP_NONSURFACE_BAStE - drm/amd/display: Disable ABM before destroy ABM struct - drm/amdkfd: Fix a potential memory leak - drm/amdkfd: Fix sdma queue map issue - drm/edid: Fix a missing-check bug in drm_load_edid_firmware() - PCI: Return error if cannot probe VF - [armhf,arm64] gpu: host1x: Increase maximum DMA segment size - drm/crc-debugfs: User irqsafe spinlock in drm_crtc_add_crc_entry - drm/crc-debugfs: Also sprinkle irqrestore over early exits - memstick: Fix error cleanup path of memstick_init - [arm64] tty: serial: msm_serial: avoid system lockup condition - serial: 8250: Fix TX interrupt handling condition - drm/amd/display: Always allocate initial connector state state - drm/virtio: Add memory barriers for capset cache. - drm/amd/display: fix compilation error - [ppc64el] pseries/mobility: prevent cpu hotplug during DT update - [armhf,arm64] drm/rockchip: Properly adjust to a true clock in adjusted_mode - [armhf] serial: imx: fix locking in set_termios() - tty: serial_core: Set port active bit in uart_port_activate - usb: gadget: Zero ffs_io_data - mmc: sdhci: sdhci-pci-o2micro: Check if controller supports 8-bit width - [ppc64el] pci/of: Fix OF flags parsing for 64bit BARs - [arm64] drm/msm: Depopulate platform on probe failure - [arm64] PCI: xilinx-nwl: Fix Multi MSI data programming - iio: iio-utils: Fix possible incorrect mask calculation - [ppc64el] cacheflush: fix variable set but not used - [ppc64el] xmon: Fix disabling tracing while in xmon - [ppc64el] recordmcount: Fix spurious mcount entries on powerpc - mfd: core: Set fwnode for created devices - [arm64] mfd: hi655x-pmic: Fix missing return value check for devm_regmap_init_mmio_clk - mm/swap: fix release_pages() when releasing devmap pages - RDMA/i40iw: Set queue pair state when being queried - IB/mlx5: Fixed reporting counters on 2nd port for Dual port RoCE - [ppc64el] mm: Handle page table allocation failures - IB/ipoib: Add child to parent list only if device initialized - [arm64] assembler: Switch ESB-instruction with a vanilla nop if !ARM64_HAS_RAS - perf stat: Fix use-after-freed pointer detected by the smatch tool - perf top: Fix potential NULL pointer dereference detected by the smatch tool - perf session: Fix potential NULL pointer dereference found by the smatch tool - perf annotate: Fix dereferencing freed memory found by the smatch tool - perf hists browser: Fix potential NULL pointer dereference found by the smatch tool - RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM - [armhf] PCI: dwc: pci-dra7xx: Fix compilation when !CONFIG_GPIOLIB - [ppc64el] boot: add {get, put}_unaligned_be32 to xz_config.h - block: init flush rq ref count to 1 - f2fs: avoid out-of-range memory access - mailbox: handle failed named mailbox channel request - dlm: check if workqueues are NULL before flushing/destroying - [ppc64el] eeh: Handle hugepages in ioremap space - block/bio-integrity: fix a memory leak bug - 9p: pass the correct prototype to read_cache_page - mm/gup.c: mark undo_dev_pagemap as __maybe_unused - mm/gup.c: remove some BUG_ONs from get_gate_page() - memcg, fsnotify: no oom-kill for remote memcg charging - mm/mmu_notifier: use hlist_add_head_rcu() - proc: use down_read_killable mmap_sem for /proc/pid/smaps_rollup - proc: use down_read_killable mmap_sem for /proc/pid/pagemap - proc: use down_read_killable mmap_sem for /proc/pid/clear_refs - proc: use down_read_killable mmap_sem for /proc/pid/map_files - cxgb4: reduce kernel stack usage in cudbg_collect_mem_region() - proc: use down_read_killable mmap_sem for /proc/pid/maps - locking/lockdep: Fix lock used or unused stats error - mm: use down_read_killable for locking mmap_sem in access_remote_vm - locking/lockdep: Hide unused 'class' variable - usb: wusbcore: fix unbalanced get/put cluster_id - [x86] usb: pci-quirks: Correct AMD PLL quirk detection - btrfs: inode: Don't compress if NODATASUM or NODATACOW set - [x86] sysfb_efi: Add quirks for some devices with swapped width and height - [x86] speculation/mds: Apply more accurate check on hypervisor platform - binder: prevent transactions to context manager from its own process. - fpga-manager: altera-ps-spi: Fix build error - [x86] mei: me: add mule creek canyon (EHL) device ids - [x86] hpet: Fix division by zero in hpet_time_div() - ALSA: ac97: Fix double free of ac97_codec_device - ALSA: line6: Fix wrong altsetting for LINE6_PODHD500_1 - ALSA: hda - Add a conexant codec entry to let mute led work - [ppc64el] xive: Fix loop exit-condition in xive_find_target_in_mask() - libnvdimm/bus: Stop holding nvdimm_bus_list_mutex over __nd_ioctl() - access: avoid the RCU grace period for the temporary subjective credentials https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.64 - [x86] hv_sock: Add support for delayed close - vsock: correct removal of socket from the list - NFS: Fix dentry revalidation on NFSv4 lookup - NFS: Refactor nfs_lookup_revalidate() - NFSv4: Fix lookup revalidate of regular files - [armhf,arm64] usb: dwc2: Disable all EP's on disconnect - [armhf,arm64] usb: dwc2: Fix disable all EP's on disconnect - [arm64] compat: Provide definition for COMPAT_SIGMINSTKSZ (Closes: #904385). - binder: fix possible UAF when freeing buffer - ISDN: hfcsusb: checking idx of ep configuration - media: au0828: fix null dereference in error path - ath10k: Change the warning message string - media: cpia2_usb: first wake up, then free in disconnect - media: pvrusb2: use a different format for warnings - NFS: Cleanup if nfs_match_client is interrupted - media: radio-raremono: change devm_k*alloc to k*alloc - [x86] iommu/vt-d: Don't queue_iova() if there is no flush queue - vhost: introduce vhost_exceeds_weight() - vhost_net: fix possible infinite loop (CVE-2019-3900) - vhost: vsock: add weight support - vhost: scsi: add weight support (CVE-2019-3900) - sched/fair: Don't free p->numa_faults with concurrent readers - sched/fair: Use RCU accessors consistently for ->numa_group - /proc/<pid>/cmdline: remove all the special cases - /proc/<pid>/cmdline: add back the setproctitle() special case - drivers/pps/pps.c: clear offset flags in PPS_SETPARAMS ioctl - Fix allyesconfig output. - ceph: hold i_ceph_lock when removing caps for freeing inode - block, scsi: Change the preempt-only flag into a counter - scsi: core: Avoid that a kernel warning appears during system resume - ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.65 - [armhf] dts: rockchip: Make rk3288-veyron-minnie run at hs200 - [armhf] dts: rockchip: Make rk3288-veyron-mickey's emmc work again - [armhf] dts: rockchip: Mark that the rk3288 timer might stop in suspend - ftrace: Enable trampoline when rec count returns back to one - [armhf,arm64] dmaengine: tegra-apb: Error out if DMA_PREP_INTERRUPT flag is unset - [arm64] dts: rockchip: fix isp iommu clocks and power domain - kernel/module.c: Only return -EEXIST for modules that have finished loading - [arm64] clk: tegra210: fix PLLU and PLLU_OUT1 - fs/adfs: super: fix use-after-free bug - btrfs: fix minimum number of chunk errors for DUP - btrfs: qgroup: Don't hold qgroup_ioctl_lock in btrfs_qgroup_inherit() - cifs: Fix a race condition with cifs_echo_request - ceph: fix improper use of smp_mb__before_atomic() - ceph: return -ERANGE if virtual xattr value didn't fit in buffer - ACPI: blacklist: fix clang warning for unused DMI table - [s390x] scsi: zfcp: fix GCC compiler warning emitted with -Wmaybe-uninitialized - perf version: Fix segfault due to missing OPT_END() - [x86] kvm: avoid constant-conversion warning - ACPI: fix false-positive -Wuninitialized warning - be2net: Signal that the device cannot transmit during reconfiguration - [x86] apic: Silence -Wtype-limits compiler warnings - mm/cma.c: fail if fixed declaration can't be honored - lib/test_overflow.c: avoid tainting the kernel and fix wrap size - lib/test_string.c: avoid masking memset16/32/64 failures - coda: add error handling for fget - coda: fix build using bare-metal toolchain - uapi linux/coda_psdev.h: move upc_req definition from uapi to kernel side headers - drivers/rapidio/devices/rio_mport_cdev.c: NUL terminate some strings - ipc/mqueue.c: only perform resource calculation if user valid - [x86] xen/pv: Fix a boot up hang revealed by int3 self test - [x86] kvm: Don't call kvm_spurious_fault() from .fixup - [x86] paravirt: Fix callee-saved function ELF sizes - [x86] boot: Remove multiple copy of static function sanitize_boot_params() - drm/nouveau: fix memory leak in nouveau_conn_reset() - kconfig: Clear "written" flag to avoid data loss - Btrfs: fix incremental send failure after deduplication - Btrfs: fix race leading to fs corruption after transaction abort - [armhf,arm64] mmc: dw_mmc: Fix occasional hang after tuning on eMMC - [arm64] mmc: meson-mx-sdio: Fix misuse of GENMASK macro - gpiolib: fix incorrect IRQ requesting of an active-low lineevent - IB/hfi1: Fix Spectre v1 vulnerability - mtd: rawnand: micron: handle on-die "ECC-off" devices correctly - selinux: fix memory leak in policydb_init() - ALSA: hda: Fix 1-minute detection delay when i915 module is not available (Closes: #931507) - mm: vmscan: check if mem cgroup is disabled or not before calling memcg slab shrinker - [s390x] dasd: fix endless loop after read unit address configuration - [arm*] drivers/perf: arm_pmu: Fix failure path in PM notifier - [arm64] compat: Allow single-byte watchpoints on all addresses - [arm64] cpufeature: Fix feature comparison for CTR_EL0.{CWG,ERG} - nbd: replace kill_bdev() with __invalidate_device() again - xen/swiotlb: fix condition for calling xen_destroy_contiguous_region() - IB/mlx5: Fix unreg_umr to ignore the mkey state - IB/mlx5: Use direct mkey destroy command upon UMR unreg failure - IB/mlx5: Move MRs to a kernel PD when freeing them to the MR cache - IB/mlx5: Fix clean_mr() to work in the expected order - IB/mlx5: Fix RSS Toeplitz setup to be aligned with the HW specification - IB/hfi1: Check for error on call to alloc_rsm_map_table - [x86] drm/i915/gvt: fix incorrect cache entry for guest page mapping - eeprom: at24: make spd world-readable again - objtool: Support GCC 9 cold subfunction naming scheme - gcc-9: properly declare the {pv,hv}clock_page storage - [x86] vdso: Prevent segfaults due to hoisted vclock reads - scsi: mpt3sas: Use 63-bit DMA addressing on SAS35 HBA https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.66 - scsi: fcoe: Embed fc_rport_priv in fcoe_rport structure - gcc-9: don't warn about uninitialized variable - driver core: Establish order of operations for device_add and device_del via bitflag - drivers/base: Introduce kill_device() - libnvdimm/bus: Prevent duplicate device_unregister() calls - libnvdimm/region: Register badblocks before namespaces - libnvdimm/bus: Prepare the nd_ioctl() path to be re-entrant - libnvdimm/bus: Fix wait_nvdimm_bus_probe_idle() ABBA deadlock - HID: wacom: fix bit shift for Cintiq Companion 2 - HID: Add quirk for HP X1200 PIXART OEM mouse - IB: directly cast the sockaddr union to aockaddr - atm: iphase: Fix Spectre v1 vulnerability - bnx2x: Disable multi-cos feature. - ife: error out when nla attributes are empty - ip6_gre: reload ipv6h in prepare_ip6gre_xmit_ipv6 - ip6_tunnel: fix possible use-after-free on xmit - ipip: validate header length in ipip_tunnel_xmit - [armhf,arm64] mvpp2: fix panic on module removal - [armhf,arm64] mvpp2: refactor MTU change code - net: bridge: delete local fdb on device init failure - net: bridge: mcast: don't delete permanent entries when fast leave is enabled - net: fix ifindex collision during namespace removal - net/mlx5e: always initialize frag->last_in_page - net/mlx5: Use reversed order when unregister devices - net: phylink: Fix flow control for fixed-link - net: sched: Fix a possible null-pointer dereference in dequeue_func() - net sched: update vlan action for batched events operations - net: sched: use temporary variable for actions indexes - net/smc: do not schedule tx_work in SMC_CLOSED state - tipc: compat: allow tipc commands without arguments - tun: mark small packets as owned by the tap sock - net/mlx5: Fix modify_cq_in alignment - net/mlx5e: Prevent encap flow counter update async to user query - r8169: don't use MSI before RTL8168d - compat_ioctl: pppoe: fix PPPOEIOCSFWD handling - cgroup: Call cgroup_release() before __exit_signal() - cgroup: Implement css_task_iter_skip() - cgroup: Include dying leaders with live threads in PROCS iterations - cgroup: css_task_iter_skip()'d iterators must be advanced before accessed - cgroup: Fix css_task_iter_advance_css_set() cset skip condition - [arm*] spi: bcm2835: Fix 3-wire mode if DMA is enabled https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.67 - [x86] crypto: ccp - Fix oops by properly managing allocated structures - [x86] crypto: ccp - Add support for valid authsize values less than 16 - [x86] crypto: ccp - Ignore tag length when decrypting GCM ciphertext - usb: usbfs: fix double-free of usb memory upon submiturb error - usb: iowarrior: fix deadlock on disconnect - sound: fix a memory leak bug - [arm64,mips*/octeon] mmc: cavium: Set the correct dma max segment size for mmc_host - [arm64,mips*/octeon] mmc: cavium: Add the missing dma unmap when the dma has finished. - loop: set PF_MEMALLOC_NOIO for the worker thread - Input: usbtouchscreen - initialize PM mutex before using it - [x86] Input: elantech - enable SMBus on new (2018+) systems - [x86] Input: synaptics - enable RMI mode for HP Spectre X360 - [x86] mm: Check for pfn instead of page in vmalloc_sync_one() - [x86] mm: Sync also unmappings in vmalloc_sync_all() - mm/vmalloc: Sync unmappings in __purge_vmap_area_lazy() - [s390x] perf annotate: Fix s390 gap between kernel end and module start - perf db-export: Fix thread__exec_comm() - [s390x] perf record: Fix module size on s390 - [x86] purgatory: Use CFLAGS_REMOVE rather than reset KBUILD_CFLAGS - gfs2: gfs2_walk_metadata fix - usb: yurex: Fix use-after-free in yurex_delete - [x86] usb: typec: tcpm: free log buf memory when remove debug file - [x86] usb: typec: tcpm: remove tcpm dir if no children - [x86] usb: typec: tcpm: Add NULL check before dereferencing config - [x86] usb: typec: tcpm: Ignore unsupported/unknown alternate mode requests - can: peak_usb: fix potential double kfree_skb() - netfilter: nfnetlink: avoid deadlock due to synchronous request_module - [s390x] vfio-ccw: Set pa_nr to 0 if memory allocation fails for pa_iova_pfn - netfilter: Fix rpfilter dropping vrf packets by mistake - netfilter: conntrack: always store window size un-scaled - netfilter: nft_hash: fix symhash with modulus one - drm/amd/display: Wait for backlight programming completion in set backlight level - drm/amd/display: use encoder's engine id to find matched free audio device - drm/amd/display: Fix dc_create failure handling and 666 color depths - drm/amd/display: Only enable audio if speaker allocation exists - drm/amd/display: Increase size of audios array - [x86] iscsi_ibft: make ISCSI_IBFT dependson ACPI instead of ISCSI_IBFT_FIND - nl80211: fix NL80211_HE_MAX_CAPABILITY_LEN - mac80211: don't warn about CW params when not using them - allocate_flower_entry: should check for null deref - hwmon: (nct6775) Fix register address and added missed tolerance for nct6106 - drm: silence variable 'conn' set but not used - [s390x] qdio: add sanity checks to the fast-requeue path - ALSA: compress: Fix regression on compressed capture streams - ALSA: compress: Prevent bypasses of set_params - ALSA: compress: Don't allow paritial drain operations on capture streams - ALSA: compress: Be more restrictive about when a drain is allowed - perf tools: Fix proper buffer size for feature processing - perf probe: Avoid calling freeing routine multiple times for same pointer - drbd: dynamically allocate shash descriptor - ACPI/IORT: Fix off-by-one check in iort_dev_find_its_id() - nvme: fix multipath crash when ANA is deactivated - scsi: megaraid_sas: fix panic on loading firmware crashdump - [ppc64el] scsi: ibmvfc: fix WARN_ON during event pool release - scsi: scsi_dh_alua: always use a 2 second delay before retrying RTPG - test_firmware: fix a memory leak bug - tty/ldsem, locking/rwsem: Add missing ACQUIRE to read_failed sleep loop - perf/core: Fix creating kernel counters for PMUs that override event->cpu - [s390x] dma: provide proper ARCH_ZONE_DMA_BITS value - HID: sony: Fix race condition between rumble and device remove. - [x86] purgatory: Do not use __builtin_memcpy and __builtin_memset - ALSA: usb-audio: fix a memory leak bug - can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices - can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices - hwmon: (nct7802) Fix wrong detection of in4 presence - [x86] drm/i915: Fix wrong escape clock divisor init for GLK - ALSA: firewire: fix a memory leak bug - ALSA: hiface: fix multiple memory leak bugs - ALSA: hda - Don't override global PCM hw info flag - [x86] ALSA: hda - Workaround for crackled sound on AMD controller (1022:1457) - mac80211: don't WARN on short WMM parameters from AP - dax: dax_layout_busy_page() should not unmap cow pages - SMB3: Fix deadlock in validate negotiate hits reconnect - smb3: send CAP_DFS capability during session setup - NFSv4: Fix an Oops in nfs4_do_setattr - [x86] KVM: Fix leak vCPU's VMCS value into other pCPU - mwifiex: fix 802.11n/WPA detection - iwlwifi: don't unmap as page memory that was mapped as single - iwlwifi: mvm: fix an out-of-bound access - iwlwifi: mvm: don't send GEO_TX_POWER_LIMIT on version < 41 - iwlwifi: mvm: fix version check for GEO_TX_POWER_LIMIT support . [ Steve McIntyre ] * [arm64] Improve support for the Huawei TaiShan server platform (Closes: #930554): - Enable the HNS/ROCE Infiniband driver - Backport fixes from 4.20 and 4.21 for HNS3 networking, hisi_sas SAS and HNS/ROCE Infiniband - Add module:drivers/scsi/hisi_sas/* to the ABI ignore list . [ Uwe Kleine-König ] * [armhf] Add support for all i.MX6 variants. * rtc-s35390a: backport fix to make hwclock able to read the time (Closes: #932845) . [ Ben Hutchings ] * [rt] Update to 4.19.59-rt24: - Fix build failure after "genirq: Prevent use-after-free and work list corruption": + Update "genirq: Do not invoke the affinity callback via a workqueue on RT" + kthread: add a global worker thread. + genirq: Do not invoke the affinity callback via a workqueue on RT + genirq: Handle missing work_struct in irq_set_affinity_notifier() - Update "irqwork: push most work into softirq context" to resolve conflict with "irq_work: Do not raise an IPI when queueing work on the local CPU" - Drop "random: avoid preempt_disable()ed section" - arm: imx6: cpuidle: Use raw_spinlock_t - rcu: Don't allow to change rcu_normal_after_boot on RT - sched/core: Drop a preempt_disable_rt() statement - timers: Redo the notification of canceling timers on -RT - Fix futex regression in 4.19.21: + Revert "futex: Ensure lock/unlock symetry versus pi_lock and hash bucket lock" + Revert "futex: Fix bug on when a requeued RT task times out" + Revert "rtmutex: Handle the various new futex race conditions" + Revert "futex: workaround migrate_disable/enable in different context" + futex: Make the futex_hash_bucket lock raw + futex: Delay deallocation of pi_state - mm/zswap: Do not disable preemption in zswap_frontswap_store() * Bump ABI to 6 linux-signed-arm64 (4.19.37+6) unstable; urgency=high . * Sign kernel from linux 4.19.37-6 . [ John Paul Adrian Glaubitz ] * [sh4]: Check for kprobe trap number before trying to handle a kprobe trap . [ Salvatore Bonaccorso ] * tcp: refine memory limit test in tcp_fragment() (Closes: #930904) * ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME (CVE-2019-13272) . [ Steve McIntyre ] * [arm64] Improve support for the Huawei TaiShan server platform (Closes: #930554): - Enable the HNS/ROCE Infiniband driver - Backport fixes from 4.20 and 4.21 for HNS3 networking, hisi_sas SAS and HNS/ROCE Infiniband - Add module:drivers/scsi/hisi_sas/* to the ABI ignore list . [ Cyril Brulebois ] * [arm] Backport DTB support for Rasperry Pi Compute Module 3. * [arm64] Backport DTB support for Rasperry Pi Compute Module 3. linux-signed-arm64 (4.19.37+5+deb10u2) buster-security; urgency=high . * Sign kernel from linux 4.19.37-5+deb10u2 . [ Romain Perier ] * [x86] x86/insn-eval: Fix use-after-free access to LDT entry (CVE-2019-13233) * [powerpc*] mm/64s/hash: Reallocate context ids on fork (CVE-2019-12817) * nfc: Ensure presence of required attributes in the deactivate_target handler (CVE-2019-12984) * binder: fix race between munmap() and direct reclaim (CVE-2019-1999) * scsi: libsas: fix a race condition when smp task timeout (CVE-2018-20836) * Input: gtco - bounds check collection indent level (CVE-2019-13631) * floppy: fix out-of-bounds read in copy_buffer (CVE-2019-14283) * inet: switch IP ID generator to siphash (CVE-2019-10638) * floppy: fix div-by-zero in setup_format_params (CVE-2019-14284) * Bluetooth: hci_uart: check for missing tty operations (CVE-2019-10207) * [powerpc/tm] Fix oops on sigreturn on systems without TM (CVE-2019-13648) . [ Salvatore Bonaccorso ] * [x86] cpufeatures: Carve out CQM features retrieval * [x86] cpufeatures: Combine word 11 and 12 into a new scattered features word * [x86] speculation: Prepare entry code for Spectre v1 swapgs mitigations * [x86] speculation: Enable Spectre v1 swapgs mitigations (CVE-2019-1125) * [amd64] entry: Use JMP instead of JMPQ * [x86] speculation/swapgs: Exclude ATOMs from speculation through SWAPGS * Documentation: Add section about CPU vulnerabilities for Spectre * Documentation: Add swapgs description to the Spectre v1 documentation . [ Ben Hutchings ] * [x86] cpufeatures: Avoid ABI change for swapgs mitigations: - Move swapgs feature bits to existing scattered words - Revert "x86/cpufeatures: Combine word 11 and 12 into a new scattered features word" * inet: Avoid ABI change for IP ID hash change linux-signed-arm64 (4.19.37+5+deb10u2~bpo9+1) stretch-backports; urgency=medium . * Sign kernel from linux 4.19.37-5+deb10u2~bpo9+1 . * Rebuild for stretch-backports; no further changes required linux-signed-arm64 (4.19.37+5+deb10u1) buster-security; urgency=high . * Sign kernel from linux 4.19.37-5+deb10u1 . * tcp: refine memory limit test in tcp_fragment() (Closes: #930904) * ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME (CVE-2019-13272) linux-signed-i386 (4.19.67+2) buster; urgency=medium . * Sign kernel from linux 4.19.67-2 . [ Salvatore Bonaccorso ] * dm: disable DISCARD if the underlying storage no longer supports it (Closes: #934331) * xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT (CVE-2019-15538) . [ Ben Hutchings ] * KVM: Ignore ABI changes * [ppc64el] Disable PPC_TRANSACTIONAL_MEM (Closes: #866122) * [ppc64el] Avoid ABI change for disabling TM * netfilter: conntrack: Use consistent ct id hash calculation (fixes regression in 4.19.44) . [ Cyril Brulebois ] * [arm] Backport DTB support for Rasperry Pi Compute Module 3. * [arm64] Backport DTB support for Rasperry Pi Compute Module 3. linux-signed-i386 (4.19.67+1) buster; urgency=medium . * Sign kernel from linux 4.19.67-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.38 - netfilter: nft_compat: use refcnt_t type for nft_xt reference count - netfilter: nft_compat: make lists per netns - netfilter: nf_tables: split set destruction in deactivate and destroy phase - netfilter: nft_compat: destroy function must not have side effects - netfilter: nf_tables: warn when expr implements only one of activate/deactivate - netfilter: nf_tables: unbind set in rule from commit path - netfilter: nft_compat: don't use refcount_inc on newly allocated entry - netfilter: nft_compat: use .release_ops and remove list of extension - netfilter: nf_tables: fix set double-free in abort path - netfilter: nf_tables: bogus EBUSY when deleting set after flush - netfilter: nf_tables: bogus EBUSY in helper removal from transaction - net/ibmvnic: Fix RTNL deadlock during device reset - net: mvpp2: fix validate for PPv2.1 - ext4: fix some error pointer dereferences - tipc: handle the err returned from cmd header function - loop: do not print warn message if partition scan is successful - [armhf,arm64] drm/rockchip: fix for mailbox read validation. - vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock - ipvs: fix warning on unused variable - [ppc64el] vdso32: fix CLOCK_MONOTONIC on PPC64 - [armhf,arm64] net: dsa: mv88e6xxx: add call to mv88e6xxx_ports_cmode_init to probe for new DSA framework - cifs: fix memory leak in SMB2_read - cifs: do not attempt cifs operation on smb2+ rename error - tracing: Fix a memory leak by early error exit in trace_pid_write() - zram: pass down the bvec we need to read into in the work struct - trace: Fix preempt_enable_no_resched() abuse - IB/rdmavt: Fix frwr memory registration - RDMA/mlx5: Do not allow the user to write to the clock page - sched/numa: Fix a possible divide-by-zero - ceph: only use d_name directly when parent is locked - ceph: ensure d_name stability in ceph_dentry_hash() - ceph: fix ci->i_head_snapc leak - nfsd: Don't release the callback slot unless it was actually held - sunrpc: don't mark uninitialised items as VALID. - [x86] perf/intel: Update KBL Package C-state events to also include PC8/PC9/PC10 counters - Input: synaptics-rmi4 - write config register values to the right offset - [armhf] 8857/1: efi: enable CP15 DMB instructions before cleaning the cache - [ppc64el] mm/radix: Make Radix require HUGETLB_PAGE - [arm*] drm/vc4: Fix memory leak during gpu reset. - [x86] Revert "drm/i915/fbdev: Actually configure untiled displays" - USB: Add new USB LPM helpers - USB: Consolidate LPM checks to avoid enabling LPM twice - slip: make slhc_free() silently accept an error pointer - [x86] intel_th: gth: Fix an off-by-one in output unassigning - fs/proc/proc_sysctl.c: Fix a NULL pointer dereference - workqueue: Try to catch flush_work() without INIT_WORK(). - sched/deadline: Correctly handle active 0-lag timers - NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family. - netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON - fm10k: Fix a potential NULL pointer dereference - tipc: check bearer name with right length in tipc_nl_compat_bearer_enable - tipc: check link name with right length in tipc_nl_compat_link_set - net: netrom: Fix error cleanup path of nr_proto_init - net/rds: Check address length before reading address family - rxrpc: fix race condition in rxrpc_input_packet() - [x86] retpolines: Raise limit for generating indirect calls from switch-case - [x86] retpolines: Disable switch jump tables when retpolines are enabled - mm: Fix warning in insert_pfn() - [x86] fpu: Don't export __kernel_fpu_{begin,end}() - ipv4: add sanity checks in ipv4_link_failure() - ipv4: set the tcp_min_rtt_wlen range from 0 to one day - net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query - net: rds: exchange of 8K and 1M pool - net/rose: fix unbound loop in rose_loopback_timer() - [armhf,arm64] net: stmmac: move stmmac_check_ether_addr() to driver probe - team: fix possible recursive locking when add slaves - [arm64] net: hns: Fix WARNING when hns modules installed - net/mlx5e: Fix the max MTU check in case of XDP - net/mlx5e: Fix use-after-free after xdp_return_frame https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.39 - selinux: use kernel linux/socket.h for genheaders and mdp - Revert "ACPICA: Clear status of GPEs before enabling them" - [arm*] dts: bcm283x: Fix hdmi hpd gpio pull - [s390x] limit brk randomization to 32MB - net: ieee802154: fix a potential NULL pointer dereference - ieee802154: hwsim: propagate genlmsg_reply return code - [armhf,arm64] net: stmmac: don't set own bit too early for jumbo frames - qlcnic: Avoid potential NULL pointer dereference - xsk: fix umem memory leak on cleanup - netfilter: nft_set_rbtree: check for inactive element after flag mismatch - netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING - netfilter: fix NETFILTER_XT_TARGET_TEE dependencies - netfilter: ip6t_srh: fix NULL pointer dereferences - [s390x] qeth: fix race when initializing the IP address table - [armhf] imx51: fix a leaked reference by adding missing of_node_put - [arm64] KVM: Reset the PMU in preemptible context - [armhf,arm64] KVM: vgic-its: Take the srcu lock when writing to guest memory - [armhf,arm64] KVM: vgic-its: Take the srcu lock when parsing the memslots - [x86] usb: dwc3: pci: add support for Comet Lake PCH ID - usb: gadget: net2280: Fix overrun of OUT messages - usb: gadget: net2280: Fix net2280_dequeue() - [x86] i2c: i801: Add support for Intel Comet Lake - staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc - staging: rtlwifi: rtl8822b: fix to avoid potential NULL pointer dereference - staging: rtl8712: uninitialized memory in read_bbreg_hdl() - staging: rtlwifi: Fix potential NULL pointer dereference of kzalloc - [arm64] net: macb: Add null check for PCLK and HCLK - net/sched: don't dereference a->goto_chain to read the chain index - [armhf] dts: imx6qdl: Fix typo in imx6qdl-icore-rqs.dtsi - [armhf,arm64] drm/tegra: hub: Fix dereference before check - NFS: Fix a typo in nfs_init_timeout_values() - drm: Fix drm_release() and device unplug - [arm64] drm/meson: Fix invalid pointer in meson_drv_unbind() - [arm64] drm/meson: Uninstall IRQ handler - scsi: mpt3sas: Fix kernel panic during expander reset - scsi: aacraid: Insure we don't access PCIe space during AER/EEH - scsi: qla4xxx: fix a potential NULL pointer dereference - leds: trigger: netdev: fix refcnt leak on interface rename - [x86] realmode: Don't leak the trampoline kernel address - usb: u132-hcd: fix resource leak - ceph: fix use-after-free on symlink traversal - [s390x] scsi: zfcp: reduce flood of fcrscn1 trace records on multi- element RSCN - [x86] mm: Don't exceed the valid physical address space - libata: fix using DMA buffers on stack - gpio: of: Fix of_gpiochip_add() error path - nvme-multipath: relax ANA state check - perf machine: Update kernel map address and re-order properly - [x86] iommu/amd: Reserve exclusion range in iova-domain - ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK - leds: trigger: netdev: use memcpy in device_name_store https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.40 - ipv4: ip_do_fragment: Preserve skb_iif during fragmentation - ipv6: A few fixes on dereferencing rt->from - ipv6: fix races in ip6_dst_destroy() - ipv6/flowlabel: wait rcu grace period before put_pid() - ipv6: invert flowlabel sharing check in process and user mode - l2ip: fix possible use-after-free - l2tp: use rcu_dereference_sk_user_data() in l2tp_udp_encap_recv() - [armhf] net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc - net: phy: marvell: Fix buffer overrun with stats counters - rxrpc: Fix net namespace cleanup - sctp: avoid running the sctp state machine recursively - packet: validate msg_namelen in send directly - bnxt_en: Improve multicast address setup logic. - bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one() - bnxt_en: Fix uninitialized variable usage in bnxt_rx_pkt(). - [x86] KVM: Whitelist port 0x7e for pre-incrementing %rip - [x86] KVM: nVMX: Fix size checks in vmx_set_nested_state - ALSA: line6: use dynamic buffers - ath10k: Drop WARN_ON()s that always trigger during system resume https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.41 - iwlwifi: fix driver operation for 5350 - mwifiex: Make resume actually do something useful again on SDIO cards - mac80211: don't attempt to rename ERR_PTR() debugfs dirs - [armhf] i2c: imx: correct the method of getting private data in notifier_call - i2c: Remove unnecessary call to irq_find_mapping - i2c: Clear client->irq in i2c_device_remove - i2c: Allow recovery of the initial IRQ by an I2C client device. - i2c: Prevent runtime suspend of adapter when Host Notify is required - [x86] ALSA: hda/realtek - Add new Dell platform for headset mode - [x86] ALSA: hda/realtek - Fixed Dell AIO speaker noise - [x86] ALSA: hda/realtek - Apply the fixup for ASUS Q325UAR - USB: yurex: Fix protection fault after device removal - USB: w1 ds2490: Fix bug caused by improper use of altsetting array - USB: dummy-hcd: Fix failure to give back unlinked URBs - usb: usbip: fix isoc packet num validation in get_pipe - USB: core: Fix unterminated string returned by usb_string() - USB: core: Fix bug caused by duplicate interface PM usage counter - nvme-loop: init nvmet_ctrl fatal_err_work when allocate - [arm64] dts: rockchip: fix rk3328-roc-cc gmac2io tx/rx_delay - HID: logitech: check the return value of create_singlethread_workqueue - HID: debug: fix race condition with between rdesc_show() and device removal - rtc: cros-ec: Fail suspend/resume if wake IRQ can't be configured - batman-adv: Reduce claim hash refcnt only for removed entry - batman-adv: Reduce tt_local hash refcnt only for removed entry - batman-adv: Reduce tt_global hash refcnt only for removed entry - batman-adv: fix warning in function batadv_v_elp_get_throughput - [armhf] dts: rockchip: Fix gpu opp node names for rk3288 - [arm64] reset: meson-audio-arb: Fix missing .owner setting of reset_controller_dev - igb: Fix WARN_ONCE on runtime suspend - HID: quirks: Fix keyboard + touchpad on Lenovo Miix 630 - net/mlx5: E-Switch, Fix esw manager vport indication for more vport commands - bonding: show full hw address in sysfs for slave entries - [armhf,arm64] net: stmmac: use correct DMA buffer size in the RX descriptor - [armhf,arm64] net: stmmac: ratelimit RX error logs - [armhf,arm64] net: stmmac: don't stop NAPI processing when dropping a packet - [armhf,arm64] net: stmmac: don't overwrite discard_frame status - [armhf,arm64] net: stmmac: fix dropping of multi-descriptor RX frames - [armhf,arm64] net: stmmac: don't log oversized frames - jffs2: fix use-after-free on symlink traversal - debugfs: fix use-after-free on symlink traversal - [armhf] mfd: twl-core: Disable IRQ while suspended - block: use blk_free_flush_queue() to free hctx->fq in blk_mq_init_hctx - HID: input: add mapping for Assistant key - vfio/pci: use correct format characters - scsi: core: add new RDAC LENOVO/DE_Series device - [x86] scsi: storvsc: Fix calculation of sub-channel count - [arm64] fix wrong check of on_sdei_stack in nmi context - [arm64] net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw() - [arm64] net: hns: Use NAPI_POLL_WEIGHT for hns driver - [arm64] net: hns: Fix probabilistic memory overwrite when HNS driver initialized - [arm64] net: hns: fix ICMP6 neighbor solicitation messages discard problem - [arm64] net: hns: Fix WARNING when remove HNS driver with SMMU enabled - libcxgb: fix incorrect ppmax calculation - [x86] KVM: SVM: prevent DBG_DECRYPT and DBG_ENCRYPT overflow - hugetlbfs: fix memory leak for resv_map - fs: stream_open - opener for stream-like files so that read and write can run simultaneously without deadlock - [armel] orion: don't use using 64-bit DMA masks - block: pass no-op callback to INIT_WORK(). - [x86] perf/amd: Update generic hardware cache events for Family 17h - Bluetooth: btusb: request wake pin with NOAUTOEN - Bluetooth: mediatek: fix up an error path to restore bdev->tx_state - [arm64] clk: qcom: Add missing freq for usb30_master_clk on 8998 - scsi: RDMA/srpt: Fix a credit leak for aborted commands - [x86] ASoC: Intel: bytcr_rt5651: Revert "Fix DMIC map headsetmic mapping" - [x86] platform: intel_pmc_core: Fix PCH IP name - [x86] platform: intel_pmc_core: Handle CFL regmap properly - IB/core: Unregister notifier before freeing MAD security - IB/core: Fix potential memory leak while creating MAD agents - IB/core: Destroy QP if XRC QP fails - selinux: avoid silent denials in permissive mode under RCU walk - selinux: never allow relabeling on context mounts - mac80211: Honor SW_CRYPTO_CONTROL for unicast keys in AP VLAN mode - [ppc64el] mm/hash: Handle mmap_min_addr correctly in get_unmapped_area topdown search - [x86] mce: Improve error message when kernel cannot recover, p2 - [x86] clk: Add system specific quirk to mark clocks as critical - [x86] mm/KASLR: Fix the size of the direct mapping section - [x86] mm: Fix a crash with kmemleak_scan() - [x86] mm/tlb: Revert "x86/mm: Align TLB invalidation info" - media: v4l2: i2c: ov7670: Fix PLL bypass register values https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.42 - [armhf,arm64] net: stmmac: Use bfsize1 in ndesc_init_rx_desc - [x86] Drivers: hv: vmbus: Remove the undesired put_cpu_ptr() in hv_synic_cleanup() - ASoC: hdmi-codec: fix S/PDIF DAI - ASoC:soc-pcm:fix a codec fixup issue in TDM case - [x86] ASoC:intel:skl:fix a simultaneous playback & capture issue on hda platform - [arm64] clk: meson-gxbb: round the vdec dividers to closest - ASoC: dapm: Fix NULL pointer dereference in snd_soc_dapm_free_kcontrol - [armhf] drm/omap: hdmi4_cec: Fix CEC clock handling for PM - IB/hfi1: Eliminate opcode tests on mr deref - IB/hfi1: Fix the allocation of RSM table - [x86] perf/intel: Fix handling of wakeup_events for multi-entry PEBS - [x86] perf/intel: Initialize TFA MSR - linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() - drm/amd/display: fix cursor black issue - objtool: Add rewind_stack_do_exit() to the noreturn list - slab: fix a crash by reading /proc/slab_allocators - [armhf,arm64] drm/sun4i: tcon top: Fix NULL/invalid pointer dereference in sun8i_tcon_top_un/bind - virtio_pci: fix a NULL pointer reference in vp_del_vqs - [x86] RDMA/vmw_pvrdma: Fix memory leak on pvrdma_pci_remove - [arm64] RDMA/hns: Fix bug that caused srq creation to fail - scsi: csiostor: fix missing data copy in csio_scsi_err_handler() - [x86] ASoC: Intel: kbl: fix wrong number of channels - virtio-blk: limit number of hw queues by nr_cpu_ids - nvme-fc: correct csn initialization and increments on error - [x86] platform: pmc_atom: Drop __initconst on dmi table - perf/core: Fix perf_event_disable_inatomic() race - [x86] iommu/amd: Set exclusion range correctly - genirq: Prevent use-after-free and work list corruption - usb: dwc3: Fix default lpm_nyet_threshold value - USB: serial: f81232: fix interrupt worker not stop - USB: cdc-acm: fix unthrottle races - usb-storage: Set virt_boundary_mask to avoid SG overflows - [x86] intel_th: pci: Add Comet Lake support - [arm64] cpufreq: armada-37xx: fix frequency calculation for opp - scsi: lpfc: change snprintf to scnprintf for possible overflow - scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines - scsi: qla2xxx: Fix device staying in blocked state - UAS: fix alignment of scatter/gather segments - [x86] ASoC: Intel: avoid Oops if DMA setup fails - locking/futex: Allow low-level atomic operations to return -EAGAIN - [arm64] futex: Bound number of LDXR/STXR loops in FUTEX_WAKE_OP https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.43 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.44 - bfq: update internal depth state when queue depth changes - [x86] platform: sony-laptop: Fix unintentional fall-through - [x86] platform: thinkpad_acpi: Disable Bluetooth for some machines - [x86] platform: dell-laptop: fix rfkill functionality - hwmon: (pwm-fan) Disable PWM if fetching cooling data fails - kernfs: fix barrier usage in __kernfs_new_node() - [x86] virt: vbox: Sanity-check parameter types for hgcm-calls coming from userspace - USB: serial: fix unthrottle races - acpi/nfit: Always dump _DSM output payload - libnvdimm/namespace: Fix a potential NULL pointer dereference - HID: input: add mapping for Expose/Overview key - HID: input: add mapping for keyboard Brightness Up/Down/Toggle keys - HID: input: add mapping for "Toggle Display" key - libnvdimm/btt: Fix a kmemdup failure check - [s390x] dasd: Fix capacity calculation for large volumes - mac80211: fix unaligned access in mesh table hash function - mac80211: Increase MAX_MSG_LEN - cfg80211: Handle WMM rules in regulatory domain intersection - mac80211: fix memory accounting with A-MSDU aggregation - nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands - libnvdimm/pmem: fix a possible OOB access when read and write pmem - [s390x] 3270: fix lockdep false positive on view->lock - drm/amd/display: extending AUX SW Timeout - mISDN: Check address length before reading address family - vxge: fix return of a free'd memblock on a failed dma mapping - qede: fix write to free'd pointer error and double free of ptp - afs: Unlock pages for __pagevec_release() - drm/amd/display: If one stream full updates, full update all planes - [s390x] pkey: add one more argument space for debug feature entry - [x86] reboot, efi: Use EFI reboot for Acer TravelMate X514-51T - [x86] KVM: fix spectrev1 gadgets - [x86] KVM: avoid misreporting level-triggered irqs as edge-triggered in tracing - tools lib traceevent: Fix missing equality check for strcmp - ipmi: ipmi_si_hardcode.c: init si_type array to fix a crash - scsi: aic7xxx: fix EISA support - mm: fix inactive list balancing between NUMA nodes and cgroups - init: initialize jump labels before command line option parsing - ipvs: do not schedule icmp errors from tunnels - netfilter: ctnetlink: don't use conntrack/expect object addresses as id - netfilter: nf_tables: prevent shift wrap in nft_chain_parse_hook() - [s390x] ctcm: fix ctcm_new_device error return code - [armhf,arm64] drm/sun4i: Set device driver data at bind time for use in unbind - [armhf,arm64] drm/sun4i: Fix component unbinding and component master deletion - netfilter: fix nf_l4proto_log_invalid to log invalid packets - [armhf] gpu: ipu-v3: dp: fix CSC handling - [armhf] drm/imx: don't skip DP channel disable for background plane - [armhf,arm64] drm/sun4i: Unbind components before releasing DRM and memory - Input: synaptics-rmi4 - fix possible double free - [arm64] RDMA/hns: Bugfix for mapping user db - mm/memory_hotplug.c: drop memory device reference after find_memory_block() - [ppc64el] smp: Fix NMI IPI timeout - [ppc64el] smp: Fix NMI IPI xmon timeout - [armhf,arm64] net: dsa: mv88e6xxx: fix few issues in mv88e6390x_port_set_cmode - mm/memory.c: fix modifying of page protection by insert_pfn() - usb: typec: Fix unchecked return value - netfilter: nf_tables: use-after-free in dynamic operations - netfilter: nf_tables: add missing ->release_ops() in error path of newrule() (Closes: #934168) - net: fec: manage ahb clock in runtime pm - net: strparser: partially revert "strparser: Call skb_unclone conditionally" - NFC: nci: Add some bounds checking in nci_hci_cmd_received() - nfc: nci: Potential off by one in ->pipes[] array - [x86] kprobes: Avoid kretprobe recursion bug - mwl8k: Fix rate_idx underflow - rtlwifi: rtl8723ae: Fix missing break in switch statement - bonding: fix arp_validate toggling in active-backup mode - bridge: Fix error path for kobject_init_and_add() - ipv4: Fix raw socket lookup for local traffic - net: dsa: Fix error cleanup path in dsa_init_module - [armhf] net: ethernet: stmmac: dwmac-sun8i: enable support of unicast filtering - [arm64] net: macb: Change interrupt and napi enable order in open - packet: Fix error path in packet_init - selinux: do not report error on connect(AF_UNSPEC) - vlan: disable SIOCSHWTSTAMP in container - vrf: sit mtu should not be updated when vrf netdev is the link - tuntap: fix dividing by zero in ebpf queue selection - tuntap: synchronize through tfiles array instead of tun->numqueues - isdn: bas_gigaset: use usb_fill_int_urb() properly - tipc: fix hanging clients using poll with EPOLLOUT flag - [ppc64el] book3s/64: check for NULL pointer in pgd_alloc() - [ppc64el] powernv/idle: Restore IAMR after idle - [x86] PCI: hv: Fix a memory leak in hv_eject_device_work() - [x86] PCI: hv: Add hv_pci_remove_slots() when we unload the driver - [x86] PCI: hv: Add pci_destroy_slot() in pci_devices_present_work(), if necessary https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.45 - locking/rwsem: Prevent decrement of reader count before increment - [x86] speculation/mds: Revert CPU buffer clear on double fault exit - [x86] speculation/mds: Improve CPU buffer clear documentation - objtool: Fix function fallthrough detection - [arm64] dts: rockchip: Disable DCMDs on RK3399's eMMC controller. - [armhf] dts: exynos: Fix interrupt for shared EINTs on Exynos5260 - [armhf] dts: exynos: Fix audio (microphone) routing on Odroid XU3 - [arm64] mmc: sdhci-of-arasan: Add DTS property to disable DCMDs. - [armhf] exynos: Fix a leaked reference by adding missing of_node_put - [armhf] power: supply: axp288_charger: Fix unchecked return value - [armhf,arm64] power: supply: axp288_fuel_gauge: Add ACEPC T8 and T11 mini PCs to the blacklist - [arm64] mmap: Ensure file offset is treated as unsigned - [arm64] arch_timer: Ensure counter register reads occur with seqlock held - [arm64] compat: Reduce address limit - [arm64] Clear OSDLR_EL1 on CPU boot - [arm64] Save and restore OSDLR_EL1 across suspend/resume - [x96] sched: Save [ER]FLAGS on context switch - crypto: salsa20 - don't access already-freed walk.iv - crypto: chacha20poly1305 - set cra_name correctly - [x86] crypto: ccp - Do not free psp_master when PLATFORM_INIT fails - [ppc64el] crypto: vmx - fix copy-paste error in CTR mode - crypto: skcipher - don't WARN on unprocessed data after slow walk step - crypto: crct10dif-generic - fix use via crypto_shash_digest() - [x86] crypto: crct10dif-pcl - fix use via crypto_shash_digest() - [arm64] crypto: gcm-aes-ce - fix no-NEON fallback code - crypto: gcm - fix incompatibility between "gcm" and "gcm_base" - [armhf,arm64] crypto: aes-neonbs - don't access already-freed walk.iv - mmc: core: Fix tag set memory leak - ALSA: line6: toneport: Fix broken usage of timer for delayed execution - ALSA: usb-audio: Fix a memory leak bug - ALSA: hda/hdmi - Read the pin sense from register when repolling - ALSA: hda/hdmi - Consider eld_valid when reporting jack event - ALSA: hda/realtek - EAPD turn on later - ALSA: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) - [armhf,arm64] ASoC: max98090: Fix restore of DAPM Muxes - ASoC: codec: hdac_hdmi add device_link to card device - [arm64] bpf: remove prefetch insn in xadd mapping - mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses - mm/hugetlb.c: don't put_page in lock of hugetlb_lock - hugetlb: use same fault hash key for shared and private mappings - ocfs2: fix ocfs2 read inode data panic in ocfs2_iget - userfaultfd: use RCU to free the task struct when fork fails - ACPI: PM: Set enable_for_wake for wakeup GPEs during suspend-to-idle - [arm64] mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values - mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write - tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 - tty/vt: fix write/write race in ioctl(KDSKBSENT) handler - jbd2: check superblock mapped prior to committing - ext4: make sanity check in mballoc more strict - ext4: ignore e_value_offs for xattrs with value-in-ea-inode - ext4: avoid drop reference to iloc.bh twice - ext4: fix use-after-free race with debug_want_extra_isize - ext4: actually request zeroing of inode table after grow - ext4: fix ext4_show_options for file systems w/o journal - btrfs: Check the first key and level for cached extent buffer - btrfs: Correctly free extent buffer in case btree_read_extent_buffer_pages fails - Btrfs: send, flush dellaloc in order to avoid data loss - Btrfs: do not start a transaction during fiemap - Btrfs: do not start a transaction at iterate_extent_inodes() - bcache: fix a race between cache register and cacheset unregister - bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim() - ipmi:ssif: compare block number correctly for multi-part return messages - crypto: ccm - fix incompatibility between "ccm" and "ccm_base" - fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount - ext4: fix data corruption caused by overlapping unaligned and aligned IO - ext4: fix use-after-free in dx_release() - ext4: avoid panic during forced reboot due to aborted journal - [x86] ALSA: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) - ALSA: hda/realtek - Fixup headphone noise via runtime suspend - [x86] ALSA: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug - jbd2: fix potential double free - [x86] KVM: Skip EFER vs. guest CPUID checks for host-initiated writes - [x86] KVM: lapic: Busy wait for timer to expire when using hv_timer - xen/pvh: set xen_domain_type to HVM in xen_pvh_init - libnvdimm/namespace: Fix label tracking error - iov_iter: optimize page_copy_sane() - pstore: Centralize init/exit routines - pstore: Allocate compression during late_initcall() - pstore: Refactor compression initialization - ext4: don't update s_rev_level if not required https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.46 - ipv6: fix src addr routing with the exception table - ipv6: prevent possible fib6 leaks - net: Always descend into dsa/ - net: avoid weird emergency message - net/mlx4_core: Change the error print to info print - net: test nouarg before dereferencing zerocopy pointers - net: usb: qmi_wwan: add Telit 0x1260 and 0x1261 compositions - nfp: flower: add rcu locks when accessing netdev for tunnels - ppp: deflate: Fix possible crash in deflate_init - rtnetlink: always put IFLA_LINK for links with a link-netnsid - tipc: switch order of device registration to fix a crash - vsock/virtio: free packets during the socket release - vsock/virtio: Initialize core virtio vsock before registering the driver - net/mlx5: Imply MLXFW in mlx5_core - net/mlx5e: Fix ethtool rxfh commands when CONFIG_MLX5_EN_RXNFC is disabled - stm class: Fix channel free in stm output free path - stm class: Fix channel bitmap on 32-bit systems - brd: re-enable __GFP_HIGHMEM in brd_insert_page() - proc: prevent changes to overridden credentials - Revert "MD: fix lock contention for flush bios" - md: batch flush requests. - md: add mddev->pers to avoid potential NULL pointer dereference - dcache: sort the freeing-without-RCU-delay mess for good. - [x86] intel_th: msu: Fix single mode with IOMMU - p54: drop device reference count if fails to enable device - of: fix clang -Wunsequenced for be32_to_cpu() - cifs: fix strcat buffer overflow and reduce raciness in smb21_set_oplock_level() - [armhf] phy: ti-pipe3: fix missing bit-wise or operator when assigning val - NFS4: Fix v4.0 client state corruption when mount - PNFS fallback to MDS if no deviceid found - [arm64] clk: hi3660: Mark clk_gate_ufs_subsys as critical - [armhf,arm64] clk: tegra: Fix PLLM programming on Tegra124+ when PMC overrides divider - [arm64] clk: rockchip: fix wrong clock definitions for rk3328 - udlfb: delete the unused parameter for dlfb_handle_damage - udlfb: fix sleeping inside spinlock - udlfb: introduce a rendering mutex - fuse: fix writepages on 32bit - fuse: honor RLIMIT_FSIZE in fuse_file_fallocate - ovl: fix missing upper fs freeze protection on copy up for ioctl - [armhf] iommu/tegra-smmu: Fix invalid ASID bits on Tegra30/114 - ceph: flush dirty inodes before proceeding with remount - [amd64] Add gap to int3 to allow for call emulation - [amd64] Allow breakpoints to emulate call instructions - [amd64] ftrace: Emulate call function while updating in breakpoint handler - tracing: Fix partial reading of trace event's id file - [armhf,arm64] memory: tegra: Fix integer overflow on tick value calculation - [x86] perf intel-pt: Fix instructions sampling rate - [x86] perf intel-pt: Fix improved sample timestamp - [x86] perf intel-pt: Fix sample timestamp wrt non-taken branches - fbdev/efifb: Ignore framebuffer memmap entries that lack any memory types - PCI: Mark AMD Stoney Radeon R7 GPU ATS as broken - PCI: Mark Atheros AR9462 to avoid bus reset - PCI: Init PCIe feature bits for managed host bridge alloc - PCI/AER: Change pci_aer_init() stub to return void - PCI: Factor out pcie_retrain_link() function - PCI: Work around Pericom PCIe-to-PCI bridge Retrain Link erratum - dm cache metadata: Fix loading discard bitset - dm zoned: Fix zone report handling - dm delay: fix a crash when invalid device is specified - dm integrity: correctly calculate the size of metadata area - dm mpath: always free attached_handler_name in parse_path() - fuse: Add FOPEN_STREAM to use stream_open() - xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - xfrm6_tunnel: Fix potential panic when unloading xfrm6_tunnel module - vti4: ipip tunnel deregistration fixes. - xfrm: clean up xfrm protocol checks - esp4: add length check for UDP encapsulation - xfrm: Honor original L3 slave device in xfrmi policy lookup - xfrm4: Fix uninitialized memory read in _decode_session4 - [armhf,arm64] clk: sunxi-ng: nkmp: Avoid GENMASK(-1, 0) - securityfs: fix use-after-free on symlink traversal - apparmorfs: fix use-after-free on symlink traversal - PCI: Fix issue with "pci=disable_acs_redir" parameter being ignored - [x86] kvm: hyper-v: deal with buggy TLB flush requests from WS2012 - mac80211: Fix kernel panic due to use of txq after free - net: ieee802154: fix missing checks for regmap_update_bits - [armhf,arm64] KVM: Ensure vcpu target is unset on reset failure - bpf: Fix preempt_enable_no_resched() abuse - qmi_wwan: new Wistron, ZTE and D-Link devices - iwlwifi: mvm: check for length correctness in iwl_mvm_create_skb() - sched/cpufreq: Fix kobject memleak - [x86] mm/mem_encrypt: Disable all instrumentation for early SME setup - ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour - perf bench numa: Add define for RUSAGE_THREAD if not present - [x86] perf/intel: Fix race in intel_pmu_disable_event() - md/raid: raid5 preserve the writeback action after the parity check - driver core: Postpone DMA tear-down until after devres release for probe failure - bpf: relax inode permission check for retrieving bpf program - bpf: add map_lookup_elem_sys_only for lookups from syscall side - bpf, lru: avoid messing with eviction heuristics upon syscall lookup https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.47 - [x86] Hide the int3_emulate_call/jmp functions from UML - ext4: do not delete unlinked inode from orphan list on failed truncate - ext4: wait for outstanding dio during truncate in nojournal mode - f2fs: Fix use of number of devices - [x86] KVM: fix return value for reserved EFER - bio: fix improper use of smp_mb__before_atomic() - sbitmap: fix improper use of smp_mb__before_atomic() - Revert "scsi: sd: Keep disk read-only when re-reading partition" - [ppc64el] crypto: vmx - CTR: always increment IV as quadword - [arm*] mmc: sdhci-iproc: cygnus: Set NO_HISPD bit to fix HS50 data hold time problem - [arm*] mmc: sdhci-iproc: Set NO_HISPD bit to fix HS50 data hold time problem - [x86] kvm: svm/avic: fix off-by-one in checking host APIC ID - libnvdimm/pmem: Bypass CONFIG_HARDENED_USERCOPY overhead - [arm64] kernel: kaslr: reduce module randomization range to 2 GB - [arm64] iommu: handle non-remapped addresses in ->mmap and ->get_sgtable - gfs2: Fix sign extension bug in gfs2_update_stats - btrfs: don't double unlock on error in btrfs_punch_hole - Btrfs: do not abort transaction at btrfs_update_root() after failure to COW path - Btrfs: avoid fallback to transaction commit during fsync of files with holes - Btrfs: fix race between ranged fsync and writeback of adjacent ranges - btrfs: sysfs: Fix error path kobject memory leak - btrfs: sysfs: don't leak memory when failing add fsid - udlfb: fix some inconsistent NULL checking - fbdev: fix divide error in fb_var_to_videomode - NFSv4.2 fix unnecessary retry in nfs4_copy_file_range - NFSv4.1 fix incorrect return value in copy_file_range - bpf: add bpf_jit_limit knob to restrict unpriv allocations - [arm64] errata: Add workaround for Cortex-A76 erratum #1463225 - btrfs: honor path->skip_locking in backref code - ovl: relax WARN_ON() for overlapping layers use case - fbdev: fix WARNING in __alloc_pages_nodemask bug - media: cpia2: Fix use-after-free in cpia2_exit - media: serial_ir: Fix use-after-free in serial_ir_init_module - media: vb2: add waiting_in_dqbuf flag - media: vivid: use vfree() instead of kfree() for dev->bitmap_cap - ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit - bpf: devmap: fix use-after-free Read in __dev_map_entry_free - batman-adv: mcast: fix multicast tt/tvlv worker locking - at76c50x-usb: Don't register led_trigger if usb_register_driver failed - acct_on(): don't mess with freeze protection - gfs2: Fix lru_count going negative - cxgb4: Fix error path in cxgb4_init_module - NFS: make nfs_match_client killable - IB/hfi1: Fix WQ_MEM_RECLAIM warning - gfs2: Fix occasional glock use-after-free - mmc: core: Verify SD bus width - [arm64] dmaengine: tegra210-dma: free dma controller in remove() - net: ena: gcc 8: fix compilation warning - [x86] hv_netvsc: fix race that may miss tx queue wakeup - Bluetooth: Ignore CC events not matching the last HCI command - [x86] ASoC: Intel: kbl_da7219_max98357a: Map BTN_0 to KEY_PLAYPAUSE - [armhf,arm64] usb: dwc2: gadget: Increase descriptors count for ISOC's - [armhf,arm64] usb: dwc3: move synchronize_irq() out of the spinlock protected block - ASoC: hdmi-codec: unlock the device on startup errors - [ppc64el] perf: Return accordingly on invalid chip-id in - [ppc64el] boot: Fix missing check of lseek() return value - [ppc64el] perf: Fix loop exit condition in nest_imc_event_init - [armhf] ASoC: imx: fix fiq dependencies - [amd64] spi: pxa2xx: fix SCR (divisor) calculation - brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() - ACPI / property: fix handling of data_nodes in acpi_get_next_subnode() - drm/nouveau/bar/nv50: ensure BAR is mapped - [armel,armhf] vdso: Remove dependency with the arch_timer driver internals - [ppc64el] watchdog: Use hrtimers for per-CPU heartbeat - sched/cpufreq: Fix kobject memleak - scsi: qla2xxx: Fix a qla24xx_enable_msix() error path - scsi: qla2xxx: Fix abort handling in tcm_qla2xxx_write_pending() - scsi: qla2xxx: Avoid that lockdep complains about unsafe locking in tcm_qla2xxx_close_session() - scsi: qla2xxx: Fix hardirq-unsafe locking - [x86] modules: Avoid breaking W^X while loading modules - Btrfs: fix data bytes_may_use underflow with fallocate due to failed quota reserve - btrfs: fix panic during relocation after ENOSPC before writeback happens - btrfs: Don't panic when we can't find a root key - iwlwifi: pcie: don't crash on invalid RX interrupt - scsi: qedi: Abort ep termination if offload not scheduled - [s390x] kexec_file: Fix detection of text segment in ELF loader - sched/nohz: Run NOHZ idle load balancer on HK_FLAG_MISC CPUs - w1: fix the resume command API - [s390x] qeth: address type mismatch warning - [armhf,arm64] dmaengine: pl330: _stop: clear interrupt status - mac80211/cfg80211: update bss channel on channel switch - mwifiex: prevent an array overflow - rsi: Fix NULL pointer dereference in kmalloc - nvme: set 0 capacity if namespace block size exceeds PAGE_SIZE - nvme-rdma: fix a NULL deref when an admin connect times out - [armhf,arm64] crypto: sun4i-ss - Fix invalid calculation of hash end - bcache: avoid potential memleak of list of journal_replay(s) in the CACHE_SYNC branch of run_cache_set - bcache: return error immediately in bch_journal_replay() - bcache: fix failure in journal relplay - bcache: add failure check to run_cache_set() for journal replay - bcache: avoid clang -Wunintialized warning - RDMA/cma: Consider scope_id while binding to ipv6 ll address - vfio-ccw: Do not call flush_workqueue while holding the spinlock - vfio-ccw: Release any channel program when releasing/removing vfio-ccw mdev - [x86] mm: Remove in_nmi() warning from 64-bit implementation of vmalloc_fault() - mm/uaccess: Use 'unsigned long' to placate UBSAN warnings on older GCC versions - Bluetooth: hci_qca: Give enough time to ROME controller to bootup. - HID: logitech-hidpp: use RAP instead of FAP to get the protocol version - [armhf] pinctrl: samsung: fix leaked of_node references - [armhf] clk: rockchip: undo several noc and special clocks as critical on rk3288 - [arm64] perf/arm-cci: Remove broken race mitigation - media: au0828: stop video streaming only when last user stops - audit: fix a memory leak bug - media: au0828: Fix NULL pointer dereference in au0828_analog_stream_enable() - media: pvrusb2: Prevent a buffer overflow - block: fix use-after-free on gendisk - [ppc64el] numa: improve control of topology updates - [ppc64el] Fix booting large kernels with STRICT_KERNEL_RWX - random: fix CRNG initialization when random.trust_cpu=1 - random: add a spinlock_t to struct batched_entropy - cgroup: protect cgroup->nr_(dying_)descendants by css_set_lock - sched/core: Check quota and period overflow at usec to nsec conversion - sched/rt: Check integer overflow at usec to nsec conversion - sched/core: Handle overflow in cpu_shares_write_u64 - [arm*] staging: vc04_services: handle kzalloc failure - [arm64] drm/msm: a5xx: fix possible object reference leak - irq_work: Do not raise an IPI when queueing work on the local CPU - [x86] thunderbolt: Take domain lock in switch sysfs attribute callbacks - [s390x] qeth: handle error from qeth_update_from_chp_desc() - USB: core: Don't unbind interfaces following device reset failure - [amd64] irq: Limit IST stack overflow check to #DB stack - [armhf] drm: etnaviv: avoid DMA API warning when importing buffers - [armhf,arm64] phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode - i40e: Able to add up to 16 MAC filters on an untrusted VF - i40e: don't allow changes to HW VLAN stripping on active port VLANs - ACPI/IORT: Reject platform device creation on NUMA node mapping failure - [arm64] vdso: Fix clock_getres() for CLOCK_REALTIME - RDMA/cxgb4: Fix null pointer dereference on alloc_skb failure - [x86] perf/msr: Add Icelake support - [x86] perf/intel/rapl: Add Icelake support - [x86] perf/intel/cstate: Add Icelake support - hwmon: (vt1211) Use request_muxed_region for Super-IO accesses - hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses - hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses - hwmon: (pc87427) Use request_muxed_region for Super-IO accesses - hwmon: (f71805f) Use request_muxed_region for Super-IO accesses - scsi: libsas: Do discovery on empty PHY to update PHY info - mmc: core: make pwrseq_emmc (partially) support sleepy GPIO controllers - [armhf,arm64] mmc_spi: add a status check for spi_sync_locked - drm/amdgpu: fix old fence check in amdgpu_fence_emit - PM / core: Propagate dev->power.wakeup_path when no callbacks - [armhf] clk: rockchip: Fix video codec clocks on rk3288 - [armhf] clk: rockchip: Make rkpwm a critical clock on rk3288 - [s390x] zcrypt: initialize variables before_use - [x86] microcode: Fix the ancient deprecated microcode loading method - [s390x] mm: silence compiler warning when compiling without CONFIG_PGSTE - [s390x] cio: fix cio_irb declaration - qmi_wwan: Add quirk for Quectel dynamic config - block: sed-opal: fix IOC_OPAL_ENABLE_DISABLE_MBR - rtlwifi: fix a potential NULL pointer dereference - mwifiex: Fix mem leak in mwifiex_tm_cmd - brcmfmac: fix missing checks for kmemdup - b43: shut up clang -Wuninitialized variable warning - brcmfmac: convert dev_init_lock mutex to completion - brcmfmac: fix WARNING during USB disconnect in case of unempty psq - brcmfmac: fix race during disconnect when USB completion is in progress - brcmfmac: fix Oops when bringing up interface during USB disconnect - [arm64] rtc: xgene: fix possible race condition - rtlwifi: fix potential NULL pointer dereference - scsi: ufs: Fix regulator load and icc-level configuration - scsi: ufs: Avoid configuring regulator with undefined voltage range - [arm64] cpu_ops: fix a leaked reference by adding missing of_node_put - wil6210: fix return code of wmi_mgmt_tx and wmi_mgmt_tx_ext - [x86] uaccess, signal: Fix AC=1 bloat - [amd64] ia32: Fix ia32_restore_sigcontext() AC leak - [x86] uaccess: Fix up the fixup - chardev: add additional check for minor range overlap - [arm64] RDMA/hns: Fix bad endianess of port_pd variable - HID: core: move Usage Page concatenation to Main item - [armhf] ASoC: eukrea-tlv320: fix a leaked reference by adding missing of_node_put - cxgb3/l2t: Fix undefined behaviour - HID: logitech-hidpp: change low battery level threshold from 31 to 30 percent - [armhf] spi: tegra114: reset controller on probe - kobject: Don't trigger kobject_uevent(KOBJ_REMOVE) twice. - [armhf] media: wl128x: prevent two potential buffer overflows - media: gspca: Kill URBs on USB device disconnect - efifb: Omit memory map check on legacy boot - [x86] thunderbolt: property: Fix a missing check of kzalloc - [x86] thunderbolt: Fix to check the return value of kmemdup - timekeeping: Force upper bound for setting CLOCK_REALTIME - scsi: qedf: Add missing return in qedf_post_io_req() in the fcport offload check - virtio_console: initialize vtermno value for ports - tty: ipwireless: fix missing checks for ioremap - overflow: Fix -Wtype-limits compilation warnings - [x86] mce: Fix machine_check_poll() tests for error types - rcutorture: Fix cleanup path for invalid torture_type strings - [x86] mce: Handle varying MCA bank counts - rcuperf: Fix cleanup path for invalid perf_type strings - usb: core: Add PM runtime calls to usb_hcd_platform_shutdown - scsi: qla4xxx: avoid freeing unallocated dma memory - scsi: lpfc: avoid uninitialized variable warning - selinux: avoid uninitialized variable warning - batman-adv: allow updating DAT entry timeouts on incoming ARP Replies - dmaengine: tegra210-adma: use devm_clk_*() helpers - [armhf] hwrng: omap - Set default quality - [x86] thunderbolt: Fix to check return value of ida_simple_get - [x86] thunderbolt: Fix to check for kmemdup failure - drm/amd/display: fix releasing planes when exiting odm - [x86] thunderbolt: property: Fix a NULL pointer dereference - e1000e: Disable runtime PM on CNP+ - igb: Exclude device from suspend direct complete optimization - media: dvbsky: Avoid leaking dvb frontend - drm/amd/display: Fix Divide by 0 in memory calculations - drm/amd/display: Set stream->mode_changed when connectors change - scsi: ufs: fix a missing check of devm_reset_control_get - media: gspca: do not resubmit URBs when streaming has stopped - media: go7007: avoid clang frame overflow warning with KASAN - scsi: lpfc: Fix FDMI manufacturer attribute value - scsi: lpfc: Fix fc4type information for FDMI - media: saa7146: avoid high stack usage with clang - scsi: lpfc: Fix SLI3 commands being issued on SLI4 devices - [i386] spi : spi-topcliff-pch: Fix to handle empty DMA buffers - [armhf] drm/omap: dsi: Fix PM for display blank with paired dss_pll calls - [armhf] spi: imx: stop buffer overflow in RX FIFO flush - spi: Fix zero length xfer bug - [armhf] ASoC: davinci-mcasp: Fix clang warning without CONFIG_PM - drm/drv: Hold ref on parent device during drm_device lifetime - drm: Wake up next in drm_read() chain if we are forced to putback the event - [s390x] vfio-ccw: Prevent quiesce function going into an infinite loop - NFS: Fix a double unlock from nfs_match,get_client https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.48 - bonding/802.3ad: fix slave link initialization transition states - cxgb4: offload VLAN flows regardless of VLAN ethtype - ipv4/igmp: fix another memory leak in igmpv3_del_delrec() - ipv4/igmp: fix build error if !CONFIG_IP_MULTICAST - ipv6: Consider sk_bound_dev_if when binding a raw socket to an address - ipv6: Fix redirect with VRF - llc: fix skb leak in llc_build_and_send_ui_pkt() - [armhf,arm64] net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT - net-gro: fix use-after-free read in napi_gro_frags() - [armhf,arm64] net: mvneta: Fix err code path of probe - [armhf,arm64] net: mvpp2: fix bad MVPP2_TXQ_SCHED_TOKEN_CNTR_REG queue value - net: phy: marvell10g: report if the PHY fails to boot firmware - net: sched: don't use tc_action->order during action dump - [armhf,arm64] net: stmmac: fix reset gpio free missing - usbnet: fix kernel crash after disconnect - net/mlx5: Avoid double free in fs init error unwinding path - tipc: Avoid copying bytes beyond the supplied data - net/mlx5: Allocate root ns memory using kzalloc to match kfree - net/mlx5e: Disable rxhash when CQE compress is enabled - [armhf,arm64] net: stmmac: dma channel control register need to be init first - bnxt_en: Fix aggregation buffer leak under OOM condition. - [ppc64el] crypto: vmx - ghash: do nosimd fallback manually - include/linux/compiler*.h: define asm_volatile_goto - compiler.h: give up __compiletime_assert_fallback() - jump_label: move 'asm goto' support test to Kconfig - tipc: fix modprobe tipc failed after switch order of device registration https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.49 - include/linux/bitops.h: sanitize rotate primitives - xhci: update bounce buffer with correct sg num - xhci: Use %zu for printing size_t type - xhci: Convert xhci_handshake() to use readl_poll_timeout_atomic() - usb: xhci: avoid null pointer deref when bos field is NULL - usbip: usbip_host: fix BUG: sleeping function called from invalid context - usbip: usbip_host: fix stub_dev lock context imbalance regression - USB: Fix slab-out-of-bounds write in usb_get_bos_descriptor - USB: sisusbvga: fix oops in error path of sisusb_probe - USB: Add LPM quirk for Surface Dock GigE adapter - USB: rio500: refuse more than one device at a time - USB: rio500: fix memory leak in close after disconnect - media: usb: siano: Fix general protection fault in smsusb - media: usb: siano: Fix false-positive "uninitialized variable" warning - media: smsusb: better handle optional alignment - brcmfmac: fix NULL pointer derefence during USB disconnect - [s390x] scsi: zfcp: fix missing zfcp_port reference put on -EBUSY from port_remove - [s390x] scsi: zfcp: fix to prevent port_remove with pure auto scan LUNs (only sdevs) - tracing: Avoid memory leak in predicate_parse() - Btrfs: fix wrong ctime and mtime of a directory after log replay - Btrfs: fix race updating log root item during fsync - Btrfs: fix fsync not persisting changed attributes of a directory - Btrfs: incremental send, fix file corruption when no-holes feature is enabled - [s390x] crypto: fix gcm-aes-s390 selftest failures - [s390x] crypto: fix possible sleep during spinlock aquired - [ppc64el] KVM: Book3S HV: XIVE: Do not clear IRQ data of passthrough interrupts - [ppc64el] perf: Fix MMCRA corruption by bhrb_filter - ALSA: line6: Assure canceling delayed work at disconnection - ALSA: hda/realtek - Set default power save node to 0 - [s390x] KVM: Do not report unusabled IDs via KVM_CAP_MAX_VCPU_ID - drm/nouveau/i2c: Disable i2c bus access after ->fini() - [arm64] tty: serial: msm_serial: Fix XON/XOFF - memcg: make it work on sparse non-0-node systems - kernel/signal.c: trace_signal_deliver when signal_group_exit - [arm64] Fix the arm64_personality() syscall wrapper redirection - vt/fbcon: deinitialize resources in visual_init() after failed memory allocation - [arm*] staging: vc04_services: prevent integer overflow in create_pagelist() - [x86] staging: wlan-ng: fix adapter initialization failure - cifs: fix memory leak of pneg_inbuf on -EOPNOTSUPP ioctl case - CIFS: cifs_read_allocate_pages: don't iterate through whole page array on ENOMEM - Revert "lockd: Show pid of lockd for remote locks" - [armhf,arm64] drm/tegra: gem: Fix CPU-cache maintenance for BO's allocated using get_pages() - [x86] drm/vmwgfx: Don't send drm sysfs hotplug events on initial master set - [armhf,arm64] drm/sun4i: Fix sun8i HDMI PHY clock initialization - [armhf,arm64] drm/sun4i: Fix sun8i HDMI PHY configuration for > 148.5 MHz - [armhf,arm64] drm/rockchip: shutdown drm subsystem on shutdown - drm/lease: Make sure implicit planes are leased - [x86] ftrace: Do not call function graph from dynamic trampolines - [x86] ftrace: Set trampoline pages as executable - [x86] kprobes: Set instruction page as executable - scsi: lpfc: Fix backport of faf5a744f4f8 ("scsi: lpfc: avoid uninitialized variable warning") - media: uvcvideo: Fix uvc_alloc_entity() allocation alignment https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.50 - ethtool: fix potential userspace buffer overflow - Fix memory leak in sctp_process_init - ipv4: not do cache for local delivery if bc_forwarding is enabled - ipv6: fix the check before getting the cookie in rt6_get_cookie - neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit - [armhf] net: ethernet: ti: cpsw_ethtool: fix ethtool ring param set - net/mlx4_en: ethtool, Remove unsupported SFP EEPROM high pages query - [armhf,arm64] net: mvpp2: Use strscpy to handle stat strings - net: rds: fix memory leak in rds_ib_flush_mr_pool - net: sfp: read eeprom in maximum 16 byte increments - packet: unconditionally free po->rollover - pktgen: do not sleep with the thread lock held. - ipv6: use READ_ONCE() for inet->hdrincl as in ipv4 - ipv6: fix EFAULT on sendto with icmpv6 and hdrincl - rcu: locking and unlocking need to always be at least barriers - NFSv4.1: Again fix a race where CB_NOTIFY_LOCK fails to wake a waiter - NFSv4.1: Fix bug only first CB_NOTIFY_LOCK is handled - fuse: fallocate: fix return with locked inode - pstore: Remove needless lock during console writes - pstore: Convert buf_lock to semaphore - pstore: Set tfm to NULL on free_buf_for_compression - pstore/ram: Run without kernel crash dump region - [x86] power: Fix 'nosmt' vs hibernation triple fault during resume - [s390x] mm: fix address space detection in exception handling - xen-blkfront: switch kcalloc to kvcalloc for large array allocation - [ppc64el] genwqe: Prevent an integer overflow in the ioctl - test_firmware: Use correct snprintf() limit - [x86] drm/gma500/cdv: Check vbt config bits when detecting lvds panels - [arm64] drm/msm: fix fb references in async update - drm: add non-desktop quirk for Valve HMDs - drm: add non-desktop quirks to Sensics and OSVR headsets. - drm/amdgpu/psp: move psp version specific function pointers to early_init - drm/radeon: prefer lower reference dividers - drm/amdgpu: remove ATPX_DGPU_REQ_POWER_FOR_DISPLAYS check when hotplug-in - [x86] drm/i915: Fix I915_EXEC_RING_MASK - [x86] drm/i915/fbc: disable framebuffer compression on GeminiLake - [x86] drm/i915: Maintain consistent documentation subsection ordering - drm: don't block fb changes for async plane updates - [x86] drm/i915/gvt: Initialize intel_gvt_gtt_entry in stack - TTY: serial_core, add ->install - ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled - ethtool: check the return value of get_regs_len https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.51 - fs/fat/file.c: issue flush after the writeback of FAT - sysctl: return -EINVAL if val violates minmax - ipc: prevent lockup on alloc_msg and free_msg - [armhf] prevent tracing IPI_CPU_BACKTRACE - hugetlbfs: on restore reserve error path retain subpool reservation - mem-hotplug: fix node spanned pages when we have a node with only ZONE_MOVABLE - mm/cma.c: fix crash on CMA allocation if bitmap allocation fails - initramfs: free initrd memory if opening /initrd.image fails - mm/cma.c: fix the bitmap status to show failed allocation reason - mm: page_mkclean vs MADV_DONTNEED race - mm/cma_debug.c: fix the break condition in cma_maxchunk_get() - mm/slab.c: fix an infinite loop in leaks_show() - kernel/sys.c: prctl: fix false positive in validate_prctl_map() - drivers: thermal: tsens: Don't print error message on -EPROBE_DEFER - [x86] mfd: intel-lpss: Set the device in reset state when init - drm/nouveau/disp/dp: respect sink limits when selecting failsafe link configuration - [armhf] mfd: twl6040: Fix device init errors for ACCCTL register - [x86] perf/intel: Allow PEBS multi-entry in watermark mode - drm/nouveau/kms/gf119-gp10x: push HeadSetControlOutputResource() mthd when encoders change - [arm64] drm/bridge: adv7511: Fix low refresh rate selection - objtool: Don't use ignore flag for fake jumps - drm/nouveau/kms/gv100-: fix spurious window immediate interlocks - bpf: fix undefined behavior in narrow load handling - [arm64] pwm: meson: Use the spin-lock only to protect register modifications - ntp: Allow TAI-UTC offset to be set to zero - f2fs: fix to avoid panic in do_recover_data() - f2fs: fix to avoid panic in f2fs_inplace_write_data() - f2fs: fix to avoid panic in f2fs_remove_inode_page() - f2fs: fix to do sanity check on free nid - f2fs: fix to clear dirty inode in error path of f2fs_iget() - f2fs: fix to avoid panic in dec_valid_block_count() - f2fs: fix to use inline space only if inline_xattr is enable - f2fs: fix to do sanity check on valid block count of segment - f2fs: fix to do checksum even if inode page is uptodate - percpu: remove spurious lock dependency between percpu and sched - configfs: fix possible use-after-free in configfs_register_group - [armhf,arm64] PCI: dwc: Free MSI in dw_pcie_host_init() error path - [armhf,arm64] PCI: dwc: Free MSI IRQ page in dw_pcie_free_msi() - ovl: do not generate duplicate fsnotify events for "fake" path - mmc: mmci: Prevent polling for busy detection in IRQ context - netfilter: nf_flow_table: fix missing error check for rhashtable_insert_fast - netfilter: nf_conntrack_h323: restore boundary check correctness - [mips*] Make sure dt memory regions are valid - netfilter: nf_tables: fix base chain stat rcu_dereference usage - [armhf] watchdog: imx2_wdt: Fix set_timeout for big timeout values - watchdog: fix compile time error of pretimeout governors - blk-mq: move cancel of requeue_work into blk_mq_release - [x86] iommu/vt-d: Set intel_iommu_gfx_mapped correctly - nvme-pci: unquiesce admin queue on shutdown - nvme-pci: shutdown on timeout during deletion - netfilter: nf_flow_table: check ttl value in flow offload data path - netfilter: nf_flow_table: fix netdev refcnt leak - ALSA: hda - Register irq handler after the chip initialization - nvmem: core: fix read buffer in place - [armhf,arm64] nvmem: sunxi_sid: Support SID on A83T and H5 - fuse: retrieve: cap requested size to negotiated max_write - nfsd: allow fh_want_write to be called twice - nfsd: avoid uninitialized variable warning - vfio: Fix WARNING "do not call blocking ops when !TASK_RUNNING" - [armhf,arm64] iommu/arm-smmu-v3: Don't disable SMMU in kdump kernel - [x86] net: thunderbolt: Unregister ThunderboltIP protocol handler when suspending - [x86] PCI: Fix PCI IRQ routing table memory leak - i40e: Queues are reserved despite "Invalid argument" error - platform/chrome: cros_ec_proto: check for NULL transfer function - [armhf] clk: rockchip: Turn on "aclk_dmac1" for suspend on rk3288 - [armhf] soc: rockchip: Set the proper PWM for rk3288 - [armhf] dts: imx51: Specify IMX5_CLK_IPG as "ahb" clock to SDMA - [armhf] dts: imx50: Specify IMX5_CLK_IPG as "ahb" clock to SDMA - [armhf] dts: imx53: Specify IMX5_CLK_IPG as "ahb" clock to SDMA - [armhf] dts: imx6sx: Specify IMX6SX_CLK_IPG as "ahb" clock to SDMA - [armhf] dts: imx6sll: Specify IMX6SLL_CLK_IPG as "ipg" clock to SDMA - [armhf] dts: imx6ul: Specify IMX6UL_CLK_IPG as "ipg" clock to SDMA - [armhf] dts: imx6sx: Specify IMX6SX_CLK_IPG as "ipg" clock to SDMA - [armhf] dts: imx6qdl: Specify IMX6QDL_CLK_IPG as "ipg" clock to SDMA - [ppc64el] PCI: rpadlpar: Fix leaked device_node references in add/remove paths - drm/amd/display: Use plane->color_space for dpp if specified - [armhf] OMAP2+: pm33xx-core: Do not Turn OFF CEFUSE as PPA may be using it - [x86] platform: intel_pmc_ipc: adding error handling - [arm64] net: hns3: return 0 and print warning when hit duplicate MAC - scsi: qla2xxx: Reset the FCF_ASYNC_{SENT|ACTIVE} flags - [x86] video: hgafb: fix potential NULL pointer dereference - block, bfq: increase idling for weight-raised queues - [arm64] PCI: xilinx: Check for __get_free_pages() failure - ice: Add missing case in print_link_msg for printing flow control - [x86] dmaengine: idma64: Use actual device for DMA transfers - [armhf] pwm: tiehrpwm: Update shadow register for disabling PWMs - [armhf] dts: exynos: Always enable necessary APIO_1V8 and ABB_1V8 regulators on Arndale Octa - pwm: Fix deadlock warning when removing PWM device - [armhf] exynos: Fix undefined instruction during Exynos5422 resume - [x86] usb: typec: fusb302: Check vconn is off when we start toggling - soc: renesas: Identify R-Car M3-W ES1.3 - percpu: do not search past bitmap when allocating an area - ovl: check the capability before cred overridden - ovl: support stacked SEEK_HOLE/SEEK_DATA - [arm*] drm/vc4: fix fb references in async update - ALSA: seq: Cover unsubscribe_port() in list_mutex https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.52 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.53 - drm/nouveau: add kconfig option to turn off nouveau legacy contexts. (v3) - nouveau: Fix build with CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT disabled - HID: multitouch: handle faulty Elo touch device - HID: wacom: Don't set tool type until we're in range - HID: wacom: Don't report anything prior to the tool entering range - HID: wacom: Send BTN_TOUCH in response to INTUOSP2_BT eraser contact - HID: wacom: Correct button numbering 2nd-gen Intuos Pro over Bluetooth - HID: wacom: Sync INTUOSP2_BT touch state after each frame if necessary - ALSA: oxfw: allow PCM capture for Stanton SCS.1m - ALSA: hda/realtek - Update headset mode for ALC256 - ALSA: firewire-motu: fix destruction of data for isochronous resources - libata: Extend quirks for the ST1000LM024 drives with NOLPM quirk - mm/list_lru.c: fix memory leak in __memcg_init_list_lru_node - fs/ocfs2: fix race in ocfs2_dentry_attach_lock() - mm/vmscan.c: fix trying to reclaim unevictable LRU page - signal/ptrace: Don't leak unitialized kernel memory with PTRACE_PEEK_SIGINFO - ptrace: restore smp_rmb() in __ptrace_may_access() - [armhf,arm64] iommu/arm-smmu: Avoid constant zero in TLBI writes - bcache: fix stack corruption by PRECEDING_KEY() - bcache: only set BCACHE_DEV_WB_RUNNING when cached device attached - cgroup: Use css_tryget() instead of css_tryget_online() in task_get_css() - [x86] drm/i915/sdvo: Implement proper HDMI audio support for SDVO - ALSA: seq: Fix race of get-subscription call vs port-delete ioctls - Drivers: misc: fix out-of-bounds access in function param_set_kgdbts_var - f2fs: fix to avoid accessing xattr across the boundary - scsi: qedi: remove memset/memcpy to nfunc and use func instead (CVE-2019-15090) - scsi: qedi: remove set but not used variables 'cdev' and 'udev' - scsi: lpfc: correct rcu unlock issue in lpfc_nvme_info_show - scsi: lpfc: add check for loss of ndlp when sending RRQ - [arm64] mm: Inhibit huge-vmap with ptdump - nvme: fix srcu locking on error return in nvme_get_ns_from_disk - nvme: remove the ifdef around nvme_nvm_ioctl - nvme: merge nvme_ns_ioctl into nvme_ioctl - nvme: release namespace SRCU protection before performing controller ioctls - nvme: fix memory leak for power latency tolerance - [x86] platform: pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI table - [x86] platform: pmc_atom: Add several Beckhoff Automation boards to critclk_systems DMI table - scsi: bnx2fc: fix incorrect cast to u64 on shift operation - libnvdimm: Fix compilation warnings with W=1 - tracing: Prevent hist_field_var_ref() from accessing NULL tracing_map_elts - usbnet: ipheth: fix racing condition - [armhf,arm64] KVM: Move cc/it checks under hyp's Makefile to avoid instrumentation - [x86] KVM: pmu: mask the result of rdpmc according to the width of the counters - [x86] KVM: pmu: do not mask the value that is written to fixed PMUs - [s390x] KVM: fix memory slot handling for KVM_SET_USER_MEMORY_REGION - [x86] drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an invalid read - [x86] drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() - [armhf,arm64] usb: dwc2: Fix DMA cache alignment issues - [armhf,arm64] usb: dwc2: host: Fix wMaxPacketSize handling (fix webcam regression) - USB: Fix chipmunk-like voice when using Logitech C270 for recording audio. - USB: usb-storage: Add new ID to ums-realtek - USB: serial: pl2303: add Allied Telesis VT-Kit3 - USB: serial: option: add support for Simcom SIM7500/SIM7600 RNDIS mode - USB: serial: option: add Telit 0x1260 and 0x1261 compositions - timekeeping: Repair ktime_get_coarse*() granularity - [x86] microcode, cpuhotplug: Add a microcode loader CPU hotplug callback - [x86] mm/KASLR: Compute the size of the vmemmap section properly - [x86] resctrl: Prevent NULL pointer dereference when local MBM is disabled - drm/edid: abstract override/firmware EDID retrieval - drm: add fallback override/firmware EDID modes workaround - [armhf] rtc: pcf8523: don't return invalid date when battery is low https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.54 - ax25: fix inconsistent lock state in ax25_destroy_timer - be2net: Fix number of Rx queues used for flow hashing - [x86] hv_netvsc: Set probe mode to sync - ipv6: flowlabel: fl6_sock_lookup() must use atomic_inc_not_zero - lapb: fixed leak of control-blocks. - neigh: fix use-after-free read in pneigh_get_next - net: openvswitch: do not free vport if register_netdevice() is failed. - sctp: Free cookie before we memdup a new one - tipc: purge deferredq list for each grp member in tipc_group_delete - vsock/virtio: set SOCK_DONE on peer shutdown - net/mlx5: Avoid reloading already removed devices - [armhf,arm64] net: mvpp2: prs: Fix parser range for VID filtering - [armhf,arm64] net: mvpp2: prs: Use the correct helpers when removing all VID filters - [arm*] Staging: vc04_services: Fix a couple error codes - [x86] perf/intel/ds: Fix EVENT vs. UEVENT PEBS constraints - netfilter: nf_queue: fix reinject verdict handling - ipvs: Fix use-after-free in ip_vs_in - [armhf] clk: ti: clkctrl: Fix clkdm_clk handling - [ppc64el] powernv: Return for invalid IMC domain - usb: xhci: Fix a potential null pointer dereference in xhci_debugfs_create_endpoint() - mISDN: make sure device name is NUL terminated - [x86] CPU/AMD: Don't force the CPB cap when running under a hypervisor - perf/ring_buffer: Fix exposing a temporarily decreased data_head - perf/ring_buffer: Add ordering to rb->nest increment - perf/ring-buffer: Always use {READ,WRITE}_ONCE() for rb->user_page data - [armhf,arm64] net: stmmac: update rx tail pointer register to fix rx dma hang issue. - ACPI/PCI: PM: Add missing wakeup.flags.valid checks - [armhf] drm/etnaviv: lock MMU while dumping core - net: aquantia: tx clean budget logic error - net: aquantia: fix LRO with FCS error - i2c: dev: fix potential memory leak in i2cdev_ioctl_rdwr - ALSA: hda - Force polling mode on CNL for fixing codec communication - configfs: Fix use-after-free when accessing sd->s_dentry - perf data: Fix 'strncat may truncate' build failure with recent gcc - perf namespace: Protect reading thread's namespace - [s390x] perf record: Fix s390 missing module symbol and warning for non-root users - xenbus: Avoid deadlock during suspend due to open transactions - [ppc64el] KVM: Book3S: Use new mutex to synchronize access to rtas token list - [ppc64el] KVM: Book3S HV: Don't take kvm->lock around kvm_for_each_vcpu - [arm64] fix syscall_fn_t type - [arm64] use the correct function type in SYSCALL_DEFINE0 - [arm64] use the correct function type for __arm64_sys_ni_syscall - net: phylink: ensure consistent phy interface mode - net: phy: dp83867: Set up RGMII TX delay - scsi: libcxgbi: add a check for NULL pointer in cxgbi_check_route() - scsi: smartpqi: properly set both the DMA mask and the coherent DMA mask - scsi: scsi_dh_alua: Fix possible null-ptr-deref - scsi: libsas: delete sas port if expander discover failed - ocfs2: fix error path kobject memory leak - coredump: fix race condition between collapse_huge_page() and core dumping - Abort file_remove_privs() for non-reg. files https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.55 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.56 - tracing: Silence GCC 9 array bounds warning - objtool: Support per-function rodata sections - ovl: support the FS_IOC_FS[SG]ETXATTR ioctls - ovl: fix wrong flags check in FS_IOC_FS[SG]ETXATTR ioctls - ovl: make i_ino consistent with st_ino in more cases - ovl: detect overlapping layers - ovl: don't fail with disconnected lower NFS - ovl: fix bogus -Wmaybe-unitialized warning - [s390x] jump_label: Use "jdd" constraint on gcc9 - [s390x] ap: rework assembler functions to use unions for in/out register variables - mmc: sdhci: sdhci-pci-o2micro: Correctly set bus width when tuning - mmc: core: API to temporarily disable retuning for SDIO CRC errors - mmc: core: Add sdio_retune_hold_now() and sdio_retune_release() - mmc: core: Prevent processing SDIO IRQs when the card is suspended - scsi: ufs: Avoid runtime suspend possibly being blocked forever - [armhf,arm64] usb: chipidea: udc: workaround for endpoint conflict issue - xhci: detect USB 3.2 capable host controllers correctly - usb: xhci: Don't try to recover an endpoint if port is in error state. - IB/hfi1: Validate fault injection opcode user input - IB/hfi1: Silence txreq allocation warnings - [x86] Input: synaptics - enable SMBus on ThinkPad E480 and E580 - Input: uinput - add compat ioctl number translation for UI_*_FF_UPLOAD - [x86] Input: silead - add MSSL0017 to acpi_device_id - apparmor: fix PROFILE_MEDIATES for untrusted input - apparmor: enforce nullbyte at end of tag string - brcmfmac: sdio: Disable auto-tuning around commands expected to fail - brcmfmac: sdio: Don't tune while the card is off - parport: Fix mem leak in parport_register_dev_model - IB/rdmavt: Fix alloc_qpn() WARN_ON() - IB/hfi1: Insure freeze_work work_struct is canceled on shutdown - IB/{qib, hfi1, rdmavt}: Correct ibv_devinfo max_mr value - IB/hfi1: Validate page aligned for a given virtual address - [mips*] uprobes: remove set but not used variable 'epc' - [armhf,arm64] net: dsa: mv88e6xxx: avoid error message on remove from VLAN 0 - [arm64] net: hns: Fix loopback test failed at copper ports - mdesc: fix a missing-check bug in get_vdev_port_node_info() - [arm64] drm/arm/mali-dp: Add a loop around the second set CVAL and try 5 times - [arm64] drm/arm/hdlcd: Actually validate CRTC modes - [arm64] drm/arm/hdlcd: Allow a bit of clock tolerance - nvmet: fix data_len to 0 for bdev-backed write_zeroes - scsi: ufs: Check that space was properly alloced in copy_query_response - scsi: smartpqi: unlock on error in pqi_submit_raid_request_synchronous() - net: ipvlan: Fix ipvlan device tso disabled while NETIF_F_IP_CSUM is set - [s390x] qeth: fix VLAN attribute in bridge_hostnotify udev event - hwmon: (core) add thermal sensors only if dev->of_node is present - hwmon: (pmbus/core) Treat parameters as paged if on multiple pages - nvme: Fix u32 overflow in the number of namespace list calculation - btrfs: start readahead also in seed devices - [armhf] can: flexcan: fix timeout when set small bitrate - can: purge socket error queue on sock destruct - [ppc64el] bpf: use unsigned division instruction for 64-bit operations - [armhf] imx: cpuidle-imx6sx: Restrict the SW2ISO increase to i.MX6SX - [armhf] dts: dra76x: Update MMC2_HS200_MANUAL1 iodelay values - [armhf] dts: am57xx-idk: Remove support for voltage switching for SD card - [arm64] sve: <uapi/asm/ptrace.h> should not depend on <uapi/linux/prctl.h> - [arm64] ssbd: explicitly depend on <linux/prctl.h> - [x86] drm/vmwgfx: Use the backdoor port if the HB port is not available - Bluetooth: Align minimum encryption key size for LE and BR/EDR connections (CVE-2019-9506) - Bluetooth: Fix regression with minimum encryption key size alignment - SMB3: retry on STATUS_INSUFFICIENT_RESOURCES instead of failing write - cfg80211: fix memory leak of wiphy device name - mac80211: drop robust management frames from unknown TA - {nl,mac}80211: allow 4addr AP operation on crypto controlled devices - mac80211: handle deauthentication/disassociation from TDLS peer - nl80211: fix station_info pertid memory leak - mac80211: Do not use stack memory with scatterlist for GMAC - [x86] resctrl: Don't stop walking closids when a locksetup group is found https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.57 - perf ui helpline: Use strlcpy() as a shorter form of strncpy() + explicit set nul - perf help: Remove needless use of strncpy() - perf header: Fix unchecked usage of strncpy() - [arm64] Don't unconditionally add -Wno-psabi to KBUILD_CFLAGS - IB/hfi1: Close PSM sdma_progress sleep window - 9p/xen: fix check for xenbus_read error in front_probe - 9p: Use a slab for allocating requests - 9p: embed fcall in req to round down buffer allocs - 9p: add a per-client fcall kmem_cache - 9p: rename p9_free_req() function - 9p: Add refcount to p9_req_t - 9p/rdma: do not disconnect on down_interruptible EAGAIN - 9p: Rename req to rreq in trans_fd - 9p: acl: fix uninitialized iattr access - 9p/rdma: remove useless check in cm_event_handler - 9p: p9dirent_read: check network-provided name length - 9p: potential NULL dereference - 9p/trans_fd: abort p9_read_work if req status changed - 9p/trans_fd: put worker reqs on destroy - net/9p: include trans_common.h to fix missing prototype warning. - qmi_wwan: Fix out-of-bounds read - [armhf,arm64] Revert "usb: dwc3: gadget: Clear req->needs_extra_trb flag on cleanup" - [armhf,arm64] usb: dwc3: gadget: combine unaligned and zero flags - [armhf,arm64] usb: dwc3: gadget: track number of TRBs per request - [armhf,arm64] usb: dwc3: gadget: use num_trbs when skipping TRBs on ->dequeue() - [armhf,arm64] usb: dwc3: gadget: extract dwc3_gadget_ep_skip_trbs() - [armhf,arm64] usb: dwc3: gadget: introduce cancelled_list - [armhf,arm64] usb: dwc3: gadget: move requests to cancelled_list - [armhf,arm64] usb: dwc3: gadget: remove wait_end_transfer - [armhf,arm64] usb: dwc3: gadget: Clear req->needs_extra_trb flag on cleanup - fs/proc/array.c: allow reporting eip/esp for all coredumping threads - mm/mempolicy.c: fix an incorrect rebind node in mpol_rebind_nodemask - fs/binfmt_flat.c: make load_flat_shared_library() work - [armhf] clk: socfpga: stratix10: fix divider entry for the emac clocks - mm: soft-offline: return -EBUSY if set_hwpoison_free_buddy_page() fails - mm: hugetlb: soft-offline: dissolve_free_huge_page() return zero on !PageHuge - mm/page_idle.c: fix oops because end_pfn is larger than max_pfn - dm log writes: make sure super sector log updates are written in order - [x86] scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck() - [x86] speculation: Allow guests to use SSBD even if host does not - [x86] microcode: Fix the microcode load on CPU hotplug for real - [x86] resctrl: Prevent possible overrun during bitmap operations - [x86] KVM: mmu: Allocate PAE root array when using SVM's 32-bit NPT - NFS/flexfiles: Use the correct TCP timeout for flexfiles I/O - cpu/speculation: Warn on unsupported mitigations= parameter - SUNRPC: Clean up initialisation of the struct rpc_rqst - [mips*] irqchip/mips-gic: Use the correct local interrupt map registers - eeprom: at24: fix unexpected timeout under high load - af_packet: Block execution of tasks waiting for transmit to complete in AF_PACKET - bonding: Always enable vlan tx offload - ipv4: Use return value of inet_iif() for __raw_v4_lookup in the while loop - net/packet: fix memory leak in packet_set_ring() - net: remove duplicate fetch in sock_getsockopt - [armhf,arm64] net: stmmac: fixed new system time seconds value calculation - [armhf,arm64] net: stmmac: set IC bit when transmitting frames with HW timestamp - sctp: change to hold sk after auth shkey is created successfully - team: Always enable vlan tx offload - tipc: change to use register_pernet_device - tipc: check msg->req data len in tipc_nl_compat_bearer_disable - tun: wake up waitqueues after IFF_UP is set - bpf: simplify definition of BPF_FIB_LOOKUP related flags - bpf: lpm_trie: check left child of last leftmost node for NULL - bpf: fix nested bpf tracepoints with per-cpu data - bpf: fix unconnected udp hooks - bpf: udp: Avoid calling reuseport's bpf_prog from udp_gro - bpf: udp: ipv6: Avoid running reuseport's bpf_prog from __udp6_lib_err - [arm64] futex: Avoid copying out uninitialised stack in failed cmpxchg() - [arm64] bpf: use more scalable stadd over ldxr / stxr loop in xadd - futex: Update comments and docs about return values of arch futex code - RDMA: Directly cast the sockaddr union to sockaddr - tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb - [armhf,arm64] usb: dwc3: Reset num_trbs after skipping - [arm64] insn: Fix ldadd instruction encoding https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.58 - Bluetooth: Fix faulty expression for minimum encryption key size check - block: Fix a NULL pointer dereference in generic_make_request() - md/raid0: Do not bypass blocking queue entered for raid0 bios - netfilter: nf_flow_table: ignore DF bit setting - netfilter: nft_flow_offload: set liberal tracking mode for tcp - netfilter: nft_flow_offload: don't offload when sequence numbers need adjustment - netfilter: nft_flow_offload: IPCB is only valid for ipv4 family - ASoC: soc-pcm: BE dai needs prepare when pause release after resume - spi: bitbang: Fix NULL pointer dereference in spi_unregister_master - [armhf,arm64] ASoC: max98090: remove 24-bit format support if RJ is 0 - [x86] CPU: Add more Icelake model numbers - ALSA: hdac: fix memory release for SST and SOF drivers - scsi: hpsa: correct ioaccel2 chaining - [x86] drm: panel-orientation-quirks: Add quirk for GPD pocket2 - [x86] drm: panel-orientation-quirks: Add quirk for GPD MicroPC - [x86] platform: asus-wmi: Only Tell EC the OS will handle display hotkeys from asus_nb_wmi - [x86] platform: intel-vbtn: Report switch events when event wakes device - [x86] platform: mlx-platform: Fix parent device in i2c-mux-reg device registration - i2c: pca-platform: Fix GPIO lookup code - cpuset: restore sanity to cpuset_cpus_allowed_fallback() - mm/mlock.c: change count_mm_mlocked_page_nr return type - tracing: avoid build warning with HAVE_NOP_MCOUNT - module: Fix livepatch/ftrace module text permissions race - ftrace: Fix NULL pointer dereference in free_ftrace_func_mapper() - [x86] drm/i915/dmc: protect against reading random memory - crypto: user - prevent operating on larval algorithms - crypto: cryptd - Fix skcipher instance memory leak - ALSA: seq: fix incorrect order of dest_client/dest_ports arguments - ALSA: firewire-lib/fireworks: fix miss detection of received MIDI messages - ALSA: line6: Fix write on zero-sized buffer - ALSA: usb-audio: fix sign unintended sign extension on left shifts - [x86] ALSA: hda/realtek: Add quirks for several Clevo notebook barebones - [x86] ALSA: hda/realtek - Change front mic location for Lenovo M710q - lib/mpi: Fix karactx leak in mpi_powm - fs/userfaultfd.c: disable irqs for fault_pending and event locks - tracing/snapshot: Resize spare buffer if size changed - [armhf] dts: armada-xp-98dx3236: Switch to armada-38x-uart serial node - drm/amd/powerplay: use hardware fan control if no powerplay fan table - drm/amdgpu/gfx9: use reset default for PA_SC_FIFO_SIZE - [armhf] drm/etnaviv: add missing failure path to destroy suballoc - [armhf] drm/imx: notify drm core before sending event during crtc disable - drm/imx: only send event on crtc disable if kept disabled - [x86] ftrace: Remove possible deadlock between register_kprobe() and ftrace_run_update_code() - mm/vmscan.c: prevent useless kswapd loops - btrfs: Ensure replaced device doesn't have pending chunk allocation - tty: rocket: fix incorrect forward declaration of 'rp_init()' - net/smc: move unhash before release of clcsock - drm/fb-helper: generic: Don't take module ref for fbcon - f2fs: don't access node/meta inode mapping after iput - mac80211: mesh: fix missing unlock on error in table_path_del() - scsi: tcmu: fix use after free - [amd64] boot/compressed: Do not corrupt EDX on EFER.LME=1 setting - [arm64] net: hns: Fixes the missing put_device in positive leg for roce reset - ALSA: hda: Initialize power_state field properly - rds: Fix warning. - ip6: fix skb leak in ip6frag_expire_frag_queue() - netfilter: ipv6: nf_defrag: fix leakage of unqueued fragments - [arm64] net: hns: fix unsigned comparison to less than zero - bpf: fix bpf_jit_limit knob for PAGE_SIZE >= 64K - netfilter: ipv6: nf_defrag: accept duplicate fragments again - [x86] KVM: degrade WARN to pr_warn_ratelimited - [x86] KVM: LAPIC: Fix pending interrupt in IRR blocked by software disable LAPIC - nfsd: Fix overflow causing non-working mounts on 1 TB machines - svcrdma: Ignore source port when computing DRC hash - [mips*] Fix bounds check virt_addr_valid - [mips*] Add missing EHB in mtc0 -> mfc0 sequence. - [arm64] dmaengine: qcom: bam_dma: Fix completed descriptors count - [armhf] dmaengine: imx-sdma: remove BD_INTR for channel0 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.59 - [x86] Input: elantech - enable middle button support on 2 ThinkPads - mac80211: fix rate reporting inside cfg80211_calculate_bitrate_he() - bpf: sockmap, fix use after free from sleep in psock backlog workqueue - mac80211: mesh: fix RCU warning - mac80211: free peer keys before vif down in mesh - iwlwifi: Fix double-free problems in iwl_req_fw_callback() - can: af_can: Fix error path of can_init() - net: phy: rename Asix Electronics PHY driver - [armhf] dts: am335x phytec boards: Fix cd-gpios active level - [s390x] boot: disable address-of-packed-member warning - [x86] drm/vmwgfx: Honor the sg list segment size limitation - [x86] drm/vmwgfx: fix a warning due to missing dma_parms - [armhf] Input: imx_keypad - make sure keyboard can always wake up system - [armhf,arm64] KVM: vgic: Fix kvm_device leak in vgic_its_destroy - mac80211: only warn once on chanctx_conf being NULL - mac80211: do not start any work during reconfigure flow - bpf, devmap: Fix premature entry free on destroying map - bpf, devmap: Add missing bulk queue free - bpf, devmap: Add missing RCU read lock on flush - [amd64] bpf: fix stack layout of JITed bpf code - qmi_wwan: add support for QMAP padding in the RX path - qmi_wwan: avoid RCU stalls on device disconnect when in QMAP mode - qmi_wwan: extend permitted QMAP mux_id value range - mmc: core: complete HS400 before checking status - md: fix for divide error in status_resync - bnx2x: Check if transceiver implements DDM before access - drm: return -EFAULT if copy_to_user() fails - ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL - net: lio_core: fix potential sign-extension overflow on large shift - scsi: qedi: Check targetname while finding boot target information - quota: fix a problem about transfer quota - [armhf,arm64] net: dsa: mv88e6xxx: fix shift of FID bits in mv88e6185_g1_vtu_loadpurge() - NFS4: Only set creation opendata if O_CREAT - net :sunrpc :clnt :Fix xps refcount imbalance on the error path - fscrypt: don't set policy for a dead directory - udf: Fix incorrect final NOT_ALLOCATED (hole) extent length - media: stv0297: fix frequency range limit - ALSA: usb-audio: Fix parse of UAC2 Extension Units - ALSA: hda/realtek - Headphone Mic can't record after S3 - block, bfq: NULL out the bic when it's no longer valid - [arm64] perf pmu: Fix uncore PMU alias list for ARM64 - [x86] ptrace: Fix possible spectre-v1 in ptrace_get_debugreg() - [x86] tls: Fix possible spectre-v1 in do_get_thread_area() - USB: serial: ftdi_sio: add ID for isodebug v1 - USB: serial: option: add support for GosunCn ME3630 RNDIS mode - Revert "serial: 8250: Don't service RX FIFO if interrupts are disabled" - p54usb: Fix race between disconnect and firmware loading - usb: gadget: ether: Fix race between gether_disconnect and rx_submit - [armhf,arm64] usb: dwc2: use a longer AHB idle timeout in dwc2_core_reset() - [x86] drivers/usb/typec/tps6598x.c: fix portinfo width - [x86] drivers/usb/typec/tps6598x.c: fix 4CC cmd write - [i386] staging: comedi: dt282x: fix a null pointer deref on interrupt - [x86] staging: comedi: amplc_pci230: fix null pointer deref on interrupt - HID: Add another Primax PIXART OEM mouse quirk - binder: fix memory leak in error path - carl9170: fix misuse of device driver API - [x86] VMCI: Fix integer overflow in VMCI handle arrays - staging: rtl8712: reduce stack usage, again https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.60 - Revert "e1000e: fix cyclic resets at link up with active tx" - e1000e: start network tx queue only when link is up - [x86] Input: synaptics - enable SMBUS on T480 thinkpad trackpad - nilfs2: do not use unexported cpu_to_le32()/le32_to_cpu() in uapi header - drivers: base: cacheinfo: Ensure cpu hotplug work is done before Intel RDT - firmware: improve LSM/IMA security behaviour - [armhf,arm64] irqchip/gic-v3-its: Fix command queue pointer comparison bug - [armhf] clk: ti: clkctrl: Fix returning uninitialized data - [amd64,arm64] efi/bgrt: Drop BGRT status field reserved bits check - perf/core: Fix perf_sample_regs_user() mm check - [armhf] omap2: remove incorrect __init annotation - afs: Fix uninitialised spinlock afs_volume::cb_break_lock - [x86] apic: Fix integer overflow on 10 bit left shift of cpu_khz - be2net: fix link failure after ethtool offline test - ppp: mppe: Add softdep to arc4 - sis900: fix TX completion - [armhf] dts: imx6ul: fix PWM[1-4] interrupts - [armhf] pinctrl: mcp23s08: Fix add_data and irqchip_add_nested call order - dm table: don't copy from a NULL pointer in realloc_argv() - dm verity: use message limit for data block corruption message - [amd64] boot: Fix crash if kernel image crosses page table boundary - [amd64] boot: Add missing fixup_pointer() for next_early_pgt access - HID: chicony: add another quirk for PixArt mouse - HID: multitouch: Add pointstick support for ALPS Touchpad - cpu/hotplug: Fix out-of-bounds read when setting fail state - linux/kernel.h: fix overflow for DIV_ROUND_UP_ULL - genirq: Delay deactivation in free_irq() - genirq: Fix misleading synchronize_irq() documentation - genirq: Add optional hardware synchronization for shutdown - [x86] ioapic: Implement irq_get_irqchip_state() callback - [x86] irq: Handle spurious interrupt after shutdown gracefully - [x86] irq: Seperate unused system vectors from spurious entry again - [s390x] fix stfle zero padding - [s390x] qdio: (re-)initialize tiqdio list entries - [s390x] qdio: don't touch the dsci in tiqdio_add_input_queues() - regmap-irq: do not write mask register if mask_base is zero - drm/udl: introduce a macro to convert dev to udl. - drm/udl: Replace drm_dev_unref with drm_dev_put - drm/udl: move to embedding drm device inside udl device. - [i386] entry: Fix ENDPROC of common_spurious https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.61 - [arm64] efi: Mark __efistub_stext_offset as an absolute symbol explicitly - scsi: iscsi: set auth_protocol back to NULL if CHAP_A value is not supported - [armhf] dmaengine: imx-sdma: fix use-after-free on probe error path - wil6210: fix potential out-of-bounds read - ath10k: Do not send probe response template for mesh - ath9k: Check for errors when reading SREV register - ath6kl: add some bounds checking - ath10k: add peer id check in ath10k_peer_find_by_id - wil6210: fix spurious interrupts in 3-msi - ath: DFS JP domain W56 fixed pulse type 3 RADAR detection - regmap: debugfs: Fix memory leak in regmap_debugfs_init - batman-adv: fix for leaked TVLV handler. - media: dvb: usb: fix use after free in dvb_usb_device_exit - media: marvell-ccic: fix DMA s/g desc number calculation - media: media_device_enum_links32: clean a reserved field - [armhf,arm64] net: stmmac: dwmac1000: Clear unused address entries - [armhf,arm64] net: stmmac: dwmac4/5: Clear unused address entries - qed: Set the doorbell address correctly - signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig - af_key: fix leaks in key_pol_get_resp and dump_sp. - xfrm: Fix xfrm sel prefix length validation - fscrypt: clean up some BUG_ON()s in block encryption/decryption - perf annotate TUI browser: Do not use member from variable within its own initialization - media: mc-device.c: don't memset __user pointer contents - media: saa7164: fix remove_proc_entry warning - net: phy: Check against net_device being NULL - tua6100: Avoid build warnings. - batman-adv: Fix duplicated OGMs on NETDEV_UP - [armhf] media: wl128x: Fix some error handling in fm_v4l2_init_video_device() - [arm64] net: hns3: set ops to null when unregister ad_dev - cpupower : frequency-set -r option misses the last cpu in related cpu list - [armhf,arm64] net: stmmac: dwmac4: fix flow control issue - [armhf,arm64] net: stmmac: modify default value of tx-frames - [arm64] crypto: inside-secure - do not rely on the hardware last bit for result descriptors - [s390x] qdio: handle PENDING state for QEBSM devices - net: sfp: add mutex to prevent concurrent state checks - ipset: Fix memory accounting for hash types on resize - perf cs-etm: Properly set the value of 'old' and 'head' in snapshot mode - [s390x] perf report: Fix OOM error in TUI mode on s390 - [arm64] irqchip/meson-gpio: Add support for Meson-G12A SoC - media: uvcvideo: Fix access to uninitialized fields on probe error - iommu: Fix a leak in iommu_insert_resv_region - [armhf] gpio: omap: fix lack of irqstatus_raw0 for OMAP4 - [armhf] gpio: omap: ensure irq is enabled before wakeup - regmap: fix bulk writes on paged registers - bpf: silence warning messages in core - selinux: fix empty write to keycreate file - [x86] cpu: Add Ice Lake NNPI to Intel family - [arm64] ASoC: meson: axg-tdm: fix sample clock inversion - rcu: Force inlining of rcu_read_lock() - [x86] cpufeatures: Add FDP_EXCPTN_ONLY and ZERO_FCS_FDS - qed: iWARP - Fix tc for MPA ll2 connection - [arm64] net: hns3: fix for skb leak when doing selftest - block: null_blk: fix race condition for null_del_dev - blkcg, writeback: dead memcgs shouldn't contribute to writeback ownership arbitration - xfrm: fix sa selector validation - sched/core: Add __sched tag for io_schedule() - sched/fair: Fix "runnable_avg_yN_inv" not used warnings - [x86] perf/intel/uncore: Handle invalid event coding for free-running counter - [x86] atomic: Fix smp_mb__{before,after}_atomic() - perf evsel: Make perf_evsel__name() accept a NULL argument - vhost_net: disable zerocopy by default - ipoib: correcly show a VF hardware address - [x86] cacheinfo: Fix a -Wtype-limits warning - blk-iolatency: only account submitted bios - ACPICA: Clear status of GPEs on first direct enable - EDAC/sysfs: Fix memory leak when creating a csrow object - nvme: fix possible io failures when removing multipathed ns - nvme-pci: properly report state change failure in nvme_reset_work - nvme-pci: set the errno on ctrl state change error - lightnvm: pblk: fix freeing of merged pages - [arm64] Do not enable IRQs for ct_user_exit - ipsec: select crypto ciphers for xfrm_algo - ipvs: defer hook registration to avoid leaks - media: i2c: fix warning same module names - ntp: Limit TAI-UTC offset - timer_list: Guard procfs specific code - [arm64] acpi: ignore 5.1 FADTs that are reported as 5.0 - media: hdpvr: fix locking and a missing msleep - [armhf] net: stmmac: sun8i: force select external PHY when no internal one - rtlwifi: rtl8192cu: fix error handle when usb probe failed - mt7601u: do not schedule rx_tasklet when the device has been disconnected - mt7601u: fix possible memory leak when the device is disconnected - ipvs: fix tinfo memory leak in start_sync_thread - ath10k: add missing error handling - ath10k: fix PCIE device wake up failed - perf tools: Increase MAX_NR_CPUS and MAX_CACHES - [x86] ASoC: Intel: hdac_hdmi: Set ops to NULL on remove - libata: don't request sense data on !ZAC ATA devices - [armhf] clocksource/drivers/exynos_mct: Increase priority over ARM arch timer - xsk: Properly terminate assignment in xskq_produce_flush_desc - rslib: Fix decoding of shortened codes - rslib: Fix handling of of caller provided syndrome - ixgbe: Check DDM existence in transceiver before access - crypto: serpent - mark __serpent_setkey_sbox noinline - wil6210: drop old event after wmi_call timeout - EDAC: Fix global-out-of-bounds write when setting edac_mc_poll_msec - bcache: check CACHE_SET_IO_DISABLE in allocator code - bcache: check CACHE_SET_IO_DISABLE bit in bch_journal() - bcache: acquire bch_register_lock later in cached_dev_free() - bcache: check c->gc_thread by IS_ERR_OR_NULL in cache_set_flush() - bcache: fix potential deadlock in cached_def_free() - [arm64] net: hns3: fix a -Wformat-nonliteral compile warning - [arm64] net: hns3: add some error checking in hclge_tm module - ath10k: destroy sdio workqueue while remove sdio module - [armhf,arm64] net: mvpp2: prs: Don't override the sign bit in SRAM parser shift - igb: clear out skb->tstamp after reading the txtime - iwlwifi: mvm: Drop large non sta frames - perf stat: Make metric event lookup more robust - perf stat: Fix group lookup for metric group - bnx2x: Prevent ptp_task to be rescheduled indefinitely - net: usb: asix: init MAC address buffers - rxrpc: Fix oops in tracepoint - bpf, libbpf, smatch: Fix potential NULL pointer dereference - bonding: validate ip header before check IPPROTO_IGMP - gpiolib: Fix references to gpiod_[gs]et_*value_cansleep() variants - [ppc64el] tools: bpftool: Fix json dump crash on powerpc - Bluetooth: hci_bcsp: Fix memory leak in rx_skb - Bluetooth: Add new 13d3:3491 QCA_ROME device - Bluetooth: Add new 13d3:3501 QCA_ROME device - Bluetooth: 6lowpan: search for destination address in all peers - [ppc64el] perf tests: Fix record+probe_libc_inet_pton.sh for powerpc64 - Bluetooth: Check state in l2cap_disconnect_rsp - gtp: add missing gtp_encap_disable_sock() in gtp_encap_enable() - Bluetooth: validate BLE connection interval updates - gtp: fix suspicious RCU usage - gtp: fix Illegal context switch in RCU read-side critical section. - gtp: fix use-after-free in gtp_encap_destroy() - gtp: fix use-after-free in gtp_newlink() - [armel/marvell,armhf] net: mvmdio: defer probe of orion-mdio if a clock is not ready - iavf: fix dereference of null rx_buffer pointer - floppy: fix out-of-bounds read in next_valid_format - floppy: fix invalid pointer dereference in drive_name - xen: let alloc_xenballooned_pages() fail if not enough memory free - scsi: core: Fix race on creating sense cache - scsi: megaraid_sas: Fix calculation of target ID - crypto: ghash - fix unaligned memory access in ghash_setkey() - [x86] crypto: ccp - Validate the the error value used to index error messages - [arm64] crypto: sha1-ce - correct digest for empty data in finup - [arm64] crypto: sha2-ce - correct digest for empty data in finup - crypto: chacha20poly1305 - fix atomic sleep when using async algorithm - [x86] crypto: ccp - memset structure fields to zero before reuse - [x86] crypto: ccp/gcm - use const time tag comparison. - Revert "bcache: set CACHE_SET_IO_DISABLE in bch_cached_dev_error()" - bcache: Revert "bcache: fix high CPU occupancy during journal" - bcache: Revert "bcache: free heap cache_set->flush_btree in bch_journal_free" - bcache: ignore read-ahead request failure on backing device - bcache: fix mistaken sysfs entry for io_error counter - bcache: destroy dc->writeback_write_wq if failed to create dc->writeback_thread - Input: alps - don't handle ALPS cs19 trackpoint-only device - [x86] Input: synaptics - whitelist Lenovo T580 SMBus intertouch - Input: alps - fix a mismatch between a condition check and its comment - [armhf] regulator: s2mps11: Fix buck7 and buck8 wrong voltages - [arm64] tegra: Update Jetson TX1 GPU regulator timings - iwlwifi: pcie: don't service an interrupt that was masked - iwlwifi: pcie: fix ALIVE interrupt handling for gen2 devices w/o MSI-X - iwlwifi: don't WARN when calling iwl_get_shared_mem_conf with RF-Kill - iwlwifi: fix RF-Kill interrupt while FW load for gen2 devices - NFSv4: Handle the special Linux file open access mode - pnfs/flexfiles: Fix PTR_ERR() dereferences in ff_layout_track_ds_error - pNFS: Fix a typo in pnfs_update_layout - pnfs: Fix a problem where we gratuitously start doing I/O through the MDS - lib/scatterlist: Fix mapping iterator when sg->offset is greater than PAGE_SIZE - ASoC: dapm: Adapt for debugfs API change - raid5-cache: Need to do start() part job after adding journal device - ALSA: seq: Break too long mutex context in the write loop - [x86] ALSA: hda/realtek - Fixed Headphone Mic can't record on Dell platform - [x86] ALSA: hda/realtek: apply ALC891 headset fixup to one Dell machine - media: v4l2: Test type instead of cfg->type in v4l2_ctrl_new_custom() - media: videobuf2-core: Prevent size alignment wrapping buffer size to 0 - media: videobuf2-dma-sg: Prevent size from overflowing - [x86] KVM: vPMU: refine kvm_pmu err msg when event creation failed - [arm64] tegra: Fix AGIC register range - fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys inodes. - kconfig: fix missing choice values in auto.conf - drm/nouveau/i2c: Enable i2c pads & busses during preinit - padata: use smp_mb in padata_reorder to avoid orphaned padata jobs - dm zoned: fix zone state management race - xen/events: fix binding user event channels to cpus - 9p/xen: Add cleanup path in p9_trans_xen_init - 9p/virtio: Add cleanup path in p9_virtio_init - [x86] boot: Fix memory leak in default_get_smp_config() - [x86] perf/intel: Fix spurious NMI on fixed counter - [x86] perf/amd/uncore: Do not set 'ThreadMask' and 'SliceMask' for non-L3 PMCs - [x86] perf/amd/uncore: Set the thread mask for F17h L3 PMCs - drm/edid: parse CEA blocks embedded in DisplayID - [x86] intel_th: pci: Add Ice Lake NNPI support - [x86] PCI: hv: Fix a use-after-free bug in hv_eject_device_work() - PCI: Do not poll for PME if the device is in D3cold - [arm64] PCI: qcom: Ensure that PERST is asserted for at least 100 ms - Btrfs: fix data loss after inode eviction, renaming it, and fsync it - Btrfs: fix fsync not persisting dentry deletions due to inode evictions - Btrfs: add missing inode version, ctime and mtime updates when punching hole - IB/mlx5: Report correctly tag matching rendezvous capability - HID: wacom: generic: only switch the mode on devices with LEDs - HID: wacom: generic: Correct pad syncing - HID: wacom: correct touch resolution x/y typo - libnvdimm/pfn: fix fsdax-mode namespace info-block zero-fields - coda: pass the host file in vma->vm_file on mmap - include/asm-generic/bug.h: fix "cut here" for WARN_ON for __WARN_TAINT architectures - xfs: fix pagecache truncation prior to reflink - xfs: flush removing page cache in xfs_reflink_remap_prep - xfs: don't overflow xattr listent buffer - xfs: rename m_inotbt_nores to m_finobt_nores - xfs: don't ever put nlink > 0 inodes on the unlinked list - xfs: reserve blocks for ifree transaction during log recovery - xfs: fix reporting supported extra file attributes for statx() - xfs: serialize unaligned dio writes against all other dio writes - xfs: abort unaligned nowait directio early - [ppc64el] watchpoint: Restore NV GPRs while returning from exception - [ppc64el] powernv/npu: Fix reference leak - [ppc64el] pseries: Fix oops in hotplug memory notifier - [arm64] mmc: sdhci-msm: fix mutex while in spinlock - eCryptfs: fix a couple type promotion bugs - [x86] intel_th: msu: Fix single mode with disabled IOMMU - Bluetooth: Add SMP workaround Microsoft Surface Precision Mouse bug - usb: Handle USB3 remote wakeup for LPM enabled devices correctly - blk-throttle: fix zero wait time for iops throttled group - blk-iolatency: clear use_delay when io.latency is set to zero - blkcg: update blkcg_print_stat() to handle larger outputs - [armel/marvell,armhf] net: mvmdio: allow up to four clocks to be specified for orion-mdio - dm bufio: fix deadlock with loop device https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.62 - bnx2x: Prevent load reordering in tx completion processing - [x86] hv_netvsc: Fix extra rcu_read_unlock in netvsc_recv_callback() - igmp: fix memory leak in igmpv3_del_delrec() - ipv4: don't set IPv6 only flags to IPv4 addresses - ipv6: rt6_check should return NULL if 'from' is NULL - ipv6: Unlink sibling route in case of failure - [armhf,arm64] net: dsa: mv88e6xxx: wait after reset deactivation - net: make skb_dst_force return true when dst is refcounted - net: neigh: fix multiple neigh timer scheduling - net: openvswitch: fix csum updates for MPLS actions - net: phy: sfp: hwmon: Fix scaling of RX power - [armhf,arm64] net: stmmac: Re-work the queue selection for TSO packets - nfc: fix potential illegal memory access - r8169: fix issue with confused RX unit after PHY power-down on RTL8411b - rxrpc: Fix send on a connected, but unbound socket - sctp: fix error handling on stream scheduler initialization - [x86] sky2: Disable MSI on ASUS P6T - tcp: be more careful in tcp_fragment() - tcp: fix tcp_set_congestion_control() use from bpf hook - tcp: Reset bytes_acked and bytes_received when disconnecting - vrf: make sure skb->data contains ip header to make routing - net/mlx5e: IPoIB, Add error path in mlx5_rdma_setup_rn - macsec: fix use-after-free of skb during RX - macsec: fix checksumming after decryption - netrom: fix a memory leak in nr_rx_frame() - netrom: hold sock when setting skb->destructor - net_sched: unset TCQ_F_CAN_BYPASS when adding filters - sctp: not bind the socket in sctp_connect - net: bridge: mcast: fix stale nsrcs pointer in igmp3/mld2 report handling - net: bridge: mcast: fix stale ipv6 hdr pointer when handling v6 query - net: bridge: don't cache ether dest pointer on input - net: bridge: stp: don't cache eth dest pointer before skb pull - dma-buf: balance refcount inbalance - dma-buf: Discard old fence_excl on retrying get_fences_rcu for realloc - perf/core: Fix exclusive events' grouping - perf/core: Fix race between close() and fork() - ext4: don't allow any modifications to an immutable file - ext4: enforce the immutable flag on open files - mm: add filemap_fdatawait_range_keep_errors() - jbd2: introduce jbd2_inode dirty range scoping - ext4: use jbd2_inode dirty range scoping - ext4: allow directory holes - [x86] KVM: nVMX: do not use dangling shadow VMCS after guest reset - [x86] KVM: nVMX: Clear pending KVM_REQ_GET_VMCS12_PAGES when leaving nested - mm: vmscan: scan anonymous pages on file refaults - net: sched: verify that q!=NULL before setting q->flags https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.63 - [x86] hvsock: fix epollout hang from race condition - [armhf,arm64] drm/panel: simple: Fix panel_simple_dsi_probe - [x86] staging: vt6656: use meaningful error code during buffer allocation - usb: core: hub: Disable hub-initiated U1/U2 - [armhf,arm64] pinctrl: rockchip: fix leaked of_node references - drm/amd/display: Fill prescale_params->scale for RGB565 - drm/amdgpu/sriov: Need to initialize the HDP_NONSURFACE_BAStE - drm/amd/display: Disable ABM before destroy ABM struct - drm/amdkfd: Fix a potential memory leak - drm/amdkfd: Fix sdma queue map issue - drm/edid: Fix a missing-check bug in drm_load_edid_firmware() - PCI: Return error if cannot probe VF - [armhf,arm64] gpu: host1x: Increase maximum DMA segment size - drm/crc-debugfs: User irqsafe spinlock in drm_crtc_add_crc_entry - drm/crc-debugfs: Also sprinkle irqrestore over early exits - memstick: Fix error cleanup path of memstick_init - [arm64] tty: serial: msm_serial: avoid system lockup condition - serial: 8250: Fix TX interrupt handling condition - drm/amd/display: Always allocate initial connector state state - drm/virtio: Add memory barriers for capset cache. - drm/amd/display: fix compilation error - [ppc64el] pseries/mobility: prevent cpu hotplug during DT update - [armhf,arm64] drm/rockchip: Properly adjust to a true clock in adjusted_mode - [armhf] serial: imx: fix locking in set_termios() - tty: serial_core: Set port active bit in uart_port_activate - usb: gadget: Zero ffs_io_data - mmc: sdhci: sdhci-pci-o2micro: Check if controller supports 8-bit width - [ppc64el] pci/of: Fix OF flags parsing for 64bit BARs - [arm64] drm/msm: Depopulate platform on probe failure - [arm64] PCI: xilinx-nwl: Fix Multi MSI data programming - iio: iio-utils: Fix possible incorrect mask calculation - [ppc64el] cacheflush: fix variable set but not used - [ppc64el] xmon: Fix disabling tracing while in xmon - [ppc64el] recordmcount: Fix spurious mcount entries on powerpc - mfd: core: Set fwnode for created devices - [arm64] mfd: hi655x-pmic: Fix missing return value check for devm_regmap_init_mmio_clk - mm/swap: fix release_pages() when releasing devmap pages - RDMA/i40iw: Set queue pair state when being queried - IB/mlx5: Fixed reporting counters on 2nd port for Dual port RoCE - [ppc64el] mm: Handle page table allocation failures - IB/ipoib: Add child to parent list only if device initialized - [arm64] assembler: Switch ESB-instruction with a vanilla nop if !ARM64_HAS_RAS - perf stat: Fix use-after-freed pointer detected by the smatch tool - perf top: Fix potential NULL pointer dereference detected by the smatch tool - perf session: Fix potential NULL pointer dereference found by the smatch tool - perf annotate: Fix dereferencing freed memory found by the smatch tool - perf hists browser: Fix potential NULL pointer dereference found by the smatch tool - RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM - [armhf] PCI: dwc: pci-dra7xx: Fix compilation when !CONFIG_GPIOLIB - [ppc64el] boot: add {get, put}_unaligned_be32 to xz_config.h - block: init flush rq ref count to 1 - f2fs: avoid out-of-range memory access - mailbox: handle failed named mailbox channel request - dlm: check if workqueues are NULL before flushing/destroying - [ppc64el] eeh: Handle hugepages in ioremap space - block/bio-integrity: fix a memory leak bug - 9p: pass the correct prototype to read_cache_page - mm/gup.c: mark undo_dev_pagemap as __maybe_unused - mm/gup.c: remove some BUG_ONs from get_gate_page() - memcg, fsnotify: no oom-kill for remote memcg charging - mm/mmu_notifier: use hlist_add_head_rcu() - proc: use down_read_killable mmap_sem for /proc/pid/smaps_rollup - proc: use down_read_killable mmap_sem for /proc/pid/pagemap - proc: use down_read_killable mmap_sem for /proc/pid/clear_refs - proc: use down_read_killable mmap_sem for /proc/pid/map_files - cxgb4: reduce kernel stack usage in cudbg_collect_mem_region() - proc: use down_read_killable mmap_sem for /proc/pid/maps - locking/lockdep: Fix lock used or unused stats error - mm: use down_read_killable for locking mmap_sem in access_remote_vm - locking/lockdep: Hide unused 'class' variable - usb: wusbcore: fix unbalanced get/put cluster_id - [x86] usb: pci-quirks: Correct AMD PLL quirk detection - btrfs: inode: Don't compress if NODATASUM or NODATACOW set - [x86] sysfb_efi: Add quirks for some devices with swapped width and height - [x86] speculation/mds: Apply more accurate check on hypervisor platform - binder: prevent transactions to context manager from its own process. - fpga-manager: altera-ps-spi: Fix build error - [x86] mei: me: add mule creek canyon (EHL) device ids - [x86] hpet: Fix division by zero in hpet_time_div() - ALSA: ac97: Fix double free of ac97_codec_device - ALSA: line6: Fix wrong altsetting for LINE6_PODHD500_1 - ALSA: hda - Add a conexant codec entry to let mute led work - [ppc64el] xive: Fix loop exit-condition in xive_find_target_in_mask() - libnvdimm/bus: Stop holding nvdimm_bus_list_mutex over __nd_ioctl() - access: avoid the RCU grace period for the temporary subjective credentials https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.64 - [x86] hv_sock: Add support for delayed close - vsock: correct removal of socket from the list - NFS: Fix dentry revalidation on NFSv4 lookup - NFS: Refactor nfs_lookup_revalidate() - NFSv4: Fix lookup revalidate of regular files - [armhf,arm64] usb: dwc2: Disable all EP's on disconnect - [armhf,arm64] usb: dwc2: Fix disable all EP's on disconnect - [arm64] compat: Provide definition for COMPAT_SIGMINSTKSZ (Closes: #904385). - binder: fix possible UAF when freeing buffer - ISDN: hfcsusb: checking idx of ep configuration - media: au0828: fix null dereference in error path - ath10k: Change the warning message string - media: cpia2_usb: first wake up, then free in disconnect - media: pvrusb2: use a different format for warnings - NFS: Cleanup if nfs_match_client is interrupted - media: radio-raremono: change devm_k*alloc to k*alloc - [x86] iommu/vt-d: Don't queue_iova() if there is no flush queue - vhost: introduce vhost_exceeds_weight() - vhost_net: fix possible infinite loop (CVE-2019-3900) - vhost: vsock: add weight support - vhost: scsi: add weight support (CVE-2019-3900) - sched/fair: Don't free p->numa_faults with concurrent readers - sched/fair: Use RCU accessors consistently for ->numa_group - /proc/<pid>/cmdline: remove all the special cases - /proc/<pid>/cmdline: add back the setproctitle() special case - drivers/pps/pps.c: clear offset flags in PPS_SETPARAMS ioctl - Fix allyesconfig output. - ceph: hold i_ceph_lock when removing caps for freeing inode - block, scsi: Change the preempt-only flag into a counter - scsi: core: Avoid that a kernel warning appears during system resume - ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.65 - [armhf] dts: rockchip: Make rk3288-veyron-minnie run at hs200 - [armhf] dts: rockchip: Make rk3288-veyron-mickey's emmc work again - [armhf] dts: rockchip: Mark that the rk3288 timer might stop in suspend - ftrace: Enable trampoline when rec count returns back to one - [armhf,arm64] dmaengine: tegra-apb: Error out if DMA_PREP_INTERRUPT flag is unset - [arm64] dts: rockchip: fix isp iommu clocks and power domain - kernel/module.c: Only return -EEXIST for modules that have finished loading - [arm64] clk: tegra210: fix PLLU and PLLU_OUT1 - fs/adfs: super: fix use-after-free bug - btrfs: fix minimum number of chunk errors for DUP - btrfs: qgroup: Don't hold qgroup_ioctl_lock in btrfs_qgroup_inherit() - cifs: Fix a race condition with cifs_echo_request - ceph: fix improper use of smp_mb__before_atomic() - ceph: return -ERANGE if virtual xattr value didn't fit in buffer - ACPI: blacklist: fix clang warning for unused DMI table - [s390x] scsi: zfcp: fix GCC compiler warning emitted with -Wmaybe-uninitialized - perf version: Fix segfault due to missing OPT_END() - [x86] kvm: avoid constant-conversion warning - ACPI: fix false-positive -Wuninitialized warning - be2net: Signal that the device cannot transmit during reconfiguration - [x86] apic: Silence -Wtype-limits compiler warnings - mm/cma.c: fail if fixed declaration can't be honored - lib/test_overflow.c: avoid tainting the kernel and fix wrap size - lib/test_string.c: avoid masking memset16/32/64 failures - coda: add error handling for fget - coda: fix build using bare-metal toolchain - uapi linux/coda_psdev.h: move upc_req definition from uapi to kernel side headers - drivers/rapidio/devices/rio_mport_cdev.c: NUL terminate some strings - ipc/mqueue.c: only perform resource calculation if user valid - [x86] xen/pv: Fix a boot up hang revealed by int3 self test - [x86] kvm: Don't call kvm_spurious_fault() from .fixup - [x86] paravirt: Fix callee-saved function ELF sizes - [x86] boot: Remove multiple copy of static function sanitize_boot_params() - drm/nouveau: fix memory leak in nouveau_conn_reset() - kconfig: Clear "written" flag to avoid data loss - Btrfs: fix incremental send failure after deduplication - Btrfs: fix race leading to fs corruption after transaction abort - [armhf,arm64] mmc: dw_mmc: Fix occasional hang after tuning on eMMC - [arm64] mmc: meson-mx-sdio: Fix misuse of GENMASK macro - gpiolib: fix incorrect IRQ requesting of an active-low lineevent - IB/hfi1: Fix Spectre v1 vulnerability - mtd: rawnand: micron: handle on-die "ECC-off" devices correctly - selinux: fix memory leak in policydb_init() - ALSA: hda: Fix 1-minute detection delay when i915 module is not available (Closes: #931507) - mm: vmscan: check if mem cgroup is disabled or not before calling memcg slab shrinker - [s390x] dasd: fix endless loop after read unit address configuration - [arm*] drivers/perf: arm_pmu: Fix failure path in PM notifier - [arm64] compat: Allow single-byte watchpoints on all addresses - [arm64] cpufeature: Fix feature comparison for CTR_EL0.{CWG,ERG} - nbd: replace kill_bdev() with __invalidate_device() again - xen/swiotlb: fix condition for calling xen_destroy_contiguous_region() - IB/mlx5: Fix unreg_umr to ignore the mkey state - IB/mlx5: Use direct mkey destroy command upon UMR unreg failure - IB/mlx5: Move MRs to a kernel PD when freeing them to the MR cache - IB/mlx5: Fix clean_mr() to work in the expected order - IB/mlx5: Fix RSS Toeplitz setup to be aligned with the HW specification - IB/hfi1: Check for error on call to alloc_rsm_map_table - [x86] drm/i915/gvt: fix incorrect cache entry for guest page mapping - eeprom: at24: make spd world-readable again - objtool: Support GCC 9 cold subfunction naming scheme - gcc-9: properly declare the {pv,hv}clock_page storage - [x86] vdso: Prevent segfaults due to hoisted vclock reads - scsi: mpt3sas: Use 63-bit DMA addressing on SAS35 HBA https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.66 - scsi: fcoe: Embed fc_rport_priv in fcoe_rport structure - gcc-9: don't warn about uninitialized variable - driver core: Establish order of operations for device_add and device_del via bitflag - drivers/base: Introduce kill_device() - libnvdimm/bus: Prevent duplicate device_unregister() calls - libnvdimm/region: Register badblocks before namespaces - libnvdimm/bus: Prepare the nd_ioctl() path to be re-entrant - libnvdimm/bus: Fix wait_nvdimm_bus_probe_idle() ABBA deadlock - HID: wacom: fix bit shift for Cintiq Companion 2 - HID: Add quirk for HP X1200 PIXART OEM mouse - IB: directly cast the sockaddr union to aockaddr - atm: iphase: Fix Spectre v1 vulnerability - bnx2x: Disable multi-cos feature. - ife: error out when nla attributes are empty - ip6_gre: reload ipv6h in prepare_ip6gre_xmit_ipv6 - ip6_tunnel: fix possible use-after-free on xmit - ipip: validate header length in ipip_tunnel_xmit - [armhf,arm64] mvpp2: fix panic on module removal - [armhf,arm64] mvpp2: refactor MTU change code - net: bridge: delete local fdb on device init failure - net: bridge: mcast: don't delete permanent entries when fast leave is enabled - net: fix ifindex collision during namespace removal - net/mlx5e: always initialize frag->last_in_page - net/mlx5: Use reversed order when unregister devices - net: phylink: Fix flow control for fixed-link - net: sched: Fix a possible null-pointer dereference in dequeue_func() - net sched: update vlan action for batched events operations - net: sched: use temporary variable for actions indexes - net/smc: do not schedule tx_work in SMC_CLOSED state - tipc: compat: allow tipc commands without arguments - tun: mark small packets as owned by the tap sock - net/mlx5: Fix modify_cq_in alignment - net/mlx5e: Prevent encap flow counter update async to user query - r8169: don't use MSI before RTL8168d - compat_ioctl: pppoe: fix PPPOEIOCSFWD handling - cgroup: Call cgroup_release() before __exit_signal() - cgroup: Implement css_task_iter_skip() - cgroup: Include dying leaders with live threads in PROCS iterations - cgroup: css_task_iter_skip()'d iterators must be advanced before accessed - cgroup: Fix css_task_iter_advance_css_set() cset skip condition - [arm*] spi: bcm2835: Fix 3-wire mode if DMA is enabled https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.67 - [x86] crypto: ccp - Fix oops by properly managing allocated structures - [x86] crypto: ccp - Add support for valid authsize values less than 16 - [x86] crypto: ccp - Ignore tag length when decrypting GCM ciphertext - usb: usbfs: fix double-free of usb memory upon submiturb error - usb: iowarrior: fix deadlock on disconnect - sound: fix a memory leak bug - [arm64,mips*/octeon] mmc: cavium: Set the correct dma max segment size for mmc_host - [arm64,mips*/octeon] mmc: cavium: Add the missing dma unmap when the dma has finished. - loop: set PF_MEMALLOC_NOIO for the worker thread - Input: usbtouchscreen - initialize PM mutex before using it - [x86] Input: elantech - enable SMBus on new (2018+) systems - [x86] Input: synaptics - enable RMI mode for HP Spectre X360 - [x86] mm: Check for pfn instead of page in vmalloc_sync_one() - [x86] mm: Sync also unmappings in vmalloc_sync_all() - mm/vmalloc: Sync unmappings in __purge_vmap_area_lazy() - [s390x] perf annotate: Fix s390 gap between kernel end and module start - perf db-export: Fix thread__exec_comm() - [s390x] perf record: Fix module size on s390 - [x86] purgatory: Use CFLAGS_REMOVE rather than reset KBUILD_CFLAGS - gfs2: gfs2_walk_metadata fix - usb: yurex: Fix use-after-free in yurex_delete - [x86] usb: typec: tcpm: free log buf memory when remove debug file - [x86] usb: typec: tcpm: remove tcpm dir if no children - [x86] usb: typec: tcpm: Add NULL check before dereferencing config - [x86] usb: typec: tcpm: Ignore unsupported/unknown alternate mode requests - can: peak_usb: fix potential double kfree_skb() - netfilter: nfnetlink: avoid deadlock due to synchronous request_module - [s390x] vfio-ccw: Set pa_nr to 0 if memory allocation fails for pa_iova_pfn - netfilter: Fix rpfilter dropping vrf packets by mistake - netfilter: conntrack: always store window size un-scaled - netfilter: nft_hash: fix symhash with modulus one - drm/amd/display: Wait for backlight programming completion in set backlight level - drm/amd/display: use encoder's engine id to find matched free audio device - drm/amd/display: Fix dc_create failure handling and 666 color depths - drm/amd/display: Only enable audio if speaker allocation exists - drm/amd/display: Increase size of audios array - [x86] iscsi_ibft: make ISCSI_IBFT dependson ACPI instead of ISCSI_IBFT_FIND - nl80211: fix NL80211_HE_MAX_CAPABILITY_LEN - mac80211: don't warn about CW params when not using them - allocate_flower_entry: should check for null deref - hwmon: (nct6775) Fix register address and added missed tolerance for nct6106 - drm: silence variable 'conn' set but not used - [s390x] qdio: add sanity checks to the fast-requeue path - ALSA: compress: Fix regression on compressed capture streams - ALSA: compress: Prevent bypasses of set_params - ALSA: compress: Don't allow paritial drain operations on capture streams - ALSA: compress: Be more restrictive about when a drain is allowed - perf tools: Fix proper buffer size for feature processing - perf probe: Avoid calling freeing routine multiple times for same pointer - drbd: dynamically allocate shash descriptor - ACPI/IORT: Fix off-by-one check in iort_dev_find_its_id() - nvme: fix multipath crash when ANA is deactivated - scsi: megaraid_sas: fix panic on loading firmware crashdump - [ppc64el] scsi: ibmvfc: fix WARN_ON during event pool release - scsi: scsi_dh_alua: always use a 2 second delay before retrying RTPG - test_firmware: fix a memory leak bug - tty/ldsem, locking/rwsem: Add missing ACQUIRE to read_failed sleep loop - perf/core: Fix creating kernel counters for PMUs that override event->cpu - [s390x] dma: provide proper ARCH_ZONE_DMA_BITS value - HID: sony: Fix race condition between rumble and device remove. - [x86] purgatory: Do not use __builtin_memcpy and __builtin_memset - ALSA: usb-audio: fix a memory leak bug - can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices - can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices - hwmon: (nct7802) Fix wrong detection of in4 presence - [x86] drm/i915: Fix wrong escape clock divisor init for GLK - ALSA: firewire: fix a memory leak bug - ALSA: hiface: fix multiple memory leak bugs - ALSA: hda - Don't override global PCM hw info flag - [x86] ALSA: hda - Workaround for crackled sound on AMD controller (1022:1457) - mac80211: don't WARN on short WMM parameters from AP - dax: dax_layout_busy_page() should not unmap cow pages - SMB3: Fix deadlock in validate negotiate hits reconnect - smb3: send CAP_DFS capability during session setup - NFSv4: Fix an Oops in nfs4_do_setattr - [x86] KVM: Fix leak vCPU's VMCS value into other pCPU - mwifiex: fix 802.11n/WPA detection - iwlwifi: don't unmap as page memory that was mapped as single - iwlwifi: mvm: fix an out-of-bound access - iwlwifi: mvm: don't send GEO_TX_POWER_LIMIT on version < 41 - iwlwifi: mvm: fix version check for GEO_TX_POWER_LIMIT support . [ Steve McIntyre ] * [arm64] Improve support for the Huawei TaiShan server platform (Closes: #930554): - Enable the HNS/ROCE Infiniband driver - Backport fixes from 4.20 and 4.21 for HNS3 networking, hisi_sas SAS and HNS/ROCE Infiniband - Add module:drivers/scsi/hisi_sas/* to the ABI ignore list . [ Uwe Kleine-König ] * [armhf] Add support for all i.MX6 variants. * rtc-s35390a: backport fix to make hwclock able to read the time (Closes: #932845) . [ Ben Hutchings ] * [rt] Update to 4.19.59-rt24: - Fix build failure after "genirq: Prevent use-after-free and work list corruption": + Update "genirq: Do not invoke the affinity callback via a workqueue on RT" + kthread: add a global worker thread. + genirq: Do not invoke the affinity callback via a workqueue on RT + genirq: Handle missing work_struct in irq_set_affinity_notifier() - Update "irqwork: push most work into softirq context" to resolve conflict with "irq_work: Do not raise an IPI when queueing work on the local CPU" - Drop "random: avoid preempt_disable()ed section" - arm: imx6: cpuidle: Use raw_spinlock_t - rcu: Don't allow to change rcu_normal_after_boot on RT - sched/core: Drop a preempt_disable_rt() statement - timers: Redo the notification of canceling timers on -RT - Fix futex regression in 4.19.21: + Revert "futex: Ensure lock/unlock symetry versus pi_lock and hash bucket lock" + Revert "futex: Fix bug on when a requeued RT task times out" + Revert "rtmutex: Handle the various new futex race conditions" + Revert "futex: workaround migrate_disable/enable in different context" + futex: Make the futex_hash_bucket lock raw + futex: Delay deallocation of pi_state - mm/zswap: Do not disable preemption in zswap_frontswap_store() * Bump ABI to 6 linux-signed-i386 (4.19.37+6) unstable; urgency=high . * Sign kernel from linux 4.19.37-6 . [ John Paul Adrian Glaubitz ] * [sh4]: Check for kprobe trap number before trying to handle a kprobe trap . [ Salvatore Bonaccorso ] * tcp: refine memory limit test in tcp_fragment() (Closes: #930904) * ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME (CVE-2019-13272) . [ Steve McIntyre ] * [arm64] Improve support for the Huawei TaiShan server platform (Closes: #930554): - Enable the HNS/ROCE Infiniband driver - Backport fixes from 4.20 and 4.21 for HNS3 networking, hisi_sas SAS and HNS/ROCE Infiniband - Add module:drivers/scsi/hisi_sas/* to the ABI ignore list . [ Cyril Brulebois ] * [arm] Backport DTB support for Rasperry Pi Compute Module 3. * [arm64] Backport DTB support for Rasperry Pi Compute Module 3. linux-signed-i386 (4.19.37+5+deb10u2) buster-security; urgency=high . * Sign kernel from linux 4.19.37-5+deb10u2 . [ Romain Perier ] * [x86] x86/insn-eval: Fix use-after-free access to LDT entry (CVE-2019-13233) * [powerpc*] mm/64s/hash: Reallocate context ids on fork (CVE-2019-12817) * nfc: Ensure presence of required attributes in the deactivate_target handler (CVE-2019-12984) * binder: fix race between munmap() and direct reclaim (CVE-2019-1999) * scsi: libsas: fix a race condition when smp task timeout (CVE-2018-20836) * Input: gtco - bounds check collection indent level (CVE-2019-13631) * floppy: fix out-of-bounds read in copy_buffer (CVE-2019-14283) * inet: switch IP ID generator to siphash (CVE-2019-10638) * floppy: fix div-by-zero in setup_format_params (CVE-2019-14284) * Bluetooth: hci_uart: check for missing tty operations (CVE-2019-10207) * [powerpc/tm] Fix oops on sigreturn on systems without TM (CVE-2019-13648) . [ Salvatore Bonaccorso ] * [x86] cpufeatures: Carve out CQM features retrieval * [x86] cpufeatures: Combine word 11 and 12 into a new scattered features word * [x86] speculation: Prepare entry code for Spectre v1 swapgs mitigations * [x86] speculation: Enable Spectre v1 swapgs mitigations (CVE-2019-1125) * [amd64] entry: Use JMP instead of JMPQ * [x86] speculation/swapgs: Exclude ATOMs from speculation through SWAPGS * Documentation: Add section about CPU vulnerabilities for Spectre * Documentation: Add swapgs description to the Spectre v1 documentation . [ Ben Hutchings ] * [x86] cpufeatures: Avoid ABI change for swapgs mitigations: - Move swapgs feature bits to existing scattered words - Revert "x86/cpufeatures: Combine word 11 and 12 into a new scattered features word" * inet: Avoid ABI change for IP ID hash change linux-signed-i386 (4.19.37+5+deb10u2~bpo9+1) stretch-backports; urgency=medium . * Sign kernel from linux 4.19.37-5+deb10u2~bpo9+1 . * Rebuild for stretch-backports; no further changes required linux-signed-i386 (4.19.37+5+deb10u1) buster-security; urgency=high . * Sign kernel from linux 4.19.37-5+deb10u1 . * tcp: refine memory limit test in tcp_fragment() (Closes: #930904) * ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME (CVE-2019-13272) mapproxy (1.11.0-3+deb10u1) buster; urgency=medium . * Update branch in gbp.conf & Vcs-Git URL. * Add upstream patch to fix WMS Capabilties with Python 3.7. (closes: #935887) mariadb-10.3 (1:10.3.17-0+deb10u1) buster; urgency=high . * SECURITY UPDATE: New upstream version 10.3.17. Includes fixes for the following security vulnerabilities: - CVE-2019-2737 - CVE-2019-2739 - CVE-2019-2740 - CVE-2019-2758 - CVE-2019-2805 * Upstream release 10.3.16 fixed segfaults when database 'information_schema' is accessed (Closes: #931801) * Multiple Gitlab-CI/Salsa-CI improvements * Update libmariadb3 symbols to match MariaDB Connector C 3.1 API * Add Lintian override for new test binary wsrep_check_version * Make libzstd dependency versioned as RocksDB need at least 1.3.3 * Rename 'mariadbcheck' to 'mariadb-check' as upstream is doing in 10.4 * Improve cross building (Closes: #930314) - Perform a native build of import_executables first. - cross.patch: Fix missing include in cmake/systemd.cmake. - Build-Depends: libreadline-gplv2-dev:native for the native pass. - Forward IMPORT_EXECUTABLES to the cross build pass. mariadb-10.3 (1:10.3.16-1) unstable; urgency=medium . [ Otto Kekäläinen ] * New upstream version 10.3.16 * Make libzstd dependency versioned as RocksDB need at least 1.3.3. This fixes build errors across different build environments. * Update Gitlab CI for better quality control and long-term maintenance. . [ Helmut Grohne ] * Improve cross building (Closes: #930314) mariadb-10.3 (1:10.3.15-2) unstable; urgency=medium . [ Julien Muchembled ] * Fixup RocksDB test on s390x, not available there . [ Otto Kekäläinen ] * Purge deleted translations from debian/po * Rename 'mariadbcheck' to 'mariadb-check' as upstream is doing in 10.4 musescore (2.3.2+dfsg2-7~deb10u1) buster; urgency=high . * Rebuild 2.3.2+dfsg2-7 for buster-updates (cf. #931040) . musescore (2.3.2+dfsg2-7) unstable; urgency=high . * Disable webkit functionality (Closes: #931021) ncbi-tools6 (6.1.20170106+dfsg1-0+deb10u2) buster; urgency=medium . * debian/ncbi-data.NEWS: Note UniVec removal, which turned out to have a bigger impact than anticipated. * debian/tests/run-unit-test: Explicitly point vecscreen at UniVec_Core. (See #935424.) . ncbi-tools6 (6.1.20170106+dfsg1-0+deb10u1) buster; urgency=medium . * Belatedly repackage without data/UniVec.*, some portions of which turned out to be non-free (with copyright held by Invitrogen Corporation, which requires a license for commercial use thereof). * debian/copyright: - Cover previously overlooked third-party code (all DFSG-free). - Update authors and dates for debian/*. - Set Files-Excluded to reflect repackaging. * debian/rules: Introduce NCBI_VERSION_SHLIB, with +dfsg1 stripped off. * debian/test/run-unit-test: Substitute UniVec_Core for UniVec. * debian/watch: Reflect usage of +dfsg1. * make/makeshlb.unx: NCBI_VERSION -> NCBI_VERSION_SHLIB. * Temporarily revert ncbi-cn3d splitout to expedite the above fixes. ncbi-tools6 (6.1.20170106+dfsg1-0+deb10u1) buster; urgency=medium . * Belatedly repackage without data/UniVec.*, some portions of which turned out to be non-free (with copyright held by Invitrogen Corporation, which requires a license for commercial use thereof). * debian/copyright: - Cover previously overlooked third-party code (all DFSG-free). - Update authors and dates for debian/*. - Set Files-Excluded to reflect repackaging. * debian/rules: Introduce NCBI_VERSION_SHLIB, with +dfsg1 stripped off. * debian/test/run-unit-test: Substitute UniVec_Core for UniVec. * debian/watch: Reflect usage of +dfsg1. * make/makeshlb.unx: NCBI_VERSION -> NCBI_VERSION_SHLIB. * Temporarily revert ncbi-cn3d splitout to expedite the above fixes. ncbi-tools6 (6.1.20170106+dfsg1-0+deb9u1) stretch; urgency=medium . * Belatedly repackage without data/UniVec.*, some portions of which turned out to be non-free (with copyright held by Invitrogen Corporation, which requires a license for commercial use thereof). * debian/copyright: - Cover previously overlooked third-party code (all DFSG-free). - Update authors and dates for debian/*. - Set Files-Excluded to reflect repackaging. * debian/rules: Introduce NCBI_VERSION_SHLIB, with +dfsg1 stripped off. * debian/watch: Reflect usage of +dfsg1. * make/makeshlb.unx: NCBI_VERSION -> NCBI_VERSION_SHLIB. * Temporarily revert ncbi-cn3d splitout to expedite the above fixes. ncurses (6.1+20181013-2+deb10u1) buster; urgency=medium . * Drop "rep" from xterm-new and derived terminfo descriptions (Closes: #933053). netdata (1.12.0-1+deb10u1) buster; urgency=medium . [ Lennart Weller ] * Add patch to remove Google Analytics from generated docs . [ Daniel Baumann ] * Removing currently usless depends on bash as it's still an essential package. * Adding missing GPL-3-only license stanza in copyright file. * Opting out by default from sending anonymous statistics (phone home). * Downgrading nodejs depends in netdata-plugins-nodejs to recommends as not all architectures have nodejs at the moment. . [ Federico Ceratto ] * Add patch to remove Sign In button newsboat (2.13-1+deb10u1) buster; urgency=medium . [ Nikos Tsipinakis ] * Patch use after free in itemlist (Closes: #898559) nextcloud-desktop (2.5.1-3+deb10u1) buster; urgency=medium . * Make nextcloud-desktop-cmd depend on nextcloud-desktop-common. Thanks to Calogero Lo Leggio (Closes: #932108) nginx (1.14.2-2+deb10u1) buster-security; urgency=high . * Backport upstream fixes for 3 CVEs (Closes: #935037) Those fixes affect Nginx HTTP/2 implementation, which might cause excessive memory consumption and CPU usage. (CVE-2019-9511, CVE-2019-9513, CVE-2019-9516). node-lodash (4.17.11+dfsg-2+deb10u1) buster; urgency=medium . * Team upload * Fix prototype pollution (Closes: #933079, CVE-2019-10744) node-mixin-deep (1.1.3-3+deb10u1) buster; urgency=medium . * Team upload * Fix prototype pollution (Closes: #932500, CVE-2019-10746) nss (2:3.42.1-1+deb10u1) buster; urgency=medium . * Fixes for CVE-2019-11719, CVE-2019-11727 and CVE-2019-11729 (in unstable these were addressed via the 2:3.45-1 upload to unstable) nx-libs (2:3.5.99.19-3+deb10u1) buster; urgency=medium . * Patch backport of upstream's memleak-hunt... * debian/patches: + Add 0012_xkb-initialize-tsyms.patch + Add 0013_Screen.c-correctly-free-stuff-in-nxagentCloseScreen.patch + Add 0014_Screen.c-Fix-make-sure-RRCloseScreen-is-being-called.patch + Add 0015_Keyboard.c-nullify-freed-pointers.patch + Add 0017_Fix-memleaks-Free-devPrivates-of-devices-on-shutdown.patch + Add 0018_Screen.c-fix-another-memory-leak.patch + Add 0019_mi-miinitext.c-fix-memleaks-remove-double-glx-initia.patch + Add 0023_glxext.c-fix-another-memory-leak.patch + Add 0026_glyph.c-fix-a-read-beyond-end-of-heap-buffer.patch + Add 0027_Keyboard.c-fix-three-memory-leaks.patch + Add 0028_Quarks.c-add-missing.patch + Add 0029_dix-dispatch-fix-a-small-memory-leak.patch + Add 0030_fb-fix-memory-leak-in-fbOverlayFinishScreenInit.patch + Add 0031_render-Propagate-allocation-failure-from-createSourc.patch + Add 0032_NXrender-fix-another-memleak.patch + Add 0033_Screen.c-fix-two-memleaks.patch + Add 0034_Screen.c-fix-two-more-memleaks-of-visuals.patch + Add 0036_os-access.c-add-missing.patch + Add 0038_NXdixfonts.c-fix-index-out-of-bounds.patch + Add 0041_compext-Png.c-Nullify-after-free.patch + Add 0042_mi-miexpose.c-add-missing-free.patch + Add 0049_xkb-fix-what-looks-to-be-a-copy-paste-error-with-fir.patch + Add 0050_Keyboard.c-fix-another-cppcheck-finding.patch open-infrastructure-compute-tools (20190301-lts2-1~deb10u1) buster; urgency=medium . * Uploading to buster. * Merging upstream version 20190301-lts2: - Fix start of container by altering the systemd service file. This fix workarounds a missing/wrong condition in the start script which leads to systemd-nspawn beeing called twice. The seconds call to systemd-nspawn fails because the container is already running. Systemd then killed the container. open-vm-tools (2:10.3.10-1+deb10u1) buster; urgency=medium . * [efb4df1] Fix guest OS reporting for Debian/Buster. Without this fix, open-vm-tools report other4xLinux64Guest instead of Debian/Buster. Reason is the output of lsb_release, which outputs: $ lsb_release -sd Debian GNU/Linux 10 (buster) But the code in open-vm-tools expects '10.'. Thanks to Oliver Kurth (Closes: #934005) * [2308b74] Updating gbp.conf for buster. openjdk-11 (11.0.4+11-1~deb10u1) buster-security; urgency=medium . * Rebuild for Buster openjdk-11 (11.0.4+11-1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. openjdk-11 (11.0.4+10-1) unstable; urgency=medium . * OpenJDK 11.0.4+10 build (early access). * Add riscv64 support for zero (Ed Nevill). * Fix build dependencies for Ubuntu precise builds. * Fix dependency generation on the libjpeg runtime. Closes: #927965. * Drop dependency on transitional libgl1-mesa-glx package. Closes: #930611. openjdk-11 (11.0.4+9-1) unstable; urgency=medium . * OpenJDK 11.0.4+9 build (early access). * Add another break for libequinox-osgi-java (<< 3.9.1). Closes: #931115. openjdk-11 (11.0.4+8-1) unstable; urgency=medium . * OpenJDK 11.0.4+8 build (early access). * Apply patch for JDK-8225716. openjdk-11 (11.0.4+6-1) experimental; urgency=medium . * OpenJDK 11.0.4+6 build (early access). openjdk-11 (11.0.4+4+really11.0.3+7-2) unstable; urgency=medium . * Team upload. * Refresh and rework the following patches to address FTBFS on i386: - hotspot-disable-exec-shield-workaround - workaround_expand_exec_shield_cs_limit openjdk-11 (11.0.4+4+really11.0.3+7-1) unstable; urgency=medium . * Team upload. * Revert upstream sources to GA release 11.0.3+7. * Disable workaround_expand_exec_shield_cs_limit.diff and hotspot-disable-exec-shield-workaround.diff patches * No longer try to install jspawnhelper. openjdk-11 (11.0.4+4-1) unstable; urgency=medium . * OpenJDK 11.0.4+4 build (early access). * Configure with --with-version-pre='ea' for upstream tags which are not upstream releases (has to be set manually). Not enabled during the buster freeze. * Allow to skip the bootcycle build (DEB_BUILD_OPTIONS=nobootcycle). * Add a watch file (Paul Wise). * Print some information about the host configuration before starting the build. openjdk-11 (11.0.4+2-1) unstable; urgency=medium . * OpenJDK 11.0.4+2 build. * Fix src.zip symlink. Closes: #928369. * Tighten dependency on ca-certificates-java. Closes: #914860. * Refresh patches. openjdk-11 (11.0.4+1-1) unstable; urgency=medium . * OpenJDK 11.0.4+1 build. openldap (2.4.47+dfsg-3+deb10u1) buster; urgency=medium . * Fix slapd to restrict rootDN proxyauthz to its own databases (CVE-2019-13057) (ITS#9038) (Closes: #932997) * Fix slapd to enforce sasl_ssf ACL statement on every connection (CVE-2019-13565) (ITS#9052) (Closes: #932998) * Fix slapo-rwm to not free original filter when rewritten filter is invalid (ITS#8964) (Closes: #934277, LP: #1838370) openldap (2.4.47+dfsg-3+deb10u1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. * Revert "Fix build with Heimdal 7.2.0" as stretch contains a lower version of heimdal. . openldap (2.4.47+dfsg-3+deb10u1) buster; urgency=medium . * Fix slapd to restrict rootDN proxyauthz to its own databases (CVE-2019-13057) (ITS#9038) (Closes: #932997) * Fix slapd to enforce sasl_ssf ACL statement on every connection (CVE-2019-13565) (ITS#9052) (Closes: #932998) * Fix slapo-rwm to not free original filter when rewritten filter is invalid (ITS#8964) (Closes: #934277, LP: #1838370) osinfo-db (0.20181120-1+deb10u1) buster; urgency=medium . * debian/patches/debian9-update.patch: Fix the URL's to download the iso files and point to the latest point release (9.9.0) * debian/patches/debian10-Add-info.patch: Add information about the debian buster/10 release (Closes: #935551) * d/p/debian-preseed-Fix-typo-in-config-s-name.patch: Fix the name of the parameter used to set the fullname when generating a preseed file, the documentation explicitly talks about "user-realname" but the profile was using "user-fullname" (the debconf parameter name) by mistake osmpbf (1.3.3-11+deb10u1) buster; urgency=medium . * Update branch in gbp.conf & Vcs-Git URL. * Rebuild with protobuf 3.6.1. (closes: #935990) pam-u2f (1.0.7-1+deb10u1) buster; urgency=high . * Backport multiple security fixes + Fix insecure debug file handling CVE-2019-12209. (Closes: #930021) + Fix debug file descriptor leak CVE-2019-12210. (Closes: #930023) + Fix a non-critical buffer out-of-bounds access. (Closes: #930047) . * Backport a reliability fix pam-u2f could previously segfault following a failure to allocate a buffer. pango1.0 (1.42.4-7~deb10u1) buster-security; urgency=medium . * Team upload * Rebuild for buster-security * d/gbp.conf: Set upstream branch to upstream/1.42.x * d/gbp.conf: Set packaging branch to debian/buster . pango1.0 (1.42.4-7) unstable; urgency=medium . * Team upload * d/p/bidi-Be-safer-against-bad-input.patch: Fix heap overflow when acting on malformed UTF-8. (Closes: #933860; CVE-2019-1010238) passwordsafe (1.06+dfsg-1+deb10u1) buster; urgency=medium . * Don't install localization files under an extra subdirectory. Closes: 932626 patch (2.7.6-3+deb10u1) buster-security; urgency=high . * Fix CVE-2019-13636: mishandled following of symlinks (closes: #932401). * Fix CVE-2019-13638: shell command injection. * Fix CVE-2018-1000156 regression, temporary file leak on failed ed-style patches (closes: #933140). piuparts (1.0.0+deb10u1) buster; urgency=medium . * Happy 26th birthday, Debian! And many thanks to all the contributors! . [ Andreas Beckmann ] * piuparts.py: - Add '--max-command-output-size' option to allow overriding the default of 8 MB for debugging runs. - Run pre_remove scripts before computing packages to be removed. - Fix spurious failure to remove packages with names ending with '+'. * piuparts-slave.py: - Generate separate tarball names for --merged-usr chroots. * detect_well_known_errors.py: - process untestable logs. * Makefile: use gzip -n for reproducibility. * piuparts.conf, distros.conf: Update for buster release. * custom-scripts: some updates for buster. If custom-scripts are used, it's probably better to use piuparts from bpo. . [ Holger Levsen ] * Cherry-picking the above. postgresql-11 (11.5-1+deb10u1) buster-security; urgency=high . * New upstream security release. + Fixes regression in ALTER TABLE on multiple columns. (Closes: #932247) . + No longer picks "UCT" as timezone spelling. (Closes: #929953) . + Require schema qualification to cast to a temporary type when using functional cast syntax (Noah Misch) . We have long required invocations of temporary functions to explicitly specify the temporary schema, that is pg_temp.func_name(args). Require this as well for casting to temporary types using functional notation, for example pg_temp.type_name(arg). Otherwise it's possible to capture a function call using a temporary object, allowing privilege escalation in much the same ways that we blocked in CVE-2007-2138. (CVE-2019-10208) . + Fix execution of hashed subplans that require cross-type comparison (Tom Lane, Andreas Seltenreich) . Hashed subplans used the outer query's original comparison operator to compare entries of the hash table. This is the wrong thing if that operator is cross-type, since all the hash table entries will be of the subquery's output type. For the set of hashable cross-type operators in core PostgreSQL, this mistake seems nearly harmless on 64-bit machines, but it can result in crashes or perhaps unauthorized disclosure of server memory on 32-bit machines. Extensions might provide hashable cross-type operators that create larger risks. (CVE-2019-10209) postgresql-11 (11.5-1) unstable; urgency=medium . * New upstream version. . + Fixes regression in ALTER TABLE on multiple columns. (Closes: #932247) . + No longer picks "UCT" as timezone spelling. (Closes: #929953) . + Require schema qualification to cast to a temporary type when using functional cast syntax (Noah Misch) . We have long required invocations of temporary functions to explicitly specify the temporary schema, that is pg_temp.func_name(args). Require this as well for casting to temporary types using functional notation, for example pg_temp.type_name(arg). Otherwise it's possible to capture a function call using a temporary object, allowing privilege escalation in much the same ways that we blocked in CVE-2007-2138. (CVE-2019-10208) . + Fix execution of hashed subplans that require cross-type comparison (Tom Lane, Andreas Seltenreich) . Hashed subplans used the outer query's original comparison operator to compare entries of the hash table. This is the wrong thing if that operator is cross-type, since all the hash table entries will be of the subquery's output type. For the set of hashable cross-type operators in core PostgreSQL, this mistake seems nearly harmless on 64-bit machines, but it can result in crashes or perhaps unauthorized disclosure of server memory on 32-bit machines. Extensions might provide hashable cross-type operators that create larger risks. (CVE-2019-10209) . * debian/pycompat: Obsolete, remove. * debian/patches: Add missing patch documentation. * debian/rules: Use /usr/share/dpkg/pkg-info.mk and vendor.mk for --with-extra-version. * debian/*.symbols: Add Build-Depends-Package information. * debian/tests: Also run regression tests. * debian/tests/control: Add fakeroot to dependencies. postgresql-common (200+deb10u2) buster; urgency=high . DATA LOSS WARNING: pg_upgradecluster from postgresql-common 200, 200+deb10u1, 201, and 202 will corrupt the data_directory setting when used *twice* to upgrade a cluster (e.g. 9.6 -> 10 -> 11). This update fixes the original problem, and also heals affected clusters on the next upgrade. No additional steps are required. . https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931635 . * pg_upgradecluster: Don't accidentally set (the wrong!) data_directory in postgresql.auto.conf. (Closes: #931635) * PgCommon.pm: Ignore data_directory when set in postgresql.auto.conf. * pg_upgradecluster: Delete data_directory from postgresql.auto.conf in new cluster. proftpd-dfsg (1.3.6-4+deb10u1) buster-security; urgency=medium . * Add patch from upstream to address Bug#932453: CVE-2019-12815. pulseaudio (12.2-4+deb10u1) buster; urgency=medium . * Pick upstream patch fixing mute state restoring (Closes: #913102) * Add gbp config for buster branch puppet-module-cinder (13.1.0-3+deb10u1) buster; urgency=medium . * Add missing Ceph patch: Do_not_attempt_to_write_in_etc_init.patch. python-autobahn (17.10.1+dfsg1-3+deb10u1) buster; urgency=medium . * Fix (build-)dependency on pyqrcode instead of qrcode (Closes: #931612). python-django (1:1.11.23-1~deb10u1) buster-security; urgency=high . * New upstream security release. <https://www.djangoproject.com/weblog/2019/aug/01/security-releases/> . - CVE-2019-14232: Denial-of-service possibility in django.utils.text.Truncator . If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable. . The regular expressions used by Truncator have been simplified in order to avoid potential backtracking issues. As a consequence, trailing punctuation may now at times be included in the truncated output. . - CVE-2019-14233: Denial-of-service possibility in strip_tags() . Due to the behavior of the underlying HTMLParser, django.utils.html.strip_tags() would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities. The strip_tags() method is used to implement the corresponding striptags template filter, which was thus also vulnerable. . strip_tags() now avoids recursive calls to HTMLParser when progress removing tags, but necessarily incomplete HTML entities, stops being made. . Remember that absolutely NO guarantee is provided about the results of strip_tags() being HTML safe. So NEVER mark safe the result of a strip_tags() call without escaping it first, for example with django.utils.html.escape(). . - CVE-2019-14234: SQL injection possibility in key and index lookups for JSONField/HStoreField . Key and index lookups for django.contrib.postgres.fields.JSONField and key lookups for django.contrib.postgres.fields.HStoreField were subject to SQL injection, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to QuerySet.filter(). . - CVE-2019-14235: Potential memory exhaustion in django.utils.encoding.uri_to_iri() . If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage due to excessive recursion when re-percent-encoding invalid UTF-8 octet sequences. . uri_to_iri() now avoids recursion when re-percent-encoding invalid UTF-8 octet sequences. python-django (1:1.11.22-1) unstable; urgency=medium . * New upstream security release. <https://www.djangoproject.com/weblog/2019/jul/01/security-releases/> (Closes: #931316) python-django (1:1.11.22-1~deb10u1) buster-security; urgency=high . * No-change update for buster-security. * Update debian/gbp.conf for new debian/buster branch. raspi3-firmware (1.20190215-1+deb10u1) buster; urgency=medium . * Add support for bcm2837-rpi-cm3-io3.dtb (as generated by the Linux kernel build system) aka. bcm2710-rpi-cm3.dtb (as expected by the bootloader), designed to work for: - Raspberry Pi Compute Module 3 (CM3); - Raspberry Pi Compute Module 3 Lite (CM3L); - Raspberry Pi Compute Module IO Board V3. With many thanks to Charles Fendt for the tests (Closes: #932158). * The DTB addition in the linux source package is tracked in #932157. redis (5:5.0.3-4+deb10u1) buster-security; urgency=high . * CVE-2019-10192: Fix two heap buffer overflows in the Hyperloglog functionality. (Closes: #931625) * CVE-2019-10193: Fix a stack buffer overflow vulnerability in the Hyperloglog functionality. (Closes: #931625) reportbug (7.5.3~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Re-enable submitting stretch-pu requests. * Rebuild for buster. . reportbug (7.5.3) unstable; urgency=medium . * debian/control - replace emacs* Suggests with emacs-bin-common; Closes: #925422 - bump Standards-Version to 4.4.0 (no changes needed) - add sensible-utils dep, patch by Nis Martensen * reportbug/debbugs.py - when handling ftp.d.o, dont look up package information if the package doesnt exist, fixing a crash; Closes: #923631 - fix a crash with stable version lookup, patch by Nis Martensen; Closes: #935602 * bin/reportbug - remove debug code when handling list-cc-me, patch by Josh Triplett * reportbug/utils.py - update release names, following Buster releases, patch by Nicolas Braud-Santoni; Closes: #932524, #931609 - recognize versioned Provides; patch by Nis Martensen; Closes: #934472 * man/reportbug.1 - add default for --draftpath; patch by laokz ruby-airbrussh (1.3.1-2+deb10u1) buster; urgency=medium . * d/p/utf8-encoding.patch: don't throw exception on invalid UTF-8 SSH output ruby-mini-magick (4.9.2-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Don't allow remote shell execution (CVE-2019-13574) (Closes: #931932) sdl-image1.2 (1.2.12-10+deb10u1) buster; urgency=medium . * Non-maintainer upload. * CVE-2019-5058: Fix CVE-2018-3977.patch from previous upload: check should be done for y, not ty (Closes: #932755). * CVE-2019-5052: integer overflow and subsequent buffer overflow in IMG_pcx.c. * CVE-2019-7635: heap buffer overflow in Blit1to4 (IMG_bmp.c). * CVE-2019-12216, CVE-2019-12217, CVE-2019-12218, CVE-2019-12219, CVE-2019-12220, CVE-2019-12221, CVE-2019-12222, CVE-2019-5051: OOB R/W in IMG_LoadPCX_RW (IMG_pcx.c). sendmail (8.15.2-14~deb10u1) buster; urgency=medium . * QA upload. * Rebuild for buster. . sendmail (8.15.2-14) unstable; urgency=medium . * QA upload. * sendmail-bin.prerm: Stop sendmail before removing the alternatives. * sendmail-bin.postinst: Let start-stop-daemon match on pidfile and executable. (Closes: #932598) . sendmail (8.15.2-13) unstable; urgency=medium . * QA upload. * initscript: Let start-stop-daemon match on pidfile and executable. (Closes: #932598, LP: #1822866) sendmail (8.15.2-13) unstable; urgency=medium . * QA upload. * initscript: Let start-stop-daemon match on pidfile and executable. (Closes: #932598, LP: #1822866) slirp4netns (0.2.3-1) buster; urgency=medium . * New upstream releases: - 0.2.2: check sscanf result when emulating ident, CVE-2019-9824 - 0.2.3: Fixes heap overflow in included libslirp, Closes: #933742, CVE-2019-14378 squid (4.6-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Denial of Service issue in cachemgr.cgi (CVE-2019-12854) * Denial of Service issue in HTTP Basic Authentication processing (CVE-2019-12529) * Denial of Service issue in HTTP Digest Authentication processing (CVE-2019-12525) * Heap Overflow issue in HTTP Basic Authentication processing (CVE-2019-12527) * Multiple Cross-Site Scripting issues in cachemgr.cgi (CVE-2019-13345) (Closes: #931478) subversion (1.10.4-1+deb10u1) buster-security; urgency=high . * Backport security fixes from upstream: + CVE-2018-11782: Remotely triggerable DoS vulnerability in svnserve 'get-deleted-rev'. + CVE-2018-0203: Remote unauthenticated denial-of-service in Subversion svnserve. systemd (241-7~deb10u1) buster; urgency=medium . * Rebuild for buster . systemd (241-7) unstable; urgency=medium . [ Michael Biebl ] * network: Fix failure to bring up interface with Linux kernel 5.2. Backport two patches from systemd master in order to fix a bug with 5.2 kernels where the network interface fails to come up with the following error: "enp3s0: Could not bring up interface: Invalid argument" (Closes: #931636) * Use /usr/sbin/nologin as nologin shell. In Debian the nologin shell is installed in /usr/sbin, not /sbin. (Closes: #931850) . [ Mert Dirik ] * 40-systemd: Don't fail if SysV init script uses set -u and $1 is unset (Closes: #931719) . systemd (241-6) unstable; urgency=medium . * ask-password: Prevent buffer overflow when reading from keyring. Fixes a possible memory corruption that causes systemd-cryptsetup to crash either when a single large password is used or when multiple passwords have already been pushed to the keyring. (Closes: #929726) * Clarify documentation regarding %h/%u/%U specifiers. Make it clear, that setting "User=" has no effect on those specifiers. Also ensure that "%h" is actually resolved to "/root" for the system manager instance as documented in the systemd.unit man page. (Closes: #927911) * network: Behave more gracefully when IPv6 has been disabled. Ignore any configured IPv6 settings when IPv6 has been disabled in the kernel via sysctl. Instead of failing completely, continue and log a warning instead. (Closes: #929469) systemd (241-6) unstable; urgency=medium . * ask-password: Prevent buffer overflow when reading from keyring. Fixes a possible memory corruption that causes systemd-cryptsetup to crash either when a single large password is used or when multiple passwords have already been pushed to the keyring. (Closes: #929726) * Clarify documentation regarding %h/%u/%U specifiers. Make it clear, that setting "User=" has no effect on those specifiers. Also ensure that "%h" is actually resolved to "/root" for the system manager instance as documented in the systemd.unit man page. (Closes: #927911) * network: Behave more gracefully when IPv6 has been disabled. Ignore any configured IPv6 settings when IPv6 has been disabled in the kernel via sysctl. Instead of failing completely, continue and log a warning instead. (Closes: #929469) thunderbird (1:60.8.0-1~deb10u1) buster-security; urgency=medium . [ Carsten Schoenert ] * Rebuild for buster-security thunderbird (1:60.8.0-1~deb9u1) stretch-security; urgency=medium . [ Carsten Schoenert ] * Rebuild for stretch-security tzdata (2019b-0+deb10u1) buster; urgency=medium . * New upstream version, affecting the following past and future timestamps: - Brazil has canceled DST and will stay on standard time indefinitely. - Predictions for Morocco now go through 2087 instead of 2037. - Palestine's 2019 spring transition was 03-29 at 00:00, not 03-30 at 01:00. Guess future transitions to be March's last Friday at 00:00. - Many corrections to historical Hong Kong transitions from 1941 to 1947. tzdata (2019b-0+deb9u1) stretch; urgency=medium . * New upstream version, affecting the following past and future timestamps: - Brazil has canceled DST and will stay on standard time indefinitely. - Predictions for Morocco now go through 2087 instead of 2037. - Palestine's 2019 spring transition was 03-29 at 00:00, not 03-30 at 01:00. Guess future transitions to be March's last Friday at 00:00. - Many corrections to historical Hong Kong transitions from 1941 to 1947. unzip (6.0-23+deb10u1) buster; urgency=medium . * Apply three patches by Mark Adler to fix CVE-2019-13232. - Fix bug in undefer_input() that misplaced the input state. - Detect and reject a zip bomb using overlapped entries. Bug discovered by David Fifield. Closes: #931433. - Do not raise a zip bomb alert for a misplaced central directory. Reported by Peter Green. Closes: #932404. usb.ids (2019.07.27-0+deb10u1) buster; urgency=medium . * New upstream version. vlc (3.0.8-0+deb10u1) buster-security; urgency=high . * New upstream release. - Fix a buffer overflow in the MKV demuxer (CVE-2019-14970) - Fix a read buffer overflow in the avcodec decoder (CVE-2019-13962) - Fix a read buffer overflow in the OGG demuxer (CVE-2019-14437, CVE-2019-14438) - Fix a read buffer overflow in the ASF demuxer (CVE-2019-14776) - Fix a use after free in the MKV demuxer (CVE-2019-14777, CVE-2019-14778) - Fix a use after free in the ASF demuxer (CVE-2019-14533) - Fix a couple of integer underflows in the MP4 demuxer (CVE-2019-13602) (Closes: #932131) - Fix a null dereference in the ASF demuxer (CVE-2019-14534) - Fix a division by zero in the CAF demuxer (CVE-2019-14498) - Fix a division by zero in the ASF demuxer (CVE-2019-14535) - Fix a division by zero when playing DVDs. (Closes: #929491, #923017, #932182) * debian/control: Bump libebml-dev B-D according to configure check changes. * debian/patches: Revert modplug version bump. We use the libopenmpt compat layer anyway. vlc (3.0.8-0+deb9u1) stretch-security; urgency=high . * New upstream release. - Fix a buffer overflow in the MKV demuxer (CVE-2019-14970) - Fix a read buffer overflow in the avcodec decoder (CVE-2019-13962) - Fix a read buffer overflow in the OGG demuxer (CVE-2019-14437, CVE-2019-14438) - Fix a read buffer overflow in the ASF demuxer (CVE-2019-14776) - Fix a use after free in the MKV demuxer (CVE-2019-14777, CVE-2019-14778) - Fix a use after free in the ASF demuxer (CVE-2019-14533) - Fix a couple of integer underflows in the MP4 demuxer (CVE-2019-13602) (Closes: #932131) - Fix a null dereference in the ASF demuxer (CVE-2019-14534) - Fix a division by zero in the CAF demuxer (CVE-2019-14498) - Fix a division by zero in the ASF demuxer (CVE-2019-14535) - Fix a division by zero when playing DVDs. (Closes: #929491, #923017, #932182) * debian/patches: - Revert modplug version bump. We use the libopenmpt compat layer anyway. - Revert libebml version bump. libebml has been fixed separately. vlc (3.0.7.1-3) unstable; urgency=medium . * debian/patches: Apply upstream patch to fix SIGFPE when playing DVDs. (Closes: #929491, #923017, #932182) vlc (3.0.7.1-2) unstable; urgency=medium . * debian/: Remove obsolete maintscripts. * debian/control: - Remove obsolete transitional package. - Remove obsolete Breaks+Replaces. - Bump Standards-Version. * debian/patches: Apply upstream patches to - unbreak rendering in subsvtt. - fix integer underflows in mp4. (CVE-2019-13602) (Closes: #932131) vlc (3.0.7.1-1) unstable; urgency=medium . * New upstream release. warzone2100 (3.2.1-3+deb10u1) buster; urgency=medium . * Team upload. * Move the package to salsa.debian.org. * Fix segmentation fault upon multiplayer "Start Hosting Game" Thanks to Phil Morrell for the report and Bernhard Übelacker for the patch. (Closes: #930942) webkit2gtk (2.24.3-1~deb10u1) buster; urgency=medium . * Rebuild for buster. . webkit2gtk (2.24.3-1) unstable; urgency=medium . * New upstream release (Closes: #929749). * debian/control: + Recommend gstreamer1.0-libav. This package allows the user to play most internet videos (Closes: #870814). . webkit2gtk (2.24.2-2) unstable; urgency=high . * The WebKitGTK security advisory WSA-2019-0003 lists the following security fixes in the latest versions of WebKitGTK+: + CVE-2019-8571, CVE-2019-8583, CVE-2019-8586, CVE-2019-8594, CVE-2019-8609, CVE-2019-8611, CVE-2019-8622 and CVE-2019-8623 (fixed in 2.24.0). + CVE-2019-6237, CVE-2019-8584, CVE-2019-8587, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8610 and CVE-2019-8619 (fixed in 2.24.1). + CVE-2019-8595, CVE-2019-8607 and CVE-2019-8615 (fixed in 2.24.2). * Use the CLoop Javascript interpreter in i386 and stop telling gcc to use SSE2 instructions (Closes: #930935). + debian/rules: - Build with -DENABLE_JIT=OFF -DENABLE_C_LOOP=ON and stop using -msse2 -mfpmath=sse. + debian/patches/dont-detect-sse2.patch: - Don't check for SSE2 support. + debian/NEWS: - Remove item about the requirement to have an SSE2-capable CPU. webkit2gtk (2.24.3-1~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. . webkit2gtk (2.24.3-1) unstable; urgency=medium . * New upstream release (Closes: #929749). * debian/control: + Recommend gstreamer1.0-libav. This package allows the user to play most internet videos (Closes: #870814). . webkit2gtk (2.24.2-2) unstable; urgency=high . * The WebKitGTK security advisory WSA-2019-0003 lists the following security fixes in the latest versions of WebKitGTK+: + CVE-2019-8571, CVE-2019-8583, CVE-2019-8586, CVE-2019-8594, CVE-2019-8609, CVE-2019-8611, CVE-2019-8622 and CVE-2019-8623 (fixed in 2.24.0). + CVE-2019-6237, CVE-2019-8584, CVE-2019-8587, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8610 and CVE-2019-8619 (fixed in 2.24.1). + CVE-2019-8595, CVE-2019-8607 and CVE-2019-8615 (fixed in 2.24.2). * Use the CLoop Javascript interpreter in i386 and stop telling gcc to use SSE2 instructions (Closes: #930935). + debian/rules: - Build with -DENABLE_JIT=OFF -DENABLE_C_LOOP=ON and stop using -msse2 -mfpmath=sse. + debian/patches/dont-detect-sse2.patch: - Don't check for SSE2 support. + debian/NEWS: - Remove item about the requirement to have an SSE2-capable CPU. webkit2gtk (2.24.3-1~bpo9+1) stretch-backports-sloppy; urgency=medium . * Rebuild for stretch-backports-sloppy. * debian/control: + Versions of GStreamer < 1.13 had GStreamerGL in the "bad" set, so depend on libgstreamer-plugins-bad1.0-dev and don't require GStreamer 1.13. Don't install libgstreamer-plugins-bad1.0-dev in armel or armhf: the usage of two different GL implementations causes a build failure (see WebKit bug #175127). + Remove build dependency on libwoff-dev, this is not available in this Debian release. + Don't recommend gstreamer1.0-gl, that package is not available in this Debian release. + Don't depend on libopenjp2-7-dev. * debian/rules: + Build with -DENABLE_MEDIA_SOURCE=OFF. This feature requires a more recent version of GStreamer. + Build with -DUSE_OPENJPEG=OFF. This feature requires a more recent version of libopenjp2-7-dev. . webkit2gtk (2.24.3-1) unstable; urgency=medium . * New upstream release (Closes: #929749). * debian/control: + Recommend gstreamer1.0-libav. This package allows the user to play most internet videos (Closes: #870814). . webkit2gtk (2.24.2-2) unstable; urgency=high . * The WebKitGTK security advisory WSA-2019-0003 lists the following security fixes in the latest versions of WebKitGTK+: + CVE-2019-8571, CVE-2019-8583, CVE-2019-8586, CVE-2019-8594, CVE-2019-8609, CVE-2019-8611, CVE-2019-8622 and CVE-2019-8623 (fixed in 2.24.0). + CVE-2019-6237, CVE-2019-8584, CVE-2019-8587, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8610 and CVE-2019-8619 (fixed in 2.24.1). + CVE-2019-8595, CVE-2019-8607 and CVE-2019-8615 (fixed in 2.24.2). * Use the CLoop Javascript interpreter in i386 and stop telling gcc to use SSE2 instructions (Closes: #930935). + debian/rules: - Build with -DENABLE_JIT=OFF -DENABLE_C_LOOP=ON and stop using -msse2 -mfpmath=sse. + debian/patches/dont-detect-sse2.patch: - Don't check for SSE2 support. + debian/NEWS: - Remove item about the requirement to have an SSE2-capable CPU. webkit2gtk (2.24.2-2) unstable; urgency=high . * The WebKitGTK security advisory WSA-2019-0003 lists the following security fixes in the latest versions of WebKitGTK+: + CVE-2019-8571, CVE-2019-8583, CVE-2019-8586, CVE-2019-8594, CVE-2019-8609, CVE-2019-8611, CVE-2019-8622 and CVE-2019-8623 (fixed in 2.24.0). + CVE-2019-6237, CVE-2019-8584, CVE-2019-8587, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8610 and CVE-2019-8619 (fixed in 2.24.1). + CVE-2019-8595, CVE-2019-8607 and CVE-2019-8615 (fixed in 2.24.2). * Use the CLoop Javascript interpreter in i386 and stop telling gcc to use SSE2 instructions (Closes: #930935). + debian/rules: - Build with -DENABLE_JIT=OFF -DENABLE_C_LOOP=ON and stop using -msse2 -mfpmath=sse. + debian/patches/dont-detect-sse2.patch: - Don't check for SSE2 support. + debian/NEWS: - Remove item about the requirement to have an SSE2-capable CPU. win32-loader (0.9.4+deb10u2) buster; urgency=medium . * Fix stable FTBFS through enforcing LC_ALL=POSIX . win32-loader (0.9.4+deb10u1) buster; urgency=medium . * Rebuild in stable to embed the latest debian-archive-keyring (Closes: #933829) win32-loader (0.9.4+deb10u1) buster; urgency=medium . * Rebuild in stable to embed the latest debian-archive-keyring (Closes: #933829) xymon (4.3.28-5+deb10u1) buster; urgency=high . * Apply minimal upstream security patch to fix several (server-only) vulnerabilities reported upstream by Graham Rymer: + CVE-2019-13451: service overflows histlogfn in history.c. + CVE-2019-13452: service overflows histlogfn in reportlog.c. + CVE-2019-13273: srdb overflows dbfn in csvinfo.c. + CVE-2019-13274: reflected XSS in csvinfo.c. + CVE-2019-13455: htmlquoted(hostname) overflows msgline in acknowledge.c. + CVE-2019-13484: htmlquoted(xymondreq) overflows errtxt appfeed.c. + CVE-2019-13485: hostname overflows selfurl in history.c. + CVE-2019-13486: htmlquoted(xymondreq) overflows errtxt in svcstatus.c. + Closes: #935470 * Include hostname validation regression fixes from 4.3.30, too. yubikey-personalization (1.19.3-3+deb10u1) buster; urgency=medium . * Backport security improvements from v1.20.0 * debian/control: Add missing Break+Replaces on libyubikey-udev Closes: #931081 z3 (4.4.1-1~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster. . z3 (4.4.1-1) unstable; urgency=medium . [ Gianfranco Costamagna ] * Team Upload * Upload to unstable . [ Andreas Beckmann ] * Do not set the SONAME of libz3java.so to libz3.so.4. (Closes: #842892) . z3 (4.4.1-0.5~exp1) experimental; urgency=medium . * Package moved to salsa (Closes: #926939) * Standards-Version updated to 4.2.1 * Fix priority-extra-is-replaced-by-priority-optional warning * Moved under the llvm umbrella z3 (4.4.1-1~deb9u1) stretch; urgency=medium . * Non-maintainer upload. * Rebuild for stretch. . z3 (4.4.1-1~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster. . z3 (4.4.1-1) unstable; urgency=medium . [ Gianfranco Costamagna ] * Team Upload * Upload to unstable . [ Andreas Beckmann ] * Do not set the SONAME of libz3java.so to libz3.so.4. (Closes: #842892) . z3 (4.4.1-0.5~exp1) experimental; urgency=medium . * Package moved to salsa (Closes: #926939) * Standards-Version updated to 4.2.1 * Fix priority-extra-is-replaced-by-priority-optional warning * Moved under the llvm umbrella z3 (4.4.1-0.5~exp1) experimental; urgency=medium . * Package moved to salsa (Closes: #926939) * Standards-Version updated to 4.2.1 * Fix priority-extra-is-replaced-by-priority-optional warning * Moved under the llvm umbrella zeromq3 (4.3.1-4+deb10u1) buster-security; urgency=high . [ Luca Boccassi <bluca@debian.org> ] * Fix CVE-2019-13132: application metadata not parsed correctly when using CURVE. ========================================= Sat, 06 Jul 2019 - Debian 10.0 released =========================================