====================================== Sat, 05 Dec 2020 - Debian 10.7 released ====================================== ========================================================================= [Date: Sat, 05 Dec 2020 09:41:49 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el ata-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el btrfs-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el btrfs-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el cdrom-core-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el cdrom-core-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el compress-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el compress-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el crc-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el crc-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el crypto-dm-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el crypto-dm-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el crypto-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el crypto-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el event-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el event-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el ext4-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el ext4-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el fancontrol-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el fancontrol-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el fat-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el fat-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el fb-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el fb-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el firewire-core-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el firewire-core-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el fuse-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el fuse-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el hypervisor-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el hypervisor-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el i2c-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el i2c-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el input-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el input-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el isofs-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el isofs-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el jfs-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el jfs-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el kernel-image-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el kernel-image-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el linux-headers-4.19.0-10-all-ppc64el | 4.19.132-1 | ppc64el linux-headers-4.19.0-10-powerpc64le | 4.19.132-1 | ppc64el linux-headers-4.19.0-12-all-ppc64el | 4.19.152-1 | ppc64el linux-headers-4.19.0-12-powerpc64le | 4.19.152-1 | ppc64el linux-image-4.19.0-10-powerpc64le | 4.19.132-1 | ppc64el linux-image-4.19.0-10-powerpc64le-dbg | 4.19.132-1 | ppc64el linux-image-4.19.0-12-powerpc64le | 4.19.152-1 | ppc64el linux-image-4.19.0-12-powerpc64le-dbg | 4.19.152-1 | ppc64el loop-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el loop-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el md-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el md-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el mouse-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el mouse-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el mtd-core-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el mtd-core-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el multipath-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el multipath-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el nbd-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el nbd-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el nic-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el nic-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el nic-shared-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el nic-shared-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el nic-usb-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el nic-usb-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el nic-wireless-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el nic-wireless-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el ppp-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el ppp-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el sata-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el sata-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el scsi-core-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el scsi-core-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el scsi-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el scsi-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el scsi-nic-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el scsi-nic-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el serial-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el serial-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el squashfs-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el squashfs-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el udf-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el udf-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el uinput-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el uinput-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el usb-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el usb-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el usb-serial-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el usb-serial-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el usb-storage-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el usb-storage-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el xfs-modules-4.19.0-10-powerpc64le-di | 4.19.132-1 | ppc64el xfs-modules-4.19.0-12-powerpc64le-di | 4.19.152-1 | ppc64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:42:40 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: btrfs-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x btrfs-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x cdrom-core-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x cdrom-core-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x compress-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x compress-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x crc-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x crc-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x crypto-dm-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x crypto-dm-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x crypto-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x crypto-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x dasd-extra-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x dasd-extra-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x dasd-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x dasd-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x ext4-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x ext4-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x fat-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x fat-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x fuse-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x fuse-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x isofs-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x isofs-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x kernel-image-4.19.0-10-s390x-di | 4.19.132-1 | s390x kernel-image-4.19.0-12-s390x-di | 4.19.152-1 | s390x linux-headers-4.19.0-10-all-s390x | 4.19.132-1 | s390x linux-headers-4.19.0-10-s390x | 4.19.132-1 | s390x linux-headers-4.19.0-12-all-s390x | 4.19.152-1 | s390x linux-headers-4.19.0-12-s390x | 4.19.152-1 | s390x linux-image-4.19.0-10-s390x | 4.19.132-1 | s390x linux-image-4.19.0-10-s390x-dbg | 4.19.132-1 | s390x linux-image-4.19.0-12-s390x | 4.19.152-1 | s390x linux-image-4.19.0-12-s390x-dbg | 4.19.152-1 | s390x loop-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x loop-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x md-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x md-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x mtd-core-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x mtd-core-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x multipath-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x multipath-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x nbd-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x nbd-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x nic-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x nic-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x scsi-core-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x scsi-core-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x scsi-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x scsi-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x udf-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x udf-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x xfs-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x xfs-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x zlib-modules-4.19.0-10-s390x-di | 4.19.132-1 | s390x zlib-modules-4.19.0-12-s390x-di | 4.19.152-1 | s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:43:11 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-10-all | 4.19.132-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x linux-headers-4.19.0-12-all | 4.19.152-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:43:39 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-10-all-arm64 | 4.19.132-1 | arm64 linux-headers-4.19.0-10-arm64 | 4.19.132-1 | arm64 linux-headers-4.19.0-10-rt-arm64 | 4.19.132-1 | arm64 linux-headers-4.19.0-12-all-arm64 | 4.19.152-1 | arm64 linux-headers-4.19.0-12-arm64 | 4.19.152-1 | arm64 linux-headers-4.19.0-12-rt-arm64 | 4.19.152-1 | arm64 linux-image-4.19.0-10-arm64-dbg | 4.19.132-1 | arm64 linux-image-4.19.0-10-arm64-unsigned | 4.19.132-1 | arm64 linux-image-4.19.0-10-rt-arm64-dbg | 4.19.132-1 | arm64 linux-image-4.19.0-10-rt-arm64-unsigned | 4.19.132-1 | arm64 linux-image-4.19.0-12-arm64-dbg | 4.19.152-1 | arm64 linux-image-4.19.0-12-arm64-unsigned | 4.19.152-1 | arm64 linux-image-4.19.0-12-rt-arm64-dbg | 4.19.152-1 | arm64 linux-image-4.19.0-12-rt-arm64-unsigned | 4.19.152-1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:45:04 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: btrfs-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel btrfs-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel cdrom-core-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel cdrom-core-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel compress-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel compress-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel crc-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel crc-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel crypto-dm-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel crypto-dm-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel crypto-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel crypto-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel event-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel event-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel ext4-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel ext4-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel fat-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel fat-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel fb-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel fb-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel fuse-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel fuse-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel input-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel input-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel ipv6-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel ipv6-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel isofs-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel isofs-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel jffs2-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel jffs2-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel jfs-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel jfs-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel kernel-image-4.19.0-10-marvell-di | 4.19.132-1 | armel kernel-image-4.19.0-12-marvell-di | 4.19.152-1 | armel leds-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel leds-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel linux-headers-4.19.0-10-all-armel | 4.19.132-1 | armel linux-headers-4.19.0-10-marvell | 4.19.132-1 | armel linux-headers-4.19.0-10-rpi | 4.19.132-1 | armel linux-headers-4.19.0-12-all-armel | 4.19.152-1 | armel linux-headers-4.19.0-12-marvell | 4.19.152-1 | armel linux-headers-4.19.0-12-rpi | 4.19.152-1 | armel linux-image-4.19.0-10-marvell | 4.19.132-1 | armel linux-image-4.19.0-10-marvell-dbg | 4.19.132-1 | armel linux-image-4.19.0-10-rpi | 4.19.132-1 | armel linux-image-4.19.0-10-rpi-dbg | 4.19.132-1 | armel linux-image-4.19.0-12-marvell | 4.19.152-1 | armel linux-image-4.19.0-12-marvell-dbg | 4.19.152-1 | armel linux-image-4.19.0-12-rpi | 4.19.152-1 | armel linux-image-4.19.0-12-rpi-dbg | 4.19.152-1 | armel loop-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel loop-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel md-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel md-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel minix-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel minix-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel mmc-core-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel mmc-core-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel mmc-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel mmc-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel mouse-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel mouse-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel mtd-core-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel mtd-core-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel mtd-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel mtd-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel multipath-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel multipath-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel nbd-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel nbd-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel nic-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel nic-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel nic-shared-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel nic-shared-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel nic-usb-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel nic-usb-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel ppp-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel ppp-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel sata-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel sata-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel scsi-core-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel scsi-core-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel squashfs-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel squashfs-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel udf-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel udf-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel uinput-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel uinput-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel usb-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel usb-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel usb-serial-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel usb-serial-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel usb-storage-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel usb-storage-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel zlib-modules-4.19.0-10-marvell-di | 4.19.132-1 | armel zlib-modules-4.19.0-12-marvell-di | 4.19.152-1 | armel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:45:58 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf ata-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf btrfs-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf btrfs-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf cdrom-core-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf cdrom-core-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf compress-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf compress-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf crc-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf crc-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf crypto-dm-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf crypto-dm-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf crypto-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf crypto-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf efi-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf efi-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf event-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf event-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf ext4-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf ext4-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf fat-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf fat-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf fb-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf fb-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf fuse-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf fuse-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf i2c-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf i2c-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf input-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf input-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf isofs-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf isofs-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf jfs-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf jfs-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf kernel-image-4.19.0-10-armmp-di | 4.19.132-1 | armhf kernel-image-4.19.0-12-armmp-di | 4.19.152-1 | armhf leds-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf leds-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf linux-headers-4.19.0-10-all-armhf | 4.19.132-1 | armhf linux-headers-4.19.0-10-armmp | 4.19.132-1 | armhf linux-headers-4.19.0-10-armmp-lpae | 4.19.132-1 | armhf linux-headers-4.19.0-10-rt-armmp | 4.19.132-1 | armhf linux-headers-4.19.0-12-all-armhf | 4.19.152-1 | armhf linux-headers-4.19.0-12-armmp | 4.19.152-1 | armhf linux-headers-4.19.0-12-armmp-lpae | 4.19.152-1 | armhf linux-headers-4.19.0-12-rt-armmp | 4.19.152-1 | armhf linux-image-4.19.0-10-armmp | 4.19.132-1 | armhf linux-image-4.19.0-10-armmp-dbg | 4.19.132-1 | armhf linux-image-4.19.0-10-armmp-lpae | 4.19.132-1 | armhf linux-image-4.19.0-10-armmp-lpae-dbg | 4.19.132-1 | armhf linux-image-4.19.0-10-rt-armmp | 4.19.132-1 | armhf linux-image-4.19.0-10-rt-armmp-dbg | 4.19.132-1 | armhf linux-image-4.19.0-12-armmp | 4.19.152-1 | armhf linux-image-4.19.0-12-armmp-dbg | 4.19.152-1 | armhf linux-image-4.19.0-12-armmp-lpae | 4.19.152-1 | armhf linux-image-4.19.0-12-armmp-lpae-dbg | 4.19.152-1 | armhf linux-image-4.19.0-12-rt-armmp | 4.19.152-1 | armhf linux-image-4.19.0-12-rt-armmp-dbg | 4.19.152-1 | armhf loop-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf loop-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf md-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf md-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf mmc-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf mmc-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf mtd-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf mtd-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf multipath-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf multipath-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf nbd-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf nbd-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf nic-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf nic-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf nic-shared-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf nic-shared-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf nic-usb-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf nic-usb-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf nic-wireless-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf nic-wireless-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf pata-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf pata-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf ppp-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf ppp-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf sata-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf sata-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf scsi-core-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf scsi-core-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf scsi-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf scsi-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf scsi-nic-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf scsi-nic-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf squashfs-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf squashfs-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf udf-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf udf-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf uinput-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf uinput-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf usb-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf usb-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf usb-serial-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf usb-serial-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf usb-storage-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf usb-storage-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf zlib-modules-4.19.0-10-armmp-di | 4.19.132-1 | armhf zlib-modules-4.19.0-12-armmp-di | 4.19.152-1 | armhf ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:46:22 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-10-686 | 4.19.132-1 | i386 linux-headers-4.19.0-10-686-pae | 4.19.132-1 | i386 linux-headers-4.19.0-10-all-i386 | 4.19.132-1 | i386 linux-headers-4.19.0-10-rt-686-pae | 4.19.132-1 | i386 linux-headers-4.19.0-12-686 | 4.19.152-1 | i386 linux-headers-4.19.0-12-686-pae | 4.19.152-1 | i386 linux-headers-4.19.0-12-all-i386 | 4.19.152-1 | i386 linux-headers-4.19.0-12-rt-686-pae | 4.19.152-1 | i386 linux-image-4.19.0-10-686-dbg | 4.19.132-1 | i386 linux-image-4.19.0-10-686-pae-dbg | 4.19.132-1 | i386 linux-image-4.19.0-10-686-pae-unsigned | 4.19.132-1 | i386 linux-image-4.19.0-10-686-unsigned | 4.19.132-1 | i386 linux-image-4.19.0-10-rt-686-pae-dbg | 4.19.132-1 | i386 linux-image-4.19.0-10-rt-686-pae-unsigned | 4.19.132-1 | i386 linux-image-4.19.0-12-686-dbg | 4.19.152-1 | i386 linux-image-4.19.0-12-686-pae-dbg | 4.19.152-1 | i386 linux-image-4.19.0-12-686-pae-unsigned | 4.19.152-1 | i386 linux-image-4.19.0-12-686-unsigned | 4.19.152-1 | i386 linux-image-4.19.0-12-rt-686-pae-dbg | 4.19.152-1 | i386 linux-image-4.19.0-12-rt-686-pae-unsigned | 4.19.152-1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:46:41 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-10-all-mips | 4.19.132-1 | mips linux-headers-4.19.0-12-all-mips | 4.19.152-1 | mips ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:47:20 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel affs-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel btrfs-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel btrfs-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel cdrom-core-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel cdrom-core-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel compress-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel compress-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel crc-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel crc-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel crypto-dm-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel crypto-dm-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel crypto-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel crypto-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel event-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel event-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel ext4-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel ext4-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel fat-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel fat-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel fuse-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel fuse-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel hfs-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel hfs-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel input-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel input-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel isofs-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel isofs-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel jfs-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel jfs-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel kernel-image-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel kernel-image-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel linux-headers-4.19.0-10-5kc-malta | 4.19.132-1 | mips, mips64el, mipsel linux-headers-4.19.0-10-octeon | 4.19.132-1 | mips, mips64el, mipsel linux-headers-4.19.0-12-5kc-malta | 4.19.152-1 | mips, mips64el, mipsel linux-headers-4.19.0-12-octeon | 4.19.152-1 | mips, mips64el, mipsel linux-image-4.19.0-10-5kc-malta | 4.19.132-1 | mips, mips64el, mipsel linux-image-4.19.0-10-5kc-malta-dbg | 4.19.132-1 | mips, mips64el, mipsel linux-image-4.19.0-10-octeon | 4.19.132-1 | mips, mips64el, mipsel linux-image-4.19.0-10-octeon-dbg | 4.19.132-1 | mips, mips64el, mipsel linux-image-4.19.0-12-5kc-malta | 4.19.152-1 | mips, mips64el, mipsel linux-image-4.19.0-12-5kc-malta-dbg | 4.19.152-1 | mips, mips64el, mipsel linux-image-4.19.0-12-octeon | 4.19.152-1 | mips, mips64el, mipsel linux-image-4.19.0-12-octeon-dbg | 4.19.152-1 | mips, mips64el, mipsel loop-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel loop-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel md-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel md-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel minix-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel minix-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel multipath-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel multipath-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel nbd-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel nbd-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel nic-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel nic-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel nic-shared-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel nic-shared-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel nic-usb-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel nic-usb-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel nic-wireless-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel nic-wireless-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel pata-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel pata-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel ppp-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel ppp-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel rtc-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel rtc-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel sata-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel sata-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel scsi-core-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel scsi-core-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel scsi-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel scsi-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel scsi-nic-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel scsi-nic-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel sound-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel sound-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel squashfs-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel squashfs-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel udf-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel udf-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel usb-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel usb-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel usb-serial-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel usb-serial-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel usb-storage-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel usb-storage-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel xfs-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel xfs-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel zlib-modules-4.19.0-10-octeon-di | 4.19.132-1 | mips, mips64el, mipsel zlib-modules-4.19.0-12-octeon-di | 4.19.152-1 | mips, mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:47:47 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel affs-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel ata-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel ata-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel btrfs-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel btrfs-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel cdrom-core-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel cdrom-core-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel compress-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel compress-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel crc-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel crc-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel crypto-dm-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel crypto-dm-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel crypto-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel crypto-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel event-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel event-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel ext4-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel ext4-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel fat-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel fat-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel fb-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel fb-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel fuse-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel fuse-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel hfs-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel hfs-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel i2c-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel i2c-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel input-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel input-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel isofs-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel isofs-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel jfs-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel jfs-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel kernel-image-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel kernel-image-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel linux-headers-4.19.0-10-4kc-malta | 4.19.132-1 | mips, mipsel linux-headers-4.19.0-12-4kc-malta | 4.19.152-1 | mips, mipsel linux-image-4.19.0-10-4kc-malta | 4.19.132-1 | mips, mipsel linux-image-4.19.0-10-4kc-malta-dbg | 4.19.132-1 | mips, mipsel linux-image-4.19.0-12-4kc-malta | 4.19.152-1 | mips, mipsel linux-image-4.19.0-12-4kc-malta-dbg | 4.19.152-1 | mips, mipsel loop-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel loop-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel md-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel md-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel minix-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel minix-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel mmc-core-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel mmc-core-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel mmc-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel mmc-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel mouse-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel mouse-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel mtd-core-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel mtd-core-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel multipath-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel multipath-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel nbd-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel nbd-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel nic-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel nic-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel nic-shared-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel nic-shared-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel nic-usb-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel nic-usb-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel nic-wireless-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel nic-wireless-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel pata-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel pata-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel ppp-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel ppp-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel sata-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel sata-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel scsi-core-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel scsi-core-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel scsi-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel scsi-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel scsi-nic-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel scsi-nic-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel sound-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel sound-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel squashfs-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel squashfs-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel udf-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel udf-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel usb-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel usb-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel usb-serial-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel usb-serial-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel usb-storage-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel usb-storage-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel xfs-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel xfs-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel zlib-modules-4.19.0-10-4kc-malta-di | 4.19.132-1 | mips, mipsel zlib-modules-4.19.0-12-4kc-malta-di | 4.19.152-1 | mips, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:48:23 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el affs-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el ata-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el ata-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el btrfs-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el btrfs-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el cdrom-core-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el cdrom-core-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el compress-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el compress-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el crc-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el crc-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el crypto-dm-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el crypto-dm-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el crypto-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el crypto-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el event-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el event-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el ext4-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el ext4-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el fat-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el fat-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el fb-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el fb-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el fuse-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el fuse-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el hfs-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el hfs-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el i2c-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el i2c-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el input-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el input-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el isofs-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el isofs-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el jfs-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el jfs-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el kernel-image-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el kernel-image-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el linux-headers-4.19.0-10-all-mips64el | 4.19.132-1 | mips64el linux-headers-4.19.0-12-all-mips64el | 4.19.152-1 | mips64el loop-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el loop-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el md-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el md-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el minix-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el minix-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el mmc-core-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el mmc-core-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el mmc-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el mmc-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el mouse-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el mouse-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el mtd-core-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el mtd-core-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el multipath-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el multipath-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el nbd-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el nbd-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el nic-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el nic-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el nic-shared-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el nic-shared-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el nic-usb-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el nic-usb-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el nic-wireless-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el nic-wireless-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el pata-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el pata-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el ppp-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el ppp-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el sata-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el sata-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el scsi-core-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el scsi-core-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el scsi-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el scsi-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el scsi-nic-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el scsi-nic-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el sound-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el sound-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el squashfs-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el squashfs-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el udf-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el udf-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el usb-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el usb-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el usb-serial-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el usb-serial-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el usb-storage-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el usb-storage-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el xfs-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el xfs-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el zlib-modules-4.19.0-10-5kc-malta-di | 4.19.132-1 | mips64el zlib-modules-4.19.0-12-5kc-malta-di | 4.19.152-1 | mips64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:48:54 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel affs-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel ata-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel ata-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel btrfs-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel btrfs-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel cdrom-core-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel cdrom-core-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel compress-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel compress-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel crc-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel crc-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel crypto-dm-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel crypto-dm-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel crypto-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel crypto-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel event-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel event-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel ext4-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel ext4-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel fat-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel fat-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel fb-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel fb-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel firewire-core-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel firewire-core-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel fuse-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel fuse-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel hfs-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel hfs-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel input-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel input-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel isofs-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel isofs-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel jfs-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel jfs-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel kernel-image-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel kernel-image-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel linux-headers-4.19.0-10-loongson-3 | 4.19.132-1 | mips64el, mipsel linux-headers-4.19.0-12-loongson-3 | 4.19.152-1 | mips64el, mipsel linux-image-4.19.0-10-loongson-3 | 4.19.132-1 | mips64el, mipsel linux-image-4.19.0-10-loongson-3-dbg | 4.19.132-1 | mips64el, mipsel linux-image-4.19.0-12-loongson-3 | 4.19.152-1 | mips64el, mipsel linux-image-4.19.0-12-loongson-3-dbg | 4.19.152-1 | mips64el, mipsel loop-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel loop-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel md-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel md-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel minix-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel minix-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel mtd-core-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel mtd-core-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel multipath-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel multipath-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel nbd-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel nbd-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel nfs-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel nfs-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel nic-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel nic-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel nic-shared-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel nic-shared-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel nic-usb-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel nic-usb-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel nic-wireless-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel nic-wireless-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel pata-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel pata-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel ppp-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel ppp-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel sata-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel sata-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel scsi-core-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel scsi-core-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel scsi-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel scsi-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel scsi-nic-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel scsi-nic-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel sound-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel sound-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel speakup-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel speakup-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel squashfs-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel squashfs-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel udf-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel udf-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel usb-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel usb-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel usb-serial-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel usb-serial-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel usb-storage-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel usb-storage-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel xfs-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel xfs-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel zlib-modules-4.19.0-10-loongson-3-di | 4.19.132-1 | mips64el, mipsel zlib-modules-4.19.0-12-loongson-3-di | 4.19.152-1 | mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:49:32 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: acpi-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 acpi-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 ata-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 ata-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 btrfs-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 btrfs-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 cdrom-core-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 cdrom-core-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 compress-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 compress-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 crc-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 crc-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 crypto-dm-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 crypto-dm-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 crypto-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 crypto-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 efi-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 efi-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 event-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 event-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 ext4-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 ext4-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 fat-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 fat-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 fb-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 fb-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 firewire-core-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 firewire-core-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 fuse-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 fuse-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 i2c-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 i2c-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 input-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 input-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 isofs-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 isofs-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 jfs-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 jfs-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 kernel-image-4.19.0-10-amd64-di | 4.19.132-1 | amd64 kernel-image-4.19.0-12-amd64-di | 4.19.152-1 | amd64 linux-image-4.19.0-10-amd64 | 4.19.132-1 | amd64 linux-image-4.19.0-10-cloud-amd64 | 4.19.132-1 | amd64 linux-image-4.19.0-10-rt-amd64 | 4.19.132-1 | amd64 linux-image-4.19.0-12-amd64 | 4.19.152-1 | amd64 linux-image-4.19.0-12-cloud-amd64 | 4.19.152-1 | amd64 linux-image-4.19.0-12-rt-amd64 | 4.19.152-1 | amd64 loop-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 loop-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 md-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 md-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 mmc-core-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 mmc-core-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 mmc-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 mmc-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 mouse-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 mouse-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 mtd-core-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 mtd-core-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 multipath-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 multipath-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 nbd-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 nbd-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 nic-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 nic-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 nic-pcmcia-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 nic-pcmcia-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 nic-shared-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 nic-shared-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 nic-usb-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 nic-usb-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 nic-wireless-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 nic-wireless-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 pata-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 pata-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 pcmcia-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 pcmcia-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 pcmcia-storage-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 pcmcia-storage-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 ppp-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 ppp-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 sata-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 sata-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 scsi-core-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 scsi-core-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 scsi-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 scsi-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 scsi-nic-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 scsi-nic-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 serial-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 serial-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 sound-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 sound-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 speakup-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 speakup-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 squashfs-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 squashfs-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 udf-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 udf-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 uinput-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 uinput-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 usb-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 usb-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 usb-serial-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 usb-serial-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 usb-storage-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 usb-storage-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 xfs-modules-4.19.0-10-amd64-di | 4.19.132-1 | amd64 xfs-modules-4.19.0-12-amd64-di | 4.19.152-1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-amd64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:50:19 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 ata-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 btrfs-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 btrfs-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 cdrom-core-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 cdrom-core-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 compress-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 compress-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 crc-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 crc-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 crypto-dm-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 crypto-dm-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 crypto-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 crypto-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 efi-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 efi-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 event-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 event-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 ext4-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 ext4-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 fat-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 fat-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 fb-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 fb-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 fuse-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 fuse-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 i2c-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 i2c-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 input-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 input-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 isofs-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 isofs-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 jfs-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 jfs-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 kernel-image-4.19.0-10-arm64-di | 4.19.132-1 | arm64 kernel-image-4.19.0-12-arm64-di | 4.19.152-1 | arm64 leds-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 leds-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 linux-image-4.19.0-10-arm64 | 4.19.132-1 | arm64 linux-image-4.19.0-10-rt-arm64 | 4.19.132-1 | arm64 linux-image-4.19.0-12-arm64 | 4.19.152-1 | arm64 linux-image-4.19.0-12-rt-arm64 | 4.19.152-1 | arm64 loop-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 loop-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 md-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 md-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 mmc-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 mmc-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 mtd-core-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 mtd-core-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 multipath-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 multipath-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 nbd-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 nbd-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 nic-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 nic-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 nic-shared-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 nic-shared-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 nic-usb-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 nic-usb-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 nic-wireless-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 nic-wireless-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 ppp-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 ppp-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 sata-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 sata-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 scsi-core-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 scsi-core-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 scsi-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 scsi-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 scsi-nic-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 scsi-nic-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 squashfs-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 squashfs-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 udf-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 udf-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 uinput-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 uinput-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 usb-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 usb-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 usb-serial-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 usb-serial-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 usb-storage-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 usb-storage-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 xfs-modules-4.19.0-10-arm64-di | 4.19.132-1 | arm64 xfs-modules-4.19.0-12-arm64-di | 4.19.152-1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-arm64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:52:00 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: acpi-modules-4.19.0-10-686-di | 4.19.132-1 | i386 acpi-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 acpi-modules-4.19.0-12-686-di | 4.19.152-1 | i386 acpi-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 ata-modules-4.19.0-10-686-di | 4.19.132-1 | i386 ata-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 ata-modules-4.19.0-12-686-di | 4.19.152-1 | i386 ata-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 btrfs-modules-4.19.0-10-686-di | 4.19.132-1 | i386 btrfs-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 btrfs-modules-4.19.0-12-686-di | 4.19.152-1 | i386 btrfs-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 cdrom-core-modules-4.19.0-10-686-di | 4.19.132-1 | i386 cdrom-core-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 cdrom-core-modules-4.19.0-12-686-di | 4.19.152-1 | i386 cdrom-core-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 compress-modules-4.19.0-10-686-di | 4.19.132-1 | i386 compress-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 compress-modules-4.19.0-12-686-di | 4.19.152-1 | i386 compress-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 crc-modules-4.19.0-10-686-di | 4.19.132-1 | i386 crc-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 crc-modules-4.19.0-12-686-di | 4.19.152-1 | i386 crc-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 crypto-dm-modules-4.19.0-10-686-di | 4.19.132-1 | i386 crypto-dm-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 crypto-dm-modules-4.19.0-12-686-di | 4.19.152-1 | i386 crypto-dm-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 crypto-modules-4.19.0-10-686-di | 4.19.132-1 | i386 crypto-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 crypto-modules-4.19.0-12-686-di | 4.19.152-1 | i386 crypto-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 efi-modules-4.19.0-10-686-di | 4.19.132-1 | i386 efi-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 efi-modules-4.19.0-12-686-di | 4.19.152-1 | i386 efi-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 event-modules-4.19.0-10-686-di | 4.19.132-1 | i386 event-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 event-modules-4.19.0-12-686-di | 4.19.152-1 | i386 event-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 ext4-modules-4.19.0-10-686-di | 4.19.132-1 | i386 ext4-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 ext4-modules-4.19.0-12-686-di | 4.19.152-1 | i386 ext4-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 fat-modules-4.19.0-10-686-di | 4.19.132-1 | i386 fat-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 fat-modules-4.19.0-12-686-di | 4.19.152-1 | i386 fat-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 fb-modules-4.19.0-10-686-di | 4.19.132-1 | i386 fb-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 fb-modules-4.19.0-12-686-di | 4.19.152-1 | i386 fb-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 firewire-core-modules-4.19.0-10-686-di | 4.19.132-1 | i386 firewire-core-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 firewire-core-modules-4.19.0-12-686-di | 4.19.152-1 | i386 firewire-core-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 fuse-modules-4.19.0-10-686-di | 4.19.132-1 | i386 fuse-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 fuse-modules-4.19.0-12-686-di | 4.19.152-1 | i386 fuse-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 i2c-modules-4.19.0-10-686-di | 4.19.132-1 | i386 i2c-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 i2c-modules-4.19.0-12-686-di | 4.19.152-1 | i386 i2c-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 input-modules-4.19.0-10-686-di | 4.19.132-1 | i386 input-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 input-modules-4.19.0-12-686-di | 4.19.152-1 | i386 input-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 isofs-modules-4.19.0-10-686-di | 4.19.132-1 | i386 isofs-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 isofs-modules-4.19.0-12-686-di | 4.19.152-1 | i386 isofs-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 jfs-modules-4.19.0-10-686-di | 4.19.132-1 | i386 jfs-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 jfs-modules-4.19.0-12-686-di | 4.19.152-1 | i386 jfs-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 kernel-image-4.19.0-10-686-di | 4.19.132-1 | i386 kernel-image-4.19.0-10-686-pae-di | 4.19.132-1 | i386 kernel-image-4.19.0-12-686-di | 4.19.152-1 | i386 kernel-image-4.19.0-12-686-pae-di | 4.19.152-1 | i386 linux-image-4.19.0-10-686 | 4.19.132-1 | i386 linux-image-4.19.0-10-686-pae | 4.19.132-1 | i386 linux-image-4.19.0-10-rt-686-pae | 4.19.132-1 | i386 linux-image-4.19.0-12-686 | 4.19.152-1 | i386 linux-image-4.19.0-12-686-pae | 4.19.152-1 | i386 linux-image-4.19.0-12-rt-686-pae | 4.19.152-1 | i386 loop-modules-4.19.0-10-686-di | 4.19.132-1 | i386 loop-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 loop-modules-4.19.0-12-686-di | 4.19.152-1 | i386 loop-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 md-modules-4.19.0-10-686-di | 4.19.132-1 | i386 md-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 md-modules-4.19.0-12-686-di | 4.19.152-1 | i386 md-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 mmc-core-modules-4.19.0-10-686-di | 4.19.132-1 | i386 mmc-core-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 mmc-core-modules-4.19.0-12-686-di | 4.19.152-1 | i386 mmc-core-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 mmc-modules-4.19.0-10-686-di | 4.19.132-1 | i386 mmc-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 mmc-modules-4.19.0-12-686-di | 4.19.152-1 | i386 mmc-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 mouse-modules-4.19.0-10-686-di | 4.19.132-1 | i386 mouse-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 mouse-modules-4.19.0-12-686-di | 4.19.152-1 | i386 mouse-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 mtd-core-modules-4.19.0-10-686-di | 4.19.132-1 | i386 mtd-core-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 mtd-core-modules-4.19.0-12-686-di | 4.19.152-1 | i386 mtd-core-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 multipath-modules-4.19.0-10-686-di | 4.19.132-1 | i386 multipath-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 multipath-modules-4.19.0-12-686-di | 4.19.152-1 | i386 multipath-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 nbd-modules-4.19.0-10-686-di | 4.19.132-1 | i386 nbd-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 nbd-modules-4.19.0-12-686-di | 4.19.152-1 | i386 nbd-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 nic-modules-4.19.0-10-686-di | 4.19.132-1 | i386 nic-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 nic-modules-4.19.0-12-686-di | 4.19.152-1 | i386 nic-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 nic-pcmcia-modules-4.19.0-10-686-di | 4.19.132-1 | i386 nic-pcmcia-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 nic-pcmcia-modules-4.19.0-12-686-di | 4.19.152-1 | i386 nic-pcmcia-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 nic-shared-modules-4.19.0-10-686-di | 4.19.132-1 | i386 nic-shared-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 nic-shared-modules-4.19.0-12-686-di | 4.19.152-1 | i386 nic-shared-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 nic-usb-modules-4.19.0-10-686-di | 4.19.132-1 | i386 nic-usb-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 nic-usb-modules-4.19.0-12-686-di | 4.19.152-1 | i386 nic-usb-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 nic-wireless-modules-4.19.0-10-686-di | 4.19.132-1 | i386 nic-wireless-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 nic-wireless-modules-4.19.0-12-686-di | 4.19.152-1 | i386 nic-wireless-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 pata-modules-4.19.0-10-686-di | 4.19.132-1 | i386 pata-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 pata-modules-4.19.0-12-686-di | 4.19.152-1 | i386 pata-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 pcmcia-modules-4.19.0-10-686-di | 4.19.132-1 | i386 pcmcia-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 pcmcia-modules-4.19.0-12-686-di | 4.19.152-1 | i386 pcmcia-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 pcmcia-storage-modules-4.19.0-10-686-di | 4.19.132-1 | i386 pcmcia-storage-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 pcmcia-storage-modules-4.19.0-12-686-di | 4.19.152-1 | i386 pcmcia-storage-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 ppp-modules-4.19.0-10-686-di | 4.19.132-1 | i386 ppp-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 ppp-modules-4.19.0-12-686-di | 4.19.152-1 | i386 ppp-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 sata-modules-4.19.0-10-686-di | 4.19.132-1 | i386 sata-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 sata-modules-4.19.0-12-686-di | 4.19.152-1 | i386 sata-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 scsi-core-modules-4.19.0-10-686-di | 4.19.132-1 | i386 scsi-core-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 scsi-core-modules-4.19.0-12-686-di | 4.19.152-1 | i386 scsi-core-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 scsi-modules-4.19.0-10-686-di | 4.19.132-1 | i386 scsi-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 scsi-modules-4.19.0-12-686-di | 4.19.152-1 | i386 scsi-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 scsi-nic-modules-4.19.0-10-686-di | 4.19.132-1 | i386 scsi-nic-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 scsi-nic-modules-4.19.0-12-686-di | 4.19.152-1 | i386 scsi-nic-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 serial-modules-4.19.0-10-686-di | 4.19.132-1 | i386 serial-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 serial-modules-4.19.0-12-686-di | 4.19.152-1 | i386 serial-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 sound-modules-4.19.0-10-686-di | 4.19.132-1 | i386 sound-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 sound-modules-4.19.0-12-686-di | 4.19.152-1 | i386 sound-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 speakup-modules-4.19.0-10-686-di | 4.19.132-1 | i386 speakup-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 speakup-modules-4.19.0-12-686-di | 4.19.152-1 | i386 speakup-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 squashfs-modules-4.19.0-10-686-di | 4.19.132-1 | i386 squashfs-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 squashfs-modules-4.19.0-12-686-di | 4.19.152-1 | i386 squashfs-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 udf-modules-4.19.0-10-686-di | 4.19.132-1 | i386 udf-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 udf-modules-4.19.0-12-686-di | 4.19.152-1 | i386 udf-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 uinput-modules-4.19.0-10-686-di | 4.19.132-1 | i386 uinput-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 uinput-modules-4.19.0-12-686-di | 4.19.152-1 | i386 uinput-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 usb-modules-4.19.0-10-686-di | 4.19.132-1 | i386 usb-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 usb-modules-4.19.0-12-686-di | 4.19.152-1 | i386 usb-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 usb-serial-modules-4.19.0-10-686-di | 4.19.132-1 | i386 usb-serial-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 usb-serial-modules-4.19.0-12-686-di | 4.19.152-1 | i386 usb-serial-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 usb-storage-modules-4.19.0-10-686-di | 4.19.132-1 | i386 usb-storage-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 usb-storage-modules-4.19.0-12-686-di | 4.19.152-1 | i386 usb-storage-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 xfs-modules-4.19.0-10-686-di | 4.19.132-1 | i386 xfs-modules-4.19.0-10-686-pae-di | 4.19.132-1 | i386 xfs-modules-4.19.0-12-686-di | 4.19.152-1 | i386 xfs-modules-4.19.0-12-686-pae-di | 4.19.152-1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-i386) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:53:10 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-10-common | 4.19.132-1 | all linux-headers-4.19.0-10-common-rt | 4.19.132-1 | all linux-headers-4.19.0-12-common | 4.19.152-1 | all linux-headers-4.19.0-12-common-rt | 4.19.152-1 | all linux-support-4.19.0-10 | 4.19.132-1 | all linux-support-4.19.0-12 | 4.19.152-1 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:54:19 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-10-all-amd64 | 4.19.132-1 | amd64 linux-headers-4.19.0-10-amd64 | 4.19.132-1 | amd64 linux-headers-4.19.0-10-cloud-amd64 | 4.19.132-1 | amd64 linux-headers-4.19.0-10-rt-amd64 | 4.19.132-1 | amd64 linux-headers-4.19.0-12-all-amd64 | 4.19.152-1 | amd64 linux-headers-4.19.0-12-amd64 | 4.19.152-1 | amd64 linux-headers-4.19.0-12-cloud-amd64 | 4.19.152-1 | amd64 linux-headers-4.19.0-12-rt-amd64 | 4.19.152-1 | amd64 linux-image-4.19.0-10-amd64-dbg | 4.19.132-1 | amd64 linux-image-4.19.0-10-amd64-unsigned | 4.19.132-1 | amd64 linux-image-4.19.0-10-cloud-amd64-dbg | 4.19.132-1 | amd64 linux-image-4.19.0-10-cloud-amd64-unsigned | 4.19.132-1 | amd64 linux-image-4.19.0-10-rt-amd64-dbg | 4.19.132-1 | amd64 linux-image-4.19.0-10-rt-amd64-unsigned | 4.19.132-1 | amd64 linux-image-4.19.0-12-amd64-dbg | 4.19.152-1 | amd64 linux-image-4.19.0-12-amd64-unsigned | 4.19.152-1 | amd64 linux-image-4.19.0-12-cloud-amd64-dbg | 4.19.152-1 | amd64 linux-image-4.19.0-12-cloud-amd64-unsigned | 4.19.152-1 | amd64 linux-image-4.19.0-12-rt-amd64-dbg | 4.19.152-1 | amd64 linux-image-4.19.0-12-rt-amd64-unsigned | 4.19.152-1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:54:35 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-10-all-mipsel | 4.19.132-1 | mipsel linux-headers-4.19.0-12-all-mipsel | 4.19.152-1 | mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 10:00:37 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: chromium-ublock-origin | 1.22.2+dfsg-1~deb10u1 | all xul-ext-ublock-origin | 1.22.2+dfsg-1~deb10u1 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by ublock-origin - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:31:10 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: nostalgy | 0.2.36-1.2 | source xul-ext-nostalgy | 0.2.36-1.2 | all Closed bugs: 972005 ------------------- Reason ------------------- RoQA; incompatible with newer Thunderbird versions ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:31:39 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: sieve-extension | 0.3.0+dfsg-1 | source xul-ext-sieve | 0.3.0+dfsg-1 | all Closed bugs: 972007 ------------------- Reason ------------------- RoQA; incompatible with newer Thunderbird versions ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 05 Dec 2020 09:32:02 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: browser-plugin-freshplayer-pepperflash | 0.3.9-2 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x freshplayerplugin | 0.3.9-2 | source Closed bugs: 974698 ------------------- Reason ------------------- RoQA; Obsolete, Unsupported by browsers, EOL upstream ---------------------------------------------- ========================================================================= base-files (10.3+deb10u7) buster; urgency=medium . * Change /etc/debian_version to 10.7, for Debian 10.7 point release. blueman (2.0.8-1+deb10u1) buster-security; urgency=medium . * Add patch to address CVE-2020-15238 and add libpolkit-agent-1-dev to build deps choose-mirror (2.99+deb10u2) buster; urgency=medium . * Update Mirrors.masterlist. codemirror-js (5.43.0-1+deb10u1) buster-security; urgency=high . * Backport patch from 5.58.2 for CVE-2020-7760 cups (2.2.10-6+deb10u4) buster; urgency=medium . * Backport upstream fix: - backend,scheduler/ipp.c: Fix 'printer-alert' invalid free (Closes: #961345) dav4tbsync (1.23-1~deb10u1) buster; urgency=medium . * [a7dd92d] Merge branch 'debian/sid' into debian/buster to work with Thunderbird 78.x * [0de401e] Correct path of file dav4tbsync (1.21-1) unstable; urgency=medium . * [6d81e6d] New upstream version 1.21 * [4029398] bumpd tb version to 78.3 and webext-tbsync to 2.18 dav4tbsync (1.21-1~deb10u1) buster; urgency=medium . * [dc48b60] Prepared for release: debian/changelog * [6db535b] Correct versioning vor release in buster: debian/changelog * [e79b91e] Prepared for release in buster (proposed-updates) * [7f0db57] Icon changed path dav4tbsync (1.16-1) unstable; urgency=medium . * prepared for unstable (Closes: #971770) + to fit compatibility with thunderbird 78.x * [67b1277] Added missing bug tracker to d/u/metadata dav4tbsync (1.16-1~exp1) experimental; urgency=medium . [ Mechtilde Stehmann ] * [2df0c43] New upstream version 1.15.5~beta * [be68ae5] adapted d/ to new version 1.15.5-beta . [ Carsten Schoenert ] * [c6f900a] d/gbp.conf: adding helper for git-buildpackage * [0ff72ed] New upstream version 1.16 * [cc1dba4] d/control: add new B-D on zip * [c3342df] d/copyright: update and reformat MIT license * [29f7431] d/rules: adjust build process to fit recent requirements * [743bf33] d/webext-dav4tbsync.links: updating sequencer to new requirement * [8e1b122] d/webext-dav4tbsync.install: adjust the *.xpi file only * [44baf78] d/webext-dav4tbsync.docs: drop not needesd LICENSE files dav4tbsync (1.16-1~deb10u1) buster; urgency=medium . * [bc487f4] Bumped to version 1.16 to fit compatibility + to thunderbird version 78.x (Closes:#971808) dav4tbsync (1.9-2~exp1) experimental; urgency=medium . * [1d04328] Changed maintainer email in d/control to avoid lintian warning * [276c091] Adapt for using TB >=76 dav4tbsync (1.9-1) unstable; urgency=medium . * [25b4ab5] New upstream version 1.9 debian-installer (20190702+deb10u7) buster; urgency=medium . [ Julien Cristau ] * Add grub2 to built-using (closes: #968998). . [ Cyril Brulebois ] * Bump Linux ABI to 4.19.0-13. debian-installer-netboot-images (20190702+deb10u7) buster; urgency=medium . * Update to 20190702+deb10u7, from buster-proposed-updates. distro-info-data (0.41+deb10u3) buster; urgency=medium . * Update data to 0.45: - Add Ubuntu 21.04, Hirsute Hippo. dpdk (18.11.10-1~deb10u2) buster; urgency=medium . * Backport patch to fix armhf build with NEON dpdk (18.11.10-1~deb10u1) buster; urgency=medium . * New upstream version 18.11.10 - Remote Code Execution in vhost_crypto (VM Escape) (CVE-2020-14374) - Time-of-check time-of-use vulnerabilities throughout (CVE-2020-14375) - Buffer overflow copying iv_data from guest to host (CVE-2020-14376) - write_back_data buffer over read (CVE-2020-14377) - Partial Denial of Service due to Integer Underflow (CVE-2020-14378) * New upstream version 18.11.9; For a list of changes see http://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html * Refresh patch to remove fuzz from 18.11.10 * Add rte_rawdev_dump to symbols file. It is not a new function, it was simply missing from the map file by mistake. eas4tbsync (1.20-1~deb10u1) buster; urgency=medium . * [60116af] Prepared for release: debian/changelog * [c67f390] Correct versioning for release in buster: debian/changelog * [1244201] Prepared for release in buster (proposed-updates) * [890f1ec] Icon changed path * [8c3444e] Improved d/copyright eas4tbsync (1.16-1) unstable; urgency=medium . * prepared for unstable (Closes: #971771) + to fit compatibility with thunderbird 78.x * [3f2710b] Added missing bug tracker to d/u/metadata eas4tbsync (1.16-1~exp1) experimental; urgency=medium . [ Mechtilde Stehmann ] * [1c2afd6] New upstream version 1.15.5~beta * UNRELEASED * [3564f2e] adapted d/ to new version 1.15.5-beta . [ Carsten Schoenert ] * [2f00b70] d/gbp.conf: adding helper for git-buildpackage * [f512c73] New upstream version 1.16 * [00cc0d6] d/control: add new B-D on zip * [685d0b7] d/copyright: update content, remove trailing whitespace * [ac56fb2] d/rules: adjust build process to fit recent requirements * [fb1fd87] d/webext-eas4tbsync.links: updating sequencer to new requirement * [0cf7043] d/webext-eas4tbsync.install: adjust the *.xpi file only * [64ac9ca] d/webext-eas4tbsync.docs: install README files dedicated eas4tbsync (1.16-1~deb10u1) buster; urgency=medium . * [b87d1b6] Bumped to version 1.16 to fit compatibility + to thunderbird version 78.x (Closes:#971809) eas4tbsync (1.14-2~exp1) experimental; urgency=medium . * [d5e4038] Adapt using TB>=76 eas4tbsync (1.14-1) unstable; urgency=medium . * [520424f] New upstream version 1.14 * [72f7bd0] Changed maintainer email in d/control to avoid lintian warning eas4tbsync (1.12-1) unstable; urgency=medium . * [a3311d7] New upstream version 1.12 edk2 (0~20181115.85588389-3+deb10u2) buster; urgency=medium . * Fix integer overflow in DxeImageVerificationHandler. (CVE-2019-14562) (Closes: #968819) - d/p/0001-SecurityPkg-DxeImageVerificationLib-extract-SecDataD.patch - d/p/0002-SecurityPkg-DxeImageVerificationLib-assign-WinCertif.patch - d/p/0003-SecurityPkg-DxeImageVerificationLib-catch-alignment-.patch efivar (37-2+deb10u1) buster; urgency=medium . * Backport important fixes from unstable: + fix uninitialized variable in parse_acpi_root, saving possible segfault. + Add support for nvme-fabrics and nvme-subsystem devices. Closes: #975417 enigmail (2:2.2.4-0.2~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster. * Don't run tests, the build dependency eslint is not in buster. enigmail (2:2.2.4-0.1) unstable; urgency=medium . * Non-maintainer upload . [ Gregor Riepl ] * new upstream release (Closes: #970111) * this version contains a migration wizard for converting existing enigmail configurations to the built-in openpgp support in thunderbird * it will no longer be maintained when thunderbird 78+ enters stable enigmail (2:2.1.6+ds1-1) unstable; urgency=medium . * new upstream release * drop patches already applied upstream * include more patches from upstream enigmail (2:2.1.5+ds1-1) unstable; urgency=medium . * new upstream release * drop patches already upstreamed * drop workaround for util/Preprocessor.py, since it is not used any longer * refresh patches * import bugfixes from upstream * fix parallel build * drop unnecessary debian/source/include-binaries * drop shlibs:Depends, since enigmail is now arch: all * standards-version: bump to 4.5.0 (no changes needed) enigmail (2:2.1.3+ds1-4) unstable; urgency=medium . * convert to python3 * convert unit tests to python3 as well * wrap-and-sort -ast espeak (1.48.04+dfsg-7+deb10u1) buster; urgency=medium . * patches/mbrola-fr4: Fix using espeak with mbrola-fr4 when mbrola-fr1 is not installed. fastd (18-3+deb10u1) buster; urgency=medium . * debian/patches: - Add 0001-receive-fix-buffer-leak-when-receiving-invalid-packe.patch, CVE-2020-27638: Fix DoS'able memory leak when receiving too many invalid packets (Closes: #972521) firefox-esr (78.5.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2020-51, also known as: CVE-2020-26951, CVE-2020-16012, CVE-2020-26953, CVE-2020-26956, CVE-2020-26958, CVE-2020-26959, CVE-2020-26960, CVE-2020-26961, CVE-2020-26965, CVE-2020-26968. firefox-esr (78.4.1esr-2) unstable; urgency=medium . * Cargo.lock, third_party/rust/proc-macro2, third_party/rust/syn: Update to fix FTBFS with rustc 1.47. bz#1663715. firefox-esr (78.4.1esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2020-49, also known as CVE-2020-26950. firefox-esr (78.4.1esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2020-49, also known as CVE-2020-26950. firefox-esr (78.4.0esr-2) unstable; urgency=medium . * debian/rules: Restore parts of debian/rules that were removed by mistake in 78.4.0esr-1, causing FTBFS on at least amd64. firefox-esr (78.4.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2020-46, also known as: CVE-2020-15969, CVE-2020-15683. . [Emilio Pozuelo Monfort] * debian/browser.bug-presubj.in, debian/control.in, debian/rules, debian/symbols.mk, debian/upstream.mk: Remove support for jessie. * debian/control.in, debian/rules: stretch: build with LLVM 7, 4.0 doesn't support -std=gnu++17. * debian/rules: - stretch: build with GCC 7 from gcc-mozilla. - Call python with -B when regenerating the control files, so as to not generate bytecode files. - Call debian/l10n/gen with C.UTF-8 as the locale, otherwise it fails in stretch when opening the iso-codes files. - stretch: don't set NASM on !x86. firefox-esr (78.4.0esr-1~deb10u2) buster-security; urgency=medium . * debian/rules: Restore parts of debian/rules that were removed by mistake in 78.4.0esr-1~deb10u1, causing FTBFS on at least amd64. firefox-esr (78.4.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2020-46, also known as: CVE-2020-15969, CVE-2020-15683. . [Emilio Pozuelo Monfort] * debian/browser.bug-presubj.in, debian/control.in, debian/rules, debian/symbols.mk, debian/upstream.mk: Remove support for jessie. * debian/control.in, debian/rules: stretch: build with LLVM 7, 4.0 doesn't support -std=gnu++17. * debian/rules: - stretch: build with GCC 7 from gcc-mozilla. - Call python with -B when regenerating the control files, so as to not generate bytecode files. - Call debian/l10n/gen with C.UTF-8 as the locale, otherwise it fails in stretch when opening the iso-codes files. - stretch: don't set NASM on !x86. . [Mike Hommey] * third-party/rust/authenticator/src/linux/ioctl_mips*.rs: Add missing bindings for mips*. firefox-esr (78.3.0esr-2) unstable; urgency=medium . * third-party/rust/authenticator/src/linux/ioctl_mips*.rs: Add missing bindings for mips*. firefox-esr (78.3.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2020-43, also known as: CVE-2020-15677, CVE-2020-15676, CVE-2020-15678, CVE-2020-15673. . * js/src/jit/mips-shared/CodeGenerator-mips-shared.cpp: Add CodeGenerator::visitWasmRegisterResult function. bz#1649655. * js/src/jit/none/MacroAssembler-none.h: Bump CodeAlignment to 8. bz#1666646. firefox-esr (78.3.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2020-43, also known as: CVE-2020-15677, CVE-2020-15676, CVE-2020-15678, CVE-2020-15673. . * js/src/jit/mips-shared/CodeGenerator-mips-shared.cpp: Add CodeGenerator::visitWasmRegisterResult function. bz#1649655. * js/src/jit/none/MacroAssembler-none.h: Bump CodeAlignment to 8. bz#1666646. * third-party/rust/authenticator/src/linux/ioctl_mips*.rs: Add missing bindings for mips*. . firefox-esr (78.2.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2020-32 and mfsa2020-38, also known as: CVE-2020-15652, CVE-2020-6514, CVE-2020-15655, CVE-2020-15653, CVE-2020-6463, CVE-2020-15656, CVE-2020-15658, CVE-2020-15654, CVE-2020-15659, CVE-2020-15664, CVE-2020-15670. . firefox (78.0.2-1) unstable; urgency=medium . * New upstream release. * Fix for mfsa2020-28. . firefox (78.0.1-1) unstable; urgency=medium . * New upstream release. . * debian/rules: - Replace --disable-ion with --disable-jit. - Don't generated the ICU data file for big-endian manually. . * js/src/jit/mips-shared/MacroAssembler-mips-shared-inl.h, js/src/jit/mips64/MacroAssembler-mips64-inl.h: Add branchTestSymbol and fallibleUnboxPtr. bz#1642265. * config/external/icu/data/*icudata*, config/external/icu/data/moz.build, js/moz.configure: Unify the includion of the ICU data file. bz#1650299. * config/external/icu/common/moz.build, config/external/icu/common/sources.mozbuild, config/external/icu/data/convert_icudata.py, config/external/icu/data/moz.build, config/external/icu/defs.mozbuild, config/external/icu/i18n/moz.build, config/external/icu/i18n/sources.mozbuild, config/external/icu/icupkg/moz.build, config/external/icu/icupkg/sources.mozbuild, config/external/icu/moz.build, config/external/icu/toolutil/moz.build, config/external/icu/toolutil/sources.mozbuild, config/recurse.mk, intl/icu_sources_data.py: Automatically convert the little-endian ICU data file for big-endian builds. . firefox (78.0-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-24, also known as: CVE-2020-12415, CVE-2020-12416, CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421, CVE-2020-12422, CVE-2020-12424, CVE-2020-12425, CVE-2020-12426. . * debian/control*: Bump nss build dependency. * debian/control*, debian/rules: Remove build dependency on python2.7. * debian/browser.mozconfig.in: Remove obsolete configure options. . * build/virtualenv_packages.txt: Don't install enum and enum34 virtualenv packages in python3 virtualenvs. bz#1632429. . firefox (77.0-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-20, also known as: CVE-2020-12399, CVE-2020-12405, CVE-2020-12406, CVE-2020-12407, CVE-2020-12408, CVE-2020-12409, CVE-2020-12410, CVE-2020-12411. . * debian/l10n/gen, debian/l10n_revs.py, debian/latest_nightly.py, debian/rules, debian/symbols.mk: Convert to python 3. * debian/control*: Bump nss and cbindgen build dependencies. * debian/rules: - Revert PKCS11 API change from 76.0.1-1 because the new API is now explicitly used by upstream code. - Stop passing -fno-schedule-insns2 -fno-lifetime-dse and -fno-delete-null-pointer-checks to GCC. . firefox (76.0.1-2) unstable; urgency=medium . * debian/browser.mozconfig.in: Allow addon sideload. Closes: #960084. * debian/control*: Bump nasm build dependency to 2.14. . firefox (76.0.1-1) unstable; urgency=medium . * New upstream release . * debian/rules: Force using old PKCS11 API when building against newer NSS releases. Closes: #960012. . firefox (76.0-2) unstable; urgency=medium . * Cargo.lock, third_party/rust/typenum/*: Upgrade typename to 1.12.0. bz#1635671. Fixes FTBFS on i386. . firefox (76.0-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-16, also known as: CVE-2020-12387, CVE-2020-6831, CVE-2020-12390, CVE-2020-12391, CVE-2020-12392, CVE-2020-12394, CVE-2020-12395, CVE-2020-12396. . * debian/control*: Bump nss build dependency. * debian/browser.install.in: Don't install blocklist.xml, it's not there anymore. . * config/recurse.mk: Don't depend on in-tree NSS/NSPR when building against system NSS/NSPR. bz#1634926. . firefox (75.0-2) unstable; urgency=medium . * build/moz.configure/util.configure: In configure, pass extra compiler flags after source path. Fixes FTBFS with --with-system-libvpx with gcc-9 >= 9-20190125-2. . firefox (75.0-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-12, also known as: CVE-2020-6821, CVE-2020-6822, CVE-2020-6823, CVE-2020-6824, CVE-2020-6825, CVE-2020-6826. . * debian/control*: Bump nss, rustc, cargo, cbindgen and nodejs build dependencies. * debian/control*, debian/rules: Build against libvpx >= 1.8. We used to build-conflicts with that version, but that's not necessary now that upstream needs that version. * debian/browser.install.in: Don't install .chk files, they aren't produced anymore. * debian/browser.install.in, debian/browser.mozconfig.in, debian/control*, debian/rules: Don't build against system sqlite. This is not supported anymore. . * python/mozbuild/mozbuild/nodeutil.py: Allow to build with older versions of nodejs 10. . firefox (74.0.1-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-11, also known as: CVE-2020-6819, CVE-2020-6820. . firefox (74.0-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2020-08, also known as: CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6808, CVE-2020-6809, CVE-2020-6810, CVE-2020-6811, CVE-2019-20503, CVE-2020-6812, CVE-2020-6813, CVE-2020-6814, CVE-2020-6815. . * debian/rules: - Use the -o flag to redirect preprocessor output rather than shell redirection to work around bz#1621465. - Remove obj-*/.mozbuild on clean. * debian/control*: Bump nspr, nss, sqlite and cbindgen build dependencies. . * config/mozunit/mozunit/mozunit.py, python/mozbuild/mozbuild/action/langpack_manifest.py, python/mozbuild/mozbuild/jar.py, python/mozbuild/mozbuild/preprocessor.py, python/mozbuild/mozbuild/test/backend/test_build.py: Use io.open() rather than open() in mozbuild/preprocessor.py. bz#1613263. * dom/canvas/ClientWebGLContext.h, dom/canvas/WebGLContext.h: Fix build errors with -Werror=format-security with GCC. . firefox (73.0.1-1) unstable; urgency=medium . * New upstream release. . * gfx/2d/SwizzleNEON.cpp: Fix NEON compile error with gcc and RGB unpacking. bz#1610814. . firefox (73.0-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2020-05, also known as: CVE-2020-6796, CVE-2020-6798, CVE-2020-6800, CVE-2020-6801. . * debian/control*: Bump nss, rustc, cargo and cbindgen build dependencies. * debian/browser.install.in: Do not install now removed chrome.manifest and libnssdbm3.* files. . firefox (72.0.2-1) unstable; urgency=medium . * New upstream release. . firefox (72.0.1-1) unstable; urgency=medium . * New upstream release. * Fix for mfsa2020-03, also known as CVE-2019-17026. . firefox (72.0-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2020-01, also known as: CVE-2019-17016, CVE-2019-17017, CVE-2019-17020, CVE-2019-17022, CVE-2019-17023, CVE-2019-17024, CVE-2019-17025. . * debian/rules: - Don't build with --compress-debug-sections on jessie. - Use sourcestamp.txt for MOZ_BUILD_DATE. - Avoid running dh_update_autotools_config. We're dealing with this manually and we don't want config.* files being touched under third_party/rust. * debian/control*: - Bump nspr, nss and sqlite build dependencies. - Add missing dependency on libdrm-dev. * debian/browser.mozconfig.in: Explicitly build with wayland support enabled. . * intl/icu_sources_data.py: Don't build ICU in parallel. * gfx/skia/skia/third_party/skcms/src/Transform_inl.h: Work around older GCC ICE on arm. (Thanks Emilio Pozuelo Monfort) . firefox (71.0-2) unstable; urgency=medium . * dom/indexedDB/ActorsParent.cpp: Work around lack of support for http://eel.is/c++draft/class.temporary#6.7 in compilers. bz#1601707 Closes: #946249, #946547. * layout/generic/WritingModes.h, servo/ports/geckolib/cbindgen.toml: Fix build with newer cbindgen. bz#1602358. . firefox (71.0-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2019-36, also known as: CVE-2019-11756, CVE-2019-17008, CVE-2019-11745, CVE-2019-17014, CVE-2019-17010, CVE-2019-17005, CVE-2019-17011, CVE-2019-17012, CVE-2019-17013. . * debian/l10n/gen: Add support for ca-valencia. * debian/control*: Bump nspr, nss, rustc and cargo build dependencies. * debian/rules, debian/control.in: - Build with nodejs-mozilla on jessie and stretch. - Build with nasm-mozilla on jessie and stretch. - Don't build with system libvpx on stretch. (Thanks Emilio Pozuelo Monfort) . firefox (70.0.1-1) unstable; urgency=medium . * New upstream release. . firefox (70.0-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2019-34, also known as: CVE-2018-6156, CVE-2019-15903, CVE-2019-11757, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11765, CVE-2019-17000, CVE-2019-17001, CVE-2019-17002, CVE-2019-11764. . * debian/control*: Bump nss, sqlite, rustc, cargo, and cbindgen build dependencies. . firefox (69.0.2-1) unstable; urgency=medium . * New upstream release. . firefox (69.0.1-1) unstable; urgency=medium . * New upstream release. * Fix for mfsa2019-31, also known as CVE-2019-11754. . * debian/control*: - Bump nss, rustc, cargo and cbindgen build dependencies. Closes: #939412. - Remove build dependency versions where Debian has had the right version since Jessie. * debian/source/lintian-overrides: Adjust DotZlib.chm path. . firefox (69.0-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2019-25, also known as: CVE-2019-11746, CVE-2019-11744, CVE-2019-11742, CVE-2019-11752, CVE-2019-9812, CVE-2019-11741, CVE-2019-11743, CVE-2019-11748, CVE-2019-11749, CVE-2019-5849, CVE-2019-11750, CVE-2019-11737, CVE-2019-11738, CVE-2019-11747, CVE-2019-11734, CVE-2019-11735, CVE-2019-11740. . * debian/upstream.mk: Read source repo and revision from json when getting upstream info. Instead of the .txt file that doesn't exist as of 69. * debian/control*: - Remove unused build dependency against python-ply. - Remove python-minimal build dependency. All supported versions of Debian have a new enough version. - Remove build dependency against libjsoncpp-dev. * debian/l10n/gen, debian/latest_nightly.py, debian/rules, debian/symbols.mk, debian/upstream.mk, debian/watch: Use explicit python2.7 instead of python. * debian/rules: Use `mach python --no-virtualenv` to invoke the preprocessor. . * config/system-headers, toolkit/crashreporter/jsoncpp/src/lib_json/moz.build, toolkit/crashreporter/minidump-analyzer/moz.build: Revert hack to build against libjsoncpp. It was fine when it was only used by the crash reporter, but that's not the case anymore, and it breaks the build. Also, the bundled version is newer than what is available in Debian. firefox-esr (78.2.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2020-32 and mfsa2020-38, also known as: CVE-2020-15652, CVE-2020-6514, CVE-2020-15655, CVE-2020-15653, CVE-2020-6463, CVE-2020-15656, CVE-2020-15658, CVE-2020-15654, CVE-2020-15659, CVE-2020-15664, CVE-2020-15670. firefox-esr (68.12.0esr-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-37, also known as CVE-2020-15664 and CVE-2020-15669. fish (3.0.2-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. + With permission from package maintainer and uploader. . [ Miao Wang ] * debian/patches: Add patch to ensure tty options are restored on exit. This fixes upstream issue 5663. (Closes: #970777) freecol (0.11.6+dfsg2-2+deb10u1) buster; urgency=medium . * CVE-2018-1000825 (Closes: #917023) freetype (2.9.1-3+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix heap buffer overflow (CVE-2020-15999) (Closes: #972586) gajim-omemo (2.6.27-1+deb10u1) buster; urgency=medium . * add patch: Switch to 12 byte IV glances (3.1.0-1+deb10u1) buster; urgency=medium . * d/control: Update my lastname. * Now glances listen on 127.0.0.1. (Closes: #970812) httpcomponents-client (4.5.7-1+deb10u1) buster-security; urgency=high . * Team upload. * Fix CVE-2020-13956: Incorrect handling of malformed authority component by URIUtils#extractHost. iptables-persistent (1.0.11+deb10u1) buster; urgency=medium . * [cdc4a5] Do not load modules. Thanks to Thorsten Glaser (Closes: #963012) * [cdc4a5] Do not call log_action_cont_msg() Thanks to Synthea (Closes: #961589) * [b6e6f9] Backport the logic to flush rules from 1.0.14 krb5 (1.17-3+deb10u1) buster-security; urgency=medium . * CVE-2020-28196 (Closes: #973880) lacme (0.5-1+deb10u2) buster; urgency=medium . * Use upstream certificate chain instead of an hardcoded one. This is a breaking change. The certificate indicated by 'CAfile' is no longer used as is in 'certificate-chain' (along with the leaf cert). The chain returned by the ACME v2 endpoint is used instead. This allows for more flexbility with respect to key/CA rotation, cf. https://letsencrypt.org/2020/11/06/own-two-feet.html and https://community.letsencrypt.org/t/beginning-issuance-from-r3/139018 * Additional current/planned CA certificates can be found under /usr/local/share/lacme: - lets-encrypt-e[12].pem - lets-encrypt-r[34]-cross-signed.pem - lets-encrypt-r[34].pem - letsencryptauthorityx[34].pem See https://letsencrypt.org/certificates/ * Moreover 'CAfile' now defaults to /usr/share/lacme/ca-certificates.crt which is a concatenation of all known active CA certificates (which includes the previous default). Closes: #975862. libdatetime-timezone-perl (1:2.23-1+2020d) buster; urgency=medium . * Update to Olson database version 2020d. This update includes contemporary changes for Palestine. libdatetime-timezone-perl (1:2.23-1+2020c) buster; urgency=medium . * Update to Olson database version 2020c. This update includes contemporary changes for Fiji. libdatetime-timezone-perl (1:2.23-1+2020b) buster; urgency=medium . * Update to Olson database version 2020b. This update includes contemporary changes for Morocco, Casey Station, and the Yukon. This release also removes the very long-deprecated "US/Pacific-New" zone name. libexif (0.6.21-5.1+deb10u5) buster-security; urgency=medium . * Add upstream patch to prevent compiler optimization of a buffer overflow check (fixes CVE-2020-0452). libimobiledevice (1.2.1~git20181030.92c5462-2+deb10u1) buster; urgency=medium . * d/patches: partial support for iOS 14 libjpeg-turbo (1:1.5.2-2+deb10u1) buster; urgency=medium . * CVE-2018-1152 (Closes: #902950) * CVE-2018-14498 (Closes: #924678) * CVE-2019-2201 * CVE-2020-13790 (Closes: #962829) libproxy (0.4.15-5+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix buffer overflow when PAC is enabled (CVE-2020-26154) (Closes: #968366) * Rewrite url::recvline to be nonrecursive (CVE-2020-25219) (Closes: #971394) libxml2 (2.9.4+dfsg1-7+deb10u1) buster; urgency=medium . * CVE-2017-18258 (Closes: #895245) * CVE-2018-14404 (Closes: #901817) * CVE-2018-14567 * CVE-2019-19956 * CVE-2019-20388 (Closes: #949583) * CVE-2020-7595 (Closes: #949582) linux (4.19.160-2) buster; urgency=medium . * net: Disable MLX5_ESWITCH on mips and mipsel (Fixes FTBFS) linux (4.19.160-1) buster; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.153 - [ppc64el] ibmveth: Switch order of ibmveth_helper calls. - [ppc64el] ibmveth: Identify ingress large send packets. - ipv4: Restore flowi4_oif update before call to xfrm_lookup_route - mlx4: handle non-napi callers to napi_poll - [armhf] net: fec: Fix phy_device lookup for phy_reset_after_clk_enable() - [armhf] net: fec: Fix PHY init after phy_reset_after_clk_enable() - net: fix pos incrementment in ipv6_route_seq_next - net/smc: fix valid DMBE buffer sizes - net: usb: qmi_wwan: add Cellient MPL200 card - tipc: fix the skb_unshare() in tipc_buf_append() - net/ipv4: always honour route mtu during forwarding - r8169: fix data corruption issue on RTL8402 - [arm*] binder: fix UAF when releasing todo list (CVE-2020-0423) - ALSA: bebob: potential info leak in hwdep_read() - net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device - [x86,ppc64el] net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling ether_setup - net/sched: act_tunnel_key: fix OOB write in case of IPv6 ERSPAN tunnels - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() - tcp: fix to update snd_wl1 in bulk receiver fast path - r8169: fix operation under forced interrupt threading - icmp: randomize the global rate limiter (CVE-2020-25705) - ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887 - cifs: remove bogus debug code - cifs: Return the error from crypt_message when enc/dec key not found. - [x86] KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages - [x86] KVM: SVM: Initialize prev_ga_tag before use - crypto: algif_aead - Do not set MAY_BACKLOG on the async path - [x86] EDAC/i5100: Fix error handling order in i5100_init_one() - [x86] fpu: Allow multiple bits in clearcpuid= parameter - [arm64] drivers/perf: xgene_pmu: Fix uninitialized resource struct - [x86] nmi: Fix nmi_handle() duration miscalculation - [amd64] x86/events/amd/iommu: Fix sizeof mismatch - crypto: algif_skcipher - EBUSY on aio should be an error - media: tuner-simple: fix regression in simple_set_radio_freq - media: uvcvideo: Set media controller entity functions - media: uvcvideo: Silence shift-out-of-bounds warning - [armhf] media: omap3isp: Fix memleak in isp_probe - [armhf] media: ti-vpe: Fix a missing check and reference count leak - regulator: resolve supply after creating regulator - ath10k: provide survey info as accumulated data - Bluetooth: hci_uart: Cancel init work before unregistering - ath6kl: prevent potential array overflow in ath6kl_add_new_sta() - ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() - ath10k: Fix the size used in a 'dma_free_coherent()' call in an error handling path - [arm64] wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 - [arm64] ASoC: qcom: lpass-platform: fix memory leak - [arm64] ASoC: qcom: lpass-cpu: fix concurrency issue - brcmfmac: check ndev pointer - mwifiex: Do not use GFP_KERNEL in atomic context - [x86] staging: rtl8192u: Do not use GFP_KERNEL in atomic context - [x86] drm/gma500: fix error check - scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()' - scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() - scsi: csiostor: Fix wrong return value in csio_hw_prep_fw() - [x86] VMCI: check return value of get_user_pages_fast() for errors - [ppc64el] tty: hvcs: Don't NULL tty->driver_data until hvcs_cleanup() - pty: do tty_flip_buffer_push without port->lock in pty_write - [x86] pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare() - [x86] pwm: lpss: Add range limit check for the base_unit register value - [x86] video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error - video: fbdev: sis: fix null ptr dereference - video: fbdev: radeon: Fix memleak in radeonfb_pci_register - HID: roccat: add bounds checking in kone_sysfs_write_settings() - [armhf] pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser - [armhf] pinctrl: mcp23s08: Fix mcp23x17 precious range - net/mlx5: Don't call timecounter cyc2time directly from 1PPS flow - [arm64,armhf] net: stmmac: use netif_tx_start|stop_all_queues() function - [arm64] cpufreq: armada-37xx: Add missing MODULE_DEVICE_TABLE - ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd() - [amd64] misc: mic: scif: Fix error handling path - [arm*] usb: dwc2: Fix parameter type in function pointer prototype - quota: clear padding in v2r1_mem2diskdqb() - HID: hid-input: fix stylus battery reporting - net: enic: Cure the enic api locking trainwreck - [mips*] mfd: sm501: Fix leaks in probe() - iwlwifi: mvm: split a print to avoid a WARNING in ROC - usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above. - usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well - nl80211: fix non-split wiphy information - [arm*] usb: dwc2: Fix INTR OUT transfers in DDMA mode. - scsi: target: tcmu: Fix warning: 'page' may be used uninitialized - scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs() - mwifiex: fix double free - ipvs: clear skb->tstamp in forwarding path - netfilter: nf_log: missing vlan offload tag and proto - mm/memcg: fix device private memcg accounting - mm, oom_adj: don't loop through tasks in __set_oom_adj when not necessary - IB/mlx4: Fix starvation in paravirt mux/demux - IB/mlx4: Adjust delayed work when a dup is observed - [powerpc*] pseries: Fix missing of_node_put() in rng_init() - [powerpc*] icp-hv: Fix missing of_node_put() in success path - RDMA/ucma: Fix locking for ctx->events_reported - RDMA/ucma: Add missing locking around rdma_leave_multicast() - [powerpc*] pseries: explicitly reschedule during drmem_lmb list traversal - mtd: mtdoops: Don't write panic data twice - [armel,armhf] ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values - xfs: limit entries returned when counting fsmap records - xfs: fix high key handling in the rt allocator's query_range function - RDMA/qedr: Fix use of uninitialized field - RDMA/qedr: Fix inline size returned for iWARP https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.154 - [powerpc*] 64s/radix: Fix mm_cpumask trimming race vs kthread_use_mm - RDMA/cma: Remove dead code for kernel rdmacm multicast - RDMA/cma: Consolidate the destruction of a cma_multicast in one place - [arm64] RDMA/hns: Set the unsupported wr opcode - [arm64] RDMA/hns: Fix missing sq_sig_type when querying QP - overflow: Include header file with SIZE_MAX declaration - [powerpc*] perf: Exclude pmc5/6 from the irrelevant PMU group constraints - [poerpc*] cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier - IB/rdmavt: Fix sizeof mismatch - f2fs: wait for sysfs kobject removal before freeing f2fs_sb_info - lib/crc32.c: fix trivial typo in preprocessor condition - rapidio: fix error handling path - rapidio: fix the missed put_device() for rio_mport_add_riodev - mailbox: avoid timer start from callback - [arm64,armhf] clk: rockchip: Initialize hw to error to avoid undefined behavior - [arm*] clk: bcm2835: add missing release if devm_clk_hw_register fails - watchdog: Fix memleak in watchdog_cdev_register - watchdog: Use put_device on error - svcrdma: fix bounce buffers for unaligned offsets and multiple pages - ext4: limit entries returned when counting fsmap records - vfio/pci: Clear token on bypass registration failure - [amd64,arm64] vfio iommu type1: Fix memory leak in vfio_iommu_type1_pin_pages - SUNRPC: fix copying of multiple pages in gss_read_proxy_verf() - [armhf] Input: omap4-keypad - fix handling of platform_get_irq() error - [armhf] Input: twl4030_keypad - fix handling of platform_get_irq() error - [armhf] Input: sun4i-ps2 - fix handling of platform_get_irq() error - [x86] KVM: emulating RDPID failure shall return #UD rather than #GP - netfilter: conntrack: connection timeout after re-register - netfilter: nf_fwd_netdev: clear timestamp in forwarding path - [armhf] dts: sun8i: r40: bananapi-m2-ultra: Fix dcdc1 regulator - [armhf] memory: omap-gpmc: Fix a couple off by ones - [powerpc*] powernv/dump: Fix race while processing OPAL dump - nvmet: fix uninitialized work for zero kato - [x86,arm64] i2c: core: Restore acpi_walk_dep_device_list() getting called after registering the ACPI i2c devs - block: ratelimit handle_bad_sector() message - [x86] crypto: ccp - fix error handling - media: firewire: fix memory leak - media: ati_remote: sanity check for both endpoints - media: media/pci: prevent memory leak in bttv_probe - media: uvcvideo: Ensure all probed info is returned to v4l2 - mmc: sdio: Check for CISTPL_VERS_1 buffer size - media: saa7134: avoid a shift overflow - fs: dlm: fix configfs memory leak - [arm64] media: venus: core: Fix runtime PM imbalance in venus_probe - ip_gre: set dev->hard_header_len and dev->needed_headroom properly - mac80211: handle lack of sband->bitrates in rates - PM: hibernate: remove the bogus call to get_gendisk() in software_resume() - scsi: mvumi: Fix error return in mvumi_io_attach() - scsi: target: core: Add CONTROL field for trace events - [amd64] mic: vop: copy data to kernel space then write to io memory - [amd64] misc: vop: add round_up(x,4) for vring_size to avoid kernel panic - usb: gadget: function: printer: fix use-after-free in __lock_acquire - udf: Limit sparing table size - udf: Avoid accessing uninitialized data on failed inode read - USB: cdc-acm: handle broken union descriptors - [arm64,armhf] usb: dwc3: simple: add support for Hikey 970 - [armhf] can: flexcan: flexcan_chip_stop(): add error handling and propagate error value - ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs() - misc: rtsx: Fix memory leak in rtsx_pci_probe - reiserfs: only call unlock_new_inode() if I_NEW - xfs: make sure the rt allocator doesn't run off the end - usb: ohci: Default to per-port over-current protection - Bluetooth: Only mark socket zapped after unlocking - [ppc64el] scsi: ibmvfc: Fix error return in ibmvfc_probe() - brcmsmac: fix memory leak in wlc_phy_attach_lcnphy - rtl8xxxu: prevent potential memory leak - Fix use after free in get_capset_info callback. - scsi: qedi: Protect active command list to avoid list corruption - scsi: qedi: Fix list_del corruption while removing active I/O - [x86] tty: ipwireless: fix error handling - ipvs: Fix uninit-value in do_ip_vs_set_ctl() - reiserfs: Fix memory leak in reiserfs_parse_options() - mwifiex: don't call del_timer_sync() on uninitialized timer - brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach - usb: core: Solve race condition in anchor cleanup functions - ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n() - usb: cdc-acm: add quirk to blacklist ETAS ES58X devices - USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync(). - eeprom: at25: set minimum read/write access stride to 1 - usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets. https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.155 - scripts/setlocalversion: make git describe output more reliable - [arm64] Run ARCH_WORKAROUND_1 enabling code on all CPUs - [arm64] link with -z norelro regardless of CONFIG_RELOCATABLE - [x86,arm64,armhf] efivarfs: Replace invalid slashes with exclamation marks in dentries. - gtp: fix an use-before-init in gtp_newlink() - netem: fix zero division in tabledist - tcp: Prevent low rmem stalls with SO_RCVLOWAT. - tipc: fix memory leak caused by tipc_buf_append() - r8169: fix issue with forced threading in combination with shared interrupts - cxgb4: set up filter action after rewrites - [x86] arch/x86/amd/ibs: Fix re-arming IBS Fetch - [x86] xen: disable Firmware First mode for correctable memory errors - fuse: fix page dereference after free - bpf: Fix comment for helper bpf_current_task_under_cgroup() - p54: avoid accessing the data mapped to streaming DMA - [powerpc*] cxl: Rework error message for incompatible slots - RDMA/addr: Fix race with netevent_callback()/rdma_addr_cancel() - mtd: lpddr: Fix bad logic in print_drs_error - [arm*] serial: pl011: Fix lockdep splat when handling magic-sysrq interrupt - fscrypt: return -EXDEV for incompatible rename or link into encrypted dir - fscrypt: clean up and improve dentry revalidation - fscrypt: fix race allowing rename() and link() of ciphertext dentries - fs, fscrypt: clear DCACHE_ENCRYPTED_NAME when unaliasing directory - fscrypt: only set dentry_operations on ciphertext dentries - fscrypt: fix race where ->lookup() marks plaintext dentry as ciphertext - Revert "block: ratelimit handle_bad_sector() message" - xen/events: don't use chip_data for legacy IRQs - xen/events: avoid removing an event channel while handling it (CVE-2020-27675) - xen/events: add a proper barrier to 2-level uevent unmasking (CVE-2020-27673) - xen/events: fix race in evtchn_fifo_unmask() (CVE-2020-27673) - xen/events: add a new "late EOI" evtchn framework (CVE-2020-27673) - xen/blkback: use lateeoi irq binding (CVE-2020-27673) - xen/netback: use lateeoi irq binding (CVE-2020-27673) - xen/scsiback: use lateeoi irq binding (CVE-2020-27673) - xen/pvcallsback: use lateeoi irq binding (CVE-2020-27673) - xen/pciback: use lateeoi irq binding (CVE-2020-27673) - xen/events: switch user event channels to lateeoi model (CVE-2020-27673) - xen/events: use a common cpu hotplug hook for event channels (CVE-2020-27673) - xen/events: defer eoi in case of excessive number of events (CVE-2020-27673) - xen/events: block rogue events for some time (CVE-2020-27673) - RDMA/qedr: Fix memory leak in iWARP CM - ata: sata_nv: Fix retrieving of active qcs - futex: Fix incorrect should_fail_futex() handling - [powerpc*] powernv/smp: Fix spurious DBG() warning - mm: fix exec activate_mm vs TLB shootdown and lazy tlb switching race - [powerpc*] select ARCH_WANT_IRQS_OFF_ACTIVATE_MM - f2fs: add trace exit in exception path - f2fs: fix uninit-value in f2fs_lookup - f2fs: fix to check segment boundary during SIT page readahead - [armel,armhf] 8997/2: hw_breakpoint: Handle inexact watchpoint addresses - power: supply: bq27xxx: report "not charging" on all types - xfs: fix realtime bitmap/summary file truncation when growing rt volume - ath10k: fix VHT NSS calculation when STBC is enabled - media: videodev2.h: RGB BT2020 and HSV are always full range - [x86] usb: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart - media: tw5864: check status of tw5864_frameinterval_get - mmc: via-sdmmc: Fix data race bug - [arm64] topology: Stop using MPIDR for topology information - media: uvcvideo: Fix dereference of out-of-bound list iterator - USB: adutux: fix debugging - uio: free uio id after uio file node is freed - usb: xhci: omit duplicate actions when suspending a runtime suspended host. - [arm64] mm: return cpu_all_mask when node is NUMA_NO_NODE - xfs: don't free rt blocks when we're doing a REMAP bunmapi call - ACPI: Add out of bounds and numa_off protections to pxm_to_node() - drivers/net/wan/hdlc_fr: Correctly handle special skb->protocol values - btrfs: fix replace of seed device - md/bitmap: md_bitmap_get_counter returns wrong blocks - bnxt_en: Log unknown link speed appropriately. - [arm64] rpmsg: glink: Use complete_all for open states - [armhf] clk: ti: clockdomain: fix static checker warning - net: 9p: initialize sun_server.sun_path to have addr's value only when addr is valid - ext4: Detect already used quota file early - gfs2: add validation checks for size of superblock - cifs: handle -EINTR in cifs_setattr - [armhf] memory: emif: Remove bogus debugfs error handling - nbd: make the config put is called before the notifying the waiter - sgl_alloc_order: fix memory leak - nvme-rdma: fix crash when connect rejected - md/raid5: fix oops during stripe resizing - [x86,arm64] mmc: sdhci-acpi: AMDI0040: Set SDHCI_QUIRK2_PRESET_VALUE_BROKEN - [x86] perf/x86/amd/ibs: Don't include randomized bits in get_ibs_op_count() - [x86] perf/x86/amd/ibs: Fix raw sample data accumulation - media: uvcvideo: Fix uvc_ctrl_fixup_xu_info() not having any effect - fs: Don't invalidate page buffers in block_write_full_page() - NFS: fix nfs_path in case of a rename retry - ACPI: button: fix handling lid state changes when input device closed - [x86] ACPI / extlog: Check for RDMSR failure (Closes: #971058) - [x86] ACPI: video: use ACPI backlight for HP 635 Notebook - [x86] acpi-cpufreq: Honor _PSD table setting on new AMD CPUs - scsi: mptfusion: Fix null pointer dereferences in mptscsih_remove() - scsi: qla2xxx: Fix crash on session cleanup with unload - btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode - btrfs: improve device scanning messages - btrfs: reschedule if necessary when logging directory items - btrfs: send, recompute reference path after orphanization of a directory - btrfs: use kvzalloc() to allocate clone_roots in btrfs_ioctl_send() - btrfs: cleanup cow block on error - btrfs: fix use-after-free on readahead extent after failure to create it - usb: xhci: Workaround for S3 issue on AMD SNPS 3.0 xHC - [arm64,armhf] usb: dwc3: ep0: Fix ZLP for OUT ep0 requests - [arm64,armhf] usb: dwc3: gadget: Check MPS of the request length - [arm64,armhf] usb: dwc3: core: add phy cleanup for probe error handling - [arm64,armhf] usb: dwc3: core: don't trigger runtime pm when remove driver - usb: cdc-acm: fix cooldown mechanism - [x86] usb: typec: tcpm: reset hard_reset_count for any disconnect - [x86] drm/i915: Force VT'd workarounds when running as a guest OS - vt: keyboard, simplify vt_kdgkbsent - vt: keyboard, extend func_buf_lock to readers (CVE-2020-25656) - HID: wacom: Avoid entering wacom_wac_pen_report for pad / battery - udf: Fix memory leak when mounting - [powerpc*] drmem: Make lmb_size 64 bit - [s390x] stp: add locking to sysfs functions - [powerpc*] rtas: Restrict RTAS requests from userspace (CVE-2020-27777) - [powerpc*] Warn about use of smt_snooze_delay - [powerpc*] powernv/elog: Fix race while processing OPAL error log event. - [powerpc*] Fix undetected data corruption with P9N DD2.1 VSX CI load emulation - NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag - NFSD: Add missing NFSv2 .pc_func methods - ubifs: dent: Fix some potential memory leaks while iterating entries - perf python scripting: Fix printable strings in python3 scripts - ubi: check kthread_should_stop() after the setting of task state - [armhf] i2c: imx: Fix external abort on interrupt in exit paths - drm/amdgpu: don't map BO in reserved region - ceph: promote to unsigned long long before shifting - libceph: clear con->out_msg on Policy::stateful_server faults - 9P: Cast to loff_t before multiplying - ring-buffer: Return 0 on success from ring_buffer_resize() - [amd64] vringh: fix __vringh_iov() when riov and wiov are different - ext4: fix leaking sysfs kobject after failed mount - ext4: fix error handling code in add_new_gdb - ext4: fix invalid inode checksum - drm/ttm: fix eviction valuable range check. - tty: make FONTX ioctl use the tty pointer they were actually passed (CVE-2020-25668) - cachefiles: Handle readpage error correctly - device property: Keep secondary firmware node secondary by type - device property: Don't clear secondary pointer for shared primary firmware node - [arm64] KVM: Fix AArch32 handling of DBGD{CCINT,SCRext} and DBGVCR - [x86] staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice - [mips*] staging: octeon: repair "fixed-link" support - [mips*] staging: octeon: Drop on uncorrectable alignment or FCS error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.156 - [x86] drm/i915: Break up error capture compression loops with cond_resched() - tipc: fix use-after-free in tipc_bcast_get_mode - ptrace: fix task_join_group_stop() for the case when current is traced - [arm64] cadence: force nonlinear buffers to be cloned - net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition - sctp: Fix COMM_LOST/CANT_STR_ASSOC err reporting on big-endian platforms - [arm64,armhf] sfp: Fix error handing in sfp_probe() - blktrace: fix debugfs use after free (CVE-2019-19770) - btrfs: extent_io: Kill the forward declaration of flush_write_bio - btrfs: extent_io: Move the BUG_ON() in flush_write_bio() one level up - Revert "btrfs: flush write bio if we loop in extent_write_cache_pages" - btrfs: flush write bio if we loop in extent_write_cache_pages - btrfs: extent_io: Handle errors better in extent_write_full_page() - btrfs: extent_io: Handle errors better in btree_write_cache_pages() - btrfs: extent_io: add proper error handling to lock_extent_buffer_for_io() - Btrfs: fix unwritten extent buffers and hangs on future writeback attempts - btrfs: Don't submit any btree write bio if the fs has errors (CVE-2019-19039, CVE-2019-19377) - btrfs: Move btrfs_check_chunk_valid() to tree-check.[ch] and export it - btrfs: tree-checker: Make chunk item checker messages more readable - btrfs: tree-checker: Make btrfs_check_chunk_valid() return EUCLEAN instead of EIO - btrfs: tree-checker: Check chunk item at tree block read time - btrfs: tree-checker: Verify dev item - btrfs: tree-checker: Fix wrong check on max devid - btrfs: tree-checker: Enhance chunk checker to validate chunk profile (CVE-2019-19816) - btrfs: tree-checker: Verify inode item - btrfs: tree-checker: fix the error message for transid error - Fonts: Replace discarded const qualifier - ALSA: usb-audio: Add implicit feedback quirk for Zoom UAC-2 - ALSA: usb-audio: add usb vendor id as DSD-capable for Khadas devices - ALSA: usb-audio: Add implicit feedback quirk for Qu-16 - ALSA: usb-audio: Add implicit feedback quirk for MODX - mm: mempolicy: fix potential pte_unmap_unlock pte error - kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled - mm: always have io_remap_pfn_range() set pgprot_decrypted() - gfs2: Wake up when sd_glock_disposal becomes zero - ring-buffer: Fix recursion protection transitions between interrupt context - ftrace: Fix recursion check for NMI test - ftrace: Handle tracing when switching between context - tracing: Fix out of bounds write in get_trace_buf - futex: Handle transient "ownerless" rtmutex state correctly - [amd64] x86/kexec: Use up-to-dated screen_info copy to fill boot params - of: Fix reserved-memory overlap detection - blk-cgroup: Fix memleak on error path - blk-cgroup: Pre-allocate tree node on blkg_conf_prep - scsi: core: Don't start concurrent async scan on same host - vsock: use ns_capable_noaudit() on socket create - [arm*] drm/vc4: drv: Add error handding for bind - [amd64,arm64] ACPI: NFIT: Fix comparison to '-ENXIO' - vt: Disable KD_FONT_OP_COPY (CVE-2020-28974) - fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent - USB: serial: cyberjack: fix write-URB completion race - USB: serial: option: add Quectel EC200T module support - USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 - USB: serial: option: add Telit FN980 composition 0x1055 - USB: Add NO_LPM quirk for Kingston flash drive - PM: runtime: Resume the device earlier in __device_release_driver() - perf/core: Fix a memory leak in perf_event_parse_addr_filter() (CVE-2020-25704) - tools: perf: Fix build error in v4.19.y - [arm64,armhf] net: dsa: read mac address from DT for slave device - [arm64] dts: marvell: espressobin: Add ethernet switch aliases https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.157 - [x86] powercap: restrict energy meter to root access (CVE-2020-8694) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.158 - regulator: defer probe when trying to get voltage from unresolved supply - time: Prevent undefined behaviour in timespec64_to_ns() - nbd: don't update block size after device is started - [arm64,armhf] usb: dwc3: gadget: Continue to process pending requests - [arm64,armhf] usb: dwc3: gadget: Reclaim extra TRBs after request completion - btrfs: sysfs: init devices outside of the chunk_mutex - btrfs: reschedule when cloning lots of extents - [x86] hv_balloon: disable warning when floor reached - net: xfrm: fix a race condition during allocing spi - xfs: set xefi_discard when creating a deferred agfl free log intent item - netfilter: ipset: Update byte and packet counters regardless of whether they match - perf tools: Add missing swap for ino_generation - [x86] ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() - can: rx-offload: don't call kfree_skb() from IRQ context - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() - can: peak_usb: add range checking in decode operations - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on - [armhf] can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A - xfs: flush new eof page on truncate to avoid post-eof corruption - [arm64,x86] tpm: efi: Don't create binary_bios_measurements file for an empty log - Btrfs: fix missing error return if writeback for extent buffer never started - ath9k_htc: Use appropriate rs_datalen type - netfilter: use actual socket sk rather than skb sk when routing harder - gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free - gfs2: Add missing truncate_inode_pages_final for sd_aspace - gfs2: check for live vs. read-only file system in gfs2_fitrim - scsi: hpsa: Fix memory leak in hpsa_init_one() - drm/amdgpu: perform srbm soft reset always on SDMA resume - mac80211: fix use of skb payload instead of header - cfg80211: regulatory: Fix inconsistent format argument - scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() - [s390x] smp: move rcu_cpu_starting() earlier - [x86] tpm_tis: Disable interrupts on ThinkPad T490s - tick/common: Touch watchdog in tick_unfreeze() on all CPUs - [x86] pinctrl: intel: Set default bias in case no particular value given - [armel,armhf] 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template - nbd: fix a block_device refcount leak in nbd_release - xfs: fix flags argument to rmap lookup when converting shared file rmaps - xfs: fix rmap key and record comparison functions - lan743x: fix "BUG: invalid wait context" when setting rx mode - xfs: fix a missing unlock on error in xfs_fs_map_blocks - of/address: Fix of_node memory leak in of_dma_is_coherent - [i386] cosa: Add missing kfree in error path of cosa_write - perf: Fix get_recursion_context() - ext4: correctly report "not supported" for {usr,grp}jquota when !CONFIG_QUOTA - ext4: unlock xattr_sem properly in ext4_inline_data_truncate() - btrfs: dev-replace: fail mount if we don't have replace item with target device - [x86] thunderbolt: Fix memory leak if ida_simple_get() fails in enumerate_services() - [x86] thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() - uio: Fix use-after-free in uio_unregister_device() - usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode - futex: Don't enable IRQs unconditionally in put_pi_state() - ocfs2: initialize ip_next_orphan - btrfs: fix potential overflow in cluster_pages_for_defrag on 32bit arch - selinux: Fix error return code in sel_ib_pkey_sid_slow() - gpio: pcie-idio-24: Fix irq mask when masking - gpio: pcie-idio-24: Fix IRQ Enable Register value - gpio: pcie-idio-24: Enable PEX8311 interrupts - don't dump the threads that had been already exiting when zapped. - [x86] drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[] - pinctrl: amd: use higher precision for 512 RtcClk - pinctrl: amd: fix incorrect way to disable debounce filter - swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb" - IPv6: Set SIT tunnel hard_header_len to zero - [s390x] net/af_iucv: fix null pointer dereference on shutdown - net: Update window_clamp if SOCK_RCVBUF is set - tipc: fix memory leak in tipc_topsrv_start() - vrf: Fix fast path output packet handling with async Netfilter rules - r8169: fix potential skb double free in an error path - random32: make prandom_u32() output unpredictable - [x86] speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP - perf/core: Fix race in the perf_mmap_close() function (CVE-2020-14351) - Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint" - reboot: fix overflow parsing reboot cpu number - net: sch_generic: fix the missing new qdisc assignment bug - Convert trailing spaces and periods in path components https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.159 - [powerpc*] 64s: move some exception handlers out of line - [powerpc*] 64s: flush L1D on kernel entry (CVE-2020-4788) - [powerpc*] Add a framework for user access tracking - [powerpc*] Implement user_access_begin and friends - [powerpc*] Fix __clear_user() with KUAP enabled - [powerpc*] uaccess: Evaluate macro arguments once, before user access is allowed - [powerpc*] 64s: flush L1D after user accesses (CVE-2020-4788) - Revert "perf cs-etm: Move definition of 'traceid_list' global variable from header file" - Input: sunkbd - avoid use-after-free in teardown paths (CVE-2020-25669) - mac80211: always wind down STA state - can: proc: can_remove_proc(): silence remove_proc_entry warning - [x86] KVM: x86: clflushopt should be treated as a no-op by emulation - [arm64] ACPI: GED: fix -Wformat https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.160 - ah6: fix error return code in ah6_input() - atm: nicstar: Unmap DMA on send error - bnxt_en: read EEPROM A2h address using page 0 - devlink: Add missing genlmsg_cancel() in devlink_nl_sb_port_pool_fill() - inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill() - lan743x: fix issue causing intermittent kernel log warnings - lan743x: prevent entire kernel HANG on open, for some platforms - net: b44: fix error return code in b44_init_one() - net: bridge: add missing counters to ndo_get_stats64 callback - [arm64,armhf] net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 - net: Have netpoll bring-up DSA management interface - net/mlx4_core: Fix init_hca fields offset - page_frag: Recover from memory pressure - qed: fix error return code in qed_iwarp_ll2_start() - qlcnic: fix error return code in qlcnic_83xx_restart_hw() - sctp: change to hold/put transport for proto_unreach_timer - tcp: only postpone PROBE_RTT if RTT is < current min_rtt estimate - [arm64,armhf] net/mlx5: Disable QoS when min_rates on all VFs are zero - net: usb: qmi_wwan: Set DTR quirk for MR400 - [arm64,armhf] pinctrl: rockchip: enable gpio pclk for rockchip_gpio_to_irq - scsi: ufs: Fix unbalanced scsi_block_reqs_cnt caused by ufshcd_hold() - [x86] ACPI: button: Add DMI quirk for Medion Akoya E2228T - [arm64] psci: Avoid printing in cpu_psci_cpu_die() - vfs: remove lockdep bogosity in __sb_start_write - [arm64] dts: allwinner: a64: Pine64 Plus: Fix ethernet node - [arm64] dts: allwinner: h5: OrangePi PC2: Fix ethernet node - [armhf] dts: sun8i: r40: bananapi-m2-ultra: Fix ethernet node - [armhf] Revert "arm: sun8i: orangepi-pc-plus: Set EMAC activity LEDs to active high" - [armhf] dts: sun8i: h3: orangepi-plus2e: Enable RGMII RX/TX delay on Ethernet PHY - [armhf] dts: sun8i: a83t: Enable both RGMII RX/TX delay on Ethernet PHY - [arm64] dts: allwinner: a64: bananapi-m64: Enable RGMII RX/TX delay on PHY - [mips*] export has_transparent_hugepage() for modules - [arm64] dts: allwinner: h5: OrangePi Prime: Fix ethernet node - perf lock: Don't free "lock_seq_stat" if read_count isn't zero - ip_tunnels: Set tunnel option flag when tunnel metadata is present - can: af_can: prevent potential access of uninitialized member in can_rcv() - can: af_can: prevent potential access of uninitialized member in canfd_rcv() - can: dev: can_restart(): post buffer from the right context - can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() - can: peak_usb: fix potential integer overflow on shift of a int - [arm64] ASoC: qcom: lpass-platform: Fix memory leak - [arm64,armhf] drm/sun4i: dw-hdmi: fix error return code in sun8i_dw_hdmi_bind() - can: kvaser_usb: kvaser_usb_hydra: Fix KCAN bittiming limits - [armhf] regulator: ti-abb: Fix array out of bound read access on the first transition - xfs: revert "xfs: fix rmap key and record comparison functions" - [amd64] efi/x86: Free efi_pgd with free_pages() - libfs: fix error cast of negative value in simple_attr_write() - speakup: Do not let the line discipline be used several times (CVE-2020-28941) - ALSA: firewire: Clean up a locking issue in copy_resp_to_buf() - ALSA: usb-audio: Add delay quirk for all Logitech USB devices - ALSA: ctl: fix error path at adding user-defined element set - ALSA: mixart: Fix mutex deadlock - ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220) - [armhf] tty: serial: imx: keep console clocks always on - [arm64,armhf,x86] efivarfs: fix memory leak in efivarfs_create() - [arm64,x86] staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids - ext4: fix bogus warning in ext4_update_dx_flag() - [x86] iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum - [x86] iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode - [armhf] regulator: pfuze100: limit pfuze-support-disable-sw to pfuze{100,200} - regulator: fix memory leak with repeated set_machine_constraints() - regulator: avoid resolve_supply() infinite recursion - regulator: workaround self-referent regulators - mac80211: minstrel: remove deferred sampling code - mac80211: minstrel: fix tx status processing corner case - mac80211: free sta in sta_info_insert_finish() on errors - [s390x] cpum_sf.c: fix file permission for cpum_sfb_size - [s390x] dasd: fix null pointer dereference for ERP requests - ptrace: Set PF_SUPERPRIV when checking capability - seccomp: Set PF_SUPERPRIV when checking capability - [x86] microcode/intel: Check patch signature before saving microcode for early loading - mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() . [ Salvatore Bonaccorso ] * net: Enable NET_SWITCHDEV; disable on armel/marvell (Closes: #949863) * Bump ABI to 13 * [rt] Update to 4.19.152-rt65 * [rt] Refresh "mm: Protect activate_mm() by preempt_[disable&enable]_rt()" * [rt] Refresh "kthread: convert worker lock to raw spinlock" * [rt] Refresh "signals: Allow rt tasks to cache one sigqueue struct" * [rt] Refresh "tpm_tis: fix stall after iowrite*()s" * [rt] Refresh "futex: Delay deallocation of pi_state" * [rt] Refresh "futex: Make the futex_hash_bucket spinlock_t again" * [rt] Update to 4.19.152-rt66 - mm/memcontrol: Disable preemption in __mod_memcg_lruvec_state() - ptrace: fix ptrace_unfreeze_traced() race with rt-lock * [rt] Update to 4.19.160-rt69 . [ Noah Meyerhans ] * Backport upstream fix for PCI bridge firmware configuration preservation (Closes: #968623) . [ John L. Villalovos ] * Backport support for USB Host Controllers with local memory to avoid crashes. In particular the Renesas USB 3.0 controller (PD720201/PD720202) which is used on the Ampere's Mt Jade platform which is part of their Altra product line: - lib/genalloc: add gen_pool_dma_zalloc() for zeroed DMA allocations - USB: use genalloc for USB HCs with local memory - USB: drop HCD_LOCAL_MEM flag - usb: don't create dma pools for HCDs with a localmem_pool - usb: add a hcd_uses_dma helper - usb: host: ohci-sm501: init genalloc for local memory - usb/hcd: Fix a NULL vs IS_ERR() bug in usb_hcd_setup_local_mem() * [arm64] config/arm64/config: Set NODES_SHIFT to 4 . [ Yves-Alexis Perez ] * usbnet: ipheth: fix connectivity with iOS 14 linux (4.19.152-1) buster-security; urgency=high . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.147 - [arm64,armhf] dsa: Allow forwarding of redirected IGMP traffic - scsi: qla2xxx: Update rscn_rcvd field to more meaningful scan_needed - scsi: qla2xxx: Move rport registration out of internal work_list - scsi: qla2xxx: Reduce holding sess_lock to prevent CPU lock-up - net: handle the return value of pskb_carve_frag_list() correctly - [x86] hv_netvsc: Remove "unlikely" from netvsc_select_queue - NFSv4.1 handle ERR_DELAY error reclaiming locking state on delegation recall - scsi: pm8001: Fix memleak in pm8001_exec_internal_task_abort - scsi: libfc: Fix for double free() - scsi: lpfc: Fix FLOGI/PLOGI receive race condition in pt2pt discovery - [arm64] regulator: pwm: Fix machine constraints application - NFS: Zero-stateid SETATTR should first return delegation - SUNRPC: stop printk reading past end of string - nvme-fc: cancel async events before freeing event struct - nvme-rdma: cancel async events before freeing event struct - f2fs: fix indefinite loop scanning for free nid - f2fs: Return EOF on unaligned end of file DIO read - i2c: algo: pca: Reapply i2c bus settings after reset - spi: Fix memory leak on splited transfers - [arm64,armhf] clk: rockchip: Fix initialization of mux_pll_src_4plls_p - [arm64] ASoC: qcom: Set card->owner to avoid warnings - [x86] Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload - fbcon: Fix user font detection test at fbcon_resize(). - USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin notebook - USB: UAS: fix disconnect by unplugging a hub - usblp: fix race between disconnect() and read() - [x86] i2c: i801: Fix resume bug - Revert "ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO" - percpu: fix first chunk size calculation for populated bitmap - Input: trackpoint - add new trackpoint variant IDs - serial: 8250_pci: Add Realtek 816a and 816b - ehci-hcd: Move include to keep CRC stable - [powerpc*] dma: Fix dma_map_ops::get_required_mask https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.148 - af_key: pfkey_dump needs parameter validation - KVM: fix memory leak in kvm_io_bus_unregister_dev() - kprobes: fix kill kprobe which has been marked as gone - mm/thp: fix __split_huge_pmd_locked() for migration PMD - cxgb4: Fix offset when clearing filter byte counters - geneve: add transport ports in route lookup for geneve (CVE-2020-25645) - [x86,ppc64el] hdlc_ppp: add range checks in ppp_cp_parse_cr() (CVE-2020-25643) - ip: fix tos reflection in ack and reset packets - ipv6: avoid lockdep issue in fib6_del() - net: DCB: Validate DCB_ATTR_DCB_BUFFER argument - net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC - net: sch_generic: aviod concurrent reset and enqueue op for lockless qdisc - nfp: use correct define to return NONE fec - tipc: Fix memory leak in tipc_group_create_member() - tipc: fix shutdown() of connection oriented socket - tipc: use skb_unshare() instead in tipc_buf_append() - bnxt_en: return proper error codes in bnxt_show_temp - bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex. - net: phy: Avoid NPD upon phy_detach() when driver is unbound - net: add __must_check to skb_put_padto() - ipv4: Update exception handling for multipath routes via same device - kbuild: add OBJSIZE variable for the size tool - mm: memcg: fix memcg reclaim soft lockup - tcp_bbr: refactor bbr_target_cwnd() for general inflight provisioning - tcp_bbr: adapt cwnd based on ack aggregation estimation - serial: 8250: Avoid error message on reprobe https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.149 - selinux: allow labeling before policy is loaded - media: mc-device.c: fix memleak in media_device_register_entity - dma-fence: Serialise signal enabling (dma_fence_enable_sw_signaling) - ath10k: fix array out-of-bounds access - ath10k: fix memory leak for tpc_stats_final - mm: fix double page fault on arm64 if PTE_AF is cleared - scsi: aacraid: fix illegal IO beyond last LBA - [x86] gma/gma500: fix a memory disclosure bug due to uninitialized bytes - [armel,armhf] ASoC: kirkwood: fix IRQ error handling - [amd64] arch/x86/lib/usercopy_64.c: fix __copy_user_flushcache() cache writeback - [x86] ioapic: Unbreak check_timer() - ALSA: usb-audio: Add delay quirk for H570e USB headsets - ALSA: hda/realtek - Couldn't detect Mic if booting with headset plugged - ALSA: hda/realtek: Enable front panel headset LED on Lenovo ThinkStation P520 - lib/string.c: implement stpcpy - [armhf] PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out - [x86] scsi: fnic: fix use after free - scsi: lpfc: Fix kernel crash at lpfc_nvme_info_show during remote port bounce - net: silence data-races on sk_backlog.tail - [armhf] clk/ti/adpll: allocate room for terminating null - mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of cfi_amdstd_setup() - mfd: mfd-core: Protect against NULL call-back function pointer - [x86] tpm_crb: fix fTPM on AMD Zen+ CPUs - tracing: Adding NULL checks for trace_array descriptor pointer - bcache: fix a lost wake-up problem caused by mca_cannibalize_lock - RDMA/qedr: Fix potential use after free - RDMA/i40iw: Fix potential use after free - fix dget_parent() fastpath race - xfs: fix attr leaf header freemap.size underflow - RDMA/iw_cgxb4: Fix an error handling path in 'c4iw_connect()' - ubi: Fix producing anchor PEBs - mmc: core: Fix size overflow for mmc partitions - gfs2: clean up iopen glock mess in gfs2_create_inode - scsi: pm80xx: Cleanup command when a reset times out - CIFS: Properly process SMB3 lease breaks - ASoC: max98090: remove msleep in PLL unlocked workaround - kernel/sys.c: avoid copying possible padding bytes in copy_to_user - [arm64,armhf] KVM: vgic: Fix potential double free dist->spis in __kvm_vgic_destroy() - xfs: fix log reservation overflows when allocating large rt extents - neigh_stat_seq_next() should increase position index - rt_cpu_seq_next should increase position index - ipv6_route_seq_next should increase position index - seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier - sctp: move trace_sctp_probe_path into sctp_outq_sack - [arm64,x86] ACPI: EC: Reference count query handlers under lock - scsi: ufs: Make ufshcd_add_command_trace() easier to read - scsi: ufs: Fix a race condition in the tracing code - [s390x] /cpum_sf: Use kzalloc and minor changes - [powerpc*] eeh: Only dump stack once if an MMIO loop is detected - Bluetooth: btrtl: Use kvmalloc for FW allocations - [armel,armhf] ARM: 8948/1: Prevent OOB access in stacktrace - ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter - ceph: ensure we have a new cap before continuing in fill_inode - Bluetooth: Fix refcount use-after-free issue - mm/swapfile.c: swap_next should increase position index - mm: pagewalk: fix termination condition in walk_pte_range() - Bluetooth: prefetch channel before killing sock - KVM: fix overflow of zero page refcount with ksm running - ALSA: hda: Clear RIRB status before reading WP - skbuff: fix a data race in skb_queue_len() - audit: CONFIG_CHANGE don't log internal bookkeeping as an event - selinux: sel_avc_get_stat_idx should increase position index - scsi: lpfc: Fix RQ buffer leakage when no IOCBs available - scsi: lpfc: Fix coverity errors in fmdi attribute handling - [armhf] drm/omap: fix possible object reference leak - crypto: chelsio - This fixes the kernel panic which occurs during a libkcapi test - mt76: clear skb pointers from rx aggregation reorder buffer during cleanup - ALSA: usb-audio: Don't create a mixer element with bogus volume range - [s390x] perf test: Fix test trace+probe_vfs_getname.sh on s390 - RDMA/rxe: Fix configuration of atomic queue pair attributes - [x86] KVM: x86: fix incorrect comparison in trace event - [x86] pkeys: Add check for pkey "overflow" - bpf: Remove recursion prevention from rcu free callback - [arm64,armhf] dmaengine: tegra-apb: Prevent race conditions on channel's freeing - random: fix data races at timer_rand_state - [arm64] bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host removal - media: go7007: Fix URB type for interrupt handling - Bluetooth: guard against controllers sending zero'd events - timekeeping: Prevent 32bit truncation in scale64_check_overflow() - ext4: fix a data race at inode->i_disksize - mm: avoid data corruption on CoW fault into PFN-mapped VMA - drm/amdgpu: increase atombios cmd timeout - ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read - scsi: aacraid: Disabling TM path and only processing IOP reset - Bluetooth: L2CAP: handle l2cap config request during open state - media: tda10071: fix unsigned sign extension overflow - xfs: don't ever return a stale pointer from __xfs_dir3_free_read - xfs: mark dir corrupt when lookup-by-hash fails - ext4: mark block bitmap corrupted when found instead of BUGON - nfsd: Don't add locks to closed or closing open stateids - RDMA/cm: Remove a race freeing timewait_info - [powerpc*] KVM: PPC: Book3S HV: Treat TM-related invalid form instructions on P9 like the valid ones - [arm64] drm/msm: fix leaks if initialization fails - [arm64] drm/msm/a5xx: Always set an OPP supported hardware value - serial: 8250_port: Don't service RX FIFO if throttled - [powerpc*] cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_work_fn - nvme-multipath: do not reset on unknown status - nvme: Fix controller creation races with teardown flow - RDMA/rxe: Set sys_image_guid to be aligned with HW IB devices - scsi: hpsa: correct race condition in offload enabled - SUNRPC: Fix a potential buffer overflow in 'svc_print_xprts()' - svcrdma: Fix leak of transport addresses - PCI: Use ioremap(), not phys_to_virt() for platform ROM - ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len - ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra endpoint descriptor - PCI: pciehp: Fix MSI interrupt race - NFS: Fix races nfs_page_group_destroy() vs nfs_destroy_unlinked_subrequests() - mm/kmemleak.c: use address-of operator on section symbols - mm/filemap.c: clear page error before actual read - mm/vmscan.c: fix data races using kswapd_classzone_idx - nvmet-rdma: fix double free of rdma queue - mm/mmap.c: initialize align_offset explicitly for vm_unmapped_area - scsi: qedi: Fix termination timeouts in session logout - [arm64] serial: uartps: Wait for tx_empty in console setup - [x86] KVM: Remove CREATE_IRQCHIP/SET_PIT2 race - bdev: Reduce time holding bd_mutex in sync in blkdev_close() - [x86] drivers: char: tlclk.c: Avoid data race between init and interrupt handler - [arm64] KVM: vgic-its: Fix memory leak on the error path of vgic_add_lpi() - net: openvswitch: use u64 for meter bucket - scsi: aacraid: Fix error handling paths in aac_probe_one() - staging:r8188eu: avoid skb_clone for amsdu to msdu conversion - [arm64] cpufeature: Relax checks for AArch32 support at EL[0-2] - dt-bindings: sound: wm8994: Correct required supplies based on actual implementaion - atm: fix a memory leak of vcc->user_back - Bluetooth: Handle Inquiry Cancel error after Inquiry Complete - tipc: fix memory leak in service subscripting - [armhf] tty: serial: samsung: Correct clock selection logic - ALSA: hda: Fix potential race in unsol event handler - [powerpc*] traps: Make unrecoverable NMIs die instead of panic - fuse: don't check refcount after stealing page - [powerpc*] scsi: cxlflash: Fix error return code in cxlflash_probe() - [arm64] cpufeature: Drop TraceFilt feature exposure from ID_DFR0 register - e1000: Do not perform reset in reset_task if we are already down - drm/nouveau/debugfs: fix runtime pm imbalance on error - drm/nouveau: fix runtime pm imbalance on error - drm/nouveau/dispnv50: fix runtime pm imbalance on error - printk: handle blank console arguments passed in. - [arm64,armhf] usb: dwc3: Increase timeout for CmdAct cleared by device controller - btrfs: don't force read-only after error in drop snapshot - vfio/pci: fix memory leaks of eventfd ctx - perf trace: Fix the selection for architectures to generate the errno name tables - [arm64,armhf] wlcore: fix runtime pm imbalance in wl1271_tx_work - [arm64,armhf] wlcore: fix runtime pm imbalance in wlcore_regdomain_config - [arm64,armhf] PCI: tegra: Fix runtime PM imbalance on error - ceph: fix potential race in ceph_check_caps - mm/swap_state: fix a data race in swapin_nr_pages - [armel] mtd: parser: cmdline: Support MTD names containing one or more colons - [x86] speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline - vfio/pci: Clear error and request eventfd ctx after releasing - cifs: Fix double add page to memcg when cifs_readpages - nvme: fix possible deadlock when I/O is blocked - scsi: libfc: Handling of extra kref - scsi: libfc: Skip additional kref updating work event - vfio/pci: fix racy on error and request eventfd ctx - btrfs: qgroup: fix data leak caused by race between writeback and truncate - net: openvswitch: use div_u64() for 64-by-32 divisions - nvme: explicitly update mpath disk capacity on revalidation - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1 - [s390x] init: add missing __init annotations - lockdep: fix order in trace_hardirqs_off_caller() - [amd64] drm/amdkfd: fix a memory leak issue - i2c: core: Call i2c_acpi_install_space_handler() before i2c_acpi_register_devices() - mwifiex: Increase AES key storage size to 256 bits - batman-adv: bla: fix type misuse for backbone_gw hash indexing - atm: eni: fix the missed pci_disable_device() for eni_init_one() - batman-adv: mcast/TT: fix wrongly dropped or rerouted packets - mac802154: tx: fix use-after-free - bpf: Fix clobbering of r2 in bpf_gen_ld_abs - [arm*] drm/vc4/vc4_hdmi: fill ASoC card owner - net: qed: RDMA personality shouldn't fail VF load - batman-adv: Add missing include for in_interrupt() - batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh - batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh - bpf: Fix a rcu warning for bpffs map pretty-print - [x86] ALSA: asihpi: fix iounmap in error handler - regmap: fix page selection for noinc reads - [x86] KVM: Reset MMU context if guest toggles CR4.SMAP or CR4.PKE - [x86] KVM: SVM: Add a dedicated INVD intercept routine - tracing: fix double free - [s390x] dasd: Fix zero write for FBA devices - kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() - mm, THP, swap: fix allocating cluster for swapfile by mistake - [s390x] zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl - ata: define AC_ERR_OK - ata: make qc_prep return ata_completion_errors - ata: sata_mv, avoid trigerrable BUG_ON - [arm64] KVM: Assume write fault on S1PTW permission fault on instruction fetch https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.150 - mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS models - USB: gadget: f_ncm: Fix NDP16 datagram validation - vsock/virtio: use RCU to avoid use-after-free on the_virtio_vsock - vsock/virtio: stop workers during the .remove() - vsock/virtio: add transport parameter to the virtio_transport_reset_no_sock() - net: virtio_vsock: Enhance connection semantics - Input: i8042 - add nopnp quirk for Acer Aspire 5 A515 - ftrace: Move RCU is watching check after recursion check - drm/amdgpu: restore proper ref count in amdgpu_display_crtc_set_config - drivers/net/wan/hdlc_fr: Add needed_headroom for PVC devices - [armhf] drm/sun4i: mixer: Extend regmap max_register - net: dec: de2104x: Increase receive ring size for Tulip - rndis_host: increase sleep time in the query-response loop - nvme-core: get/put ctrl and transport module in nvme_dev_open/release() - [x86,ppc64el] drivers/net/wan/hdlc: Set skb->protocol before transmitting - mac80211: do not allow bigger VHT MPDUs than the hardware supports - nvme-fc: fail new connections to a deleted host or remote port - [armhf] pinctrl: mvebu: Fix i2c sda definition for 98DX3236 - nfs: Fix security label length not being reset - [armhf] clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED - Input: trackpoint - enable Synaptics trackpoints - random32: Restore __latent_entropy attribute on net_rand_state - mm: replace memmap_context by meminit_context - mm: don't rely on system state to detect hot-plug operations - epoll: do not insert into poll queues until all sanity checks are done - epoll: replace ->visited/visited_list with generation count - epoll: EPOLL_CTL_ADD: close the race in decision to take fast path - ep_create_wakeup_source(): dentry name can change under you... - netfilter: ctnetlink: add a range check for l3/l4 protonum (CVE-2020-25211) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.151 - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts - fbcon: Fix global-out-of-bounds read in fbcon_get_font() - net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key() - drm/nouveau/mem: guard against NULL pointer access in mem_del - usermodehelper: reset umask to default before executing user process - [x86] platform/x86: intel-vbtn: Fix SW_TABLET_MODE always reporting 1 on the HP Pavilion 11 x360 - [x86] platform/x86: thinkpad_acpi: initialize tp_nvram_state variable - [x86] platform/x86: intel-vbtn: Switch to an allow-list for SW_TABLET_MODE reporting - [x86] platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse - driver core: Fix probe_count imbalance in really_probe() - [x86] i2c: i801: Exclude device from suspend direct complete optimization - [armhf] mtd: rawnand: sunxi: Fix the probe error path - nvme-core: put ctrl ref when module ref get fail - macsec: avoid use-after-free in macsec_handle_frame() - mm/khugepaged: fix filemap page_to_pgoff(page) != offset - xfrmi: drop ignore_df check before updating pmtu - cifs: Fix incomplete memory allocation on setxattr path - [arm64,armhf] i2c: meson: fix clock setting overwrite - [arm64,armhf] i2c: meson: fixup rate calculation with filter delay - sctp: fix sctp_auth_init_hmacs() error path - team: set dev->needed_headroom in team_setup_by_port() - net: team: fix memory leak in __team_options_register - openvswitch: handle DNAT tuple collision - drm/amdgpu: prevent double kfree ttm->sg - xfrm: clone XFRMA_SET_MARK in xfrm_do_migrate - xfrm: clone XFRMA_REPLAY_ESN_VAL in xfrm_do_migrate - xfrm: clone XFRMA_SEC_CTX in xfrm_do_migrate - xfrm: clone whole liftime_cur structure in xfrm_do_migrate - [arm64,armhf] net: stmmac: removed enabling eee in EEE set callback - xfrm: Use correct address family in xfrm_state_find - bonding: set dev->needed_headroom in bond_setup_by_slave() - net: usb: ax88179_178a: fix missing stop entry in driver_info - net/mlx5e: Fix VLAN cleanup flow - net/mlx5e: Fix VLAN create flow - rxrpc: Fix rxkad token xdr encoding - rxrpc: Downgrade the BUG() for unsupported token type in rxrpc_read() - rxrpc: Fix some missing _bh annotations on locking conn->state_lock - rxrpc: Fix server keyring leak - perf: Fix task_function_call() error handling - mmc: core: don't set limits.discard_granularity as 0 - mm: khugepaged: recalculate min_free_kbytes after memory hotplug as expected by khugepaged - net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.152 - Bluetooth: A2MP: Fix not initializing all members (CVE-2020-12352) - Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel (CVE-2020-12351) - Bluetooth: MGMT: Fix not checking if BT_HS is enabled - Bluetooth: Consolidate encryption handling in hci_encrypt_cfm - Bluetooth: Fix update of connection state in `hci_encrypt_cfm` - Bluetooth: Disconnect if E0 is used for Level 4 - media: usbtv: Fix refcounting mixup - USB: serial: option: add Cellient MPL200 card - USB: serial: option: Add Telit FT980-KS composition - [x86] staging: comedi: check validity of wMaxPacketSize of usb endpoints found - USB: serial: pl2303: add device-id for HP GC device - USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters - reiserfs: Initialize inode keys properly - reiserfs: Fix oops during mount - [arm*] drivers/net/ethernet/marvell/mvmdio.c: Fix non OF case (Closes: #908712) - [x86] crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.148-rt64 * Bump ABI to 12 * Revert "perf cs-etm: Move definition of 'traceid_list' global variable from header file" linux-latest (105+deb10u8) buster; urgency=medium . * Update to 4.19.0-13 linux-latest (105+deb10u7) buster-security; urgency=high . * Update to 4.19.0-12 linux-signed-amd64 (4.19.160+2) buster; urgency=medium . * Sign kernel from linux 4.19.160-2 . * net: Disable MLX5_ESWITCH on mips and mipsel (Fixes FTBFS) linux-signed-amd64 (4.19.160+1) buster; urgency=medium . * Sign kernel from linux 4.19.160-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.153 - [ppc64el] ibmveth: Switch order of ibmveth_helper calls. - [ppc64el] ibmveth: Identify ingress large send packets. - ipv4: Restore flowi4_oif update before call to xfrm_lookup_route - mlx4: handle non-napi callers to napi_poll - [armhf] net: fec: Fix phy_device lookup for phy_reset_after_clk_enable() - [armhf] net: fec: Fix PHY init after phy_reset_after_clk_enable() - net: fix pos incrementment in ipv6_route_seq_next - net/smc: fix valid DMBE buffer sizes - net: usb: qmi_wwan: add Cellient MPL200 card - tipc: fix the skb_unshare() in tipc_buf_append() - net/ipv4: always honour route mtu during forwarding - r8169: fix data corruption issue on RTL8402 - [arm*] binder: fix UAF when releasing todo list (CVE-2020-0423) - ALSA: bebob: potential info leak in hwdep_read() - net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device - [x86,ppc64el] net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling ether_setup - net/sched: act_tunnel_key: fix OOB write in case of IPv6 ERSPAN tunnels - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() - tcp: fix to update snd_wl1 in bulk receiver fast path - r8169: fix operation under forced interrupt threading - icmp: randomize the global rate limiter (CVE-2020-25705) - ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887 - cifs: remove bogus debug code - cifs: Return the error from crypt_message when enc/dec key not found. - [x86] KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages - [x86] KVM: SVM: Initialize prev_ga_tag before use - crypto: algif_aead - Do not set MAY_BACKLOG on the async path - [x86] EDAC/i5100: Fix error handling order in i5100_init_one() - [x86] fpu: Allow multiple bits in clearcpuid= parameter - [arm64] drivers/perf: xgene_pmu: Fix uninitialized resource struct - [x86] nmi: Fix nmi_handle() duration miscalculation - [amd64] x86/events/amd/iommu: Fix sizeof mismatch - crypto: algif_skcipher - EBUSY on aio should be an error - media: tuner-simple: fix regression in simple_set_radio_freq - media: uvcvideo: Set media controller entity functions - media: uvcvideo: Silence shift-out-of-bounds warning - [armhf] media: omap3isp: Fix memleak in isp_probe - [armhf] media: ti-vpe: Fix a missing check and reference count leak - regulator: resolve supply after creating regulator - ath10k: provide survey info as accumulated data - Bluetooth: hci_uart: Cancel init work before unregistering - ath6kl: prevent potential array overflow in ath6kl_add_new_sta() - ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() - ath10k: Fix the size used in a 'dma_free_coherent()' call in an error handling path - [arm64] wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 - [arm64] ASoC: qcom: lpass-platform: fix memory leak - [arm64] ASoC: qcom: lpass-cpu: fix concurrency issue - brcmfmac: check ndev pointer - mwifiex: Do not use GFP_KERNEL in atomic context - [x86] staging: rtl8192u: Do not use GFP_KERNEL in atomic context - [x86] drm/gma500: fix error check - scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()' - scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() - scsi: csiostor: Fix wrong return value in csio_hw_prep_fw() - [x86] VMCI: check return value of get_user_pages_fast() for errors - [ppc64el] tty: hvcs: Don't NULL tty->driver_data until hvcs_cleanup() - pty: do tty_flip_buffer_push without port->lock in pty_write - [x86] pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare() - [x86] pwm: lpss: Add range limit check for the base_unit register value - [x86] video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error - video: fbdev: sis: fix null ptr dereference - video: fbdev: radeon: Fix memleak in radeonfb_pci_register - HID: roccat: add bounds checking in kone_sysfs_write_settings() - [armhf] pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser - [armhf] pinctrl: mcp23s08: Fix mcp23x17 precious range - net/mlx5: Don't call timecounter cyc2time directly from 1PPS flow - [arm64,armhf] net: stmmac: use netif_tx_start|stop_all_queues() function - [arm64] cpufreq: armada-37xx: Add missing MODULE_DEVICE_TABLE - ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd() - [amd64] misc: mic: scif: Fix error handling path - [arm*] usb: dwc2: Fix parameter type in function pointer prototype - quota: clear padding in v2r1_mem2diskdqb() - HID: hid-input: fix stylus battery reporting - net: enic: Cure the enic api locking trainwreck - [mips*] mfd: sm501: Fix leaks in probe() - iwlwifi: mvm: split a print to avoid a WARNING in ROC - usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above. - usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well - nl80211: fix non-split wiphy information - [arm*] usb: dwc2: Fix INTR OUT transfers in DDMA mode. - scsi: target: tcmu: Fix warning: 'page' may be used uninitialized - scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs() - mwifiex: fix double free - ipvs: clear skb->tstamp in forwarding path - netfilter: nf_log: missing vlan offload tag and proto - mm/memcg: fix device private memcg accounting - mm, oom_adj: don't loop through tasks in __set_oom_adj when not necessary - IB/mlx4: Fix starvation in paravirt mux/demux - IB/mlx4: Adjust delayed work when a dup is observed - [powerpc*] pseries: Fix missing of_node_put() in rng_init() - [powerpc*] icp-hv: Fix missing of_node_put() in success path - RDMA/ucma: Fix locking for ctx->events_reported - RDMA/ucma: Add missing locking around rdma_leave_multicast() - [powerpc*] pseries: explicitly reschedule during drmem_lmb list traversal - mtd: mtdoops: Don't write panic data twice - [armel,armhf] ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values - xfs: limit entries returned when counting fsmap records - xfs: fix high key handling in the rt allocator's query_range function - RDMA/qedr: Fix use of uninitialized field - RDMA/qedr: Fix inline size returned for iWARP https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.154 - [powerpc*] 64s/radix: Fix mm_cpumask trimming race vs kthread_use_mm - RDMA/cma: Remove dead code for kernel rdmacm multicast - RDMA/cma: Consolidate the destruction of a cma_multicast in one place - [arm64] RDMA/hns: Set the unsupported wr opcode - [arm64] RDMA/hns: Fix missing sq_sig_type when querying QP - overflow: Include header file with SIZE_MAX declaration - [powerpc*] perf: Exclude pmc5/6 from the irrelevant PMU group constraints - [poerpc*] cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier - IB/rdmavt: Fix sizeof mismatch - f2fs: wait for sysfs kobject removal before freeing f2fs_sb_info - lib/crc32.c: fix trivial typo in preprocessor condition - rapidio: fix error handling path - rapidio: fix the missed put_device() for rio_mport_add_riodev - mailbox: avoid timer start from callback - [arm64,armhf] clk: rockchip: Initialize hw to error to avoid undefined behavior - [arm*] clk: bcm2835: add missing release if devm_clk_hw_register fails - watchdog: Fix memleak in watchdog_cdev_register - watchdog: Use put_device on error - svcrdma: fix bounce buffers for unaligned offsets and multiple pages - ext4: limit entries returned when counting fsmap records - vfio/pci: Clear token on bypass registration failure - [amd64,arm64] vfio iommu type1: Fix memory leak in vfio_iommu_type1_pin_pages - SUNRPC: fix copying of multiple pages in gss_read_proxy_verf() - [armhf] Input: omap4-keypad - fix handling of platform_get_irq() error - [armhf] Input: twl4030_keypad - fix handling of platform_get_irq() error - [armhf] Input: sun4i-ps2 - fix handling of platform_get_irq() error - [x86] KVM: emulating RDPID failure shall return #UD rather than #GP - netfilter: conntrack: connection timeout after re-register - netfilter: nf_fwd_netdev: clear timestamp in forwarding path - [armhf] dts: sun8i: r40: bananapi-m2-ultra: Fix dcdc1 regulator - [armhf] memory: omap-gpmc: Fix a couple off by ones - [powerpc*] powernv/dump: Fix race while processing OPAL dump - nvmet: fix uninitialized work for zero kato - [x86,arm64] i2c: core: Restore acpi_walk_dep_device_list() getting called after registering the ACPI i2c devs - block: ratelimit handle_bad_sector() message - [x86] crypto: ccp - fix error handling - media: firewire: fix memory leak - media: ati_remote: sanity check for both endpoints - media: media/pci: prevent memory leak in bttv_probe - media: uvcvideo: Ensure all probed info is returned to v4l2 - mmc: sdio: Check for CISTPL_VERS_1 buffer size - media: saa7134: avoid a shift overflow - fs: dlm: fix configfs memory leak - [arm64] media: venus: core: Fix runtime PM imbalance in venus_probe - ip_gre: set dev->hard_header_len and dev->needed_headroom properly - mac80211: handle lack of sband->bitrates in rates - PM: hibernate: remove the bogus call to get_gendisk() in software_resume() - scsi: mvumi: Fix error return in mvumi_io_attach() - scsi: target: core: Add CONTROL field for trace events - [amd64] mic: vop: copy data to kernel space then write to io memory - [amd64] misc: vop: add round_up(x,4) for vring_size to avoid kernel panic - usb: gadget: function: printer: fix use-after-free in __lock_acquire - udf: Limit sparing table size - udf: Avoid accessing uninitialized data on failed inode read - USB: cdc-acm: handle broken union descriptors - [arm64,armhf] usb: dwc3: simple: add support for Hikey 970 - [armhf] can: flexcan: flexcan_chip_stop(): add error handling and propagate error value - ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs() - misc: rtsx: Fix memory leak in rtsx_pci_probe - reiserfs: only call unlock_new_inode() if I_NEW - xfs: make sure the rt allocator doesn't run off the end - usb: ohci: Default to per-port over-current protection - Bluetooth: Only mark socket zapped after unlocking - [ppc64el] scsi: ibmvfc: Fix error return in ibmvfc_probe() - brcmsmac: fix memory leak in wlc_phy_attach_lcnphy - rtl8xxxu: prevent potential memory leak - Fix use after free in get_capset_info callback. - scsi: qedi: Protect active command list to avoid list corruption - scsi: qedi: Fix list_del corruption while removing active I/O - [x86] tty: ipwireless: fix error handling - ipvs: Fix uninit-value in do_ip_vs_set_ctl() - reiserfs: Fix memory leak in reiserfs_parse_options() - mwifiex: don't call del_timer_sync() on uninitialized timer - brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach - usb: core: Solve race condition in anchor cleanup functions - ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n() - usb: cdc-acm: add quirk to blacklist ETAS ES58X devices - USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync(). - eeprom: at25: set minimum read/write access stride to 1 - usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets. https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.155 - scripts/setlocalversion: make git describe output more reliable - [arm64] Run ARCH_WORKAROUND_1 enabling code on all CPUs - [arm64] link with -z norelro regardless of CONFIG_RELOCATABLE - [x86,arm64,armhf] efivarfs: Replace invalid slashes with exclamation marks in dentries. - gtp: fix an use-before-init in gtp_newlink() - netem: fix zero division in tabledist - tcp: Prevent low rmem stalls with SO_RCVLOWAT. - tipc: fix memory leak caused by tipc_buf_append() - r8169: fix issue with forced threading in combination with shared interrupts - cxgb4: set up filter action after rewrites - [x86] arch/x86/amd/ibs: Fix re-arming IBS Fetch - [x86] xen: disable Firmware First mode for correctable memory errors - fuse: fix page dereference after free - bpf: Fix comment for helper bpf_current_task_under_cgroup() - p54: avoid accessing the data mapped to streaming DMA - [powerpc*] cxl: Rework error message for incompatible slots - RDMA/addr: Fix race with netevent_callback()/rdma_addr_cancel() - mtd: lpddr: Fix bad logic in print_drs_error - [arm*] serial: pl011: Fix lockdep splat when handling magic-sysrq interrupt - fscrypt: return -EXDEV for incompatible rename or link into encrypted dir - fscrypt: clean up and improve dentry revalidation - fscrypt: fix race allowing rename() and link() of ciphertext dentries - fs, fscrypt: clear DCACHE_ENCRYPTED_NAME when unaliasing directory - fscrypt: only set dentry_operations on ciphertext dentries - fscrypt: fix race where ->lookup() marks plaintext dentry as ciphertext - Revert "block: ratelimit handle_bad_sector() message" - xen/events: don't use chip_data for legacy IRQs - xen/events: avoid removing an event channel while handling it (CVE-2020-27675) - xen/events: add a proper barrier to 2-level uevent unmasking (CVE-2020-27673) - xen/events: fix race in evtchn_fifo_unmask() (CVE-2020-27673) - xen/events: add a new "late EOI" evtchn framework (CVE-2020-27673) - xen/blkback: use lateeoi irq binding (CVE-2020-27673) - xen/netback: use lateeoi irq binding (CVE-2020-27673) - xen/scsiback: use lateeoi irq binding (CVE-2020-27673) - xen/pvcallsback: use lateeoi irq binding (CVE-2020-27673) - xen/pciback: use lateeoi irq binding (CVE-2020-27673) - xen/events: switch user event channels to lateeoi model (CVE-2020-27673) - xen/events: use a common cpu hotplug hook for event channels (CVE-2020-27673) - xen/events: defer eoi in case of excessive number of events (CVE-2020-27673) - xen/events: block rogue events for some time (CVE-2020-27673) - RDMA/qedr: Fix memory leak in iWARP CM - ata: sata_nv: Fix retrieving of active qcs - futex: Fix incorrect should_fail_futex() handling - [powerpc*] powernv/smp: Fix spurious DBG() warning - mm: fix exec activate_mm vs TLB shootdown and lazy tlb switching race - [powerpc*] select ARCH_WANT_IRQS_OFF_ACTIVATE_MM - f2fs: add trace exit in exception path - f2fs: fix uninit-value in f2fs_lookup - f2fs: fix to check segment boundary during SIT page readahead - [armel,armhf] 8997/2: hw_breakpoint: Handle inexact watchpoint addresses - power: supply: bq27xxx: report "not charging" on all types - xfs: fix realtime bitmap/summary file truncation when growing rt volume - ath10k: fix VHT NSS calculation when STBC is enabled - media: videodev2.h: RGB BT2020 and HSV are always full range - [x86] usb: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart - media: tw5864: check status of tw5864_frameinterval_get - mmc: via-sdmmc: Fix data race bug - [arm64] topology: Stop using MPIDR for topology information - media: uvcvideo: Fix dereference of out-of-bound list iterator - USB: adutux: fix debugging - uio: free uio id after uio file node is freed - usb: xhci: omit duplicate actions when suspending a runtime suspended host. - [arm64] mm: return cpu_all_mask when node is NUMA_NO_NODE - xfs: don't free rt blocks when we're doing a REMAP bunmapi call - ACPI: Add out of bounds and numa_off protections to pxm_to_node() - drivers/net/wan/hdlc_fr: Correctly handle special skb->protocol values - btrfs: fix replace of seed device - md/bitmap: md_bitmap_get_counter returns wrong blocks - bnxt_en: Log unknown link speed appropriately. - [arm64] rpmsg: glink: Use complete_all for open states - [armhf] clk: ti: clockdomain: fix static checker warning - net: 9p: initialize sun_server.sun_path to have addr's value only when addr is valid - ext4: Detect already used quota file early - gfs2: add validation checks for size of superblock - cifs: handle -EINTR in cifs_setattr - [armhf] memory: emif: Remove bogus debugfs error handling - nbd: make the config put is called before the notifying the waiter - sgl_alloc_order: fix memory leak - nvme-rdma: fix crash when connect rejected - md/raid5: fix oops during stripe resizing - [x86,arm64] mmc: sdhci-acpi: AMDI0040: Set SDHCI_QUIRK2_PRESET_VALUE_BROKEN - [x86] perf/x86/amd/ibs: Don't include randomized bits in get_ibs_op_count() - [x86] perf/x86/amd/ibs: Fix raw sample data accumulation - media: uvcvideo: Fix uvc_ctrl_fixup_xu_info() not having any effect - fs: Don't invalidate page buffers in block_write_full_page() - NFS: fix nfs_path in case of a rename retry - ACPI: button: fix handling lid state changes when input device closed - [x86] ACPI / extlog: Check for RDMSR failure (Closes: #971058) - [x86] ACPI: video: use ACPI backlight for HP 635 Notebook - [x86] acpi-cpufreq: Honor _PSD table setting on new AMD CPUs - scsi: mptfusion: Fix null pointer dereferences in mptscsih_remove() - scsi: qla2xxx: Fix crash on session cleanup with unload - btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode - btrfs: improve device scanning messages - btrfs: reschedule if necessary when logging directory items - btrfs: send, recompute reference path after orphanization of a directory - btrfs: use kvzalloc() to allocate clone_roots in btrfs_ioctl_send() - btrfs: cleanup cow block on error - btrfs: fix use-after-free on readahead extent after failure to create it - usb: xhci: Workaround for S3 issue on AMD SNPS 3.0 xHC - [arm64,armhf] usb: dwc3: ep0: Fix ZLP for OUT ep0 requests - [arm64,armhf] usb: dwc3: gadget: Check MPS of the request length - [arm64,armhf] usb: dwc3: core: add phy cleanup for probe error handling - [arm64,armhf] usb: dwc3: core: don't trigger runtime pm when remove driver - usb: cdc-acm: fix cooldown mechanism - [x86] usb: typec: tcpm: reset hard_reset_count for any disconnect - [x86] drm/i915: Force VT'd workarounds when running as a guest OS - vt: keyboard, simplify vt_kdgkbsent - vt: keyboard, extend func_buf_lock to readers (CVE-2020-25656) - HID: wacom: Avoid entering wacom_wac_pen_report for pad / battery - udf: Fix memory leak when mounting - [powerpc*] drmem: Make lmb_size 64 bit - [s390x] stp: add locking to sysfs functions - [powerpc*] rtas: Restrict RTAS requests from userspace (CVE-2020-27777) - [powerpc*] Warn about use of smt_snooze_delay - [powerpc*] powernv/elog: Fix race while processing OPAL error log event. - [powerpc*] Fix undetected data corruption with P9N DD2.1 VSX CI load emulation - NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag - NFSD: Add missing NFSv2 .pc_func methods - ubifs: dent: Fix some potential memory leaks while iterating entries - perf python scripting: Fix printable strings in python3 scripts - ubi: check kthread_should_stop() after the setting of task state - [armhf] i2c: imx: Fix external abort on interrupt in exit paths - drm/amdgpu: don't map BO in reserved region - ceph: promote to unsigned long long before shifting - libceph: clear con->out_msg on Policy::stateful_server faults - 9P: Cast to loff_t before multiplying - ring-buffer: Return 0 on success from ring_buffer_resize() - [amd64] vringh: fix __vringh_iov() when riov and wiov are different - ext4: fix leaking sysfs kobject after failed mount - ext4: fix error handling code in add_new_gdb - ext4: fix invalid inode checksum - drm/ttm: fix eviction valuable range check. - tty: make FONTX ioctl use the tty pointer they were actually passed (CVE-2020-25668) - cachefiles: Handle readpage error correctly - device property: Keep secondary firmware node secondary by type - device property: Don't clear secondary pointer for shared primary firmware node - [arm64] KVM: Fix AArch32 handling of DBGD{CCINT,SCRext} and DBGVCR - [x86] staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice - [mips*] staging: octeon: repair "fixed-link" support - [mips*] staging: octeon: Drop on uncorrectable alignment or FCS error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.156 - [x86] drm/i915: Break up error capture compression loops with cond_resched() - tipc: fix use-after-free in tipc_bcast_get_mode - ptrace: fix task_join_group_stop() for the case when current is traced - [arm64] cadence: force nonlinear buffers to be cloned - net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition - sctp: Fix COMM_LOST/CANT_STR_ASSOC err reporting on big-endian platforms - [arm64,armhf] sfp: Fix error handing in sfp_probe() - blktrace: fix debugfs use after free (CVE-2019-19770) - btrfs: extent_io: Kill the forward declaration of flush_write_bio - btrfs: extent_io: Move the BUG_ON() in flush_write_bio() one level up - Revert "btrfs: flush write bio if we loop in extent_write_cache_pages" - btrfs: flush write bio if we loop in extent_write_cache_pages - btrfs: extent_io: Handle errors better in extent_write_full_page() - btrfs: extent_io: Handle errors better in btree_write_cache_pages() - btrfs: extent_io: add proper error handling to lock_extent_buffer_for_io() - Btrfs: fix unwritten extent buffers and hangs on future writeback attempts - btrfs: Don't submit any btree write bio if the fs has errors (CVE-2019-19039, CVE-2019-19377) - btrfs: Move btrfs_check_chunk_valid() to tree-check.[ch] and export it - btrfs: tree-checker: Make chunk item checker messages more readable - btrfs: tree-checker: Make btrfs_check_chunk_valid() return EUCLEAN instead of EIO - btrfs: tree-checker: Check chunk item at tree block read time - btrfs: tree-checker: Verify dev item - btrfs: tree-checker: Fix wrong check on max devid - btrfs: tree-checker: Enhance chunk checker to validate chunk profile (CVE-2019-19816) - btrfs: tree-checker: Verify inode item - btrfs: tree-checker: fix the error message for transid error - Fonts: Replace discarded const qualifier - ALSA: usb-audio: Add implicit feedback quirk for Zoom UAC-2 - ALSA: usb-audio: add usb vendor id as DSD-capable for Khadas devices - ALSA: usb-audio: Add implicit feedback quirk for Qu-16 - ALSA: usb-audio: Add implicit feedback quirk for MODX - mm: mempolicy: fix potential pte_unmap_unlock pte error - kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled - mm: always have io_remap_pfn_range() set pgprot_decrypted() - gfs2: Wake up when sd_glock_disposal becomes zero - ring-buffer: Fix recursion protection transitions between interrupt context - ftrace: Fix recursion check for NMI test - ftrace: Handle tracing when switching between context - tracing: Fix out of bounds write in get_trace_buf - futex: Handle transient "ownerless" rtmutex state correctly - [amd64] x86/kexec: Use up-to-dated screen_info copy to fill boot params - of: Fix reserved-memory overlap detection - blk-cgroup: Fix memleak on error path - blk-cgroup: Pre-allocate tree node on blkg_conf_prep - scsi: core: Don't start concurrent async scan on same host - vsock: use ns_capable_noaudit() on socket create - [arm*] drm/vc4: drv: Add error handding for bind - [amd64,arm64] ACPI: NFIT: Fix comparison to '-ENXIO' - vt: Disable KD_FONT_OP_COPY (CVE-2020-28974) - fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent - USB: serial: cyberjack: fix write-URB completion race - USB: serial: option: add Quectel EC200T module support - USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 - USB: serial: option: add Telit FN980 composition 0x1055 - USB: Add NO_LPM quirk for Kingston flash drive - PM: runtime: Resume the device earlier in __device_release_driver() - perf/core: Fix a memory leak in perf_event_parse_addr_filter() (CVE-2020-25704) - tools: perf: Fix build error in v4.19.y - [arm64,armhf] net: dsa: read mac address from DT for slave device - [arm64] dts: marvell: espressobin: Add ethernet switch aliases https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.157 - [x86] powercap: restrict energy meter to root access (CVE-2020-8694) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.158 - regulator: defer probe when trying to get voltage from unresolved supply - time: Prevent undefined behaviour in timespec64_to_ns() - nbd: don't update block size after device is started - [arm64,armhf] usb: dwc3: gadget: Continue to process pending requests - [arm64,armhf] usb: dwc3: gadget: Reclaim extra TRBs after request completion - btrfs: sysfs: init devices outside of the chunk_mutex - btrfs: reschedule when cloning lots of extents - [x86] hv_balloon: disable warning when floor reached - net: xfrm: fix a race condition during allocing spi - xfs: set xefi_discard when creating a deferred agfl free log intent item - netfilter: ipset: Update byte and packet counters regardless of whether they match - perf tools: Add missing swap for ino_generation - [x86] ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() - can: rx-offload: don't call kfree_skb() from IRQ context - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() - can: peak_usb: add range checking in decode operations - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on - [armhf] can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A - xfs: flush new eof page on truncate to avoid post-eof corruption - [arm64,x86] tpm: efi: Don't create binary_bios_measurements file for an empty log - Btrfs: fix missing error return if writeback for extent buffer never started - ath9k_htc: Use appropriate rs_datalen type - netfilter: use actual socket sk rather than skb sk when routing harder - gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free - gfs2: Add missing truncate_inode_pages_final for sd_aspace - gfs2: check for live vs. read-only file system in gfs2_fitrim - scsi: hpsa: Fix memory leak in hpsa_init_one() - drm/amdgpu: perform srbm soft reset always on SDMA resume - mac80211: fix use of skb payload instead of header - cfg80211: regulatory: Fix inconsistent format argument - scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() - [s390x] smp: move rcu_cpu_starting() earlier - [x86] tpm_tis: Disable interrupts on ThinkPad T490s - tick/common: Touch watchdog in tick_unfreeze() on all CPUs - [x86] pinctrl: intel: Set default bias in case no particular value given - [armel,armhf] 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template - nbd: fix a block_device refcount leak in nbd_release - xfs: fix flags argument to rmap lookup when converting shared file rmaps - xfs: fix rmap key and record comparison functions - lan743x: fix "BUG: invalid wait context" when setting rx mode - xfs: fix a missing unlock on error in xfs_fs_map_blocks - of/address: Fix of_node memory leak in of_dma_is_coherent - [i386] cosa: Add missing kfree in error path of cosa_write - perf: Fix get_recursion_context() - ext4: correctly report "not supported" for {usr,grp}jquota when !CONFIG_QUOTA - ext4: unlock xattr_sem properly in ext4_inline_data_truncate() - btrfs: dev-replace: fail mount if we don't have replace item with target device - [x86] thunderbolt: Fix memory leak if ida_simple_get() fails in enumerate_services() - [x86] thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() - uio: Fix use-after-free in uio_unregister_device() - usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode - futex: Don't enable IRQs unconditionally in put_pi_state() - ocfs2: initialize ip_next_orphan - btrfs: fix potential overflow in cluster_pages_for_defrag on 32bit arch - selinux: Fix error return code in sel_ib_pkey_sid_slow() - gpio: pcie-idio-24: Fix irq mask when masking - gpio: pcie-idio-24: Fix IRQ Enable Register value - gpio: pcie-idio-24: Enable PEX8311 interrupts - don't dump the threads that had been already exiting when zapped. - [x86] drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[] - pinctrl: amd: use higher precision for 512 RtcClk - pinctrl: amd: fix incorrect way to disable debounce filter - swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb" - IPv6: Set SIT tunnel hard_header_len to zero - [s390x] net/af_iucv: fix null pointer dereference on shutdown - net: Update window_clamp if SOCK_RCVBUF is set - tipc: fix memory leak in tipc_topsrv_start() - vrf: Fix fast path output packet handling with async Netfilter rules - r8169: fix potential skb double free in an error path - random32: make prandom_u32() output unpredictable - [x86] speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP - perf/core: Fix race in the perf_mmap_close() function (CVE-2020-14351) - Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint" - reboot: fix overflow parsing reboot cpu number - net: sch_generic: fix the missing new qdisc assignment bug - Convert trailing spaces and periods in path components https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.159 - [powerpc*] 64s: move some exception handlers out of line - [powerpc*] 64s: flush L1D on kernel entry (CVE-2020-4788) - [powerpc*] Add a framework for user access tracking - [powerpc*] Implement user_access_begin and friends - [powerpc*] Fix __clear_user() with KUAP enabled - [powerpc*] uaccess: Evaluate macro arguments once, before user access is allowed - [powerpc*] 64s: flush L1D after user accesses (CVE-2020-4788) - Revert "perf cs-etm: Move definition of 'traceid_list' global variable from header file" - Input: sunkbd - avoid use-after-free in teardown paths (CVE-2020-25669) - mac80211: always wind down STA state - can: proc: can_remove_proc(): silence remove_proc_entry warning - [x86] KVM: x86: clflushopt should be treated as a no-op by emulation - [arm64] ACPI: GED: fix -Wformat https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.160 - ah6: fix error return code in ah6_input() - atm: nicstar: Unmap DMA on send error - bnxt_en: read EEPROM A2h address using page 0 - devlink: Add missing genlmsg_cancel() in devlink_nl_sb_port_pool_fill() - inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill() - lan743x: fix issue causing intermittent kernel log warnings - lan743x: prevent entire kernel HANG on open, for some platforms - net: b44: fix error return code in b44_init_one() - net: bridge: add missing counters to ndo_get_stats64 callback - [arm64,armhf] net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 - net: Have netpoll bring-up DSA management interface - net/mlx4_core: Fix init_hca fields offset - page_frag: Recover from memory pressure - qed: fix error return code in qed_iwarp_ll2_start() - qlcnic: fix error return code in qlcnic_83xx_restart_hw() - sctp: change to hold/put transport for proto_unreach_timer - tcp: only postpone PROBE_RTT if RTT is < current min_rtt estimate - [arm64,armhf] net/mlx5: Disable QoS when min_rates on all VFs are zero - net: usb: qmi_wwan: Set DTR quirk for MR400 - [arm64,armhf] pinctrl: rockchip: enable gpio pclk for rockchip_gpio_to_irq - scsi: ufs: Fix unbalanced scsi_block_reqs_cnt caused by ufshcd_hold() - [x86] ACPI: button: Add DMI quirk for Medion Akoya E2228T - [arm64] psci: Avoid printing in cpu_psci_cpu_die() - vfs: remove lockdep bogosity in __sb_start_write - [arm64] dts: allwinner: a64: Pine64 Plus: Fix ethernet node - [arm64] dts: allwinner: h5: OrangePi PC2: Fix ethernet node - [armhf] dts: sun8i: r40: bananapi-m2-ultra: Fix ethernet node - [armhf] Revert "arm: sun8i: orangepi-pc-plus: Set EMAC activity LEDs to active high" - [armhf] dts: sun8i: h3: orangepi-plus2e: Enable RGMII RX/TX delay on Ethernet PHY - [armhf] dts: sun8i: a83t: Enable both RGMII RX/TX delay on Ethernet PHY - [arm64] dts: allwinner: a64: bananapi-m64: Enable RGMII RX/TX delay on PHY - [mips*] export has_transparent_hugepage() for modules - [arm64] dts: allwinner: h5: OrangePi Prime: Fix ethernet node - perf lock: Don't free "lock_seq_stat" if read_count isn't zero - ip_tunnels: Set tunnel option flag when tunnel metadata is present - can: af_can: prevent potential access of uninitialized member in can_rcv() - can: af_can: prevent potential access of uninitialized member in canfd_rcv() - can: dev: can_restart(): post buffer from the right context - can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() - can: peak_usb: fix potential integer overflow on shift of a int - [arm64] ASoC: qcom: lpass-platform: Fix memory leak - [arm64,armhf] drm/sun4i: dw-hdmi: fix error return code in sun8i_dw_hdmi_bind() - can: kvaser_usb: kvaser_usb_hydra: Fix KCAN bittiming limits - [armhf] regulator: ti-abb: Fix array out of bound read access on the first transition - xfs: revert "xfs: fix rmap key and record comparison functions" - [amd64] efi/x86: Free efi_pgd with free_pages() - libfs: fix error cast of negative value in simple_attr_write() - speakup: Do not let the line discipline be used several times (CVE-2020-28941) - ALSA: firewire: Clean up a locking issue in copy_resp_to_buf() - ALSA: usb-audio: Add delay quirk for all Logitech USB devices - ALSA: ctl: fix error path at adding user-defined element set - ALSA: mixart: Fix mutex deadlock - ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220) - [armhf] tty: serial: imx: keep console clocks always on - [arm64,armhf,x86] efivarfs: fix memory leak in efivarfs_create() - [arm64,x86] staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids - ext4: fix bogus warning in ext4_update_dx_flag() - [x86] iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum - [x86] iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode - [armhf] regulator: pfuze100: limit pfuze-support-disable-sw to pfuze{100,200} - regulator: fix memory leak with repeated set_machine_constraints() - regulator: avoid resolve_supply() infinite recursion - regulator: workaround self-referent regulators - mac80211: minstrel: remove deferred sampling code - mac80211: minstrel: fix tx status processing corner case - mac80211: free sta in sta_info_insert_finish() on errors - [s390x] cpum_sf.c: fix file permission for cpum_sfb_size - [s390x] dasd: fix null pointer dereference for ERP requests - ptrace: Set PF_SUPERPRIV when checking capability - seccomp: Set PF_SUPERPRIV when checking capability - [x86] microcode/intel: Check patch signature before saving microcode for early loading - mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() . [ Salvatore Bonaccorso ] * net: Enable NET_SWITCHDEV; disable on armel/marvell (Closes: #949863) * Bump ABI to 13 * [rt] Update to 4.19.152-rt65 * [rt] Refresh "mm: Protect activate_mm() by preempt_[disable&enable]_rt()" * [rt] Refresh "kthread: convert worker lock to raw spinlock" * [rt] Refresh "signals: Allow rt tasks to cache one sigqueue struct" * [rt] Refresh "tpm_tis: fix stall after iowrite*()s" * [rt] Refresh "futex: Delay deallocation of pi_state" * [rt] Refresh "futex: Make the futex_hash_bucket spinlock_t again" * [rt] Update to 4.19.152-rt66 - mm/memcontrol: Disable preemption in __mod_memcg_lruvec_state() - ptrace: fix ptrace_unfreeze_traced() race with rt-lock * [rt] Update to 4.19.160-rt69 . [ Noah Meyerhans ] * Backport upstream fix for PCI bridge firmware configuration preservation (Closes: #968623) . [ John L. Villalovos ] * Backport support for USB Host Controllers with local memory to avoid crashes. In particular the Renesas USB 3.0 controller (PD720201/PD720202) which is used on the Ampere's Mt Jade platform which is part of their Altra product line: - lib/genalloc: add gen_pool_dma_zalloc() for zeroed DMA allocations - USB: use genalloc for USB HCs with local memory - USB: drop HCD_LOCAL_MEM flag - usb: don't create dma pools for HCDs with a localmem_pool - usb: add a hcd_uses_dma helper - usb: host: ohci-sm501: init genalloc for local memory - usb/hcd: Fix a NULL vs IS_ERR() bug in usb_hcd_setup_local_mem() * [arm64] config/arm64/config: Set NODES_SHIFT to 4 . [ Yves-Alexis Perez ] * usbnet: ipheth: fix connectivity with iOS 14 linux-signed-amd64 (4.19.152+1) buster-security; urgency=high . * Sign kernel from linux 4.19.152-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.147 - [arm64,armhf] dsa: Allow forwarding of redirected IGMP traffic - scsi: qla2xxx: Update rscn_rcvd field to more meaningful scan_needed - scsi: qla2xxx: Move rport registration out of internal work_list - scsi: qla2xxx: Reduce holding sess_lock to prevent CPU lock-up - net: handle the return value of pskb_carve_frag_list() correctly - [x86] hv_netvsc: Remove "unlikely" from netvsc_select_queue - NFSv4.1 handle ERR_DELAY error reclaiming locking state on delegation recall - scsi: pm8001: Fix memleak in pm8001_exec_internal_task_abort - scsi: libfc: Fix for double free() - scsi: lpfc: Fix FLOGI/PLOGI receive race condition in pt2pt discovery - [arm64] regulator: pwm: Fix machine constraints application - NFS: Zero-stateid SETATTR should first return delegation - SUNRPC: stop printk reading past end of string - nvme-fc: cancel async events before freeing event struct - nvme-rdma: cancel async events before freeing event struct - f2fs: fix indefinite loop scanning for free nid - f2fs: Return EOF on unaligned end of file DIO read - i2c: algo: pca: Reapply i2c bus settings after reset - spi: Fix memory leak on splited transfers - [arm64,armhf] clk: rockchip: Fix initialization of mux_pll_src_4plls_p - [arm64] ASoC: qcom: Set card->owner to avoid warnings - [x86] Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload - fbcon: Fix user font detection test at fbcon_resize(). - USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin notebook - USB: UAS: fix disconnect by unplugging a hub - usblp: fix race between disconnect() and read() - [x86] i2c: i801: Fix resume bug - Revert "ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO" - percpu: fix first chunk size calculation for populated bitmap - Input: trackpoint - add new trackpoint variant IDs - serial: 8250_pci: Add Realtek 816a and 816b - ehci-hcd: Move include to keep CRC stable - [powerpc*] dma: Fix dma_map_ops::get_required_mask https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.148 - af_key: pfkey_dump needs parameter validation - KVM: fix memory leak in kvm_io_bus_unregister_dev() - kprobes: fix kill kprobe which has been marked as gone - mm/thp: fix __split_huge_pmd_locked() for migration PMD - cxgb4: Fix offset when clearing filter byte counters - geneve: add transport ports in route lookup for geneve (CVE-2020-25645) - [x86,ppc64el] hdlc_ppp: add range checks in ppp_cp_parse_cr() (CVE-2020-25643) - ip: fix tos reflection in ack and reset packets - ipv6: avoid lockdep issue in fib6_del() - net: DCB: Validate DCB_ATTR_DCB_BUFFER argument - net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC - net: sch_generic: aviod concurrent reset and enqueue op for lockless qdisc - nfp: use correct define to return NONE fec - tipc: Fix memory leak in tipc_group_create_member() - tipc: fix shutdown() of connection oriented socket - tipc: use skb_unshare() instead in tipc_buf_append() - bnxt_en: return proper error codes in bnxt_show_temp - bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex. - net: phy: Avoid NPD upon phy_detach() when driver is unbound - net: add __must_check to skb_put_padto() - ipv4: Update exception handling for multipath routes via same device - kbuild: add OBJSIZE variable for the size tool - mm: memcg: fix memcg reclaim soft lockup - tcp_bbr: refactor bbr_target_cwnd() for general inflight provisioning - tcp_bbr: adapt cwnd based on ack aggregation estimation - serial: 8250: Avoid error message on reprobe https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.149 - selinux: allow labeling before policy is loaded - media: mc-device.c: fix memleak in media_device_register_entity - dma-fence: Serialise signal enabling (dma_fence_enable_sw_signaling) - ath10k: fix array out-of-bounds access - ath10k: fix memory leak for tpc_stats_final - mm: fix double page fault on arm64 if PTE_AF is cleared - scsi: aacraid: fix illegal IO beyond last LBA - [x86] gma/gma500: fix a memory disclosure bug due to uninitialized bytes - [armel,armhf] ASoC: kirkwood: fix IRQ error handling - [amd64] arch/x86/lib/usercopy_64.c: fix __copy_user_flushcache() cache writeback - [x86] ioapic: Unbreak check_timer() - ALSA: usb-audio: Add delay quirk for H570e USB headsets - ALSA: hda/realtek - Couldn't detect Mic if booting with headset plugged - ALSA: hda/realtek: Enable front panel headset LED on Lenovo ThinkStation P520 - lib/string.c: implement stpcpy - [armhf] PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out - [x86] scsi: fnic: fix use after free - scsi: lpfc: Fix kernel crash at lpfc_nvme_info_show during remote port bounce - net: silence data-races on sk_backlog.tail - [armhf] clk/ti/adpll: allocate room for terminating null - mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of cfi_amdstd_setup() - mfd: mfd-core: Protect against NULL call-back function pointer - [x86] tpm_crb: fix fTPM on AMD Zen+ CPUs - tracing: Adding NULL checks for trace_array descriptor pointer - bcache: fix a lost wake-up problem caused by mca_cannibalize_lock - RDMA/qedr: Fix potential use after free - RDMA/i40iw: Fix potential use after free - fix dget_parent() fastpath race - xfs: fix attr leaf header freemap.size underflow - RDMA/iw_cgxb4: Fix an error handling path in 'c4iw_connect()' - ubi: Fix producing anchor PEBs - mmc: core: Fix size overflow for mmc partitions - gfs2: clean up iopen glock mess in gfs2_create_inode - scsi: pm80xx: Cleanup command when a reset times out - CIFS: Properly process SMB3 lease breaks - ASoC: max98090: remove msleep in PLL unlocked workaround - kernel/sys.c: avoid copying possible padding bytes in copy_to_user - [arm64,armhf] KVM: vgic: Fix potential double free dist->spis in __kvm_vgic_destroy() - xfs: fix log reservation overflows when allocating large rt extents - neigh_stat_seq_next() should increase position index - rt_cpu_seq_next should increase position index - ipv6_route_seq_next should increase position index - seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier - sctp: move trace_sctp_probe_path into sctp_outq_sack - [arm64,x86] ACPI: EC: Reference count query handlers under lock - scsi: ufs: Make ufshcd_add_command_trace() easier to read - scsi: ufs: Fix a race condition in the tracing code - [s390x] /cpum_sf: Use kzalloc and minor changes - [powerpc*] eeh: Only dump stack once if an MMIO loop is detected - Bluetooth: btrtl: Use kvmalloc for FW allocations - [armel,armhf] ARM: 8948/1: Prevent OOB access in stacktrace - ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter - ceph: ensure we have a new cap before continuing in fill_inode - Bluetooth: Fix refcount use-after-free issue - mm/swapfile.c: swap_next should increase position index - mm: pagewalk: fix termination condition in walk_pte_range() - Bluetooth: prefetch channel before killing sock - KVM: fix overflow of zero page refcount with ksm running - ALSA: hda: Clear RIRB status before reading WP - skbuff: fix a data race in skb_queue_len() - audit: CONFIG_CHANGE don't log internal bookkeeping as an event - selinux: sel_avc_get_stat_idx should increase position index - scsi: lpfc: Fix RQ buffer leakage when no IOCBs available - scsi: lpfc: Fix coverity errors in fmdi attribute handling - [armhf] drm/omap: fix possible object reference leak - crypto: chelsio - This fixes the kernel panic which occurs during a libkcapi test - mt76: clear skb pointers from rx aggregation reorder buffer during cleanup - ALSA: usb-audio: Don't create a mixer element with bogus volume range - [s390x] perf test: Fix test trace+probe_vfs_getname.sh on s390 - RDMA/rxe: Fix configuration of atomic queue pair attributes - [x86] KVM: x86: fix incorrect comparison in trace event - [x86] pkeys: Add check for pkey "overflow" - bpf: Remove recursion prevention from rcu free callback - [arm64,armhf] dmaengine: tegra-apb: Prevent race conditions on channel's freeing - random: fix data races at timer_rand_state - [arm64] bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host removal - media: go7007: Fix URB type for interrupt handling - Bluetooth: guard against controllers sending zero'd events - timekeeping: Prevent 32bit truncation in scale64_check_overflow() - ext4: fix a data race at inode->i_disksize - mm: avoid data corruption on CoW fault into PFN-mapped VMA - drm/amdgpu: increase atombios cmd timeout - ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read - scsi: aacraid: Disabling TM path and only processing IOP reset - Bluetooth: L2CAP: handle l2cap config request during open state - media: tda10071: fix unsigned sign extension overflow - xfs: don't ever return a stale pointer from __xfs_dir3_free_read - xfs: mark dir corrupt when lookup-by-hash fails - ext4: mark block bitmap corrupted when found instead of BUGON - nfsd: Don't add locks to closed or closing open stateids - RDMA/cm: Remove a race freeing timewait_info - [powerpc*] KVM: PPC: Book3S HV: Treat TM-related invalid form instructions on P9 like the valid ones - [arm64] drm/msm: fix leaks if initialization fails - [arm64] drm/msm/a5xx: Always set an OPP supported hardware value - serial: 8250_port: Don't service RX FIFO if throttled - [powerpc*] cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_work_fn - nvme-multipath: do not reset on unknown status - nvme: Fix controller creation races with teardown flow - RDMA/rxe: Set sys_image_guid to be aligned with HW IB devices - scsi: hpsa: correct race condition in offload enabled - SUNRPC: Fix a potential buffer overflow in 'svc_print_xprts()' - svcrdma: Fix leak of transport addresses - PCI: Use ioremap(), not phys_to_virt() for platform ROM - ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len - ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra endpoint descriptor - PCI: pciehp: Fix MSI interrupt race - NFS: Fix races nfs_page_group_destroy() vs nfs_destroy_unlinked_subrequests() - mm/kmemleak.c: use address-of operator on section symbols - mm/filemap.c: clear page error before actual read - mm/vmscan.c: fix data races using kswapd_classzone_idx - nvmet-rdma: fix double free of rdma queue - mm/mmap.c: initialize align_offset explicitly for vm_unmapped_area - scsi: qedi: Fix termination timeouts in session logout - [arm64] serial: uartps: Wait for tx_empty in console setup - [x86] KVM: Remove CREATE_IRQCHIP/SET_PIT2 race - bdev: Reduce time holding bd_mutex in sync in blkdev_close() - [x86] drivers: char: tlclk.c: Avoid data race between init and interrupt handler - [arm64] KVM: vgic-its: Fix memory leak on the error path of vgic_add_lpi() - net: openvswitch: use u64 for meter bucket - scsi: aacraid: Fix error handling paths in aac_probe_one() - staging:r8188eu: avoid skb_clone for amsdu to msdu conversion - [arm64] cpufeature: Relax checks for AArch32 support at EL[0-2] - dt-bindings: sound: wm8994: Correct required supplies based on actual implementaion - atm: fix a memory leak of vcc->user_back - Bluetooth: Handle Inquiry Cancel error after Inquiry Complete - tipc: fix memory leak in service subscripting - [armhf] tty: serial: samsung: Correct clock selection logic - ALSA: hda: Fix potential race in unsol event handler - [powerpc*] traps: Make unrecoverable NMIs die instead of panic - fuse: don't check refcount after stealing page - [powerpc*] scsi: cxlflash: Fix error return code in cxlflash_probe() - [arm64] cpufeature: Drop TraceFilt feature exposure from ID_DFR0 register - e1000: Do not perform reset in reset_task if we are already down - drm/nouveau/debugfs: fix runtime pm imbalance on error - drm/nouveau: fix runtime pm imbalance on error - drm/nouveau/dispnv50: fix runtime pm imbalance on error - printk: handle blank console arguments passed in. - [arm64,armhf] usb: dwc3: Increase timeout for CmdAct cleared by device controller - btrfs: don't force read-only after error in drop snapshot - vfio/pci: fix memory leaks of eventfd ctx - perf trace: Fix the selection for architectures to generate the errno name tables - [arm64,armhf] wlcore: fix runtime pm imbalance in wl1271_tx_work - [arm64,armhf] wlcore: fix runtime pm imbalance in wlcore_regdomain_config - [arm64,armhf] PCI: tegra: Fix runtime PM imbalance on error - ceph: fix potential race in ceph_check_caps - mm/swap_state: fix a data race in swapin_nr_pages - [armel] mtd: parser: cmdline: Support MTD names containing one or more colons - [x86] speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline - vfio/pci: Clear error and request eventfd ctx after releasing - cifs: Fix double add page to memcg when cifs_readpages - nvme: fix possible deadlock when I/O is blocked - scsi: libfc: Handling of extra kref - scsi: libfc: Skip additional kref updating work event - vfio/pci: fix racy on error and request eventfd ctx - btrfs: qgroup: fix data leak caused by race between writeback and truncate - net: openvswitch: use div_u64() for 64-by-32 divisions - nvme: explicitly update mpath disk capacity on revalidation - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1 - [s390x] init: add missing __init annotations - lockdep: fix order in trace_hardirqs_off_caller() - [amd64] drm/amdkfd: fix a memory leak issue - i2c: core: Call i2c_acpi_install_space_handler() before i2c_acpi_register_devices() - mwifiex: Increase AES key storage size to 256 bits - batman-adv: bla: fix type misuse for backbone_gw hash indexing - atm: eni: fix the missed pci_disable_device() for eni_init_one() - batman-adv: mcast/TT: fix wrongly dropped or rerouted packets - mac802154: tx: fix use-after-free - bpf: Fix clobbering of r2 in bpf_gen_ld_abs - [arm*] drm/vc4/vc4_hdmi: fill ASoC card owner - net: qed: RDMA personality shouldn't fail VF load - batman-adv: Add missing include for in_interrupt() - batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh - batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh - bpf: Fix a rcu warning for bpffs map pretty-print - [x86] ALSA: asihpi: fix iounmap in error handler - regmap: fix page selection for noinc reads - [x86] KVM: Reset MMU context if guest toggles CR4.SMAP or CR4.PKE - [x86] KVM: SVM: Add a dedicated INVD intercept routine - tracing: fix double free - [s390x] dasd: Fix zero write for FBA devices - kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() - mm, THP, swap: fix allocating cluster for swapfile by mistake - [s390x] zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl - ata: define AC_ERR_OK - ata: make qc_prep return ata_completion_errors - ata: sata_mv, avoid trigerrable BUG_ON - [arm64] KVM: Assume write fault on S1PTW permission fault on instruction fetch https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.150 - mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS models - USB: gadget: f_ncm: Fix NDP16 datagram validation - vsock/virtio: use RCU to avoid use-after-free on the_virtio_vsock - vsock/virtio: stop workers during the .remove() - vsock/virtio: add transport parameter to the virtio_transport_reset_no_sock() - net: virtio_vsock: Enhance connection semantics - Input: i8042 - add nopnp quirk for Acer Aspire 5 A515 - ftrace: Move RCU is watching check after recursion check - drm/amdgpu: restore proper ref count in amdgpu_display_crtc_set_config - drivers/net/wan/hdlc_fr: Add needed_headroom for PVC devices - [armhf] drm/sun4i: mixer: Extend regmap max_register - net: dec: de2104x: Increase receive ring size for Tulip - rndis_host: increase sleep time in the query-response loop - nvme-core: get/put ctrl and transport module in nvme_dev_open/release() - [x86,ppc64el] drivers/net/wan/hdlc: Set skb->protocol before transmitting - mac80211: do not allow bigger VHT MPDUs than the hardware supports - nvme-fc: fail new connections to a deleted host or remote port - [armhf] pinctrl: mvebu: Fix i2c sda definition for 98DX3236 - nfs: Fix security label length not being reset - [armhf] clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED - Input: trackpoint - enable Synaptics trackpoints - random32: Restore __latent_entropy attribute on net_rand_state - mm: replace memmap_context by meminit_context - mm: don't rely on system state to detect hot-plug operations - epoll: do not insert into poll queues until all sanity checks are done - epoll: replace ->visited/visited_list with generation count - epoll: EPOLL_CTL_ADD: close the race in decision to take fast path - ep_create_wakeup_source(): dentry name can change under you... - netfilter: ctnetlink: add a range check for l3/l4 protonum (CVE-2020-25211) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.151 - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts - fbcon: Fix global-out-of-bounds read in fbcon_get_font() - net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key() - drm/nouveau/mem: guard against NULL pointer access in mem_del - usermodehelper: reset umask to default before executing user process - [x86] platform/x86: intel-vbtn: Fix SW_TABLET_MODE always reporting 1 on the HP Pavilion 11 x360 - [x86] platform/x86: thinkpad_acpi: initialize tp_nvram_state variable - [x86] platform/x86: intel-vbtn: Switch to an allow-list for SW_TABLET_MODE reporting - [x86] platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse - driver core: Fix probe_count imbalance in really_probe() - [x86] i2c: i801: Exclude device from suspend direct complete optimization - [armhf] mtd: rawnand: sunxi: Fix the probe error path - nvme-core: put ctrl ref when module ref get fail - macsec: avoid use-after-free in macsec_handle_frame() - mm/khugepaged: fix filemap page_to_pgoff(page) != offset - xfrmi: drop ignore_df check before updating pmtu - cifs: Fix incomplete memory allocation on setxattr path - [arm64,armhf] i2c: meson: fix clock setting overwrite - [arm64,armhf] i2c: meson: fixup rate calculation with filter delay - sctp: fix sctp_auth_init_hmacs() error path - team: set dev->needed_headroom in team_setup_by_port() - net: team: fix memory leak in __team_options_register - openvswitch: handle DNAT tuple collision - drm/amdgpu: prevent double kfree ttm->sg - xfrm: clone XFRMA_SET_MARK in xfrm_do_migrate - xfrm: clone XFRMA_REPLAY_ESN_VAL in xfrm_do_migrate - xfrm: clone XFRMA_SEC_CTX in xfrm_do_migrate - xfrm: clone whole liftime_cur structure in xfrm_do_migrate - [arm64,armhf] net: stmmac: removed enabling eee in EEE set callback - xfrm: Use correct address family in xfrm_state_find - bonding: set dev->needed_headroom in bond_setup_by_slave() - net: usb: ax88179_178a: fix missing stop entry in driver_info - net/mlx5e: Fix VLAN cleanup flow - net/mlx5e: Fix VLAN create flow - rxrpc: Fix rxkad token xdr encoding - rxrpc: Downgrade the BUG() for unsupported token type in rxrpc_read() - rxrpc: Fix some missing _bh annotations on locking conn->state_lock - rxrpc: Fix server keyring leak - perf: Fix task_function_call() error handling - mmc: core: don't set limits.discard_granularity as 0 - mm: khugepaged: recalculate min_free_kbytes after memory hotplug as expected by khugepaged - net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.152 - Bluetooth: A2MP: Fix not initializing all members (CVE-2020-12352) - Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel (CVE-2020-12351) - Bluetooth: MGMT: Fix not checking if BT_HS is enabled - Bluetooth: Consolidate encryption handling in hci_encrypt_cfm - Bluetooth: Fix update of connection state in `hci_encrypt_cfm` - Bluetooth: Disconnect if E0 is used for Level 4 - media: usbtv: Fix refcounting mixup - USB: serial: option: add Cellient MPL200 card - USB: serial: option: Add Telit FT980-KS composition - [x86] staging: comedi: check validity of wMaxPacketSize of usb endpoints found - USB: serial: pl2303: add device-id for HP GC device - USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters - reiserfs: Initialize inode keys properly - reiserfs: Fix oops during mount - [arm*] drivers/net/ethernet/marvell/mvmdio.c: Fix non OF case (Closes: #908712) - [x86] crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.148-rt64 * Bump ABI to 12 * Revert "perf cs-etm: Move definition of 'traceid_list' global variable from header file" linux-signed-arm64 (4.19.160+2) buster; urgency=medium . * Sign kernel from linux 4.19.160-2 . * net: Disable MLX5_ESWITCH on mips and mipsel (Fixes FTBFS) linux-signed-arm64 (4.19.160+1) buster; urgency=medium . * Sign kernel from linux 4.19.160-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.153 - [ppc64el] ibmveth: Switch order of ibmveth_helper calls. - [ppc64el] ibmveth: Identify ingress large send packets. - ipv4: Restore flowi4_oif update before call to xfrm_lookup_route - mlx4: handle non-napi callers to napi_poll - [armhf] net: fec: Fix phy_device lookup for phy_reset_after_clk_enable() - [armhf] net: fec: Fix PHY init after phy_reset_after_clk_enable() - net: fix pos incrementment in ipv6_route_seq_next - net/smc: fix valid DMBE buffer sizes - net: usb: qmi_wwan: add Cellient MPL200 card - tipc: fix the skb_unshare() in tipc_buf_append() - net/ipv4: always honour route mtu during forwarding - r8169: fix data corruption issue on RTL8402 - [arm*] binder: fix UAF when releasing todo list (CVE-2020-0423) - ALSA: bebob: potential info leak in hwdep_read() - net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device - [x86,ppc64el] net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling ether_setup - net/sched: act_tunnel_key: fix OOB write in case of IPv6 ERSPAN tunnels - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() - tcp: fix to update snd_wl1 in bulk receiver fast path - r8169: fix operation under forced interrupt threading - icmp: randomize the global rate limiter (CVE-2020-25705) - ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887 - cifs: remove bogus debug code - cifs: Return the error from crypt_message when enc/dec key not found. - [x86] KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages - [x86] KVM: SVM: Initialize prev_ga_tag before use - crypto: algif_aead - Do not set MAY_BACKLOG on the async path - [x86] EDAC/i5100: Fix error handling order in i5100_init_one() - [x86] fpu: Allow multiple bits in clearcpuid= parameter - [arm64] drivers/perf: xgene_pmu: Fix uninitialized resource struct - [x86] nmi: Fix nmi_handle() duration miscalculation - [amd64] x86/events/amd/iommu: Fix sizeof mismatch - crypto: algif_skcipher - EBUSY on aio should be an error - media: tuner-simple: fix regression in simple_set_radio_freq - media: uvcvideo: Set media controller entity functions - media: uvcvideo: Silence shift-out-of-bounds warning - [armhf] media: omap3isp: Fix memleak in isp_probe - [armhf] media: ti-vpe: Fix a missing check and reference count leak - regulator: resolve supply after creating regulator - ath10k: provide survey info as accumulated data - Bluetooth: hci_uart: Cancel init work before unregistering - ath6kl: prevent potential array overflow in ath6kl_add_new_sta() - ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() - ath10k: Fix the size used in a 'dma_free_coherent()' call in an error handling path - [arm64] wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 - [arm64] ASoC: qcom: lpass-platform: fix memory leak - [arm64] ASoC: qcom: lpass-cpu: fix concurrency issue - brcmfmac: check ndev pointer - mwifiex: Do not use GFP_KERNEL in atomic context - [x86] staging: rtl8192u: Do not use GFP_KERNEL in atomic context - [x86] drm/gma500: fix error check - scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()' - scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() - scsi: csiostor: Fix wrong return value in csio_hw_prep_fw() - [x86] VMCI: check return value of get_user_pages_fast() for errors - [ppc64el] tty: hvcs: Don't NULL tty->driver_data until hvcs_cleanup() - pty: do tty_flip_buffer_push without port->lock in pty_write - [x86] pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare() - [x86] pwm: lpss: Add range limit check for the base_unit register value - [x86] video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error - video: fbdev: sis: fix null ptr dereference - video: fbdev: radeon: Fix memleak in radeonfb_pci_register - HID: roccat: add bounds checking in kone_sysfs_write_settings() - [armhf] pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser - [armhf] pinctrl: mcp23s08: Fix mcp23x17 precious range - net/mlx5: Don't call timecounter cyc2time directly from 1PPS flow - [arm64,armhf] net: stmmac: use netif_tx_start|stop_all_queues() function - [arm64] cpufreq: armada-37xx: Add missing MODULE_DEVICE_TABLE - ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd() - [amd64] misc: mic: scif: Fix error handling path - [arm*] usb: dwc2: Fix parameter type in function pointer prototype - quota: clear padding in v2r1_mem2diskdqb() - HID: hid-input: fix stylus battery reporting - net: enic: Cure the enic api locking trainwreck - [mips*] mfd: sm501: Fix leaks in probe() - iwlwifi: mvm: split a print to avoid a WARNING in ROC - usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above. - usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well - nl80211: fix non-split wiphy information - [arm*] usb: dwc2: Fix INTR OUT transfers in DDMA mode. - scsi: target: tcmu: Fix warning: 'page' may be used uninitialized - scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs() - mwifiex: fix double free - ipvs: clear skb->tstamp in forwarding path - netfilter: nf_log: missing vlan offload tag and proto - mm/memcg: fix device private memcg accounting - mm, oom_adj: don't loop through tasks in __set_oom_adj when not necessary - IB/mlx4: Fix starvation in paravirt mux/demux - IB/mlx4: Adjust delayed work when a dup is observed - [powerpc*] pseries: Fix missing of_node_put() in rng_init() - [powerpc*] icp-hv: Fix missing of_node_put() in success path - RDMA/ucma: Fix locking for ctx->events_reported - RDMA/ucma: Add missing locking around rdma_leave_multicast() - [powerpc*] pseries: explicitly reschedule during drmem_lmb list traversal - mtd: mtdoops: Don't write panic data twice - [armel,armhf] ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values - xfs: limit entries returned when counting fsmap records - xfs: fix high key handling in the rt allocator's query_range function - RDMA/qedr: Fix use of uninitialized field - RDMA/qedr: Fix inline size returned for iWARP https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.154 - [powerpc*] 64s/radix: Fix mm_cpumask trimming race vs kthread_use_mm - RDMA/cma: Remove dead code for kernel rdmacm multicast - RDMA/cma: Consolidate the destruction of a cma_multicast in one place - [arm64] RDMA/hns: Set the unsupported wr opcode - [arm64] RDMA/hns: Fix missing sq_sig_type when querying QP - overflow: Include header file with SIZE_MAX declaration - [powerpc*] perf: Exclude pmc5/6 from the irrelevant PMU group constraints - [poerpc*] cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier - IB/rdmavt: Fix sizeof mismatch - f2fs: wait for sysfs kobject removal before freeing f2fs_sb_info - lib/crc32.c: fix trivial typo in preprocessor condition - rapidio: fix error handling path - rapidio: fix the missed put_device() for rio_mport_add_riodev - mailbox: avoid timer start from callback - [arm64,armhf] clk: rockchip: Initialize hw to error to avoid undefined behavior - [arm*] clk: bcm2835: add missing release if devm_clk_hw_register fails - watchdog: Fix memleak in watchdog_cdev_register - watchdog: Use put_device on error - svcrdma: fix bounce buffers for unaligned offsets and multiple pages - ext4: limit entries returned when counting fsmap records - vfio/pci: Clear token on bypass registration failure - [amd64,arm64] vfio iommu type1: Fix memory leak in vfio_iommu_type1_pin_pages - SUNRPC: fix copying of multiple pages in gss_read_proxy_verf() - [armhf] Input: omap4-keypad - fix handling of platform_get_irq() error - [armhf] Input: twl4030_keypad - fix handling of platform_get_irq() error - [armhf] Input: sun4i-ps2 - fix handling of platform_get_irq() error - [x86] KVM: emulating RDPID failure shall return #UD rather than #GP - netfilter: conntrack: connection timeout after re-register - netfilter: nf_fwd_netdev: clear timestamp in forwarding path - [armhf] dts: sun8i: r40: bananapi-m2-ultra: Fix dcdc1 regulator - [armhf] memory: omap-gpmc: Fix a couple off by ones - [powerpc*] powernv/dump: Fix race while processing OPAL dump - nvmet: fix uninitialized work for zero kato - [x86,arm64] i2c: core: Restore acpi_walk_dep_device_list() getting called after registering the ACPI i2c devs - block: ratelimit handle_bad_sector() message - [x86] crypto: ccp - fix error handling - media: firewire: fix memory leak - media: ati_remote: sanity check for both endpoints - media: media/pci: prevent memory leak in bttv_probe - media: uvcvideo: Ensure all probed info is returned to v4l2 - mmc: sdio: Check for CISTPL_VERS_1 buffer size - media: saa7134: avoid a shift overflow - fs: dlm: fix configfs memory leak - [arm64] media: venus: core: Fix runtime PM imbalance in venus_probe - ip_gre: set dev->hard_header_len and dev->needed_headroom properly - mac80211: handle lack of sband->bitrates in rates - PM: hibernate: remove the bogus call to get_gendisk() in software_resume() - scsi: mvumi: Fix error return in mvumi_io_attach() - scsi: target: core: Add CONTROL field for trace events - [amd64] mic: vop: copy data to kernel space then write to io memory - [amd64] misc: vop: add round_up(x,4) for vring_size to avoid kernel panic - usb: gadget: function: printer: fix use-after-free in __lock_acquire - udf: Limit sparing table size - udf: Avoid accessing uninitialized data on failed inode read - USB: cdc-acm: handle broken union descriptors - [arm64,armhf] usb: dwc3: simple: add support for Hikey 970 - [armhf] can: flexcan: flexcan_chip_stop(): add error handling and propagate error value - ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs() - misc: rtsx: Fix memory leak in rtsx_pci_probe - reiserfs: only call unlock_new_inode() if I_NEW - xfs: make sure the rt allocator doesn't run off the end - usb: ohci: Default to per-port over-current protection - Bluetooth: Only mark socket zapped after unlocking - [ppc64el] scsi: ibmvfc: Fix error return in ibmvfc_probe() - brcmsmac: fix memory leak in wlc_phy_attach_lcnphy - rtl8xxxu: prevent potential memory leak - Fix use after free in get_capset_info callback. - scsi: qedi: Protect active command list to avoid list corruption - scsi: qedi: Fix list_del corruption while removing active I/O - [x86] tty: ipwireless: fix error handling - ipvs: Fix uninit-value in do_ip_vs_set_ctl() - reiserfs: Fix memory leak in reiserfs_parse_options() - mwifiex: don't call del_timer_sync() on uninitialized timer - brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach - usb: core: Solve race condition in anchor cleanup functions - ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n() - usb: cdc-acm: add quirk to blacklist ETAS ES58X devices - USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync(). - eeprom: at25: set minimum read/write access stride to 1 - usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets. https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.155 - scripts/setlocalversion: make git describe output more reliable - [arm64] Run ARCH_WORKAROUND_1 enabling code on all CPUs - [arm64] link with -z norelro regardless of CONFIG_RELOCATABLE - [x86,arm64,armhf] efivarfs: Replace invalid slashes with exclamation marks in dentries. - gtp: fix an use-before-init in gtp_newlink() - netem: fix zero division in tabledist - tcp: Prevent low rmem stalls with SO_RCVLOWAT. - tipc: fix memory leak caused by tipc_buf_append() - r8169: fix issue with forced threading in combination with shared interrupts - cxgb4: set up filter action after rewrites - [x86] arch/x86/amd/ibs: Fix re-arming IBS Fetch - [x86] xen: disable Firmware First mode for correctable memory errors - fuse: fix page dereference after free - bpf: Fix comment for helper bpf_current_task_under_cgroup() - p54: avoid accessing the data mapped to streaming DMA - [powerpc*] cxl: Rework error message for incompatible slots - RDMA/addr: Fix race with netevent_callback()/rdma_addr_cancel() - mtd: lpddr: Fix bad logic in print_drs_error - [arm*] serial: pl011: Fix lockdep splat when handling magic-sysrq interrupt - fscrypt: return -EXDEV for incompatible rename or link into encrypted dir - fscrypt: clean up and improve dentry revalidation - fscrypt: fix race allowing rename() and link() of ciphertext dentries - fs, fscrypt: clear DCACHE_ENCRYPTED_NAME when unaliasing directory - fscrypt: only set dentry_operations on ciphertext dentries - fscrypt: fix race where ->lookup() marks plaintext dentry as ciphertext - Revert "block: ratelimit handle_bad_sector() message" - xen/events: don't use chip_data for legacy IRQs - xen/events: avoid removing an event channel while handling it (CVE-2020-27675) - xen/events: add a proper barrier to 2-level uevent unmasking (CVE-2020-27673) - xen/events: fix race in evtchn_fifo_unmask() (CVE-2020-27673) - xen/events: add a new "late EOI" evtchn framework (CVE-2020-27673) - xen/blkback: use lateeoi irq binding (CVE-2020-27673) - xen/netback: use lateeoi irq binding (CVE-2020-27673) - xen/scsiback: use lateeoi irq binding (CVE-2020-27673) - xen/pvcallsback: use lateeoi irq binding (CVE-2020-27673) - xen/pciback: use lateeoi irq binding (CVE-2020-27673) - xen/events: switch user event channels to lateeoi model (CVE-2020-27673) - xen/events: use a common cpu hotplug hook for event channels (CVE-2020-27673) - xen/events: defer eoi in case of excessive number of events (CVE-2020-27673) - xen/events: block rogue events for some time (CVE-2020-27673) - RDMA/qedr: Fix memory leak in iWARP CM - ata: sata_nv: Fix retrieving of active qcs - futex: Fix incorrect should_fail_futex() handling - [powerpc*] powernv/smp: Fix spurious DBG() warning - mm: fix exec activate_mm vs TLB shootdown and lazy tlb switching race - [powerpc*] select ARCH_WANT_IRQS_OFF_ACTIVATE_MM - f2fs: add trace exit in exception path - f2fs: fix uninit-value in f2fs_lookup - f2fs: fix to check segment boundary during SIT page readahead - [armel,armhf] 8997/2: hw_breakpoint: Handle inexact watchpoint addresses - power: supply: bq27xxx: report "not charging" on all types - xfs: fix realtime bitmap/summary file truncation when growing rt volume - ath10k: fix VHT NSS calculation when STBC is enabled - media: videodev2.h: RGB BT2020 and HSV are always full range - [x86] usb: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart - media: tw5864: check status of tw5864_frameinterval_get - mmc: via-sdmmc: Fix data race bug - [arm64] topology: Stop using MPIDR for topology information - media: uvcvideo: Fix dereference of out-of-bound list iterator - USB: adutux: fix debugging - uio: free uio id after uio file node is freed - usb: xhci: omit duplicate actions when suspending a runtime suspended host. - [arm64] mm: return cpu_all_mask when node is NUMA_NO_NODE - xfs: don't free rt blocks when we're doing a REMAP bunmapi call - ACPI: Add out of bounds and numa_off protections to pxm_to_node() - drivers/net/wan/hdlc_fr: Correctly handle special skb->protocol values - btrfs: fix replace of seed device - md/bitmap: md_bitmap_get_counter returns wrong blocks - bnxt_en: Log unknown link speed appropriately. - [arm64] rpmsg: glink: Use complete_all for open states - [armhf] clk: ti: clockdomain: fix static checker warning - net: 9p: initialize sun_server.sun_path to have addr's value only when addr is valid - ext4: Detect already used quota file early - gfs2: add validation checks for size of superblock - cifs: handle -EINTR in cifs_setattr - [armhf] memory: emif: Remove bogus debugfs error handling - nbd: make the config put is called before the notifying the waiter - sgl_alloc_order: fix memory leak - nvme-rdma: fix crash when connect rejected - md/raid5: fix oops during stripe resizing - [x86,arm64] mmc: sdhci-acpi: AMDI0040: Set SDHCI_QUIRK2_PRESET_VALUE_BROKEN - [x86] perf/x86/amd/ibs: Don't include randomized bits in get_ibs_op_count() - [x86] perf/x86/amd/ibs: Fix raw sample data accumulation - media: uvcvideo: Fix uvc_ctrl_fixup_xu_info() not having any effect - fs: Don't invalidate page buffers in block_write_full_page() - NFS: fix nfs_path in case of a rename retry - ACPI: button: fix handling lid state changes when input device closed - [x86] ACPI / extlog: Check for RDMSR failure (Closes: #971058) - [x86] ACPI: video: use ACPI backlight for HP 635 Notebook - [x86] acpi-cpufreq: Honor _PSD table setting on new AMD CPUs - scsi: mptfusion: Fix null pointer dereferences in mptscsih_remove() - scsi: qla2xxx: Fix crash on session cleanup with unload - btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode - btrfs: improve device scanning messages - btrfs: reschedule if necessary when logging directory items - btrfs: send, recompute reference path after orphanization of a directory - btrfs: use kvzalloc() to allocate clone_roots in btrfs_ioctl_send() - btrfs: cleanup cow block on error - btrfs: fix use-after-free on readahead extent after failure to create it - usb: xhci: Workaround for S3 issue on AMD SNPS 3.0 xHC - [arm64,armhf] usb: dwc3: ep0: Fix ZLP for OUT ep0 requests - [arm64,armhf] usb: dwc3: gadget: Check MPS of the request length - [arm64,armhf] usb: dwc3: core: add phy cleanup for probe error handling - [arm64,armhf] usb: dwc3: core: don't trigger runtime pm when remove driver - usb: cdc-acm: fix cooldown mechanism - [x86] usb: typec: tcpm: reset hard_reset_count for any disconnect - [x86] drm/i915: Force VT'd workarounds when running as a guest OS - vt: keyboard, simplify vt_kdgkbsent - vt: keyboard, extend func_buf_lock to readers (CVE-2020-25656) - HID: wacom: Avoid entering wacom_wac_pen_report for pad / battery - udf: Fix memory leak when mounting - [powerpc*] drmem: Make lmb_size 64 bit - [s390x] stp: add locking to sysfs functions - [powerpc*] rtas: Restrict RTAS requests from userspace (CVE-2020-27777) - [powerpc*] Warn about use of smt_snooze_delay - [powerpc*] powernv/elog: Fix race while processing OPAL error log event. - [powerpc*] Fix undetected data corruption with P9N DD2.1 VSX CI load emulation - NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag - NFSD: Add missing NFSv2 .pc_func methods - ubifs: dent: Fix some potential memory leaks while iterating entries - perf python scripting: Fix printable strings in python3 scripts - ubi: check kthread_should_stop() after the setting of task state - [armhf] i2c: imx: Fix external abort on interrupt in exit paths - drm/amdgpu: don't map BO in reserved region - ceph: promote to unsigned long long before shifting - libceph: clear con->out_msg on Policy::stateful_server faults - 9P: Cast to loff_t before multiplying - ring-buffer: Return 0 on success from ring_buffer_resize() - [amd64] vringh: fix __vringh_iov() when riov and wiov are different - ext4: fix leaking sysfs kobject after failed mount - ext4: fix error handling code in add_new_gdb - ext4: fix invalid inode checksum - drm/ttm: fix eviction valuable range check. - tty: make FONTX ioctl use the tty pointer they were actually passed (CVE-2020-25668) - cachefiles: Handle readpage error correctly - device property: Keep secondary firmware node secondary by type - device property: Don't clear secondary pointer for shared primary firmware node - [arm64] KVM: Fix AArch32 handling of DBGD{CCINT,SCRext} and DBGVCR - [x86] staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice - [mips*] staging: octeon: repair "fixed-link" support - [mips*] staging: octeon: Drop on uncorrectable alignment or FCS error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.156 - [x86] drm/i915: Break up error capture compression loops with cond_resched() - tipc: fix use-after-free in tipc_bcast_get_mode - ptrace: fix task_join_group_stop() for the case when current is traced - [arm64] cadence: force nonlinear buffers to be cloned - net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition - sctp: Fix COMM_LOST/CANT_STR_ASSOC err reporting on big-endian platforms - [arm64,armhf] sfp: Fix error handing in sfp_probe() - blktrace: fix debugfs use after free (CVE-2019-19770) - btrfs: extent_io: Kill the forward declaration of flush_write_bio - btrfs: extent_io: Move the BUG_ON() in flush_write_bio() one level up - Revert "btrfs: flush write bio if we loop in extent_write_cache_pages" - btrfs: flush write bio if we loop in extent_write_cache_pages - btrfs: extent_io: Handle errors better in extent_write_full_page() - btrfs: extent_io: Handle errors better in btree_write_cache_pages() - btrfs: extent_io: add proper error handling to lock_extent_buffer_for_io() - Btrfs: fix unwritten extent buffers and hangs on future writeback attempts - btrfs: Don't submit any btree write bio if the fs has errors (CVE-2019-19039, CVE-2019-19377) - btrfs: Move btrfs_check_chunk_valid() to tree-check.[ch] and export it - btrfs: tree-checker: Make chunk item checker messages more readable - btrfs: tree-checker: Make btrfs_check_chunk_valid() return EUCLEAN instead of EIO - btrfs: tree-checker: Check chunk item at tree block read time - btrfs: tree-checker: Verify dev item - btrfs: tree-checker: Fix wrong check on max devid - btrfs: tree-checker: Enhance chunk checker to validate chunk profile (CVE-2019-19816) - btrfs: tree-checker: Verify inode item - btrfs: tree-checker: fix the error message for transid error - Fonts: Replace discarded const qualifier - ALSA: usb-audio: Add implicit feedback quirk for Zoom UAC-2 - ALSA: usb-audio: add usb vendor id as DSD-capable for Khadas devices - ALSA: usb-audio: Add implicit feedback quirk for Qu-16 - ALSA: usb-audio: Add implicit feedback quirk for MODX - mm: mempolicy: fix potential pte_unmap_unlock pte error - kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled - mm: always have io_remap_pfn_range() set pgprot_decrypted() - gfs2: Wake up when sd_glock_disposal becomes zero - ring-buffer: Fix recursion protection transitions between interrupt context - ftrace: Fix recursion check for NMI test - ftrace: Handle tracing when switching between context - tracing: Fix out of bounds write in get_trace_buf - futex: Handle transient "ownerless" rtmutex state correctly - [amd64] x86/kexec: Use up-to-dated screen_info copy to fill boot params - of: Fix reserved-memory overlap detection - blk-cgroup: Fix memleak on error path - blk-cgroup: Pre-allocate tree node on blkg_conf_prep - scsi: core: Don't start concurrent async scan on same host - vsock: use ns_capable_noaudit() on socket create - [arm*] drm/vc4: drv: Add error handding for bind - [amd64,arm64] ACPI: NFIT: Fix comparison to '-ENXIO' - vt: Disable KD_FONT_OP_COPY (CVE-2020-28974) - fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent - USB: serial: cyberjack: fix write-URB completion race - USB: serial: option: add Quectel EC200T module support - USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 - USB: serial: option: add Telit FN980 composition 0x1055 - USB: Add NO_LPM quirk for Kingston flash drive - PM: runtime: Resume the device earlier in __device_release_driver() - perf/core: Fix a memory leak in perf_event_parse_addr_filter() (CVE-2020-25704) - tools: perf: Fix build error in v4.19.y - [arm64,armhf] net: dsa: read mac address from DT for slave device - [arm64] dts: marvell: espressobin: Add ethernet switch aliases https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.157 - [x86] powercap: restrict energy meter to root access (CVE-2020-8694) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.158 - regulator: defer probe when trying to get voltage from unresolved supply - time: Prevent undefined behaviour in timespec64_to_ns() - nbd: don't update block size after device is started - [arm64,armhf] usb: dwc3: gadget: Continue to process pending requests - [arm64,armhf] usb: dwc3: gadget: Reclaim extra TRBs after request completion - btrfs: sysfs: init devices outside of the chunk_mutex - btrfs: reschedule when cloning lots of extents - [x86] hv_balloon: disable warning when floor reached - net: xfrm: fix a race condition during allocing spi - xfs: set xefi_discard when creating a deferred agfl free log intent item - netfilter: ipset: Update byte and packet counters regardless of whether they match - perf tools: Add missing swap for ino_generation - [x86] ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() - can: rx-offload: don't call kfree_skb() from IRQ context - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() - can: peak_usb: add range checking in decode operations - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on - [armhf] can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A - xfs: flush new eof page on truncate to avoid post-eof corruption - [arm64,x86] tpm: efi: Don't create binary_bios_measurements file for an empty log - Btrfs: fix missing error return if writeback for extent buffer never started - ath9k_htc: Use appropriate rs_datalen type - netfilter: use actual socket sk rather than skb sk when routing harder - gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free - gfs2: Add missing truncate_inode_pages_final for sd_aspace - gfs2: check for live vs. read-only file system in gfs2_fitrim - scsi: hpsa: Fix memory leak in hpsa_init_one() - drm/amdgpu: perform srbm soft reset always on SDMA resume - mac80211: fix use of skb payload instead of header - cfg80211: regulatory: Fix inconsistent format argument - scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() - [s390x] smp: move rcu_cpu_starting() earlier - [x86] tpm_tis: Disable interrupts on ThinkPad T490s - tick/common: Touch watchdog in tick_unfreeze() on all CPUs - [x86] pinctrl: intel: Set default bias in case no particular value given - [armel,armhf] 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template - nbd: fix a block_device refcount leak in nbd_release - xfs: fix flags argument to rmap lookup when converting shared file rmaps - xfs: fix rmap key and record comparison functions - lan743x: fix "BUG: invalid wait context" when setting rx mode - xfs: fix a missing unlock on error in xfs_fs_map_blocks - of/address: Fix of_node memory leak in of_dma_is_coherent - [i386] cosa: Add missing kfree in error path of cosa_write - perf: Fix get_recursion_context() - ext4: correctly report "not supported" for {usr,grp}jquota when !CONFIG_QUOTA - ext4: unlock xattr_sem properly in ext4_inline_data_truncate() - btrfs: dev-replace: fail mount if we don't have replace item with target device - [x86] thunderbolt: Fix memory leak if ida_simple_get() fails in enumerate_services() - [x86] thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() - uio: Fix use-after-free in uio_unregister_device() - usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode - futex: Don't enable IRQs unconditionally in put_pi_state() - ocfs2: initialize ip_next_orphan - btrfs: fix potential overflow in cluster_pages_for_defrag on 32bit arch - selinux: Fix error return code in sel_ib_pkey_sid_slow() - gpio: pcie-idio-24: Fix irq mask when masking - gpio: pcie-idio-24: Fix IRQ Enable Register value - gpio: pcie-idio-24: Enable PEX8311 interrupts - don't dump the threads that had been already exiting when zapped. - [x86] drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[] - pinctrl: amd: use higher precision for 512 RtcClk - pinctrl: amd: fix incorrect way to disable debounce filter - swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb" - IPv6: Set SIT tunnel hard_header_len to zero - [s390x] net/af_iucv: fix null pointer dereference on shutdown - net: Update window_clamp if SOCK_RCVBUF is set - tipc: fix memory leak in tipc_topsrv_start() - vrf: Fix fast path output packet handling with async Netfilter rules - r8169: fix potential skb double free in an error path - random32: make prandom_u32() output unpredictable - [x86] speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP - perf/core: Fix race in the perf_mmap_close() function (CVE-2020-14351) - Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint" - reboot: fix overflow parsing reboot cpu number - net: sch_generic: fix the missing new qdisc assignment bug - Convert trailing spaces and periods in path components https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.159 - [powerpc*] 64s: move some exception handlers out of line - [powerpc*] 64s: flush L1D on kernel entry (CVE-2020-4788) - [powerpc*] Add a framework for user access tracking - [powerpc*] Implement user_access_begin and friends - [powerpc*] Fix __clear_user() with KUAP enabled - [powerpc*] uaccess: Evaluate macro arguments once, before user access is allowed - [powerpc*] 64s: flush L1D after user accesses (CVE-2020-4788) - Revert "perf cs-etm: Move definition of 'traceid_list' global variable from header file" - Input: sunkbd - avoid use-after-free in teardown paths (CVE-2020-25669) - mac80211: always wind down STA state - can: proc: can_remove_proc(): silence remove_proc_entry warning - [x86] KVM: x86: clflushopt should be treated as a no-op by emulation - [arm64] ACPI: GED: fix -Wformat https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.160 - ah6: fix error return code in ah6_input() - atm: nicstar: Unmap DMA on send error - bnxt_en: read EEPROM A2h address using page 0 - devlink: Add missing genlmsg_cancel() in devlink_nl_sb_port_pool_fill() - inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill() - lan743x: fix issue causing intermittent kernel log warnings - lan743x: prevent entire kernel HANG on open, for some platforms - net: b44: fix error return code in b44_init_one() - net: bridge: add missing counters to ndo_get_stats64 callback - [arm64,armhf] net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 - net: Have netpoll bring-up DSA management interface - net/mlx4_core: Fix init_hca fields offset - page_frag: Recover from memory pressure - qed: fix error return code in qed_iwarp_ll2_start() - qlcnic: fix error return code in qlcnic_83xx_restart_hw() - sctp: change to hold/put transport for proto_unreach_timer - tcp: only postpone PROBE_RTT if RTT is < current min_rtt estimate - [arm64,armhf] net/mlx5: Disable QoS when min_rates on all VFs are zero - net: usb: qmi_wwan: Set DTR quirk for MR400 - [arm64,armhf] pinctrl: rockchip: enable gpio pclk for rockchip_gpio_to_irq - scsi: ufs: Fix unbalanced scsi_block_reqs_cnt caused by ufshcd_hold() - [x86] ACPI: button: Add DMI quirk for Medion Akoya E2228T - [arm64] psci: Avoid printing in cpu_psci_cpu_die() - vfs: remove lockdep bogosity in __sb_start_write - [arm64] dts: allwinner: a64: Pine64 Plus: Fix ethernet node - [arm64] dts: allwinner: h5: OrangePi PC2: Fix ethernet node - [armhf] dts: sun8i: r40: bananapi-m2-ultra: Fix ethernet node - [armhf] Revert "arm: sun8i: orangepi-pc-plus: Set EMAC activity LEDs to active high" - [armhf] dts: sun8i: h3: orangepi-plus2e: Enable RGMII RX/TX delay on Ethernet PHY - [armhf] dts: sun8i: a83t: Enable both RGMII RX/TX delay on Ethernet PHY - [arm64] dts: allwinner: a64: bananapi-m64: Enable RGMII RX/TX delay on PHY - [mips*] export has_transparent_hugepage() for modules - [arm64] dts: allwinner: h5: OrangePi Prime: Fix ethernet node - perf lock: Don't free "lock_seq_stat" if read_count isn't zero - ip_tunnels: Set tunnel option flag when tunnel metadata is present - can: af_can: prevent potential access of uninitialized member in can_rcv() - can: af_can: prevent potential access of uninitialized member in canfd_rcv() - can: dev: can_restart(): post buffer from the right context - can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() - can: peak_usb: fix potential integer overflow on shift of a int - [arm64] ASoC: qcom: lpass-platform: Fix memory leak - [arm64,armhf] drm/sun4i: dw-hdmi: fix error return code in sun8i_dw_hdmi_bind() - can: kvaser_usb: kvaser_usb_hydra: Fix KCAN bittiming limits - [armhf] regulator: ti-abb: Fix array out of bound read access on the first transition - xfs: revert "xfs: fix rmap key and record comparison functions" - [amd64] efi/x86: Free efi_pgd with free_pages() - libfs: fix error cast of negative value in simple_attr_write() - speakup: Do not let the line discipline be used several times (CVE-2020-28941) - ALSA: firewire: Clean up a locking issue in copy_resp_to_buf() - ALSA: usb-audio: Add delay quirk for all Logitech USB devices - ALSA: ctl: fix error path at adding user-defined element set - ALSA: mixart: Fix mutex deadlock - ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220) - [armhf] tty: serial: imx: keep console clocks always on - [arm64,armhf,x86] efivarfs: fix memory leak in efivarfs_create() - [arm64,x86] staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids - ext4: fix bogus warning in ext4_update_dx_flag() - [x86] iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum - [x86] iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode - [armhf] regulator: pfuze100: limit pfuze-support-disable-sw to pfuze{100,200} - regulator: fix memory leak with repeated set_machine_constraints() - regulator: avoid resolve_supply() infinite recursion - regulator: workaround self-referent regulators - mac80211: minstrel: remove deferred sampling code - mac80211: minstrel: fix tx status processing corner case - mac80211: free sta in sta_info_insert_finish() on errors - [s390x] cpum_sf.c: fix file permission for cpum_sfb_size - [s390x] dasd: fix null pointer dereference for ERP requests - ptrace: Set PF_SUPERPRIV when checking capability - seccomp: Set PF_SUPERPRIV when checking capability - [x86] microcode/intel: Check patch signature before saving microcode for early loading - mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() . [ Salvatore Bonaccorso ] * net: Enable NET_SWITCHDEV; disable on armel/marvell (Closes: #949863) * Bump ABI to 13 * [rt] Update to 4.19.152-rt65 * [rt] Refresh "mm: Protect activate_mm() by preempt_[disable&enable]_rt()" * [rt] Refresh "kthread: convert worker lock to raw spinlock" * [rt] Refresh "signals: Allow rt tasks to cache one sigqueue struct" * [rt] Refresh "tpm_tis: fix stall after iowrite*()s" * [rt] Refresh "futex: Delay deallocation of pi_state" * [rt] Refresh "futex: Make the futex_hash_bucket spinlock_t again" * [rt] Update to 4.19.152-rt66 - mm/memcontrol: Disable preemption in __mod_memcg_lruvec_state() - ptrace: fix ptrace_unfreeze_traced() race with rt-lock * [rt] Update to 4.19.160-rt69 . [ Noah Meyerhans ] * Backport upstream fix for PCI bridge firmware configuration preservation (Closes: #968623) . [ John L. Villalovos ] * Backport support for USB Host Controllers with local memory to avoid crashes. In particular the Renesas USB 3.0 controller (PD720201/PD720202) which is used on the Ampere's Mt Jade platform which is part of their Altra product line: - lib/genalloc: add gen_pool_dma_zalloc() for zeroed DMA allocations - USB: use genalloc for USB HCs with local memory - USB: drop HCD_LOCAL_MEM flag - usb: don't create dma pools for HCDs with a localmem_pool - usb: add a hcd_uses_dma helper - usb: host: ohci-sm501: init genalloc for local memory - usb/hcd: Fix a NULL vs IS_ERR() bug in usb_hcd_setup_local_mem() * [arm64] config/arm64/config: Set NODES_SHIFT to 4 . [ Yves-Alexis Perez ] * usbnet: ipheth: fix connectivity with iOS 14 linux-signed-arm64 (4.19.152+1) buster-security; urgency=high . * Sign kernel from linux 4.19.152-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.147 - [arm64,armhf] dsa: Allow forwarding of redirected IGMP traffic - scsi: qla2xxx: Update rscn_rcvd field to more meaningful scan_needed - scsi: qla2xxx: Move rport registration out of internal work_list - scsi: qla2xxx: Reduce holding sess_lock to prevent CPU lock-up - net: handle the return value of pskb_carve_frag_list() correctly - [x86] hv_netvsc: Remove "unlikely" from netvsc_select_queue - NFSv4.1 handle ERR_DELAY error reclaiming locking state on delegation recall - scsi: pm8001: Fix memleak in pm8001_exec_internal_task_abort - scsi: libfc: Fix for double free() - scsi: lpfc: Fix FLOGI/PLOGI receive race condition in pt2pt discovery - [arm64] regulator: pwm: Fix machine constraints application - NFS: Zero-stateid SETATTR should first return delegation - SUNRPC: stop printk reading past end of string - nvme-fc: cancel async events before freeing event struct - nvme-rdma: cancel async events before freeing event struct - f2fs: fix indefinite loop scanning for free nid - f2fs: Return EOF on unaligned end of file DIO read - i2c: algo: pca: Reapply i2c bus settings after reset - spi: Fix memory leak on splited transfers - [arm64,armhf] clk: rockchip: Fix initialization of mux_pll_src_4plls_p - [arm64] ASoC: qcom: Set card->owner to avoid warnings - [x86] Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload - fbcon: Fix user font detection test at fbcon_resize(). - USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin notebook - USB: UAS: fix disconnect by unplugging a hub - usblp: fix race between disconnect() and read() - [x86] i2c: i801: Fix resume bug - Revert "ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO" - percpu: fix first chunk size calculation for populated bitmap - Input: trackpoint - add new trackpoint variant IDs - serial: 8250_pci: Add Realtek 816a and 816b - ehci-hcd: Move include to keep CRC stable - [powerpc*] dma: Fix dma_map_ops::get_required_mask https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.148 - af_key: pfkey_dump needs parameter validation - KVM: fix memory leak in kvm_io_bus_unregister_dev() - kprobes: fix kill kprobe which has been marked as gone - mm/thp: fix __split_huge_pmd_locked() for migration PMD - cxgb4: Fix offset when clearing filter byte counters - geneve: add transport ports in route lookup for geneve (CVE-2020-25645) - [x86,ppc64el] hdlc_ppp: add range checks in ppp_cp_parse_cr() (CVE-2020-25643) - ip: fix tos reflection in ack and reset packets - ipv6: avoid lockdep issue in fib6_del() - net: DCB: Validate DCB_ATTR_DCB_BUFFER argument - net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC - net: sch_generic: aviod concurrent reset and enqueue op for lockless qdisc - nfp: use correct define to return NONE fec - tipc: Fix memory leak in tipc_group_create_member() - tipc: fix shutdown() of connection oriented socket - tipc: use skb_unshare() instead in tipc_buf_append() - bnxt_en: return proper error codes in bnxt_show_temp - bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex. - net: phy: Avoid NPD upon phy_detach() when driver is unbound - net: add __must_check to skb_put_padto() - ipv4: Update exception handling for multipath routes via same device - kbuild: add OBJSIZE variable for the size tool - mm: memcg: fix memcg reclaim soft lockup - tcp_bbr: refactor bbr_target_cwnd() for general inflight provisioning - tcp_bbr: adapt cwnd based on ack aggregation estimation - serial: 8250: Avoid error message on reprobe https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.149 - selinux: allow labeling before policy is loaded - media: mc-device.c: fix memleak in media_device_register_entity - dma-fence: Serialise signal enabling (dma_fence_enable_sw_signaling) - ath10k: fix array out-of-bounds access - ath10k: fix memory leak for tpc_stats_final - mm: fix double page fault on arm64 if PTE_AF is cleared - scsi: aacraid: fix illegal IO beyond last LBA - [x86] gma/gma500: fix a memory disclosure bug due to uninitialized bytes - [armel,armhf] ASoC: kirkwood: fix IRQ error handling - [amd64] arch/x86/lib/usercopy_64.c: fix __copy_user_flushcache() cache writeback - [x86] ioapic: Unbreak check_timer() - ALSA: usb-audio: Add delay quirk for H570e USB headsets - ALSA: hda/realtek - Couldn't detect Mic if booting with headset plugged - ALSA: hda/realtek: Enable front panel headset LED on Lenovo ThinkStation P520 - lib/string.c: implement stpcpy - [armhf] PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out - [x86] scsi: fnic: fix use after free - scsi: lpfc: Fix kernel crash at lpfc_nvme_info_show during remote port bounce - net: silence data-races on sk_backlog.tail - [armhf] clk/ti/adpll: allocate room for terminating null - mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of cfi_amdstd_setup() - mfd: mfd-core: Protect against NULL call-back function pointer - [x86] tpm_crb: fix fTPM on AMD Zen+ CPUs - tracing: Adding NULL checks for trace_array descriptor pointer - bcache: fix a lost wake-up problem caused by mca_cannibalize_lock - RDMA/qedr: Fix potential use after free - RDMA/i40iw: Fix potential use after free - fix dget_parent() fastpath race - xfs: fix attr leaf header freemap.size underflow - RDMA/iw_cgxb4: Fix an error handling path in 'c4iw_connect()' - ubi: Fix producing anchor PEBs - mmc: core: Fix size overflow for mmc partitions - gfs2: clean up iopen glock mess in gfs2_create_inode - scsi: pm80xx: Cleanup command when a reset times out - CIFS: Properly process SMB3 lease breaks - ASoC: max98090: remove msleep in PLL unlocked workaround - kernel/sys.c: avoid copying possible padding bytes in copy_to_user - [arm64,armhf] KVM: vgic: Fix potential double free dist->spis in __kvm_vgic_destroy() - xfs: fix log reservation overflows when allocating large rt extents - neigh_stat_seq_next() should increase position index - rt_cpu_seq_next should increase position index - ipv6_route_seq_next should increase position index - seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier - sctp: move trace_sctp_probe_path into sctp_outq_sack - [arm64,x86] ACPI: EC: Reference count query handlers under lock - scsi: ufs: Make ufshcd_add_command_trace() easier to read - scsi: ufs: Fix a race condition in the tracing code - [s390x] /cpum_sf: Use kzalloc and minor changes - [powerpc*] eeh: Only dump stack once if an MMIO loop is detected - Bluetooth: btrtl: Use kvmalloc for FW allocations - [armel,armhf] ARM: 8948/1: Prevent OOB access in stacktrace - ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter - ceph: ensure we have a new cap before continuing in fill_inode - Bluetooth: Fix refcount use-after-free issue - mm/swapfile.c: swap_next should increase position index - mm: pagewalk: fix termination condition in walk_pte_range() - Bluetooth: prefetch channel before killing sock - KVM: fix overflow of zero page refcount with ksm running - ALSA: hda: Clear RIRB status before reading WP - skbuff: fix a data race in skb_queue_len() - audit: CONFIG_CHANGE don't log internal bookkeeping as an event - selinux: sel_avc_get_stat_idx should increase position index - scsi: lpfc: Fix RQ buffer leakage when no IOCBs available - scsi: lpfc: Fix coverity errors in fmdi attribute handling - [armhf] drm/omap: fix possible object reference leak - crypto: chelsio - This fixes the kernel panic which occurs during a libkcapi test - mt76: clear skb pointers from rx aggregation reorder buffer during cleanup - ALSA: usb-audio: Don't create a mixer element with bogus volume range - [s390x] perf test: Fix test trace+probe_vfs_getname.sh on s390 - RDMA/rxe: Fix configuration of atomic queue pair attributes - [x86] KVM: x86: fix incorrect comparison in trace event - [x86] pkeys: Add check for pkey "overflow" - bpf: Remove recursion prevention from rcu free callback - [arm64,armhf] dmaengine: tegra-apb: Prevent race conditions on channel's freeing - random: fix data races at timer_rand_state - [arm64] bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host removal - media: go7007: Fix URB type for interrupt handling - Bluetooth: guard against controllers sending zero'd events - timekeeping: Prevent 32bit truncation in scale64_check_overflow() - ext4: fix a data race at inode->i_disksize - mm: avoid data corruption on CoW fault into PFN-mapped VMA - drm/amdgpu: increase atombios cmd timeout - ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read - scsi: aacraid: Disabling TM path and only processing IOP reset - Bluetooth: L2CAP: handle l2cap config request during open state - media: tda10071: fix unsigned sign extension overflow - xfs: don't ever return a stale pointer from __xfs_dir3_free_read - xfs: mark dir corrupt when lookup-by-hash fails - ext4: mark block bitmap corrupted when found instead of BUGON - nfsd: Don't add locks to closed or closing open stateids - RDMA/cm: Remove a race freeing timewait_info - [powerpc*] KVM: PPC: Book3S HV: Treat TM-related invalid form instructions on P9 like the valid ones - [arm64] drm/msm: fix leaks if initialization fails - [arm64] drm/msm/a5xx: Always set an OPP supported hardware value - serial: 8250_port: Don't service RX FIFO if throttled - [powerpc*] cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_work_fn - nvme-multipath: do not reset on unknown status - nvme: Fix controller creation races with teardown flow - RDMA/rxe: Set sys_image_guid to be aligned with HW IB devices - scsi: hpsa: correct race condition in offload enabled - SUNRPC: Fix a potential buffer overflow in 'svc_print_xprts()' - svcrdma: Fix leak of transport addresses - PCI: Use ioremap(), not phys_to_virt() for platform ROM - ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len - ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra endpoint descriptor - PCI: pciehp: Fix MSI interrupt race - NFS: Fix races nfs_page_group_destroy() vs nfs_destroy_unlinked_subrequests() - mm/kmemleak.c: use address-of operator on section symbols - mm/filemap.c: clear page error before actual read - mm/vmscan.c: fix data races using kswapd_classzone_idx - nvmet-rdma: fix double free of rdma queue - mm/mmap.c: initialize align_offset explicitly for vm_unmapped_area - scsi: qedi: Fix termination timeouts in session logout - [arm64] serial: uartps: Wait for tx_empty in console setup - [x86] KVM: Remove CREATE_IRQCHIP/SET_PIT2 race - bdev: Reduce time holding bd_mutex in sync in blkdev_close() - [x86] drivers: char: tlclk.c: Avoid data race between init and interrupt handler - [arm64] KVM: vgic-its: Fix memory leak on the error path of vgic_add_lpi() - net: openvswitch: use u64 for meter bucket - scsi: aacraid: Fix error handling paths in aac_probe_one() - staging:r8188eu: avoid skb_clone for amsdu to msdu conversion - [arm64] cpufeature: Relax checks for AArch32 support at EL[0-2] - dt-bindings: sound: wm8994: Correct required supplies based on actual implementaion - atm: fix a memory leak of vcc->user_back - Bluetooth: Handle Inquiry Cancel error after Inquiry Complete - tipc: fix memory leak in service subscripting - [armhf] tty: serial: samsung: Correct clock selection logic - ALSA: hda: Fix potential race in unsol event handler - [powerpc*] traps: Make unrecoverable NMIs die instead of panic - fuse: don't check refcount after stealing page - [powerpc*] scsi: cxlflash: Fix error return code in cxlflash_probe() - [arm64] cpufeature: Drop TraceFilt feature exposure from ID_DFR0 register - e1000: Do not perform reset in reset_task if we are already down - drm/nouveau/debugfs: fix runtime pm imbalance on error - drm/nouveau: fix runtime pm imbalance on error - drm/nouveau/dispnv50: fix runtime pm imbalance on error - printk: handle blank console arguments passed in. - [arm64,armhf] usb: dwc3: Increase timeout for CmdAct cleared by device controller - btrfs: don't force read-only after error in drop snapshot - vfio/pci: fix memory leaks of eventfd ctx - perf trace: Fix the selection for architectures to generate the errno name tables - [arm64,armhf] wlcore: fix runtime pm imbalance in wl1271_tx_work - [arm64,armhf] wlcore: fix runtime pm imbalance in wlcore_regdomain_config - [arm64,armhf] PCI: tegra: Fix runtime PM imbalance on error - ceph: fix potential race in ceph_check_caps - mm/swap_state: fix a data race in swapin_nr_pages - [armel] mtd: parser: cmdline: Support MTD names containing one or more colons - [x86] speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline - vfio/pci: Clear error and request eventfd ctx after releasing - cifs: Fix double add page to memcg when cifs_readpages - nvme: fix possible deadlock when I/O is blocked - scsi: libfc: Handling of extra kref - scsi: libfc: Skip additional kref updating work event - vfio/pci: fix racy on error and request eventfd ctx - btrfs: qgroup: fix data leak caused by race between writeback and truncate - net: openvswitch: use div_u64() for 64-by-32 divisions - nvme: explicitly update mpath disk capacity on revalidation - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1 - [s390x] init: add missing __init annotations - lockdep: fix order in trace_hardirqs_off_caller() - [amd64] drm/amdkfd: fix a memory leak issue - i2c: core: Call i2c_acpi_install_space_handler() before i2c_acpi_register_devices() - mwifiex: Increase AES key storage size to 256 bits - batman-adv: bla: fix type misuse for backbone_gw hash indexing - atm: eni: fix the missed pci_disable_device() for eni_init_one() - batman-adv: mcast/TT: fix wrongly dropped or rerouted packets - mac802154: tx: fix use-after-free - bpf: Fix clobbering of r2 in bpf_gen_ld_abs - [arm*] drm/vc4/vc4_hdmi: fill ASoC card owner - net: qed: RDMA personality shouldn't fail VF load - batman-adv: Add missing include for in_interrupt() - batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh - batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh - bpf: Fix a rcu warning for bpffs map pretty-print - [x86] ALSA: asihpi: fix iounmap in error handler - regmap: fix page selection for noinc reads - [x86] KVM: Reset MMU context if guest toggles CR4.SMAP or CR4.PKE - [x86] KVM: SVM: Add a dedicated INVD intercept routine - tracing: fix double free - [s390x] dasd: Fix zero write for FBA devices - kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() - mm, THP, swap: fix allocating cluster for swapfile by mistake - [s390x] zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl - ata: define AC_ERR_OK - ata: make qc_prep return ata_completion_errors - ata: sata_mv, avoid trigerrable BUG_ON - [arm64] KVM: Assume write fault on S1PTW permission fault on instruction fetch https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.150 - mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS models - USB: gadget: f_ncm: Fix NDP16 datagram validation - vsock/virtio: use RCU to avoid use-after-free on the_virtio_vsock - vsock/virtio: stop workers during the .remove() - vsock/virtio: add transport parameter to the virtio_transport_reset_no_sock() - net: virtio_vsock: Enhance connection semantics - Input: i8042 - add nopnp quirk for Acer Aspire 5 A515 - ftrace: Move RCU is watching check after recursion check - drm/amdgpu: restore proper ref count in amdgpu_display_crtc_set_config - drivers/net/wan/hdlc_fr: Add needed_headroom for PVC devices - [armhf] drm/sun4i: mixer: Extend regmap max_register - net: dec: de2104x: Increase receive ring size for Tulip - rndis_host: increase sleep time in the query-response loop - nvme-core: get/put ctrl and transport module in nvme_dev_open/release() - [x86,ppc64el] drivers/net/wan/hdlc: Set skb->protocol before transmitting - mac80211: do not allow bigger VHT MPDUs than the hardware supports - nvme-fc: fail new connections to a deleted host or remote port - [armhf] pinctrl: mvebu: Fix i2c sda definition for 98DX3236 - nfs: Fix security label length not being reset - [armhf] clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED - Input: trackpoint - enable Synaptics trackpoints - random32: Restore __latent_entropy attribute on net_rand_state - mm: replace memmap_context by meminit_context - mm: don't rely on system state to detect hot-plug operations - epoll: do not insert into poll queues until all sanity checks are done - epoll: replace ->visited/visited_list with generation count - epoll: EPOLL_CTL_ADD: close the race in decision to take fast path - ep_create_wakeup_source(): dentry name can change under you... - netfilter: ctnetlink: add a range check for l3/l4 protonum (CVE-2020-25211) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.151 - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts - fbcon: Fix global-out-of-bounds read in fbcon_get_font() - net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key() - drm/nouveau/mem: guard against NULL pointer access in mem_del - usermodehelper: reset umask to default before executing user process - [x86] platform/x86: intel-vbtn: Fix SW_TABLET_MODE always reporting 1 on the HP Pavilion 11 x360 - [x86] platform/x86: thinkpad_acpi: initialize tp_nvram_state variable - [x86] platform/x86: intel-vbtn: Switch to an allow-list for SW_TABLET_MODE reporting - [x86] platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse - driver core: Fix probe_count imbalance in really_probe() - [x86] i2c: i801: Exclude device from suspend direct complete optimization - [armhf] mtd: rawnand: sunxi: Fix the probe error path - nvme-core: put ctrl ref when module ref get fail - macsec: avoid use-after-free in macsec_handle_frame() - mm/khugepaged: fix filemap page_to_pgoff(page) != offset - xfrmi: drop ignore_df check before updating pmtu - cifs: Fix incomplete memory allocation on setxattr path - [arm64,armhf] i2c: meson: fix clock setting overwrite - [arm64,armhf] i2c: meson: fixup rate calculation with filter delay - sctp: fix sctp_auth_init_hmacs() error path - team: set dev->needed_headroom in team_setup_by_port() - net: team: fix memory leak in __team_options_register - openvswitch: handle DNAT tuple collision - drm/amdgpu: prevent double kfree ttm->sg - xfrm: clone XFRMA_SET_MARK in xfrm_do_migrate - xfrm: clone XFRMA_REPLAY_ESN_VAL in xfrm_do_migrate - xfrm: clone XFRMA_SEC_CTX in xfrm_do_migrate - xfrm: clone whole liftime_cur structure in xfrm_do_migrate - [arm64,armhf] net: stmmac: removed enabling eee in EEE set callback - xfrm: Use correct address family in xfrm_state_find - bonding: set dev->needed_headroom in bond_setup_by_slave() - net: usb: ax88179_178a: fix missing stop entry in driver_info - net/mlx5e: Fix VLAN cleanup flow - net/mlx5e: Fix VLAN create flow - rxrpc: Fix rxkad token xdr encoding - rxrpc: Downgrade the BUG() for unsupported token type in rxrpc_read() - rxrpc: Fix some missing _bh annotations on locking conn->state_lock - rxrpc: Fix server keyring leak - perf: Fix task_function_call() error handling - mmc: core: don't set limits.discard_granularity as 0 - mm: khugepaged: recalculate min_free_kbytes after memory hotplug as expected by khugepaged - net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.152 - Bluetooth: A2MP: Fix not initializing all members (CVE-2020-12352) - Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel (CVE-2020-12351) - Bluetooth: MGMT: Fix not checking if BT_HS is enabled - Bluetooth: Consolidate encryption handling in hci_encrypt_cfm - Bluetooth: Fix update of connection state in `hci_encrypt_cfm` - Bluetooth: Disconnect if E0 is used for Level 4 - media: usbtv: Fix refcounting mixup - USB: serial: option: add Cellient MPL200 card - USB: serial: option: Add Telit FT980-KS composition - [x86] staging: comedi: check validity of wMaxPacketSize of usb endpoints found - USB: serial: pl2303: add device-id for HP GC device - USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters - reiserfs: Initialize inode keys properly - reiserfs: Fix oops during mount - [arm*] drivers/net/ethernet/marvell/mvmdio.c: Fix non OF case (Closes: #908712) - [x86] crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.148-rt64 * Bump ABI to 12 * Revert "perf cs-etm: Move definition of 'traceid_list' global variable from header file" linux-signed-i386 (4.19.160+2) buster; urgency=medium . * Sign kernel from linux 4.19.160-2 . * net: Disable MLX5_ESWITCH on mips and mipsel (Fixes FTBFS) linux-signed-i386 (4.19.160+1) buster; urgency=medium . * Sign kernel from linux 4.19.160-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.153 - [ppc64el] ibmveth: Switch order of ibmveth_helper calls. - [ppc64el] ibmveth: Identify ingress large send packets. - ipv4: Restore flowi4_oif update before call to xfrm_lookup_route - mlx4: handle non-napi callers to napi_poll - [armhf] net: fec: Fix phy_device lookup for phy_reset_after_clk_enable() - [armhf] net: fec: Fix PHY init after phy_reset_after_clk_enable() - net: fix pos incrementment in ipv6_route_seq_next - net/smc: fix valid DMBE buffer sizes - net: usb: qmi_wwan: add Cellient MPL200 card - tipc: fix the skb_unshare() in tipc_buf_append() - net/ipv4: always honour route mtu during forwarding - r8169: fix data corruption issue on RTL8402 - [arm*] binder: fix UAF when releasing todo list (CVE-2020-0423) - ALSA: bebob: potential info leak in hwdep_read() - net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device - [x86,ppc64el] net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling ether_setup - net/sched: act_tunnel_key: fix OOB write in case of IPv6 ERSPAN tunnels - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() - tcp: fix to update snd_wl1 in bulk receiver fast path - r8169: fix operation under forced interrupt threading - icmp: randomize the global rate limiter (CVE-2020-25705) - ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887 - cifs: remove bogus debug code - cifs: Return the error from crypt_message when enc/dec key not found. - [x86] KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages - [x86] KVM: SVM: Initialize prev_ga_tag before use - crypto: algif_aead - Do not set MAY_BACKLOG on the async path - [x86] EDAC/i5100: Fix error handling order in i5100_init_one() - [x86] fpu: Allow multiple bits in clearcpuid= parameter - [arm64] drivers/perf: xgene_pmu: Fix uninitialized resource struct - [x86] nmi: Fix nmi_handle() duration miscalculation - [amd64] x86/events/amd/iommu: Fix sizeof mismatch - crypto: algif_skcipher - EBUSY on aio should be an error - media: tuner-simple: fix regression in simple_set_radio_freq - media: uvcvideo: Set media controller entity functions - media: uvcvideo: Silence shift-out-of-bounds warning - [armhf] media: omap3isp: Fix memleak in isp_probe - [armhf] media: ti-vpe: Fix a missing check and reference count leak - regulator: resolve supply after creating regulator - ath10k: provide survey info as accumulated data - Bluetooth: hci_uart: Cancel init work before unregistering - ath6kl: prevent potential array overflow in ath6kl_add_new_sta() - ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() - ath10k: Fix the size used in a 'dma_free_coherent()' call in an error handling path - [arm64] wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 - [arm64] ASoC: qcom: lpass-platform: fix memory leak - [arm64] ASoC: qcom: lpass-cpu: fix concurrency issue - brcmfmac: check ndev pointer - mwifiex: Do not use GFP_KERNEL in atomic context - [x86] staging: rtl8192u: Do not use GFP_KERNEL in atomic context - [x86] drm/gma500: fix error check - scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()' - scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() - scsi: csiostor: Fix wrong return value in csio_hw_prep_fw() - [x86] VMCI: check return value of get_user_pages_fast() for errors - [ppc64el] tty: hvcs: Don't NULL tty->driver_data until hvcs_cleanup() - pty: do tty_flip_buffer_push without port->lock in pty_write - [x86] pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare() - [x86] pwm: lpss: Add range limit check for the base_unit register value - [x86] video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error - video: fbdev: sis: fix null ptr dereference - video: fbdev: radeon: Fix memleak in radeonfb_pci_register - HID: roccat: add bounds checking in kone_sysfs_write_settings() - [armhf] pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser - [armhf] pinctrl: mcp23s08: Fix mcp23x17 precious range - net/mlx5: Don't call timecounter cyc2time directly from 1PPS flow - [arm64,armhf] net: stmmac: use netif_tx_start|stop_all_queues() function - [arm64] cpufreq: armada-37xx: Add missing MODULE_DEVICE_TABLE - ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd() - [amd64] misc: mic: scif: Fix error handling path - [arm*] usb: dwc2: Fix parameter type in function pointer prototype - quota: clear padding in v2r1_mem2diskdqb() - HID: hid-input: fix stylus battery reporting - net: enic: Cure the enic api locking trainwreck - [mips*] mfd: sm501: Fix leaks in probe() - iwlwifi: mvm: split a print to avoid a WARNING in ROC - usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above. - usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well - nl80211: fix non-split wiphy information - [arm*] usb: dwc2: Fix INTR OUT transfers in DDMA mode. - scsi: target: tcmu: Fix warning: 'page' may be used uninitialized - scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs() - mwifiex: fix double free - ipvs: clear skb->tstamp in forwarding path - netfilter: nf_log: missing vlan offload tag and proto - mm/memcg: fix device private memcg accounting - mm, oom_adj: don't loop through tasks in __set_oom_adj when not necessary - IB/mlx4: Fix starvation in paravirt mux/demux - IB/mlx4: Adjust delayed work when a dup is observed - [powerpc*] pseries: Fix missing of_node_put() in rng_init() - [powerpc*] icp-hv: Fix missing of_node_put() in success path - RDMA/ucma: Fix locking for ctx->events_reported - RDMA/ucma: Add missing locking around rdma_leave_multicast() - [powerpc*] pseries: explicitly reschedule during drmem_lmb list traversal - mtd: mtdoops: Don't write panic data twice - [armel,armhf] ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values - xfs: limit entries returned when counting fsmap records - xfs: fix high key handling in the rt allocator's query_range function - RDMA/qedr: Fix use of uninitialized field - RDMA/qedr: Fix inline size returned for iWARP https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.154 - [powerpc*] 64s/radix: Fix mm_cpumask trimming race vs kthread_use_mm - RDMA/cma: Remove dead code for kernel rdmacm multicast - RDMA/cma: Consolidate the destruction of a cma_multicast in one place - [arm64] RDMA/hns: Set the unsupported wr opcode - [arm64] RDMA/hns: Fix missing sq_sig_type when querying QP - overflow: Include header file with SIZE_MAX declaration - [powerpc*] perf: Exclude pmc5/6 from the irrelevant PMU group constraints - [poerpc*] cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier - IB/rdmavt: Fix sizeof mismatch - f2fs: wait for sysfs kobject removal before freeing f2fs_sb_info - lib/crc32.c: fix trivial typo in preprocessor condition - rapidio: fix error handling path - rapidio: fix the missed put_device() for rio_mport_add_riodev - mailbox: avoid timer start from callback - [arm64,armhf] clk: rockchip: Initialize hw to error to avoid undefined behavior - [arm*] clk: bcm2835: add missing release if devm_clk_hw_register fails - watchdog: Fix memleak in watchdog_cdev_register - watchdog: Use put_device on error - svcrdma: fix bounce buffers for unaligned offsets and multiple pages - ext4: limit entries returned when counting fsmap records - vfio/pci: Clear token on bypass registration failure - [amd64,arm64] vfio iommu type1: Fix memory leak in vfio_iommu_type1_pin_pages - SUNRPC: fix copying of multiple pages in gss_read_proxy_verf() - [armhf] Input: omap4-keypad - fix handling of platform_get_irq() error - [armhf] Input: twl4030_keypad - fix handling of platform_get_irq() error - [armhf] Input: sun4i-ps2 - fix handling of platform_get_irq() error - [x86] KVM: emulating RDPID failure shall return #UD rather than #GP - netfilter: conntrack: connection timeout after re-register - netfilter: nf_fwd_netdev: clear timestamp in forwarding path - [armhf] dts: sun8i: r40: bananapi-m2-ultra: Fix dcdc1 regulator - [armhf] memory: omap-gpmc: Fix a couple off by ones - [powerpc*] powernv/dump: Fix race while processing OPAL dump - nvmet: fix uninitialized work for zero kato - [x86,arm64] i2c: core: Restore acpi_walk_dep_device_list() getting called after registering the ACPI i2c devs - block: ratelimit handle_bad_sector() message - [x86] crypto: ccp - fix error handling - media: firewire: fix memory leak - media: ati_remote: sanity check for both endpoints - media: media/pci: prevent memory leak in bttv_probe - media: uvcvideo: Ensure all probed info is returned to v4l2 - mmc: sdio: Check for CISTPL_VERS_1 buffer size - media: saa7134: avoid a shift overflow - fs: dlm: fix configfs memory leak - [arm64] media: venus: core: Fix runtime PM imbalance in venus_probe - ip_gre: set dev->hard_header_len and dev->needed_headroom properly - mac80211: handle lack of sband->bitrates in rates - PM: hibernate: remove the bogus call to get_gendisk() in software_resume() - scsi: mvumi: Fix error return in mvumi_io_attach() - scsi: target: core: Add CONTROL field for trace events - [amd64] mic: vop: copy data to kernel space then write to io memory - [amd64] misc: vop: add round_up(x,4) for vring_size to avoid kernel panic - usb: gadget: function: printer: fix use-after-free in __lock_acquire - udf: Limit sparing table size - udf: Avoid accessing uninitialized data on failed inode read - USB: cdc-acm: handle broken union descriptors - [arm64,armhf] usb: dwc3: simple: add support for Hikey 970 - [armhf] can: flexcan: flexcan_chip_stop(): add error handling and propagate error value - ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs() - misc: rtsx: Fix memory leak in rtsx_pci_probe - reiserfs: only call unlock_new_inode() if I_NEW - xfs: make sure the rt allocator doesn't run off the end - usb: ohci: Default to per-port over-current protection - Bluetooth: Only mark socket zapped after unlocking - [ppc64el] scsi: ibmvfc: Fix error return in ibmvfc_probe() - brcmsmac: fix memory leak in wlc_phy_attach_lcnphy - rtl8xxxu: prevent potential memory leak - Fix use after free in get_capset_info callback. - scsi: qedi: Protect active command list to avoid list corruption - scsi: qedi: Fix list_del corruption while removing active I/O - [x86] tty: ipwireless: fix error handling - ipvs: Fix uninit-value in do_ip_vs_set_ctl() - reiserfs: Fix memory leak in reiserfs_parse_options() - mwifiex: don't call del_timer_sync() on uninitialized timer - brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach - usb: core: Solve race condition in anchor cleanup functions - ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n() - usb: cdc-acm: add quirk to blacklist ETAS ES58X devices - USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync(). - eeprom: at25: set minimum read/write access stride to 1 - usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets. https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.155 - scripts/setlocalversion: make git describe output more reliable - [arm64] Run ARCH_WORKAROUND_1 enabling code on all CPUs - [arm64] link with -z norelro regardless of CONFIG_RELOCATABLE - [x86,arm64,armhf] efivarfs: Replace invalid slashes with exclamation marks in dentries. - gtp: fix an use-before-init in gtp_newlink() - netem: fix zero division in tabledist - tcp: Prevent low rmem stalls with SO_RCVLOWAT. - tipc: fix memory leak caused by tipc_buf_append() - r8169: fix issue with forced threading in combination with shared interrupts - cxgb4: set up filter action after rewrites - [x86] arch/x86/amd/ibs: Fix re-arming IBS Fetch - [x86] xen: disable Firmware First mode for correctable memory errors - fuse: fix page dereference after free - bpf: Fix comment for helper bpf_current_task_under_cgroup() - p54: avoid accessing the data mapped to streaming DMA - [powerpc*] cxl: Rework error message for incompatible slots - RDMA/addr: Fix race with netevent_callback()/rdma_addr_cancel() - mtd: lpddr: Fix bad logic in print_drs_error - [arm*] serial: pl011: Fix lockdep splat when handling magic-sysrq interrupt - fscrypt: return -EXDEV for incompatible rename or link into encrypted dir - fscrypt: clean up and improve dentry revalidation - fscrypt: fix race allowing rename() and link() of ciphertext dentries - fs, fscrypt: clear DCACHE_ENCRYPTED_NAME when unaliasing directory - fscrypt: only set dentry_operations on ciphertext dentries - fscrypt: fix race where ->lookup() marks plaintext dentry as ciphertext - Revert "block: ratelimit handle_bad_sector() message" - xen/events: don't use chip_data for legacy IRQs - xen/events: avoid removing an event channel while handling it (CVE-2020-27675) - xen/events: add a proper barrier to 2-level uevent unmasking (CVE-2020-27673) - xen/events: fix race in evtchn_fifo_unmask() (CVE-2020-27673) - xen/events: add a new "late EOI" evtchn framework (CVE-2020-27673) - xen/blkback: use lateeoi irq binding (CVE-2020-27673) - xen/netback: use lateeoi irq binding (CVE-2020-27673) - xen/scsiback: use lateeoi irq binding (CVE-2020-27673) - xen/pvcallsback: use lateeoi irq binding (CVE-2020-27673) - xen/pciback: use lateeoi irq binding (CVE-2020-27673) - xen/events: switch user event channels to lateeoi model (CVE-2020-27673) - xen/events: use a common cpu hotplug hook for event channels (CVE-2020-27673) - xen/events: defer eoi in case of excessive number of events (CVE-2020-27673) - xen/events: block rogue events for some time (CVE-2020-27673) - RDMA/qedr: Fix memory leak in iWARP CM - ata: sata_nv: Fix retrieving of active qcs - futex: Fix incorrect should_fail_futex() handling - [powerpc*] powernv/smp: Fix spurious DBG() warning - mm: fix exec activate_mm vs TLB shootdown and lazy tlb switching race - [powerpc*] select ARCH_WANT_IRQS_OFF_ACTIVATE_MM - f2fs: add trace exit in exception path - f2fs: fix uninit-value in f2fs_lookup - f2fs: fix to check segment boundary during SIT page readahead - [armel,armhf] 8997/2: hw_breakpoint: Handle inexact watchpoint addresses - power: supply: bq27xxx: report "not charging" on all types - xfs: fix realtime bitmap/summary file truncation when growing rt volume - ath10k: fix VHT NSS calculation when STBC is enabled - media: videodev2.h: RGB BT2020 and HSV are always full range - [x86] usb: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart - media: tw5864: check status of tw5864_frameinterval_get - mmc: via-sdmmc: Fix data race bug - [arm64] topology: Stop using MPIDR for topology information - media: uvcvideo: Fix dereference of out-of-bound list iterator - USB: adutux: fix debugging - uio: free uio id after uio file node is freed - usb: xhci: omit duplicate actions when suspending a runtime suspended host. - [arm64] mm: return cpu_all_mask when node is NUMA_NO_NODE - xfs: don't free rt blocks when we're doing a REMAP bunmapi call - ACPI: Add out of bounds and numa_off protections to pxm_to_node() - drivers/net/wan/hdlc_fr: Correctly handle special skb->protocol values - btrfs: fix replace of seed device - md/bitmap: md_bitmap_get_counter returns wrong blocks - bnxt_en: Log unknown link speed appropriately. - [arm64] rpmsg: glink: Use complete_all for open states - [armhf] clk: ti: clockdomain: fix static checker warning - net: 9p: initialize sun_server.sun_path to have addr's value only when addr is valid - ext4: Detect already used quota file early - gfs2: add validation checks for size of superblock - cifs: handle -EINTR in cifs_setattr - [armhf] memory: emif: Remove bogus debugfs error handling - nbd: make the config put is called before the notifying the waiter - sgl_alloc_order: fix memory leak - nvme-rdma: fix crash when connect rejected - md/raid5: fix oops during stripe resizing - [x86,arm64] mmc: sdhci-acpi: AMDI0040: Set SDHCI_QUIRK2_PRESET_VALUE_BROKEN - [x86] perf/x86/amd/ibs: Don't include randomized bits in get_ibs_op_count() - [x86] perf/x86/amd/ibs: Fix raw sample data accumulation - media: uvcvideo: Fix uvc_ctrl_fixup_xu_info() not having any effect - fs: Don't invalidate page buffers in block_write_full_page() - NFS: fix nfs_path in case of a rename retry - ACPI: button: fix handling lid state changes when input device closed - [x86] ACPI / extlog: Check for RDMSR failure (Closes: #971058) - [x86] ACPI: video: use ACPI backlight for HP 635 Notebook - [x86] acpi-cpufreq: Honor _PSD table setting on new AMD CPUs - scsi: mptfusion: Fix null pointer dereferences in mptscsih_remove() - scsi: qla2xxx: Fix crash on session cleanup with unload - btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode - btrfs: improve device scanning messages - btrfs: reschedule if necessary when logging directory items - btrfs: send, recompute reference path after orphanization of a directory - btrfs: use kvzalloc() to allocate clone_roots in btrfs_ioctl_send() - btrfs: cleanup cow block on error - btrfs: fix use-after-free on readahead extent after failure to create it - usb: xhci: Workaround for S3 issue on AMD SNPS 3.0 xHC - [arm64,armhf] usb: dwc3: ep0: Fix ZLP for OUT ep0 requests - [arm64,armhf] usb: dwc3: gadget: Check MPS of the request length - [arm64,armhf] usb: dwc3: core: add phy cleanup for probe error handling - [arm64,armhf] usb: dwc3: core: don't trigger runtime pm when remove driver - usb: cdc-acm: fix cooldown mechanism - [x86] usb: typec: tcpm: reset hard_reset_count for any disconnect - [x86] drm/i915: Force VT'd workarounds when running as a guest OS - vt: keyboard, simplify vt_kdgkbsent - vt: keyboard, extend func_buf_lock to readers (CVE-2020-25656) - HID: wacom: Avoid entering wacom_wac_pen_report for pad / battery - udf: Fix memory leak when mounting - [powerpc*] drmem: Make lmb_size 64 bit - [s390x] stp: add locking to sysfs functions - [powerpc*] rtas: Restrict RTAS requests from userspace (CVE-2020-27777) - [powerpc*] Warn about use of smt_snooze_delay - [powerpc*] powernv/elog: Fix race while processing OPAL error log event. - [powerpc*] Fix undetected data corruption with P9N DD2.1 VSX CI load emulation - NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag - NFSD: Add missing NFSv2 .pc_func methods - ubifs: dent: Fix some potential memory leaks while iterating entries - perf python scripting: Fix printable strings in python3 scripts - ubi: check kthread_should_stop() after the setting of task state - [armhf] i2c: imx: Fix external abort on interrupt in exit paths - drm/amdgpu: don't map BO in reserved region - ceph: promote to unsigned long long before shifting - libceph: clear con->out_msg on Policy::stateful_server faults - 9P: Cast to loff_t before multiplying - ring-buffer: Return 0 on success from ring_buffer_resize() - [amd64] vringh: fix __vringh_iov() when riov and wiov are different - ext4: fix leaking sysfs kobject after failed mount - ext4: fix error handling code in add_new_gdb - ext4: fix invalid inode checksum - drm/ttm: fix eviction valuable range check. - tty: make FONTX ioctl use the tty pointer they were actually passed (CVE-2020-25668) - cachefiles: Handle readpage error correctly - device property: Keep secondary firmware node secondary by type - device property: Don't clear secondary pointer for shared primary firmware node - [arm64] KVM: Fix AArch32 handling of DBGD{CCINT,SCRext} and DBGVCR - [x86] staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice - [mips*] staging: octeon: repair "fixed-link" support - [mips*] staging: octeon: Drop on uncorrectable alignment or FCS error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.156 - [x86] drm/i915: Break up error capture compression loops with cond_resched() - tipc: fix use-after-free in tipc_bcast_get_mode - ptrace: fix task_join_group_stop() for the case when current is traced - [arm64] cadence: force nonlinear buffers to be cloned - net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition - sctp: Fix COMM_LOST/CANT_STR_ASSOC err reporting on big-endian platforms - [arm64,armhf] sfp: Fix error handing in sfp_probe() - blktrace: fix debugfs use after free (CVE-2019-19770) - btrfs: extent_io: Kill the forward declaration of flush_write_bio - btrfs: extent_io: Move the BUG_ON() in flush_write_bio() one level up - Revert "btrfs: flush write bio if we loop in extent_write_cache_pages" - btrfs: flush write bio if we loop in extent_write_cache_pages - btrfs: extent_io: Handle errors better in extent_write_full_page() - btrfs: extent_io: Handle errors better in btree_write_cache_pages() - btrfs: extent_io: add proper error handling to lock_extent_buffer_for_io() - Btrfs: fix unwritten extent buffers and hangs on future writeback attempts - btrfs: Don't submit any btree write bio if the fs has errors (CVE-2019-19039, CVE-2019-19377) - btrfs: Move btrfs_check_chunk_valid() to tree-check.[ch] and export it - btrfs: tree-checker: Make chunk item checker messages more readable - btrfs: tree-checker: Make btrfs_check_chunk_valid() return EUCLEAN instead of EIO - btrfs: tree-checker: Check chunk item at tree block read time - btrfs: tree-checker: Verify dev item - btrfs: tree-checker: Fix wrong check on max devid - btrfs: tree-checker: Enhance chunk checker to validate chunk profile (CVE-2019-19816) - btrfs: tree-checker: Verify inode item - btrfs: tree-checker: fix the error message for transid error - Fonts: Replace discarded const qualifier - ALSA: usb-audio: Add implicit feedback quirk for Zoom UAC-2 - ALSA: usb-audio: add usb vendor id as DSD-capable for Khadas devices - ALSA: usb-audio: Add implicit feedback quirk for Qu-16 - ALSA: usb-audio: Add implicit feedback quirk for MODX - mm: mempolicy: fix potential pte_unmap_unlock pte error - kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled - mm: always have io_remap_pfn_range() set pgprot_decrypted() - gfs2: Wake up when sd_glock_disposal becomes zero - ring-buffer: Fix recursion protection transitions between interrupt context - ftrace: Fix recursion check for NMI test - ftrace: Handle tracing when switching between context - tracing: Fix out of bounds write in get_trace_buf - futex: Handle transient "ownerless" rtmutex state correctly - [amd64] x86/kexec: Use up-to-dated screen_info copy to fill boot params - of: Fix reserved-memory overlap detection - blk-cgroup: Fix memleak on error path - blk-cgroup: Pre-allocate tree node on blkg_conf_prep - scsi: core: Don't start concurrent async scan on same host - vsock: use ns_capable_noaudit() on socket create - [arm*] drm/vc4: drv: Add error handding for bind - [amd64,arm64] ACPI: NFIT: Fix comparison to '-ENXIO' - vt: Disable KD_FONT_OP_COPY (CVE-2020-28974) - fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent - USB: serial: cyberjack: fix write-URB completion race - USB: serial: option: add Quectel EC200T module support - USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 - USB: serial: option: add Telit FN980 composition 0x1055 - USB: Add NO_LPM quirk for Kingston flash drive - PM: runtime: Resume the device earlier in __device_release_driver() - perf/core: Fix a memory leak in perf_event_parse_addr_filter() (CVE-2020-25704) - tools: perf: Fix build error in v4.19.y - [arm64,armhf] net: dsa: read mac address from DT for slave device - [arm64] dts: marvell: espressobin: Add ethernet switch aliases https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.157 - [x86] powercap: restrict energy meter to root access (CVE-2020-8694) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.158 - regulator: defer probe when trying to get voltage from unresolved supply - time: Prevent undefined behaviour in timespec64_to_ns() - nbd: don't update block size after device is started - [arm64,armhf] usb: dwc3: gadget: Continue to process pending requests - [arm64,armhf] usb: dwc3: gadget: Reclaim extra TRBs after request completion - btrfs: sysfs: init devices outside of the chunk_mutex - btrfs: reschedule when cloning lots of extents - [x86] hv_balloon: disable warning when floor reached - net: xfrm: fix a race condition during allocing spi - xfs: set xefi_discard when creating a deferred agfl free log intent item - netfilter: ipset: Update byte and packet counters regardless of whether they match - perf tools: Add missing swap for ino_generation - [x86] ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() - can: rx-offload: don't call kfree_skb() from IRQ context - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() - can: peak_usb: add range checking in decode operations - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on - [armhf] can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A - xfs: flush new eof page on truncate to avoid post-eof corruption - [arm64,x86] tpm: efi: Don't create binary_bios_measurements file for an empty log - Btrfs: fix missing error return if writeback for extent buffer never started - ath9k_htc: Use appropriate rs_datalen type - netfilter: use actual socket sk rather than skb sk when routing harder - gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free - gfs2: Add missing truncate_inode_pages_final for sd_aspace - gfs2: check for live vs. read-only file system in gfs2_fitrim - scsi: hpsa: Fix memory leak in hpsa_init_one() - drm/amdgpu: perform srbm soft reset always on SDMA resume - mac80211: fix use of skb payload instead of header - cfg80211: regulatory: Fix inconsistent format argument - scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() - [s390x] smp: move rcu_cpu_starting() earlier - [x86] tpm_tis: Disable interrupts on ThinkPad T490s - tick/common: Touch watchdog in tick_unfreeze() on all CPUs - [x86] pinctrl: intel: Set default bias in case no particular value given - [armel,armhf] 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template - nbd: fix a block_device refcount leak in nbd_release - xfs: fix flags argument to rmap lookup when converting shared file rmaps - xfs: fix rmap key and record comparison functions - lan743x: fix "BUG: invalid wait context" when setting rx mode - xfs: fix a missing unlock on error in xfs_fs_map_blocks - of/address: Fix of_node memory leak in of_dma_is_coherent - [i386] cosa: Add missing kfree in error path of cosa_write - perf: Fix get_recursion_context() - ext4: correctly report "not supported" for {usr,grp}jquota when !CONFIG_QUOTA - ext4: unlock xattr_sem properly in ext4_inline_data_truncate() - btrfs: dev-replace: fail mount if we don't have replace item with target device - [x86] thunderbolt: Fix memory leak if ida_simple_get() fails in enumerate_services() - [x86] thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() - uio: Fix use-after-free in uio_unregister_device() - usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode - futex: Don't enable IRQs unconditionally in put_pi_state() - ocfs2: initialize ip_next_orphan - btrfs: fix potential overflow in cluster_pages_for_defrag on 32bit arch - selinux: Fix error return code in sel_ib_pkey_sid_slow() - gpio: pcie-idio-24: Fix irq mask when masking - gpio: pcie-idio-24: Fix IRQ Enable Register value - gpio: pcie-idio-24: Enable PEX8311 interrupts - don't dump the threads that had been already exiting when zapped. - [x86] drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[] - pinctrl: amd: use higher precision for 512 RtcClk - pinctrl: amd: fix incorrect way to disable debounce filter - swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb" - IPv6: Set SIT tunnel hard_header_len to zero - [s390x] net/af_iucv: fix null pointer dereference on shutdown - net: Update window_clamp if SOCK_RCVBUF is set - tipc: fix memory leak in tipc_topsrv_start() - vrf: Fix fast path output packet handling with async Netfilter rules - r8169: fix potential skb double free in an error path - random32: make prandom_u32() output unpredictable - [x86] speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP - perf/core: Fix race in the perf_mmap_close() function (CVE-2020-14351) - Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint" - reboot: fix overflow parsing reboot cpu number - net: sch_generic: fix the missing new qdisc assignment bug - Convert trailing spaces and periods in path components https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.159 - [powerpc*] 64s: move some exception handlers out of line - [powerpc*] 64s: flush L1D on kernel entry (CVE-2020-4788) - [powerpc*] Add a framework for user access tracking - [powerpc*] Implement user_access_begin and friends - [powerpc*] Fix __clear_user() with KUAP enabled - [powerpc*] uaccess: Evaluate macro arguments once, before user access is allowed - [powerpc*] 64s: flush L1D after user accesses (CVE-2020-4788) - Revert "perf cs-etm: Move definition of 'traceid_list' global variable from header file" - Input: sunkbd - avoid use-after-free in teardown paths (CVE-2020-25669) - mac80211: always wind down STA state - can: proc: can_remove_proc(): silence remove_proc_entry warning - [x86] KVM: x86: clflushopt should be treated as a no-op by emulation - [arm64] ACPI: GED: fix -Wformat https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.160 - ah6: fix error return code in ah6_input() - atm: nicstar: Unmap DMA on send error - bnxt_en: read EEPROM A2h address using page 0 - devlink: Add missing genlmsg_cancel() in devlink_nl_sb_port_pool_fill() - inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill() - lan743x: fix issue causing intermittent kernel log warnings - lan743x: prevent entire kernel HANG on open, for some platforms - net: b44: fix error return code in b44_init_one() - net: bridge: add missing counters to ndo_get_stats64 callback - [arm64,armhf] net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 - net: Have netpoll bring-up DSA management interface - net/mlx4_core: Fix init_hca fields offset - page_frag: Recover from memory pressure - qed: fix error return code in qed_iwarp_ll2_start() - qlcnic: fix error return code in qlcnic_83xx_restart_hw() - sctp: change to hold/put transport for proto_unreach_timer - tcp: only postpone PROBE_RTT if RTT is < current min_rtt estimate - [arm64,armhf] net/mlx5: Disable QoS when min_rates on all VFs are zero - net: usb: qmi_wwan: Set DTR quirk for MR400 - [arm64,armhf] pinctrl: rockchip: enable gpio pclk for rockchip_gpio_to_irq - scsi: ufs: Fix unbalanced scsi_block_reqs_cnt caused by ufshcd_hold() - [x86] ACPI: button: Add DMI quirk for Medion Akoya E2228T - [arm64] psci: Avoid printing in cpu_psci_cpu_die() - vfs: remove lockdep bogosity in __sb_start_write - [arm64] dts: allwinner: a64: Pine64 Plus: Fix ethernet node - [arm64] dts: allwinner: h5: OrangePi PC2: Fix ethernet node - [armhf] dts: sun8i: r40: bananapi-m2-ultra: Fix ethernet node - [armhf] Revert "arm: sun8i: orangepi-pc-plus: Set EMAC activity LEDs to active high" - [armhf] dts: sun8i: h3: orangepi-plus2e: Enable RGMII RX/TX delay on Ethernet PHY - [armhf] dts: sun8i: a83t: Enable both RGMII RX/TX delay on Ethernet PHY - [arm64] dts: allwinner: a64: bananapi-m64: Enable RGMII RX/TX delay on PHY - [mips*] export has_transparent_hugepage() for modules - [arm64] dts: allwinner: h5: OrangePi Prime: Fix ethernet node - perf lock: Don't free "lock_seq_stat" if read_count isn't zero - ip_tunnels: Set tunnel option flag when tunnel metadata is present - can: af_can: prevent potential access of uninitialized member in can_rcv() - can: af_can: prevent potential access of uninitialized member in canfd_rcv() - can: dev: can_restart(): post buffer from the right context - can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() - can: peak_usb: fix potential integer overflow on shift of a int - [arm64] ASoC: qcom: lpass-platform: Fix memory leak - [arm64,armhf] drm/sun4i: dw-hdmi: fix error return code in sun8i_dw_hdmi_bind() - can: kvaser_usb: kvaser_usb_hydra: Fix KCAN bittiming limits - [armhf] regulator: ti-abb: Fix array out of bound read access on the first transition - xfs: revert "xfs: fix rmap key and record comparison functions" - [amd64] efi/x86: Free efi_pgd with free_pages() - libfs: fix error cast of negative value in simple_attr_write() - speakup: Do not let the line discipline be used several times (CVE-2020-28941) - ALSA: firewire: Clean up a locking issue in copy_resp_to_buf() - ALSA: usb-audio: Add delay quirk for all Logitech USB devices - ALSA: ctl: fix error path at adding user-defined element set - ALSA: mixart: Fix mutex deadlock - ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220) - [armhf] tty: serial: imx: keep console clocks always on - [arm64,armhf,x86] efivarfs: fix memory leak in efivarfs_create() - [arm64,x86] staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids - ext4: fix bogus warning in ext4_update_dx_flag() - [x86] iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum - [x86] iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode - [armhf] regulator: pfuze100: limit pfuze-support-disable-sw to pfuze{100,200} - regulator: fix memory leak with repeated set_machine_constraints() - regulator: avoid resolve_supply() infinite recursion - regulator: workaround self-referent regulators - mac80211: minstrel: remove deferred sampling code - mac80211: minstrel: fix tx status processing corner case - mac80211: free sta in sta_info_insert_finish() on errors - [s390x] cpum_sf.c: fix file permission for cpum_sfb_size - [s390x] dasd: fix null pointer dereference for ERP requests - ptrace: Set PF_SUPERPRIV when checking capability - seccomp: Set PF_SUPERPRIV when checking capability - [x86] microcode/intel: Check patch signature before saving microcode for early loading - mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() . [ Salvatore Bonaccorso ] * net: Enable NET_SWITCHDEV; disable on armel/marvell (Closes: #949863) * Bump ABI to 13 * [rt] Update to 4.19.152-rt65 * [rt] Refresh "mm: Protect activate_mm() by preempt_[disable&enable]_rt()" * [rt] Refresh "kthread: convert worker lock to raw spinlock" * [rt] Refresh "signals: Allow rt tasks to cache one sigqueue struct" * [rt] Refresh "tpm_tis: fix stall after iowrite*()s" * [rt] Refresh "futex: Delay deallocation of pi_state" * [rt] Refresh "futex: Make the futex_hash_bucket spinlock_t again" * [rt] Update to 4.19.152-rt66 - mm/memcontrol: Disable preemption in __mod_memcg_lruvec_state() - ptrace: fix ptrace_unfreeze_traced() race with rt-lock * [rt] Update to 4.19.160-rt69 . [ Noah Meyerhans ] * Backport upstream fix for PCI bridge firmware configuration preservation (Closes: #968623) . [ John L. Villalovos ] * Backport support for USB Host Controllers with local memory to avoid crashes. In particular the Renesas USB 3.0 controller (PD720201/PD720202) which is used on the Ampere's Mt Jade platform which is part of their Altra product line: - lib/genalloc: add gen_pool_dma_zalloc() for zeroed DMA allocations - USB: use genalloc for USB HCs with local memory - USB: drop HCD_LOCAL_MEM flag - usb: don't create dma pools for HCDs with a localmem_pool - usb: add a hcd_uses_dma helper - usb: host: ohci-sm501: init genalloc for local memory - usb/hcd: Fix a NULL vs IS_ERR() bug in usb_hcd_setup_local_mem() * [arm64] config/arm64/config: Set NODES_SHIFT to 4 . [ Yves-Alexis Perez ] * usbnet: ipheth: fix connectivity with iOS 14 linux-signed-i386 (4.19.152+1) buster-security; urgency=high . * Sign kernel from linux 4.19.152-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.147 - [arm64,armhf] dsa: Allow forwarding of redirected IGMP traffic - scsi: qla2xxx: Update rscn_rcvd field to more meaningful scan_needed - scsi: qla2xxx: Move rport registration out of internal work_list - scsi: qla2xxx: Reduce holding sess_lock to prevent CPU lock-up - net: handle the return value of pskb_carve_frag_list() correctly - [x86] hv_netvsc: Remove "unlikely" from netvsc_select_queue - NFSv4.1 handle ERR_DELAY error reclaiming locking state on delegation recall - scsi: pm8001: Fix memleak in pm8001_exec_internal_task_abort - scsi: libfc: Fix for double free() - scsi: lpfc: Fix FLOGI/PLOGI receive race condition in pt2pt discovery - [arm64] regulator: pwm: Fix machine constraints application - NFS: Zero-stateid SETATTR should first return delegation - SUNRPC: stop printk reading past end of string - nvme-fc: cancel async events before freeing event struct - nvme-rdma: cancel async events before freeing event struct - f2fs: fix indefinite loop scanning for free nid - f2fs: Return EOF on unaligned end of file DIO read - i2c: algo: pca: Reapply i2c bus settings after reset - spi: Fix memory leak on splited transfers - [arm64,armhf] clk: rockchip: Fix initialization of mux_pll_src_4plls_p - [arm64] ASoC: qcom: Set card->owner to avoid warnings - [x86] Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload - fbcon: Fix user font detection test at fbcon_resize(). - USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin notebook - USB: UAS: fix disconnect by unplugging a hub - usblp: fix race between disconnect() and read() - [x86] i2c: i801: Fix resume bug - Revert "ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO" - percpu: fix first chunk size calculation for populated bitmap - Input: trackpoint - add new trackpoint variant IDs - serial: 8250_pci: Add Realtek 816a and 816b - ehci-hcd: Move include to keep CRC stable - [powerpc*] dma: Fix dma_map_ops::get_required_mask https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.148 - af_key: pfkey_dump needs parameter validation - KVM: fix memory leak in kvm_io_bus_unregister_dev() - kprobes: fix kill kprobe which has been marked as gone - mm/thp: fix __split_huge_pmd_locked() for migration PMD - cxgb4: Fix offset when clearing filter byte counters - geneve: add transport ports in route lookup for geneve (CVE-2020-25645) - [x86,ppc64el] hdlc_ppp: add range checks in ppp_cp_parse_cr() (CVE-2020-25643) - ip: fix tos reflection in ack and reset packets - ipv6: avoid lockdep issue in fib6_del() - net: DCB: Validate DCB_ATTR_DCB_BUFFER argument - net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC - net: sch_generic: aviod concurrent reset and enqueue op for lockless qdisc - nfp: use correct define to return NONE fec - tipc: Fix memory leak in tipc_group_create_member() - tipc: fix shutdown() of connection oriented socket - tipc: use skb_unshare() instead in tipc_buf_append() - bnxt_en: return proper error codes in bnxt_show_temp - bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex. - net: phy: Avoid NPD upon phy_detach() when driver is unbound - net: add __must_check to skb_put_padto() - ipv4: Update exception handling for multipath routes via same device - kbuild: add OBJSIZE variable for the size tool - mm: memcg: fix memcg reclaim soft lockup - tcp_bbr: refactor bbr_target_cwnd() for general inflight provisioning - tcp_bbr: adapt cwnd based on ack aggregation estimation - serial: 8250: Avoid error message on reprobe https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.149 - selinux: allow labeling before policy is loaded - media: mc-device.c: fix memleak in media_device_register_entity - dma-fence: Serialise signal enabling (dma_fence_enable_sw_signaling) - ath10k: fix array out-of-bounds access - ath10k: fix memory leak for tpc_stats_final - mm: fix double page fault on arm64 if PTE_AF is cleared - scsi: aacraid: fix illegal IO beyond last LBA - [x86] gma/gma500: fix a memory disclosure bug due to uninitialized bytes - [armel,armhf] ASoC: kirkwood: fix IRQ error handling - [amd64] arch/x86/lib/usercopy_64.c: fix __copy_user_flushcache() cache writeback - [x86] ioapic: Unbreak check_timer() - ALSA: usb-audio: Add delay quirk for H570e USB headsets - ALSA: hda/realtek - Couldn't detect Mic if booting with headset plugged - ALSA: hda/realtek: Enable front panel headset LED on Lenovo ThinkStation P520 - lib/string.c: implement stpcpy - [armhf] PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out - [x86] scsi: fnic: fix use after free - scsi: lpfc: Fix kernel crash at lpfc_nvme_info_show during remote port bounce - net: silence data-races on sk_backlog.tail - [armhf] clk/ti/adpll: allocate room for terminating null - mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of cfi_amdstd_setup() - mfd: mfd-core: Protect against NULL call-back function pointer - [x86] tpm_crb: fix fTPM on AMD Zen+ CPUs - tracing: Adding NULL checks for trace_array descriptor pointer - bcache: fix a lost wake-up problem caused by mca_cannibalize_lock - RDMA/qedr: Fix potential use after free - RDMA/i40iw: Fix potential use after free - fix dget_parent() fastpath race - xfs: fix attr leaf header freemap.size underflow - RDMA/iw_cgxb4: Fix an error handling path in 'c4iw_connect()' - ubi: Fix producing anchor PEBs - mmc: core: Fix size overflow for mmc partitions - gfs2: clean up iopen glock mess in gfs2_create_inode - scsi: pm80xx: Cleanup command when a reset times out - CIFS: Properly process SMB3 lease breaks - ASoC: max98090: remove msleep in PLL unlocked workaround - kernel/sys.c: avoid copying possible padding bytes in copy_to_user - [arm64,armhf] KVM: vgic: Fix potential double free dist->spis in __kvm_vgic_destroy() - xfs: fix log reservation overflows when allocating large rt extents - neigh_stat_seq_next() should increase position index - rt_cpu_seq_next should increase position index - ipv6_route_seq_next should increase position index - seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier - sctp: move trace_sctp_probe_path into sctp_outq_sack - [arm64,x86] ACPI: EC: Reference count query handlers under lock - scsi: ufs: Make ufshcd_add_command_trace() easier to read - scsi: ufs: Fix a race condition in the tracing code - [s390x] /cpum_sf: Use kzalloc and minor changes - [powerpc*] eeh: Only dump stack once if an MMIO loop is detected - Bluetooth: btrtl: Use kvmalloc for FW allocations - [armel,armhf] ARM: 8948/1: Prevent OOB access in stacktrace - ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter - ceph: ensure we have a new cap before continuing in fill_inode - Bluetooth: Fix refcount use-after-free issue - mm/swapfile.c: swap_next should increase position index - mm: pagewalk: fix termination condition in walk_pte_range() - Bluetooth: prefetch channel before killing sock - KVM: fix overflow of zero page refcount with ksm running - ALSA: hda: Clear RIRB status before reading WP - skbuff: fix a data race in skb_queue_len() - audit: CONFIG_CHANGE don't log internal bookkeeping as an event - selinux: sel_avc_get_stat_idx should increase position index - scsi: lpfc: Fix RQ buffer leakage when no IOCBs available - scsi: lpfc: Fix coverity errors in fmdi attribute handling - [armhf] drm/omap: fix possible object reference leak - crypto: chelsio - This fixes the kernel panic which occurs during a libkcapi test - mt76: clear skb pointers from rx aggregation reorder buffer during cleanup - ALSA: usb-audio: Don't create a mixer element with bogus volume range - [s390x] perf test: Fix test trace+probe_vfs_getname.sh on s390 - RDMA/rxe: Fix configuration of atomic queue pair attributes - [x86] KVM: x86: fix incorrect comparison in trace event - [x86] pkeys: Add check for pkey "overflow" - bpf: Remove recursion prevention from rcu free callback - [arm64,armhf] dmaengine: tegra-apb: Prevent race conditions on channel's freeing - random: fix data races at timer_rand_state - [arm64] bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host removal - media: go7007: Fix URB type for interrupt handling - Bluetooth: guard against controllers sending zero'd events - timekeeping: Prevent 32bit truncation in scale64_check_overflow() - ext4: fix a data race at inode->i_disksize - mm: avoid data corruption on CoW fault into PFN-mapped VMA - drm/amdgpu: increase atombios cmd timeout - ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read - scsi: aacraid: Disabling TM path and only processing IOP reset - Bluetooth: L2CAP: handle l2cap config request during open state - media: tda10071: fix unsigned sign extension overflow - xfs: don't ever return a stale pointer from __xfs_dir3_free_read - xfs: mark dir corrupt when lookup-by-hash fails - ext4: mark block bitmap corrupted when found instead of BUGON - nfsd: Don't add locks to closed or closing open stateids - RDMA/cm: Remove a race freeing timewait_info - [powerpc*] KVM: PPC: Book3S HV: Treat TM-related invalid form instructions on P9 like the valid ones - [arm64] drm/msm: fix leaks if initialization fails - [arm64] drm/msm/a5xx: Always set an OPP supported hardware value - serial: 8250_port: Don't service RX FIFO if throttled - [powerpc*] cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_work_fn - nvme-multipath: do not reset on unknown status - nvme: Fix controller creation races with teardown flow - RDMA/rxe: Set sys_image_guid to be aligned with HW IB devices - scsi: hpsa: correct race condition in offload enabled - SUNRPC: Fix a potential buffer overflow in 'svc_print_xprts()' - svcrdma: Fix leak of transport addresses - PCI: Use ioremap(), not phys_to_virt() for platform ROM - ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len - ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra endpoint descriptor - PCI: pciehp: Fix MSI interrupt race - NFS: Fix races nfs_page_group_destroy() vs nfs_destroy_unlinked_subrequests() - mm/kmemleak.c: use address-of operator on section symbols - mm/filemap.c: clear page error before actual read - mm/vmscan.c: fix data races using kswapd_classzone_idx - nvmet-rdma: fix double free of rdma queue - mm/mmap.c: initialize align_offset explicitly for vm_unmapped_area - scsi: qedi: Fix termination timeouts in session logout - [arm64] serial: uartps: Wait for tx_empty in console setup - [x86] KVM: Remove CREATE_IRQCHIP/SET_PIT2 race - bdev: Reduce time holding bd_mutex in sync in blkdev_close() - [x86] drivers: char: tlclk.c: Avoid data race between init and interrupt handler - [arm64] KVM: vgic-its: Fix memory leak on the error path of vgic_add_lpi() - net: openvswitch: use u64 for meter bucket - scsi: aacraid: Fix error handling paths in aac_probe_one() - staging:r8188eu: avoid skb_clone for amsdu to msdu conversion - [arm64] cpufeature: Relax checks for AArch32 support at EL[0-2] - dt-bindings: sound: wm8994: Correct required supplies based on actual implementaion - atm: fix a memory leak of vcc->user_back - Bluetooth: Handle Inquiry Cancel error after Inquiry Complete - tipc: fix memory leak in service subscripting - [armhf] tty: serial: samsung: Correct clock selection logic - ALSA: hda: Fix potential race in unsol event handler - [powerpc*] traps: Make unrecoverable NMIs die instead of panic - fuse: don't check refcount after stealing page - [powerpc*] scsi: cxlflash: Fix error return code in cxlflash_probe() - [arm64] cpufeature: Drop TraceFilt feature exposure from ID_DFR0 register - e1000: Do not perform reset in reset_task if we are already down - drm/nouveau/debugfs: fix runtime pm imbalance on error - drm/nouveau: fix runtime pm imbalance on error - drm/nouveau/dispnv50: fix runtime pm imbalance on error - printk: handle blank console arguments passed in. - [arm64,armhf] usb: dwc3: Increase timeout for CmdAct cleared by device controller - btrfs: don't force read-only after error in drop snapshot - vfio/pci: fix memory leaks of eventfd ctx - perf trace: Fix the selection for architectures to generate the errno name tables - [arm64,armhf] wlcore: fix runtime pm imbalance in wl1271_tx_work - [arm64,armhf] wlcore: fix runtime pm imbalance in wlcore_regdomain_config - [arm64,armhf] PCI: tegra: Fix runtime PM imbalance on error - ceph: fix potential race in ceph_check_caps - mm/swap_state: fix a data race in swapin_nr_pages - [armel] mtd: parser: cmdline: Support MTD names containing one or more colons - [x86] speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline - vfio/pci: Clear error and request eventfd ctx after releasing - cifs: Fix double add page to memcg when cifs_readpages - nvme: fix possible deadlock when I/O is blocked - scsi: libfc: Handling of extra kref - scsi: libfc: Skip additional kref updating work event - vfio/pci: fix racy on error and request eventfd ctx - btrfs: qgroup: fix data leak caused by race between writeback and truncate - net: openvswitch: use div_u64() for 64-by-32 divisions - nvme: explicitly update mpath disk capacity on revalidation - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1 - [s390x] init: add missing __init annotations - lockdep: fix order in trace_hardirqs_off_caller() - [amd64] drm/amdkfd: fix a memory leak issue - i2c: core: Call i2c_acpi_install_space_handler() before i2c_acpi_register_devices() - mwifiex: Increase AES key storage size to 256 bits - batman-adv: bla: fix type misuse for backbone_gw hash indexing - atm: eni: fix the missed pci_disable_device() for eni_init_one() - batman-adv: mcast/TT: fix wrongly dropped or rerouted packets - mac802154: tx: fix use-after-free - bpf: Fix clobbering of r2 in bpf_gen_ld_abs - [arm*] drm/vc4/vc4_hdmi: fill ASoC card owner - net: qed: RDMA personality shouldn't fail VF load - batman-adv: Add missing include for in_interrupt() - batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh - batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh - bpf: Fix a rcu warning for bpffs map pretty-print - [x86] ALSA: asihpi: fix iounmap in error handler - regmap: fix page selection for noinc reads - [x86] KVM: Reset MMU context if guest toggles CR4.SMAP or CR4.PKE - [x86] KVM: SVM: Add a dedicated INVD intercept routine - tracing: fix double free - [s390x] dasd: Fix zero write for FBA devices - kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() - mm, THP, swap: fix allocating cluster for swapfile by mistake - [s390x] zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl - ata: define AC_ERR_OK - ata: make qc_prep return ata_completion_errors - ata: sata_mv, avoid trigerrable BUG_ON - [arm64] KVM: Assume write fault on S1PTW permission fault on instruction fetch https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.150 - mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS models - USB: gadget: f_ncm: Fix NDP16 datagram validation - vsock/virtio: use RCU to avoid use-after-free on the_virtio_vsock - vsock/virtio: stop workers during the .remove() - vsock/virtio: add transport parameter to the virtio_transport_reset_no_sock() - net: virtio_vsock: Enhance connection semantics - Input: i8042 - add nopnp quirk for Acer Aspire 5 A515 - ftrace: Move RCU is watching check after recursion check - drm/amdgpu: restore proper ref count in amdgpu_display_crtc_set_config - drivers/net/wan/hdlc_fr: Add needed_headroom for PVC devices - [armhf] drm/sun4i: mixer: Extend regmap max_register - net: dec: de2104x: Increase receive ring size for Tulip - rndis_host: increase sleep time in the query-response loop - nvme-core: get/put ctrl and transport module in nvme_dev_open/release() - [x86,ppc64el] drivers/net/wan/hdlc: Set skb->protocol before transmitting - mac80211: do not allow bigger VHT MPDUs than the hardware supports - nvme-fc: fail new connections to a deleted host or remote port - [armhf] pinctrl: mvebu: Fix i2c sda definition for 98DX3236 - nfs: Fix security label length not being reset - [armhf] clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED - Input: trackpoint - enable Synaptics trackpoints - random32: Restore __latent_entropy attribute on net_rand_state - mm: replace memmap_context by meminit_context - mm: don't rely on system state to detect hot-plug operations - epoll: do not insert into poll queues until all sanity checks are done - epoll: replace ->visited/visited_list with generation count - epoll: EPOLL_CTL_ADD: close the race in decision to take fast path - ep_create_wakeup_source(): dentry name can change under you... - netfilter: ctnetlink: add a range check for l3/l4 protonum (CVE-2020-25211) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.151 - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts - fbcon: Fix global-out-of-bounds read in fbcon_get_font() - net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key() - drm/nouveau/mem: guard against NULL pointer access in mem_del - usermodehelper: reset umask to default before executing user process - [x86] platform/x86: intel-vbtn: Fix SW_TABLET_MODE always reporting 1 on the HP Pavilion 11 x360 - [x86] platform/x86: thinkpad_acpi: initialize tp_nvram_state variable - [x86] platform/x86: intel-vbtn: Switch to an allow-list for SW_TABLET_MODE reporting - [x86] platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse - driver core: Fix probe_count imbalance in really_probe() - [x86] i2c: i801: Exclude device from suspend direct complete optimization - [armhf] mtd: rawnand: sunxi: Fix the probe error path - nvme-core: put ctrl ref when module ref get fail - macsec: avoid use-after-free in macsec_handle_frame() - mm/khugepaged: fix filemap page_to_pgoff(page) != offset - xfrmi: drop ignore_df check before updating pmtu - cifs: Fix incomplete memory allocation on setxattr path - [arm64,armhf] i2c: meson: fix clock setting overwrite - [arm64,armhf] i2c: meson: fixup rate calculation with filter delay - sctp: fix sctp_auth_init_hmacs() error path - team: set dev->needed_headroom in team_setup_by_port() - net: team: fix memory leak in __team_options_register - openvswitch: handle DNAT tuple collision - drm/amdgpu: prevent double kfree ttm->sg - xfrm: clone XFRMA_SET_MARK in xfrm_do_migrate - xfrm: clone XFRMA_REPLAY_ESN_VAL in xfrm_do_migrate - xfrm: clone XFRMA_SEC_CTX in xfrm_do_migrate - xfrm: clone whole liftime_cur structure in xfrm_do_migrate - [arm64,armhf] net: stmmac: removed enabling eee in EEE set callback - xfrm: Use correct address family in xfrm_state_find - bonding: set dev->needed_headroom in bond_setup_by_slave() - net: usb: ax88179_178a: fix missing stop entry in driver_info - net/mlx5e: Fix VLAN cleanup flow - net/mlx5e: Fix VLAN create flow - rxrpc: Fix rxkad token xdr encoding - rxrpc: Downgrade the BUG() for unsupported token type in rxrpc_read() - rxrpc: Fix some missing _bh annotations on locking conn->state_lock - rxrpc: Fix server keyring leak - perf: Fix task_function_call() error handling - mmc: core: don't set limits.discard_granularity as 0 - mm: khugepaged: recalculate min_free_kbytes after memory hotplug as expected by khugepaged - net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.152 - Bluetooth: A2MP: Fix not initializing all members (CVE-2020-12352) - Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel (CVE-2020-12351) - Bluetooth: MGMT: Fix not checking if BT_HS is enabled - Bluetooth: Consolidate encryption handling in hci_encrypt_cfm - Bluetooth: Fix update of connection state in `hci_encrypt_cfm` - Bluetooth: Disconnect if E0 is used for Level 4 - media: usbtv: Fix refcounting mixup - USB: serial: option: add Cellient MPL200 card - USB: serial: option: Add Telit FT980-KS composition - [x86] staging: comedi: check validity of wMaxPacketSize of usb endpoints found - USB: serial: pl2303: add device-id for HP GC device - USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters - reiserfs: Initialize inode keys properly - reiserfs: Fix oops during mount - [arm*] drivers/net/ethernet/marvell/mvmdio.c: Fix non OF case (Closes: #908712) - [x86] crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.148-rt64 * Bump ABI to 12 * Revert "perf cs-etm: Move definition of 'traceid_list' global variable from header file" lmod (6.6-0.3+deb10u1) buster; urgency=medium . * Change Architecture: to any. Closes: #951508 This is required because lmod now gets LUA_PATH and LUA_CPATH at compile time (to deal with users overriding those variables). See https://github.com/TACC/Lmod/issues/112 There was an upstream report that this breaks Raspian, which was rejected, so it is unlikely that upstream will return to the current behaviour. See https://github.com/TACC/Lmod/issues/338 Thanks to Baptiste Jonglez for finding the relevant upstream bug reports. The same change was just uploaded as an NMU to unstable (in 6.6-0.4). mariadb-10.3 (1:10.3.27-0+deb10u1) buster; urgency=medium . * New upstream version 10.3.27. Includes fixes to serious regressions in MariaDB 10.3.26 that corrupted data or made server unable to start. * SECURITY UPDATE: Includes new upstream 10.3.26 which included fixes for the following security vulnerabilities: - CVE-2020-28912 - CVE-2020-14812 - CVE-2020-14789 - CVE-2020-14776 - CVE-2020-14765 * Upstream 10.3.26 included: - Fix mytop shebang (Closes: #972780, Closes: #970681) * Remove 3 patches applied upstream. mariadb-10.3 (1:10.3.25-0+deb10u1) buster-security; urgency=high . * SECURITY UPDATE: New upstream version 10.3.25. Includes fixes for the following security vulnerabilities: - CVE-2020-15180 * Salsa-CI: Update to be compatible with latest master/salsa-ci.yml mariadb-10.3 (1:10.3.24-2) unstable; urgency=medium . * Include MariaDB client plugin caching_sha2_password * Fix Perl script segfaults by backporting patch (Closes: #966633) mariadb-10.3 (1:10.3.24-1) unstable; urgency=medium . [ Otto Kekäläinen ] * New upstream version 10.3.24 - Drop kFreeBSD, Risv64 and ZSTD patches applied upstream * Remove redundant patterns from d/copyright * Includes permanent upstream fixes to get RocksDB built on riscv64 (Closes: #933151, Closes: LP#1876814) . [ Andrius Merkys ] * Fix a pair of typos in apparmor-profile mariadb-10.3 (1:10.3.23-1) unstable; urgency=medium . [ Otto Kekäläinen ] * SECURITY UPDATE: New upstream version 10.3.23. Includes fixes for the following security vulnerabilities (Closes: #961849): - CVE-2020-2752 - CVE-2020-2760 - CVE-2020-2812 - CVE-2020-2814 - CVE-2020-13249 - Includes fix for MDEV-21586: Server does not start if lc_messages setting was not English (Closes: #951059) - Backport packaging improvements from MariaDB 10.4: - Fix RocksDB build failure on arch riscv64 - Amend changelog with #951059 reference - Properly use DH_ and DEB_ flag in d/rules - Detect MySQL 8.0 based on undo_001 file as *.flag is buggy in mysql-8.0 - Make mariadb-client-10.4 Recommends libdbd-mariadb-perl as primary option - Update package to use debhelper level 10 - Delete pam_mariadb_mtr.so test plugin from build completely - Fix minor typos in docs and in-line comments - Sync server stopping logic from MariaDB 10.4 preinst/postinst/postrm - Sync AppArmor profile handling from MariaDB 10.4 - Sync non-functional delta from upstream 10.4 - Simplify autopkgtest 'smoke' to be easier to debug . [ Christian Ehrhardt ] * Fix RocksDB build failure on arch riscv64 mediawiki (1:1.31.10-1~deb10u1) buster-security; urgency=medium . * New upstream version 1.31.10, fixing CVE-2020-15005, CVE-2020-25812, CVE-2020-25813, CVE-2020-25814, CVE-2020-25827, CVE-2020-25828. CVE-2020-25689 does not affect this package, it requires an additional extension. * Additionally, mitigations for firejail's CVE-2020-17367, CVE-2020-17368 are included as well. mediawiki (1:1.31.8-1) unstable; urgency=medium . * New upstream version 1.31.8, fixing CVE-2020-15005. * Use debhelper 12 and dh_installsystemd. mediawiki (1:1.31.7-1) unstable; urgency=medium . * New upstream version 1.31.7, fixing CVE-2020-10960. CVE-2020-10960 does not affect this version of MediaWiki. * A hardening fix was included for the OATHAuth extension to limit access of user-controlled JavaScript. * Standards-Version: 4.5.0, no changes needed moin (1.9.9-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * security: fix stored XSS vulnerability via SVG attachment (CVE-2020-15275) * security: fix remote code execution via cache action (CVE-2020-25074) * Tweak Debian version used to 1.9.9-1+deb10u1 to avoid possible version clash with lower suite. mupdf (1.14.0+ds1-4+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Detect/avoid overflow when calculating sizes of pixmaps (CVE-2020-26519) (Closes: #971595) mutt (1.10.1-2.1+deb10u4) buster; urgency=medium . * debian/patches: + fix for CVE-2020-28896 located in security/CVE-2020-28896.patch. neomutt (20180716+dfsg.1-1+deb10u2) buster; urgency=medium . * debian/patches: + security/CVE-2020-28896.patch: handle the relevant CVE to stop sending login information over an encrypted connections in certain conditions. node-object-path (0.11.4-2+deb10u1) buster; urgency=medium . * Team upload * Fix prototype pollution in set() (Closes: CVE-2020-15256) node-pathval (1.1.0-3+deb10u1) buster; urgency=medium . * Fix prototype pollution (Closes: #972895, CVE-2020-7751) okular (4:17.12.2-2.2+deb10u1) buster; urgency=medium . * CVE-2020-9359 (Closes: #954891) openjdk-11 (11.0.9.1+1-1~deb10u2) buster; urgency=medium . * Rebuild for Buster (Closes: #975728) * Disable tests for this upload. openjdk-11 (11.0.9.1+1-1~deb10u1) buster; urgency=medium . * Rebuild for Buster (Closes: #975728) openjdk-11 (11.0.9+11-1) unstable; urgency=medium . * OpenJDK 11.0.9+11 build (release). * Security fixes: - JDK-8233624: Enhance JNI linkage - JDK-8236196: Improve string pooling - JDK-8236862, CVE-2020-14779: Enhance support of Proxy class - JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts - JDK-8237995, CVE-2020-14782: Enhance certificate processing - JDK-8240124: Better VM Interning - JDK-8241114, CVE-2020-14792: Better range handling - JDK-8242680, CVE-2020-14796: Improved URI Support - JDK-8242685, CVE-2020-14797: Better Path Validation - JDK-8242695, CVE-2020-14798: Enhanced buffer support - JDK-8243302: Advanced class supports - JDK-8244136, CVE-2020-14803: Improved Buffer supports - JDK-8244479: Further constrain certificates - JDK-8244955: Additional Fix for JDK-8240124 - JDK-8245407: Enhance zoning of times - JDK-8245412: Better class definitions - JDK-8245417: Improve certificate chain handling - JDK-8248574: Improve jpeg processing - JDK-8249927: Specify limits of jdk.serialProxyInterfaceLimit - JDK-8253019: Enhanced JPEG decoding . [ Tiago Stürmer Daitx ] * debian/rules: - copy apport hook to source_$(PKGSOURCE).py, fixes apport on Ubuntu where source name is openjdk-lts instead of openjdk-11. * Refresh patches. . [ Matthias Klose ] * Don't run the jdk tests as an autopkg test, taking too long. * Call strip-nondeterminism before computing jmod hashes (Julian Gilbey). Closes: #944738. * Build with GCC 10 in current development versions. Closes: #972288. openjdk-11 (11.0.9+11-1~deb10u1) buster-security; urgency=medium . * Rebuild for Buster openjdk-11 (11.0.8+10-1.1) unstable; urgency=medium . * Non-maintainer upload. * Apply patch to strip nondeterminism before computing jmod hash. Thank you to Julian Gilbey for the patch. (Closes: #944738) Add Build-Depends on strip-nondeterminism. openjdk-11 (11.0.8+10-1) unstable; urgency=high . * OpenJDK 11.0.8+10 build (release). * Security fixes: - JDK-8233239, CVE-2020-14562: Enhance TIFF support - JDK-8236867, CVE-2020-14573: Enhance Graal interface handling - JDK-8237117, CVE-2020-14556: Better ForkJoinPool behavior - JDK-8237592, CVE-2020-14577: Enhance certificate verification - JDK-8238002, CVE-2020-14581: Better matrix operations - JDK-8238920, CVE-2020-14583: Better Buffer support - JDK-8240119, CVE-2020-14593: Less Affine Transformations - JDK-8242136, CVE-2020-14621: Better XML namespace handling - JDK-8230613: Better ASCII conversions - JDK-8231800: Better listing of arrays - JDK-8232014: Expand DTD support - JDK-8233234: Better Zip Naming - JDK-8233255: Better Swing Buttons - JDK-8234032: Improve basic calendar services - JDK-8234042: Better factory production of certificates - JDK-8234418: Better parsing with CertificateFactory - JDK-8234836: Improve serialization handling - JDK-8236191: Enhance OID processing - JDK-8238013: Enhance String writing - JDK-8238804: Enhance key handling process - JDK-8238842: AIOOBE in GIFImageReader.initializeStringTable - JDK-8238843: Enhanced font handing - JDK-8238925: Enhance WAV file playback - JDK-8240482: Improved WAV file playback - JDK-8241379: Update JCEKS support - JDK-8241522: Manifest improved jar headers redux . [ Tiago Stürmer Daitx ] * d/p/default-jvm-cfg.diff: updated patch. * d/p/8214571.diff, d/p/8228407.diff: applied by upstream, removed patches. . [ Matthias Klose ] * Don't try to run autopkg tests on armel, mipsel, mips64el. * debian/copyright (remove licenses not found anymore in the sources): - Little CMS, libpng, GIFLIB. * Prepare to Build using GCC 10. openldap (2.4.47+dfsg-3+deb10u4) buster-security; urgency=high . * Fix slapd abort due to assertion failure in Certificate List syntax validation (ITS#9383) (CVE-2020-25709) * Fix slapd abort due to assertion failure in CSN normalization with invalid input (ITS#9384) (CVE-2020-25710) openldap (2.4.47+dfsg-3+deb10u3) buster-security; urgency=high . * Fix slapd normalization handling with modrdn (ITS#9370) pacemaker (2.0.1-5+deb10u1) buster-security; urgency=high . * [bf23450] Apply patch series fixing CVE-2020-25654: ACL bypass. A vulnerability was found in Pacemaker allowing a user who is in the haclient group but restricted by ACLs to bypass those ACLs, providing cluster-wide arbitrary code execution with root privileges. When the enable-acl cluster option isn't set to true, members of the haclient group (and root) can modify Pacemaker's CIB without restriction, which already gives them these capabilities, so there is no additional exposure in that case. More info: https://www.openwall.com/lists/oss-security/2020/10/27/1 Patches: https://lists.clusterlabs.org/pipermail/developers/2020-October/002324.html Thanks to Ken Gaillot (Closes: #973254) partman-auto (149+deb10u1) buster; urgency=medium . * Bump /boot sizes in most recipes from between 128 and 256M to between 512 and 768M. As initramfs keep growing, and kernel ABI bumps keep happening, running out of space on /boot is unpleasant. Closes: #893886, 951709. * Import from Ubuntu: Introduce partman-auto/cap-ram, to allow capping RAM size as used for swap partition calculations. This allows us to cap the minimum size of swap partitions size to 1*CAP, and their maximum size to a maximum of 2 or 3*CAP depending on architecture. Default is set to 1024, thus capping swap partitions to between 1 and 3GB. LP: #1351267, closes: #949651, #950344. Patch from Dimitri John Ledkov. pcaudiolib (1.1-3+deb10u1) buster; urgency=medium . * patches/cancel: Cap cancellation latency to 10ms. plinth (19.1+deb10u1) buster; urgency=medium . * apache: Disable mod_status (CVE-2020-25073) puma (3.12.0-2+deb10u2) buster; urgency=medium . * Team upload. * d/patches/0009-disable-tests-failing-in-single-cpu.patch: Add author and bug tracker information. * d/patches/CVE-2020-5247.patch: Add patch to fix CVE-2020-5247. - Fix header value could inject their own HTTP response (closes: #952766). * d/patches/CVE-2020-5249.patch: Add patch to fix CVE-2020-5249. - Fix splitting newlines in headers and another vector for HTTP injection (closes: #953122). * d/patches/CVE-2020-11076.patch: Add patch to fix CVE-2020-11076. - Better handle client input to fix HTTP Smuggling via Transfer-Encoding header (closes: #972102). * d/patches/CVE-2020-11077.patch: Add patch to fix CVE-2020-11077. - Reduce ambiguity of headers to fix HTTP Smuggling via Transfer-Encoding header (closes: #972102). * d/patches/series: Enable new patches. python-flask-cors (3.0.7-1+deb10u1) buster-security; urgency=high . * Team upload. * Fix CVE-2020-25032 (Closes: #969362) with upstream patch rails (2:5.2.2.1+dfsg-1+deb10u2) buster-security; urgency=medium . * CVE-2020-8162 CVE-2020-8164 CVE-2020-8165 CVE-2020-8166 CVE-2020-8167 CVE-2020-15169 raptor2 (2.0.14-1.1~deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Rebuild for buster-security . raptor2 (2.0.14-1.1) unstable; urgency=medium . * Non-maintainer upload. * Calcualte max nspace declarations correctly for XML writer (CVE-2017-18926) (Closes: #973889) ros-ros-comm (1.14.3+ds1-5+deb10u2) buster; urgency=high . * Add https://github.com/ros/ros_comm/pull/2065 (Fix CVE-2020-16124) ruby2.5 (2.5.5-3+deb10u3) buster; urgency=high . * Add patch to fix a potential HTTP request smuggling vulnerability in WEBrick. (Fixes: CVE-2020-25613) sddm (0.18.0-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix X not having access control on startup (CVE-2020-28049) (Closes: #973748) sleuthkit (4.6.5-1+deb10u1) buster; urgency=high . * Team upload. * Add patch to fix stack buffer overflow in yaffsfs_istat. (Closes: #953976, CVE-2020-10232) spice (0.14.0-1.3+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * quic: Check we have some data to start decoding quic image (CVE-2020-14355) * quic: Check image size in quic_decode_begin (CVE-2020-14355) * quic: Check RLE lengths (CVE-2020-14355) * quic: Avoid possible buffer overflow in find_bucket (CVE-2020-14355) spip (3.2.4-1+deb10u3) buster-security; urgency=medium . * Backport security fixes from 3.2.8 - Critical security issue, allowing identified authors to execute arbitrary PHP code sqlite3 (3.27.2-3+deb10u1) buster; urgency=medium . * CVE-2019-19923 * CVE-2019-19925 * CVE-2019-19959 * CVE-2019-20218 * CVE-2020-13434 * CVE-2020-13435 * CVE-2020-13630 * CVE-2020-13632 * CVE-2020-15358 * CVE-2019-16168 systemd (241-7~deb10u5) buster; urgency=medium . * basic/cap-list: parse/print numerical capabilities (Closes: #964926) * missing: add new Linux capabilities. Linux kernel v5.8 adds two new capabilities. Make sure we can recognize them even when built with an older kernel. * networkd: do not generate MAC for bridge device (Closes: #963488) tbsync (2.18-1~deb10u1) buster; urgency=medium . [ Mechtilde ] * [962f929] Built for buster: debian/changelog * [2c6dea8] Prepared for release in buster (proposed-updates) tbsync (2.16.1-1) unstable; urgency=medium . [ Mechtilde ] * prepared for unstable (Closes: #968102) + to fit compatibility with thunderbird 78.x . * [501e05b] Added missing bug tracker to d/u/metadata tbsync (2.16.1-1~exp1) experimental; urgency=medium . [ Mechtilde ] * [3701379] New upstream version 2.15.5~beta * [15dcb16] Adapted d/ to the new version 2.15.5-beta . [ Carsten Schoenert ] * [94005c6] d/gbp.conf: adding helper for git-buildpackage * [256c84b] New upstream version 2.16.1 * [841ffa1] d/copyright: update and sort content alphabetically * [bb84449] d/rules: rework the build process a bit * [1afb65f] d/webext-tbsync.links: updating sequencer to new requirement * [79ff8f8] d/webext-tbsync.install: adopt installing files * [0fa330f] lintian: drop source override as not needed any more tbsync (2.16.1-1~deb10u1) buster; urgency=medium . * Rebuild for buster to fit compatibility with Tb 78.x + (Closes:#971807) tbsync (2.11-2~exp1) experimental; urgency=medium . [ Mechtilde Stehmann ] * [760cf22] Changed maintainer email in d/control to avoid lintian warning * [744a80c] Removed lightning from dependency for TB >=76 * [701c8fd] Adapt versions of dependencies tbsync (2.11-1) unstable; urgency=medium . * [c20de3a] New upstream version 2.11 tcpdump (4.9.3-1~deb10u2) buster; urgency=high . * Cherry-pick commit 32027e1993 from the upstream tcpdump-4.9 branch to fix untrusted input issue in the PPP printer (CVE-2020-8037, closes: #973877). thunderbird (1:78.5.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security thunderbird (1:78.4.2-1) unstable; urgency=medium . * [c7f4ed2] New upstream version 78.4.2 Fixed CVE issues in upstream version 78.4 (MFSA 2020-49): CVE-2020-26950: Write side effects in MCallGetProperty opcode not accounted for * [c3a617d] rebuild patch queue from patch-queue branch added patch: fixes/Bug-1663715-Update-syn-and-proc-macro2-so-that-Firefox-ca.patch * [8e4e7ad] thunderbird-l10n-all: add thunderbird-l10n-cy (Closes: #974127) thunderbird (1:78.4.2-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security (Closes: #973660) [ Emilio Pozuelo Monfort ] * [3d58cc1] d/control: reenable the armhf build on buster thunderbird (1:78.4.1-1) unstable; urgency=medium . * [cf8bf1e] New upstream version 78.4.1 * [529000c] rebuild patch queue from patch-queue branch added patches: fixes/Bug-1650299-Unify-the-inclusion-of-the-ICU-data-file.-r-f.patch fixes/Don-t-build-ICU-in-parallel.patch Patches are picked from Firefox and fixing FTBFS on s390x within buster. thunderbird (1:78.4.0-1) unstable; urgency=medium . [ Emilio Pozuelo Monfort ] * [652f8de] install the apparmor profile in thunderbird.install . [ Carsten Schoenert ] * [5240d53] Revert "thunderbird.install: adjust.desktop renamed file name" (Closes: #972601) * [861b21a] Revert "Rename .desktop file for AppStream compliance" (Closes: #972578) * [ffc5818] New upstream version 78.4.0 Fixed CVE issues in upstream version 78.4 (MFSA 2020-47): CVE-2020-15969: Use-after-free in usersctp CVE-2020-15683: Memory safety bugs fixed in Thunderbird 78.4 * [81396e3] rebuild patch queue from patch-queue branch removed patches (fixed upstream): porting-mips/Bug-1649655-MIPS-Add-CodeGenerator-visitWasmRegisterResul.patch porting/Bug-1666646-Bump-CodeAlignment-to-8-in-MacroAssembler-non.patch . modified patches: fixes/Appdata-Adding-some-German-translations.patch fixes/Appdata-Fix-up-AppStream-error-by-adding-missing-field.patch . Minor fine tuning to the AppStream specific parts but also revert some translation entries as they are not intend to be translatable. These modification also in correlation with the mentioned bug reports above which are closed by the other adjustments. thunderbird (1:78.4.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security thunderbird (1:78.3.3-1) unstable; urgency=medium . [ Emilio Pozuelo Monfort ] * [6f18974] Remove duplicated --disable-debug-symbols flag * [1119d50] Print a verbose build log by not calling the mach wrapper * [fcf7c11] Exclude -g from CXXFLAGS as well . [ Carsten Schoenert ] * [9eb159f] New upstream version 78.3.3 * [47171dc] rebuild patch queue from patch-queue branch added patches: fixes/Appdata-Adding-some-German-translations.patch fixes/Appdata-Fix-up-AppStream-error-by-adding-missing-field.patch * [1474d91] Rename .desktop file for AppStream compliance * [10e49a9] thunderbird.install: adjust.desktop renamed file name * [018bbc1] thunderbird.pc: remove left over cruft thunderbird (1:78.3.2-1) unstable; urgency=medium . * [0b2f19f] d/rules: remove hand crafted icu build Cherry-picked from debian/buster branch. The possible required build of the ICU if the usage of an external ICU library is now handled by the upstream build system. * [1583517] d/rules: rewrite dpkg_buildflags to remove option '-g' Cherry-picked from debian/buster branch. We need to remove the option '-g' from the dpkg_buildflags variable for real if we want a build without debugging information (e.g. on 32bit architectures). * [fb4c9c4] New upstream version 78.3.2 * [9d5e2b9] d/rules: install the language Add-ons into /u/l/t/e Do not install the thunderbird-l10n packages into /usr/share/thunderbird any more, install them directly into /usr/libt/thunderbird/extensions. This simplifies the package structures as there is no real need to install the packages into /usr/share/thunderbird and linking them back. thunderbird (1:78.3.1-2) unstable; urgency=medium . * [649f664] rebuild patch queue from patch-queue branch added patches: fixes/reduce-the-rust-debuginfo-level-on-selected-architectures.patch porting-s390x/Explicitly-instantiate-TIntermTraverser-traverse-TIntermN.patch thunderbird (1:78.3.1-2~deb10u2) stable-security; urgency=medium . * [72d9abd] d/rules: rewrite dpkg_buildflags to remove option '-g' * [adb263e] d/rules: disable dbgsym package on i386 for stable-security thunderbird (1:78.3.1-2~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security * [cc92401] d/rules: remove hand crafted icu build thunderbird (1:78.3.1-1) unstable; urgency=medium . [ Carsten Schoenert ] * [6bd965f] New upstream version 78.3.1 Fixed CVE issues in upstream version 78.3.1 (MFSA 2020-44): CVE-2020-15677: Download origin spoofing via redirect CVE-2020-15676: XSS when pasting attacker-controlled data into a contenteditable element CVE-2020-15678: When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free scenario CVE-2020-15673: Memory safety bugs fixed in Thunderbird 78.3 * [8ba13c5] rebuild patch queue from patch-queue branch added patches(picked from firefox packaging): fixes/Add-missing-bindings-for-mips-in-the-authenticator-crate.patch porting-mips/Bug-1642265-MIPS64-Add-branchTestSymbol-and-fallibleUnbox.patch porting-mips/Bug-1649655-MIPS-Add-CodeGenerator-visitWasmRegisterResul.patch porting/Bug-1666646-Bump-CodeAlignment-to-8-in-MacroAssembler-non.patch removed patch(fixed upstream): fixes/Bug-1664607-Don-t-try-to-load-what-s-new-page-when-built-.patch * [c6d282d] calendar-google-provider*: removing left over cruft There are two left over sequencer files from the calendar-google-package, not need any more since 1:68.2.2-1 * [cf37615] d/README.Debian: Update and adding new information Some updated information regarding the now included OpenPGP support, also updating some grammar for 'Add-on'. * [faf225b] thunderbird.NEWS: Add hint about integration of OpenPGP support Giving the user a information about the OpenPGP status within Thunderbird since the version 78.0. * [d6f4f0e] Revert "d/tb.lintian-overrides: ignore warning about none versioned breaks" * [9e6cbec] d/copyright: update content thunderbird (1:78.2.2-1) experimental; urgency=medium . * [c6592e8] New upstream version 78.2.2 * [28f5fce] rebuild patch queue from patch-queue branch added patches: fixes/Bug-1664607-Don-t-try-to-load-what-s-new-page-when-built-.patch porting-s390x/Use-more-recent-embedded-version-of-sqlite3.patch * [4866c06] d/mozconfig.default: add extra config options for ppc64el thunderbird (1:78.2.1-1) experimental; urgency=medium . * [1f3f76b] d/rules: drop C{,XX}FLAGS originally intended for GCC6 * [4490e37] d/mozconfig.default: add options for mips64el * [17b4e5c] d/rules: Don't build debug symbols on 32Bit arch * [6dff7e0] d/rules: addind -Wl,--as-needed to linker flags * [a213a7f] New upstream version 78.2.1 thunderbird (1:78.2.0-1) experimental; urgency=medium . [ intrigeri ] * [f6fcafd] d/control: drop hard dependency on libgtk2.0-0 (Closes: #908654) * [85b7a2e] autopkgtests: fix typo in comment * [4bd70ae] d/mozconfig.default: fix typos in comments * [d986a6d] d/control: allow Enigmail 2.2.0 and newer (Closes: #968707) . [ Carsten Schoenert ] * [52b4006] d/control: increase B-D for libnss3 (Closes: #966805) * [7794563] New upstream version 78.2.0 Fixed CVE issues in upstream version 78.2.0 (MFSA 2020-41): CVE-2020-15663: Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege CVE-2020-15664: Attacker-induced prompt for extension installation CVE-2020-15670: Memory safety bugs fixed in Thunderbird 78.2 * [623f853] rebuild patch queue from patch-queue branch No modifications made, just updating the index. thunderbird (1:78.1.1-1) experimental; urgency=medium . * [5fb842b] d/mozconfig.default: adding new option regarding Add-Ons Adding additional options --allow-addon-sideload and --with-unsigned-addon-scopes=app,system. These option are adopted and taken from the firefox package. * [8de0b35] New upstream version 78.1.1 * [4abe5ed] d/copyright: update content Some small updates to the copyright information. * [3caa541] d/control: adding new B-D for botan and json-c The upstream source now offers the possibility to use the system libraries for botan and json-c, for this we need to have both libraries installed for building Thunderbird. * [251d524] d/mozconfig.default: use botan and json-c system libraries Turn on the configuration flags for botan and also for json-c that let the build use the installed provided system libraries instead of using internal versions. * [a32a163] rebuild patch queue from patch-queue branch removed patch: debian-hacks/stop-configure-if-with-system-bz2-was-passed-but-no-.patch Upstream has now (again) a configure option for using a installed system bzip2 library that makes our added patch for this not needed anymore. * [16c91c0] lintian: remove override for embedded bzip2 in librnp.so thunderbird (1:78.1.0-1) experimental; urgency=medium . * [c4099cd] New upstream version 78.1.0 Fixed CVE issues in upstream version 78.1.0 (MFSA 2020-33): CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker CVE-2020-6514: WebRTC data channel leaks internal address to peer CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy CVE-2020-15653: Bypassing iframe sandbox when allowing popups CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture CVE-2020-15656: Type confusion for special arguments in IonMonkey CVE-2020-15658: Overriding file type when saving to disk CVE-2020-15657: DLL hijacking due to incorrect loading path CVE-2020-15654: Custom cursor can overlay user interface CVE-2020-15659: Memory safety bugs fixed in Thunderbird 78.1 thunderbird (1:78.0.1-1) experimental; urgency=medium . * [5450d8d] d/control: increase B-D for libnss3 * [9749d1d] d/control: drop B-D on python2 and move over to python3 * [b31360b] d/xpi-pack.sh: adding xpi-pack shell script * [89ede80] Drop mozilla-devscripts as B-D * [f3b2ced] New upstream version 78.0.1 * [1847202] d/tb.lintian-overrides: ignore warning about none versioned breaks * [d56c922] d/lightning.links: removing left over sequencer file thunderbird (1:78.0-1) experimental; urgency=medium . * [1016cc5] New upstream version 78.0 Fixed CVE issues in upstream version 78.0 (MFSA 2020-29): CVE-2020-12415: AppCache manifest poisoning due to url encoded character processing CVE-2020-12416: Use-after-free in WebRTC VideoBroadcaster CVE-2020-12417: Memory corruption due to missing sign-extension for ValueTags on ARM64 CVE-2020-12418: Information disclosure due to manipulated URL object CVE-2020-12419: Use-after-free in nsGlobalWindowInner CVE-2020-12420: Use-After-Free when trying to connect to a STUN server CVE-2020-15648: X-Frame-Options bypass using object or embed tags CVE-2020-12402: RSA Key Generation vulnerable to side-channel attack CVE-2020-12421: Add-On updates did not respect the same certificate trust rules as software updates CVE-2020-12422: Integer overflow in nsJPEGEncoder::emptyOutputBuffer CVE-2020-12424: WebRTC permission prompt could have been bypassed by a compromised content process CVE-2020-12425: Out of bound read in Date.parse() CVE-2020-12426: Memory safety bugs fixed in Thunderbird 78 * [ad66b04] rebuild patch queue from patch-queue branch reworked patch: porting-kfreebsd-hurd/LDAP-support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch * [4a2039c] d/mozconfig.default: enable OpenPGP feature build thunderbird (1:78.0~b2-1) experimental; urgency=medium . * [c8da927] d/source.filter: fix obviously happen typo * [c513a96] New upstream version 78.0~b2 * [6e9104e] d/control: tb, adding binary version to lightning provides Make the Provides for Lightning a versioned provide. * [8adec8f] enigmail: let any version of Enigmail break We now can break on any Enigmail version, the Enigmail functions are now included in Thunderbird and don't want to have an Enigmail package get installed in parallel. * [696b1fc] xul-ext-*/webext-*: adding more extensions to break Quite all of the current packaged Thunderbird extensions will not work for now with Thunderbird 78.*, adding/renaming the current know packages with recent versions to Breaks for thunderbird. * [e488d0c] thunderbird: remove some non-existing packages from Breaks The listed packages xul-ext-foxyproxy-standard xul-ext-gnome-keyring xul-ext-nostalgy aren't in any supported release so we don't need them any more within a Breaks for thunderbird. * [039ee90] thunderbird: remove outdated myspell packages from Breaks All previously listed myspell packages in Breaks for thunderbird aren't reachable with the given version any more. We can remove them safely. * [08ea0ba] thunderbird: remove outdated hunspell packages from Breaks The same is true for the hunspell packages that were listed in the Breaks field for thunderbird. thunderbird (1:78.0~b1-1) experimental; urgency=medium . [ Carsten Schoenert ] * [625efa9] d/source.filter: some updates to filtering list Recent modification of the shipped files in the upstream tarball do require small updates of the filter list we use to repack the tarball. * [967ee19] New upstream version 78.0~b1 * [240991e] rebuild patch queue from patch-queue branch removed patch: debian-hacks/use-icudt-b-l-.dat-depending-on-architecture.patch This will require some additional adjustment later for the stable-security upkoads as this patch was required to get a recent ICU version build before the build of the thunderbird sources did start. reworked patch: debian-hacks/stop-configure-if-with-system-bz2-was-passed-but-no-.patch * [07cab53] d/mozconfig.default: remove no longer existing options By this release a lot of old configure options are kicked out, some of them we have used until now. We need to remove these from the config. * [df2e99b] d/copyright: update content As usual some required update of the copyright file, more files are not shipped anymore. . [ intrigeri ] * [82a4b03] AppArmor: update profile from upstream at commit 860d2d9 (cherry-picked from unstable) thunderbird (1:77.0~b3-1) experimental; urgency=medium . * [82de2f6] New upstream version 77.0~b3 * [8beaf6f] rebuild patch queue from patch-queue branch removed patch (included upstream): fixes/Bug-1634994-fix-disable-av1-r-tnikkel.patch * [ab2d7a2] d/copyright: Add license for appstream xml file * [1533187] d/source.filter: Remove some *.wasm files as well * [7cdfe03] d/thunderbird.lintian-overrides: Some more needed overrides We need currently the included bzip library. Also add a false positive about the misread postinst script. * [9385fd4b] d/control: Remove doubled listed package libglib2.0-dev Drop a doubled listed package libglib2.0-dev within B-D. thunderbird (1:77.0~b2-1) experimental; urgency=medium . * [185d4f7] New upstream version 77.0~b2 * [e918036] rebuild patch queue from patch-queue branch removed patch: fixes/Bug-1635671-Upgrade-typename-to-1.12.0.-r-emilio.patch * [c1979ce] d/mozconfig.default: Remove obsolete options Drop the options '--with-distribution-id' and '--with-user-appdir'. The former is basically only supporting the given default 'org.mozilla' and the latter was set to the default '.mozilla' anyway. thunderbird (1:77.0~b1-1) experimental; urgency=medium . * [ee06e6e] New upstream version 77.0~b1 * [a21b649] rebuild patch queue from patch-queue branch removed patches (not needed any more): lower-down-required-version-on-NSS3.patch . added patches: fixes/Bug-1634994-fix-disable-av1-r-tnikkel.patch fixes/Bug-1635671-Upgrade-typename-to-1.12.0.-r-emilio.patch * [295cc4d] d/control: increase B-D for libnss3 The build requires now libnss3-dev >= 2:3.52. * [f998baf] lintian-overrides: remove overrides for kinto-http-client.js No override needed for this file, it's not included any more. thunderbird (1:76.0~b2-1) experimental; urgency=medium . * [87988db] d/control: increase B-D for cargo to 0.42 * [b9b0dfd] rebuild patch queue from patch-queue branch removed patch: debian-hacks/Ignore-version-check-for-cargo.patch * [8386db0] d/control: Remove B-D on libjson-dev and libsqlite3-dev The built uses internal copies for libjson and libsqlite as there are made modifications to them. For now we can decrease the list of build dependencies by removing this two packages. * [6324222] New upstream version 76.0~b2 * [629b3bb] d/rules: Remove default compiler flag No needed for '-Wl,--as-needed' any more, it's default now. thunderbird (1:76.0~b1-1) experimental; urgency=medium . * [b52cd52] d/c-thunderbird-l10n-tarball.sh: change upstream resource Upstream has changed the folder were we can find the language providing XPI packages. They simply moved over from linux-i686 to linux-x86_64. * [22e697a] d/rules: drop set up of LIGHTNING_VERSION variable We don't need this variable any more for building the packages (like all the lightning-foo named stuff), there is no dedicated Lighting named stuff around. * [4ad871b] d/gbp.conf: Remove additional tarball for lightning-l10n git-buildpackage won't find this additional tarball as it's not needed starting by the import of the next upstream version (this is 76.0b1). * [25d8d42] d/c-l-l10n-t.sh: Remove helper script We also don't need to build the l10n specific additional tarball for Lighting related parts any more. Dropping this helper script. * [9d33d06] d/README.source: Remove part of lightning-l10n * [b063d7f] New upstream version 76.0~b1 * [e7a23ec] rebuild patch queue from patch-queue branch removed patches (not needed or included upstream): debian-hacks/Build-against-system-libjsoncpp.patch debian-hacks/Downgrade-SQlite-version-to-3.27.2.patch fixes/Bug-1531309-Don-t-use-__PRETTY_FUNCTION__-or-__FUNCTION__.patch fixes/Bug-1560340-Only-add-confvars.sh-as-a-dependency-to-confi.patch . added patches: debian-hacks/Ignore-version-check-for-cargo.patch lower-down-required-version-on-NSS3.patch * [94d8593] d/control: adding new packages thunderbird-l10n-{cak,kab,uz} After the final release of Thunderbird 68.0 new l10n support for the languages Kacqhikel, Georgian and Uzbek was added. Reflect this by adding new binary packages for those languages. * [5397182] d/mozconfig.default: remove option for system-sqlite Upstream is using their own version of an modified SQLite now and has dropping the additional configure option about this. * [abb0ded] d/control: increase various versions in B-D The current source requires some more recent versions of the helping tools for building the sources as usual. * [abfc8b2] d/rules: remove any action related to old lightning stuff As the sources doesn't have any Lightning specific parts any more we need to adjust the build process within debina/rules a bit. Thus dropping all the rules around Lighting things. * [f95b3ad] d/control: Turn lightning into transitional package For now switch the behaviour of the lightning package into a transitional one. We might can drop the whole package rather soon. * [c3062cb] d/thunderbird.install: Remove blocklist.xml Don't install the file blocklist.xml any more, it's now not shipped by upstream any more. * [856e99e] d/mozconfig.thunderbird: Remove --enable-calendar Previously the build of the Lightning extension was needed to get enabled to built this as an extension. Now it's fully integrated into the core this configure option isn't needed any longer. * [5551a8a] d/copyright: update content As usual there is some moving within the source code between the major versions, reflect this by adjusting the content of the copyright file. * [21e9b7f] lintian-overrides: adjust overrides for needed files Also the override file for the source is needing some adjustments. * [f25ddc4] d/source.filter: update the filter sequences The control for filtering non needed stuff from the upstream tarball must also get adjusted due changed versions, moved folders etc. * [e4a81ba] d/thunderbird.install: Install also appdata.xml Upstream is providing an AppStream data file which we want install mow also. * [80385c9] d/source.filter: Sorting entries alphabetically No functional modifications, just sorting entries to find stuff more easily. * [585cf0a] d/thunderbird.lintian-overrides: update after config changes We also need to modify the content for Lintian overrides for the thunderbird package a bit. Thunderbird comes now (again) with own versions of the libraries libtheora and libjsoncpp. Mostly because Mozilla has made some own modifications within these libraries. thunderbird (1:68.12.0-1) unstable; urgency=medium . * [103cab7] New upstream version 68.12.0 Fixed CVE issues in upstream version 68.11.0 (MFSA 2020-35): CVE-2020-15663: Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege CVE-2020-15664: Attacker-induced prompt for extension installation CVE-2020-15669: Use-After-Free when aborting an operation tigervnc (1.9.0+dfsg-3+deb10u3) buster; urgency=high . [ Joachim Falk ] * Properly store certificate exceptions in native and java VNC viewer. The VNC viewers stored the certificate exceptions as authorities, meaning that the owner of a certificate could impersonate any server after a client had added an exception. This is issue CVE-2020-26117 (Closes: #971272). tor (0.3.5.12-1) buster; urgency=medium . * New upstream version, updating Tor in stable (cf. #975297). transmission (2.94-2+deb10u2) buster; urgency=medium . * Fix mem leak (Closes: #968097) tzdata (2020d-0+deb10u1) buster; urgency=medium . * New upstream version, affecting the following future timestamp: - Palestine ends DST earlier than predicted, on 2020-10-24. - Fiji starts DST later than usual, on 2020-12-20. tzdata (2020c-1) unstable; urgency=medium . * New upstream version, affecting the following future timestamp: - Fiji starts DST later than usual, on 2020-12-20. tzdata (2020b-1) unstable; urgency=medium . * New upstream version, affecting the following past and future timestamps: - Revised predictions for Morocco's changes starting in 2023. - Macquarie Island has stayed in sync with Tasmania since 2011. - Casey, Antarctica is at +08 in winter and +11 in summer since 2018. * Update German debconf translation, by Helge Kreutzmann. Closes: #960783. * Update Dutch debconf translation, by Frans Spiesschaert. Closes: #963007. * Update Portuguese debconf translation, by Rui Branco. Closes: #871051. * Update debian/upstream/signing-key.asc. * Get rid of old SystemV timezones, as this has been fully removed upstream. Convert existing configuration to the "new" America/* names. * Drop pacificnew support, it has been removed upstream. tzdata (2020b-0+deb10u1) buster; urgency=medium . * New upstream version, affecting the following past and future timestamps: - Revised predictions for Morocco's changes starting in 2023. - Macquarie Island has stayed in sync with Tasmania since 2011. - Casey, Antarctica is at +08 in winter and +11 in summer since 2018. * Restore the pacificnew and systemv files that have been removed upstream. The corresponding timezones have been removed from the bullseye/sid package, with the switch to the new names handle by the maintainer scripts. However we do not want to transition to the new names in a stable release. * Update debian/upstream/signing-key.asc. tzdata (2020a-1) unstable; urgency=medium . * New upstream version, affecting the following future timestamps: - Morocco springs forward on 2020-05-31, not 2020-05-24. - Canada's Yukon advanced to -07 year-round on 2020-03-08. * Bump Standards-Version to 4.5.0 (no changes). ublock-origin (1.30.0+dfsg-1~deb10u1) buster; urgency=medium . * Backport version 1.30.0+dfsg to Buster. * Revert to debhelper level 12. ublock-origin (1.29.0+dfsg-2) unstable; urgency=medium . * Update debian/copyright. Readd codemirror license which got accidentally removed and two new fonts licenses. (Closes: #969742) ublock-origin (1.29.0+dfsg-1) unstable; urgency=medium . * New upstream version 1.29.0+dfsg. - Restore compatibility with Firefox 80. (Closes: #969123) * Restore compatibility with Chromium. Add new binary package webext-ublock-origin-chromium. (Closes: #954097) ublock-origin (1.28.0+dfsg-1) unstable; urgency=medium . * New upstream version 1.28.0+dfsg. (Closes: #952645) * Remove obsolete binary packages xul-ext-ublock-origin and chromium-ublock-origin. (Closes: #908158) * Install the Firefox version into webext-ublock-origin. Temporarily only the Firefox web browser is supported. A new version of ublock-origin is currently waiting in the ftp-master's NEW queue. As soon as this version enters Debian, both web browsers, Chromium and Firefox, will be supported again. * Fix the wrong version number in both Firefox and Chromium manifest files. (Closes: #946796) ublock-origin (1.25.0+dfsg-1) experimental; urgency=medium . * New upstream version 1.25.0+dfsg. (Closes: #952645) * Remove obsolete binary packages xul-ext-ublock-origin and chromium-ublock-origin. (Closes: #908158) * Make webext-ublock-origin a transitional package. From now on users need to install the browser-specific addon versions,either webext-ublock-origin-firefox or webext-ublock-origin-chromium. Please also read /usr/share/doc/webext-ublock-origin/NEWS. Providing just a single binary package for both web browsers was not a viable solution due to sandboxing limitations. (Closes: #946808, #911098) * Fix the wrong version number in both Firefox and Chromium manifest files. (Closes: #946796) ublock-origin (1.22.2+dfsg-2) unstable; urgency=medium . * Update debian/copyright. Add some missing file paths and the MIT license. (Closes: #956268) ublock-origin (1.22.2+dfsg-1) unstable; urgency=medium . * New upstream version 1.22.2+dfsg. vips (8.7.4-1+deb10u1) buster; urgency=medium . * Fix CVE-2020-20739: variable used-before-set error in im_vips2dz() . wordpress (5.0.11+dfsg1-0+deb10u1) buster-security; urgency=high . * Security release, fixes 8 bugs Closes: #973562 - CVE-2020-28039: Protected meta that could lead to arbitrary file deletion. - CVE-2020-28035: XML-RPC privilege escalation. - CVE-2020-28036: XML-RPC privilege escalation. - CVE-2020-28032: Hardening deserialization requests. - CVE-2020-28037: DoS attack could lead to RCE. - CVE-2020-28038: Stored XSS in post slugs. - CVE-2020-28033: Disable spam embeds from disabled sites on a multisite network. - CVE-2020-28034: Cross-Site Scripting (XSS) via global variables. - CVE-2020-28040: CSRF attacks that change a theme's background image. * Remove duplicated changeset 45974 Closes: #971914 x11vnc (0.9.13-6+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * scan: limit access to shared memory segments to current user (CVE-2020-29074) (Closes: #975875) xen (4.11.4+37-g3263f257ca-1) buster-security; urgency=high . * Update to new upstream version 4.11.4+37-g3263f257ca, which also contains security fixes for the following issues: - x86 pv: Crash when handling guest access to MSR_MISC_ENABLE XSA-333 CVE-2020-25602 - race when migrating timers between x86 HVM vCPU-s XSA-336 CVE-2020-25604 - PCI passthrough code reading back hardware registers XSA-337 CVE-2020-25595 - once valid event channels may not turn invalid XSA-338 CVE-2020-25597 - x86 pv guest kernel DoS via SYSENTER XSA-339 CVE-2020-25596 - Missing memory barriers when accessing/allocating an event channel XSA-340 CVE-2020-25603 - out of bounds event channels available to 32-bit x86 domains XSA-342 CVE-2020-25600 - races with evtchn_reset() XSA-343 CVE-2020-25599 - lack of preemption in evtchn_reset() / evtchn_destroy() XSA-344 CVE-2020-25601 * Note that with this update, we will be detaching the Buster updates from the Xen version in Debian unstable, which will get a newer Xen version RSN. xen (4.11.4+24-gddaaccbbab-1) unstable; urgency=medium . * Update to new upstream version 4.11.4+24-gddaaccbbab, which also contains security fixes for the following issues: - inverted code paths in x86 dirty VRAM tracking XSA-319 CVE-2020-15563 - Special Register Buffer speculative side channel XSA-320 CVE-2020-0543 N.B: To mitigate this issue, new cpu microcode is required. The changes in Xen provide a workaround for affected hardware that is not receiving a vendor microcode update. Please refer to the upstream XSA-320 Advisory text for more details. - insufficient cache write-back under VT-d XSA-321 CVE-2020-15565 - Missing alignment check in VCPUOP_register_vcpu_info XSA-327 CVE-2020-15564 - non-atomic modification of live EPT PTE XSA-328 CVE-2020-15567 yaws (2.0.6+dfsg-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Reject external entities in DAV requests (CVE-2020-24379) * Fix unused variable warning * Sanitize CGI requests (CVE-2020-24916) ======================================= Sat, 26 Sep 2020 - Debian 10.6 released ======================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:07:04 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-9-all-amd64 | 4.19.118-2+deb10u1 | amd64 linux-headers-4.19.0-9-amd64 | 4.19.118-2+deb10u1 | amd64 linux-headers-4.19.0-9-cloud-amd64 | 4.19.118-2+deb10u1 | amd64 linux-headers-4.19.0-9-rt-amd64 | 4.19.118-2+deb10u1 | amd64 linux-image-4.19.0-9-amd64-dbg | 4.19.118-2+deb10u1 | amd64 linux-image-4.19.0-9-amd64-unsigned | 4.19.118-2+deb10u1 | amd64 linux-image-4.19.0-9-cloud-amd64-dbg | 4.19.118-2+deb10u1 | amd64 linux-image-4.19.0-9-cloud-amd64-unsigned | 4.19.118-2+deb10u1 | amd64 linux-image-4.19.0-9-rt-amd64-dbg | 4.19.118-2+deb10u1 | amd64 linux-image-4.19.0-9-rt-amd64-unsigned | 4.19.118-2+deb10u1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:07:15 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-9-all-mipsel | 4.19.118-2+deb10u1 | mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:07:27 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el btrfs-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el cdrom-core-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el compress-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el crc-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el crypto-dm-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el crypto-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el event-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el ext4-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el fancontrol-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el fat-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el fb-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el firewire-core-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el fuse-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el hypervisor-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el i2c-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el input-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el isofs-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el jfs-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el kernel-image-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el linux-headers-4.19.0-9-all-ppc64el | 4.19.118-2+deb10u1 | ppc64el linux-headers-4.19.0-9-powerpc64le | 4.19.118-2+deb10u1 | ppc64el linux-image-4.19.0-9-powerpc64le | 4.19.118-2+deb10u1 | ppc64el linux-image-4.19.0-9-powerpc64le-dbg | 4.19.118-2+deb10u1 | ppc64el loop-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el md-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el mouse-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el mtd-core-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el multipath-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el nbd-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el nic-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el nic-shared-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el nic-usb-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el nic-wireless-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el ppp-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el sata-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el scsi-core-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el scsi-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el scsi-nic-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el serial-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el squashfs-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el udf-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el uinput-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el usb-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el usb-serial-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el usb-storage-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el xfs-modules-4.19.0-9-powerpc64le-di | 4.19.118-2+deb10u1 | ppc64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:07:39 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: btrfs-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x cdrom-core-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x compress-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x crc-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x crypto-dm-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x crypto-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x dasd-extra-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x dasd-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x ext4-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x fat-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x fuse-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x isofs-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x kernel-image-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x linux-headers-4.19.0-9-all-s390x | 4.19.118-2+deb10u1 | s390x linux-headers-4.19.0-9-s390x | 4.19.118-2+deb10u1 | s390x linux-image-4.19.0-9-s390x | 4.19.118-2+deb10u1 | s390x linux-image-4.19.0-9-s390x-dbg | 4.19.118-2+deb10u1 | s390x loop-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x md-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x mtd-core-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x multipath-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x nbd-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x nic-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x scsi-core-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x scsi-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x udf-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x xfs-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x zlib-modules-4.19.0-9-s390x-di | 4.19.118-2+deb10u1 | s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:08:01 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-9-all | 4.19.118-2+deb10u1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:08:17 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-9-all-arm64 | 4.19.118-2+deb10u1 | arm64 linux-headers-4.19.0-9-arm64 | 4.19.118-2+deb10u1 | arm64 linux-headers-4.19.0-9-rt-arm64 | 4.19.118-2+deb10u1 | arm64 linux-image-4.19.0-9-arm64-dbg | 4.19.118-2+deb10u1 | arm64 linux-image-4.19.0-9-arm64-unsigned | 4.19.118-2+deb10u1 | arm64 linux-image-4.19.0-9-rt-arm64-dbg | 4.19.118-2+deb10u1 | arm64 linux-image-4.19.0-9-rt-arm64-unsigned | 4.19.118-2+deb10u1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:08:35 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: btrfs-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel cdrom-core-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel compress-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel crc-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel crypto-dm-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel crypto-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel event-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel ext4-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel fat-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel fb-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel fuse-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel input-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel ipv6-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel isofs-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel jffs2-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel jfs-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel kernel-image-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel leds-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel linux-headers-4.19.0-9-all-armel | 4.19.118-2+deb10u1 | armel linux-headers-4.19.0-9-marvell | 4.19.118-2+deb10u1 | armel linux-headers-4.19.0-9-rpi | 4.19.118-2+deb10u1 | armel linux-image-4.19.0-9-marvell | 4.19.118-2+deb10u1 | armel linux-image-4.19.0-9-marvell-dbg | 4.19.118-2+deb10u1 | armel linux-image-4.19.0-9-rpi | 4.19.118-2+deb10u1 | armel linux-image-4.19.0-9-rpi-dbg | 4.19.118-2+deb10u1 | armel loop-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel md-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel minix-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel mmc-core-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel mmc-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel mouse-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel mtd-core-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel mtd-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel multipath-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel nbd-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel nic-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel nic-shared-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel nic-usb-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel ppp-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel sata-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel scsi-core-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel squashfs-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel udf-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel uinput-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel usb-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel usb-serial-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel usb-storage-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel zlib-modules-4.19.0-9-marvell-di | 4.19.118-2+deb10u1 | armel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:08:45 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf btrfs-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf cdrom-core-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf compress-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf crc-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf crypto-dm-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf crypto-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf efi-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf event-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf ext4-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf fat-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf fb-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf fuse-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf i2c-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf input-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf isofs-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf jfs-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf kernel-image-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf leds-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf linux-headers-4.19.0-9-all-armhf | 4.19.118-2+deb10u1 | armhf linux-headers-4.19.0-9-armmp | 4.19.118-2+deb10u1 | armhf linux-headers-4.19.0-9-armmp-lpae | 4.19.118-2+deb10u1 | armhf linux-headers-4.19.0-9-rt-armmp | 4.19.118-2+deb10u1 | armhf linux-image-4.19.0-9-armmp | 4.19.118-2+deb10u1 | armhf linux-image-4.19.0-9-armmp-dbg | 4.19.118-2+deb10u1 | armhf linux-image-4.19.0-9-armmp-lpae | 4.19.118-2+deb10u1 | armhf linux-image-4.19.0-9-armmp-lpae-dbg | 4.19.118-2+deb10u1 | armhf linux-image-4.19.0-9-rt-armmp | 4.19.118-2+deb10u1 | armhf linux-image-4.19.0-9-rt-armmp-dbg | 4.19.118-2+deb10u1 | armhf loop-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf md-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf mmc-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf mtd-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf multipath-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf nbd-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf nic-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf nic-shared-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf nic-usb-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf nic-wireless-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf pata-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf ppp-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf sata-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf scsi-core-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf scsi-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf scsi-nic-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf squashfs-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf udf-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf uinput-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf usb-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf usb-serial-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf usb-storage-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf zlib-modules-4.19.0-9-armmp-di | 4.19.118-2+deb10u1 | armhf ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:08:54 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-9-686 | 4.19.118-2+deb10u1 | i386 linux-headers-4.19.0-9-686-pae | 4.19.118-2+deb10u1 | i386 linux-headers-4.19.0-9-all-i386 | 4.19.118-2+deb10u1 | i386 linux-headers-4.19.0-9-rt-686-pae | 4.19.118-2+deb10u1 | i386 linux-image-4.19.0-9-686-dbg | 4.19.118-2+deb10u1 | i386 linux-image-4.19.0-9-686-pae-dbg | 4.19.118-2+deb10u1 | i386 linux-image-4.19.0-9-686-pae-unsigned | 4.19.118-2+deb10u1 | i386 linux-image-4.19.0-9-686-unsigned | 4.19.118-2+deb10u1 | i386 linux-image-4.19.0-9-rt-686-pae-dbg | 4.19.118-2+deb10u1 | i386 linux-image-4.19.0-9-rt-686-pae-unsigned | 4.19.118-2+deb10u1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:09:03 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-9-all-mips | 4.19.118-2+deb10u1 | mips ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:09:16 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel btrfs-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel cdrom-core-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel compress-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel crc-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel crypto-dm-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel crypto-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel event-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel ext4-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel fat-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel fuse-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel hfs-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel input-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel isofs-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel jfs-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel kernel-image-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel linux-headers-4.19.0-9-5kc-malta | 4.19.118-2+deb10u1 | mips, mips64el, mipsel linux-headers-4.19.0-9-octeon | 4.19.118-2+deb10u1 | mips, mips64el, mipsel linux-image-4.19.0-9-5kc-malta | 4.19.118-2+deb10u1 | mips, mips64el, mipsel linux-image-4.19.0-9-5kc-malta-dbg | 4.19.118-2+deb10u1 | mips, mips64el, mipsel linux-image-4.19.0-9-octeon | 4.19.118-2+deb10u1 | mips, mips64el, mipsel linux-image-4.19.0-9-octeon-dbg | 4.19.118-2+deb10u1 | mips, mips64el, mipsel loop-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel md-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel minix-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel multipath-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel nbd-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel nic-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel nic-shared-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel nic-usb-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel nic-wireless-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel pata-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel ppp-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel rtc-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel sata-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel scsi-core-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel scsi-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel scsi-nic-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel sound-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel squashfs-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel udf-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel usb-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel usb-serial-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel usb-storage-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel xfs-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel zlib-modules-4.19.0-9-octeon-di | 4.19.118-2+deb10u1 | mips, mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:09:32 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel ata-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel btrfs-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel cdrom-core-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel compress-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel crc-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel crypto-dm-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel crypto-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel event-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel ext4-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel fat-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel fb-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel fuse-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel hfs-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel i2c-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel input-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel isofs-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel jfs-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel kernel-image-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel linux-headers-4.19.0-9-4kc-malta | 4.19.118-2+deb10u1 | mips, mipsel linux-image-4.19.0-9-4kc-malta | 4.19.118-2+deb10u1 | mips, mipsel linux-image-4.19.0-9-4kc-malta-dbg | 4.19.118-2+deb10u1 | mips, mipsel loop-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel md-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel minix-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel mmc-core-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel mmc-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel mouse-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel mtd-core-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel multipath-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel nbd-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel nic-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel nic-shared-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel nic-usb-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel nic-wireless-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel pata-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel ppp-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel sata-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel scsi-core-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel scsi-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel scsi-nic-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel sound-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel squashfs-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel udf-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel usb-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel usb-serial-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel usb-storage-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel xfs-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel zlib-modules-4.19.0-9-4kc-malta-di | 4.19.118-2+deb10u1 | mips, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:09:46 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el ata-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el btrfs-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el cdrom-core-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el compress-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el crc-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el crypto-dm-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el crypto-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el event-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el ext4-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el fat-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el fb-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el fuse-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el hfs-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el i2c-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el input-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el isofs-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el jfs-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el kernel-image-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el linux-headers-4.19.0-9-all-mips64el | 4.19.118-2+deb10u1 | mips64el loop-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el md-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el minix-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el mmc-core-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el mmc-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el mouse-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el mtd-core-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el multipath-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el nbd-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el nic-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el nic-shared-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el nic-usb-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el nic-wireless-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el pata-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el ppp-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el sata-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el scsi-core-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el scsi-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el scsi-nic-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el sound-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el squashfs-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el udf-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el usb-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el usb-serial-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el usb-storage-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el xfs-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el zlib-modules-4.19.0-9-5kc-malta-di | 4.19.118-2+deb10u1 | mips64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:10:10 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel ata-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel btrfs-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel cdrom-core-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel compress-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel crc-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel crypto-dm-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel crypto-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel event-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel ext4-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel fat-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel fb-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel firewire-core-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel fuse-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel hfs-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel input-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel isofs-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel jfs-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel kernel-image-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel linux-headers-4.19.0-9-loongson-3 | 4.19.118-2+deb10u1 | mips64el, mipsel linux-image-4.19.0-9-loongson-3 | 4.19.118-2+deb10u1 | mips64el, mipsel linux-image-4.19.0-9-loongson-3-dbg | 4.19.118-2+deb10u1 | mips64el, mipsel loop-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel md-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel minix-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel mtd-core-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel multipath-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel nbd-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel nfs-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel nic-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel nic-shared-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel nic-usb-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel nic-wireless-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel pata-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel ppp-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel sata-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel scsi-core-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel scsi-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel scsi-nic-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel sound-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel speakup-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel squashfs-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel udf-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel usb-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel usb-serial-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel usb-storage-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel xfs-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel zlib-modules-4.19.0-9-loongson-3-di | 4.19.118-2+deb10u1 | mips64el, mipsel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:10:21 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: acpi-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 ata-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 btrfs-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 cdrom-core-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 compress-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 crc-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 crypto-dm-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 crypto-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 efi-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 event-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 ext4-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 fat-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 fb-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 firewire-core-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 fuse-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 i2c-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 input-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 isofs-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 jfs-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 kernel-image-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 linux-image-4.19.0-9-amd64 | 4.19.118-2+deb10u1 | amd64 linux-image-4.19.0-9-cloud-amd64 | 4.19.118-2+deb10u1 | amd64 linux-image-4.19.0-9-rt-amd64 | 4.19.118-2+deb10u1 | amd64 loop-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 md-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 mmc-core-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 mmc-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 mouse-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 mtd-core-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 multipath-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 nbd-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 nic-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 nic-pcmcia-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 nic-shared-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 nic-usb-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 nic-wireless-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 pata-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 pcmcia-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 pcmcia-storage-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 ppp-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 sata-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 scsi-core-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 scsi-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 scsi-nic-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 serial-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 sound-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 speakup-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 squashfs-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 udf-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 uinput-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 usb-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 usb-serial-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 usb-storage-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 xfs-modules-4.19.0-9-amd64-di | 4.19.118-2+deb10u1 | amd64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-amd64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:10:33 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: ata-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 btrfs-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 cdrom-core-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 compress-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 crc-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 crypto-dm-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 crypto-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 efi-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 event-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 ext4-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 fat-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 fb-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 fuse-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 i2c-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 input-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 isofs-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 jfs-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 kernel-image-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 leds-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 linux-image-4.19.0-9-arm64 | 4.19.118-2+deb10u1 | arm64 linux-image-4.19.0-9-rt-arm64 | 4.19.118-2+deb10u1 | arm64 loop-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 md-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 mmc-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 mtd-core-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 multipath-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 nbd-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 nic-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 nic-shared-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 nic-usb-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 nic-wireless-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 ppp-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 sata-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 scsi-core-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 scsi-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 scsi-nic-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 squashfs-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 udf-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 uinput-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 usb-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 usb-serial-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 usb-storage-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 xfs-modules-4.19.0-9-arm64-di | 4.19.118-2+deb10u1 | arm64 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-arm64) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:10:47 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: acpi-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 acpi-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 ata-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 ata-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 btrfs-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 btrfs-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 cdrom-core-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 cdrom-core-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 compress-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 compress-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 crc-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 crc-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 crypto-dm-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 crypto-dm-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 crypto-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 crypto-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 efi-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 efi-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 event-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 event-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 ext4-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 ext4-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 fat-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 fat-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 fb-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 fb-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 firewire-core-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 firewire-core-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 fuse-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 fuse-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 i2c-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 i2c-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 input-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 input-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 isofs-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 isofs-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 jfs-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 jfs-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 kernel-image-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 kernel-image-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 linux-image-4.19.0-9-686 | 4.19.118-2+deb10u1 | i386 linux-image-4.19.0-9-686-pae | 4.19.118-2+deb10u1 | i386 linux-image-4.19.0-9-rt-686-pae | 4.19.118-2+deb10u1 | i386 loop-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 loop-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 md-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 md-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 mmc-core-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 mmc-core-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 mmc-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 mmc-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 mouse-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 mouse-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 mtd-core-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 mtd-core-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 multipath-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 multipath-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 nbd-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 nbd-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 nic-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 nic-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 nic-pcmcia-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 nic-pcmcia-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 nic-shared-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 nic-shared-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 nic-usb-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 nic-usb-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 nic-wireless-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 nic-wireless-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 pata-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 pata-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 pcmcia-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 pcmcia-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 pcmcia-storage-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 pcmcia-storage-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 ppp-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 ppp-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 sata-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 sata-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 scsi-core-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 scsi-core-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 scsi-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 scsi-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 scsi-nic-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 scsi-nic-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 serial-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 serial-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 sound-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 sound-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 speakup-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 speakup-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 squashfs-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 squashfs-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 udf-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 udf-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 uinput-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 uinput-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 usb-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 usb-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 usb-serial-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 usb-serial-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 usb-storage-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 usb-storage-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 xfs-modules-4.19.0-9-686-di | 4.19.118-2+deb10u1 | i386 xfs-modules-4.19.0-9-686-pae-di | 4.19.118-2+deb10u1 | i386 ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux-signed-i386) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 09:11:23 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: linux-headers-4.19.0-9-common | 4.19.118-2+deb10u1 | all linux-headers-4.19.0-9-common-rt | 4.19.118-2+deb10u1 | all linux-support-4.19.0-9 | 4.19.118-2+deb10u1 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by linux - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 08:52:40 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: libstd-rust-1.34 | 1.34.2+dfsg1-1 | amd64, arm64, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by rustc - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Sep 2020 08:54:18 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: librust-cbindgen-dev | 0.8.7-1 | amd64, arm64, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by rustc - based on source metadata) ---------------------------------------------- ========================================================================= apache2 (2.4.38-3+deb10u4) buster-security; urgency=high . * Import http2 modules from 2.4.46 (Closes: CVE-2020-9490, CVE-2020-11993) * Fix error out on HTTP header larger than 16K (Closes: CVE-2020-11984) * Fix bad regexp in mod_rewrite (Closes: CVE-2020-1927) * Fix uninitialized memory when proxying to a malicious FTP server (Closes: CVE-2020-1934) arch-test (0.15-2+deb10u1) buster; urgency=medium . * Fix s390x detection sometimes failing (Alexander Efremkin). ark (4:18.08.3-1+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Pass the ARCHIVE_EXTRACT_SECURE_SYMLINKS flag to libarchive (CVE-2020-24654) (Closes: #969437) ark (4:18.08.3-1+deb10u1) buster-security; urgency=medium . * CVE-2020-16116 asterisk (1:16.2.1~dfsg-1+deb10u2) buster; urgency=medium . * CVE-2019-15297: AST-2019-004 Crash when negotiating for T.38 with a declined stream (Closes: #940060) * CVE-2019-18790: AST-2019-006 SIP request can change address of a SIP peer (Closes: #947381) * CVE-2019-18610: AST-2019-007 AMI user could execute system commands (Closes: #947377) * Fix use-after-free with TEST_FRAMEWORK enabled (Closes: #966334) * Fix segfault in pjsip show history with IPv6 peers (Closes: #882145) bacula (9.4.2-2+deb10u1) buster; urgency=medium . * Backport fix from upstream for CVE-2020-11061: oversized digest strings allow a malicious client to cause a heap overflow in the director's memory base-files (10.3+deb10u6) buster; urgency=medium . * Change /etc/debian_version to 10.6, for Debian 10.6 point release. bind9 (1:9.11.5.P4+dfsg-5.1+deb10u2) buster-security; urgency=high . [ Salvatore Bonaccorso ] * [CVE-2020-8622] Properly handle malformed truncated responses to TSIG queries * [CVE-2020-8623] Fix crash in pk11_numbits() with crafted packet when native-pkcs11 is used * Wait more than 1 second for NSEC3 chain changes * [CVE-2020-8624] Fix processing of "update-policy" rules of type "subdomain" (Closes: #966497) . [ Ondřej Surý ] * [CVE-2020-8619]: It was possible to trigger a INSIST when a zone with interior (non-leaf) wildcard label calamares-settings-debian (10.0.20-1+deb10u4) buster; urgency=medium . * Disable displaymanager module, reverting the change from deb10u2 (Closes: #968267) cargo (0.43.1-3~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport to buster. * Vendor libgit2, the system one is too old. * Revert changes to the cargo wrapper: use debian/DEB_CARGO_PACKAGE rather than DESTDIR as the latter is not automatically set by buster's debhelper. * Bump build-dependency on rustc to 1.41. cargo (0.43.1-2) unstable; urgency=medium . * cargo-debian-wrapper: don't install /usr/.crates2.json. (Closes: #958301) cargo (0.43.1-1) unstable; urgency=medium . [ Fabian Grünbichler ] * New upstream release. cargo (0.40.0-3) unstable; urgency=medium . * debian cargo wrapper: drop DEB_CARGO_PACKAGE in favour of the more standardised DESTDIR. * Experimental riscv64 support. cargo (0.40.0-2) unstable; urgency=medium . * Restore patch for pkg-config crate to auto-detect Debian cross-compiling. * Add patch for backtrace-sys to auto-detect Debian cross-compiling. cargo (0.40.0-1) unstable; urgency=medium . [ Sylvestre Ledru ] * Ship the zsh completion (Closes: #941437) . [ Ximin Luo ] * New upstream release. cargo (0.37.0-3) unstable; urgency=medium . * Update 2001_more_portable_rustflags.patch, fixes mips FTBFS cargo (0.37.0-2) unstable; urgency=medium . * Bump serde vendored crate version up to 1.0.96 to avoid issue when compiling with atomics (the default). cargo (0.37.0-1) unstable; urgency=medium . * New upstream release. chocolate-doom (3.0.0-4+deb10u1) buster; urgency=medium . * CVE-2020-14983 chrony (3.4-4+deb10u1) buster; urgency=medium . * debian/patches/: - Add create-new-file-when-writing-pidfile.patch to prevent symlink race when writing to PID file (CVE-2020-14367). . * debian/tests/: - Fix a regression when running upstream-simulation-test-suite autopkgtest on Buster. . [ Matt Corallo ] * debian/usr.sbin.chronyd: - Fix temperature reading. (Closes: #970421) debian-installer (20190702+deb10u6) buster; urgency=medium . * Bump Linux ABI to 4.19.0-11. debian-installer-netboot-images (20190702+deb10u6) buster; urgency=medium . * Update to 20190702+deb10u6, from buster-proposed-updates. diaspora-installer (0.7.6.1+debian1+deb10u1) buster; urgency=medium . * Use --frozen option to bundle install to use upstream Gemfile.lock * Don't exclude Gemfile.lock during upgrades * Don't overiwrite config/oidc_key.pem during upgrades * Make config/schedule.yml writeable (Closes: #926968) dojo (1.14.2+dfsg1-1+deb10u2) buster; urgency=medium . * Team upload * Fix prototype pollution in deepCopy method (Closes: #953585, CVE-2020-5258) * Fix Prototype Pollution in jqMix method (Closes: #953587, CVE-2020-5259) dovecot (1:2.3.4.1-5+deb10u4) buster; urgency=medium . * Import upstream fix for dsync sieve filter sync regression (Closes: #930919) * userdb-passwd: Fix getpwent errno handling (Closes: #928492) dovecot (1:2.3.4.1-5+deb10u3) buster-security; urgency=high . * Fix CVE-2020-12100 - Receiving mail with deeply nested MIME parts leads to resource exhaustion as Dovecot attempts to parse it. * CVE-2020-12673 - Dovecot's NTLM implementation does not correctly check message buffer size, which leads to reading past allocation which can lead to crash. * CVE-2020-12674 - Dovecot's RPA mechanism implementation accepts zero-length message, which leads to assert-crash later on. facter (3.11.0-2+deb10u2) buster; urgency=medium . * Change Google GCE Metadata endpoint from "v1beta1" to "v1". Adds patch debian/patches/FACT-2018-update-gce-metadata-endpoint.patch (Closes: #966374) firefox-esr (68.12.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release * Fixes for mfsa2020-37, also known as CVE-2020-15664 and CVE-2020-15669. firefox-esr (68.11.0esr-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-31, also known as: CVE-2020-15652, CVE-2020-6514, CVE-2020-6463, CVE-2020-15659. firefox-esr (68.11.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release * Fixes for mfsa2020-31, also known as: CVE-2020-15652, CVE-2020-6514, CVE-2020-6463, CVE-2020-15659. firefox-esr (68.10.0esr-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-25, also known as: CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421. firejail (0.9.58.2-2+deb10u1) buster-security; urgency=high . * Import security fixes for CVE-2020-17367 and CVE-2020-17368: - don't interpret output arguments after end-of-options tag - don't pass command line through shell when redirecting output ghostscript (9.27~dfsg-2+deb10u4) buster-security; urgency=medium . * CVE-2020-16287 CVE-2020-16288 CVE-2020-16289 CVE-2020-16290 * CVE-2020-16291 CVE-2020-16292 CVE-2020-16293 CVE-2020-16294 * CVE-2020-16295 CVE-2020-16296 CVE-2020-17538 CVE-2020-16297 * CVE-2020-16298 CVE-2020-16299 CVE-2020-16300 CVE-2020-16301 * CVE-2020-16302 CVE-2020-16303 CVE-2020-16304 CVE-2020-16305 * CVE-2020-16306 CVE-2020-16307 CVE-2020-16308 CVE-2020-16309 * CVE-2020-16310 gnome-maps (3.30.3.1-0+deb10u1) buster; urgency=medium . * Non-maintainer upload * New upstream release - Make the shape layer renderer use the tile size specified in the dynamic service file, fixing an issue with misaligned shape layer (GeoJSON, GPX, KML) rendering with the new 512 pixel tile - Update Icelandic translation gnome-shell (3.30.2-11~deb10u2) buster; urgency=medium . * Team upload . [ Mike Gabriel ] * debian/patches: + Add loginDialog-*_CVE-2020-17498.patch. loginDialog: Reset auth prompt on vt switch before fade in. (Closes: #968311. CVE-2020-17489). gnome-weather (3.26.0-6~deb10u1) buster; urgency=medium . * Team upload * Upload to stable to fix #935090 * d/gbp.conf: Set packaging and upstream branches for Debian 10 stable updates . gnome-weather (3.26.0-6) unstable; urgency=medium . * Team upload * d/p/app-Use-find_nearest_city-instead-of-new_detached.patch, d/p/shared-world.js-don-t-use-detached-location-from-settings.patch: Add patches from version 3.32.1 to prevent a crash when the locations configured are invalid. In particular, this is a prerequisite for correcting the airport code for Lima in #935075, because otherwise, gnome-weather would read the old airport code from dconf on startup, and crash. Thanks to Diego Escalante Urrelo. (Closes: #935090) * d/gbp.conf: Set packaging branch to debian/unstable. debian/master is now tracking newer GNOME releases. grunt (1.0.1-8+deb10u1) buster; urgency=medium . * Team upload * Use `safeLoad` for loading YML files via `file.readYAML` (Closes: #969668, CVE-2020-7729) gssdp (1.0.5-0+deb10u1) buster; urgency=medium . * New upstream stable release. * Add get_address_mask needed by gupnp for the CVE-2020-12695 fix. gupnp (1.0.5-0+deb10u1) buster; urgency=medium . * New upstream stable release. * CVE-2020-12695: CallStranger prevention. + Needs GSSDP 1.0.5. * Fix a UAF in the CVE-2020-12695 changes. haproxy (1.8.19-1+deb10u3) buster; urgency=medium . * d/logrotate.conf: use rsyslog helper instead of SysV init script. Closes: #946973. * d/patches: reject messages where "chunked" is missing from transfer-encoding. CVE-2019-18277. icinga2 (2.10.3-2+deb10u1) buster; urgency=medium . * Team upload. * Update branch in gbp.conf & Vcs-Git URL. * Add upstream patch to fix CVE-2020-14004. (closes: #970252) icingaweb2 (2.6.2-3+deb10u1) buster-security; urgency=high . * Team upload. * Update branch in gbp.conf & Vcs-Git URL. * Add upstream patch to fix CVE-2020-24368. (closes: #968833) incron (0.5.12-1+deb10u1) buster; urgency=medium . * Add a patch to fix cleanup of zombie processes (Closes: #930526) inetutils (2:1.9.4-7+deb10u1) buster; urgency=medium . * CVE-2020-10188 (Closes: #956084) inspircd (2.0.27-1+deb10u1) buster-security; urgency=high . * Patch denial-of-service security vulnerabilities (Closes: #960650) + in m_mysql (CVE-2019-20917 / InspIRCd Security Advisory 2019-02) + in m_pgsql (CVE-2020-25269 / InspIRCd Security Advisory 2020-01) json-c (0.12.1+ds-2+deb10u1) buster-security; urgency=high . * d/patches/611.patch: Add upstream patch to fix CVE-2020-12762 lemonldap-ng (2.0.2+ds-7+deb10u5) buster-security; urgency=high . * Fix Nginx configuration files in documentation (Closes: CVE-2020-24660) * Add debian/NEWS entry libcommons-compress-java (1.18-2+deb10u1) buster; urgency=medium . * Team upload. * Add patch for CVE-2019-12402 (Closes: #939610) libdbi-perl (1.642-1+deb10u1) buster; urgency=medium . * Fix memory corruption in XS functions when Perl stack is reallocated (Closes: CVE-2020-14392) * Fix a buffer overflow on an overlong DBD class name (Closes: CVE-2020-14393) * Fix a NULL profile dereference in dbi_profile() (Closes: CVE-2019-20919) libvncserver (0.9.11+dfsg-1.3+deb10u4) buster; urgency=medium . * CVE-2019-20839: libvncclient: bail out if unix socket name would overflow. * CVE-2020-14397: libvncserver: add missing NULL pointer checks. * CVE-2020-14399: libvncclient: fix pointer aliasing/alignment issue. * CVE-2020-14400: libvncserver: fix pointer aliasing/alignment issue. * CVE-2020-14401: libvncserver: scale: cast to 64 bit before shifting. * CVE-2020-14402, CVE-2020-14403, CVE-2020-14404: libvncserver: encodings: prevent OOB accesses. * CVE-2020-14405: libvncclient/rfbproto: limit max textchat size. libx11 (2:1.6.7-1+deb10u1) buster; urgency=medium . * CVE-2020-14344 * CVE-2020-14363 (Closes: #969008) lighttpd (1.4.53-4+deb10u1) buster; urgency=high . [ Glenn Strauss ] * QA upload. * backport security, bug, portability fixes from lighttpd 1.4.54, 1.4.55 + mod_evhost, mod_flv_streaming: [regression] %0 pattern does not match hostnames without the domain part https://redmine.lighttpd.net/issues/2932 + mod_magnet: Lighttpd crashes on wrong return type in lua script https://redmine.lighttpd.net/issues/2938 + failed assertion on incoming bad request with server.error-handler https://redmine.lighttpd.net/issues/2941 + mod_wstunnel: fix wstunnel.ping-interval for big-endian architectures https://redmine.lighttpd.net/issues/2944 + fix abort in server.http-parseopts with url-path-2f-decode enabled https://redmine.lighttpd.net/issues/2945 + remove repeated slashes in server.http-parseopts with url-path-dotseg-remove, including leading "//" + [regression][Bisected] lighttpd uses way more memory with POST since 1.4.52 https://redmine.lighttpd.net/issues/2948 (closes: #954759) + OPTIONS should return 2xx status for non-existent resources if Allow is set https://redmine.lighttpd.net/issues/2939 + use high precision stat timestamp (on systems where available) in etag + mod_authn_ldap/mod_cgi race condition, "Can't contact LDAP server" https://redmine.lighttpd.net/issues/2940 + SUN_LEN in sock_addr.c (1.4.53, 1.4.54) https://redmine.lighttpd.net/issues/2962 + Embedded vim command line in conf file with no comment (#) hangs server https://redmine.lighttpd.net/issues/2980 + mod_authn_gssapi: 500 if fail to delegate creds https://redmine.lighttpd.net/issues/2967 + mod_authn_gssapi: option to store delegated creds https://redmine.lighttpd.net/issues/2967 + mod_auth: require digest uri= match original URI HTTP digest authentication not compatible with some clients https://redmine.lighttpd.net/issues/2974 + mod_auth: send Authentication-Info nextnonce when nonce is approaching expiration + mod_auth: http_auth_const_time_memeq improvement + mod_auth: http_auth_const_time_memeq_pad() + mod_auth: use constant time comparison when comparing digests + stricter request header parsing: reject WS following header field-name https://redmine.lighttpd.net/issues/2985 + stricter request header parsing: reject Transfer-Encoding + Content-Length https://redmine.lighttpd.net/issues/2985 + mod_openssl: reject invalid ALPN + mod_accesslog: parse multiple cookies https://redmine.lighttpd.net/issues/2986 + preserve %2b and %2B in query string https://redmine.lighttpd.net/issues/2999 + mod_auth: close connection after bad password mitigation slows down brute force password attacks https://redmine.lighttpd.net/boards/3/topics/8885 + do not accept() > server.max-connections + update /var/run -> /run for systemd (closes: #929203) lilypond (2.19.81+really-2.18.2-13+deb10u1) buster-security; urgency=medium . * Disable embedded-postscript and embedded-svg in safe mode linux (4.19.146-1) buster; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.133 - [s390x] KVM: s390: reduce number of IO pins to 1 - regmap: fix alignment issue - [arm64,armhf] drm/tegra: hub: Do not enable orphaned window group - [arm64,armhf] gpu: host1x: Detach driver on unregister - spi: spidev: fix a race between spidev_release and spidev_remove - spi: spidev: fix a potential use-after-free in spidev_release() - ixgbe: protect ring accesses with READ- and WRITE_ONCE - i40e: protect ring accesses with READ- and WRITE_ONCE - [x86] drm: panel-orientation-quirks: Add quirk for Asus T101HA panel - [x86] drm: panel-orientation-quirks: Use generic orientation-data for Acer S1003 - cifs: update ctime and mtime during truncate - [armhf] imx6: add missing put_device() call in imx6q_suspend_init() - scsi: mptscsih: Fix read sense data size - [arm64] usb: dwc3: pci: Fix reference count leak in dwc3_pci_resume_work - block: release bip in a right way in error path - nvme-rdma: assign completion vector correctly - [x86] entry: Increase entry_stack size to a full page - net: cxgb4: fix return error value in t4_prep_fw - smsc95xx: check return value of smsc95xx_reset - smsc95xx: avoid memory leak in smsc95xx_bind - [arm64] net: hns3: fix use-after-free when doing self test - [x86] ALSA: compress: fix partial_drain completion state - nbd: Fix memory leak in nbd_add_socket - cxgb4: fix all-mask IP address comparison - bnxt_en: fix NULL dereference in case SR-IOV configuration fails - [arm64] net: macb: mark device wake capable when "magic-packet" property present - ALSA: opl3: fix infoleak in opl3 - ALSA: hda - let hs_mic be picked ahead of hp_mic - ALSA: usb-audio: add quirk for MacroSilicon MS2109 - [arm64] KVM: Fix definition of PAGE_HYP_DEVICE - [arm64] KVM: Stop clobbering x0 for HVC_SOFT_RESTART - [x86] KVM: bit 8 of non-leaf PDPEs is not reserved - [x86] KVM: Inject #GP if guest attempts to toggle CR4.LA57 in 64-bit mode - [x86] KVM: Mark CR4.TSD as being possibly owned by the guest - kallsyms: Refactor kallsyms_show_value() to take cred - kernel: module: Use struct_size() helper - module: Refactor section attr into bin attribute - module: Do not expose section addresses to non-CAP_SYSLOG - kprobes: Do not expose probe addresses to non-CAP_SYSLOG - bpf: Check correct cred for CAP_SYSLOG in bpf_dump_raw_ok() - btrfs: fix fatal extent_buffer readahead vs releasepage race - drm/radeon: fix double free - dm: use noio when sending kobject event - [s390x] mm: fix huge pte soft dirty copying https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.134 - perf: Make perf able to build with latest libbfd - genetlink: remove genl_bind - ipv4: fill fl4_icmp_{type,code} in ping_v4_sendmsg - l2tp: remove skb_dst_set() from l2tp_xmit_skb() - llc: make sure applications use ARPHRD_ETHER - net: Added pointer check for dst->ops->neigh_lookup in dst_neigh_lookup_skb - net_sched: fix a memory leak in atm_tc_init() - net: usb: qmi_wwan: add support for Quectel EG95 LTE modem - tcp: fix SO_RCVLOWAT possible hangs under high mem pressure - tcp: make sure listeners don't initialize congestion-control state - tcp: md5: add missing memory barriers in tcp_md5_do_add()/tcp_md5_hash_key() - tcp: md5: do not send silly options in SYNCOOKIES - tcp: md5: refine tcp_md5_do_add()/tcp_md5_hash_key() barriers - tcp: md5: allow changing MD5 keys in all socket states - cgroup: fix cgroup_sk_alloc() for sk_clone_lock() (CVE-2020-14356) (Closes: #966846) - cgroup: Fix sock_cgroup_data on big-endian. - sched: consistently handle layer3 header accesses in the presence of VLANs - vlan: consolidate VLAN parsing code and limit max parsing depth - [arm64] drm/msm: fix potential memleak in error branch - [arm64] alternatives: use subsections for replacement sequences - [arm64,x86] tpm_tis: extra chip->ops check on error path in tpm_tis_core_init - gfs2: read-only mounts should grab the sd_freeze_gl glock - [i386] i2c: eg20t: Load module automatically if ID matches - [arm64] alternatives: don't patch up internal branches - [armhf] iio: mma8452: Add missed iio_device_unregister() call in mma8452_probe() - [armhf] net: dsa: bcm_sf2: Fix node reference count - of: of_mdio: Correct loop scanning logic - Revert "usb/ohci-platform: Fix a warning when hibernating" - [arm64,armhf] Revert "usb/xhci-plat: Set PM runtime as active on resume" - Revert "usb/ehci-platform: Set PM runtime as active on resume" - [arm64,armhf] net: sfp: add support for module quirks - [arm64,armhf] net: sfp: add some quirks for GPON modules - HID: quirks: Remove ITE 8595 entry from hid_have_special_driver - ALSA: usb-audio: Create a registration quirk for Kingston HyperX Amp (0951:16d8) - mmc: sdhci: do not enable card detect interrupt for gpio cd type - ALSA: usb-audio: Rewrite registration quirk handling - [x86] ACPI: video: Use native backlight on Acer Aspire 5783z - ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Alpha S - [x86] ACPI: video: Use native backlight on Acer TravelMate 5735Z - ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Flight S - [arm64,armhf] phy: sun4i-usb: fix dereference of pointer phy0 before it is null checked - [armhf] spi: spi-sun6i: sun6i_spi_transfer_one(): fix setting of clock rate - [x86] staging: comedi: verify array index is correct before using it - regmap: debugfs: Don't sleep while atomic for fast_io regmaps - [x86] copy_xstate_to_kernel: Fix typo which caused GDB regression - apparmor: ensure that dfa state tables have entries - perf stat: Zero all the 'ena' and 'run' array slot stats for interval mode - [armhf] mtd: rawnand: marvell: Use nand_cleanup() when the device is not yet registered - [armhf] mtd: rawnand: marvell: Fix probe error path - mtd: rawnand: timings: Fix default tR_max and tCCS_min timings - HID: magicmouse: do not set up autorepeat - HID: quirks: Always poll Obins Anne Pro 2 keyboard - HID: quirks: Ignore Simply Automated UPB PIM - ALSA: line6: Perform sanity check for each URB creation - ALSA: line6: Sync the pending work cancel at disconnection - ALSA: usb-audio: Fix race against the error recovery URB submission - [x86] ALSA: hda/realtek - change to suitable link model for ASUS platform - [x86] ALSA: hda/realtek - Enable Speaker for ASUS UX533 and UX534 - [arm*] usb: dwc2: Fix shutdown callback in platform - [arm64,armhf] usb: chipidea: core: add wakeup support for extcon - USB: serial: iuu_phoenix: fix memory corruption - USB: serial: cypress_m8: enable Simply Automated UPB PIM - USB: serial: ch341: add new Product ID for CH340 - USB: serial: option: add GosunCn GM500 series - USB: serial: option: add Quectel EG95 LTE modem - [x86] virt: vbox: Fix VBGL_IOCTL_VMMDEV_REQUEST_BIG and _LOG req numbers to match upstream - [x86] virt: vbox: Fix guest capabilities mask check - [arm64] virtio: virtio_console: add missing MODULE_DEVICE_TABLE() for rproc serial - ovl: inode reference leak in ovl_is_inuse true case. - ovl: relax WARN_ON() when decoding lower directory file handle - ovl: fix unneeded call to ovl_change_flags() - fuse: Fix parameter for FS_IOC_{GET,SET}FLAGS - Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()" (CVE-2020-10781) - [x86] mei: bus: don't clean driver pointer - timer: Prevent base->clk from moving backward - timer: Fix wheel index calculation on last level - [mips*] Fix build for LTS kernel caused by backporting lpj adjustment - hwmon: (emc2103) fix unable to change fan pwm1_enable attribute - [powerpc*] book3s64/pkeys: Fix pkey_access_permitted() for execute disable pkey - [x86] intel_th: pci: Add Jasper Lake CPU support - [x86] intel_th: pci: Add Tiger Lake PCH-H support - [x86] intel_th: pci: Add Emmitsburg PCH support - [x86] intel_th: Fix a NULL dereference when hub driver is not loaded - [arm*] thermal/drivers/cpufreq_cooling: Fix wrong frequency converted from power - [arm64] ptrace: Override SPSR.SS when single-stepping is enabled - [arm64] ptrace: Consistently use pseudo-singlestep exceptions - [arm64] compat: Ensure upper 32 bits of x0 are zero on syscall return - sched: Fix unreliable rseq cpu_id for new tasks - sched/fair: handle case of task_h_load() returning 0 - genirq/affinity: Handle affinity setting on inactive interrupts correctly - printk: queue wake_up_klogd irq_work only if per-CPU areas are ready - libceph: don't omit recovery_deletes in target_copy() - rxrpc: Fix trace string https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.135 - mac80211: allow rx of mesh eapol frames with default rx key - scsi: scsi_transport_spi: Fix function pointer check - net: sky2: initialize return of gm_phy_read - drm/nouveau/i2c/g94-: increase NV_PMGR_DP_AUXCTL_TRANSACTREQ timeout - fuse: fix weird page warning - [x86] irqdomain/treewide: Keep firmware node unconditionally allocated - SUNRPC reverting d03727b248d0 ("NFSv4 fix CLOSE not waiting for direct IO compeletion") - tipc: clean up skb list lock handling on send path - IB/umem: fix reference count leak in ib_umem_odp_get() - uprobes: Change handle_swbp() to send SIGTRAP with si_code=SI_KERNEL, to fix GDB regression - ALSA: info: Drop WARN_ON() from buffer NULL sanity check - btrfs: fix double free on ulist after backref resolution failure - btrfs: fix mount failure caused by race with umount - btrfs: fix page leaks after failure to lock page for delalloc - bnxt_en: Fix race when modifying pause settings. - [x86] hippi: Fix a size used in a 'pci_free_consistent()' in an error handling path - ax88172a: fix ax88172a_unbind() failures - ieee802154: fix one possible memleak in adf7242_probe - [arm64,armhf] drm: sun4i: hdmi: Fix inverted HPD result - [arm64,armhf] net: smc91x: Fix possible memory leak in smc_drv_probe() - bonding: check error value of register_netdevice() immediately - qed: suppress "don't support RoCE & iWARP" flooding on HW init - ipvs: fix the connection sync failed in some cases - bonding: check return value of register_netdevice() in bond_newlink() - serial: exar: Fix GPIO configuration for Sealevel cards based on XR17V35X - [arm64,x86] HID: i2c-hid: add Mediacom FlexBook edge13 to descriptor override - HID: alps: support devices with report id 2 - HID: steam: fixes race in handling device list. - HID: apple: Disable Fn-key key-re-mapping on clone keyboards - [arm64] dmaengine: tegra210-adma: Fix runtime PM imbalance on error - Input: add `SW_MACHINE_COVER` - regmap: dev_get_regmap_match(): fix string comparison - hwmon: (aspeed-pwm-tacho) Avoid possible buffer overflow - [amd64] dmaengine: ioat setting ioat timeout as module parameter - [x86] Input: synaptics - enable InterTouch for ThinkPad X1E 1st gen - [arm64] Use test_tsk_thread_flag() for checking TIF_SINGLESTEP - [arm*] binder: Don't use mmput() from shrinker function. - usb: xhci: Fix ASM2142/ASM3142 DMA addressing - Revert "cifs: Fix the target file was deleted when rename failed." (Closes: #966917) - [x86] staging: wlan-ng: properly check endpoint types - [x86] staging: comedi: addi_apci_1032: check INSN_CONFIG_DIGITAL_TRIG shift - [x86] staging: comedi: ni_6527: fix INSN_CONFIG_DIGITAL_TRIG support - [x86] staging: comedi: addi_apci_1500: check INSN_CONFIG_DIGITAL_TRIG shift - [x86] staging: comedi: addi_apci_1564: check INSN_CONFIG_DIGITAL_TRIG shift - serial: 8250: fix null-ptr-deref in serial8250_start_tx() - fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins. - vt: Reject zero-sized screen buffer size. - mm/memcg: fix refcount error while moving and swapping - mm: memcg/slab: synchronize access to kmem_cache dying flag using a spinlock - mm: memcg/slab: fix memory leak at non-root kmem_cache destroy - io-mapping: indicate mapping failure - drm/amdgpu: Fix NULL dereference in dpm sysfs handlers - [x86] vmlinux.lds: Page-align end of ..page_aligned sections - [x86] ASoC: rt5670: Add new gpio1_is_ext_spk_en quirk and enable it on the Lenovo Miix 2 10 - dm integrity: fix integrity recalculation that is improperly skipped - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb - ath9k: Fix regression with Atheros 9271 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.136 - AX.25: Fix out-of-bounds read in ax25_connect() - AX.25: Prevent out-of-bounds read in ax25_sendmsg() - dev: Defer free of skbs in flush_backlog - ip6_gre: fix null-ptr-deref in ip6gre_init_net() - net-sysfs: add a newline when printing 'tx_timeout' by sysfs - net: udp: Fix wrong clean up for IS_UDPLITE macro - rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA - tcp: allow at most one TLP probe per flight - AX.25: Prevent integer overflows in connect and sendmsg - sctp: shrink stream outq only when new outcnt < old outcnt - sctp: shrink stream outq when fails to do addstream reconf - udp: Copy has_conns in reuseport_grow(). - udp: Improve load balancing for SO_REUSEPORT. - rtnetlink: Fix memory(net_device) leak when ->newlink fails - regmap: debugfs: check count when read regmap file https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.137 - [x86] crypto: ccp - Release all allocated memory if sha type is invalid (CVE-2019-18808) - media: rc: prevent memory leak in cx23888_ir_probe (CVE-2019-19054) - iio: imu: adis16400: fix memory leak (CVE-2019-19061) - [x86] drm/amdgpu: fix multiple memory leaks in acp_hw_init (CVE-2019-19067) - tracing: Have error path in predicate_parse() free its allocated memory (CVE-2019-19072) - ath9k_htc: release allocated buffer if timed out (CVE-2019-19073) - ath9k: release allocated buffer if timed out (CVE-2019-19074) - drm/amd/display: prevent memory leak (CVE-2019-19082) - btrfs: inode: Verify inode mode to avoid NULL pointer dereference (CVE-2019-19813, CVE-2019-19816) - sctp: implement memory accounting on tx path (CVE-2019-3874) - Btrfs: fix selftests failure due to uninitialized i_mode in test inodes - PCI/ASPM: Disable ASPM on ASMedia ASM1083/1085 PCIe-to-PCI bridge - 9p/trans_fd: Fix concurrency del of req_list in p9_fd_cancelled/p9_read_work - wireless: Use offsetof instead of custom macro. - [armel,armhf] 8986/1: hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints - Revert "drm/amdgpu: Fix NULL dereference in dpm sysfs handlers" - drm/amdgpu: Prevent kernel-infoleak in amdgpu_info_ioctl() - drm: hold gem reference until object is no longer accessed - rds: Prevent kernel-infoleak in rds_notify_queue_get() - xfs: fix missed wakeup on l_flush_wait - xfrm: Fix crash when the hold queue is used. - net/mlx5: Verify Hardware supports requested ptp function on a given pin - net: lan78xx: add missing endpoint sanity check - net: lan78xx: fix transfer-buffer memory leak - mlx4: disable device on shutdown - bpf: Fix map leak in HASH_OF_MAPS map - mac80211: mesh: Free ie data when leaving mesh - mac80211: mesh: Free pending skb when destroying a mpath - [arm64] alternatives: move length validation inside the subsection - [arm64] csum: Fix handling of bad packets - Bluetooth: fix kernel oops in store_pending_adv_report - net/mlx5e: fix bpf_prog reference count leaks in mlx5e_alloc_rq - qed: Disable "MFW indication via attention" SPAM every 5 minutes - [amd64] x86/unwind/orc: Fix ORC for newly forked tasks - cxgb4: add missing release on skb in uld_send() - xen-netfront: fix potential deadlock in xennet_remove() - [x86] KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled - [x86] i8259: Use printk_deferred() to prevent deadlock https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.138 - random32: update the net random state on interrupt and activity (CVE-2020-16166) - [armel] ARM: percpu.h: fix build error - random: fix circular include dependency on arm64 after addition of percpu.h - random32: remove net_rand_state from the latent entropy gcc plugin - random32: move the pseudo-random 32-bit definitions to prandom.h - ext4: fix direct I/O read error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.139 - USB: serial: qcserial: add EM7305 QDL product ID - USB: iowarrior: fix up report size handling for some devices - usb: xhci: define IDs for various ASMedia host controllers - usb: xhci: Fix ASMedia ASM1142 DMA addressing - Revert "ALSA: hda: call runtime_allow() for all hda controllers" - [arm*] staging: android: ashmem: Fix lockdep warning for write operation - Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_evt() - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt() - [arm*] binder: Prevent context manager from incrementing ref 0 - vgacon: Fix for missing check in scrollback handling (CVE-2020-14331) - mtd: properly check all write ioctls for permissions - net/9p: validate fds in p9_fd_open - drm/nouveau/fbcon: fix module unload when fbcon init has failed for some reason - drm/nouveau/fbcon: zero-initialise the mode_cmd2 structure - usb: hso: check for return value in hso_serial_common_create() - firmware: Fix a reference count leak. - cfg80211: check vendor command doit pointer before use - igb: reinit_locked() should be called with rtnl_lock - atm: fix atm_dev refcnt leaks in atmtcp_remove_persistent - tools lib traceevent: Fix memory leak in process_dynamic_array_len - [x86] Drivers: hv: vmbus: Ignore CHANNELMSG_TL_CONNECT_RESULT(23) - xattr: break delegations in {set,remove}xattr - ipv4: Silence suspicious RCU usage warning - ipv6: fix memory leaks on IPV6_ADDRFORM path - vxlan: Ensure FDB dump is performed under RCU - net: lan78xx: replace bogus endpoint lookup - [x86] hv_netvsc: do not use VF device if link is down - net: gre: recompute gre csum for sctp over gre tunnels - [arm64] net: thunderx: use spin_lock_bh in nicvf_set_rx_mode_task() - openvswitch: Prevent kernel-infoleak in ovs_ct_put_key() - Revert "vxlan: fix tos value before xmit" - rxrpc: Fix race between recvmsg and sendmsg on immediate call failure - i40e: add num_vectors checker in iwarp handler - i40e: Wrong truncation from u16 to u8 - i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c - i40e: Memory leak in i40e_config_iwarp_qvlist https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.140 - tracepoint: Mark __tracepoint_string's __used - HID: input: Fix devices that return multiple bytes in battery report - cgroup: add missing skcd->no_refcnt check in cgroup_sk_clone() - [x86] mce/inject: Fix a wrong assignment of i_mce.status - sched/fair: Fix NOHZ next idle balance - sched: correct SD_flags returned by tl->sd_flags() - EDAC: Fix reference count leaks - [x86] platform/x86: intel-hid: Fix return value check in check_acpi_dev() - [x86] platform/x86: intel-vbtn: Fix return value check in check_acpi_dev() - [armhf] drm/tilcdc: fix leak & null ref in panel_connector_get_modes - Bluetooth: add a mutex lock to avoid UAF in do_enale_set - loop: be paranoid on exit and prevent new additions / removals - fs/btrfs: Add cond_resched() for try_release_extent_mapping() stalls - drm/amdgpu: avoid dereferencing a NULL pointer - drm/radeon: Fix reference count leaks caused by pm_runtime_get_sync - [x86] crypto: aesni - Fix build with LLVM_IAS=1 - video: fbdev: neofb: fix memory leak in neo_scan_monitor() - md-cluster: fix wild pointer of unlock_all_bitmaps() - [arm64] dts: hisilicon: hikey: fixes to comply with adi, adv7533 DT binding - [armhf] drm/etnaviv: fix ref count leak via pm_runtime_get_sync - drm/nouveau: fix multiple instances of reference count leaks - drm/debugfs: fix plain echo to connector "force" attribute - drm/radeon: disable AGP by default - mm/mmap.c: Add cond_resched() for exit_mmap() CPU stalls - brcmfmac: keep SDIO watchdog running when console_interval is non-zero - brcmfmac: To fix Bss Info flag definition Bug - brcmfmac: set state of hanger slot to FREE when flushing PSQ - iwlegacy: Check the return value of pcie_capability_read_*() - [arm64,armhf] gpu: host1x: debug: Fix multiple channels emitting messages simultaneously - usb: gadget: net2280: fix memory leak on probe error handling paths - dyndbg: fix a BUG_ON in ddebug_describe_flags - bcache: fix super block seq numbers comparision in register_cache_set() - [arm64,x86] ACPICA: Do not increment operation_region reference counts for field units - [arm64] drm/msm: ratelimit crtc event overflow error - [x86] agp/intel: Fix a memory leak on module initialisation failure - ath10k: Acquire tx_lock in tx error paths - [armhf] drm/etnaviv: Fix error path on failure to enable bus clk - [arm64] drm/arm: fix unintentional integer overflow on left shift - drm/mipi: use dcs write for mipi_dsi_dcs_set_tear_scanline - [powerpc*] cxl: Fix kobject memleak - drm/radeon: fix array out-of-bounds read and write issues - ipvs: allow connection reuse for unconfirmed conntrack - xfs: don't eat an EIO/ENOSPC writeback error when scrubbing data fork - xfs: fix reflink quota reservation accounting error - RDMA/rxe: Skip dgid check in loopback mode - PCI: Fix pci_cfg_wait queue locking problem - leds: core: Flush scheduled work for system suspend - [arm64,armhf] drm: panel: simple: Fix bpc for LG LB070WV8 panel - [armhf] phy: exynos5-usbdrd: Calibrating makes sense only for USB2.0 PHY - scsi: scsi_debug: Add check for sdebug_max_queue during module init - mwifiex: Prevent memory corruption handling keys - [powerpc*] vdso: Fix vdso cpu truncation - RDMA/qedr: SRQ's bug fixes - RDMA/rxe: Prevent access to wr->next ptr afrer wr is posted to send queue - [x86] staging: rtl8192u: fix a dubious looking mask before a shift - PCI/ASPM: Add missing newline in sysfs 'policy' - [powerpc*] book3s64/pkeys: Use PVR check instead of cpu feature - USB: serial: iuu_phoenix: fix led-activity helpers - usb: core: fix quirks_param_set() writing to a const pointer - [armhf] thermal: ti-soc-thermal: Fix reversed condition in ti_thermal_expose_sensor() - [mips*] OCTEON: add missing put_device() call in dwc3_octeon_device_init() - [arm*] usb: dwc2: Fix error path in gadget registration - [arm64,armhf] net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration - RDMA/core: Fix return error value in _ib_modify_qp() to negative - Bluetooth: hci_h5: Set HCI_UART_RESET_ON_INIT to correct flags - Bluetooth: hci_serdev: Only unregister device if it was registered - [x86] PCI: Release IVRS table in AMD ACS quirk - [s390x] qeth: don't process empty bridge port events - [arm64,armhf] wl1251: fix always return 0 error - [amd64] net: ethernet: aquantia: Fix wrong return value - liquidio: Fix wrong return value in cn23xx_get_pf_num() - dlm: Fix kobject memleak - ocfs2: fix unbalanced locking - [arm64,armhf] pinctrl-single: fix pcs_parse_pinconf() return value - svcrdma: Fix page leak in svc_rdma_recv_read_chunk() - [x86] fsgsbase/64: Fix NULL deref in 86_fsgsbase_read_task - [amd64] crypto: aesni - add compatibility with IAS - af_packet: TPACKET_V3: fix fill status rwlock imbalance - net/nfc/rawsock.c: add CAP_NET_RAW check. - net: Set fput_needed iff FDPUT_FPUT is set - net: refactor bind_bucket fastreuse into helper - net: initialize fastreuse on inet_inherit_port - USB: serial: cp210x: re-enable auto-RTS on open - USB: serial: cp210x: enable usb generic throttle/unthrottle - [x86] ALSA: hda - fix the micmute led status for Lenovo ThinkCentre AIO - ALSA: usb-audio: Creative USB X-Fi Pro SB1095 volume knob support - ALSA: usb-audio: fix overeager device match for MacroSilicon MS2109 - ALSA: usb-audio: work around streaming quirk for MacroSilicon MS2109 - [x86] crypto: qat - fix double free in qat_uclo_create_batch_init_list - [x86] crypto: ccp - Fix use of merged scatterlists - [arm64] crypto: cpt - don't sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified - bitfield.h: don't compile-time validate _val in FIELD_FIT - fs/minix: check return value of sb_getblk() - fs/minix: don't allow getting deleted inodes - fs/minix: reject too-large maximum file size - ALSA: usb-audio: add quirk for Pioneer DDJ-RB - 9p: Fix memory leak in v9fs_mount - drm/ttm/nouveau: don't call tt destroy callback on alloc failure. - NFS: Don't move layouts to plh_return_segs list while in use - NFS: Don't return layout segments that are in use - [arm64] cpufreq: dt: fix oops on armada37xx - include/asm-generic/vmlinux.lds.h: align ro_after_init - spi: spidev: Align buffers for DMA - [x86] irqdomain/treewide: Free firmware node after domain removal - xen/balloon: fix accounting in alloc_xenballooned_pages error path - xen/balloon: make the balloon wait interruptible https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.141 - smb3: warn on confusing error scenario with sec=krb5 - genirq/affinity: Make affinity setting if activated opt-in - [arm64,x86] PCI: hotplug: ACPI: Fix context refcounting in acpiphp_grab_context() - PCI: Mark AMD Navi10 GPU rev 0x00 ATS as broken - PCI: Add device even if driver attach failed - [arm64] PCI: qcom: Define some PARF params needed for ipq8064 SoC - [arm64] PCI: qcom: Add support for tx term offset for rev 2.1.0 - PCI: Probe bridge window attributes once at enumeration-time - btrfs: free anon block device right after subvolume deletion - btrfs: don't allocate anonymous block device for user invisible roots - btrfs: ref-verify: fix memory leak in add_block_entry - btrfs: don't traverse into the seed devices in show_devname - btrfs: open device without device_list_mutex - btrfs: fix messages after changing compression level by remount - btrfs: only search for left_info if there is no right_info in try_merge_free_space (CVE-2019-19448) - btrfs: fix memory leaks after failure to lookup checksums during inode logging - btrfs: fix return value mixup in btrfs_get_extent - cifs: Fix leak when handling lease break for cached root fid - [powerpc*] Allow 4224 bytes of stack expansion for the signal frame - [powerpc*] Fix circular dependency between percpu.h and mmu.h - [arm64] net: ethernet: stmmac: Disable hardware multicast filter - [arm64,armhf] net: stmmac: dwmac1000: provide multicast filter fallback - net/compat: Add missing sock updates for SCM_RIGHTS - md/raid5: Fix Force reconstruct-write io stuck in degraded raid5 - bcache: allocate meta data pages as compound pages - bcache: fix overflow in offset_to_stripe() - mac80211: fix misplaced while instead of if - driver core: Avoid binding drivers to dead devices - [mips*] CPU#0 is not hotpluggable - ocfs2: change slot number type s16 to u16 - mm/page_counter.c: fix protection usage propagation - ftrace: Setup correct FTRACE_FL_REGS flags for module - kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler - tracing/hwlat: Honor the tracing_cpumask - tracing: Use trace_sched_process_free() instead of exit() for pid tracing - [x86] watchdog: f71808e_wdt: indicate WDIOF_CARDRESET support in watchdog_info.options - [x86] watchdog: f71808e_wdt: remove use of wrong watchdog_info option - [x86] watchdog: f71808e_wdt: clear watchdog timeout occurred flag - [powerpc*] pseries: Fix 64 bit logical memory block panic - module: Correctly truncate sysfs sections output - [armhf] drm/imx: imx-ldb: Disable both channels for split mode in enc->disable() - RDMA/ipoib: Return void from ipoib_ib_dev_stop() - RDMA/ipoib: Fix ABBA deadlock with ipoib_reap_ah() - USB: serial: ftdi_sio: make process-packet buffer unsigned - USB: serial: ftdi_sio: clean up receive processing - [armhf] gpu: ipu-v3: image-convert: Combine rotate/no-rotate irq handlers - dm rq: don't call blk_mq_queue_stopped() in dm_stop_queue() - [amd64] iommu/vt-d: Enforce PASID devTLB field mask - scsi: lpfc: nvmet: Avoid hang / use-after-free again when destroying targetport - watchdog: initialize device before misc_register - Input: sentelic - fix error return when fsp_reg_write fails - [x86] drm/vmwgfx: Use correct vmw_legacy_display_unit pointer - [x86] drm/vmwgfx: Fix two list_for_each loop exit tests - [arm64] net: qcom/emac: add missed clk_disable_unprepare in error path of emac_clks_phase1_init - nfs: Fix getxattr kernel panic and memory overflow (CVE-2020-25212) - fs/minix: set s_maxbytes correctly - fs/minix: fix block limit check for V1 filesystems - fs/minix: remove expected error message in block_to_path() - fs/ufs: avoid potential u32 multiplication overflow - khugepaged: retract_page_tables() remember to test exit - [arm64] dts: marvell: espressobin: add ethernet alias - [x86] drm: Added orientation quirk for ASUS tablet model T103HAF https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.142 - drm/vgem: Replace opencoded version of drm_gem_dumb_map_offset() - perf probe: Fix memory leakage when the probe point is not found - khugepaged: khugepaged_test_exit() check mmget_still_valid() - khugepaged: adjust VM_BUG_ON_MM() in __khugepaged_enter() - btrfs: export helpers for subvolume name/id resolution - btrfs: don't show full path of bind mounts in subvol= - btrfs: Move free_pages_out label in inline extent handling branch in compress_file_range - btrfs: inode: fix NULL pointer dereference if inode doesn't need compression - btrfs: sysfs: use NOFS for device creation - romfs: fix uninitialized memory leak in romfs_dev_read() - kernel/relay.c: fix memleak on destroy relay channel - mm: include CMA pages in lowmem_reserve at boot - mm, page_alloc: fix core hung in free_pcppages_bulk() - ext4: fix checking of directory entry validity for inline directories - jbd2: add the missing unlock_buffer() in the error path of jbd2_write_superblock() - [s390x] scsi: zfcp: Fix use-after-free in request timeout handlers - kthread: Do not preempt current task if it is going to call schedule() - spi: Prevent adding devices below an unregistering controller - scsi: ufs: Add DELAY_BEFORE_LPM quirk for Micron devices - [arm*] scsi: target: tcmu: Fix crash in tcmu_flush_dcache_range on ARM - media: budget-core: Improve exception handling in budget_register() - Input: psmouse - add a newline when printing 'proto' by sysfs - svcrdma: Fix another Receive buffer leak - xfs: fix inode quota reservation checks - jffs2: fix UAF problem - ceph: fix use-after-free for fsc->mdsc - [x86] cpufreq: intel_pstate: Fix cpuinfo_max_freq when MSR_TURBO_RATIO_LIMIT is 0 - scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases - virtio_ring: Avoid loop when vq is broken in virtqueue_poll - xfs: Fix UBSAN null-ptr-deref in xfs_sysfs_init - fs/signalfd.c: fix inconsistent return codes for signalfd4 - ext4: fix potential negative array index in do_split() (CVE-2020-14314) - ext4: don't allow overlapping system zones - i40e: Set RX_ONLY mode for unicast promiscuous on VLAN - i40e: Fix crash during removing i40e driver - [armhf] net: fec: correct the error path for regulator disable in probe - bonding: show saner speed for broadcast mode - bonding: fix a potential double-unregister - [s390x] runtime_instrumentation: fix storage key handling - [s390x] ptrace: fix storage key handling - [x86] ASoC: intel: Fix memleak in sst_media_open - [amd64,arm64] vfio/type1: Add proper error unwind for vfio_iommu_replay() - [x86] kvm: Toggling CR4.SMAP does not load PDPTEs in PAE mode - [x86] kvm: Toggling CR4.PKE does not load PDPTEs in PAE mode - efi: avoid error message when booting under Xen - afs: Fix NULL deref in afs_dynroot_depopulate() - bonding: fix active-backup failover for current ARP slave - net: ena: Prevent reset after device destruction - [x86] hv_netvsc: Fix the queue_mapping in netvsc_vf_xmit() - [armhf] net: dsa: b53: check for timeout - [powerpc*] pseries: Do not initiate shutdown when system is running on UPS - efi: add missed destroy_workqueue when efisubsys_init fails - epoll: Keep a reference on files added to the check list - do_epoll_ctl(): clean the failure exits up a bit - mm/hugetlb: fix calculation of adjust_range_if_pmd_sharing_possible - xen: don't reschedule in preemption off sections - clk: Evict unregistered clks from parent caches - KVM: Pass MMU notifier range flags to kvm_unmap_hva_range() - [arm64] KVM: Only reschedule if MMU_NOTIFIER_RANGE_BLOCKABLE is not set https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.143 - [powerpc*] 64s: Don't init FSCR_DSCR in __init_FSCR() - gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY - net: Fix potential wrong skb->protocol in skb_vlan_untag() - net/smc: Prevent kernel-infoleak in __smc_diag_dump() - tipc: fix uninit skb->data in tipc_nl_compat_dumpit() - net: ena: Make missed_tx stat incremental - ipvlan: fix device features - [x86] mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs - [powerpc*] xive: Ignore kmemleak false positives - media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA value in debiirq() - blktrace: ensure our debugfs dir exists - scsi: target: tcmu: Fix crash on ARM during cmd completion - [arm*] iommu/iova: Don't BUG on invalid PFNs - [amd64] drm/amdkfd: Fix reference count leaks. - drm/radeon: fix multiple reference count leak - drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms - drm/amd/display: fix ref count leak in amdgpu_drm_ioctl - drm/amdgpu: fix ref count leak in amdgpu_display_crtc_set_config - drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails - scsi: lpfc: Fix shost refcount mismatch when deleting vport - xfs: Don't allow logging of XFS_ISTALE inodes - f2fs: fix error path in do_recover_data() - PCI: Fix pci_create_slot() reference count leak - rtlwifi: rtl8192cu: Prevent leaking urb - [mips*] vdso: Fix resource leaks in genvdso.c - cec-api: prevent leaking memory through hole in structure - HID: quirks: add NOGET quirk for Logitech GROUP - f2fs: fix use-after-free issue - drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open - drm/nouveau: fix reference count leak in nv50_disp_atomic_commit - drm/nouveau: Fix reference count leak in nouveau_connector_detect - btrfs: file: reserve qgroup space after the hole punch range is locked - scsi: iscsi: Do not put host in iscsi_set_flashnode_param() - ceph: fix potential mdsc use-after-free crash - scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del() - [x86] EDAC/ie31200: Fallback if host bridge device is already initialized - [arm64] KVM: Fix symbol dependency in __hyp_call_panic_nvhe - USB: sisusbvga: Fix a potential UB casued by left shifting a negative value - [arm64] drm/msm/adreno: fix updating ring fence - nvme-fc: Fix wrong return value in __nvme_fc_init_request() - null_blk: fix passing of REQ_FUA flag in null_handle_rq - jbd2: make sure jh have b_transaction set in refile/unfile_buffer - ext4: don't BUG on inconsistent journal feature - ext4: handle read only external journal device - jbd2: abort journal if free a async write error metadata buffer - ext4: handle option set by mount flags correctly - ext4: handle error of ext4_setup_system_zone() on remount - ext4: correctly restore system zone info when remount fails - fs: prevent BUG_ON in submit_bh_wbc() - [s390x] cio: add cond_resched() in the slow_eval_known_fn() loop - scsi: fcoe: Fix I/O path allocation - scsi: ufs: Fix possible infinite loop in ufshcd_hold - scsi: ufs: Improve interrupt handling for shared interrupts - scsi: ufs: Clean up completed request without interrupt notification - scsi: qla2xxx: Check if FW supports MQ before enabling - scsi: qla2xxx: Fix null pointer access during disconnect from subsystem - Revert "scsi: qla2xxx: Fix crash on qla2x00_mailbox_command" - macvlan: validate setting of multiple remote source MAC addresses - [powerpc*] perf: Fix soft lockups due to missed interrupt accounting - block: loop: set discard granularity and alignment for block device backed loop - [arm64,x86] HID: i2c-hid: Always sleep 60ms after I2C_HID_PWR_ON commands - blk-mq: order adding requests to hctx->dispatch and checking SCHED_RESTART - btrfs: reset compression level for lzo on remount - btrfs: fix space cache memory leak after transaction abort - fbcon: prevent user font height or width change from causing potential out-of-bounds access - vt: defer kfree() of vc_screenbuf in vc_do_resize() - vt_ioctl: change VT_RESIZEX ioctl to check for error return from vc_resize() - [armhf] serial: samsung: Removes the IRQ not found warning - [arm*] serial: pl011: Fix oops on -EPROBE_DEFER - [arm*] serial: pl011: Don't leak amba_ports entry on driver register error - serial: 8250_exar: Fix number of ports for Commtech PCIe cards - serial: 8250: change lock order in serial8250_do_startup() - writeback: Protect inode->i_io_list with inode->i_lock - writeback: Avoid skipping inode writeback - writeback: Fix sync livelock due to b_dirty_time processing - XEN uses irqdesc::irq_data_common::handler_data to store a per interrupt XEN data pointer which contains XEN specific information. - usb: host: xhci: fix ep context print mismatch in debugfs - xhci: Do warm-reset when both CAS and XDEV_RESUME are set - xhci: Always restore EP_SOFT_CLEAR_TOGGLE even if ep reset failed - PM: sleep: core: Fix the handling of pending runtime resume requests - device property: Fix the secondary firmware node handling in set_primary_fwnode() - [x86] genirq/matrix: Deal with the sillyness of for_each_cpu() on UP - drm/amdgpu: Fix buffer overflow in INFO ioctl - USB: yurex: Fix bad gfp argument - USB: quirks: Add no-lpm quirk for another Raydium touchscreen - USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D - [armhf] usb: host: ohci-exynos: Fix error handling in exynos_ohci_probe() - USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() - USB: cdc-acm: rework notification_buffer resizing - btrfs: check the right error variable in btrfs_del_dir_entries_in_log - [arm64,armhf] usb: dwc3: gadget: Don't setup more than requested - [arm64,armhf] usb: dwc3: gadget: Fix handling ZLP - [arm64,armhf] usb: dwc3: gadget: Handle ZLP for sg requests - [arm64,x86] tpm: Unify the mismatching TPM space buffer sizes - HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.144 - HID: core: Correctly handle ReportSize being zero - HID: core: Sanitize event code and type when mapping input - scsi: target: tcmu: Fix size in calls to tcmu_flush_dcache_range - scsi: target: tcmu: Optimize use of flush_dcache_page - [arm64] drm/msm: add shutdown support for display platform_driver - [x86] hwmon: (applesmc) check status earlier. - nvmet: Disable keep-alive timer when kato is cleared to 0h - [arm64] drm/msm/a6xx: fix gmu start on newer firmware - ceph: don't allow setlease on cephfs - cpuidle: Fixup IRQ state - [s390x] don't trace preemption in percpu macros - xen/xenbus: Fix granting of vmalloc'd memory - dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling - batman-adv: Avoid uninitialized chaddr when handling DHCP - batman-adv: bla: use netif_rx_ni when not in interrupt context - [mips*] mm: BMIPS5000 has inclusive physical caches - netfilter: nf_tables: add NFTA_SET_USERDATA if not null - netfilter: nf_tables: incorrect enum nft_list_attributes definition - netfilter: nf_tables: fix destination register zeroing - [arm64] net: hns: Fix memleak in hns_nic_dev_probe - [arm64,armhf] dmaengine: pl330: Fix burst length if burst size is smaller than bus width - gtp: add GTPA_LINK info to msg sent to userspace - bnxt_en: Don't query FW when netif_running() is false. - bnxt_en: Check for zero dir entries in NVRAM. - bnxt_en: Fix PCI AER error recovery flow - bnxt_en: fix HWRM error when querying VF temperature - xfs: fix boundary test in xfs_attr_shortform_verify (CVE-2020-14385) - bnxt: don't enable NAPI until rings are ready - netfilter: nfnetlink: nfnetlink_unicast() reports EAGAIN instead of ENOBUFS - nvmet-fc: Fix a missed _irqsave version of spin_lock in 'nvmet_fc_fod_op_done()' - net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init() - fix regression in "epoll: Keep a reference on files added to the check list" - xfs: fix xfs_bmap_validate_extent_raw when checking attr fork of rt files - tg3: Fix soft lockup when tg3_reset_task() fails. - [amd64] x86, fakenuma: Fix invalid starting node ID - [amd64] iommu/vt-d: Serialize IOMMU GCMD register modifications - [armhf] thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430 - xfs: don't update mtime on COW faults - btrfs: drop path before adding new uuid tree entry - vfio/type1: Support faulting PFNMAP vmas - vfio-pci: Fault mmaps to enable vma tracking - vfio-pci: Invalidate mmaps and block MMIO access on disabled memory (CVE-2020-12888) - btrfs: Remove redundant extent_buffer_get in get_old_root - btrfs: Remove extraneous extent_buffer_get from tree_mod_log_rewind - btrfs: set the lockdep class for log tree extent buffers - uaccess: Add non-pagefault user-space read functions - uaccess: Add non-pagefault user-space write function - btrfs: fix potential deadlock in the search ioctl - net: usb: qmi_wwan: add Telit 0x1050 composition - usb: qmi_wwan: add D-Link DWM-222 A2 device ID - ALSA: ca0106: fix error code handling - ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check - [x86] ALSA: hda/hdmi: always check pin power status in i915 pin fixup - ALSA: firewire-digi00x: exclude Avid Adrenaline from detection - [x86] ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO - media: rc: do not access device via sysfs after rc_unregister_device() - media: rc: uevent sysfs file races with rc_unregister_device() - affs: fix basic permission bits to actually work - block: allow for_each_bvec to support zero len bvec - libata: implement ATA_HORKAGE_MAX_TRIM_128M and apply to Sandisks - dm writecache: handle DAX to partitions on persistent memory correctly - dm cache metadata: Avoid returning cmd->bm wild pointer on error - dm thin metadata: Avoid returning cmd->bm wild pointer on error - mm: slub: fix conversion of freelist_corrupted() - [arm64] KVM: Add kvm_extable for vaxorcism code - [arm64] KVM: Defer guest entry when an asynchronous exception is pending - [arm64] KVM: Survive synchronous exceptions caused by AT instructions - [arm64] KVM: Set HCR_EL2.PTW to prevent AT taking synchronous exception - vfio/pci: Fix SR-IOV VF handling with MMIO blocking - checkpatch: fix the usage of capture group ( ... ) - mm/hugetlb: fix a race between hugetlb sysctl handlers (CVE-2020-25285) - cfg80211: regulatory: reject invalid hints - net: usb: Fix uninit-was-stored issue in asix_read_phy_addr() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.145 - ALSA; firewire-tascam: exclude Tascam FE-8 from detection - block: ensure bdi->io_pages is always initialized - net: usb: dm9601: Add USB ID of Keenetic Plus DSL - sctp: not disable bh in the whole sctp_get_port_local() - tipc: fix shutdown() of connectionless socket - net: disable netpoll on fresh napis - [arm64,armhf] net/mlx5e: Don't support phys switch id if not in switchdev mode https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.146 - RDMA/rxe: Fix memleak in rxe_mem_init_user - RDMA/rxe: Drop pointless checks in rxe_init_ports - [armhf] drm/sun4i: Fix dsi dcs long write function - scsi: libsas: Set data_dir as DMA_NONE if libata marks qc as NODATA - RDMA/core: Fix reported speed and width - [arm64] mmc: sdhci-msm: Add retries when all tuning phases are found valid - [arm64,x86] dmaengine: acpi: Put the CSRT table after using it - netfilter: conntrack: allow sctp hearbeat after connection re-use - [x86] firestream: Fix memleak in fs_open - [arm64,armhf] ALSA: hda: Fix 2 channel swapping for Tegra - xfs: initialize the shortform attr header padding entry - nvme-fabrics: don't check state NVME_CTRL_NEW for request acceptance - nvme-rdma: serialize controller teardown sequences - HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for all Saitek X52 devices - [ppc64el,x86] drivers/net/wan/hdlc_cisco: Add hard_header_len - HID: elan: Fix memleak in elan_input_configured - [x86] cpufreq: intel_pstate: Refuse to turn off with HWP enabled - [x86] cpufreq: intel_pstate: Fix intel_pstate_get_hwp_max() for turbo disabled - ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled - [amd64] iommu/amd: Do not use IOMMUv2 functionality when SME is active - [x86] iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak. - [x86] iio:magnetometer:ak8975 Fix alignment and data leak issues. - [armhf] iio:accel:mma8452: Fix timestamp alignment and prevent data leak. - [x86] staging: wlan-ng: fix out of bounds read in prism2sta_probe_usb() - btrfs: require only sector size alignment for parent eb bytenr - btrfs: fix lockdep splat in add_missing_dev - btrfs: fix wrong address when faulting in pages in the search ioctl - regulator: push allocation in set_consumer_device_supply() out of lock - scsi: target: iscsi: Fix data digest calculation - scsi: target: iscsi: Fix hang in iscsit_access_np() when getting tpg->np_login_sem - [arm64] drm/msm: Disable preemption on all 5xx targets - rbd: require global CAP_SYS_ADMIN for mapping and unmapping (CVE-2020-25284) - RDMA/rxe: Fix the parent sysfs read when the interface has 15 chars - vgacon: remove software scrollback support - fbcon: remove soft scrollback code (CVE-2020-14390) - fbcon: remove now unusued 'softback_lines' cursor() argument - [x86] KVM: VMX: Don't freeze guest when event delivery causes an APIC-access exit - [x86] video: fbdev: fix OOB read in vga_8planes_imageblit() - [arm64] phy: qcom-qmp: Use correct values for ipq8074 PCIe Gen2 PHY init - usb: core: fix slab-out-of-bounds Read in read_descriptors - USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter - USB: serial: option: support dynamic Quectel USB compositions - USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules - usb: Fix out of sync data toggle if a configured device is reconfigured - [x86] usb: typec: ucsi: acpi: Check the _DEP dependencies . [ Salvatore Bonaccorso ] * Bump ABI to 11 * Drop 'Revert "mips: Add udelay lpj numbers adjustment"' * [rt] Update to 4.19.135-rt60 * [rt] Refresh "net: Use skbufhead with raw lock" for context changes in 4.19.136 * [rt] Refresh "timers: Prepare for full preemption" for context changes in 4.19.138 * [rt] Refresh "timers: Redo the notification of canceling timers on -RT" for context changes in 4.19.138 * [rt] Refresh "watchdog: prevent deferral of watchdogd wakeup on RT" for context changes in 4.19.141 * Refresh "net: ena: fix crash during ena_remove()" for context changes in 4.19.142 * [rt] Refresh "Split IRQ-off and zone->lock while freeing pages from PCP list #1" for context changes in 4.19.142 * ACPI: configfs: Disallow loading ACPI tables when locked down (CVE-2020-15780) * [rt] Update to 4.19.142-rt63 * net/packet: fix overflow in tpacket_rcv (CVE-2020-14386) * debian/tests/python: pycodestyle: Increase max-line-length to 100. * gfs2: initialize transaction tr_ailX_lists earlier (Closes: #968567) linux-latest (105+deb10u6) buster; urgency=medium . * Update to 4.19.0-11 linux-signed-amd64 (4.19.146+1) buster; urgency=medium . * Sign kernel from linux 4.19.146-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.133 - [s390x] KVM: s390: reduce number of IO pins to 1 - regmap: fix alignment issue - [arm64,armhf] drm/tegra: hub: Do not enable orphaned window group - [arm64,armhf] gpu: host1x: Detach driver on unregister - spi: spidev: fix a race between spidev_release and spidev_remove - spi: spidev: fix a potential use-after-free in spidev_release() - ixgbe: protect ring accesses with READ- and WRITE_ONCE - i40e: protect ring accesses with READ- and WRITE_ONCE - [x86] drm: panel-orientation-quirks: Add quirk for Asus T101HA panel - [x86] drm: panel-orientation-quirks: Use generic orientation-data for Acer S1003 - cifs: update ctime and mtime during truncate - [armhf] imx6: add missing put_device() call in imx6q_suspend_init() - scsi: mptscsih: Fix read sense data size - [arm64] usb: dwc3: pci: Fix reference count leak in dwc3_pci_resume_work - block: release bip in a right way in error path - nvme-rdma: assign completion vector correctly - [x86] entry: Increase entry_stack size to a full page - net: cxgb4: fix return error value in t4_prep_fw - smsc95xx: check return value of smsc95xx_reset - smsc95xx: avoid memory leak in smsc95xx_bind - [arm64] net: hns3: fix use-after-free when doing self test - [x86] ALSA: compress: fix partial_drain completion state - nbd: Fix memory leak in nbd_add_socket - cxgb4: fix all-mask IP address comparison - bnxt_en: fix NULL dereference in case SR-IOV configuration fails - [arm64] net: macb: mark device wake capable when "magic-packet" property present - ALSA: opl3: fix infoleak in opl3 - ALSA: hda - let hs_mic be picked ahead of hp_mic - ALSA: usb-audio: add quirk for MacroSilicon MS2109 - [arm64] KVM: Fix definition of PAGE_HYP_DEVICE - [arm64] KVM: Stop clobbering x0 for HVC_SOFT_RESTART - [x86] KVM: bit 8 of non-leaf PDPEs is not reserved - [x86] KVM: Inject #GP if guest attempts to toggle CR4.LA57 in 64-bit mode - [x86] KVM: Mark CR4.TSD as being possibly owned by the guest - kallsyms: Refactor kallsyms_show_value() to take cred - kernel: module: Use struct_size() helper - module: Refactor section attr into bin attribute - module: Do not expose section addresses to non-CAP_SYSLOG - kprobes: Do not expose probe addresses to non-CAP_SYSLOG - bpf: Check correct cred for CAP_SYSLOG in bpf_dump_raw_ok() - btrfs: fix fatal extent_buffer readahead vs releasepage race - drm/radeon: fix double free - dm: use noio when sending kobject event - [s390x] mm: fix huge pte soft dirty copying https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.134 - perf: Make perf able to build with latest libbfd - genetlink: remove genl_bind - ipv4: fill fl4_icmp_{type,code} in ping_v4_sendmsg - l2tp: remove skb_dst_set() from l2tp_xmit_skb() - llc: make sure applications use ARPHRD_ETHER - net: Added pointer check for dst->ops->neigh_lookup in dst_neigh_lookup_skb - net_sched: fix a memory leak in atm_tc_init() - net: usb: qmi_wwan: add support for Quectel EG95 LTE modem - tcp: fix SO_RCVLOWAT possible hangs under high mem pressure - tcp: make sure listeners don't initialize congestion-control state - tcp: md5: add missing memory barriers in tcp_md5_do_add()/tcp_md5_hash_key() - tcp: md5: do not send silly options in SYNCOOKIES - tcp: md5: refine tcp_md5_do_add()/tcp_md5_hash_key() barriers - tcp: md5: allow changing MD5 keys in all socket states - cgroup: fix cgroup_sk_alloc() for sk_clone_lock() (CVE-2020-14356) (Closes: #966846) - cgroup: Fix sock_cgroup_data on big-endian. - sched: consistently handle layer3 header accesses in the presence of VLANs - vlan: consolidate VLAN parsing code and limit max parsing depth - [arm64] drm/msm: fix potential memleak in error branch - [arm64] alternatives: use subsections for replacement sequences - [arm64,x86] tpm_tis: extra chip->ops check on error path in tpm_tis_core_init - gfs2: read-only mounts should grab the sd_freeze_gl glock - [i386] i2c: eg20t: Load module automatically if ID matches - [arm64] alternatives: don't patch up internal branches - [armhf] iio: mma8452: Add missed iio_device_unregister() call in mma8452_probe() - [armhf] net: dsa: bcm_sf2: Fix node reference count - of: of_mdio: Correct loop scanning logic - Revert "usb/ohci-platform: Fix a warning when hibernating" - [arm64,armhf] Revert "usb/xhci-plat: Set PM runtime as active on resume" - Revert "usb/ehci-platform: Set PM runtime as active on resume" - [arm64,armhf] net: sfp: add support for module quirks - [arm64,armhf] net: sfp: add some quirks for GPON modules - HID: quirks: Remove ITE 8595 entry from hid_have_special_driver - ALSA: usb-audio: Create a registration quirk for Kingston HyperX Amp (0951:16d8) - mmc: sdhci: do not enable card detect interrupt for gpio cd type - ALSA: usb-audio: Rewrite registration quirk handling - [x86] ACPI: video: Use native backlight on Acer Aspire 5783z - ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Alpha S - [x86] ACPI: video: Use native backlight on Acer TravelMate 5735Z - ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Flight S - [arm64,armhf] phy: sun4i-usb: fix dereference of pointer phy0 before it is null checked - [armhf] spi: spi-sun6i: sun6i_spi_transfer_one(): fix setting of clock rate - [x86] staging: comedi: verify array index is correct before using it - regmap: debugfs: Don't sleep while atomic for fast_io regmaps - [x86] copy_xstate_to_kernel: Fix typo which caused GDB regression - apparmor: ensure that dfa state tables have entries - perf stat: Zero all the 'ena' and 'run' array slot stats for interval mode - [armhf] mtd: rawnand: marvell: Use nand_cleanup() when the device is not yet registered - [armhf] mtd: rawnand: marvell: Fix probe error path - mtd: rawnand: timings: Fix default tR_max and tCCS_min timings - HID: magicmouse: do not set up autorepeat - HID: quirks: Always poll Obins Anne Pro 2 keyboard - HID: quirks: Ignore Simply Automated UPB PIM - ALSA: line6: Perform sanity check for each URB creation - ALSA: line6: Sync the pending work cancel at disconnection - ALSA: usb-audio: Fix race against the error recovery URB submission - [x86] ALSA: hda/realtek - change to suitable link model for ASUS platform - [x86] ALSA: hda/realtek - Enable Speaker for ASUS UX533 and UX534 - [arm*] usb: dwc2: Fix shutdown callback in platform - [arm64,armhf] usb: chipidea: core: add wakeup support for extcon - USB: serial: iuu_phoenix: fix memory corruption - USB: serial: cypress_m8: enable Simply Automated UPB PIM - USB: serial: ch341: add new Product ID for CH340 - USB: serial: option: add GosunCn GM500 series - USB: serial: option: add Quectel EG95 LTE modem - [x86] virt: vbox: Fix VBGL_IOCTL_VMMDEV_REQUEST_BIG and _LOG req numbers to match upstream - [x86] virt: vbox: Fix guest capabilities mask check - [arm64] virtio: virtio_console: add missing MODULE_DEVICE_TABLE() for rproc serial - ovl: inode reference leak in ovl_is_inuse true case. - ovl: relax WARN_ON() when decoding lower directory file handle - ovl: fix unneeded call to ovl_change_flags() - fuse: Fix parameter for FS_IOC_{GET,SET}FLAGS - Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()" (CVE-2020-10781) - [x86] mei: bus: don't clean driver pointer - timer: Prevent base->clk from moving backward - timer: Fix wheel index calculation on last level - [mips*] Fix build for LTS kernel caused by backporting lpj adjustment - hwmon: (emc2103) fix unable to change fan pwm1_enable attribute - [powerpc*] book3s64/pkeys: Fix pkey_access_permitted() for execute disable pkey - [x86] intel_th: pci: Add Jasper Lake CPU support - [x86] intel_th: pci: Add Tiger Lake PCH-H support - [x86] intel_th: pci: Add Emmitsburg PCH support - [x86] intel_th: Fix a NULL dereference when hub driver is not loaded - [arm*] thermal/drivers/cpufreq_cooling: Fix wrong frequency converted from power - [arm64] ptrace: Override SPSR.SS when single-stepping is enabled - [arm64] ptrace: Consistently use pseudo-singlestep exceptions - [arm64] compat: Ensure upper 32 bits of x0 are zero on syscall return - sched: Fix unreliable rseq cpu_id for new tasks - sched/fair: handle case of task_h_load() returning 0 - genirq/affinity: Handle affinity setting on inactive interrupts correctly - printk: queue wake_up_klogd irq_work only if per-CPU areas are ready - libceph: don't omit recovery_deletes in target_copy() - rxrpc: Fix trace string https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.135 - mac80211: allow rx of mesh eapol frames with default rx key - scsi: scsi_transport_spi: Fix function pointer check - net: sky2: initialize return of gm_phy_read - drm/nouveau/i2c/g94-: increase NV_PMGR_DP_AUXCTL_TRANSACTREQ timeout - fuse: fix weird page warning - [x86] irqdomain/treewide: Keep firmware node unconditionally allocated - SUNRPC reverting d03727b248d0 ("NFSv4 fix CLOSE not waiting for direct IO compeletion") - tipc: clean up skb list lock handling on send path - IB/umem: fix reference count leak in ib_umem_odp_get() - uprobes: Change handle_swbp() to send SIGTRAP with si_code=SI_KERNEL, to fix GDB regression - ALSA: info: Drop WARN_ON() from buffer NULL sanity check - btrfs: fix double free on ulist after backref resolution failure - btrfs: fix mount failure caused by race with umount - btrfs: fix page leaks after failure to lock page for delalloc - bnxt_en: Fix race when modifying pause settings. - [x86] hippi: Fix a size used in a 'pci_free_consistent()' in an error handling path - ax88172a: fix ax88172a_unbind() failures - ieee802154: fix one possible memleak in adf7242_probe - [arm64,armhf] drm: sun4i: hdmi: Fix inverted HPD result - [arm64,armhf] net: smc91x: Fix possible memory leak in smc_drv_probe() - bonding: check error value of register_netdevice() immediately - qed: suppress "don't support RoCE & iWARP" flooding on HW init - ipvs: fix the connection sync failed in some cases - bonding: check return value of register_netdevice() in bond_newlink() - serial: exar: Fix GPIO configuration for Sealevel cards based on XR17V35X - [arm64,x86] HID: i2c-hid: add Mediacom FlexBook edge13 to descriptor override - HID: alps: support devices with report id 2 - HID: steam: fixes race in handling device list. - HID: apple: Disable Fn-key key-re-mapping on clone keyboards - [arm64] dmaengine: tegra210-adma: Fix runtime PM imbalance on error - Input: add `SW_MACHINE_COVER` - regmap: dev_get_regmap_match(): fix string comparison - hwmon: (aspeed-pwm-tacho) Avoid possible buffer overflow - [amd64] dmaengine: ioat setting ioat timeout as module parameter - [x86] Input: synaptics - enable InterTouch for ThinkPad X1E 1st gen - [arm64] Use test_tsk_thread_flag() for checking TIF_SINGLESTEP - [arm*] binder: Don't use mmput() from shrinker function. - usb: xhci: Fix ASM2142/ASM3142 DMA addressing - Revert "cifs: Fix the target file was deleted when rename failed." (Closes: #966917) - [x86] staging: wlan-ng: properly check endpoint types - [x86] staging: comedi: addi_apci_1032: check INSN_CONFIG_DIGITAL_TRIG shift - [x86] staging: comedi: ni_6527: fix INSN_CONFIG_DIGITAL_TRIG support - [x86] staging: comedi: addi_apci_1500: check INSN_CONFIG_DIGITAL_TRIG shift - [x86] staging: comedi: addi_apci_1564: check INSN_CONFIG_DIGITAL_TRIG shift - serial: 8250: fix null-ptr-deref in serial8250_start_tx() - fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins. - vt: Reject zero-sized screen buffer size. - mm/memcg: fix refcount error while moving and swapping - mm: memcg/slab: synchronize access to kmem_cache dying flag using a spinlock - mm: memcg/slab: fix memory leak at non-root kmem_cache destroy - io-mapping: indicate mapping failure - drm/amdgpu: Fix NULL dereference in dpm sysfs handlers - [x86] vmlinux.lds: Page-align end of ..page_aligned sections - [x86] ASoC: rt5670: Add new gpio1_is_ext_spk_en quirk and enable it on the Lenovo Miix 2 10 - dm integrity: fix integrity recalculation that is improperly skipped - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb - ath9k: Fix regression with Atheros 9271 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.136 - AX.25: Fix out-of-bounds read in ax25_connect() - AX.25: Prevent out-of-bounds read in ax25_sendmsg() - dev: Defer free of skbs in flush_backlog - ip6_gre: fix null-ptr-deref in ip6gre_init_net() - net-sysfs: add a newline when printing 'tx_timeout' by sysfs - net: udp: Fix wrong clean up for IS_UDPLITE macro - rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA - tcp: allow at most one TLP probe per flight - AX.25: Prevent integer overflows in connect and sendmsg - sctp: shrink stream outq only when new outcnt < old outcnt - sctp: shrink stream outq when fails to do addstream reconf - udp: Copy has_conns in reuseport_grow(). - udp: Improve load balancing for SO_REUSEPORT. - rtnetlink: Fix memory(net_device) leak when ->newlink fails - regmap: debugfs: check count when read regmap file https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.137 - [x86] crypto: ccp - Release all allocated memory if sha type is invalid (CVE-2019-18808) - media: rc: prevent memory leak in cx23888_ir_probe (CVE-2019-19054) - iio: imu: adis16400: fix memory leak (CVE-2019-19061) - [x86] drm/amdgpu: fix multiple memory leaks in acp_hw_init (CVE-2019-19067) - tracing: Have error path in predicate_parse() free its allocated memory (CVE-2019-19072) - ath9k_htc: release allocated buffer if timed out (CVE-2019-19073) - ath9k: release allocated buffer if timed out (CVE-2019-19074) - drm/amd/display: prevent memory leak (CVE-2019-19082) - btrfs: inode: Verify inode mode to avoid NULL pointer dereference (CVE-2019-19813, CVE-2019-19816) - sctp: implement memory accounting on tx path (CVE-2019-3874) - Btrfs: fix selftests failure due to uninitialized i_mode in test inodes - PCI/ASPM: Disable ASPM on ASMedia ASM1083/1085 PCIe-to-PCI bridge - 9p/trans_fd: Fix concurrency del of req_list in p9_fd_cancelled/p9_read_work - wireless: Use offsetof instead of custom macro. - [armel,armhf] 8986/1: hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints - Revert "drm/amdgpu: Fix NULL dereference in dpm sysfs handlers" - drm/amdgpu: Prevent kernel-infoleak in amdgpu_info_ioctl() - drm: hold gem reference until object is no longer accessed - rds: Prevent kernel-infoleak in rds_notify_queue_get() - xfs: fix missed wakeup on l_flush_wait - xfrm: Fix crash when the hold queue is used. - net/mlx5: Verify Hardware supports requested ptp function on a given pin - net: lan78xx: add missing endpoint sanity check - net: lan78xx: fix transfer-buffer memory leak - mlx4: disable device on shutdown - bpf: Fix map leak in HASH_OF_MAPS map - mac80211: mesh: Free ie data when leaving mesh - mac80211: mesh: Free pending skb when destroying a mpath - [arm64] alternatives: move length validation inside the subsection - [arm64] csum: Fix handling of bad packets - Bluetooth: fix kernel oops in store_pending_adv_report - net/mlx5e: fix bpf_prog reference count leaks in mlx5e_alloc_rq - qed: Disable "MFW indication via attention" SPAM every 5 minutes - [amd64] x86/unwind/orc: Fix ORC for newly forked tasks - cxgb4: add missing release on skb in uld_send() - xen-netfront: fix potential deadlock in xennet_remove() - [x86] KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled - [x86] i8259: Use printk_deferred() to prevent deadlock https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.138 - random32: update the net random state on interrupt and activity (CVE-2020-16166) - [armel] ARM: percpu.h: fix build error - random: fix circular include dependency on arm64 after addition of percpu.h - random32: remove net_rand_state from the latent entropy gcc plugin - random32: move the pseudo-random 32-bit definitions to prandom.h - ext4: fix direct I/O read error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.139 - USB: serial: qcserial: add EM7305 QDL product ID - USB: iowarrior: fix up report size handling for some devices - usb: xhci: define IDs for various ASMedia host controllers - usb: xhci: Fix ASMedia ASM1142 DMA addressing - Revert "ALSA: hda: call runtime_allow() for all hda controllers" - [arm*] staging: android: ashmem: Fix lockdep warning for write operation - Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_evt() - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt() - [arm*] binder: Prevent context manager from incrementing ref 0 - vgacon: Fix for missing check in scrollback handling (CVE-2020-14331) - mtd: properly check all write ioctls for permissions - net/9p: validate fds in p9_fd_open - drm/nouveau/fbcon: fix module unload when fbcon init has failed for some reason - drm/nouveau/fbcon: zero-initialise the mode_cmd2 structure - usb: hso: check for return value in hso_serial_common_create() - firmware: Fix a reference count leak. - cfg80211: check vendor command doit pointer before use - igb: reinit_locked() should be called with rtnl_lock - atm: fix atm_dev refcnt leaks in atmtcp_remove_persistent - tools lib traceevent: Fix memory leak in process_dynamic_array_len - [x86] Drivers: hv: vmbus: Ignore CHANNELMSG_TL_CONNECT_RESULT(23) - xattr: break delegations in {set,remove}xattr - ipv4: Silence suspicious RCU usage warning - ipv6: fix memory leaks on IPV6_ADDRFORM path - vxlan: Ensure FDB dump is performed under RCU - net: lan78xx: replace bogus endpoint lookup - [x86] hv_netvsc: do not use VF device if link is down - net: gre: recompute gre csum for sctp over gre tunnels - [arm64] net: thunderx: use spin_lock_bh in nicvf_set_rx_mode_task() - openvswitch: Prevent kernel-infoleak in ovs_ct_put_key() - Revert "vxlan: fix tos value before xmit" - rxrpc: Fix race between recvmsg and sendmsg on immediate call failure - i40e: add num_vectors checker in iwarp handler - i40e: Wrong truncation from u16 to u8 - i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c - i40e: Memory leak in i40e_config_iwarp_qvlist https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.140 - tracepoint: Mark __tracepoint_string's __used - HID: input: Fix devices that return multiple bytes in battery report - cgroup: add missing skcd->no_refcnt check in cgroup_sk_clone() - [x86] mce/inject: Fix a wrong assignment of i_mce.status - sched/fair: Fix NOHZ next idle balance - sched: correct SD_flags returned by tl->sd_flags() - EDAC: Fix reference count leaks - [x86] platform/x86: intel-hid: Fix return value check in check_acpi_dev() - [x86] platform/x86: intel-vbtn: Fix return value check in check_acpi_dev() - [armhf] drm/tilcdc: fix leak & null ref in panel_connector_get_modes - Bluetooth: add a mutex lock to avoid UAF in do_enale_set - loop: be paranoid on exit and prevent new additions / removals - fs/btrfs: Add cond_resched() for try_release_extent_mapping() stalls - drm/amdgpu: avoid dereferencing a NULL pointer - drm/radeon: Fix reference count leaks caused by pm_runtime_get_sync - [x86] crypto: aesni - Fix build with LLVM_IAS=1 - video: fbdev: neofb: fix memory leak in neo_scan_monitor() - md-cluster: fix wild pointer of unlock_all_bitmaps() - [arm64] dts: hisilicon: hikey: fixes to comply with adi, adv7533 DT binding - [armhf] drm/etnaviv: fix ref count leak via pm_runtime_get_sync - drm/nouveau: fix multiple instances of reference count leaks - drm/debugfs: fix plain echo to connector "force" attribute - drm/radeon: disable AGP by default - mm/mmap.c: Add cond_resched() for exit_mmap() CPU stalls - brcmfmac: keep SDIO watchdog running when console_interval is non-zero - brcmfmac: To fix Bss Info flag definition Bug - brcmfmac: set state of hanger slot to FREE when flushing PSQ - iwlegacy: Check the return value of pcie_capability_read_*() - [arm64,armhf] gpu: host1x: debug: Fix multiple channels emitting messages simultaneously - usb: gadget: net2280: fix memory leak on probe error handling paths - dyndbg: fix a BUG_ON in ddebug_describe_flags - bcache: fix super block seq numbers comparision in register_cache_set() - [arm64,x86] ACPICA: Do not increment operation_region reference counts for field units - [arm64] drm/msm: ratelimit crtc event overflow error - [x86] agp/intel: Fix a memory leak on module initialisation failure - ath10k: Acquire tx_lock in tx error paths - [armhf] drm/etnaviv: Fix error path on failure to enable bus clk - [arm64] drm/arm: fix unintentional integer overflow on left shift - drm/mipi: use dcs write for mipi_dsi_dcs_set_tear_scanline - [powerpc*] cxl: Fix kobject memleak - drm/radeon: fix array out-of-bounds read and write issues - ipvs: allow connection reuse for unconfirmed conntrack - xfs: don't eat an EIO/ENOSPC writeback error when scrubbing data fork - xfs: fix reflink quota reservation accounting error - RDMA/rxe: Skip dgid check in loopback mode - PCI: Fix pci_cfg_wait queue locking problem - leds: core: Flush scheduled work for system suspend - [arm64,armhf] drm: panel: simple: Fix bpc for LG LB070WV8 panel - [armhf] phy: exynos5-usbdrd: Calibrating makes sense only for USB2.0 PHY - scsi: scsi_debug: Add check for sdebug_max_queue during module init - mwifiex: Prevent memory corruption handling keys - [powerpc*] vdso: Fix vdso cpu truncation - RDMA/qedr: SRQ's bug fixes - RDMA/rxe: Prevent access to wr->next ptr afrer wr is posted to send queue - [x86] staging: rtl8192u: fix a dubious looking mask before a shift - PCI/ASPM: Add missing newline in sysfs 'policy' - [powerpc*] book3s64/pkeys: Use PVR check instead of cpu feature - USB: serial: iuu_phoenix: fix led-activity helpers - usb: core: fix quirks_param_set() writing to a const pointer - [armhf] thermal: ti-soc-thermal: Fix reversed condition in ti_thermal_expose_sensor() - [mips*] OCTEON: add missing put_device() call in dwc3_octeon_device_init() - [arm*] usb: dwc2: Fix error path in gadget registration - [arm64,armhf] net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration - RDMA/core: Fix return error value in _ib_modify_qp() to negative - Bluetooth: hci_h5: Set HCI_UART_RESET_ON_INIT to correct flags - Bluetooth: hci_serdev: Only unregister device if it was registered - [x86] PCI: Release IVRS table in AMD ACS quirk - [s390x] qeth: don't process empty bridge port events - [arm64,armhf] wl1251: fix always return 0 error - [amd64] net: ethernet: aquantia: Fix wrong return value - liquidio: Fix wrong return value in cn23xx_get_pf_num() - dlm: Fix kobject memleak - ocfs2: fix unbalanced locking - [arm64,armhf] pinctrl-single: fix pcs_parse_pinconf() return value - svcrdma: Fix page leak in svc_rdma_recv_read_chunk() - [x86] fsgsbase/64: Fix NULL deref in 86_fsgsbase_read_task - [amd64] crypto: aesni - add compatibility with IAS - af_packet: TPACKET_V3: fix fill status rwlock imbalance - net/nfc/rawsock.c: add CAP_NET_RAW check. - net: Set fput_needed iff FDPUT_FPUT is set - net: refactor bind_bucket fastreuse into helper - net: initialize fastreuse on inet_inherit_port - USB: serial: cp210x: re-enable auto-RTS on open - USB: serial: cp210x: enable usb generic throttle/unthrottle - [x86] ALSA: hda - fix the micmute led status for Lenovo ThinkCentre AIO - ALSA: usb-audio: Creative USB X-Fi Pro SB1095 volume knob support - ALSA: usb-audio: fix overeager device match for MacroSilicon MS2109 - ALSA: usb-audio: work around streaming quirk for MacroSilicon MS2109 - [x86] crypto: qat - fix double free in qat_uclo_create_batch_init_list - [x86] crypto: ccp - Fix use of merged scatterlists - [arm64] crypto: cpt - don't sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified - bitfield.h: don't compile-time validate _val in FIELD_FIT - fs/minix: check return value of sb_getblk() - fs/minix: don't allow getting deleted inodes - fs/minix: reject too-large maximum file size - ALSA: usb-audio: add quirk for Pioneer DDJ-RB - 9p: Fix memory leak in v9fs_mount - drm/ttm/nouveau: don't call tt destroy callback on alloc failure. - NFS: Don't move layouts to plh_return_segs list while in use - NFS: Don't return layout segments that are in use - [arm64] cpufreq: dt: fix oops on armada37xx - include/asm-generic/vmlinux.lds.h: align ro_after_init - spi: spidev: Align buffers for DMA - [x86] irqdomain/treewide: Free firmware node after domain removal - xen/balloon: fix accounting in alloc_xenballooned_pages error path - xen/balloon: make the balloon wait interruptible https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.141 - smb3: warn on confusing error scenario with sec=krb5 - genirq/affinity: Make affinity setting if activated opt-in - [arm64,x86] PCI: hotplug: ACPI: Fix context refcounting in acpiphp_grab_context() - PCI: Mark AMD Navi10 GPU rev 0x00 ATS as broken - PCI: Add device even if driver attach failed - [arm64] PCI: qcom: Define some PARF params needed for ipq8064 SoC - [arm64] PCI: qcom: Add support for tx term offset for rev 2.1.0 - PCI: Probe bridge window attributes once at enumeration-time - btrfs: free anon block device right after subvolume deletion - btrfs: don't allocate anonymous block device for user invisible roots - btrfs: ref-verify: fix memory leak in add_block_entry - btrfs: don't traverse into the seed devices in show_devname - btrfs: open device without device_list_mutex - btrfs: fix messages after changing compression level by remount - btrfs: only search for left_info if there is no right_info in try_merge_free_space (CVE-2019-19448) - btrfs: fix memory leaks after failure to lookup checksums during inode logging - btrfs: fix return value mixup in btrfs_get_extent - cifs: Fix leak when handling lease break for cached root fid - [powerpc*] Allow 4224 bytes of stack expansion for the signal frame - [powerpc*] Fix circular dependency between percpu.h and mmu.h - [arm64] net: ethernet: stmmac: Disable hardware multicast filter - [arm64,armhf] net: stmmac: dwmac1000: provide multicast filter fallback - net/compat: Add missing sock updates for SCM_RIGHTS - md/raid5: Fix Force reconstruct-write io stuck in degraded raid5 - bcache: allocate meta data pages as compound pages - bcache: fix overflow in offset_to_stripe() - mac80211: fix misplaced while instead of if - driver core: Avoid binding drivers to dead devices - [mips*] CPU#0 is not hotpluggable - ocfs2: change slot number type s16 to u16 - mm/page_counter.c: fix protection usage propagation - ftrace: Setup correct FTRACE_FL_REGS flags for module - kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler - tracing/hwlat: Honor the tracing_cpumask - tracing: Use trace_sched_process_free() instead of exit() for pid tracing - [x86] watchdog: f71808e_wdt: indicate WDIOF_CARDRESET support in watchdog_info.options - [x86] watchdog: f71808e_wdt: remove use of wrong watchdog_info option - [x86] watchdog: f71808e_wdt: clear watchdog timeout occurred flag - [powerpc*] pseries: Fix 64 bit logical memory block panic - module: Correctly truncate sysfs sections output - [armhf] drm/imx: imx-ldb: Disable both channels for split mode in enc->disable() - RDMA/ipoib: Return void from ipoib_ib_dev_stop() - RDMA/ipoib: Fix ABBA deadlock with ipoib_reap_ah() - USB: serial: ftdi_sio: make process-packet buffer unsigned - USB: serial: ftdi_sio: clean up receive processing - [armhf] gpu: ipu-v3: image-convert: Combine rotate/no-rotate irq handlers - dm rq: don't call blk_mq_queue_stopped() in dm_stop_queue() - [amd64] iommu/vt-d: Enforce PASID devTLB field mask - scsi: lpfc: nvmet: Avoid hang / use-after-free again when destroying targetport - watchdog: initialize device before misc_register - Input: sentelic - fix error return when fsp_reg_write fails - [x86] drm/vmwgfx: Use correct vmw_legacy_display_unit pointer - [x86] drm/vmwgfx: Fix two list_for_each loop exit tests - [arm64] net: qcom/emac: add missed clk_disable_unprepare in error path of emac_clks_phase1_init - nfs: Fix getxattr kernel panic and memory overflow (CVE-2020-25212) - fs/minix: set s_maxbytes correctly - fs/minix: fix block limit check for V1 filesystems - fs/minix: remove expected error message in block_to_path() - fs/ufs: avoid potential u32 multiplication overflow - khugepaged: retract_page_tables() remember to test exit - [arm64] dts: marvell: espressobin: add ethernet alias - [x86] drm: Added orientation quirk for ASUS tablet model T103HAF https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.142 - drm/vgem: Replace opencoded version of drm_gem_dumb_map_offset() - perf probe: Fix memory leakage when the probe point is not found - khugepaged: khugepaged_test_exit() check mmget_still_valid() - khugepaged: adjust VM_BUG_ON_MM() in __khugepaged_enter() - btrfs: export helpers for subvolume name/id resolution - btrfs: don't show full path of bind mounts in subvol= - btrfs: Move free_pages_out label in inline extent handling branch in compress_file_range - btrfs: inode: fix NULL pointer dereference if inode doesn't need compression - btrfs: sysfs: use NOFS for device creation - romfs: fix uninitialized memory leak in romfs_dev_read() - kernel/relay.c: fix memleak on destroy relay channel - mm: include CMA pages in lowmem_reserve at boot - mm, page_alloc: fix core hung in free_pcppages_bulk() - ext4: fix checking of directory entry validity for inline directories - jbd2: add the missing unlock_buffer() in the error path of jbd2_write_superblock() - [s390x] scsi: zfcp: Fix use-after-free in request timeout handlers - kthread: Do not preempt current task if it is going to call schedule() - spi: Prevent adding devices below an unregistering controller - scsi: ufs: Add DELAY_BEFORE_LPM quirk for Micron devices - [arm*] scsi: target: tcmu: Fix crash in tcmu_flush_dcache_range on ARM - media: budget-core: Improve exception handling in budget_register() - Input: psmouse - add a newline when printing 'proto' by sysfs - svcrdma: Fix another Receive buffer leak - xfs: fix inode quota reservation checks - jffs2: fix UAF problem - ceph: fix use-after-free for fsc->mdsc - [x86] cpufreq: intel_pstate: Fix cpuinfo_max_freq when MSR_TURBO_RATIO_LIMIT is 0 - scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases - virtio_ring: Avoid loop when vq is broken in virtqueue_poll - xfs: Fix UBSAN null-ptr-deref in xfs_sysfs_init - fs/signalfd.c: fix inconsistent return codes for signalfd4 - ext4: fix potential negative array index in do_split() (CVE-2020-14314) - ext4: don't allow overlapping system zones - i40e: Set RX_ONLY mode for unicast promiscuous on VLAN - i40e: Fix crash during removing i40e driver - [armhf] net: fec: correct the error path for regulator disable in probe - bonding: show saner speed for broadcast mode - bonding: fix a potential double-unregister - [s390x] runtime_instrumentation: fix storage key handling - [s390x] ptrace: fix storage key handling - [x86] ASoC: intel: Fix memleak in sst_media_open - [amd64,arm64] vfio/type1: Add proper error unwind for vfio_iommu_replay() - [x86] kvm: Toggling CR4.SMAP does not load PDPTEs in PAE mode - [x86] kvm: Toggling CR4.PKE does not load PDPTEs in PAE mode - efi: avoid error message when booting under Xen - afs: Fix NULL deref in afs_dynroot_depopulate() - bonding: fix active-backup failover for current ARP slave - net: ena: Prevent reset after device destruction - [x86] hv_netvsc: Fix the queue_mapping in netvsc_vf_xmit() - [armhf] net: dsa: b53: check for timeout - [powerpc*] pseries: Do not initiate shutdown when system is running on UPS - efi: add missed destroy_workqueue when efisubsys_init fails - epoll: Keep a reference on files added to the check list - do_epoll_ctl(): clean the failure exits up a bit - mm/hugetlb: fix calculation of adjust_range_if_pmd_sharing_possible - xen: don't reschedule in preemption off sections - clk: Evict unregistered clks from parent caches - KVM: Pass MMU notifier range flags to kvm_unmap_hva_range() - [arm64] KVM: Only reschedule if MMU_NOTIFIER_RANGE_BLOCKABLE is not set https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.143 - [powerpc*] 64s: Don't init FSCR_DSCR in __init_FSCR() - gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY - net: Fix potential wrong skb->protocol in skb_vlan_untag() - net/smc: Prevent kernel-infoleak in __smc_diag_dump() - tipc: fix uninit skb->data in tipc_nl_compat_dumpit() - net: ena: Make missed_tx stat incremental - ipvlan: fix device features - [x86] mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs - [powerpc*] xive: Ignore kmemleak false positives - media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA value in debiirq() - blktrace: ensure our debugfs dir exists - scsi: target: tcmu: Fix crash on ARM during cmd completion - [arm*] iommu/iova: Don't BUG on invalid PFNs - [amd64] drm/amdkfd: Fix reference count leaks. - drm/radeon: fix multiple reference count leak - drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms - drm/amd/display: fix ref count leak in amdgpu_drm_ioctl - drm/amdgpu: fix ref count leak in amdgpu_display_crtc_set_config - drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails - scsi: lpfc: Fix shost refcount mismatch when deleting vport - xfs: Don't allow logging of XFS_ISTALE inodes - f2fs: fix error path in do_recover_data() - PCI: Fix pci_create_slot() reference count leak - rtlwifi: rtl8192cu: Prevent leaking urb - [mips*] vdso: Fix resource leaks in genvdso.c - cec-api: prevent leaking memory through hole in structure - HID: quirks: add NOGET quirk for Logitech GROUP - f2fs: fix use-after-free issue - drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open - drm/nouveau: fix reference count leak in nv50_disp_atomic_commit - drm/nouveau: Fix reference count leak in nouveau_connector_detect - btrfs: file: reserve qgroup space after the hole punch range is locked - scsi: iscsi: Do not put host in iscsi_set_flashnode_param() - ceph: fix potential mdsc use-after-free crash - scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del() - [x86] EDAC/ie31200: Fallback if host bridge device is already initialized - [arm64] KVM: Fix symbol dependency in __hyp_call_panic_nvhe - USB: sisusbvga: Fix a potential UB casued by left shifting a negative value - [arm64] drm/msm/adreno: fix updating ring fence - nvme-fc: Fix wrong return value in __nvme_fc_init_request() - null_blk: fix passing of REQ_FUA flag in null_handle_rq - jbd2: make sure jh have b_transaction set in refile/unfile_buffer - ext4: don't BUG on inconsistent journal feature - ext4: handle read only external journal device - jbd2: abort journal if free a async write error metadata buffer - ext4: handle option set by mount flags correctly - ext4: handle error of ext4_setup_system_zone() on remount - ext4: correctly restore system zone info when remount fails - fs: prevent BUG_ON in submit_bh_wbc() - [s390x] cio: add cond_resched() in the slow_eval_known_fn() loop - scsi: fcoe: Fix I/O path allocation - scsi: ufs: Fix possible infinite loop in ufshcd_hold - scsi: ufs: Improve interrupt handling for shared interrupts - scsi: ufs: Clean up completed request without interrupt notification - scsi: qla2xxx: Check if FW supports MQ before enabling - scsi: qla2xxx: Fix null pointer access during disconnect from subsystem - Revert "scsi: qla2xxx: Fix crash on qla2x00_mailbox_command" - macvlan: validate setting of multiple remote source MAC addresses - [powerpc*] perf: Fix soft lockups due to missed interrupt accounting - block: loop: set discard granularity and alignment for block device backed loop - [arm64,x86] HID: i2c-hid: Always sleep 60ms after I2C_HID_PWR_ON commands - blk-mq: order adding requests to hctx->dispatch and checking SCHED_RESTART - btrfs: reset compression level for lzo on remount - btrfs: fix space cache memory leak after transaction abort - fbcon: prevent user font height or width change from causing potential out-of-bounds access - vt: defer kfree() of vc_screenbuf in vc_do_resize() - vt_ioctl: change VT_RESIZEX ioctl to check for error return from vc_resize() - [armhf] serial: samsung: Removes the IRQ not found warning - [arm*] serial: pl011: Fix oops on -EPROBE_DEFER - [arm*] serial: pl011: Don't leak amba_ports entry on driver register error - serial: 8250_exar: Fix number of ports for Commtech PCIe cards - serial: 8250: change lock order in serial8250_do_startup() - writeback: Protect inode->i_io_list with inode->i_lock - writeback: Avoid skipping inode writeback - writeback: Fix sync livelock due to b_dirty_time processing - XEN uses irqdesc::irq_data_common::handler_data to store a per interrupt XEN data pointer which contains XEN specific information. - usb: host: xhci: fix ep context print mismatch in debugfs - xhci: Do warm-reset when both CAS and XDEV_RESUME are set - xhci: Always restore EP_SOFT_CLEAR_TOGGLE even if ep reset failed - PM: sleep: core: Fix the handling of pending runtime resume requests - device property: Fix the secondary firmware node handling in set_primary_fwnode() - [x86] genirq/matrix: Deal with the sillyness of for_each_cpu() on UP - drm/amdgpu: Fix buffer overflow in INFO ioctl - USB: yurex: Fix bad gfp argument - USB: quirks: Add no-lpm quirk for another Raydium touchscreen - USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D - [armhf] usb: host: ohci-exynos: Fix error handling in exynos_ohci_probe() - USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() - USB: cdc-acm: rework notification_buffer resizing - btrfs: check the right error variable in btrfs_del_dir_entries_in_log - [arm64,armhf] usb: dwc3: gadget: Don't setup more than requested - [arm64,armhf] usb: dwc3: gadget: Fix handling ZLP - [arm64,armhf] usb: dwc3: gadget: Handle ZLP for sg requests - [arm64,x86] tpm: Unify the mismatching TPM space buffer sizes - HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.144 - HID: core: Correctly handle ReportSize being zero - HID: core: Sanitize event code and type when mapping input - scsi: target: tcmu: Fix size in calls to tcmu_flush_dcache_range - scsi: target: tcmu: Optimize use of flush_dcache_page - [arm64] drm/msm: add shutdown support for display platform_driver - [x86] hwmon: (applesmc) check status earlier. - nvmet: Disable keep-alive timer when kato is cleared to 0h - [arm64] drm/msm/a6xx: fix gmu start on newer firmware - ceph: don't allow setlease on cephfs - cpuidle: Fixup IRQ state - [s390x] don't trace preemption in percpu macros - xen/xenbus: Fix granting of vmalloc'd memory - dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling - batman-adv: Avoid uninitialized chaddr when handling DHCP - batman-adv: bla: use netif_rx_ni when not in interrupt context - [mips*] mm: BMIPS5000 has inclusive physical caches - netfilter: nf_tables: add NFTA_SET_USERDATA if not null - netfilter: nf_tables: incorrect enum nft_list_attributes definition - netfilter: nf_tables: fix destination register zeroing - [arm64] net: hns: Fix memleak in hns_nic_dev_probe - [arm64,armhf] dmaengine: pl330: Fix burst length if burst size is smaller than bus width - gtp: add GTPA_LINK info to msg sent to userspace - bnxt_en: Don't query FW when netif_running() is false. - bnxt_en: Check for zero dir entries in NVRAM. - bnxt_en: Fix PCI AER error recovery flow - bnxt_en: fix HWRM error when querying VF temperature - xfs: fix boundary test in xfs_attr_shortform_verify (CVE-2020-14385) - bnxt: don't enable NAPI until rings are ready - netfilter: nfnetlink: nfnetlink_unicast() reports EAGAIN instead of ENOBUFS - nvmet-fc: Fix a missed _irqsave version of spin_lock in 'nvmet_fc_fod_op_done()' - net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init() - fix regression in "epoll: Keep a reference on files added to the check list" - xfs: fix xfs_bmap_validate_extent_raw when checking attr fork of rt files - tg3: Fix soft lockup when tg3_reset_task() fails. - [amd64] x86, fakenuma: Fix invalid starting node ID - [amd64] iommu/vt-d: Serialize IOMMU GCMD register modifications - [armhf] thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430 - xfs: don't update mtime on COW faults - btrfs: drop path before adding new uuid tree entry - vfio/type1: Support faulting PFNMAP vmas - vfio-pci: Fault mmaps to enable vma tracking - vfio-pci: Invalidate mmaps and block MMIO access on disabled memory (CVE-2020-12888) - btrfs: Remove redundant extent_buffer_get in get_old_root - btrfs: Remove extraneous extent_buffer_get from tree_mod_log_rewind - btrfs: set the lockdep class for log tree extent buffers - uaccess: Add non-pagefault user-space read functions - uaccess: Add non-pagefault user-space write function - btrfs: fix potential deadlock in the search ioctl - net: usb: qmi_wwan: add Telit 0x1050 composition - usb: qmi_wwan: add D-Link DWM-222 A2 device ID - ALSA: ca0106: fix error code handling - ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check - [x86] ALSA: hda/hdmi: always check pin power status in i915 pin fixup - ALSA: firewire-digi00x: exclude Avid Adrenaline from detection - [x86] ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO - media: rc: do not access device via sysfs after rc_unregister_device() - media: rc: uevent sysfs file races with rc_unregister_device() - affs: fix basic permission bits to actually work - block: allow for_each_bvec to support zero len bvec - libata: implement ATA_HORKAGE_MAX_TRIM_128M and apply to Sandisks - dm writecache: handle DAX to partitions on persistent memory correctly - dm cache metadata: Avoid returning cmd->bm wild pointer on error - dm thin metadata: Avoid returning cmd->bm wild pointer on error - mm: slub: fix conversion of freelist_corrupted() - [arm64] KVM: Add kvm_extable for vaxorcism code - [arm64] KVM: Defer guest entry when an asynchronous exception is pending - [arm64] KVM: Survive synchronous exceptions caused by AT instructions - [arm64] KVM: Set HCR_EL2.PTW to prevent AT taking synchronous exception - vfio/pci: Fix SR-IOV VF handling with MMIO blocking - checkpatch: fix the usage of capture group ( ... ) - mm/hugetlb: fix a race between hugetlb sysctl handlers (CVE-2020-25285) - cfg80211: regulatory: reject invalid hints - net: usb: Fix uninit-was-stored issue in asix_read_phy_addr() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.145 - ALSA; firewire-tascam: exclude Tascam FE-8 from detection - block: ensure bdi->io_pages is always initialized - net: usb: dm9601: Add USB ID of Keenetic Plus DSL - sctp: not disable bh in the whole sctp_get_port_local() - tipc: fix shutdown() of connectionless socket - net: disable netpoll on fresh napis - [arm64,armhf] net/mlx5e: Don't support phys switch id if not in switchdev mode https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.146 - RDMA/rxe: Fix memleak in rxe_mem_init_user - RDMA/rxe: Drop pointless checks in rxe_init_ports - [armhf] drm/sun4i: Fix dsi dcs long write function - scsi: libsas: Set data_dir as DMA_NONE if libata marks qc as NODATA - RDMA/core: Fix reported speed and width - [arm64] mmc: sdhci-msm: Add retries when all tuning phases are found valid - [arm64,x86] dmaengine: acpi: Put the CSRT table after using it - netfilter: conntrack: allow sctp hearbeat after connection re-use - [x86] firestream: Fix memleak in fs_open - [arm64,armhf] ALSA: hda: Fix 2 channel swapping for Tegra - xfs: initialize the shortform attr header padding entry - nvme-fabrics: don't check state NVME_CTRL_NEW for request acceptance - nvme-rdma: serialize controller teardown sequences - HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for all Saitek X52 devices - [ppc64el,x86] drivers/net/wan/hdlc_cisco: Add hard_header_len - HID: elan: Fix memleak in elan_input_configured - [x86] cpufreq: intel_pstate: Refuse to turn off with HWP enabled - [x86] cpufreq: intel_pstate: Fix intel_pstate_get_hwp_max() for turbo disabled - ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled - [amd64] iommu/amd: Do not use IOMMUv2 functionality when SME is active - [x86] iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak. - [x86] iio:magnetometer:ak8975 Fix alignment and data leak issues. - [armhf] iio:accel:mma8452: Fix timestamp alignment and prevent data leak. - [x86] staging: wlan-ng: fix out of bounds read in prism2sta_probe_usb() - btrfs: require only sector size alignment for parent eb bytenr - btrfs: fix lockdep splat in add_missing_dev - btrfs: fix wrong address when faulting in pages in the search ioctl - regulator: push allocation in set_consumer_device_supply() out of lock - scsi: target: iscsi: Fix data digest calculation - scsi: target: iscsi: Fix hang in iscsit_access_np() when getting tpg->np_login_sem - [arm64] drm/msm: Disable preemption on all 5xx targets - rbd: require global CAP_SYS_ADMIN for mapping and unmapping (CVE-2020-25284) - RDMA/rxe: Fix the parent sysfs read when the interface has 15 chars - vgacon: remove software scrollback support - fbcon: remove soft scrollback code (CVE-2020-14390) - fbcon: remove now unusued 'softback_lines' cursor() argument - [x86] KVM: VMX: Don't freeze guest when event delivery causes an APIC-access exit - [x86] video: fbdev: fix OOB read in vga_8planes_imageblit() - [arm64] phy: qcom-qmp: Use correct values for ipq8074 PCIe Gen2 PHY init - usb: core: fix slab-out-of-bounds Read in read_descriptors - USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter - USB: serial: option: support dynamic Quectel USB compositions - USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules - usb: Fix out of sync data toggle if a configured device is reconfigured - [x86] usb: typec: ucsi: acpi: Check the _DEP dependencies . [ Salvatore Bonaccorso ] * Bump ABI to 11 * Drop 'Revert "mips: Add udelay lpj numbers adjustment"' * [rt] Update to 4.19.135-rt60 * [rt] Refresh "net: Use skbufhead with raw lock" for context changes in 4.19.136 * [rt] Refresh "timers: Prepare for full preemption" for context changes in 4.19.138 * [rt] Refresh "timers: Redo the notification of canceling timers on -RT" for context changes in 4.19.138 * [rt] Refresh "watchdog: prevent deferral of watchdogd wakeup on RT" for context changes in 4.19.141 * Refresh "net: ena: fix crash during ena_remove()" for context changes in 4.19.142 * [rt] Refresh "Split IRQ-off and zone->lock while freeing pages from PCP list #1" for context changes in 4.19.142 * ACPI: configfs: Disallow loading ACPI tables when locked down (CVE-2020-15780) * [rt] Update to 4.19.142-rt63 * net/packet: fix overflow in tpacket_rcv (CVE-2020-14386) * debian/tests/python: pycodestyle: Increase max-line-length to 100. * gfs2: initialize transaction tr_ailX_lists earlier (Closes: #968567) linux-signed-arm64 (4.19.146+1) buster; urgency=medium . * Sign kernel from linux 4.19.146-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.133 - [s390x] KVM: s390: reduce number of IO pins to 1 - regmap: fix alignment issue - [arm64,armhf] drm/tegra: hub: Do not enable orphaned window group - [arm64,armhf] gpu: host1x: Detach driver on unregister - spi: spidev: fix a race between spidev_release and spidev_remove - spi: spidev: fix a potential use-after-free in spidev_release() - ixgbe: protect ring accesses with READ- and WRITE_ONCE - i40e: protect ring accesses with READ- and WRITE_ONCE - [x86] drm: panel-orientation-quirks: Add quirk for Asus T101HA panel - [x86] drm: panel-orientation-quirks: Use generic orientation-data for Acer S1003 - cifs: update ctime and mtime during truncate - [armhf] imx6: add missing put_device() call in imx6q_suspend_init() - scsi: mptscsih: Fix read sense data size - [arm64] usb: dwc3: pci: Fix reference count leak in dwc3_pci_resume_work - block: release bip in a right way in error path - nvme-rdma: assign completion vector correctly - [x86] entry: Increase entry_stack size to a full page - net: cxgb4: fix return error value in t4_prep_fw - smsc95xx: check return value of smsc95xx_reset - smsc95xx: avoid memory leak in smsc95xx_bind - [arm64] net: hns3: fix use-after-free when doing self test - [x86] ALSA: compress: fix partial_drain completion state - nbd: Fix memory leak in nbd_add_socket - cxgb4: fix all-mask IP address comparison - bnxt_en: fix NULL dereference in case SR-IOV configuration fails - [arm64] net: macb: mark device wake capable when "magic-packet" property present - ALSA: opl3: fix infoleak in opl3 - ALSA: hda - let hs_mic be picked ahead of hp_mic - ALSA: usb-audio: add quirk for MacroSilicon MS2109 - [arm64] KVM: Fix definition of PAGE_HYP_DEVICE - [arm64] KVM: Stop clobbering x0 for HVC_SOFT_RESTART - [x86] KVM: bit 8 of non-leaf PDPEs is not reserved - [x86] KVM: Inject #GP if guest attempts to toggle CR4.LA57 in 64-bit mode - [x86] KVM: Mark CR4.TSD as being possibly owned by the guest - kallsyms: Refactor kallsyms_show_value() to take cred - kernel: module: Use struct_size() helper - module: Refactor section attr into bin attribute - module: Do not expose section addresses to non-CAP_SYSLOG - kprobes: Do not expose probe addresses to non-CAP_SYSLOG - bpf: Check correct cred for CAP_SYSLOG in bpf_dump_raw_ok() - btrfs: fix fatal extent_buffer readahead vs releasepage race - drm/radeon: fix double free - dm: use noio when sending kobject event - [s390x] mm: fix huge pte soft dirty copying https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.134 - perf: Make perf able to build with latest libbfd - genetlink: remove genl_bind - ipv4: fill fl4_icmp_{type,code} in ping_v4_sendmsg - l2tp: remove skb_dst_set() from l2tp_xmit_skb() - llc: make sure applications use ARPHRD_ETHER - net: Added pointer check for dst->ops->neigh_lookup in dst_neigh_lookup_skb - net_sched: fix a memory leak in atm_tc_init() - net: usb: qmi_wwan: add support for Quectel EG95 LTE modem - tcp: fix SO_RCVLOWAT possible hangs under high mem pressure - tcp: make sure listeners don't initialize congestion-control state - tcp: md5: add missing memory barriers in tcp_md5_do_add()/tcp_md5_hash_key() - tcp: md5: do not send silly options in SYNCOOKIES - tcp: md5: refine tcp_md5_do_add()/tcp_md5_hash_key() barriers - tcp: md5: allow changing MD5 keys in all socket states - cgroup: fix cgroup_sk_alloc() for sk_clone_lock() (CVE-2020-14356) (Closes: #966846) - cgroup: Fix sock_cgroup_data on big-endian. - sched: consistently handle layer3 header accesses in the presence of VLANs - vlan: consolidate VLAN parsing code and limit max parsing depth - [arm64] drm/msm: fix potential memleak in error branch - [arm64] alternatives: use subsections for replacement sequences - [arm64,x86] tpm_tis: extra chip->ops check on error path in tpm_tis_core_init - gfs2: read-only mounts should grab the sd_freeze_gl glock - [i386] i2c: eg20t: Load module automatically if ID matches - [arm64] alternatives: don't patch up internal branches - [armhf] iio: mma8452: Add missed iio_device_unregister() call in mma8452_probe() - [armhf] net: dsa: bcm_sf2: Fix node reference count - of: of_mdio: Correct loop scanning logic - Revert "usb/ohci-platform: Fix a warning when hibernating" - [arm64,armhf] Revert "usb/xhci-plat: Set PM runtime as active on resume" - Revert "usb/ehci-platform: Set PM runtime as active on resume" - [arm64,armhf] net: sfp: add support for module quirks - [arm64,armhf] net: sfp: add some quirks for GPON modules - HID: quirks: Remove ITE 8595 entry from hid_have_special_driver - ALSA: usb-audio: Create a registration quirk for Kingston HyperX Amp (0951:16d8) - mmc: sdhci: do not enable card detect interrupt for gpio cd type - ALSA: usb-audio: Rewrite registration quirk handling - [x86] ACPI: video: Use native backlight on Acer Aspire 5783z - ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Alpha S - [x86] ACPI: video: Use native backlight on Acer TravelMate 5735Z - ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Flight S - [arm64,armhf] phy: sun4i-usb: fix dereference of pointer phy0 before it is null checked - [armhf] spi: spi-sun6i: sun6i_spi_transfer_one(): fix setting of clock rate - [x86] staging: comedi: verify array index is correct before using it - regmap: debugfs: Don't sleep while atomic for fast_io regmaps - [x86] copy_xstate_to_kernel: Fix typo which caused GDB regression - apparmor: ensure that dfa state tables have entries - perf stat: Zero all the 'ena' and 'run' array slot stats for interval mode - [armhf] mtd: rawnand: marvell: Use nand_cleanup() when the device is not yet registered - [armhf] mtd: rawnand: marvell: Fix probe error path - mtd: rawnand: timings: Fix default tR_max and tCCS_min timings - HID: magicmouse: do not set up autorepeat - HID: quirks: Always poll Obins Anne Pro 2 keyboard - HID: quirks: Ignore Simply Automated UPB PIM - ALSA: line6: Perform sanity check for each URB creation - ALSA: line6: Sync the pending work cancel at disconnection - ALSA: usb-audio: Fix race against the error recovery URB submission - [x86] ALSA: hda/realtek - change to suitable link model for ASUS platform - [x86] ALSA: hda/realtek - Enable Speaker for ASUS UX533 and UX534 - [arm*] usb: dwc2: Fix shutdown callback in platform - [arm64,armhf] usb: chipidea: core: add wakeup support for extcon - USB: serial: iuu_phoenix: fix memory corruption - USB: serial: cypress_m8: enable Simply Automated UPB PIM - USB: serial: ch341: add new Product ID for CH340 - USB: serial: option: add GosunCn GM500 series - USB: serial: option: add Quectel EG95 LTE modem - [x86] virt: vbox: Fix VBGL_IOCTL_VMMDEV_REQUEST_BIG and _LOG req numbers to match upstream - [x86] virt: vbox: Fix guest capabilities mask check - [arm64] virtio: virtio_console: add missing MODULE_DEVICE_TABLE() for rproc serial - ovl: inode reference leak in ovl_is_inuse true case. - ovl: relax WARN_ON() when decoding lower directory file handle - ovl: fix unneeded call to ovl_change_flags() - fuse: Fix parameter for FS_IOC_{GET,SET}FLAGS - Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()" (CVE-2020-10781) - [x86] mei: bus: don't clean driver pointer - timer: Prevent base->clk from moving backward - timer: Fix wheel index calculation on last level - [mips*] Fix build for LTS kernel caused by backporting lpj adjustment - hwmon: (emc2103) fix unable to change fan pwm1_enable attribute - [powerpc*] book3s64/pkeys: Fix pkey_access_permitted() for execute disable pkey - [x86] intel_th: pci: Add Jasper Lake CPU support - [x86] intel_th: pci: Add Tiger Lake PCH-H support - [x86] intel_th: pci: Add Emmitsburg PCH support - [x86] intel_th: Fix a NULL dereference when hub driver is not loaded - [arm*] thermal/drivers/cpufreq_cooling: Fix wrong frequency converted from power - [arm64] ptrace: Override SPSR.SS when single-stepping is enabled - [arm64] ptrace: Consistently use pseudo-singlestep exceptions - [arm64] compat: Ensure upper 32 bits of x0 are zero on syscall return - sched: Fix unreliable rseq cpu_id for new tasks - sched/fair: handle case of task_h_load() returning 0 - genirq/affinity: Handle affinity setting on inactive interrupts correctly - printk: queue wake_up_klogd irq_work only if per-CPU areas are ready - libceph: don't omit recovery_deletes in target_copy() - rxrpc: Fix trace string https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.135 - mac80211: allow rx of mesh eapol frames with default rx key - scsi: scsi_transport_spi: Fix function pointer check - net: sky2: initialize return of gm_phy_read - drm/nouveau/i2c/g94-: increase NV_PMGR_DP_AUXCTL_TRANSACTREQ timeout - fuse: fix weird page warning - [x86] irqdomain/treewide: Keep firmware node unconditionally allocated - SUNRPC reverting d03727b248d0 ("NFSv4 fix CLOSE not waiting for direct IO compeletion") - tipc: clean up skb list lock handling on send path - IB/umem: fix reference count leak in ib_umem_odp_get() - uprobes: Change handle_swbp() to send SIGTRAP with si_code=SI_KERNEL, to fix GDB regression - ALSA: info: Drop WARN_ON() from buffer NULL sanity check - btrfs: fix double free on ulist after backref resolution failure - btrfs: fix mount failure caused by race with umount - btrfs: fix page leaks after failure to lock page for delalloc - bnxt_en: Fix race when modifying pause settings. - [x86] hippi: Fix a size used in a 'pci_free_consistent()' in an error handling path - ax88172a: fix ax88172a_unbind() failures - ieee802154: fix one possible memleak in adf7242_probe - [arm64,armhf] drm: sun4i: hdmi: Fix inverted HPD result - [arm64,armhf] net: smc91x: Fix possible memory leak in smc_drv_probe() - bonding: check error value of register_netdevice() immediately - qed: suppress "don't support RoCE & iWARP" flooding on HW init - ipvs: fix the connection sync failed in some cases - bonding: check return value of register_netdevice() in bond_newlink() - serial: exar: Fix GPIO configuration for Sealevel cards based on XR17V35X - [arm64,x86] HID: i2c-hid: add Mediacom FlexBook edge13 to descriptor override - HID: alps: support devices with report id 2 - HID: steam: fixes race in handling device list. - HID: apple: Disable Fn-key key-re-mapping on clone keyboards - [arm64] dmaengine: tegra210-adma: Fix runtime PM imbalance on error - Input: add `SW_MACHINE_COVER` - regmap: dev_get_regmap_match(): fix string comparison - hwmon: (aspeed-pwm-tacho) Avoid possible buffer overflow - [amd64] dmaengine: ioat setting ioat timeout as module parameter - [x86] Input: synaptics - enable InterTouch for ThinkPad X1E 1st gen - [arm64] Use test_tsk_thread_flag() for checking TIF_SINGLESTEP - [arm*] binder: Don't use mmput() from shrinker function. - usb: xhci: Fix ASM2142/ASM3142 DMA addressing - Revert "cifs: Fix the target file was deleted when rename failed." (Closes: #966917) - [x86] staging: wlan-ng: properly check endpoint types - [x86] staging: comedi: addi_apci_1032: check INSN_CONFIG_DIGITAL_TRIG shift - [x86] staging: comedi: ni_6527: fix INSN_CONFIG_DIGITAL_TRIG support - [x86] staging: comedi: addi_apci_1500: check INSN_CONFIG_DIGITAL_TRIG shift - [x86] staging: comedi: addi_apci_1564: check INSN_CONFIG_DIGITAL_TRIG shift - serial: 8250: fix null-ptr-deref in serial8250_start_tx() - fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins. - vt: Reject zero-sized screen buffer size. - mm/memcg: fix refcount error while moving and swapping - mm: memcg/slab: synchronize access to kmem_cache dying flag using a spinlock - mm: memcg/slab: fix memory leak at non-root kmem_cache destroy - io-mapping: indicate mapping failure - drm/amdgpu: Fix NULL dereference in dpm sysfs handlers - [x86] vmlinux.lds: Page-align end of ..page_aligned sections - [x86] ASoC: rt5670: Add new gpio1_is_ext_spk_en quirk and enable it on the Lenovo Miix 2 10 - dm integrity: fix integrity recalculation that is improperly skipped - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb - ath9k: Fix regression with Atheros 9271 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.136 - AX.25: Fix out-of-bounds read in ax25_connect() - AX.25: Prevent out-of-bounds read in ax25_sendmsg() - dev: Defer free of skbs in flush_backlog - ip6_gre: fix null-ptr-deref in ip6gre_init_net() - net-sysfs: add a newline when printing 'tx_timeout' by sysfs - net: udp: Fix wrong clean up for IS_UDPLITE macro - rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA - tcp: allow at most one TLP probe per flight - AX.25: Prevent integer overflows in connect and sendmsg - sctp: shrink stream outq only when new outcnt < old outcnt - sctp: shrink stream outq when fails to do addstream reconf - udp: Copy has_conns in reuseport_grow(). - udp: Improve load balancing for SO_REUSEPORT. - rtnetlink: Fix memory(net_device) leak when ->newlink fails - regmap: debugfs: check count when read regmap file https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.137 - [x86] crypto: ccp - Release all allocated memory if sha type is invalid (CVE-2019-18808) - media: rc: prevent memory leak in cx23888_ir_probe (CVE-2019-19054) - iio: imu: adis16400: fix memory leak (CVE-2019-19061) - [x86] drm/amdgpu: fix multiple memory leaks in acp_hw_init (CVE-2019-19067) - tracing: Have error path in predicate_parse() free its allocated memory (CVE-2019-19072) - ath9k_htc: release allocated buffer if timed out (CVE-2019-19073) - ath9k: release allocated buffer if timed out (CVE-2019-19074) - drm/amd/display: prevent memory leak (CVE-2019-19082) - btrfs: inode: Verify inode mode to avoid NULL pointer dereference (CVE-2019-19813, CVE-2019-19816) - sctp: implement memory accounting on tx path (CVE-2019-3874) - Btrfs: fix selftests failure due to uninitialized i_mode in test inodes - PCI/ASPM: Disable ASPM on ASMedia ASM1083/1085 PCIe-to-PCI bridge - 9p/trans_fd: Fix concurrency del of req_list in p9_fd_cancelled/p9_read_work - wireless: Use offsetof instead of custom macro. - [armel,armhf] 8986/1: hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints - Revert "drm/amdgpu: Fix NULL dereference in dpm sysfs handlers" - drm/amdgpu: Prevent kernel-infoleak in amdgpu_info_ioctl() - drm: hold gem reference until object is no longer accessed - rds: Prevent kernel-infoleak in rds_notify_queue_get() - xfs: fix missed wakeup on l_flush_wait - xfrm: Fix crash when the hold queue is used. - net/mlx5: Verify Hardware supports requested ptp function on a given pin - net: lan78xx: add missing endpoint sanity check - net: lan78xx: fix transfer-buffer memory leak - mlx4: disable device on shutdown - bpf: Fix map leak in HASH_OF_MAPS map - mac80211: mesh: Free ie data when leaving mesh - mac80211: mesh: Free pending skb when destroying a mpath - [arm64] alternatives: move length validation inside the subsection - [arm64] csum: Fix handling of bad packets - Bluetooth: fix kernel oops in store_pending_adv_report - net/mlx5e: fix bpf_prog reference count leaks in mlx5e_alloc_rq - qed: Disable "MFW indication via attention" SPAM every 5 minutes - [amd64] x86/unwind/orc: Fix ORC for newly forked tasks - cxgb4: add missing release on skb in uld_send() - xen-netfront: fix potential deadlock in xennet_remove() - [x86] KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled - [x86] i8259: Use printk_deferred() to prevent deadlock https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.138 - random32: update the net random state on interrupt and activity (CVE-2020-16166) - [armel] ARM: percpu.h: fix build error - random: fix circular include dependency on arm64 after addition of percpu.h - random32: remove net_rand_state from the latent entropy gcc plugin - random32: move the pseudo-random 32-bit definitions to prandom.h - ext4: fix direct I/O read error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.139 - USB: serial: qcserial: add EM7305 QDL product ID - USB: iowarrior: fix up report size handling for some devices - usb: xhci: define IDs for various ASMedia host controllers - usb: xhci: Fix ASMedia ASM1142 DMA addressing - Revert "ALSA: hda: call runtime_allow() for all hda controllers" - [arm*] staging: android: ashmem: Fix lockdep warning for write operation - Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_evt() - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt() - [arm*] binder: Prevent context manager from incrementing ref 0 - vgacon: Fix for missing check in scrollback handling (CVE-2020-14331) - mtd: properly check all write ioctls for permissions - net/9p: validate fds in p9_fd_open - drm/nouveau/fbcon: fix module unload when fbcon init has failed for some reason - drm/nouveau/fbcon: zero-initialise the mode_cmd2 structure - usb: hso: check for return value in hso_serial_common_create() - firmware: Fix a reference count leak. - cfg80211: check vendor command doit pointer before use - igb: reinit_locked() should be called with rtnl_lock - atm: fix atm_dev refcnt leaks in atmtcp_remove_persistent - tools lib traceevent: Fix memory leak in process_dynamic_array_len - [x86] Drivers: hv: vmbus: Ignore CHANNELMSG_TL_CONNECT_RESULT(23) - xattr: break delegations in {set,remove}xattr - ipv4: Silence suspicious RCU usage warning - ipv6: fix memory leaks on IPV6_ADDRFORM path - vxlan: Ensure FDB dump is performed under RCU - net: lan78xx: replace bogus endpoint lookup - [x86] hv_netvsc: do not use VF device if link is down - net: gre: recompute gre csum for sctp over gre tunnels - [arm64] net: thunderx: use spin_lock_bh in nicvf_set_rx_mode_task() - openvswitch: Prevent kernel-infoleak in ovs_ct_put_key() - Revert "vxlan: fix tos value before xmit" - rxrpc: Fix race between recvmsg and sendmsg on immediate call failure - i40e: add num_vectors checker in iwarp handler - i40e: Wrong truncation from u16 to u8 - i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c - i40e: Memory leak in i40e_config_iwarp_qvlist https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.140 - tracepoint: Mark __tracepoint_string's __used - HID: input: Fix devices that return multiple bytes in battery report - cgroup: add missing skcd->no_refcnt check in cgroup_sk_clone() - [x86] mce/inject: Fix a wrong assignment of i_mce.status - sched/fair: Fix NOHZ next idle balance - sched: correct SD_flags returned by tl->sd_flags() - EDAC: Fix reference count leaks - [x86] platform/x86: intel-hid: Fix return value check in check_acpi_dev() - [x86] platform/x86: intel-vbtn: Fix return value check in check_acpi_dev() - [armhf] drm/tilcdc: fix leak & null ref in panel_connector_get_modes - Bluetooth: add a mutex lock to avoid UAF in do_enale_set - loop: be paranoid on exit and prevent new additions / removals - fs/btrfs: Add cond_resched() for try_release_extent_mapping() stalls - drm/amdgpu: avoid dereferencing a NULL pointer - drm/radeon: Fix reference count leaks caused by pm_runtime_get_sync - [x86] crypto: aesni - Fix build with LLVM_IAS=1 - video: fbdev: neofb: fix memory leak in neo_scan_monitor() - md-cluster: fix wild pointer of unlock_all_bitmaps() - [arm64] dts: hisilicon: hikey: fixes to comply with adi, adv7533 DT binding - [armhf] drm/etnaviv: fix ref count leak via pm_runtime_get_sync - drm/nouveau: fix multiple instances of reference count leaks - drm/debugfs: fix plain echo to connector "force" attribute - drm/radeon: disable AGP by default - mm/mmap.c: Add cond_resched() for exit_mmap() CPU stalls - brcmfmac: keep SDIO watchdog running when console_interval is non-zero - brcmfmac: To fix Bss Info flag definition Bug - brcmfmac: set state of hanger slot to FREE when flushing PSQ - iwlegacy: Check the return value of pcie_capability_read_*() - [arm64,armhf] gpu: host1x: debug: Fix multiple channels emitting messages simultaneously - usb: gadget: net2280: fix memory leak on probe error handling paths - dyndbg: fix a BUG_ON in ddebug_describe_flags - bcache: fix super block seq numbers comparision in register_cache_set() - [arm64,x86] ACPICA: Do not increment operation_region reference counts for field units - [arm64] drm/msm: ratelimit crtc event overflow error - [x86] agp/intel: Fix a memory leak on module initialisation failure - ath10k: Acquire tx_lock in tx error paths - [armhf] drm/etnaviv: Fix error path on failure to enable bus clk - [arm64] drm/arm: fix unintentional integer overflow on left shift - drm/mipi: use dcs write for mipi_dsi_dcs_set_tear_scanline - [powerpc*] cxl: Fix kobject memleak - drm/radeon: fix array out-of-bounds read and write issues - ipvs: allow connection reuse for unconfirmed conntrack - xfs: don't eat an EIO/ENOSPC writeback error when scrubbing data fork - xfs: fix reflink quota reservation accounting error - RDMA/rxe: Skip dgid check in loopback mode - PCI: Fix pci_cfg_wait queue locking problem - leds: core: Flush scheduled work for system suspend - [arm64,armhf] drm: panel: simple: Fix bpc for LG LB070WV8 panel - [armhf] phy: exynos5-usbdrd: Calibrating makes sense only for USB2.0 PHY - scsi: scsi_debug: Add check for sdebug_max_queue during module init - mwifiex: Prevent memory corruption handling keys - [powerpc*] vdso: Fix vdso cpu truncation - RDMA/qedr: SRQ's bug fixes - RDMA/rxe: Prevent access to wr->next ptr afrer wr is posted to send queue - [x86] staging: rtl8192u: fix a dubious looking mask before a shift - PCI/ASPM: Add missing newline in sysfs 'policy' - [powerpc*] book3s64/pkeys: Use PVR check instead of cpu feature - USB: serial: iuu_phoenix: fix led-activity helpers - usb: core: fix quirks_param_set() writing to a const pointer - [armhf] thermal: ti-soc-thermal: Fix reversed condition in ti_thermal_expose_sensor() - [mips*] OCTEON: add missing put_device() call in dwc3_octeon_device_init() - [arm*] usb: dwc2: Fix error path in gadget registration - [arm64,armhf] net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration - RDMA/core: Fix return error value in _ib_modify_qp() to negative - Bluetooth: hci_h5: Set HCI_UART_RESET_ON_INIT to correct flags - Bluetooth: hci_serdev: Only unregister device if it was registered - [x86] PCI: Release IVRS table in AMD ACS quirk - [s390x] qeth: don't process empty bridge port events - [arm64,armhf] wl1251: fix always return 0 error - [amd64] net: ethernet: aquantia: Fix wrong return value - liquidio: Fix wrong return value in cn23xx_get_pf_num() - dlm: Fix kobject memleak - ocfs2: fix unbalanced locking - [arm64,armhf] pinctrl-single: fix pcs_parse_pinconf() return value - svcrdma: Fix page leak in svc_rdma_recv_read_chunk() - [x86] fsgsbase/64: Fix NULL deref in 86_fsgsbase_read_task - [amd64] crypto: aesni - add compatibility with IAS - af_packet: TPACKET_V3: fix fill status rwlock imbalance - net/nfc/rawsock.c: add CAP_NET_RAW check. - net: Set fput_needed iff FDPUT_FPUT is set - net: refactor bind_bucket fastreuse into helper - net: initialize fastreuse on inet_inherit_port - USB: serial: cp210x: re-enable auto-RTS on open - USB: serial: cp210x: enable usb generic throttle/unthrottle - [x86] ALSA: hda - fix the micmute led status for Lenovo ThinkCentre AIO - ALSA: usb-audio: Creative USB X-Fi Pro SB1095 volume knob support - ALSA: usb-audio: fix overeager device match for MacroSilicon MS2109 - ALSA: usb-audio: work around streaming quirk for MacroSilicon MS2109 - [x86] crypto: qat - fix double free in qat_uclo_create_batch_init_list - [x86] crypto: ccp - Fix use of merged scatterlists - [arm64] crypto: cpt - don't sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified - bitfield.h: don't compile-time validate _val in FIELD_FIT - fs/minix: check return value of sb_getblk() - fs/minix: don't allow getting deleted inodes - fs/minix: reject too-large maximum file size - ALSA: usb-audio: add quirk for Pioneer DDJ-RB - 9p: Fix memory leak in v9fs_mount - drm/ttm/nouveau: don't call tt destroy callback on alloc failure. - NFS: Don't move layouts to plh_return_segs list while in use - NFS: Don't return layout segments that are in use - [arm64] cpufreq: dt: fix oops on armada37xx - include/asm-generic/vmlinux.lds.h: align ro_after_init - spi: spidev: Align buffers for DMA - [x86] irqdomain/treewide: Free firmware node after domain removal - xen/balloon: fix accounting in alloc_xenballooned_pages error path - xen/balloon: make the balloon wait interruptible https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.141 - smb3: warn on confusing error scenario with sec=krb5 - genirq/affinity: Make affinity setting if activated opt-in - [arm64,x86] PCI: hotplug: ACPI: Fix context refcounting in acpiphp_grab_context() - PCI: Mark AMD Navi10 GPU rev 0x00 ATS as broken - PCI: Add device even if driver attach failed - [arm64] PCI: qcom: Define some PARF params needed for ipq8064 SoC - [arm64] PCI: qcom: Add support for tx term offset for rev 2.1.0 - PCI: Probe bridge window attributes once at enumeration-time - btrfs: free anon block device right after subvolume deletion - btrfs: don't allocate anonymous block device for user invisible roots - btrfs: ref-verify: fix memory leak in add_block_entry - btrfs: don't traverse into the seed devices in show_devname - btrfs: open device without device_list_mutex - btrfs: fix messages after changing compression level by remount - btrfs: only search for left_info if there is no right_info in try_merge_free_space (CVE-2019-19448) - btrfs: fix memory leaks after failure to lookup checksums during inode logging - btrfs: fix return value mixup in btrfs_get_extent - cifs: Fix leak when handling lease break for cached root fid - [powerpc*] Allow 4224 bytes of stack expansion for the signal frame - [powerpc*] Fix circular dependency between percpu.h and mmu.h - [arm64] net: ethernet: stmmac: Disable hardware multicast filter - [arm64,armhf] net: stmmac: dwmac1000: provide multicast filter fallback - net/compat: Add missing sock updates for SCM_RIGHTS - md/raid5: Fix Force reconstruct-write io stuck in degraded raid5 - bcache: allocate meta data pages as compound pages - bcache: fix overflow in offset_to_stripe() - mac80211: fix misplaced while instead of if - driver core: Avoid binding drivers to dead devices - [mips*] CPU#0 is not hotpluggable - ocfs2: change slot number type s16 to u16 - mm/page_counter.c: fix protection usage propagation - ftrace: Setup correct FTRACE_FL_REGS flags for module - kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler - tracing/hwlat: Honor the tracing_cpumask - tracing: Use trace_sched_process_free() instead of exit() for pid tracing - [x86] watchdog: f71808e_wdt: indicate WDIOF_CARDRESET support in watchdog_info.options - [x86] watchdog: f71808e_wdt: remove use of wrong watchdog_info option - [x86] watchdog: f71808e_wdt: clear watchdog timeout occurred flag - [powerpc*] pseries: Fix 64 bit logical memory block panic - module: Correctly truncate sysfs sections output - [armhf] drm/imx: imx-ldb: Disable both channels for split mode in enc->disable() - RDMA/ipoib: Return void from ipoib_ib_dev_stop() - RDMA/ipoib: Fix ABBA deadlock with ipoib_reap_ah() - USB: serial: ftdi_sio: make process-packet buffer unsigned - USB: serial: ftdi_sio: clean up receive processing - [armhf] gpu: ipu-v3: image-convert: Combine rotate/no-rotate irq handlers - dm rq: don't call blk_mq_queue_stopped() in dm_stop_queue() - [amd64] iommu/vt-d: Enforce PASID devTLB field mask - scsi: lpfc: nvmet: Avoid hang / use-after-free again when destroying targetport - watchdog: initialize device before misc_register - Input: sentelic - fix error return when fsp_reg_write fails - [x86] drm/vmwgfx: Use correct vmw_legacy_display_unit pointer - [x86] drm/vmwgfx: Fix two list_for_each loop exit tests - [arm64] net: qcom/emac: add missed clk_disable_unprepare in error path of emac_clks_phase1_init - nfs: Fix getxattr kernel panic and memory overflow (CVE-2020-25212) - fs/minix: set s_maxbytes correctly - fs/minix: fix block limit check for V1 filesystems - fs/minix: remove expected error message in block_to_path() - fs/ufs: avoid potential u32 multiplication overflow - khugepaged: retract_page_tables() remember to test exit - [arm64] dts: marvell: espressobin: add ethernet alias - [x86] drm: Added orientation quirk for ASUS tablet model T103HAF https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.142 - drm/vgem: Replace opencoded version of drm_gem_dumb_map_offset() - perf probe: Fix memory leakage when the probe point is not found - khugepaged: khugepaged_test_exit() check mmget_still_valid() - khugepaged: adjust VM_BUG_ON_MM() in __khugepaged_enter() - btrfs: export helpers for subvolume name/id resolution - btrfs: don't show full path of bind mounts in subvol= - btrfs: Move free_pages_out label in inline extent handling branch in compress_file_range - btrfs: inode: fix NULL pointer dereference if inode doesn't need compression - btrfs: sysfs: use NOFS for device creation - romfs: fix uninitialized memory leak in romfs_dev_read() - kernel/relay.c: fix memleak on destroy relay channel - mm: include CMA pages in lowmem_reserve at boot - mm, page_alloc: fix core hung in free_pcppages_bulk() - ext4: fix checking of directory entry validity for inline directories - jbd2: add the missing unlock_buffer() in the error path of jbd2_write_superblock() - [s390x] scsi: zfcp: Fix use-after-free in request timeout handlers - kthread: Do not preempt current task if it is going to call schedule() - spi: Prevent adding devices below an unregistering controller - scsi: ufs: Add DELAY_BEFORE_LPM quirk for Micron devices - [arm*] scsi: target: tcmu: Fix crash in tcmu_flush_dcache_range on ARM - media: budget-core: Improve exception handling in budget_register() - Input: psmouse - add a newline when printing 'proto' by sysfs - svcrdma: Fix another Receive buffer leak - xfs: fix inode quota reservation checks - jffs2: fix UAF problem - ceph: fix use-after-free for fsc->mdsc - [x86] cpufreq: intel_pstate: Fix cpuinfo_max_freq when MSR_TURBO_RATIO_LIMIT is 0 - scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases - virtio_ring: Avoid loop when vq is broken in virtqueue_poll - xfs: Fix UBSAN null-ptr-deref in xfs_sysfs_init - fs/signalfd.c: fix inconsistent return codes for signalfd4 - ext4: fix potential negative array index in do_split() (CVE-2020-14314) - ext4: don't allow overlapping system zones - i40e: Set RX_ONLY mode for unicast promiscuous on VLAN - i40e: Fix crash during removing i40e driver - [armhf] net: fec: correct the error path for regulator disable in probe - bonding: show saner speed for broadcast mode - bonding: fix a potential double-unregister - [s390x] runtime_instrumentation: fix storage key handling - [s390x] ptrace: fix storage key handling - [x86] ASoC: intel: Fix memleak in sst_media_open - [amd64,arm64] vfio/type1: Add proper error unwind for vfio_iommu_replay() - [x86] kvm: Toggling CR4.SMAP does not load PDPTEs in PAE mode - [x86] kvm: Toggling CR4.PKE does not load PDPTEs in PAE mode - efi: avoid error message when booting under Xen - afs: Fix NULL deref in afs_dynroot_depopulate() - bonding: fix active-backup failover for current ARP slave - net: ena: Prevent reset after device destruction - [x86] hv_netvsc: Fix the queue_mapping in netvsc_vf_xmit() - [armhf] net: dsa: b53: check for timeout - [powerpc*] pseries: Do not initiate shutdown when system is running on UPS - efi: add missed destroy_workqueue when efisubsys_init fails - epoll: Keep a reference on files added to the check list - do_epoll_ctl(): clean the failure exits up a bit - mm/hugetlb: fix calculation of adjust_range_if_pmd_sharing_possible - xen: don't reschedule in preemption off sections - clk: Evict unregistered clks from parent caches - KVM: Pass MMU notifier range flags to kvm_unmap_hva_range() - [arm64] KVM: Only reschedule if MMU_NOTIFIER_RANGE_BLOCKABLE is not set https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.143 - [powerpc*] 64s: Don't init FSCR_DSCR in __init_FSCR() - gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY - net: Fix potential wrong skb->protocol in skb_vlan_untag() - net/smc: Prevent kernel-infoleak in __smc_diag_dump() - tipc: fix uninit skb->data in tipc_nl_compat_dumpit() - net: ena: Make missed_tx stat incremental - ipvlan: fix device features - [x86] mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs - [powerpc*] xive: Ignore kmemleak false positives - media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA value in debiirq() - blktrace: ensure our debugfs dir exists - scsi: target: tcmu: Fix crash on ARM during cmd completion - [arm*] iommu/iova: Don't BUG on invalid PFNs - [amd64] drm/amdkfd: Fix reference count leaks. - drm/radeon: fix multiple reference count leak - drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms - drm/amd/display: fix ref count leak in amdgpu_drm_ioctl - drm/amdgpu: fix ref count leak in amdgpu_display_crtc_set_config - drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails - scsi: lpfc: Fix shost refcount mismatch when deleting vport - xfs: Don't allow logging of XFS_ISTALE inodes - f2fs: fix error path in do_recover_data() - PCI: Fix pci_create_slot() reference count leak - rtlwifi: rtl8192cu: Prevent leaking urb - [mips*] vdso: Fix resource leaks in genvdso.c - cec-api: prevent leaking memory through hole in structure - HID: quirks: add NOGET quirk for Logitech GROUP - f2fs: fix use-after-free issue - drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open - drm/nouveau: fix reference count leak in nv50_disp_atomic_commit - drm/nouveau: Fix reference count leak in nouveau_connector_detect - btrfs: file: reserve qgroup space after the hole punch range is locked - scsi: iscsi: Do not put host in iscsi_set_flashnode_param() - ceph: fix potential mdsc use-after-free crash - scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del() - [x86] EDAC/ie31200: Fallback if host bridge device is already initialized - [arm64] KVM: Fix symbol dependency in __hyp_call_panic_nvhe - USB: sisusbvga: Fix a potential UB casued by left shifting a negative value - [arm64] drm/msm/adreno: fix updating ring fence - nvme-fc: Fix wrong return value in __nvme_fc_init_request() - null_blk: fix passing of REQ_FUA flag in null_handle_rq - jbd2: make sure jh have b_transaction set in refile/unfile_buffer - ext4: don't BUG on inconsistent journal feature - ext4: handle read only external journal device - jbd2: abort journal if free a async write error metadata buffer - ext4: handle option set by mount flags correctly - ext4: handle error of ext4_setup_system_zone() on remount - ext4: correctly restore system zone info when remount fails - fs: prevent BUG_ON in submit_bh_wbc() - [s390x] cio: add cond_resched() in the slow_eval_known_fn() loop - scsi: fcoe: Fix I/O path allocation - scsi: ufs: Fix possible infinite loop in ufshcd_hold - scsi: ufs: Improve interrupt handling for shared interrupts - scsi: ufs: Clean up completed request without interrupt notification - scsi: qla2xxx: Check if FW supports MQ before enabling - scsi: qla2xxx: Fix null pointer access during disconnect from subsystem - Revert "scsi: qla2xxx: Fix crash on qla2x00_mailbox_command" - macvlan: validate setting of multiple remote source MAC addresses - [powerpc*] perf: Fix soft lockups due to missed interrupt accounting - block: loop: set discard granularity and alignment for block device backed loop - [arm64,x86] HID: i2c-hid: Always sleep 60ms after I2C_HID_PWR_ON commands - blk-mq: order adding requests to hctx->dispatch and checking SCHED_RESTART - btrfs: reset compression level for lzo on remount - btrfs: fix space cache memory leak after transaction abort - fbcon: prevent user font height or width change from causing potential out-of-bounds access - vt: defer kfree() of vc_screenbuf in vc_do_resize() - vt_ioctl: change VT_RESIZEX ioctl to check for error return from vc_resize() - [armhf] serial: samsung: Removes the IRQ not found warning - [arm*] serial: pl011: Fix oops on -EPROBE_DEFER - [arm*] serial: pl011: Don't leak amba_ports entry on driver register error - serial: 8250_exar: Fix number of ports for Commtech PCIe cards - serial: 8250: change lock order in serial8250_do_startup() - writeback: Protect inode->i_io_list with inode->i_lock - writeback: Avoid skipping inode writeback - writeback: Fix sync livelock due to b_dirty_time processing - XEN uses irqdesc::irq_data_common::handler_data to store a per interrupt XEN data pointer which contains XEN specific information. - usb: host: xhci: fix ep context print mismatch in debugfs - xhci: Do warm-reset when both CAS and XDEV_RESUME are set - xhci: Always restore EP_SOFT_CLEAR_TOGGLE even if ep reset failed - PM: sleep: core: Fix the handling of pending runtime resume requests - device property: Fix the secondary firmware node handling in set_primary_fwnode() - [x86] genirq/matrix: Deal with the sillyness of for_each_cpu() on UP - drm/amdgpu: Fix buffer overflow in INFO ioctl - USB: yurex: Fix bad gfp argument - USB: quirks: Add no-lpm quirk for another Raydium touchscreen - USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D - [armhf] usb: host: ohci-exynos: Fix error handling in exynos_ohci_probe() - USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() - USB: cdc-acm: rework notification_buffer resizing - btrfs: check the right error variable in btrfs_del_dir_entries_in_log - [arm64,armhf] usb: dwc3: gadget: Don't setup more than requested - [arm64,armhf] usb: dwc3: gadget: Fix handling ZLP - [arm64,armhf] usb: dwc3: gadget: Handle ZLP for sg requests - [arm64,x86] tpm: Unify the mismatching TPM space buffer sizes - HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.144 - HID: core: Correctly handle ReportSize being zero - HID: core: Sanitize event code and type when mapping input - scsi: target: tcmu: Fix size in calls to tcmu_flush_dcache_range - scsi: target: tcmu: Optimize use of flush_dcache_page - [arm64] drm/msm: add shutdown support for display platform_driver - [x86] hwmon: (applesmc) check status earlier. - nvmet: Disable keep-alive timer when kato is cleared to 0h - [arm64] drm/msm/a6xx: fix gmu start on newer firmware - ceph: don't allow setlease on cephfs - cpuidle: Fixup IRQ state - [s390x] don't trace preemption in percpu macros - xen/xenbus: Fix granting of vmalloc'd memory - dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling - batman-adv: Avoid uninitialized chaddr when handling DHCP - batman-adv: bla: use netif_rx_ni when not in interrupt context - [mips*] mm: BMIPS5000 has inclusive physical caches - netfilter: nf_tables: add NFTA_SET_USERDATA if not null - netfilter: nf_tables: incorrect enum nft_list_attributes definition - netfilter: nf_tables: fix destination register zeroing - [arm64] net: hns: Fix memleak in hns_nic_dev_probe - [arm64,armhf] dmaengine: pl330: Fix burst length if burst size is smaller than bus width - gtp: add GTPA_LINK info to msg sent to userspace - bnxt_en: Don't query FW when netif_running() is false. - bnxt_en: Check for zero dir entries in NVRAM. - bnxt_en: Fix PCI AER error recovery flow - bnxt_en: fix HWRM error when querying VF temperature - xfs: fix boundary test in xfs_attr_shortform_verify (CVE-2020-14385) - bnxt: don't enable NAPI until rings are ready - netfilter: nfnetlink: nfnetlink_unicast() reports EAGAIN instead of ENOBUFS - nvmet-fc: Fix a missed _irqsave version of spin_lock in 'nvmet_fc_fod_op_done()' - net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init() - fix regression in "epoll: Keep a reference on files added to the check list" - xfs: fix xfs_bmap_validate_extent_raw when checking attr fork of rt files - tg3: Fix soft lockup when tg3_reset_task() fails. - [amd64] x86, fakenuma: Fix invalid starting node ID - [amd64] iommu/vt-d: Serialize IOMMU GCMD register modifications - [armhf] thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430 - xfs: don't update mtime on COW faults - btrfs: drop path before adding new uuid tree entry - vfio/type1: Support faulting PFNMAP vmas - vfio-pci: Fault mmaps to enable vma tracking - vfio-pci: Invalidate mmaps and block MMIO access on disabled memory (CVE-2020-12888) - btrfs: Remove redundant extent_buffer_get in get_old_root - btrfs: Remove extraneous extent_buffer_get from tree_mod_log_rewind - btrfs: set the lockdep class for log tree extent buffers - uaccess: Add non-pagefault user-space read functions - uaccess: Add non-pagefault user-space write function - btrfs: fix potential deadlock in the search ioctl - net: usb: qmi_wwan: add Telit 0x1050 composition - usb: qmi_wwan: add D-Link DWM-222 A2 device ID - ALSA: ca0106: fix error code handling - ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check - [x86] ALSA: hda/hdmi: always check pin power status in i915 pin fixup - ALSA: firewire-digi00x: exclude Avid Adrenaline from detection - [x86] ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO - media: rc: do not access device via sysfs after rc_unregister_device() - media: rc: uevent sysfs file races with rc_unregister_device() - affs: fix basic permission bits to actually work - block: allow for_each_bvec to support zero len bvec - libata: implement ATA_HORKAGE_MAX_TRIM_128M and apply to Sandisks - dm writecache: handle DAX to partitions on persistent memory correctly - dm cache metadata: Avoid returning cmd->bm wild pointer on error - dm thin metadata: Avoid returning cmd->bm wild pointer on error - mm: slub: fix conversion of freelist_corrupted() - [arm64] KVM: Add kvm_extable for vaxorcism code - [arm64] KVM: Defer guest entry when an asynchronous exception is pending - [arm64] KVM: Survive synchronous exceptions caused by AT instructions - [arm64] KVM: Set HCR_EL2.PTW to prevent AT taking synchronous exception - vfio/pci: Fix SR-IOV VF handling with MMIO blocking - checkpatch: fix the usage of capture group ( ... ) - mm/hugetlb: fix a race between hugetlb sysctl handlers (CVE-2020-25285) - cfg80211: regulatory: reject invalid hints - net: usb: Fix uninit-was-stored issue in asix_read_phy_addr() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.145 - ALSA; firewire-tascam: exclude Tascam FE-8 from detection - block: ensure bdi->io_pages is always initialized - net: usb: dm9601: Add USB ID of Keenetic Plus DSL - sctp: not disable bh in the whole sctp_get_port_local() - tipc: fix shutdown() of connectionless socket - net: disable netpoll on fresh napis - [arm64,armhf] net/mlx5e: Don't support phys switch id if not in switchdev mode https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.146 - RDMA/rxe: Fix memleak in rxe_mem_init_user - RDMA/rxe: Drop pointless checks in rxe_init_ports - [armhf] drm/sun4i: Fix dsi dcs long write function - scsi: libsas: Set data_dir as DMA_NONE if libata marks qc as NODATA - RDMA/core: Fix reported speed and width - [arm64] mmc: sdhci-msm: Add retries when all tuning phases are found valid - [arm64,x86] dmaengine: acpi: Put the CSRT table after using it - netfilter: conntrack: allow sctp hearbeat after connection re-use - [x86] firestream: Fix memleak in fs_open - [arm64,armhf] ALSA: hda: Fix 2 channel swapping for Tegra - xfs: initialize the shortform attr header padding entry - nvme-fabrics: don't check state NVME_CTRL_NEW for request acceptance - nvme-rdma: serialize controller teardown sequences - HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for all Saitek X52 devices - [ppc64el,x86] drivers/net/wan/hdlc_cisco: Add hard_header_len - HID: elan: Fix memleak in elan_input_configured - [x86] cpufreq: intel_pstate: Refuse to turn off with HWP enabled - [x86] cpufreq: intel_pstate: Fix intel_pstate_get_hwp_max() for turbo disabled - ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled - [amd64] iommu/amd: Do not use IOMMUv2 functionality when SME is active - [x86] iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak. - [x86] iio:magnetometer:ak8975 Fix alignment and data leak issues. - [armhf] iio:accel:mma8452: Fix timestamp alignment and prevent data leak. - [x86] staging: wlan-ng: fix out of bounds read in prism2sta_probe_usb() - btrfs: require only sector size alignment for parent eb bytenr - btrfs: fix lockdep splat in add_missing_dev - btrfs: fix wrong address when faulting in pages in the search ioctl - regulator: push allocation in set_consumer_device_supply() out of lock - scsi: target: iscsi: Fix data digest calculation - scsi: target: iscsi: Fix hang in iscsit_access_np() when getting tpg->np_login_sem - [arm64] drm/msm: Disable preemption on all 5xx targets - rbd: require global CAP_SYS_ADMIN for mapping and unmapping (CVE-2020-25284) - RDMA/rxe: Fix the parent sysfs read when the interface has 15 chars - vgacon: remove software scrollback support - fbcon: remove soft scrollback code (CVE-2020-14390) - fbcon: remove now unusued 'softback_lines' cursor() argument - [x86] KVM: VMX: Don't freeze guest when event delivery causes an APIC-access exit - [x86] video: fbdev: fix OOB read in vga_8planes_imageblit() - [arm64] phy: qcom-qmp: Use correct values for ipq8074 PCIe Gen2 PHY init - usb: core: fix slab-out-of-bounds Read in read_descriptors - USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter - USB: serial: option: support dynamic Quectel USB compositions - USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules - usb: Fix out of sync data toggle if a configured device is reconfigured - [x86] usb: typec: ucsi: acpi: Check the _DEP dependencies . [ Salvatore Bonaccorso ] * Bump ABI to 11 * Drop 'Revert "mips: Add udelay lpj numbers adjustment"' * [rt] Update to 4.19.135-rt60 * [rt] Refresh "net: Use skbufhead with raw lock" for context changes in 4.19.136 * [rt] Refresh "timers: Prepare for full preemption" for context changes in 4.19.138 * [rt] Refresh "timers: Redo the notification of canceling timers on -RT" for context changes in 4.19.138 * [rt] Refresh "watchdog: prevent deferral of watchdogd wakeup on RT" for context changes in 4.19.141 * Refresh "net: ena: fix crash during ena_remove()" for context changes in 4.19.142 * [rt] Refresh "Split IRQ-off and zone->lock while freeing pages from PCP list #1" for context changes in 4.19.142 * ACPI: configfs: Disallow loading ACPI tables when locked down (CVE-2020-15780) * [rt] Update to 4.19.142-rt63 * net/packet: fix overflow in tpacket_rcv (CVE-2020-14386) * debian/tests/python: pycodestyle: Increase max-line-length to 100. * gfs2: initialize transaction tr_ailX_lists earlier (Closes: #968567) linux-signed-i386 (4.19.146+1) buster; urgency=medium . * Sign kernel from linux 4.19.146-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.133 - [s390x] KVM: s390: reduce number of IO pins to 1 - regmap: fix alignment issue - [arm64,armhf] drm/tegra: hub: Do not enable orphaned window group - [arm64,armhf] gpu: host1x: Detach driver on unregister - spi: spidev: fix a race between spidev_release and spidev_remove - spi: spidev: fix a potential use-after-free in spidev_release() - ixgbe: protect ring accesses with READ- and WRITE_ONCE - i40e: protect ring accesses with READ- and WRITE_ONCE - [x86] drm: panel-orientation-quirks: Add quirk for Asus T101HA panel - [x86] drm: panel-orientation-quirks: Use generic orientation-data for Acer S1003 - cifs: update ctime and mtime during truncate - [armhf] imx6: add missing put_device() call in imx6q_suspend_init() - scsi: mptscsih: Fix read sense data size - [arm64] usb: dwc3: pci: Fix reference count leak in dwc3_pci_resume_work - block: release bip in a right way in error path - nvme-rdma: assign completion vector correctly - [x86] entry: Increase entry_stack size to a full page - net: cxgb4: fix return error value in t4_prep_fw - smsc95xx: check return value of smsc95xx_reset - smsc95xx: avoid memory leak in smsc95xx_bind - [arm64] net: hns3: fix use-after-free when doing self test - [x86] ALSA: compress: fix partial_drain completion state - nbd: Fix memory leak in nbd_add_socket - cxgb4: fix all-mask IP address comparison - bnxt_en: fix NULL dereference in case SR-IOV configuration fails - [arm64] net: macb: mark device wake capable when "magic-packet" property present - ALSA: opl3: fix infoleak in opl3 - ALSA: hda - let hs_mic be picked ahead of hp_mic - ALSA: usb-audio: add quirk for MacroSilicon MS2109 - [arm64] KVM: Fix definition of PAGE_HYP_DEVICE - [arm64] KVM: Stop clobbering x0 for HVC_SOFT_RESTART - [x86] KVM: bit 8 of non-leaf PDPEs is not reserved - [x86] KVM: Inject #GP if guest attempts to toggle CR4.LA57 in 64-bit mode - [x86] KVM: Mark CR4.TSD as being possibly owned by the guest - kallsyms: Refactor kallsyms_show_value() to take cred - kernel: module: Use struct_size() helper - module: Refactor section attr into bin attribute - module: Do not expose section addresses to non-CAP_SYSLOG - kprobes: Do not expose probe addresses to non-CAP_SYSLOG - bpf: Check correct cred for CAP_SYSLOG in bpf_dump_raw_ok() - btrfs: fix fatal extent_buffer readahead vs releasepage race - drm/radeon: fix double free - dm: use noio when sending kobject event - [s390x] mm: fix huge pte soft dirty copying https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.134 - perf: Make perf able to build with latest libbfd - genetlink: remove genl_bind - ipv4: fill fl4_icmp_{type,code} in ping_v4_sendmsg - l2tp: remove skb_dst_set() from l2tp_xmit_skb() - llc: make sure applications use ARPHRD_ETHER - net: Added pointer check for dst->ops->neigh_lookup in dst_neigh_lookup_skb - net_sched: fix a memory leak in atm_tc_init() - net: usb: qmi_wwan: add support for Quectel EG95 LTE modem - tcp: fix SO_RCVLOWAT possible hangs under high mem pressure - tcp: make sure listeners don't initialize congestion-control state - tcp: md5: add missing memory barriers in tcp_md5_do_add()/tcp_md5_hash_key() - tcp: md5: do not send silly options in SYNCOOKIES - tcp: md5: refine tcp_md5_do_add()/tcp_md5_hash_key() barriers - tcp: md5: allow changing MD5 keys in all socket states - cgroup: fix cgroup_sk_alloc() for sk_clone_lock() (CVE-2020-14356) (Closes: #966846) - cgroup: Fix sock_cgroup_data on big-endian. - sched: consistently handle layer3 header accesses in the presence of VLANs - vlan: consolidate VLAN parsing code and limit max parsing depth - [arm64] drm/msm: fix potential memleak in error branch - [arm64] alternatives: use subsections for replacement sequences - [arm64,x86] tpm_tis: extra chip->ops check on error path in tpm_tis_core_init - gfs2: read-only mounts should grab the sd_freeze_gl glock - [i386] i2c: eg20t: Load module automatically if ID matches - [arm64] alternatives: don't patch up internal branches - [armhf] iio: mma8452: Add missed iio_device_unregister() call in mma8452_probe() - [armhf] net: dsa: bcm_sf2: Fix node reference count - of: of_mdio: Correct loop scanning logic - Revert "usb/ohci-platform: Fix a warning when hibernating" - [arm64,armhf] Revert "usb/xhci-plat: Set PM runtime as active on resume" - Revert "usb/ehci-platform: Set PM runtime as active on resume" - [arm64,armhf] net: sfp: add support for module quirks - [arm64,armhf] net: sfp: add some quirks for GPON modules - HID: quirks: Remove ITE 8595 entry from hid_have_special_driver - ALSA: usb-audio: Create a registration quirk for Kingston HyperX Amp (0951:16d8) - mmc: sdhci: do not enable card detect interrupt for gpio cd type - ALSA: usb-audio: Rewrite registration quirk handling - [x86] ACPI: video: Use native backlight on Acer Aspire 5783z - ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Alpha S - [x86] ACPI: video: Use native backlight on Acer TravelMate 5735Z - ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Flight S - [arm64,armhf] phy: sun4i-usb: fix dereference of pointer phy0 before it is null checked - [armhf] spi: spi-sun6i: sun6i_spi_transfer_one(): fix setting of clock rate - [x86] staging: comedi: verify array index is correct before using it - regmap: debugfs: Don't sleep while atomic for fast_io regmaps - [x86] copy_xstate_to_kernel: Fix typo which caused GDB regression - apparmor: ensure that dfa state tables have entries - perf stat: Zero all the 'ena' and 'run' array slot stats for interval mode - [armhf] mtd: rawnand: marvell: Use nand_cleanup() when the device is not yet registered - [armhf] mtd: rawnand: marvell: Fix probe error path - mtd: rawnand: timings: Fix default tR_max and tCCS_min timings - HID: magicmouse: do not set up autorepeat - HID: quirks: Always poll Obins Anne Pro 2 keyboard - HID: quirks: Ignore Simply Automated UPB PIM - ALSA: line6: Perform sanity check for each URB creation - ALSA: line6: Sync the pending work cancel at disconnection - ALSA: usb-audio: Fix race against the error recovery URB submission - [x86] ALSA: hda/realtek - change to suitable link model for ASUS platform - [x86] ALSA: hda/realtek - Enable Speaker for ASUS UX533 and UX534 - [arm*] usb: dwc2: Fix shutdown callback in platform - [arm64,armhf] usb: chipidea: core: add wakeup support for extcon - USB: serial: iuu_phoenix: fix memory corruption - USB: serial: cypress_m8: enable Simply Automated UPB PIM - USB: serial: ch341: add new Product ID for CH340 - USB: serial: option: add GosunCn GM500 series - USB: serial: option: add Quectel EG95 LTE modem - [x86] virt: vbox: Fix VBGL_IOCTL_VMMDEV_REQUEST_BIG and _LOG req numbers to match upstream - [x86] virt: vbox: Fix guest capabilities mask check - [arm64] virtio: virtio_console: add missing MODULE_DEVICE_TABLE() for rproc serial - ovl: inode reference leak in ovl_is_inuse true case. - ovl: relax WARN_ON() when decoding lower directory file handle - ovl: fix unneeded call to ovl_change_flags() - fuse: Fix parameter for FS_IOC_{GET,SET}FLAGS - Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()" (CVE-2020-10781) - [x86] mei: bus: don't clean driver pointer - timer: Prevent base->clk from moving backward - timer: Fix wheel index calculation on last level - [mips*] Fix build for LTS kernel caused by backporting lpj adjustment - hwmon: (emc2103) fix unable to change fan pwm1_enable attribute - [powerpc*] book3s64/pkeys: Fix pkey_access_permitted() for execute disable pkey - [x86] intel_th: pci: Add Jasper Lake CPU support - [x86] intel_th: pci: Add Tiger Lake PCH-H support - [x86] intel_th: pci: Add Emmitsburg PCH support - [x86] intel_th: Fix a NULL dereference when hub driver is not loaded - [arm*] thermal/drivers/cpufreq_cooling: Fix wrong frequency converted from power - [arm64] ptrace: Override SPSR.SS when single-stepping is enabled - [arm64] ptrace: Consistently use pseudo-singlestep exceptions - [arm64] compat: Ensure upper 32 bits of x0 are zero on syscall return - sched: Fix unreliable rseq cpu_id for new tasks - sched/fair: handle case of task_h_load() returning 0 - genirq/affinity: Handle affinity setting on inactive interrupts correctly - printk: queue wake_up_klogd irq_work only if per-CPU areas are ready - libceph: don't omit recovery_deletes in target_copy() - rxrpc: Fix trace string https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.135 - mac80211: allow rx of mesh eapol frames with default rx key - scsi: scsi_transport_spi: Fix function pointer check - net: sky2: initialize return of gm_phy_read - drm/nouveau/i2c/g94-: increase NV_PMGR_DP_AUXCTL_TRANSACTREQ timeout - fuse: fix weird page warning - [x86] irqdomain/treewide: Keep firmware node unconditionally allocated - SUNRPC reverting d03727b248d0 ("NFSv4 fix CLOSE not waiting for direct IO compeletion") - tipc: clean up skb list lock handling on send path - IB/umem: fix reference count leak in ib_umem_odp_get() - uprobes: Change handle_swbp() to send SIGTRAP with si_code=SI_KERNEL, to fix GDB regression - ALSA: info: Drop WARN_ON() from buffer NULL sanity check - btrfs: fix double free on ulist after backref resolution failure - btrfs: fix mount failure caused by race with umount - btrfs: fix page leaks after failure to lock page for delalloc - bnxt_en: Fix race when modifying pause settings. - [x86] hippi: Fix a size used in a 'pci_free_consistent()' in an error handling path - ax88172a: fix ax88172a_unbind() failures - ieee802154: fix one possible memleak in adf7242_probe - [arm64,armhf] drm: sun4i: hdmi: Fix inverted HPD result - [arm64,armhf] net: smc91x: Fix possible memory leak in smc_drv_probe() - bonding: check error value of register_netdevice() immediately - qed: suppress "don't support RoCE & iWARP" flooding on HW init - ipvs: fix the connection sync failed in some cases - bonding: check return value of register_netdevice() in bond_newlink() - serial: exar: Fix GPIO configuration for Sealevel cards based on XR17V35X - [arm64,x86] HID: i2c-hid: add Mediacom FlexBook edge13 to descriptor override - HID: alps: support devices with report id 2 - HID: steam: fixes race in handling device list. - HID: apple: Disable Fn-key key-re-mapping on clone keyboards - [arm64] dmaengine: tegra210-adma: Fix runtime PM imbalance on error - Input: add `SW_MACHINE_COVER` - regmap: dev_get_regmap_match(): fix string comparison - hwmon: (aspeed-pwm-tacho) Avoid possible buffer overflow - [amd64] dmaengine: ioat setting ioat timeout as module parameter - [x86] Input: synaptics - enable InterTouch for ThinkPad X1E 1st gen - [arm64] Use test_tsk_thread_flag() for checking TIF_SINGLESTEP - [arm*] binder: Don't use mmput() from shrinker function. - usb: xhci: Fix ASM2142/ASM3142 DMA addressing - Revert "cifs: Fix the target file was deleted when rename failed." (Closes: #966917) - [x86] staging: wlan-ng: properly check endpoint types - [x86] staging: comedi: addi_apci_1032: check INSN_CONFIG_DIGITAL_TRIG shift - [x86] staging: comedi: ni_6527: fix INSN_CONFIG_DIGITAL_TRIG support - [x86] staging: comedi: addi_apci_1500: check INSN_CONFIG_DIGITAL_TRIG shift - [x86] staging: comedi: addi_apci_1564: check INSN_CONFIG_DIGITAL_TRIG shift - serial: 8250: fix null-ptr-deref in serial8250_start_tx() - fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins. - vt: Reject zero-sized screen buffer size. - mm/memcg: fix refcount error while moving and swapping - mm: memcg/slab: synchronize access to kmem_cache dying flag using a spinlock - mm: memcg/slab: fix memory leak at non-root kmem_cache destroy - io-mapping: indicate mapping failure - drm/amdgpu: Fix NULL dereference in dpm sysfs handlers - [x86] vmlinux.lds: Page-align end of ..page_aligned sections - [x86] ASoC: rt5670: Add new gpio1_is_ext_spk_en quirk and enable it on the Lenovo Miix 2 10 - dm integrity: fix integrity recalculation that is improperly skipped - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb - ath9k: Fix regression with Atheros 9271 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.136 - AX.25: Fix out-of-bounds read in ax25_connect() - AX.25: Prevent out-of-bounds read in ax25_sendmsg() - dev: Defer free of skbs in flush_backlog - ip6_gre: fix null-ptr-deref in ip6gre_init_net() - net-sysfs: add a newline when printing 'tx_timeout' by sysfs - net: udp: Fix wrong clean up for IS_UDPLITE macro - rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA - tcp: allow at most one TLP probe per flight - AX.25: Prevent integer overflows in connect and sendmsg - sctp: shrink stream outq only when new outcnt < old outcnt - sctp: shrink stream outq when fails to do addstream reconf - udp: Copy has_conns in reuseport_grow(). - udp: Improve load balancing for SO_REUSEPORT. - rtnetlink: Fix memory(net_device) leak when ->newlink fails - regmap: debugfs: check count when read regmap file https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.137 - [x86] crypto: ccp - Release all allocated memory if sha type is invalid (CVE-2019-18808) - media: rc: prevent memory leak in cx23888_ir_probe (CVE-2019-19054) - iio: imu: adis16400: fix memory leak (CVE-2019-19061) - [x86] drm/amdgpu: fix multiple memory leaks in acp_hw_init (CVE-2019-19067) - tracing: Have error path in predicate_parse() free its allocated memory (CVE-2019-19072) - ath9k_htc: release allocated buffer if timed out (CVE-2019-19073) - ath9k: release allocated buffer if timed out (CVE-2019-19074) - drm/amd/display: prevent memory leak (CVE-2019-19082) - btrfs: inode: Verify inode mode to avoid NULL pointer dereference (CVE-2019-19813, CVE-2019-19816) - sctp: implement memory accounting on tx path (CVE-2019-3874) - Btrfs: fix selftests failure due to uninitialized i_mode in test inodes - PCI/ASPM: Disable ASPM on ASMedia ASM1083/1085 PCIe-to-PCI bridge - 9p/trans_fd: Fix concurrency del of req_list in p9_fd_cancelled/p9_read_work - wireless: Use offsetof instead of custom macro. - [armel,armhf] 8986/1: hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints - Revert "drm/amdgpu: Fix NULL dereference in dpm sysfs handlers" - drm/amdgpu: Prevent kernel-infoleak in amdgpu_info_ioctl() - drm: hold gem reference until object is no longer accessed - rds: Prevent kernel-infoleak in rds_notify_queue_get() - xfs: fix missed wakeup on l_flush_wait - xfrm: Fix crash when the hold queue is used. - net/mlx5: Verify Hardware supports requested ptp function on a given pin - net: lan78xx: add missing endpoint sanity check - net: lan78xx: fix transfer-buffer memory leak - mlx4: disable device on shutdown - bpf: Fix map leak in HASH_OF_MAPS map - mac80211: mesh: Free ie data when leaving mesh - mac80211: mesh: Free pending skb when destroying a mpath - [arm64] alternatives: move length validation inside the subsection - [arm64] csum: Fix handling of bad packets - Bluetooth: fix kernel oops in store_pending_adv_report - net/mlx5e: fix bpf_prog reference count leaks in mlx5e_alloc_rq - qed: Disable "MFW indication via attention" SPAM every 5 minutes - [amd64] x86/unwind/orc: Fix ORC for newly forked tasks - cxgb4: add missing release on skb in uld_send() - xen-netfront: fix potential deadlock in xennet_remove() - [x86] KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled - [x86] i8259: Use printk_deferred() to prevent deadlock https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.138 - random32: update the net random state on interrupt and activity (CVE-2020-16166) - [armel] ARM: percpu.h: fix build error - random: fix circular include dependency on arm64 after addition of percpu.h - random32: remove net_rand_state from the latent entropy gcc plugin - random32: move the pseudo-random 32-bit definitions to prandom.h - ext4: fix direct I/O read error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.139 - USB: serial: qcserial: add EM7305 QDL product ID - USB: iowarrior: fix up report size handling for some devices - usb: xhci: define IDs for various ASMedia host controllers - usb: xhci: Fix ASMedia ASM1142 DMA addressing - Revert "ALSA: hda: call runtime_allow() for all hda controllers" - [arm*] staging: android: ashmem: Fix lockdep warning for write operation - Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_evt() - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt() - [arm*] binder: Prevent context manager from incrementing ref 0 - vgacon: Fix for missing check in scrollback handling (CVE-2020-14331) - mtd: properly check all write ioctls for permissions - net/9p: validate fds in p9_fd_open - drm/nouveau/fbcon: fix module unload when fbcon init has failed for some reason - drm/nouveau/fbcon: zero-initialise the mode_cmd2 structure - usb: hso: check for return value in hso_serial_common_create() - firmware: Fix a reference count leak. - cfg80211: check vendor command doit pointer before use - igb: reinit_locked() should be called with rtnl_lock - atm: fix atm_dev refcnt leaks in atmtcp_remove_persistent - tools lib traceevent: Fix memory leak in process_dynamic_array_len - [x86] Drivers: hv: vmbus: Ignore CHANNELMSG_TL_CONNECT_RESULT(23) - xattr: break delegations in {set,remove}xattr - ipv4: Silence suspicious RCU usage warning - ipv6: fix memory leaks on IPV6_ADDRFORM path - vxlan: Ensure FDB dump is performed under RCU - net: lan78xx: replace bogus endpoint lookup - [x86] hv_netvsc: do not use VF device if link is down - net: gre: recompute gre csum for sctp over gre tunnels - [arm64] net: thunderx: use spin_lock_bh in nicvf_set_rx_mode_task() - openvswitch: Prevent kernel-infoleak in ovs_ct_put_key() - Revert "vxlan: fix tos value before xmit" - rxrpc: Fix race between recvmsg and sendmsg on immediate call failure - i40e: add num_vectors checker in iwarp handler - i40e: Wrong truncation from u16 to u8 - i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c - i40e: Memory leak in i40e_config_iwarp_qvlist https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.140 - tracepoint: Mark __tracepoint_string's __used - HID: input: Fix devices that return multiple bytes in battery report - cgroup: add missing skcd->no_refcnt check in cgroup_sk_clone() - [x86] mce/inject: Fix a wrong assignment of i_mce.status - sched/fair: Fix NOHZ next idle balance - sched: correct SD_flags returned by tl->sd_flags() - EDAC: Fix reference count leaks - [x86] platform/x86: intel-hid: Fix return value check in check_acpi_dev() - [x86] platform/x86: intel-vbtn: Fix return value check in check_acpi_dev() - [armhf] drm/tilcdc: fix leak & null ref in panel_connector_get_modes - Bluetooth: add a mutex lock to avoid UAF in do_enale_set - loop: be paranoid on exit and prevent new additions / removals - fs/btrfs: Add cond_resched() for try_release_extent_mapping() stalls - drm/amdgpu: avoid dereferencing a NULL pointer - drm/radeon: Fix reference count leaks caused by pm_runtime_get_sync - [x86] crypto: aesni - Fix build with LLVM_IAS=1 - video: fbdev: neofb: fix memory leak in neo_scan_monitor() - md-cluster: fix wild pointer of unlock_all_bitmaps() - [arm64] dts: hisilicon: hikey: fixes to comply with adi, adv7533 DT binding - [armhf] drm/etnaviv: fix ref count leak via pm_runtime_get_sync - drm/nouveau: fix multiple instances of reference count leaks - drm/debugfs: fix plain echo to connector "force" attribute - drm/radeon: disable AGP by default - mm/mmap.c: Add cond_resched() for exit_mmap() CPU stalls - brcmfmac: keep SDIO watchdog running when console_interval is non-zero - brcmfmac: To fix Bss Info flag definition Bug - brcmfmac: set state of hanger slot to FREE when flushing PSQ - iwlegacy: Check the return value of pcie_capability_read_*() - [arm64,armhf] gpu: host1x: debug: Fix multiple channels emitting messages simultaneously - usb: gadget: net2280: fix memory leak on probe error handling paths - dyndbg: fix a BUG_ON in ddebug_describe_flags - bcache: fix super block seq numbers comparision in register_cache_set() - [arm64,x86] ACPICA: Do not increment operation_region reference counts for field units - [arm64] drm/msm: ratelimit crtc event overflow error - [x86] agp/intel: Fix a memory leak on module initialisation failure - ath10k: Acquire tx_lock in tx error paths - [armhf] drm/etnaviv: Fix error path on failure to enable bus clk - [arm64] drm/arm: fix unintentional integer overflow on left shift - drm/mipi: use dcs write for mipi_dsi_dcs_set_tear_scanline - [powerpc*] cxl: Fix kobject memleak - drm/radeon: fix array out-of-bounds read and write issues - ipvs: allow connection reuse for unconfirmed conntrack - xfs: don't eat an EIO/ENOSPC writeback error when scrubbing data fork - xfs: fix reflink quota reservation accounting error - RDMA/rxe: Skip dgid check in loopback mode - PCI: Fix pci_cfg_wait queue locking problem - leds: core: Flush scheduled work for system suspend - [arm64,armhf] drm: panel: simple: Fix bpc for LG LB070WV8 panel - [armhf] phy: exynos5-usbdrd: Calibrating makes sense only for USB2.0 PHY - scsi: scsi_debug: Add check for sdebug_max_queue during module init - mwifiex: Prevent memory corruption handling keys - [powerpc*] vdso: Fix vdso cpu truncation - RDMA/qedr: SRQ's bug fixes - RDMA/rxe: Prevent access to wr->next ptr afrer wr is posted to send queue - [x86] staging: rtl8192u: fix a dubious looking mask before a shift - PCI/ASPM: Add missing newline in sysfs 'policy' - [powerpc*] book3s64/pkeys: Use PVR check instead of cpu feature - USB: serial: iuu_phoenix: fix led-activity helpers - usb: core: fix quirks_param_set() writing to a const pointer - [armhf] thermal: ti-soc-thermal: Fix reversed condition in ti_thermal_expose_sensor() - [mips*] OCTEON: add missing put_device() call in dwc3_octeon_device_init() - [arm*] usb: dwc2: Fix error path in gadget registration - [arm64,armhf] net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration - RDMA/core: Fix return error value in _ib_modify_qp() to negative - Bluetooth: hci_h5: Set HCI_UART_RESET_ON_INIT to correct flags - Bluetooth: hci_serdev: Only unregister device if it was registered - [x86] PCI: Release IVRS table in AMD ACS quirk - [s390x] qeth: don't process empty bridge port events - [arm64,armhf] wl1251: fix always return 0 error - [amd64] net: ethernet: aquantia: Fix wrong return value - liquidio: Fix wrong return value in cn23xx_get_pf_num() - dlm: Fix kobject memleak - ocfs2: fix unbalanced locking - [arm64,armhf] pinctrl-single: fix pcs_parse_pinconf() return value - svcrdma: Fix page leak in svc_rdma_recv_read_chunk() - [x86] fsgsbase/64: Fix NULL deref in 86_fsgsbase_read_task - [amd64] crypto: aesni - add compatibility with IAS - af_packet: TPACKET_V3: fix fill status rwlock imbalance - net/nfc/rawsock.c: add CAP_NET_RAW check. - net: Set fput_needed iff FDPUT_FPUT is set - net: refactor bind_bucket fastreuse into helper - net: initialize fastreuse on inet_inherit_port - USB: serial: cp210x: re-enable auto-RTS on open - USB: serial: cp210x: enable usb generic throttle/unthrottle - [x86] ALSA: hda - fix the micmute led status for Lenovo ThinkCentre AIO - ALSA: usb-audio: Creative USB X-Fi Pro SB1095 volume knob support - ALSA: usb-audio: fix overeager device match for MacroSilicon MS2109 - ALSA: usb-audio: work around streaming quirk for MacroSilicon MS2109 - [x86] crypto: qat - fix double free in qat_uclo_create_batch_init_list - [x86] crypto: ccp - Fix use of merged scatterlists - [arm64] crypto: cpt - don't sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified - bitfield.h: don't compile-time validate _val in FIELD_FIT - fs/minix: check return value of sb_getblk() - fs/minix: don't allow getting deleted inodes - fs/minix: reject too-large maximum file size - ALSA: usb-audio: add quirk for Pioneer DDJ-RB - 9p: Fix memory leak in v9fs_mount - drm/ttm/nouveau: don't call tt destroy callback on alloc failure. - NFS: Don't move layouts to plh_return_segs list while in use - NFS: Don't return layout segments that are in use - [arm64] cpufreq: dt: fix oops on armada37xx - include/asm-generic/vmlinux.lds.h: align ro_after_init - spi: spidev: Align buffers for DMA - [x86] irqdomain/treewide: Free firmware node after domain removal - xen/balloon: fix accounting in alloc_xenballooned_pages error path - xen/balloon: make the balloon wait interruptible https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.141 - smb3: warn on confusing error scenario with sec=krb5 - genirq/affinity: Make affinity setting if activated opt-in - [arm64,x86] PCI: hotplug: ACPI: Fix context refcounting in acpiphp_grab_context() - PCI: Mark AMD Navi10 GPU rev 0x00 ATS as broken - PCI: Add device even if driver attach failed - [arm64] PCI: qcom: Define some PARF params needed for ipq8064 SoC - [arm64] PCI: qcom: Add support for tx term offset for rev 2.1.0 - PCI: Probe bridge window attributes once at enumeration-time - btrfs: free anon block device right after subvolume deletion - btrfs: don't allocate anonymous block device for user invisible roots - btrfs: ref-verify: fix memory leak in add_block_entry - btrfs: don't traverse into the seed devices in show_devname - btrfs: open device without device_list_mutex - btrfs: fix messages after changing compression level by remount - btrfs: only search for left_info if there is no right_info in try_merge_free_space (CVE-2019-19448) - btrfs: fix memory leaks after failure to lookup checksums during inode logging - btrfs: fix return value mixup in btrfs_get_extent - cifs: Fix leak when handling lease break for cached root fid - [powerpc*] Allow 4224 bytes of stack expansion for the signal frame - [powerpc*] Fix circular dependency between percpu.h and mmu.h - [arm64] net: ethernet: stmmac: Disable hardware multicast filter - [arm64,armhf] net: stmmac: dwmac1000: provide multicast filter fallback - net/compat: Add missing sock updates for SCM_RIGHTS - md/raid5: Fix Force reconstruct-write io stuck in degraded raid5 - bcache: allocate meta data pages as compound pages - bcache: fix overflow in offset_to_stripe() - mac80211: fix misplaced while instead of if - driver core: Avoid binding drivers to dead devices - [mips*] CPU#0 is not hotpluggable - ocfs2: change slot number type s16 to u16 - mm/page_counter.c: fix protection usage propagation - ftrace: Setup correct FTRACE_FL_REGS flags for module - kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler - tracing/hwlat: Honor the tracing_cpumask - tracing: Use trace_sched_process_free() instead of exit() for pid tracing - [x86] watchdog: f71808e_wdt: indicate WDIOF_CARDRESET support in watchdog_info.options - [x86] watchdog: f71808e_wdt: remove use of wrong watchdog_info option - [x86] watchdog: f71808e_wdt: clear watchdog timeout occurred flag - [powerpc*] pseries: Fix 64 bit logical memory block panic - module: Correctly truncate sysfs sections output - [armhf] drm/imx: imx-ldb: Disable both channels for split mode in enc->disable() - RDMA/ipoib: Return void from ipoib_ib_dev_stop() - RDMA/ipoib: Fix ABBA deadlock with ipoib_reap_ah() - USB: serial: ftdi_sio: make process-packet buffer unsigned - USB: serial: ftdi_sio: clean up receive processing - [armhf] gpu: ipu-v3: image-convert: Combine rotate/no-rotate irq handlers - dm rq: don't call blk_mq_queue_stopped() in dm_stop_queue() - [amd64] iommu/vt-d: Enforce PASID devTLB field mask - scsi: lpfc: nvmet: Avoid hang / use-after-free again when destroying targetport - watchdog: initialize device before misc_register - Input: sentelic - fix error return when fsp_reg_write fails - [x86] drm/vmwgfx: Use correct vmw_legacy_display_unit pointer - [x86] drm/vmwgfx: Fix two list_for_each loop exit tests - [arm64] net: qcom/emac: add missed clk_disable_unprepare in error path of emac_clks_phase1_init - nfs: Fix getxattr kernel panic and memory overflow (CVE-2020-25212) - fs/minix: set s_maxbytes correctly - fs/minix: fix block limit check for V1 filesystems - fs/minix: remove expected error message in block_to_path() - fs/ufs: avoid potential u32 multiplication overflow - khugepaged: retract_page_tables() remember to test exit - [arm64] dts: marvell: espressobin: add ethernet alias - [x86] drm: Added orientation quirk for ASUS tablet model T103HAF https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.142 - drm/vgem: Replace opencoded version of drm_gem_dumb_map_offset() - perf probe: Fix memory leakage when the probe point is not found - khugepaged: khugepaged_test_exit() check mmget_still_valid() - khugepaged: adjust VM_BUG_ON_MM() in __khugepaged_enter() - btrfs: export helpers for subvolume name/id resolution - btrfs: don't show full path of bind mounts in subvol= - btrfs: Move free_pages_out label in inline extent handling branch in compress_file_range - btrfs: inode: fix NULL pointer dereference if inode doesn't need compression - btrfs: sysfs: use NOFS for device creation - romfs: fix uninitialized memory leak in romfs_dev_read() - kernel/relay.c: fix memleak on destroy relay channel - mm: include CMA pages in lowmem_reserve at boot - mm, page_alloc: fix core hung in free_pcppages_bulk() - ext4: fix checking of directory entry validity for inline directories - jbd2: add the missing unlock_buffer() in the error path of jbd2_write_superblock() - [s390x] scsi: zfcp: Fix use-after-free in request timeout handlers - kthread: Do not preempt current task if it is going to call schedule() - spi: Prevent adding devices below an unregistering controller - scsi: ufs: Add DELAY_BEFORE_LPM quirk for Micron devices - [arm*] scsi: target: tcmu: Fix crash in tcmu_flush_dcache_range on ARM - media: budget-core: Improve exception handling in budget_register() - Input: psmouse - add a newline when printing 'proto' by sysfs - svcrdma: Fix another Receive buffer leak - xfs: fix inode quota reservation checks - jffs2: fix UAF problem - ceph: fix use-after-free for fsc->mdsc - [x86] cpufreq: intel_pstate: Fix cpuinfo_max_freq when MSR_TURBO_RATIO_LIMIT is 0 - scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases - virtio_ring: Avoid loop when vq is broken in virtqueue_poll - xfs: Fix UBSAN null-ptr-deref in xfs_sysfs_init - fs/signalfd.c: fix inconsistent return codes for signalfd4 - ext4: fix potential negative array index in do_split() (CVE-2020-14314) - ext4: don't allow overlapping system zones - i40e: Set RX_ONLY mode for unicast promiscuous on VLAN - i40e: Fix crash during removing i40e driver - [armhf] net: fec: correct the error path for regulator disable in probe - bonding: show saner speed for broadcast mode - bonding: fix a potential double-unregister - [s390x] runtime_instrumentation: fix storage key handling - [s390x] ptrace: fix storage key handling - [x86] ASoC: intel: Fix memleak in sst_media_open - [amd64,arm64] vfio/type1: Add proper error unwind for vfio_iommu_replay() - [x86] kvm: Toggling CR4.SMAP does not load PDPTEs in PAE mode - [x86] kvm: Toggling CR4.PKE does not load PDPTEs in PAE mode - efi: avoid error message when booting under Xen - afs: Fix NULL deref in afs_dynroot_depopulate() - bonding: fix active-backup failover for current ARP slave - net: ena: Prevent reset after device destruction - [x86] hv_netvsc: Fix the queue_mapping in netvsc_vf_xmit() - [armhf] net: dsa: b53: check for timeout - [powerpc*] pseries: Do not initiate shutdown when system is running on UPS - efi: add missed destroy_workqueue when efisubsys_init fails - epoll: Keep a reference on files added to the check list - do_epoll_ctl(): clean the failure exits up a bit - mm/hugetlb: fix calculation of adjust_range_if_pmd_sharing_possible - xen: don't reschedule in preemption off sections - clk: Evict unregistered clks from parent caches - KVM: Pass MMU notifier range flags to kvm_unmap_hva_range() - [arm64] KVM: Only reschedule if MMU_NOTIFIER_RANGE_BLOCKABLE is not set https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.143 - [powerpc*] 64s: Don't init FSCR_DSCR in __init_FSCR() - gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY - net: Fix potential wrong skb->protocol in skb_vlan_untag() - net/smc: Prevent kernel-infoleak in __smc_diag_dump() - tipc: fix uninit skb->data in tipc_nl_compat_dumpit() - net: ena: Make missed_tx stat incremental - ipvlan: fix device features - [x86] mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs - [powerpc*] xive: Ignore kmemleak false positives - media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA value in debiirq() - blktrace: ensure our debugfs dir exists - scsi: target: tcmu: Fix crash on ARM during cmd completion - [arm*] iommu/iova: Don't BUG on invalid PFNs - [amd64] drm/amdkfd: Fix reference count leaks. - drm/radeon: fix multiple reference count leak - drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms - drm/amd/display: fix ref count leak in amdgpu_drm_ioctl - drm/amdgpu: fix ref count leak in amdgpu_display_crtc_set_config - drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails - scsi: lpfc: Fix shost refcount mismatch when deleting vport - xfs: Don't allow logging of XFS_ISTALE inodes - f2fs: fix error path in do_recover_data() - PCI: Fix pci_create_slot() reference count leak - rtlwifi: rtl8192cu: Prevent leaking urb - [mips*] vdso: Fix resource leaks in genvdso.c - cec-api: prevent leaking memory through hole in structure - HID: quirks: add NOGET quirk for Logitech GROUP - f2fs: fix use-after-free issue - drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open - drm/nouveau: fix reference count leak in nv50_disp_atomic_commit - drm/nouveau: Fix reference count leak in nouveau_connector_detect - btrfs: file: reserve qgroup space after the hole punch range is locked - scsi: iscsi: Do not put host in iscsi_set_flashnode_param() - ceph: fix potential mdsc use-after-free crash - scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del() - [x86] EDAC/ie31200: Fallback if host bridge device is already initialized - [arm64] KVM: Fix symbol dependency in __hyp_call_panic_nvhe - USB: sisusbvga: Fix a potential UB casued by left shifting a negative value - [arm64] drm/msm/adreno: fix updating ring fence - nvme-fc: Fix wrong return value in __nvme_fc_init_request() - null_blk: fix passing of REQ_FUA flag in null_handle_rq - jbd2: make sure jh have b_transaction set in refile/unfile_buffer - ext4: don't BUG on inconsistent journal feature - ext4: handle read only external journal device - jbd2: abort journal if free a async write error metadata buffer - ext4: handle option set by mount flags correctly - ext4: handle error of ext4_setup_system_zone() on remount - ext4: correctly restore system zone info when remount fails - fs: prevent BUG_ON in submit_bh_wbc() - [s390x] cio: add cond_resched() in the slow_eval_known_fn() loop - scsi: fcoe: Fix I/O path allocation - scsi: ufs: Fix possible infinite loop in ufshcd_hold - scsi: ufs: Improve interrupt handling for shared interrupts - scsi: ufs: Clean up completed request without interrupt notification - scsi: qla2xxx: Check if FW supports MQ before enabling - scsi: qla2xxx: Fix null pointer access during disconnect from subsystem - Revert "scsi: qla2xxx: Fix crash on qla2x00_mailbox_command" - macvlan: validate setting of multiple remote source MAC addresses - [powerpc*] perf: Fix soft lockups due to missed interrupt accounting - block: loop: set discard granularity and alignment for block device backed loop - [arm64,x86] HID: i2c-hid: Always sleep 60ms after I2C_HID_PWR_ON commands - blk-mq: order adding requests to hctx->dispatch and checking SCHED_RESTART - btrfs: reset compression level for lzo on remount - btrfs: fix space cache memory leak after transaction abort - fbcon: prevent user font height or width change from causing potential out-of-bounds access - vt: defer kfree() of vc_screenbuf in vc_do_resize() - vt_ioctl: change VT_RESIZEX ioctl to check for error return from vc_resize() - [armhf] serial: samsung: Removes the IRQ not found warning - [arm*] serial: pl011: Fix oops on -EPROBE_DEFER - [arm*] serial: pl011: Don't leak amba_ports entry on driver register error - serial: 8250_exar: Fix number of ports for Commtech PCIe cards - serial: 8250: change lock order in serial8250_do_startup() - writeback: Protect inode->i_io_list with inode->i_lock - writeback: Avoid skipping inode writeback - writeback: Fix sync livelock due to b_dirty_time processing - XEN uses irqdesc::irq_data_common::handler_data to store a per interrupt XEN data pointer which contains XEN specific information. - usb: host: xhci: fix ep context print mismatch in debugfs - xhci: Do warm-reset when both CAS and XDEV_RESUME are set - xhci: Always restore EP_SOFT_CLEAR_TOGGLE even if ep reset failed - PM: sleep: core: Fix the handling of pending runtime resume requests - device property: Fix the secondary firmware node handling in set_primary_fwnode() - [x86] genirq/matrix: Deal with the sillyness of for_each_cpu() on UP - drm/amdgpu: Fix buffer overflow in INFO ioctl - USB: yurex: Fix bad gfp argument - USB: quirks: Add no-lpm quirk for another Raydium touchscreen - USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D - [armhf] usb: host: ohci-exynos: Fix error handling in exynos_ohci_probe() - USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() - USB: cdc-acm: rework notification_buffer resizing - btrfs: check the right error variable in btrfs_del_dir_entries_in_log - [arm64,armhf] usb: dwc3: gadget: Don't setup more than requested - [arm64,armhf] usb: dwc3: gadget: Fix handling ZLP - [arm64,armhf] usb: dwc3: gadget: Handle ZLP for sg requests - [arm64,x86] tpm: Unify the mismatching TPM space buffer sizes - HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.144 - HID: core: Correctly handle ReportSize being zero - HID: core: Sanitize event code and type when mapping input - scsi: target: tcmu: Fix size in calls to tcmu_flush_dcache_range - scsi: target: tcmu: Optimize use of flush_dcache_page - [arm64] drm/msm: add shutdown support for display platform_driver - [x86] hwmon: (applesmc) check status earlier. - nvmet: Disable keep-alive timer when kato is cleared to 0h - [arm64] drm/msm/a6xx: fix gmu start on newer firmware - ceph: don't allow setlease on cephfs - cpuidle: Fixup IRQ state - [s390x] don't trace preemption in percpu macros - xen/xenbus: Fix granting of vmalloc'd memory - dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling - batman-adv: Avoid uninitialized chaddr when handling DHCP - batman-adv: bla: use netif_rx_ni when not in interrupt context - [mips*] mm: BMIPS5000 has inclusive physical caches - netfilter: nf_tables: add NFTA_SET_USERDATA if not null - netfilter: nf_tables: incorrect enum nft_list_attributes definition - netfilter: nf_tables: fix destination register zeroing - [arm64] net: hns: Fix memleak in hns_nic_dev_probe - [arm64,armhf] dmaengine: pl330: Fix burst length if burst size is smaller than bus width - gtp: add GTPA_LINK info to msg sent to userspace - bnxt_en: Don't query FW when netif_running() is false. - bnxt_en: Check for zero dir entries in NVRAM. - bnxt_en: Fix PCI AER error recovery flow - bnxt_en: fix HWRM error when querying VF temperature - xfs: fix boundary test in xfs_attr_shortform_verify (CVE-2020-14385) - bnxt: don't enable NAPI until rings are ready - netfilter: nfnetlink: nfnetlink_unicast() reports EAGAIN instead of ENOBUFS - nvmet-fc: Fix a missed _irqsave version of spin_lock in 'nvmet_fc_fod_op_done()' - net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init() - fix regression in "epoll: Keep a reference on files added to the check list" - xfs: fix xfs_bmap_validate_extent_raw when checking attr fork of rt files - tg3: Fix soft lockup when tg3_reset_task() fails. - [amd64] x86, fakenuma: Fix invalid starting node ID - [amd64] iommu/vt-d: Serialize IOMMU GCMD register modifications - [armhf] thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430 - xfs: don't update mtime on COW faults - btrfs: drop path before adding new uuid tree entry - vfio/type1: Support faulting PFNMAP vmas - vfio-pci: Fault mmaps to enable vma tracking - vfio-pci: Invalidate mmaps and block MMIO access on disabled memory (CVE-2020-12888) - btrfs: Remove redundant extent_buffer_get in get_old_root - btrfs: Remove extraneous extent_buffer_get from tree_mod_log_rewind - btrfs: set the lockdep class for log tree extent buffers - uaccess: Add non-pagefault user-space read functions - uaccess: Add non-pagefault user-space write function - btrfs: fix potential deadlock in the search ioctl - net: usb: qmi_wwan: add Telit 0x1050 composition - usb: qmi_wwan: add D-Link DWM-222 A2 device ID - ALSA: ca0106: fix error code handling - ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check - [x86] ALSA: hda/hdmi: always check pin power status in i915 pin fixup - ALSA: firewire-digi00x: exclude Avid Adrenaline from detection - [x86] ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO - media: rc: do not access device via sysfs after rc_unregister_device() - media: rc: uevent sysfs file races with rc_unregister_device() - affs: fix basic permission bits to actually work - block: allow for_each_bvec to support zero len bvec - libata: implement ATA_HORKAGE_MAX_TRIM_128M and apply to Sandisks - dm writecache: handle DAX to partitions on persistent memory correctly - dm cache metadata: Avoid returning cmd->bm wild pointer on error - dm thin metadata: Avoid returning cmd->bm wild pointer on error - mm: slub: fix conversion of freelist_corrupted() - [arm64] KVM: Add kvm_extable for vaxorcism code - [arm64] KVM: Defer guest entry when an asynchronous exception is pending - [arm64] KVM: Survive synchronous exceptions caused by AT instructions - [arm64] KVM: Set HCR_EL2.PTW to prevent AT taking synchronous exception - vfio/pci: Fix SR-IOV VF handling with MMIO blocking - checkpatch: fix the usage of capture group ( ... ) - mm/hugetlb: fix a race between hugetlb sysctl handlers (CVE-2020-25285) - cfg80211: regulatory: reject invalid hints - net: usb: Fix uninit-was-stored issue in asix_read_phy_addr() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.145 - ALSA; firewire-tascam: exclude Tascam FE-8 from detection - block: ensure bdi->io_pages is always initialized - net: usb: dm9601: Add USB ID of Keenetic Plus DSL - sctp: not disable bh in the whole sctp_get_port_local() - tipc: fix shutdown() of connectionless socket - net: disable netpoll on fresh napis - [arm64,armhf] net/mlx5e: Don't support phys switch id if not in switchdev mode https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.146 - RDMA/rxe: Fix memleak in rxe_mem_init_user - RDMA/rxe: Drop pointless checks in rxe_init_ports - [armhf] drm/sun4i: Fix dsi dcs long write function - scsi: libsas: Set data_dir as DMA_NONE if libata marks qc as NODATA - RDMA/core: Fix reported speed and width - [arm64] mmc: sdhci-msm: Add retries when all tuning phases are found valid - [arm64,x86] dmaengine: acpi: Put the CSRT table after using it - netfilter: conntrack: allow sctp hearbeat after connection re-use - [x86] firestream: Fix memleak in fs_open - [arm64,armhf] ALSA: hda: Fix 2 channel swapping for Tegra - xfs: initialize the shortform attr header padding entry - nvme-fabrics: don't check state NVME_CTRL_NEW for request acceptance - nvme-rdma: serialize controller teardown sequences - HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for all Saitek X52 devices - [ppc64el,x86] drivers/net/wan/hdlc_cisco: Add hard_header_len - HID: elan: Fix memleak in elan_input_configured - [x86] cpufreq: intel_pstate: Refuse to turn off with HWP enabled - [x86] cpufreq: intel_pstate: Fix intel_pstate_get_hwp_max() for turbo disabled - ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled - [amd64] iommu/amd: Do not use IOMMUv2 functionality when SME is active - [x86] iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak. - [x86] iio:magnetometer:ak8975 Fix alignment and data leak issues. - [armhf] iio:accel:mma8452: Fix timestamp alignment and prevent data leak. - [x86] staging: wlan-ng: fix out of bounds read in prism2sta_probe_usb() - btrfs: require only sector size alignment for parent eb bytenr - btrfs: fix lockdep splat in add_missing_dev - btrfs: fix wrong address when faulting in pages in the search ioctl - regulator: push allocation in set_consumer_device_supply() out of lock - scsi: target: iscsi: Fix data digest calculation - scsi: target: iscsi: Fix hang in iscsit_access_np() when getting tpg->np_login_sem - [arm64] drm/msm: Disable preemption on all 5xx targets - rbd: require global CAP_SYS_ADMIN for mapping and unmapping (CVE-2020-25284) - RDMA/rxe: Fix the parent sysfs read when the interface has 15 chars - vgacon: remove software scrollback support - fbcon: remove soft scrollback code (CVE-2020-14390) - fbcon: remove now unusued 'softback_lines' cursor() argument - [x86] KVM: VMX: Don't freeze guest when event delivery causes an APIC-access exit - [x86] video: fbdev: fix OOB read in vga_8planes_imageblit() - [arm64] phy: qcom-qmp: Use correct values for ipq8074 PCIe Gen2 PHY init - usb: core: fix slab-out-of-bounds Read in read_descriptors - USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter - USB: serial: option: support dynamic Quectel USB compositions - USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules - usb: Fix out of sync data toggle if a configured device is reconfigured - [x86] usb: typec: ucsi: acpi: Check the _DEP dependencies . [ Salvatore Bonaccorso ] * Bump ABI to 11 * Drop 'Revert "mips: Add udelay lpj numbers adjustment"' * [rt] Update to 4.19.135-rt60 * [rt] Refresh "net: Use skbufhead with raw lock" for context changes in 4.19.136 * [rt] Refresh "timers: Prepare for full preemption" for context changes in 4.19.138 * [rt] Refresh "timers: Redo the notification of canceling timers on -RT" for context changes in 4.19.138 * [rt] Refresh "watchdog: prevent deferral of watchdogd wakeup on RT" for context changes in 4.19.141 * Refresh "net: ena: fix crash during ena_remove()" for context changes in 4.19.142 * [rt] Refresh "Split IRQ-off and zone->lock while freeing pages from PCP list #1" for context changes in 4.19.142 * ACPI: configfs: Disallow loading ACPI tables when locked down (CVE-2020-15780) * [rt] Update to 4.19.142-rt63 * net/packet: fix overflow in tpacket_rcv (CVE-2020-14386) * debian/tests/python: pycodestyle: Increase max-line-length to 100. * gfs2: initialize transaction tr_ailX_lists earlier (Closes: #968567) llvm-toolchain-7 (1:7.0.1-8+deb10u2) buster; urgency=medium . * Non-maintainer upload. . [ Aurelien Jarno ] * Include upstream patch D71028 to add support for min/max/umin/umax atomics, fixing rust mips tests (Closes: #946874). llvm-toolchain-7 (1:7.0.1-8+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Fix for unordered cmpxchg instructions when building rustc. * Disable nomadd4 instructions on mips*. lucene-solr (3.6.2+dfsg-20+deb10u2) buster; urgency=medium . * Team upload. * Fix CVE-2019-0193: The DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging / development of a DIH config. Since a DIH config can contain scripts, this parameter is a security risk. Starting from now on, use of this parameter requires setting the Java System property "enable.dih.dataConfigParam" to true. For example this can be achieved with solr-tomcat by adding -Denable.dih.dataConfigParam=true to JAVA_OPTS in /etc/default/tomcat9. milkytracker (1.02.00+dfsg-1+deb10u1) buster; urgency=medium . * CVE-2020-15569 (Closes: #964797) * CVE-2019-14464, CVE-2019-14496, CVE-2019-14497 (Closes: #933964) modsecurity (3.0.3-1+deb10u2) buster-security; urgency=medium . * Add patch by Ervin Hegedüs to fix CVE-2020-15598. mupdf (1.14.0+ds1-4+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Heap-based buffer overflow in fz_append_display_node (CVE-2019-13290) (Closes: #931475) net-snmp (5.7.3+dfsg-5+deb10u1) buster-security; urgency=high . * snmpd: Make EXTEND-MIB readonly access Fixes CVE-2020-15862 Closes: #965166 * snmpd: Do not cache MIB directory Fixes CVE-2020-15861 Closes: #966599 nginx (1.14.2-2+deb10u3) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * bugfix: prevented request smuggling in the ngx.location.capture API (CVE-2020-11724) (Closes: #964950) node-bl (1.1.2-1+deb10u1) buster; urgency=medium . * Team upload * Add patch to fix over-read vulnerability (Closes: #969309, CVE-2020-8244) node-elliptic (6.4.1~dfsg-1+deb10u1) buster; urgency=medium . * Prevent malleability and overflows (Closes: CVE-2020-13822) node-mysql (2.16.0-1+deb10u1) buster; urgency=medium . * Team upload * Add localInfile option to control LOAD DATA LOCAL INFILE (Closes: #934712, CVE-2019-14939) node-url-parse (1.2.0-2+deb10u1) buster; urgency=medium . * Add missing test dependency: mocha * Fix insufficient validation and sanitization of user input (Closes: CVE-2020-8124) npm (5.8.0+ds6-4+deb10u2) buster; urgency=medium . * Team upload * Don't show password in logs (Closes: CVE-2020-15095) openexr (2.2.1-4.1+deb10u1) buster-security; urgency=medium . * CVE-2017-9115 CVE-2017-9114 CVE-2017-9113 CVE-2017-9111 CVE-2020-11765 CVE-2020-11764 CVE-2020-11763 CVE-2020-11762 CVE-2020-11761 CVE-2020-11760 CVE-2020-11759 CVE-2020-11758 CVE-2020-15306 CVE-2020-15305 openjdk-11 (11.0.8+10-1~deb10u1) buster-security; urgency=medium . * Rebuild for Buster openjdk-11 (11.0.7+10-3) unstable; urgency=high . * Backport the fix for JDK-8214571, -Xdoclint of array serialField gives "error: array type not allowed here". Introduced with 11.0.7. * Enable running the testsuite on release architectures. openjdk-11 (11.0.7+10-3~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security openjdk-11 (11.0.7+10-2) unstable; urgency=high . * Backport the fix for 8228407, JVM crashes with shared archive file mismatch. * Enable again bootcycle build for all hotspot architectures. * Build again with -march=zEC12 on Ubuntu/s390x. . openjdk-11 (11.0.7+10-1) unstable; urgency=high . * OpenJDK 11.0.7+10 build (release). * Security fixes - JDK-8223898, CVE-2020-2754: Forward references to Nashorn - JDK-8223904, CVE-2020-2755: Improve Nashorn matching - JDK-8224541, CVE-2020-2756: Better mapping of serial ENUMs - JDK-8224549, CVE-2020-2757: Less Blocking Array Queues - JDK-8225603: Enhancement for big integers - JDK-8226346: Build better binary builders - JDK-8227467: Better class method invocations - JDK-8227542: Manifest improved jar headers - JDK-8229733: TLS message handling improvements - JDK-8231415, CVE-2020-2773: Better signatures in XML - JDK-8231785: Improved socket permissions - JDK-8232424, CVE-2020-2778: More constrained algorithms - JDK-8232581, CVE-2020-2767: Improve TLS verification - JDK-8233250: Better X11 rendering - JDK-8233410: Better Build Scripting - JDK-8234027: Better JCEKS key support - JDK-8234408, CVE-2020-2781: Improve TLS session handling - JDK-8234825, CVE-2020-2800: Better Headings for HTTP Servers - JDK-8234841, CVE-2020-2803: Enhance buffering of byte buffers - JDK-8235274, CVE-2020-2805: Enhance typing of methods - JDK-8235691, CVE-2020-2816: Enhance TLS connectivity - JDK-8236201, CVE-2020-2830: Better Scanner conversions - JDK-8238960: linux-i586 builds are inconsistent as the newly build jdk is not able to reserve enough space for object heap . [ Matthias Klose ] * Refresh patches. * Configure --with-jtreg=/usr/share/jtreg. * Enable the buildwatch script on sh4 (Adrian Glaubitz). Closes: #956728. * Build with -march=z13 -mtune=z15 on Ubuntu/s390x. openjdk-11 (11.0.7+10-1) unstable; urgency=medium . * OpenJDK 11.0.7+10 build (release). - S8160926: FLAGS_COMPILER_CHECK_ARGUMENTS doesn't handle cross-compilation - S8189861: Refactor CacheFind - S8204551: Event descriptions are truncated in logs - S8210459: Add support for generating compile_commands.json - S8214534: Setting of THIS_FILE in the build is broken - S8217728: Speed up incremental rerun of "make hotspot" - S8219597: (bf) Heap buffer state changes could provoke unexpected exceptions - S8220613: java/util/Arrays/TimSortStackSize2.java times out with fastdebug build - S8221851: Use of THIS_FILE in hotspot invalidates precompiled header on Linux/GCC - S8222264: Windows incremental build is broken with JDK-8217728 - S8223678: Add Visual Studio Code workspace generation support (for native code) - S8223898: Forward references to Nashorn - S8223904: Improve Nashorn matching - S8224541: Better mapping of serial ENUMs - S8224549: Less Blocking Array Queues - S8225603: Enhancement for big integers - S8226346: Build better binary builders - S8227467: Better class method invocations - S8227542: Manifest improved jar headers - S8229733: TLS message handling improvements - S8231415: Better signatures in XML - S8231785: Improved socket permissions - S8232424: More constrained algorithms - S8232581: Improve TLS verification - S8233250: Better X11 rendering - S8233383: Various minor fixes - S8233410: Better Build Scripting - S8234027: Better JCEKS key support - S8234408: Improve TLS session handling - S8234825: Better Headings for HTTP Servers - S8234841: Enhance buffering of byte buffers - S8235274: Enhance typing of methods - S8235691: Enhance TLS connectivity - S8236201: Better Scanner conversions - S8237879: make 4.3 breaks build - S8238960: linux-i586 builds are inconsistent as the newly build jdk is not able to reserve enough space for object heap . [ Matthias Klose ] * Refresh patches. * Configure --with-jtreg=/usr/share/jtreg. * Enable the buildwatch script on sh4 (Adrian Glaubitz). Closes: #956728. * Build with -march=z13 -mtune=z15 on Ubuntu/s390x. openjdk-11 (11.0.7+9-1) unstable; urgency=medium . * OpenJDK 11.0.7+9 build (early access). * Make autopkgtests cross-test-friendly (Steve Langasek). LP: #1861467. * d/tests/jtreg-autopkgtest.in: keep generated hs_err log files with test artifacts to improve later debug (Tiago Stürmer Daitx). * d/tests/jtdiff-autopkgtest.in: set default vm to correctly locate (Tiago Stürmer Daitx) * jhsdb isn't built on sh4 (Adrian Glaubitz). Closes: #951774. openjdk-11 (11.0.6+10-2) unstable; urgency=medium . * Fix FTCBFS (Helmut Grohne). Addresses: #949460. - Missing Build-Depends: zlib1g-dev:native. - Use triplet-prefixed objcopy and strip. * Bump standards version. openjdk-11 (11.0.6+10-1) unstable; urgency=high . * OpenJDK 11.0.5+10 build (release). - S8220598: Malformed copyright year range in a few files in java.base. - S8224909, CVE-2020-2583: Unlink Set of LinkedHashSets. - S8225261: Better method resolutions. - S8225279: Better XRender interpolation. - S8226352, CVE-2020-2590: Improve Kerberos interop capabilities. - S8227758: More valid PKIX processing. - S8227816: More Colorful ICC profiles. - S8228548, CVE-2020-2593: Normalize normalization for all. - S8229728: Implement negotiation parameters. - S8229951, CVE-2020-2601: Better Ticket Granting Services. - S8230279: Improve Pack200 file reading. - S8230318: Better trust store usage. - S8230967: Improve Registry support of clients. - S8231139: Improved keystore support. - S8231422, CVE-2020-2604: Better serial filter handling. - S8231780, CVE-2020-2655: Better TLS messaging support. - S8231790: Provide better FileSystemProviders. - S8232419: Improve Registry registration. - S8234037, CVE-2020-2654: Improve Object Identifier Processing. * Disable zero on sparc64 (Adrian Glaubitz). Closes: #942030. * Make the generated character data source files reproducible (Emmanuel Bourg). Closes: #933339. * Make the generated module-info.java files reproducible (Emmanuel Bourg). Closes: #933342. * Make the generated copyright headers reproducible (Emmanuel Bourg). Closes: #933349. * Make the build user reproducible (Emmanuel Bourg). Closes: #933373. orocos-kdl (1.4.0-7+deb10u2) buster; urgency=medium . * Add patch for include path KDLConfig.cmake exports ${CMAKE_CURRENT_LIST_DIR}/../../../include as an include path, which resolves to /usr/include. This breaks with gcc > 5 and cmake < 3.16 as discussed in https://github.com/ros/rosdistro/issues/26526. As /usr/include is a default include path, the patch simply removes the extra path. postgresql-11 (11.9-0+deb10u1) buster; urgency=medium . * New upstream version. + Set a secure search_path in logical replication walsenders and apply workers (Noah Misch) . A malicious user of either the publisher or subscriber database could potentially cause execution of arbitrary SQL code by the role running replication, which is often a superuser. Some of the risks here are equivalent to those described in CVE-2018-1058, and are mitigated in this patch by ensuring that the replication sender and receiver execute with empty search_path settings. (As with CVE-2018-1058, that change might cause problems for under-qualified names used in replicated tables' DDL.) Other risks are inherent in replicating objects that belong to untrusted roles; the most we can do is document that there is a hazard to consider. (CVE-2020-14349) . + Make contrib modules' installation scripts more secure (Tom Lane) . Attacks similar to those described in CVE-2018-1058 could be carried out against an extension installation script, if the attacker can create objects in either the extension's target schema or the schema of some prerequisite extension. Since extensions often require superuser privilege to install, this can open a path to obtaining superuser privilege. To mitigate this risk, be more careful about the search_path used to run an installation script; disable check_function_bodies within the script; and fix catalog-adjustment queries used in some contrib modules to ensure they are secure. Also provide documentation to help third-party extension authors make their installation scripts secure. This is not a complete solution; extensions that depend on other extensions can still be at risk if installed carelessly. (CVE-2020-14350) postgresql-common (200+deb10u4) buster; urgency=medium . * t/170_extensions.t: Don't drop plpgsql before testing extensions. A recent security fix in the PostgreSQL server (CVE-2020-14350) makes use of plpgsql DO blocks in various extension creation scripts without declaring a formal dependency on it, so change tests not to drop plpgsql. pyzmq (17.1.2-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. * asyncio: wait for POLLOUT on sender in can_connect (Closes: #970567) qemu (1:3.1+dfsg-8+deb10u8) buster-security; urgency=medium . * mention fixing of CVE-2020-13765 in 3.1+dfsg-8+deb10u6 * xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch ARM-only XGMAC NIC, possible buffer overflow during packet transmission Closes: CVE-2020-15863 * sm501 OOB read/write due to integer overflow in sm501_2d_operation() List of patches: sm501-convert-printf-abort-to-qemu_log_mask.patch sm501-shorten-long-variable-names-in-sm501_2d_operation.patch sm501-use-BIT-macro-to-shorten-constant.patch sm501-clean-up-local-variables-in-sm501_2d_operation.patch sm501-replace-hand-written-implementation-with-pixman-CVE-2020-12829.patch Closes: #961451, CVE-2020-12829 * usb-fix-setup_len-init-CVE-2020-14364.patch Fix OOB r/w access in USB emulation Closes: #968947, CVE-2020-14364 * net-assertion-in-net_tx_pkt_add_raw_fragment-CVE-2020-16092.patch Fix net_tx_pkt_add_raw_fragment assertion in e1000e & vmxnet3 Closes: CVE-2020-16092 qt4-x11 (4:4.8.7+dfsg-18+deb10u1) buster; urgency=medium . * Backport upstream patch to fix buffer overflow in XBM parser, CVE-2020-17507 (Closes: #970308). qtbase-opensource-src (5.11.3+dfsg1-1+deb10u4) buster; urgency=medium . [ Dmitry Shachnev ] * Backport upstream patch to fix buffer overflow in XBM parser (CVE-2020-17507, closes: #968444). . [ Lisandro Damián Nicanor Pérez Meyer ] * Backport XCB_Fix_clipboard_breaking_when_timer_wraps_after_50_days.patch (Closes: #961293). Thanks Nicolás for pointing us to the bug fix. ros-actionlib (1.11.15-1+deb10u1) buster; urgency=high . * Add https://github.com/ros/actionlib/pull/171 (Fix CVE-2020-10289) roundcube (1.3.15+dfsg.1-1~deb10u1) buster-security; urgency=high . * New upstream release, with security fix for CVE-2020-16145: Cross-site scripting (XSS) vulnerability via HTML messages with malicious svg or math content. (Closes: #968216) ruby-kramdown (1.17.0-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Add option forbidden_inline_options (CVE-2020-14001) (Closes: #965305) ruby-ronn (0.8.0-2+deb10u1) buster; urgency=medium . * Team upload. * Fix handling of UTF-8 content in manpages (Closes: #965294) rust-cbindgen (0.14.4-1~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport to buster. * Vendor dependencies, they are not available in buster. * Only build the cbindgen binary. * Lower dh-cargo build-dep. * Bump rustc and cargo build-deps. rust-cbindgen (0.14.3-1) unstable; urgency=medium . * Package cbindgen 0.14.3 from crates.io using debcargo 2.4.3 rust-cbindgen (0.14.2-1) unstable; urgency=medium . * Package cbindgen 0.14.2 from crates.io using debcargo 2.4.2 rust-cbindgen (0.14.1-1) unstable; urgency=medium . * Package cbindgen 0.14.1 from crates.io using debcargo 2.4.2 rust-cbindgen (0.14.0-3) unstable; urgency=medium . * Package cbindgen 0.14.0 from crates.io using debcargo 2.4.0 * Only run the testssuite on the binary rust-cbindgen (0.14.0-2) unstable; urgency=medium . * Don't run autopkgtest for now. It needs g++ and I cannot add it as dep as debcargo doesn't manage that yet. WIP https://salsa.debian.org/rust-team/debcargo/-/merge_requests/24 rust-cbindgen (0.14.0-1) unstable; urgency=medium . * Package cbindgen 0.14.0 from crates.io using debcargo 2.4.0 * Cherry-pick upstream page to fix autopkgtest rust-cbindgen (0.13.1-2) unstable; urgency=medium . * Package cbindgen 0.13.1 from crates.io using debcargo 2.4.0 * Upload to unstable. Still blocked by NEW. rust-cbindgen (0.13.1-1) experimental; urgency=medium . * Team upload. * Package cbindgen 0.13.1 from crates.io using debcargo 2.4.2 rust-cbindgen (0.12.1-1) unstable; urgency=medium . * Package cbindgen 0.12.1 from crates.io using debcargo 2.4.0 rust-cbindgen (0.12.0-1) unstable; urgency=medium . * Package cbindgen 0.12.0 from crates.io using debcargo 2.4.0 rust-cbindgen (0.11.1-1) unstable; urgency=medium . * Package cbindgen 0.11.1 from crates.io using debcargo 2.4.0 rust-cbindgen (0.11.0-1) unstable; urgency=medium . * Package cbindgen 0.11.0 from crates.io using debcargo 2.4.0 rust-cbindgen (0.10.0-1) unstable; urgency=medium . * Package cbindgen 0.10.0 from crates.io using debcargo 2.4.0 rust-cbindgen (0.9.1-1) unstable; urgency=medium . * Package cbindgen 0.9.1 from crates.io using debcargo 2.4.0 rust-cbindgen (0.9.0-1) unstable; urgency=medium . * Package cbindgen 0.9.0 from crates.io using debcargo 2.3.1-alpha.0 * Remove testsuite-fix.patch (merged upstream) rustc (1.41.1+dfsg1-1~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport to buster. * stage0 build. - Use arm-unknown-linux-gnueabi target for armel. * Use LLVM 7. * Disable wasm. * Reduce debugging symbols on i386 to avoid FTBFS due to OOM. rustc (1.40.0+dfsg1-5) unstable; urgency=medium . * More python 2 -> 3 fixes. * Allow 24 failing tests on riscv64. * Reenable debuginfo for rustc, not just libstd. * Reenable backtraces during tests. rustc (1.40.0+dfsg1-4) unstable; urgency=medium . * Experimental riscv64 support. rustc (1.40.0+dfsg1-3) unstable; urgency=medium . * Work around upstream #59264 again. :/ rustc (1.40.0+dfsg1-2) unstable; urgency=medium . * Fix more internal build scripts so they use python3. * Don't add -L/usr/lib/llvm when cross-compiling. (Closes: #941783) rustc (1.40.0+dfsg1-1) unstable; urgency=medium . * Upload to unstable. * Ignore new test failing on arm that also fails in previous versions. rustc (1.40.0+dfsg1-1~exp1) experimental; urgency=medium . * New upstream release. rustc (1.39.0+dfsg1-4) unstable; urgency=medium . * Update to LLVM 9. (Closes: #946886) rustc (1.39.0+dfsg1-3) unstable; urgency=medium . * Fix mips patch involving mxgot for new RUSTFLAGS behaviour. rustc (1.39.0+dfsg1-2) unstable; urgency=medium . * Include reproducibility patch for compiler-builtins. * Use python3 instead of python to run rustbuild. (Closes: #938422) * Expand d-ignore-error-detail-diff.patch for unfixed upstream #53081. rustc (1.39.0+dfsg1-1) unstable; urgency=medium . * New upstream release. rustc (1.38.0+dfsg1-2) unstable; urgency=medium . * Fix building with rustc 1.38.0 * Fix building with cargo 0.40.0 rustc (1.38.0+dfsg1-1) unstable; urgency=medium . * New upstream release. rustc (1.37.0+dfsg1-1) unstable; urgency=medium . * Upload to unstable. * Fix a typo in debian/rules regex causing FTBFS on some arches. rustc (1.37.0+dfsg1-1~exp2) experimental; urgency=medium . * Support cross-compiling to wasm32. (Closes: #903110) To do that, install the libstd-rust-dev-wasm32-cross package and give --target wasm32-unknown-unknown. * Drop dependency on system compiler-rt, these new versions of rustc actually don't need it at all. rustc (1.37.0+dfsg1-1~exp1) experimental; urgency=medium . * New upstream release. * Use system compiler-rt. rustc (1.36.0+dfsg1-2) unstable; urgency=medium . * Set CARGO_HOME to debian/cargo_home (instead of $HOME/.cargo) as newer versions of cargo must take a file lock that has to exist. rustc (1.36.0+dfsg1-1) unstable; urgency=medium . * Upload to unstable. rustc (1.36.0+dfsg1-1~exp1) experimental; urgency=medium . * New upstream release. rustc (1.35.0+dfsg1-1) unstable; urgency=medium . * Add entry in 1.34.2+dfsg1-1 to note that it uses LLVM 7. * Add entry in 1.35.0+dfsg1-1~exp2 to note that it uses LLVM 8. * Fix ICE on sparc64 by including upstream PR #61881. rustc (1.35.0+dfsg1-1~exp1) experimental; urgency=medium . * Don't use system compiler-rt, it's not ready yet. * New upstream release. s390-tools (2.3.0-2~deb10u1) buster; urgency=medium . * Upload debootstrap fix to Debian stable. (Closes: #960265) squid (4.6-1+deb10u4) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * SQUID-2020:8 HTTP(S) Request Splitting (CVE-2020-15811) (Closes: #968932) * SQUID-2020:9 Denial of Service processing Cache Digest Response (CVE-2020-24606) (Closes: #968933) * SQUID-2020:10 HTTP(S) Request Smuggling (CVE-2020-15810) (Closes: #968934) teeworlds (0.7.2-5+deb10u1) buster-security; urgency=high . * Team upload. * Fix CVE-2020-12066: A remote attacker was able to shut down the teeworlds server and cause a denial-of-service by crafting a specific server packet. thunderbird (1:68.12.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security * [32b3711] Revert "d/xpi-pack.sh: adding xpi-pack shell script" * [b50609a] Revert "Drop mozilla-devscripts as B-D" * [fd054fc] Revert "Drop python-{minimal,ply} from B-D" * [5a2a88c] Revert "d/control: tb manually set dep on libnss3 to 2:3.55" thunderbird (1:68.11.0-3) unstable; urgency=medium . * [28707fd] d/xpi-pack.sh: adding xpi-pack shell script As we can't depend on mozilla-devscripts anymore we pick up the shell script from that package as this builds XPI files we need. * [037212e] Drop mozilla-devscripts as B-D mozilla-devscripts isn't ported to Python3 yet and depends on Python2 so. We don't need that package as B-D as we picked the main shell script from that and we can drop that package from the build dependencies. * [31eda41] Drop python-{minimal,ply} from B-D These packages are removed from teh archive and we don't need them for building Thunderbird as long we have python2 as package available. (Closes: #967223) thunderbird (1:68.11.0-2) unstable; urgency=medium . * [110a375] d/control: increase B-D for libnss3 * [73fa23e] d/control: tb manually set dep on libnss3 to 2:3.55 (Closes: #966806) thunderbird (1:68.11.0-1) unstable; urgency=medium . * [093b080] New upstream version 68.11.0 Fixed CVE issues in upstream version 68.11.0 (MFSA 2020-35): CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker CVE-2020-6514: WebRTC data channel leaks internal address to peer CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture CVE-2020-15659: Memory safety bugs fixed in Thunderbird 68.11 thunderbird (1:68.11.0-1~deb10u1) stable-security; urgency=medium . * Rebuild for buster-security thunderbird (1:68.10.0-1) unstable; urgency=medium . * [7537684] New upstream version 68.10.0 Fixed CVE issues in upstream version 68.10.0 (MFSA 2020-26): CVE-2020-12417: Memory corruption due to missing sign-extension for ValueTags on ARM64 CVE-2020-12418: Information disclosure due to manipulated URL object CVE-2020-12419: Use-after-free in nsGlobalWindowInner CVE-2020-12420: Use-After-Free when trying to connect to a STUN server MFSA-2020-0001: Automatic account setup leaks Microsoft Exchange login credentials CVE-2020-12421: Add-On updates did not respect the same certificate trust rules as software updates webkit2gtk (2.28.4-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. webkit2gtk (2.28.3-2) unstable; urgency=high . * The WebKitGTK security advisory WSA-2020-0006 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-13753 (fixed in 2.28.3). * Don't build the documentation in binary-arch builds and with the nodoc build profile (Closes: #962616). + debian/control: - Move gtk-doc-tools and *-doc to Build-Depends-Indep. - Add Build-Profiles: to libwebkit2gtk-4.0-doc + debian/rules: - Use dh_listpackages to decide whether to build the documentation. xorg-server (2:1.20.4-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix for ZDI-11426 (CVE-2020-14347) (Closes: #968986) * Correct bounds checking in XkbSetNames() (CVE-2020-14345) * Fix XIChangeHierarchy() integer underflow (CVE-2020-14346) * Fix XkbSelectEvents() integer underflow (CVE-2020-14361) * Fix XRecordRegisterClients() Integer underflow (CVE-2020-14362) xrdp (0.9.9-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * libscp v1 server set height twice, and not set width * xrdp-sesman can be crashed remotely over port 3350 (CVE-2020-4044) (Closes: #964573) * Fixed CVE-2020-4044 CI errors zeromq3 (4.3.1-4+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * zeromq connects peer before handshake is completed (CVE-2020-15166) ====================================== Sat, 01 Aug 2020 - Debian 10.5 released ====================================== ========================================================================= [Date: Sat, 01 Aug 2020 08:54:01 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: matrix-synapse | 0.99.2-6 | source, all Closed bugs: 959723 ------------------- Reason ------------------- RoM; security issues; unsupportable ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 01 Aug 2020 08:54:20 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: firefoxdriver | 3.14.1-1 | amd64, i386 selenium-firefoxdriver | 3.14.1-1 | source Closed bugs: 960585 ------------------- Reason ------------------- RoQA; does not support firefox beyond 52.0 ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 01 Aug 2020 08:54:51 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: janus | 0.6.1-1 | source, amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x janus-demos | 0.6.1-1 | all janus-dev | 0.6.1-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x janus-doc | 0.6.1-1 | all janus-tools | 0.6.1-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x libjs-janus | 0.6.1-1 | all Closed bugs: 962694 ------------------- Reason ------------------- RoM; not supportable for the lifetime of a stable release ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 01 Aug 2020 08:55:10 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: fonts-mathematica | 21 | all mathematica-fonts | 21 | source, all Closed bugs: 964343 ------------------- Reason ------------------- RoQA; relies on unavailable download location ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 01 Aug 2020 08:55:28 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: golang-github-unknwon-cae | 0.0~git20160715.0.c6aac99-4 | source golang-github-unknwon-cae-dev | 0.0~git20160715.0.c6aac99-4 | all Closed bugs: 966454 ------------------- Reason ------------------- RoQA; security issues; unmaintained ---------------------------------------------- ========================================================================= apache-log4j1.2 (1.2.17-8+deb10u1) buster-security; urgency=high . * Team upload. * Fix CVE-2019-17571. (Closes: #947124) Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. appstream-glib (0.7.14-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport upstream fix for FTBFS in the year 2020. (Closes: #949169) apt (1.8.2.1) buster-security; urgency=high . * SECURITY UPDATE: Out of bounds read in ar, tar implementations (LP: #1878177) - apt-pkg/contrib/arfile.cc: Fix out-of-bounds read in member name - apt-pkg/contrib/arfile.cc: Fix out-of-bounds read on unterminated member names in error path - apt-pkg/contrib/extracttar.cc: Fix out-of-bounds read on unterminated member names in error path - CVE-2020-3810 * .gitlab.ci.yml: Point to debian:buster asunder (2.9.3-3+deb10u1) buster; urgency=medium . * Add patch to use gnudb instead of freedb by default * Add a NEWS item for freedb closing b43-fwcutter (1:019-4+deb10u1) buster; urgency=medium . [ Andreas Beckmann ] * QA upload. * Run firmware removal commands under LC_ALL=C. (Closes: #960791) * Do not fail while removing no longer existing files. (Closes: #956858) * Add dependency on pciutils for lspci. . [ Raphaël Hertzog ] * Add ca-certificates to Depends so that we can download over https. balsa (2.5.6-2+deb10u1) buster; urgency=medium . * Provide server identity when validating certificates (allows to verify certs with a glib-networking patch for CVE-2020-13645). Patch taken from Ubuntu. Closes: #961792. base-files (10.3+deb10u5) buster; urgency=medium . * Change /etc/debian_version to 10.5, for Debian 10.5 point release. batik (1.10-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. * CVE-2019-17566: Server-side request forgery via xlink:href attributes. (Closes: #964510) bind9 (1:9.11.5.P4+dfsg-5.1+deb10u1) buster-security; urgency=high . * [CVE-2019-6477]: TCP-pipelined queries can bypass tcp-clients limit. (Closes: #945171) * [CVE-2020-8616]: Fix NXNSATTACK amplification attack on BIND 9 * [CVE-2020-8617]: Fix assertion failure in TSIG processing code borgbackup (1.1.9-2+deb10u1) buster; urgency=medium . * Fix index corruption bug leading to data loss (Closes: #953615). bundler (1.17.3-3+deb10u1) buster; urgency=medium . * Non-maintainer upload. . [ Utkarsh Gupta ] * Bump minimum version of ruby-molinillo in ruby-bundler (Closes: #945481) c-icap-modules (1:0.5.3-1+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport support for ClamAV 0.102. (Closes: #952009) cacti (1.2.2+ds1-2+deb10u3) buster; urgency=medium . * Unix timestamps after Sep 13 2020 are rejected as graph start/end arguments (Upstream bug #3245) * CVE-2020-7237: Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify the Performance Settings of the product. (Closes: #949997) * CVE-2020-7106: XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS). (Closes: #949996) * CVE-2020-13230: Disabling an user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs) * CVE-2020-13231: auth_profile.php?action=edit allows CSRF for an admin email change calamares-settings-debian (10.0.20-1+deb10u3) buster; urgency=medium . * Use xdg-user-dir to specify Desktop directory (Closes: #959541) calamares-settings-debian (10.0.20-1+deb10u2) buster; urgency=medium . * Fix type in previous entry (s/desk/disk) * Enable displaymanager module, fixing autologin options (Closes: #934503, #934504) chromium (83.0.4103.116-1~deb10u3) buster-security; urgency=medium . * Fix crashes when a connection error occurs (closes: #963548). chromium (83.0.4103.116-1~deb10u2) buster-security; urgency=medium . * Rebuild with optimization (closes: #964145). chromium (83.0.4103.116-1~deb10u1) buster-security; urgency=medium . * New upstream stable release. - CVE-2020-6423: Use after free in audio. Reported by Anonymous - CVE-2020-6430: Type Confusion in V8. Reported by Avihay Cohen - CVE-2020-6431: Insufficient policy enforcement in full screen. Reported by Luan Herrera - CVE-2020-6432: Insufficient policy enforcement in navigations. Reported by David Erceg - CVE-2020-6433: Insufficient policy enforcement in extensions. Reported by David Erceg - CVE-2020-6434: Use after free in devtools. Reported by HyungSeok Han - CVE-2020-6435: Insufficient policy enforcement in extensions. Reported by Sergei Glazunov - CVE-2020-6436: Use after free in window management. Reported by Igor Bukanov - CVE-2020-6437: Inappropriate implementation in WebView. Reported by Jann Horn - CVE-2020-6438: Insufficient policy enforcement in extensions. Reported by Ng Yik Phang - CVE-2020-6439: Insufficient policy enforcement in navigations. Reported by remkoboonstra - CVE-2020-6440: Inappropriate implementation in extensions. Reported by David Erceg - CVE-2020-6441: Insufficient policy enforcement in omnibox. Reported by David Erceg - CVE-2020-6442: Inappropriate implementation in cache. Reported by B@rMey - CVE-2020-6443: Insufficient data validation in developer tools. Reported by @lovasoa - CVE-2020-6444: Uninitialized use in WebRTC. Reported by mlfbrown - CVE-2020-6445: Insufficient policy enforcement in trusted types. Reported by Jun Kokatsu - CVE-2020-6446: Insufficient policy enforcement in trusted types. Reported by Jun Kokatsu - CVE-2020-6447: Inappropriate implementation in developer tools. Reported by David Erceg - CVE-2020-6448: Use after free in V8. Reported by Guang Gong - CVE-2020-6454: Use after free in extensions. Reported by leecraso and Guang Gong - CVE-2020-6455: Out of bounds read in WebSQL. Reported by Nan Wang and Guang Gong - CVE-2020-6456: Insufficient validation of untrusted input in clipboard. Reported by Michał Bentkowski - CVE-2020-6457: Use after free in speech recognizer. Reported by Leecraso and Guang Gong - CVE-2020-6458: Out of bounds read and write in PDFium. Reported by Aleksandar Nikolic - CVE-2020-6459: Use after free in payments. Reported by Zhe Jin - CVE-2020-6460: Insufficient data validation in URL formatting. Reported by Anonymous - CVE-2020-6461: Use after free in storage. Reported by Zhe Jin - CVE-2020-6462: Use after free in task scheduling. Reported by Zhe Jin - CVE-2020-6463: Use after free in ANGLE. Reported by Pawel Wylecial - CVE-2020-6464: Type Confusion in Blink. Reported by Looben Yang - CVE-2020-6465: Use after free in reader mode. Reported by Woojin Oh - CVE-2020-6466: Use after free in media. Reported by Zhe Jin - CVE-2020-6467: Use after free in WebRTC. Reported by ZhanJia Song - CVE-2020-6468: Type Confusion in V8. Reported by Chris Salls and Jake Corina - CVE-2020-6469: Insufficient policy enforcement in developer tools. Reported by David Erceg - CVE-2020-6470: Insufficient validation of untrusted input in clipboard. Reported by Michał Bentkowski - CVE-2020-6471: Insufficient policy enforcement in developer tools. Reported by David Erceg - CVE-2020-6472: Insufficient policy enforcement in developer tools. Reported by David Erceg - CVE-2020-6473: Insufficient policy enforcement in Blink. Reported by Soroush Karami and Panagiotis Ilia - CVE-2020-6474: Use after free in Blink. Reported by Zhe Jin - CVE-2020-6475: Incorrect security UI in full screen. Reported by Khalil Zhani - CVE-2020-6476: Insufficient policy enforcement in tab strip. Reported by Alexandre Le Borgne - CVE-2020-6478: Inappropriate implementation in full screen. Reported by Khalil Zhani - CVE-2020-6479: Inappropriate implementation in sharing. Reported by Zhong Zhaochen - CVE-2020-6480: Insufficient policy enforcement in enterprise. Reported by Marvin Witt - CVE-2020-6481: Insufficient policy enforcement in URL formatting. Reported by Rayyan Bijoora - CVE-2020-6482: Insufficient policy enforcement in developer tools. Reported by Abdulrahman Alqabandi - CVE-2020-6483: Insufficient policy enforcement in payments. Reported by Jun Kokatsu - CVE-2020-6484: Insufficient data validation in ChromeDriver. Reported by Artem Zinenko - CVE-2020-6485: Insufficient data validation in media router. Reported by Sergei Glazunov - CVE-2020-6486: Insufficient policy enforcement in navigations. Reported by David Erceg - CVE-2020-6487: Insufficient policy enforcement in downloads. Reported by Jun Kokatsu - CVE-2020-6488: Insufficient policy enforcement in downloads. Reported by David Erceg - CVE-2020-6489: Inappropriate implementation in developer tools. Reported by @lovasoa - CVE-2020-6490: Insufficient data validation in loader. Reported by Twitter - CVE-2020-6491: Incorrect security UI in site information. Reported by Sultan Haikal - CVE-2020-6493: Use after free in WebAuthentication. Reported by Anonymous - CVE-2020-6494: Incorrect security UI in payments. Reported by Juho Nurminen - CVE-2020-6495: Insufficient policy enforcement in developer tools. Reported by David Erceg - CVE-2020-6496: Use after free in payments. Reported by Khalil Zhani - CVE-2020-6497: Insufficient policy enforcement in Omnibox. Reported by Rayyan Bijoora - CVE-2020-6498: Incorrect security UI in progress display. Reported by Rayyan Bijoora - CVE-2020-6505: Use after free in speech. Reported by Khalil Zhani - CVE-2020-6506: Insufficient policy enforcement in WebView. Reported by Alesandro Ortiz - CVE-2020-6507: Out of bounds write in V8. Reported by Sergei Glazunov - CVE-2020-6509: Use after free in extensions. Reported by Anonymous - CVE-2020-6831: Stack buffer overflow in SCTP. Reported by Natalie Silvanovich chromium (83.0.4103.106-1) unstable; urgency=medium . * New upstream security release. - CVE-2020-6493: Use after free in WebAuthentication. Reported by Anonymous - CVE-2020-6494: Incorrect security UI in payments. Reported by Juho Nurminen - CVE-2020-6495: Insufficient policy enforcement in developer tools. Reported by David Erceg - CVE-2020-6496: Use after free in payments. Reported by Khalil Zhani - CVE-2020-6497: Insufficient policy enforcement in Omnibox. Reported by Rayyan Bijoora - CVE-2020-6498: Incorrect security UI in progress display. Reported by Rayyan Bijoora - CVE-2020-6505: Use after free in speech. Reported by Khalil Zhani - CVE-2020-6506: Insufficient policy enforcement in WebView. Reported by Alesandro Ortiz - CVE-2020-6507: Out of bounds write in V8. Reported by Sergei Glazunov * Conflict with ffmpeg 4.3 (closes: #963080). * Support building with icu 67 (closes: #960236). * Support building with re2 20200501 (closes: #960361). chromium (83.0.4103.83-1) unstable; urgency=medium . * New upstream stable release. - CVE-2020-6457: Use after free in speech recognizer. Reported by Leecraso and Guang Gong - CVE-2020-6458: Out of bounds read and write in PDFium. Reported by Aleksandar Nikolic - CVE-2020-6459: Use after free in payments. Reported by Zhe Jin - CVE-2020-6460: Insufficient data validation in URL formatting. Reported by Anonymous - CVE-2020-6461: Use after free in storage. Reported by Zhe Jin - CVE-2020-6462: Use after free in task scheduling. Reported by Zhe Jin - CVE-2020-6463: Use after free in ANGLE. Reported by Pawel Wylecial - CVE-2020-6464: Type Confusion in Blink. Reported by Looben Yang - CVE-2020-6465: Use after free in reader mode. Reported by Woojin Oh - CVE-2020-6466: Use after free in media. Reported by Zhe Jin - CVE-2020-6467: Use after free in WebRTC. Reported by ZhanJia Song - CVE-2020-6468: Type Confusion in V8. Reported by Chris Salls and Jake Corina - CVE-2020-6469: Insufficient policy enforcement in developer tools. Reported by David Erceg - CVE-2020-6470: Insufficient validation of untrusted input in clipboard. Reported by Michał Bentkowski - CVE-2020-6471: Insufficient policy enforcement in developer tools. Reported by David Erceg - CVE-2020-6472: Insufficient policy enforcement in developer tools. Reported by David Erceg - CVE-2020-6473: Insufficient policy enforcement in Blink. Reported by Soroush Karami and Panagiotis Ilia - CVE-2020-6474: Use after free in Blink. Reported by Zhe Jin - CVE-2020-6475: Incorrect security UI in full screen. Reported by Khalil Zhani - CVE-2020-6476: Insufficient policy enforcement in tab strip. Reported by Alexandre Le Borgne - CVE-2020-6478: Inappropriate implementation in full screen. Reported by Khalil Zhani - CVE-2020-6479: Inappropriate implementation in sharing. Reported by Zhong Zhaochen - CVE-2020-6480: Insufficient policy enforcement in enterprise. Reported by Marvin Witt - CVE-2020-6481: Insufficient policy enforcement in URL formatting. Reported by Rayyan Bijoora - CVE-2020-6482: Insufficient policy enforcement in developer tools. Reported by Abdulrahman Alqabandi - CVE-2020-6483: Insufficient policy enforcement in payments. Reported by Jun Kokatsu - CVE-2020-6484: Insufficient data validation in ChromeDriver. Reported by Artem Zinenko - CVE-2020-6485: Insufficient data validation in media router. Reported by Sergei Glazunov - CVE-2020-6486: Insufficient policy enforcement in navigations. Reported by David Erceg - CVE-2020-6487: Insufficient policy enforcement in downloads. Reported by Jun Kokatsu - CVE-2020-6488: Insufficient policy enforcement in downloads. Reported by David Erceg - CVE-2020-6489: Inappropriate implementation in developer tools. Reported by @lovasoa - CVE-2020-6490: Insufficient data validation in loader. Reported by Twitter - CVE-2020-6491: Incorrect security UI in site information. Reported by Sultan Haikal - CVE-2020-6831: Stack buffer overflow in SCTP. Reported by Natalie Silvanovich chromium (81.0.4044.92-1) unstable; urgency=medium . * New upstream stable release. - CVE-2020-6423: Use after free in audio. Reported by Anonymous - CVE-2020-6430: Type Confusion in V8. Reported by Avihay Cohen - CVE-2020-6431: Insufficient policy enforcement in full screen. Reported by Luan Herrera - CVE-2020-6432: Insufficient policy enforcement in navigations. Reported by David Erceg - CVE-2020-6433: Insufficient policy enforcement in extensions. Reported by David Erceg - CVE-2020-6434: Use after free in devtools. Reported by HyungSeok Han - CVE-2020-6435: Insufficient policy enforcement in extensions. Reported by Sergei Glazunov - CVE-2020-6436: Use after free in window management. Reported by Igor Bukanov - CVE-2020-6437: Inappropriate implementation in WebView. Reported by Jann Horn - CVE-2020-6438: Insufficient policy enforcement in extensions. Reported by Ng Yik Phang - CVE-2020-6439: Insufficient policy enforcement in navigations. Reported by remkoboonstra - CVE-2020-6440: Inappropriate implementation in extensions. Reported by David Erceg - CVE-2020-6441: Insufficient policy enforcement in omnibox. Reported by David Erceg - CVE-2020-6442: Inappropriate implementation in cache. Reported by B@rMey - CVE-2020-6443: Insufficient data validation in developer tools. Reported by @lovasoa - CVE-2020-6444: Uninitialized use in WebRTC. Reported by mlfbrown - CVE-2020-6445: Insufficient policy enforcement in trusted types. Reported by Jun Kokatsu - CVE-2020-6446: Insufficient policy enforcement in trusted types. Reported by Jun Kokatsu - CVE-2020-6447: Inappropriate implementation in developer tools. Reported by David Erceg - CVE-2020-6448: Use after free in V8. Reported by Guang Gong - CVE-2020-6454: Use after free in extensions. Reported by leecraso and Guang Gong - CVE-2020-6455: Out of bounds read in WebSQL. Reported by Nan Wang and Guang Gong - CVE-2020-6456: Insufficient validation of untrusted input in clipboard. Reported by Michał Bentkowski chromium (81.0.4044.62-1) experimental; urgency=medium . * New upstream beta release. chromium (80.0.3987.162-1) unstable; urgency=medium . * New upstream security release. - CVE-2020-6450: Use after free in WebAudio. Reported by Man Yue Mo - CVE-2020-6451: Use after free in WebAudio. Reported by Man Yue Mo - CVE-2020-6452: Heap buffer overflow in media. Reported by asnine clamav (0.102.4+dfsg-0+deb10u1) buster; urgency=medium . * Import 0.102.4 - CVE-2020-3350 (A malicious user trick clamav into moving a different file). - CVE-2020-3327 (A vulnerability in the ARJ archive parsing module). - CVE-2020-3481 (A vulnerability in the EGG archive module). * Update symbol file. clamav (0.102.3+dfsg-1) unstable; urgency=medium . * Import 0.102.3 - CVE-2020-3327 (A vulnerability in the ARJ archive parsing module) - CVE-2020-3341 (A vulnerability in the PDF parsing module) * Update symbol file. clamav (0.102.3+dfsg-0+deb10u1) buster; urgency=medium . [ Sebastian Andrzej Siewior ] * Import 0.102.3 - CVE-2020-3327 (A vulnerability in the ARJ archive parsing module) - CVE-2020-3341 (A vulnerability in the PDF parsing module) * Update symbol file. . [ Scott Kitterman ] * Add Suggests for unversioned libclamunrar package on clamav-daemon and clamav binaries clamav (0.102.3+dfsg-0~deb9u1) stretch; urgency=medium . [ Sebastian Andrzej Siewior ] * Import 0.102.3 - CVE-2020-3327 (A vulnerability in the ARJ archive parsing module) - CVE-2020-3341 (A vulnerability in the PDF parsing module) * Update symbol file. . [ Scott Kitterman ] * Add Suggests for unversioned libclamunrar package on clamav-daemon and clamav binaries clamav (0.102.2+dfsg-2) unstable; urgency=medium . * Add a patch to let freshclam consider CURL_CA_BUNDLE environment variable to set the CA bundle (like curl does) (Closes: #951057). * Recommend ca-certificates, new freshclash uses https by default. * Bump standards-version to 4.5.0 without further change * Use dh-compat level 12. clamav (0.102.2+dfsg-1) unstable; urgency=medium . * Import 0.102.2 - CVE-2020-3123 (DoS may occur in the optional DLP feature) (Closes: 950944). * Update symbol file. * Set ReceiveTimeout to 0 which is upstream default. cloud-init (20.2-2~deb10u1) buster; urgency=medium . * Release for buster. No further changes. . cloud-init (20.2-2) unstable; urgency=medium . * Add missing Build-Dep on python3-pytest . cloud-init (20.2-1) unstable; urgency=medium . * New upstream version * Drop patches that have been merged upstream * Switch to pytest for running tests, per upstream change . cloud-init (20.1-2) unstable; urgency=medium . * Fix python 3.8 incompatibility (Closes: #954276) * Cherry-pick fa1abfec2705 (ec2: only redact token request headers in logs, avoid altering request) from upstream. (Closes: #954363) * Cherry-pick 1f860e5ac7eb (ec2: Do not fallback to IMDSv1 on EC2) from upstream. . cloud-init (20.1-1) unstable; urgency=medium . * New upstream release * Remove patches applied upstream: - CVE-2020-8631.patch - CVE-2020-8632.patch * Refresh patches: - 0009-Drop-all-unused-extended-version-handling.patch * Reduce cloud-guest-utils from Depends to Recommends * Bump standards version to 4.5.0 (no changes needed) * Remove Charles Plessy from uploaders, as he is no longer active in the cloud team. . cloud-init (19.4-2) unstable; urgency=medium . * Import upstream fix for CVE-2020-8632. rand_user_password generates passwords of insufficient length. (Closes: #951363) * Import upstream fix for CVE-2020-8631. Cloud-init uses an insufficient source of randomness when generating passwords. (Closes: #951362) . cloud-init (19.4-1) unstable; urgency=medium . * New upstream release. * Update debian/copyright to note dual-dual license status (Closes: #866613) . cloud-init (19.3-2) unstable; urgency=medium . * Build-depends on python3-pep8 instead of just pep8 (Closes: #949940). . cloud-init (19.3-1) unstable; urgency=medium . * New upstream release. . cloud-init (19.2-4) unstable; urgency=medium . * Removed the last bit of Python2 build-depends (Closes: #942968). . cloud-init (19.2-3) unstable; urgency=medium . * Remove the patch for sources.list, and activate the option to preserve the sources.list by default (ie: apt_preserve_sources_list: true). . cloud-init (19.2-2) unstable; urgency=medium . * Comment out backports by default in apt/sources.list. * Standards-Version bump to 4.4.1. . cloud-init (19.2-1) unstable; urgency=medium . * New upstream release. (Closes: #931173, #936030) * Drop 0008-opennebula-also-exclude-epochseconds-from-changed-en.patch applied upstream. * Drop CVE-2019-0816_Filter_list_of_ssh_keys_pulled_from_fabric.patch also applied upstream. * Rebased patches: - 0009-Drop-all-unused-extended-version-handling.patch - 0012-Fix-message-when-a-local-is-missing.patch cloud-init (20.2-2~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. cloud-init (20.2-1) unstable; urgency=medium . * New upstream version * Drop patches that have been merged upstream * Switch to pytest for running tests, per upstream change cloud-init (20.1-2) unstable; urgency=medium . * Fix python 3.8 incompatibility (Closes: #954276) * Cherry-pick fa1abfec2705 (ec2: only redact token request headers in logs, avoid altering request) from upstream. (Closes: #954363) * Cherry-pick 1f860e5ac7eb (ec2: Do not fallback to IMDSv1 on EC2) from upstream. cloud-init (20.1-1) unstable; urgency=medium . * New upstream release * Remove patches applied upstream: - CVE-2020-8631.patch - CVE-2020-8632.patch * Refresh patches: - 0009-Drop-all-unused-extended-version-handling.patch * Reduce cloud-guest-utils from Depends to Recommends * Bump standards version to 4.5.0 (no changes needed) * Remove Charles Plessy from uploaders, as he is no longer active in the cloud team. cloud-init (19.4-2) unstable; urgency=medium . * Import upstream fix for CVE-2020-8632. rand_user_password generates passwords of insufficient length. (Closes: #951363) * Import upstream fix for CVE-2020-8631. Cloud-init uses an insufficient source of randomness when generating passwords. (Closes: #951362) cloud-init (19.4-1) unstable; urgency=medium . * New upstream release. * Update debian/copyright to note dual-dual license status (Closes: #866613) cloud-init (19.3-2) unstable; urgency=medium . * Build-depends on python3-pep8 instead of just pep8 (Closes: #949940). cloud-init (19.3-1) unstable; urgency=medium . * New upstream release. cloud-init (19.2-4) unstable; urgency=medium . * Removed the last bit of Python2 build-depends (Closes: #942968). cloud-init (19.2-3) unstable; urgency=medium . * Remove the patch for sources.list, and activate the option to preserve the sources.list by default (ie: apt_preserve_sources_list: true). cloud-init (19.2-2) unstable; urgency=medium . * Comment out backports by default in apt/sources.list. * Standards-Version bump to 4.4.1. cloud-init (19.2-1) unstable; urgency=medium . * New upstream release. * Drop 0008-opennebula-also-exclude-epochseconds-from-changed-en.patch applied upstream. * Drop CVE-2019-0816_Filter_list_of_ssh_keys_pulled_from_fabric.patch also applied upstream. * Rebased patches: - 0009-Drop-all-unused-extended-version-handling.patch - 0012-Fix-message-when-a-local-is-missing.patch commons-configuration2 (2.2-1+deb10u1) buster; urgency=medium . * CVE-2020-1953 (Closes: #954713) confget (2.2.0-4+deb10u1) buster; urgency=medium . * Fix the Python module's handling of values containing "=": - add the test-ini-eq patch to add a test for such values - add the python-value-eq patch to fix the problem - Closes: #959887 coturn (4.5.1.1-1.1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * specially crafted HTTP POST request can lead to heap overflow which can result in information leak (CVE-2020-6061) (Closes: #951876) * specially crafted HTTP POST request can lead to server crash and denial of service (CVE-2020-6062) (Closes: #951876) * init with zero any new or reused stun buffers (CVE-2020-4067) dbus (1.12.20-0+deb10u1) buster; urgency=medium . * New upstream stable release - CVE-2020-12049: Prevent a denial of service attack in which a local user can make the system dbus-daemon run out of file descriptors - Prevent use-after-free if two usernames share a uid - d/p/dbus-daemon-test-Don-t-test-fd-limits-if-in-an-unprivileg.patch: Drop patch, applied upstream. * d/gbp.conf: Configure for debian/buster dbus (1.12.18-1) unstable; urgency=medium . [ Simon McVittie ] * New upstream stable release - CVE-2020-12049: Prevent a denial of service attack in which a local user can make the system dbus-daemon run out of file descriptors - d/p/dbus-daemon-test-Don-t-test-fd-limits-if-in-an-unprivileg.patch: Drop patch, applied upstream. * Switch to debhelper-compat 12 - Don't restart systemd units on upgrade. Previously, this was handled by the dh_installinit override. - Add ${misc:Pre-Depends} to all binary packages. This is required for dbus for dh_installsystemd under dh compat level 12, and is harmless for the others. * dbus: Remove an unused Lintian override. Lintian used to warn twice for the statically-enabled dbus.service unit, but now only warns once. * dbus-tests: Silence package-contains-documentation-outside-usr-share-doc Lintian tag. The tests contain some READMEs that describe what is in their directory. * d/tests: Remove compatibility with deprecated ADTTMP. autopkgtest has supported AUTOPKGTEST_TMP long enough to use it unconditionally. * Introduce noinsttest build profile. This disables dbus-tests, and when combined with nocheck it disables the circular GLib dependency. * Remove non-standard pkg.dbus.minimal build profile. It was not a "safe" build profile (it altered the contents of binary packages, notably dropping LSM and systemd support, which could result in dependent packages being broken), and the combination of nocheck, nodoc and noinsttest achieves most of the same build-dependency reductions. * Explicitly build-depend on pkg-config. Previously, this was pulled in by libglib2.0-dev. (Closes: #945201) * d/upstream/metadata: Distinguish between Bug-Submit and Bug-Database * Change system bus socket to /run/dbus/system_bus_socket. The interoperable cross-distro path is /var/run/dbus/system_bus_socket, so this remains the upstream default for the benefit of distributions where /var/run and /run are (problematically) not guaranteed to be equivalent. However, Debian Policy since at least v4.1.5 guarantees that /var/run is a symlink to /run, and this has been implemented for several stable releases (since at least initscripts 2.88dsf-29 in 2012, in the sysvinit case), so it is harmless to prefer the path in /run, which has advantages in a few corner cases (ability to unmount /var is the main one) and avoids warnings from systemd. (Closes: #783321, #857678, #932105, #958289) * Standards-Version: 4.5.0 - Note that the user for `dbus-daemon --system` is still named 'messagebus' for historical reasons. If it was added today, we'd call it _dbus as per Policy §9.2.1, but this is not the right package to be experimenting with renaming system users. * d/dbus-udeb.postinst: Remove #DEBHELPER# token. debhelper doesn't actually substitute this in udebs, making it just an ordinary comment. . [ Debian Janitor ] * Remove trailing whitespace in d/changelog. * Use secure URI in Homepage field. * Re-export upstream signing key without extra signatures. * Set upstream metadata fields: Bug-Submit (from ./configure), Repository, Repository-Browse. dbus (1.12.16-2) unstable; urgency=medium . * Add bug number to previous changelog entry * Standards-Version: 4.4.1 (no changes required) - Note that dbus-user-session still has its previous dependencies, and has deliberately not been switched to the new default-logind virtual package. dbus-user-session relies on systemd --user: it is not enough to have systemd-logind or a compatible replacement like elogind. * d/dbus.init: Work around #940971 in libnss-systemd. If we are booting with a non-systemd init but libnss-systemd is still installed, tell libnss-systemd not to try to connect to dbus-daemon, which is never going to work well from inside dbus-daemon. * dbus.postinst: Append dbus to /run/reboot-required.pkgs on upgrade (Closes: #867263) debian-edu-config (2.10.65+deb10u6) buster; urgency=medium . [ Wolfgang Schweer ] * Fix loss of dynamically allocated v4 IP address. (Closes: #966129) - Drop etc/network/if-up.d/wpad-proxy-update. This script fails to work due to changed behaviour of the ifupdown/dhclient/systemd combination and now also causes the loss of a dynamically allocated ipv4 IP address about 30 minutes after booting. - Add code to d/debian-edu-config.postinstall to implement the intended proxy setting update after a WPAD change just after rebooting the system. (It would otherwise happen at first DHCP lease renewal ~15 minutes later.) - Adjust Makefile and debian/dirs. debian-installer (20190702+deb10u5) buster; urgency=medium . * Bump Linux ABI to 4.19.0-10. debian-installer-netboot-images (20190702+deb10u5) buster; urgency=medium . * Update to 20190702+deb10u5, from buster-proposed-updates. debian-ports-archive-keyring (2019.11.05~deb10u1) buster; urgency=medium . * Upload to buster. Closes: #952655. debian-security-support (2020.06.21~deb10u1) buster; urgency=medium . * Rebuild for buster. . debian-security-support (2020.06.21) unstable; urgency=medium . [ Mike Gabriel ] * Add cinder (OpenStack component) to security-support-ended.deb8. . debian-security-support (2020.06.11) unstable; urgency=medium . * Also add unbound to security-support-ended.deb8 - see DSA 4694-1 and https://lists.debian.org/debian-lts/2020/06/msg00024.html and follow-ups. . debian-security-support (2020.06.09) unstable; urgency=medium . [ Salvatore Bonaccorso ] * Add unbound to security-support-ended.deb9 (see DSA 4694-1). . debian-security-support (2020.05.22) unstable; urgency=medium . * Add pdns-recursor to security-support-ended.deb9 as explained in DSA-4691-1. . debian-security-support (2020.05.08) unstable; urgency=medium . [ Chris Lamb ] * Mark OpenStack packages as being unsupported in LTS; "jessie lost support from upstream just a few weeks after the release." debian-security-support (2020.06.21~deb9u1) stretch; urgency=medium . * This update for stretch only contains changes to the files security-support-limited and security-support-ended.deb(8|9|10) from version 2020.06.21 from unstable, the changes in detail are: - from 2020.06.21: * Add cinder (OpenStack component) to security-support-ended.deb8. - from 2020.06.11: * Also add unbound to security-support-ended.deb8 - see DSA 4694-1 and https://lists.debian.org/debian-lts/2020/06/msg00024.html and follow-ups. - from 2020.06.09: * Add unbound to security-support-ended.deb9 (see DSA 4694-1). - from 2020.05.22: * Add pdns-recursor to security-support-ended.deb9 as explained in DSA-4691-1. - from 2020.05.08: * Mark OpenStack packages as being unsupported in LTS; "jessie lost support from upstream just a few weeks after the release." - from 2020.04.16: * Add tor to security-support-ended.deb8 as well, see DSA 4644-1. * Add libperlspeak-perl to security-support-ended.deb(8|9|10), because of CVE-2020-10674 (#954238), also see #954297, #954298 and #954299. - from 2020.03.22: * Add tor to security-support-ended.deb9, see DSA 4644-1. - from 2020.03.15: * security-support-limited/zoneminder: declare limited support behind an authenticated HTTP zone (see #922724). - from 2020.03.05: * Add xen to security-support-ended.deb8. - from 2020.02.21: * Add nodejs to security-support-ended.deb8 and .deb9. - from 2020.01.21: * Add nethack to security-support-ended.deb8. * Mark xen as end-of-life for Stretch (DSA 4602-1). debian-security-support (2020.06.11) unstable; urgency=medium . * Also add unbound to security-support-ended.deb8 - see DSA 4694-1 and https://lists.debian.org/debian-lts/2020/06/msg00024.html and follow-ups. debian-security-support (2020.06.09) unstable; urgency=medium . [ Salvatore Bonaccorso ] * Add unbound to security-support-ended.deb9 (see DSA 4694-1). debian-security-support (2020.05.22) unstable; urgency=medium . * Add pdns-recursor to security-support-ended.deb9 as explained in DSA-4691-1. debian-security-support (2020.05.08) unstable; urgency=medium . [ Chris Lamb ] * Mark OpenStack packages as being unsupported in LTS; "jessie lost support from upstream just a few weeks after the release." debian-security-support (2020.04.16) unstable; urgency=medium . * Add tor to security-support-ended.deb8 as well, see DSA 4644-1. * Add libperlspeak-perl to security-support-ended.deb(8|9|10), because of CVE-2020-10674 (#954238), also see #954297, #954298 and #954299. docker.io (18.09.1+dfsg1-7.1+deb10u2) buster-security; urgency=medium . * Add upstream patch for CVE-2020-13401 (Closes: #962141) dovecot (1:2.3.4.1-5+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Apply upstream fixes for CVE-2020-10957, CVE-2020-10958 and CVE-2020-10967 (Closes: #960963) - lib-smtp: smtp-server-cmd-vrfy - Restructure parameter parsing. - lib-smtp: smtp-syntax - Do not allow NULL return parameters for smtp_string_parse(). - lib-smtp: smtp-syntax - Do not allow NULL return parameters for smtp_xtext_parse(). - lib-smtp: syntax: Fix smtp_ehlo_line_parse() to also record the last parameter. - lib-smtp: smtp-syntax - Do not allow NULL return parameters for smtp_ehlo_line_parse(). - lib-smtp: smtp-syntax - Return 0 for smtp_string_parse() with empty input. - lib-smtp: Add tests for smtp_string_parse() and smtp_string_write(). - lib-smtp: test-smtp-server-errors - Add tests for VRFY and NOOP commands with invalid parameters. - lib-smtp: server: command: Move core of smtp_server_command_submit_reply() into a separate function. - lib-smtp: smtp-server-command - Assign cmd->reg immediately. - lib-smtp: smtp-server-command - Guarantee that non-destroy hooks aren't called for an ended command. - lib-smtp: smtp-server-command - Perform initial command execution in separate function. - lib-smtp: smtp-server-connection - Hold a command reference while executing a command. - lib-smtp: test-smtp-server-errors - Add tests for large series of empty and bad commands. - lib-smtp: smtp-address - Don't return NULL from smtp_address_clone*() unless the input is NULL. - lib-smtp: smtp-address - Don't recognize an address with empty localpart as <>. - lmtp: lmtp-commands - Explicity prohibit empty RCPT path. dpdk (18.11.8-1~deb10u1) buster; urgency=medium . * New upstream version 18.11.8; For a list of changes see http://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html * Drop CVE patches, merged upstream * Drop 0008-Revert-common-octeontx-add-missing-public-symbol.patch, merged upstream * Refresh 0004-build-bump-minimum-Meson-version-to-0.47.1.patch for 18.11.8 * Add missing symbol from mapfile in librte-cfgfile . dpdk (18.11.6-1~deb10u2) buster-security; urgency=high . * Backport patches to fix CVE-2020-10722, CVE-2020-10723, CVE-2020-10724 which affect the vhost driver. dpdk (18.11.6-1) unstable; urgency=medium . [ Luca Boccassi ] * New upstream version 18.11.6; For a list of changes see http://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html * Drop avoid-as-needed-as-it-causes-overlinking.patch, merged upstream. * Refresh remaining patches to remove fuzz from 18.11.6. * Add patch to avoid changing stable symbol version, breaking ABI. * Update librte-eal18.11.symbols with new experimental symbol from 18.11.6 . [ Christian Ehrhardt ] * d/*.lintian-overrides: add overrides for a few known but accepted deficiencies . [ Luca Boccassi ] * Use chrpath to strip RPATH from dpdk-test binary * Add missing librte-gro symbols file dpdk (18.11.6-1~deb10u2) buster-security; urgency=high . * Backport patches to fix CVE-2020-10722, CVE-2020-10723, CVE-2020-10724 which affect the vhost driver. evolution-data-server (3.30.5-1+deb10u1) buster-security; urgency=medium . * CVE-2020-14928: Response Injection via STARTTLS in SMTP and POP3. exim4 (4.92-8+deb10u4) buster-security; urgency=high . * Fix authentication bypass in SPA authenticator due to out-of-bound buffer read. https://bugs.exim.org/show_bug.cgi?id=2571 CVE-2020-12783 exiv2 (0.25-4+deb10u1) buster; urgency=medium . * Non-maintainer upload by the Security Team. * Minor adjustment to the patch for CVE-2018-10958 and CVE-2018-10999. The initial patch was overly restrictive in counting PNG image chunks. * CVE-2018-16336: remote denial of service (heap-based buffer over-read) via a crafted image file. fdroidserver (1.1.7-1~deb10u1) buster; urgency=medium . * New upstream release targeted for Debian/buster (Closes: #954070) * Remove "Recommends" test, ci.debian.net do not support binfmt_misc: https://salsa.debian.org/ci-team/debian-ci-config/-/issues/1 fdroidserver (1.1.7-1~deb10u1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. fdroidserver (1.1.6-4) unstable; urgency=medium . * fix running Recommends: test in containers fdroidserver (1.1.6-2) unstable; urgency=medium . * fix autopkgtest: run in VM so binfmt can be properly setup (Closes: #954395) fdroidserver (1.1.6-1) unstable; urgency=medium . * New upstream release targeted for Debian/buster fdroidserver (1.1.6-1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. . fdroidserver (1.1.6-1) unstable; urgency=medium . * New upstream release targeted for Debian/buster . fdroidserver (1.1.4-1) unstable; urgency=medium . * New upstream release targeted for Debian/buster * remove upstreamed patches . fdroidserver (1.1.3-3) unstable; urgency=medium . * conditionally disable tests that can't work with apksigner . fdroidserver (1.1.3-2) unstable; urgency=medium . * fix Recommends test, MD5 test fails with apksigner present . fdroidserver (1.1.3-1) unstable; urgency=medium . * New upstream version 1.1.3 to fix test suite . fdroidserver (1.1.2-1) unstable; urgency=medium . * New upstream version 1.1.2 (Closes: #929905) . fdroidserver (1.1.1-1) unstable; urgency=medium . * New upstream release * Recommends: apksigner to support APK Signature v2 and v3 . fdroidserver (1.1-1) unstable; urgency=medium . * New upstream release . fdroidserver (1.0.10-1) unstable; urgency=medium . * New upstream version . fdroidserver (1.0.9-1) unstable; urgency=medium . * New upstream version . fdroidserver (1.0.8-3) unstable; urgency=medium . * hack to get autopkgtest to skip failing gpg test . fdroidserver (1.0.8-2) unstable; urgency=medium . * autopkgtest: explicitly purge gnupg so tests pass . fdroidserver (1.0.8-1) unstable; urgency=medium . * New upstream version * remove python3-distutils, it is no longer needed . fdroidserver (1.0.7-2) unstable; urgency=medium . * Depends: python3-distutils so its always there . fdroidserver (1.0.7-1) unstable; urgency=medium . * New upstream release * fix autopkgtest . fdroidserver (1.0.6-1) unstable; urgency=medium . * New upstream release . fdroidserver (1.0.4-3) unstable; urgency=medium . * fix autopkgtest run: working dir, and UTF-8 environment . fdroidserver (1.0.4-2) unstable; urgency=medium . * run upstream testsuite using autopkgtest . fdroidserver (1.0.4-1) unstable; urgency=medium . * New upstream version 1.0.4 * Standards-Version: 4.1.4 no changes * support all the Java 10 and 11 packages * works with only androguard, removed optional deps * add debian/upstream/metadata file * Depends: androguard only on arches where it works . fdroidserver (1.0.3-2) unstable; urgency=medium . * only depend on aapt/androguard/zipalign on arches where available . fdroidserver (1.0.3-1) unstable; urgency=medium . * New upstream version * tighten up Depends to install fewer packages . fdroidserver (1.0.2-1) unstable; urgency=medium . * New upstream version . fdroidserver (1.0.0-1) unstable; urgency=medium . * New upstream version 1.0.0 . fdroidserver (0.9.1-1) unstable; urgency=medium . * New upstream release . fdroidserver (0.8-1) unstable; urgency=medium . * New upstream release fdroidserver (1.1.4-1) unstable; urgency=medium . * New upstream release targeted for Debian/buster * remove upstreamed patches ffmpeg (7:4.1.6-1~deb10u1) buster-security; urgency=medium . * New upstream release ffmpeg (7:4.1.4-1) unstable; urgency=medium . [ James Cowgill ] * New upstream release. (LP: #1837480) - avformat/aadec: Check for scanf() failure (CVE-2019-12730) (Closes: #932469) . * d/copyright: Remove paragraph containing license files. * d/control: Bump standards version to 4.4.0. * d/ffmpeg-doc.doc-base*: - Move API docs to Programming/C section. - Index the main manual pages as well. Thanks to 積丹尼 Dan Jacobson for the suggestion. (Closes: #924528) * d/rules: - Disable crystalhd. (Closes: #917292) - Generate index.html file for the HTML manual pages. . [ Ondřej Nový ] * d/control: - Use debhelper-compat instead of debian/compat. file-roller (3.30.1-2+deb10u1) buster; urgency=medium . * CVE-2020-11736 (Closes: #956638) firefox-esr (68.10.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release * Fixes for mfsa2020-25, also known as: CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421. firefox-esr (68.10.0esr-1~deb9u1) stretch-security; urgency=medium . * New upstream release * Fixes for mfsa2020-25, also known as: CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421. firefox-esr (68.9.0esr-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-21, also known as: CVE-2020-12399, CVE-2020-12405, CVE-2020-12406, CVE-2020-12410. . * debian/rules: Force using old PKCS11 API when building against newer NSS releases. Closes: #961762. * debian/control*: Bump nss build dependencies. firefox-esr (68.9.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release * Fixes for mfsa2020-21, also known as: CVE-2020-12399, CVE-2020-12405, CVE-2020-12406, CVE-2020-12410. . * debian/rules: Force using old PKCS11 API when building against newer NSS releases. Closes: #961762. * debian/control*: Bump nss build dependencies. firefox-esr (68.9.0esr-1~deb9u1) stretch-security; urgency=medium . * New upstream release * Fixes for mfsa2020-21, also known as: CVE-2020-12399, CVE-2020-12405, CVE-2020-12406, CVE-2020-12410. . * debian/rules: Force using old PKCS11 API when building against newer NSS releases. Closes: #961762. * debian/control*: Bump nss build dependencies. firefox-esr (68.8.0esr-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-17, also known as: CVE-2020-12387, CVE-2020-6831, CVE-2020-12392, CVE-2020-12395. firefox-esr (68.8.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release * Fixes for mfsa2020-17, also known as: CVE-2020-12387, CVE-2020-6831, CVE-2020-12392, CVE-2020-12395. firefox-esr (68.8.0esr-1~deb9u1) stretch-security; urgency=medium . * New upstream release * Fixes for mfsa2020-17, also known as: CVE-2020-12387, CVE-2020-6831, CVE-2020-12392, CVE-2020-12395. firefox-esr (68.7.0esr-1) unstable; urgency=medium . * New upstream release * Fixes for mfsa2020-13, also known as: CVE-2020-6821, CVE-2020-6822, CVE-2020-6825. freerdp2 (2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2) buster; urgency=medium . [ Bernhard Miklautz ] * debian/patches - security releated backports from upstream * Add 0003-Fixed-6007-Boundary-checks-in-rdp_read_flow_control.patch * Add 0004-Fixed-6009-Bounds-checks-in-autodetect_recv_bandwidt.patch * Add 0005-Fixed-6006-bounds-checks-in-update_read_synchronize.patch * Add 0006-Fixed-6005-Bounds-checks-in-update_read_bitmap_data.patch * Add 0007-Fixed-6011-Bounds-check-in-rdp_read_font_capability.patch * Add 0008-Fixed-6013-Check-new-length-is-0.patch * Add 0009-Fix-6010-Check-length-in-read_icon_info.patch * Add 0010-Use-substreams-to-parse-gcc_read_server_data_blocks.patch * Add 0011-Fixed-Stream_-macros-bracing-arguments.patch * Add 0012-Use-safe-seek-for-capability-parsing.patch * Add 0013-Fixed-CVE-2020-11525-Out-of-bounds-read-in-bitmap_ca.patch (CVE-2020-11525). * Add 0014-Fixed-6012-CVE-2020-11526-Out-of-bounds-read-in-upda.patch (CVE-2020-11526). * Add 0015-Fix-CVE-2020-11523-clamp-invalid-rectangles-to-size-.patch (CVE-2020-11523). * Add 0016-Fix-CVE-2020-11524-out-of-bounds-access-in-interleav.patch (CVE-2020-11524). * Add 0017-Fixed-CVE-2020-11522-Limit-number-of-DELTA_RECT-to-4.patch (CVE-2020-11522). * Add 0018-Fixed-CVE-2020-11521-Out-of-bounds-write-in-planar-c.patch (CVE-2020-11521). * Add 0019-Fixed-possible-NULL-access.patch * Add 0020-Check-for-int-overflow-in-gdi_InvalidateRegion.patch . [ Mike Gabriel ] * debian/patches: + Add 0002_fix-channels-smartcard-fix-statusw-call.patch. Fix smartcard login failures. (Closes: #919281). fwupd (1.2.13-2) buster; urgency=medium . * No-change upload to pick up rotated Debian signing keys fwupd (1.2.13-1) stable; urgency=medium . * Update to 1.2.13 stable release. - Fixes issues on stable release (Closes: #961490) - Fixes vendor id hard requirement (Closes: #946623) - Fixes CVE-2020-10759 (Closes: #962517) * Add patch to revert new libxmlb requirement to allow working with libxmlb available in Buster. * debian/* changes backported from testing: - Refresh symbols - Install fwupdoffline binary - Install fwupd shutdown systemd unit - Refresh dependencies for modem manager plugin - Update copyright for new new contributors - Update watch file for correct upstream URL. fwupd (1.2.10-2) unstable; urgency=medium . [ Steve McIntyre ] * Add Built-Using for the fwupd-*-signed packages. Closes: #932757 fwupd (1.2.10-1) unstable; urgency=medium . * New upstream version (1.2.10) fwupd (1.2.9-1) unstable; urgency=medium . * New upstream version (1.2.9) fwupd (1.2.6-1) unstable; urgency=medium . * New upstream version (1.2.6) * debian/control: - Add new build depends related to Modem Manager fwupd-amd64-signed (1.2.13+2) buster; urgency=medium . * Update to fwupd version 1.2.13-2 fwupd-amd64-signed (1.2.13+1) stable; urgency=medium . * Update to fwupd version 1.2.13-1 fwupd-amd64-signed (1.2.10+2) unstable; urgency=medium . * Update to fwupd version 1.2.10-2 fwupd-amd64-signed (1.2.10+1) unstable; urgency=medium . * Update to fwupd version 1.2.10-1 fwupd-amd64-signed (1.2.9+1) unstable; urgency=medium . * Update to fwupd version 1.2.9-1 fwupd-amd64-signed (1.2.6+1) unstable; urgency=medium . * Update to fwupd version 1.2.6-1 fwupd-arm64-signed (1.2.13+2) buster; urgency=medium . * Update to fwupd version 1.2.13-2 fwupd-arm64-signed (1.2.13+1) stable; urgency=medium . * Update to fwupd version 1.2.13-1 fwupd-arm64-signed (1.2.10+2) unstable; urgency=medium . * Update to fwupd version 1.2.10-2 fwupd-arm64-signed (1.2.10+1) unstable; urgency=medium . * Update to fwupd version 1.2.10-1 fwupd-arm64-signed (1.2.9+1) unstable; urgency=medium . * Update to fwupd version 1.2.9-1 fwupd-arm64-signed (1.2.6+1) unstable; urgency=medium . * Update to fwupd version 1.2.6-1 fwupd-armhf-signed (1.2.13+2) buster; urgency=medium . * Update to fwupd version 1.2.13-2 fwupd-armhf-signed (1.2.13+1) stable; urgency=medium . * Update to fwupd version 1.2.13-1 fwupd-armhf-signed (1.2.10+2) unstable; urgency=medium . * Update to fwupd version 1.2.10-2 fwupd-armhf-signed (1.2.10+1) unstable; urgency=medium . * Update to fwupd version 1.2.10-1 fwupd-armhf-signed (1.2.9+1) unstable; urgency=medium . * Update to fwupd version 1.2.9-1 fwupd-armhf-signed (1.2.6+1) unstable; urgency=medium . * Update to fwupd version 1.2.6-1 fwupd-i386-signed (1.2.13+2) buster; urgency=medium . * Update to fwupd version 1.2.13-2 fwupd-i386-signed (1.2.13+1) stable; urgency=medium . * Update to fwupd version 1.2.13-1 fwupd-i386-signed (1.2.10+2) unstable; urgency=medium . * Update to fwupd version 1.2.10-2 fwupd-i386-signed (1.2.10+1) unstable; urgency=medium . * Update to fwupd version 1.2.10-1 fwupd-i386-signed (1.2.9+1) unstable; urgency=medium . * Update to fwupd version 1.2.9-1 fwupd-i386-signed (1.2.6+1) unstable; urgency=medium . * Update to fwupd version 1.2.6-1 fwupdate (12-4+deb10u1) buster; urgency=medium fwupdate-amd64-signed (12+4+deb10u1) buster; urgency=medium . * Update to fwupdate version 12-4+deb10u1 fwupdate-arm64-signed (12+4+deb10u1) buster; urgency=medium . * Update to fwupdate version 12-4+deb10u1 fwupdate-armhf-signed (12+4+deb10u1) buster; urgency=medium . * Update to fwupdate version 12-4+deb10u1 fwupdate-i386-signed (12+4+deb10u1) buster; urgency=medium . * Update to fwupdate version 12-4+deb10u1 gist (5.0.0-2+deb10u1) buster; urgency=medium . * Avoid deprecated authorization API (Closes: #964544) glib-networking (2.58.0-2+deb10u2) buster; urgency=medium . * Break balsa older than 2.5.6-2+deb10u1 as the fix for CVE-2020-13645 breaks balsa's certificate verification (see #961792). glib-networking (2.58.0-2+deb10u1) buster; urgency=medium . * Team upload * d/p/Return-bad-identity-error-if-identity-is-unset.patch: Backport fix for CVE-2020-13645 from upstream (Closes: #961756) gnutls28 (3.6.7-4+deb10u5) buster; urgency=medium . * 42_rel3.6.11_10-session-tickets-parse-extension-during-session-resum.patch from GNUTLS 3.6.11: Fix TL1.2 resumption errors. Closes: #956649 * 47_rel3.6.13_10-session_pack-fix-leak-in-error-path.patch from GNUTLS 3.6.14: One line fix for memory leak. Closes: #958704 * Rename 44_rel3.6.14_01-stek-differentiate-initial-state-from-valid-time-win.patch (security upload) to 44_rel3.6.14_90_... to be able to pull earlier fixes from 3.6.14 and have correct patch filename order. * 44_rel3.6.14_10-Update-session_ticket.c-to-add-support-for-zero-leng.patch from GnuTLS 3.6.14: Handle zero length session tickets, fixing connection errors on TLS1.2 sessions to some big hosting providers. (See LP 1876286) * 44_rel3.6.14_15-_gnutls_pkcs11_verify_crt_status-check-validity-agai.patch 44_rel3.6.14_16-x509-trigger-fallback-verification-path-when-cert-is.patch 44_rel3.6.14_17-tests-add-test-case-for-certificate-chain-supersedin.patch backported from GnuTLS 3.6.14: Fix verification error with alternate chains. Closes: #961889 gnutls28 (3.6.7-4+deb10u4) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * GNUTLS-SA-2020-06-03: Flaw in TLS session ticket key construction (CVE-2020-13777) (Closes: #962289) graphicsmagick (1.4+really1.3.35-1~deb10u1) buster-security; urgency=high . * Security backport for Buster. * Relax Standards-Version to 4.3.0 . . graphicsmagick (1.4+really1.3.35-1) unstable; urgency=high . * New upstream release, fixing the following security issues among others: - ReadSVGImage(): Fix dereference of NULL pointer when stopping image timer, - DrawImage(): Fix integer-overflow in DrawPolygonPrimitive() . * Update library symbols for this release. . [ Nicolas Boulenguez ] * mime: improve formatting. * mime: adjust priority for all images (closes: #951758). . graphicsmagick (1.4+really1.3.34+hg16230-1) unstable; urgency=medium . * Mercurial snapshot, fixing the following security issues: - WritePICTImage(): Eliminating small buffer overrun when run-length encoding pixels, - WriteOneJNGImage(): Detect when JPEG encoder has failed, and throw exception, - DecodeImage(): Fix heap buffer over-reads, - DecodeImage(): Allocate extra scanline memory to allow small RLE overrun. * Update library symbols for this release. * Update Standards-Version to 4.5.0 . . graphicsmagick (1.4+really1.3.34+hg16181-1) unstable; urgency=medium . * Mercurial snapshot, fixing the following security issue: - WritePCXImage(): Fix heap overflow in PCX writer when bytes per line value overflows its 16-bit storage unit. * Fix definition of ResourceInfinity. . [ Nicolas Boulenguez ] * Lower MIME priority for PS/PDF (closes: #935099). . graphicsmagick (1.4+really1.3.34-2) unstable; urgency=medium . * Still use glibc malloc allocator. . graphicsmagick (1.4+really1.3.34-1) unstable; urgency=high . * New upstream release, fixing the following security issues among others: - PNMInteger(): Place a generous arbitrary limit on the amount of PNM comment text to avoid DoS opportunity, - MagickClearException(): Destroy any existing exception info before re-initializing the exception info or else there will be a memory leak, - HuffmanDecodeImage(): Fix signed overflow on range check which leads to heap overflow, - ReadMNGImage(): Only magnify the image if the requested magnification methods are supported, - GenerateEXIFAttribute(): Add validations to prevent heap buffer overflow, - DrawPatternPath(): Don't leak memory if fill_pattern or stroke_pattern of cloned draw_info are not null, - CVE-2019-19953: PICT: Throw a writer exception if the PICT width limit is exceeded (closes: #947311). * Build with Google Thread-Caching Malloc library. * Update Standards-Version to 4.4.1 . . graphicsmagick (1.4+really1.3.33+hg16117-1) unstable; urgency=high . * Mercurial snapshot, fixing the following security issue: - CVE-2019-16709: ReadDPSImage(): Fix memory leak when OpenBlob() reports failure. . graphicsmagick (1.4+really1.3.33+hg16115-1) unstable; urgency=high . * Mercurial snapshot, fixing the following security issues: - ReadMNGImage(): skip coalescing layers if there is only one layer, - DrawStrokePolygon(): handle case where TraceStrokePolygon() returns NULL, - DrawDashPolygon(): handle case where DrawStrokePolygon() returns MagickFail, - TraceBezier(): detect arithmetic overflow and return errors via normal error path rather than exiting, - ExtractTokensBetweenPushPop(): fix non-terminal parsing loop, - GenerateEXIFAttribute(): check that we are not being directed to read an IFD that we are already parsing and quit in order to avoid a loop, - ReallocColormap(): avoid dereferencing a NULL pointer if image->colormap is NULL, - png_read_raw_profile(): fix validation of raw profile length, - TraceArcPath(): substitute a lineto command when tracing arc is impossible, - GenerateEXIFAttribute(): skip unsupported/invalid format 0. . graphicsmagick (1.4+really1.3.33-1) unstable; urgency=medium . * New upstream release, including many security fixes. . graphicsmagick (1.4+really1.3.32-1) unstable; urgency=high . * New upstream release, fixing the following security issues among others: - DrawImage(): Terminate drawing if DrawCompositeMask() reports failure, - DrawImage(): Detect an error in TracePath() and quit rather than forging on. * Backport security fixes: - ReadTIFFImage(): Fix typo in initialization of 'tile' pointer variable, - WriteDIBImage(): Detect arithmetic overflow of image_size, - WriteBMPImage(): Detect arithmetic overflow of image_size, - WriteBMPImage(): Assure that chromaticity uses double-precision for multiply before casting to unsigned integer. . graphicsmagick (1.4~hg16039-1) unstable; urgency=high . * Mercurial snapshot, fixing the following security issues: - ImportRLEPixels(): Fix heap overflow caused by a typo in the code. Also fix undefined behavior caused by large left shifts of an unsigned char, - ThrowException(), ThrowLoggedException(): Handle the case where some passed character strings refer to existing exception character strings, - PICT: Allocate output buffer used by ExpandBuffer() on DecodeImage() stack, - WritePDFImage(): Allocate working buffer on stack and pass as argument to EscapeParenthesis() to eliminate a thread safety problem, - TranslateTextEx(): Remove support for reading from a file using '@filename' syntax, - DrawImage(): Only support '@filename' syntax to read drawing primitive from a file if we are not already drawing. * Update library symbols for this release. graphicsmagick (1.4+really1.3.34+hg16230-1) unstable; urgency=medium . * Mercurial snapshot, fixing the following security issues: - WritePICTImage(): Eliminating small buffer overrun when run-length encoding pixels, - WriteOneJNGImage(): Detect when JPEG encoder has failed, and throw exception, - DecodeImage(): Fix heap buffer over-reads, - DecodeImage(): Allocate extra scanline memory to allow small RLE overrun. * Update library symbols for this release. * Update Standards-Version to 4.5.0 . graphicsmagick (1.4+really1.3.34+hg16181-1) unstable; urgency=medium . * Mercurial snapshot, fixing the following security issue: - WritePCXImage(): Fix heap overflow in PCX writer when bytes per line value overflows its 16-bit storage unit. * Fix definition of ResourceInfinity. . [ Nicolas Boulenguez ] * Lower MIME priority for PS/PDF (closes: #935099). graphicsmagick (1.4+really1.3.34-2) unstable; urgency=medium . * Still use glibc malloc allocator. graphicsmagick (1.4+really1.3.34-1) unstable; urgency=high . * New upstream release, fixing the following security issues among others: - PNMInteger(): Place a generous arbitrary limit on the amount of PNM comment text to avoid DoS opportunity, - MagickClearException(): Destroy any existing exception info before re-initializing the exception info or else there will be a memory leak, - HuffmanDecodeImage(): Fix signed overflow on range check which leads to heap overflow, - ReadMNGImage(): Only magnify the image if the requested magnification methods are supported, - GenerateEXIFAttribute(): Add validations to prevent heap buffer overflow, - DrawPatternPath(): Don't leak memory if fill_pattern or stroke_pattern of cloned draw_info are not null, - CVE-2019-19953: PICT: Throw a writer exception if the PICT width limit is exceeded (closes: #947311). * Build with Google Thread-Caching Malloc library. * Update Standards-Version to 4.4.1 . graphicsmagick (1.4+really1.3.33+hg16117-1) unstable; urgency=high . * Mercurial snapshot, fixing the following security issue: - CVE-2019-16709: ReadDPSImage(): Fix memory leak when OpenBlob() reports failure. graphicsmagick (1.4+really1.3.33+hg16115-1) unstable; urgency=high . * Mercurial snapshot, fixing the following security issues: - ReadMNGImage(): skip coalescing layers if there is only one layer, - DrawStrokePolygon(): handle case where TraceStrokePolygon() returns NULL, - DrawDashPolygon(): handle case where DrawStrokePolygon() returns MagickFail, - TraceBezier(): detect arithmetic overflow and return errors via normal error path rather than exiting, - ExtractTokensBetweenPushPop(): fix non-terminal parsing loop, - GenerateEXIFAttribute(): check that we are not being directed to read an IFD that we are already parsing and quit in order to avoid a loop, - ReallocColormap(): avoid dereferencing a NULL pointer if image->colormap is NULL, - png_read_raw_profile(): fix validation of raw profile length, - TraceArcPath(): substitute a lineto command when tracing arc is impossible, - GenerateEXIFAttribute(): skip unsupported/invalid format 0. graphicsmagick (1.4+really1.3.33-1) unstable; urgency=medium . * New upstream release, including many security fixes. graphicsmagick (1.4+really1.3.32-1) unstable; urgency=high . * New upstream release, fixing the following security issues among others: - DrawImage(): Terminate drawing if DrawCompositeMask() reports failure, - DrawImage(): Detect an error in TracePath() and quit rather than forging on. * Backport security fixes: - ReadTIFFImage(): Fix typo in initialization of 'tile' pointer variable, - WriteDIBImage(): Detect arithmetic overflow of image_size, - WriteBMPImage(): Detect arithmetic overflow of image_size, - WriteBMPImage(): Assure that chromaticity uses double-precision for multiply before casting to unsigned integer. graphicsmagick (1.4~hg16039-1) unstable; urgency=high . * Mercurial snapshot, fixing the following security issues: - ImportRLEPixels(): Fix heap overflow caused by a typo in the code. Also fix undefined behavior caused by large left shifts of an unsigned char, - ThrowException(), ThrowLoggedException(): Handle the case where some passed character strings refer to existing exception character strings, - PICT: Allocate output buffer used by ExpandBuffer() on DecodeImage() stack, - WritePDFImage(): Allocate working buffer on stack and pass as argument to EscapeParenthesis() to eliminate a thread safety problem, - TranslateTextEx(): Remove support for reading from a file using '@filename' syntax, - DrawImage(): Only support '@filename' syntax to read drawing primitive from a file if we are not already drawing. * Update library symbols for this release. grub-efi-amd64-signed (1+2.02+dfsg1+20+deb10u2) buster-security; urgency=high . * Update to grub2 2.02+dfsg1-20+deb10u2 grub-efi-amd64-signed (1+2.02+dfsg1+20+deb10u1) buster-security; urgency=high . * Update to grub2 2.02+dfsg1-20+deb10u1 grub-efi-arm64-signed (1+2.02+dfsg1+20+deb10u2) buster-security; urgency=high . * Update to grub2 2.02+dfsg1-20+deb10u2 grub-efi-arm64-signed (1+2.02+dfsg1+20+deb10u1) buster-security; urgency=high . * Update to grub2 2.02+dfsg1-20+deb10u1 grub-efi-ia32-signed (1+2.02+dfsg1+20+deb10u2) buster-security; urgency=high . * Update to grub2 2.02+dfsg1-20+deb10u2 grub-efi-ia32-signed (1+2.02+dfsg1+20+deb10u1) buster-security; urgency=high . * Update to grub2 2.02+dfsg1-20+deb10u1 grub2 (2.02+dfsg1-20+deb10u2) buster-security; urgency=high . * Fix a regression caused by "efi: fix some malformed device path arithmetic errors" (thanks, Chris Coulson and Steve McIntyre; closes: #966554). grub2 (2.02+dfsg1-20+deb10u1) buster-security; urgency=high . * Backport security patch series from upstream: - CVE-2020-10713: yylex: Make lexer fatal errors actually be fatal - safemath: Add some arithmetic primitives that check for overflow - calloc: Make sure we always have an overflow-checking calloc() available - CVE-2020-14308: calloc: Use calloc() at most places - CVE-2020-14309, CVE-2020-14310, CVE-2020-14311: malloc: Use overflow checking primitives where we do complex allocations - iso9660: Don't leak memory on realloc() failures - font: Do not load more than one NAME section - gfxmenu: Fix double free in load_image() - xnu: Fix double free in grub_xnu_devprop_add_property() - lzma: Make sure we don't dereference past array - term: Fix overflow on user inputs - udf: Fix memory leak - tftp: Do not use priority queue - relocator: Protect grub_relocator_alloc_chunk_addr() input args against integer underflow/overflow - relocator: Protect grub_relocator_alloc_chunk_align() max_addr against integer underflow - script: Remove unused fields from grub_script_function struct - CVE-2020-15706: script: Avoid a use-after-free when redefining a function during execution - relocator: Fix grub_relocator_alloc_chunk_align() top memory allocation - hfsplus: fix two more overflows - lvm: fix two more potential data-dependent alloc overflows - emu: make grub_free(NULL) safe - efi: fix some malformed device path arithmetic errors - update safemath with fallback code for gcc older than 5.1 - efi: Fix use-after-free in halt/reboot path - linux loader: avoid overflow on initrd size calculation - CVE-2020-15707: linux: Fix integer overflows in initrd size handling * Apply overflow checking to allocations in Debian patches: - CVE-2020-15707: efilinux: Fix integer overflows in grub_cmd_initrd - bootp: Fix integer overflow in parse_dhcp6_option - unix/config: Fix integer overflow in grub_util_load_config - deviceiter: Fix integer overflow in grub_util_iterate_devices imagemagick (8:6.9.10.23+dfsg-2.1+deb10u1) buster-security; urgency=medium . * CVE-2019-10649 * CVE-2019-11470 (Closes: #927830) * CVE-2019-11472 (Closes: #927828) * CVE-2019-11597 (Closes: #928207) * CVE-2019-11598 (Closes: #928206) * CVE-2019-12974 (Closes: #931196) * CVE-2019-12975 (Closes: #931193) * CVE-2019-12976 (Closes: #931192) * CVE-2019-12977 (Closes: #931191) * CVE-2019-12978 (Closes: #931190) * CVE-2019-12979 (Closes: #931189) * CVE-2019-13135 (Closes: #932079) * CVE-2019-13137 (Closes: #931342) * CVE-2019-13295 (Closes: #931457) * CVE-2019-13297 (Closes: #931455) * CVE-2019-13300 (Closes: #931454) * CVE-2019-13301 * CVE-2019-13304 (Closes: #931453) * CVE-2019-13305 (Closes: #931452) * CVE-2019-13307 (Closes: #931448) * CVE-2019-13308 (Closes: #931447) * CVE-2019-13309 * CVE-2019-13311 * CVE-2019-13454 (Closes: #931740) * CVE-2019-14981 (Closes: #955025) * CVE-2019-15139 (Closes: #941670) * CVE-2019-15140 (Closes: #941671) * CVE-2019-16708 * CVE-2019-16710 * CVE-2019-16711 * CVE-2019-16713 * CVE-2019-7175 * CVE-2019-7395 * CVE-2019-7396 * CVE-2019-7397 * CVE-2019-7398 * CVE-2019-19948 (Closes: #947308) * CVE-2019-19949 (Closes: #947309) Thanks for Marc Deslauriers for patches from the 19.10 USN update (same base version) intel-microcode (3.20200616.1~deb10u1) buster; urgency=high . * Rebuild for Debian stable (buster), no changes . intel-microcode (3.20200616.1) unstable; urgency=high . * New upstream microcode datafile 20200616 + Downgraded microcodes (to a previously shipped revision): sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376 sig 0x000506e3, pf_mask 0x36, 2019-10-03, rev 0x00d6, size 101376 * Works around hangs on boot on Skylake-U/Y and Skylake Xeon E3, https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/31 * This update *removes* the SRBDS mitigations from the above processors * Note that Debian had already downgraded 0x406e3 in release 3.20200609.2 intel-microcode (3.20200616.1~deb9u1) stretch; urgency=high . * Rebuild for Debian oldstable (stretch), no changes . intel-microcode (3.20200616.1) unstable; urgency=high . * New upstream microcode datafile 20200616 + Downgraded microcodes (to a previously shipped revision): sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376 sig 0x000506e3, pf_mask 0x36, 2019-10-03, rev 0x00d6, size 101376 * Works around hangs on boot on Skylake-U/Y and Skylake Xeon E3, https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/31 * This update *removes* the SRBDS mitigations from the above processors * Note that Debian had already downgraded 0x406e3 in release 3.20200609.2 intel-microcode (3.20200609.2) unstable; urgency=medium . * REGRESSION FIX: 0x406e3: rollback to rev 0xd6 and document regression * Microcode rollbacks (closes: LP#1883002) sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376 * THIS REMOVES THE SECURITY FIXES FOR SKYLAKE-U/Y PROCESSORS * Avoid hangs on boot on (some?) Skylake-U/Y processors, https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/31 * ucode-blacklist: blacklist models 0x8e and 0x9e from late-loading, just in case. Note that Debian does not do late loading by itself. Refer to LP#1883002 for the report, 0x806ec hangs upon late load. intel-microcode (3.20200609.2~deb10u1) buster-security; urgency=high . * Rebuild for buster-security, no changes Refer to changelog entries for 3.20200609.2 and 3.20200609.1 for details . intel-microcode (3.20200609.2) unstable; urgency=medium . * REGRESSION FIX: 0x406e3: rollback to rev 0xd6 and document regression * Microcode rollbacks (closes: LP#1883002) sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376 * THIS REMOVES THE SECURITY FIXES FOR SKYLAKE-U/Y PROCESSORS * Avoid hangs on boot on (some?) Skylake-U/Y processors, https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/31 * ucode-blacklist: blacklist models 0x8e and 0x9e from late-loading, just in case. Note that Debian does not do late loading by itself. Refer to LP#1883002 for the report, 0x806ec hangs upon late load. . intel-microcode (3.20200609.1) unstable; urgency=high . * SECURITY UPDATE * For most processors: SRBDS and/or VRDS, L1DCES mitigations depending on the processor model * For Skylake HEDT and Skylake Xeons with signature 0x50654: VRDS and L1DCES mitigations, plus mitigations described in the changelog entry for package release 3.20191112.1. * Expect some performance impact, the mitigations are enabled by default. A Linux kernel update will be issued that allows one to selectively disable the mitigations. * New upstream microcode datafile 20200609 * Implements mitigation for CVE-2020-0543 Special Register Buffer Data Sampling (SRBDS), INTEL-SA-00320, CROSSTalk * Implements mitigation for CVE-2020-0548 Vector Register Data Sampling (VRDS), INTEL-SA-00329 * Implements mitigation for CVE-2020-0549 L1D Cache Eviction Sampling (L1DCES), INTEL-SA-00329 * Known to fix the regression introduced in release 2019-11-12 (sig 0x50564, rev. 0x2000065), which would cause several systems with Skylake Xeon, Skylake HEDT processors to hang while rebooting * Updated Microcodes: sig 0x000306c3, pf_mask 0x32, 2019-11-12, rev 0x0028, size 23552 sig 0x000306d4, pf_mask 0xc0, 2019-11-12, rev 0x002f, size 19456 sig 0x00040651, pf_mask 0x72, 2019-11-12, rev 0x0026, size 22528 sig 0x00040661, pf_mask 0x32, 2019-11-12, rev 0x001c, size 25600 sig 0x00040671, pf_mask 0x22, 2019-11-12, rev 0x0022, size 14336 sig 0x000406e3, pf_mask 0xc0, 2020-04-27, rev 0x00dc, size 104448 sig 0x00050653, pf_mask 0x97, 2020-04-24, rev 0x1000157, size 32768 sig 0x00050654, pf_mask 0xb7, 2020-04-24, rev 0x2006906, size 34816 sig 0x00050656, pf_mask 0xbf, 2020-04-23, rev 0x4002f01, size 52224 sig 0x00050657, pf_mask 0xbf, 2020-04-23, rev 0x5002f01, size 52224 sig 0x000506e3, pf_mask 0x36, 2020-04-27, rev 0x00dc, size 104448 sig 0x000806e9, pf_mask 0x10, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806e9, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806ea, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806eb, pf_mask 0xd0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806ec, pf_mask 0x94, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906e9, pf_mask 0x2a, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906ea, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400 sig 0x000906eb, pf_mask 0x02, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906ec, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400 sig 0x000906ed, pf_mask 0x22, 2020-04-23, rev 0x00d6, size 103424 * Restores the microcode-level fixes that were reverted by release 3.20191115.2 for sig 0x50654 (Skylake Xeon, Skylake HEDT) . intel-microcode (3.20200520.1) unstable; urgency=medium . * New upstream microcode datafile 20200520 + Updated Microcodes: sig 0x000206d6, pf_mask 0x6d, 2020-03-04, rev 0x0621, size 18432 sig 0x000206d7, pf_mask 0x6d, 2020-03-24, rev 0x071a, size 19456 . intel-microcode (3.20200508.1) unstable; urgency=medium . * New upstream microcode datafile 20200508 + Updated Microcodes: sig 0x000706e5, pf_mask 0x80, 2020-03-12, rev 0x0078, size 107520 * Likely fixes several critical errata on IceLake-U/Y causing system hangs intel-microcode (3.20200609.2~deb9u1) stretch-security; urgency=high . * Rebuild for stretch-security, no changes Refer to changelog entries for 3.20200609.2 and 3.20200609.1 for details . intel-microcode (3.20200609.2) unstable; urgency=medium . * REGRESSION FIX: 0x406e3: rollback to rev 0xd6 and document regression * Microcode rollbacks (closes: LP#1883002) sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376 * THIS REMOVES THE SECURITY FIXES FOR SKYLAKE-U/Y PROCESSORS * Avoid hangs on boot on (some?) Skylake-U/Y processors, https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/31 * ucode-blacklist: blacklist models 0x8e and 0x9e from late-loading, just in case. Note that Debian does not do late loading by itself. Refer to LP#1883002 for the report, 0x806ec hangs upon late load. . intel-microcode (3.20200609.1) unstable; urgency=high . * SECURITY UPDATE * For most processors: SRBDS and/or VRDS, L1DCES mitigations depending on the processor model * For Skylake HEDT and Skylake Xeons with signature 0x50654: VRDS and L1DCES mitigations, plus mitigations described in the changelog entry for package release 3.20191112.1. * Expect some performance impact, the mitigations are enabled by default. A Linux kernel update will be issued that allows one to selectively disable the mitigations. * New upstream microcode datafile 20200609 * Implements mitigation for CVE-2020-0543 Special Register Buffer Data Sampling (SRBDS), INTEL-SA-00320, CROSSTalk * Implements mitigation for CVE-2020-0548 Vector Register Data Sampling (VRDS), INTEL-SA-00329 * Implements mitigation for CVE-2020-0549 L1D Cache Eviction Sampling (L1DCES), INTEL-SA-00329 * Known to fix the regression introduced in release 2019-11-12 (sig 0x50564, rev. 0x2000065), which would cause several systems with Skylake Xeon, Skylake HEDT processors to hang while rebooting * Updated Microcodes: sig 0x000306c3, pf_mask 0x32, 2019-11-12, rev 0x0028, size 23552 sig 0x000306d4, pf_mask 0xc0, 2019-11-12, rev 0x002f, size 19456 sig 0x00040651, pf_mask 0x72, 2019-11-12, rev 0x0026, size 22528 sig 0x00040661, pf_mask 0x32, 2019-11-12, rev 0x001c, size 25600 sig 0x00040671, pf_mask 0x22, 2019-11-12, rev 0x0022, size 14336 sig 0x000406e3, pf_mask 0xc0, 2020-04-27, rev 0x00dc, size 104448 sig 0x00050653, pf_mask 0x97, 2020-04-24, rev 0x1000157, size 32768 sig 0x00050654, pf_mask 0xb7, 2020-04-24, rev 0x2006906, size 34816 sig 0x00050656, pf_mask 0xbf, 2020-04-23, rev 0x4002f01, size 52224 sig 0x00050657, pf_mask 0xbf, 2020-04-23, rev 0x5002f01, size 52224 sig 0x000506e3, pf_mask 0x36, 2020-04-27, rev 0x00dc, size 104448 sig 0x000806e9, pf_mask 0x10, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806e9, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806ea, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806eb, pf_mask 0xd0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806ec, pf_mask 0x94, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906e9, pf_mask 0x2a, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906ea, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400 sig 0x000906eb, pf_mask 0x02, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906ec, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400 sig 0x000906ed, pf_mask 0x22, 2020-04-23, rev 0x00d6, size 103424 * Restores the microcode-level fixes that were reverted by release 3.20191115.2 for sig 0x50654 (Skylake Xeon, Skylake HEDT) . intel-microcode (3.20200520.1) unstable; urgency=medium . * New upstream microcode datafile 20200520 + Updated Microcodes: sig 0x000206d6, pf_mask 0x6d, 2020-03-04, rev 0x0621, size 18432 sig 0x000206d7, pf_mask 0x6d, 2020-03-24, rev 0x071a, size 19456 . intel-microcode (3.20200508.1) unstable; urgency=medium . * New upstream microcode datafile 20200508 + Updated Microcodes: sig 0x000706e5, pf_mask 0x80, 2020-03-12, rev 0x0078, size 107520 * Likely fixes several critical errata on IceLake-U/Y causing system hangs intel-microcode (3.20200609.1) unstable; urgency=high . * SECURITY UPDATE * For most processors: SRBDS and/or VRDS, L1DCES mitigations depending on the processor model * For Skylake HEDT and Skylake Xeons with signature 0x50654: VRDS and L1DCES mitigations, plus mitigations described in the changelog entry for package release 3.20191112.1. * Expect some performance impact, the mitigations are enabled by default. A Linux kernel update will be issued that allows one to selectively disable the mitigations. * New upstream microcode datafile 20200609 * Implements mitigation for CVE-2020-0543 Special Register Buffer Data Sampling (SRBDS), INTEL-SA-00320, CROSSTalk * Implements mitigation for CVE-2020-0548 Vector Register Data Sampling (VRDS), INTEL-SA-00329 * Implements mitigation for CVE-2020-0549 L1D Cache Eviction Sampling (L1DCES), INTEL-SA-00329 * Known to fix the regression introduced in release 2019-11-12 (sig 0x50564, rev. 0x2000065), which would cause several systems with Skylake Xeon, Skylake HEDT processors to hang while rebooting * Updated Microcodes: sig 0x000306c3, pf_mask 0x32, 2019-11-12, rev 0x0028, size 23552 sig 0x000306d4, pf_mask 0xc0, 2019-11-12, rev 0x002f, size 19456 sig 0x00040651, pf_mask 0x72, 2019-11-12, rev 0x0026, size 22528 sig 0x00040661, pf_mask 0x32, 2019-11-12, rev 0x001c, size 25600 sig 0x00040671, pf_mask 0x22, 2019-11-12, rev 0x0022, size 14336 sig 0x000406e3, pf_mask 0xc0, 2020-04-27, rev 0x00dc, size 104448 sig 0x00050653, pf_mask 0x97, 2020-04-24, rev 0x1000157, size 32768 sig 0x00050654, pf_mask 0xb7, 2020-04-24, rev 0x2006906, size 34816 sig 0x00050656, pf_mask 0xbf, 2020-04-23, rev 0x4002f01, size 52224 sig 0x00050657, pf_mask 0xbf, 2020-04-23, rev 0x5002f01, size 52224 sig 0x000506e3, pf_mask 0x36, 2020-04-27, rev 0x00dc, size 104448 sig 0x000806e9, pf_mask 0x10, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806e9, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806ea, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806eb, pf_mask 0xd0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806ec, pf_mask 0x94, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906e9, pf_mask 0x2a, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906ea, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400 sig 0x000906eb, pf_mask 0x02, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906ec, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400 sig 0x000906ed, pf_mask 0x22, 2020-04-23, rev 0x00d6, size 103424 * Restores the microcode-level fixes that were reverted by release 3.20191115.2 for sig 0x50654 (Skylake Xeon, Skylake HEDT) intel-microcode (3.20200609.1~deb10u1) buster-security; urgency=high . * Rebuild for buster-security, no changes . intel-microcode (3.20200609.1) unstable; urgency=high . * SECURITY UPDATE * For most processors: SRBDS and/or VRDS, L1DCES mitigations depending on the processor model * For Skylake HEDT and Skylake Xeons with signature 0x50654: VRDS and L1DCES mitigations, plus mitigations described in the changelog entry for package release 3.20191112.1. * Expect some performance impact, the mitigations are enabled by default. A Linux kernel update will be issued that allows one to selectively disable the mitigations. * New upstream microcode datafile 20200609 * Implements mitigation for CVE-2020-0543 Special Register Buffer Data Sampling (SRBDS), INTEL-SA-00320, CROSSTalk * Implements mitigation for CVE-2020-0548 Vector Register Data Sampling (VRDS), INTEL-SA-00329 * Implements mitigation for CVE-2020-0549 L1D Cache Eviction Sampling (L1DCES), INTEL-SA-00329 * Known to fix the regression introduced in release 2019-11-12 (sig 0x50564, rev. 0x2000065), which would cause several systems with Skylake Xeon, Skylake HEDT processors to hang while rebooting * Updated Microcodes: sig 0x000306c3, pf_mask 0x32, 2019-11-12, rev 0x0028, size 23552 sig 0x000306d4, pf_mask 0xc0, 2019-11-12, rev 0x002f, size 19456 sig 0x00040651, pf_mask 0x72, 2019-11-12, rev 0x0026, size 22528 sig 0x00040661, pf_mask 0x32, 2019-11-12, rev 0x001c, size 25600 sig 0x00040671, pf_mask 0x22, 2019-11-12, rev 0x0022, size 14336 sig 0x000406e3, pf_mask 0xc0, 2020-04-27, rev 0x00dc, size 104448 sig 0x00050653, pf_mask 0x97, 2020-04-24, rev 0x1000157, size 32768 sig 0x00050654, pf_mask 0xb7, 2020-04-24, rev 0x2006906, size 34816 sig 0x00050656, pf_mask 0xbf, 2020-04-23, rev 0x4002f01, size 52224 sig 0x00050657, pf_mask 0xbf, 2020-04-23, rev 0x5002f01, size 52224 sig 0x000506e3, pf_mask 0x36, 2020-04-27, rev 0x00dc, size 104448 sig 0x000806e9, pf_mask 0x10, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806e9, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806ea, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806eb, pf_mask 0xd0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806ec, pf_mask 0x94, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906e9, pf_mask 0x2a, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906ea, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400 sig 0x000906eb, pf_mask 0x02, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906ec, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400 sig 0x000906ed, pf_mask 0x22, 2020-04-23, rev 0x00d6, size 103424 * Restores the microcode-level fixes that were reverted by release 3.20191115.2 for sig 0x50654 (Skylake Xeon, Skylake HEDT) . intel-microcode (3.20200520.1) unstable; urgency=medium . * New upstream microcode datafile 20200520 + Updated Microcodes: sig 0x000206d6, pf_mask 0x6d, 2020-03-04, rev 0x0621, size 18432 sig 0x000206d7, pf_mask 0x6d, 2020-03-24, rev 0x071a, size 19456 . intel-microcode (3.20200508.1) unstable; urgency=medium . * New upstream microcode datafile 20200508 + Updated Microcodes: sig 0x000706e5, pf_mask 0x80, 2020-03-12, rev 0x0078, size 107520 * Likely fixes several critical errata on IceLake-U/Y causing system hangs intel-microcode (3.20200609.1~deb9u1) stretch-security; urgency=high . * Rebuild for stretch-security, no changes . intel-microcode (3.20200609.1) unstable; urgency=high . * SECURITY UPDATE * For most processors: SRBDS and/or VRDS, L1DCES mitigations depending on the processor model * For Skylake HEDT and Skylake Xeons with signature 0x50654: VRDS and L1DCES mitigations, plus mitigations described in the changelog entry for package release 3.20191112.1. * Expect some performance impact, the mitigations are enabled by default. A Linux kernel update will be issued that allows one to selectively disable the mitigations. * New upstream microcode datafile 20200609 * Implements mitigation for CVE-2020-0543 Special Register Buffer Data Sampling (SRBDS), INTEL-SA-00320, CROSSTalk * Implements mitigation for CVE-2020-0548 Vector Register Data Sampling (VRDS), INTEL-SA-00329 * Implements mitigation for CVE-2020-0549 L1D Cache Eviction Sampling (L1DCES), INTEL-SA-00329 * Known to fix the regression introduced in release 2019-11-12 (sig 0x50564, rev. 0x2000065), which would cause several systems with Skylake Xeon, Skylake HEDT processors to hang while rebooting * Updated Microcodes: sig 0x000306c3, pf_mask 0x32, 2019-11-12, rev 0x0028, size 23552 sig 0x000306d4, pf_mask 0xc0, 2019-11-12, rev 0x002f, size 19456 sig 0x00040651, pf_mask 0x72, 2019-11-12, rev 0x0026, size 22528 sig 0x00040661, pf_mask 0x32, 2019-11-12, rev 0x001c, size 25600 sig 0x00040671, pf_mask 0x22, 2019-11-12, rev 0x0022, size 14336 sig 0x000406e3, pf_mask 0xc0, 2020-04-27, rev 0x00dc, size 104448 sig 0x00050653, pf_mask 0x97, 2020-04-24, rev 0x1000157, size 32768 sig 0x00050654, pf_mask 0xb7, 2020-04-24, rev 0x2006906, size 34816 sig 0x00050656, pf_mask 0xbf, 2020-04-23, rev 0x4002f01, size 52224 sig 0x00050657, pf_mask 0xbf, 2020-04-23, rev 0x5002f01, size 52224 sig 0x000506e3, pf_mask 0x36, 2020-04-27, rev 0x00dc, size 104448 sig 0x000806e9, pf_mask 0x10, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806e9, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806ea, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806eb, pf_mask 0xd0, 2020-04-27, rev 0x00d6, size 103424 sig 0x000806ec, pf_mask 0x94, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906e9, pf_mask 0x2a, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906ea, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400 sig 0x000906eb, pf_mask 0x02, 2020-04-23, rev 0x00d6, size 103424 sig 0x000906ec, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400 sig 0x000906ed, pf_mask 0x22, 2020-04-23, rev 0x00d6, size 103424 * Restores the microcode-level fixes that were reverted by release 3.20191115.2 for sig 0x50654 (Skylake Xeon, Skylake HEDT) . intel-microcode (3.20200520.1) unstable; urgency=medium . * New upstream microcode datafile 20200520 + Updated Microcodes: sig 0x000206d6, pf_mask 0x6d, 2020-03-04, rev 0x0621, size 18432 sig 0x000206d7, pf_mask 0x6d, 2020-03-24, rev 0x071a, size 19456 . intel-microcode (3.20200508.1) unstable; urgency=medium . * New upstream microcode datafile 20200508 + Updated Microcodes: sig 0x000706e5, pf_mask 0x80, 2020-03-12, rev 0x0078, size 107520 * Likely fixes several critical errata on IceLake-U/Y causing system hangs intel-microcode (3.20200520.1) unstable; urgency=medium . * New upstream microcode datafile 20200520 + Updated Microcodes: sig 0x000206d6, pf_mask 0x6d, 2020-03-04, rev 0x0621, size 18432 sig 0x000206d7, pf_mask 0x6d, 2020-03-24, rev 0x071a, size 19456 intel-microcode (3.20200508.1) unstable; urgency=medium . * New upstream microcode datafile 20200508 + Updated Microcodes: sig 0x000706e5, pf_mask 0x80, 2020-03-12, rev 0x0078, size 107520 * Likely fixes several critical errata on IceLake-U/Y causing system hangs intel-microcode (3.20191115.2) unstable; urgency=medium . * Microcode rollbacks (closes: #946515, LP#1854764): sig 0x00050654, pf_mask 0xb7, 2019-07-31, rev 0x2000064, size 33792 * Avoids hangs on warm reboots (cold boots work fine) on HEDT and Xeon processors with signature 0x50654. https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/21 jackson-databind (2.9.8-3+deb10u2) buster; urgency=medium . * Add multiple-CVE-BeanDeserializerFactory.patch and block more classes from polymorphic deserialization. This fixes 20 CVE that currently affect the package namely, CVE-2020-9548, CVE-2020-9547, CVE-2020-9546, CVE-2020-8840, CVE-2020-14195, CVE-2020-14062, CVE-2020-14061, CVE-2020-14060, CVE-2020-11620, CVE-2020-11619, CVE-2020-11113, CVE-2020-11112, CVE-2020-11111, CVE-2020-10969, CVE-2020-10968, CVE-2020-10673, CVE-2020-10672, CVE-2019-20330, CVE-2019-17531 and CVE-2019-17267. jameica (2.8.4+dfsg-1+deb10u1) buster; urgency=medium . * Add mckoisqldb to classpath. This is needed for SynTAX and was accidentally removed in debian/patches/0001-*.patch. jigdo (0.7.3-5+deb10u1) buster; urgency=medium . * Backport more upstream changes to make jigdo-lite and jigdo-mirror support https. Closes: #962776 keystone (2:14.2.0-0+deb10u1) buster-security; urgency=medium . * New upstream point release. * Removed patch applied upstream: - PY3_switch_to_using_unicode_text_values.patch * Removed debian/keystone.cron.hourly: UUID tokens are removed in favor of Fernet tokens, therefore, this cron job is useless. * Add upstream patches to fix grave security bug: EC2 and credential endpoints are not protected from a scoped context (Closes: #959900). - 0001-Add-cadf-auditing-to-credentials.patch - CVE_Check_timestamp_of_signed_EC2_token_request.patch - Ensure_OAuth1_authorized_roles_are_respected.patch - CVE_Fix_security_issues_with_EC2_credentials.patch ksh (93u+20120801-3.4+deb10u1) buster; urgency=high . * Fix for CVE-2019-14868: in ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely. (Closes: #948989) lemonldap-ng (2.0.2+ds-7+deb10u4) buster; urgency=medium . * Fix nginx configuration regression introduced by CVE-2019-19791 fix (Closes: #960392) libapache-mod-jk (1:1.2.46-1+deb10u1) buster; urgency=medium . * Rename httpd-jk.conf to jk.conf to restore compatibility with Debian's Apache helpers a2enmod and a2dismod. (Closes: #928813) libclamunrar (0.102.3-0+deb10u1) buster; urgency=medium . * Import 0.102.3 - Updated libclamunrar to UnRAR 5.9.2. * Provide a libclamunrar meta package which depends on the latest binary package. Suggested by Matus UHLAR - fantomas (Closes: #939824). libclamunrar (0.102.3-0+deb9u1) stretch; urgency=medium . * Import 0.102.3 - Updated libclamunrar to UnRAR 5.9.2. * Provide a libclamunrar meta package which depends on the latest binary package. Suggested by Matus UHLAR - fantomas (Closes: #939824). libembperl-perl (2.5.0-12+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Update debian/patches/apache2.4-compat.patch to work with Apache 2.4.40+ error pages. (Closes: #941926) libexif (0.6.21-5.1+deb10u4) buster; urgency=medium . * Add upstream patches to fix two security issues: - Fix a buffer read overflow in exif_entry_get_value() (CVE-2020-0182). - Fix an unsigned integer overflow in libexif/exif-data.c (CVE-2020-0198) (Closes: #962345). libexif (0.6.21-5.1+deb10u3) buster; urgency=medium . * Add upstream patches to fix multiple security issues: - cve-2020-13112.patch: Fix MakerNote tag size overflow issues at read time (CVE-2020-13112) (Closes: #961407). - cve-2020-13113.patch: Ensure MakerNote data pointers are NULL-initialized (CVE-2020-13113) (Closes: #961409). - cve-2020-13114.patch: Add a failsafe on the maximum number of Canon MakerNote subtags to catch extremely large values in tags (CVE-2020-13114) (Closes: #961410). libexif (0.6.21-5.1+deb10u2) buster; urgency=medium . [ Mike Gabriel ] * Sponsored upload. * debian/patches: Trivial rebase of various patches. . [ Hugh McMaster ] * Team upload. * Add upstream patches to fix two security issues: - cve-2020-12767.patch: Prevent some possible division-by-zero errors in exif_entry_get_value() (CVE-2020-12767) (Closes: #960199). - cve-2020-0093.patch: Prevent read buffer overflow (CVE-2020-0093). libinput (1.12.6-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. * quirks: add trackpoint integration attribute (Closes: #952700) libntlm (1.5-1+deb10u1) buster; urgency=medium . * Non-maintainer upload * Fix buffer overflow. CVE-2019-17455: Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request. Closes: #942145 * Add regression test for CVE-2019-17455 libopenmpt (0.4.3-1+deb10u1) buster-security; urgency=medium . * CVE-2019-14380 / CVE-2019-17113 libpam-radius-auth (1.4.0-3~deb10u1) buster; urgency=medium . * Rebuild for buster. * Revert packaging changes: - Lower Standards-Version to 4.2.0 - Lower Debhelper compat level to 11 . libpam-radius-auth (1.4.0-3) unstable; urgency=medium . * QA upload * Add patch to fix buffer overflow in password field. (Fixes: CVE-2015-9542) (Closes: #951396) * Bump Standards-Version to 4.5.0 and dh-compat to 12 libreswan (3.27-6+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * DoS attack via malicious IKEv1 informational exchange message (CVE-2020-1763) (Closes: #960458) libunwind (1.2.1-10~deb10u1) buster; urgency=medium . * Rebuild on buster. . libunwind (1.2.1-10) unstable; urgency=high . * Manually enable C++ exception support only on i386 and amd64, it is known broken on several other architectures. Thanks to Bernhard Übelacker. (Closes: #923962) * Backport upstream fix for segfaults on mips, thanks to Guillaume Tucker. (Closes: #932725) libyang (0.16.105-1+deb10u1) buster; urgency=medium . * Fix CVE-2019-19333 & CVE-2019-19334 (Closes: #946217) * Fix cache corruption crash (upstream bug 752) linux (4.19.132-1) buster; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.132 - btrfs: fix a block group ref counter leak after failure to remove block group - mm: fix swap cache node allocation mask - [x86] EDAC/amd64: Read back the scrub rate PCI register on F15h - usbnet: smsc95xx: Fix use-after-free after removal - mm/slub.c: fix corrupted freechain in deactivate_slab() - mm/slub: fix stack overruns with SLUB_STATS - [s390x] debug: avoid kernel warning on too large number of pages - nvme-multipath: set bdi capabilities once - nvme-multipath: fix deadlock between ana_work and scan_work - crypto: af_alg - fix use-after-free in af_alg_accept() due to bh_lock_sock() - [arm64] drm/msm/dpu: fix error return code in dpu_encoder_init - cxgb4: use unaligned conversion for fetching timestamp - cxgb4: parse TC-U32 key values and masks natively - cxgb4: use correct type for all-mask IP address comparison - cxgb4: fix SGE queue dump destination buffer context - [x86] hwmon: (acpi_power_meter) Fix potential memory leak in acpi_power_meter_add() - [arm64,armhf] drm: sun4i: hdmi: Remove extra HPD polling - virtio-blk: free vblk-vqs in error path of virtblk_probe() - SMB3: Honor 'posix' flag for multiuser mounts - nvme: fix a crash in nvme_mpath_add_disk - i2c: algo-pca: Add 0x78 as SCL stuck low status for PCA9665 - Revert "ALSA: usb-audio: Improve frames size computation" - SMB3: Honor 'seal' flag for multiuser mounts - SMB3: Honor persistent/resilient handle flags for multiuser mounts - SMB3: Honor lease disabling for multiuser mounts - cifs: Fix the target file was deleted when rename failed. - [mips*] Add missing EHB in mtc0 -> mfc0 sequence for DSPen - [arm64,armhf] irqchip/gic: Atomically update affinity - dm zoned: assign max_io_len correctly - efi: Make it possible to disable efivar_ssdt entirely . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.132-rt59 * Revert "ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb" (Closes: #964153, #964480) * efi: Restrict efivar_ssdt_load when the kernel is locked down (CVE-2019-20908) * certs: Rotate to use the Debian Secure Boot Signer 2020 certificate * e1000e: Add support for Comet Lake (Closes: #965365) linux (4.19.131-2) buster; urgency=medium . [ Aurelien Jarno ] * Revert "mips: Add udelay lpj numbers adjustment", since it causes the build to fail with CONFIG_CPU_FREQ=y. linux (4.19.131-1) buster; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.119 - ext4: fix extent_status fragmentation for plain files - [arm64] drm/msm: Use the correct dma_sync calls harder - vti4: removed duplicate log message. - [arm64] Add part number for Neoverse N1 - [arm64] errata: Hide CTR_EL0.DIC on systems affected by Neoverse-N1 #1542419 - [arm64] Fake the IminLine size on systems affected by Neoverse-N1 #1542419 - [arm64] compat: Workaround Neoverse-N1 #1542419 for compat user-space - watchdog: reset last_hw_keepalive time at start - scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login - scsi: lpfc: Fix crash in target side cable pulls hitting WAIT_FOR_UNREG - ceph: return ceph_mdsc_do_request() errors from __get_parent() - ceph: don't skip updating wanted caps when cap is stale - scsi: iscsi: Report unbind session event when the target has been removed - [x86] ASoC: Intel: atom: Take the drv->lock mutex before calling sst_send_slot_map() - nvme: fix deadlock caused by ANA update wrong locking - ipc/util.c: sysvipc_find_ipc() should increase position index - [s390x] cio: avoid duplicated 'ADD' uevents - loop: Better discard support for block devices - [powerpc*] Revert "powerpc/64: irq_work avoid interrupt when called with hardware irqs enabled" - [arm*] pwm: bcm2835: Dynamically allocate base - perf/core: Disable page faults when getting phys address - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN MPWIN895CL tablet - xhci: Ensure link state is U3 after setting USB_SS_PORT_LS_U3 - virtio-blk: improve virtqueue error to BLK_STS - scsi: smartpqi: fix call trace in device discovery - PCI/ASPM: Allow re-enabling Clock PM - [x86] KVM: VMX: Zero out *all* general purpose registers after VM-Exit - cxgb4: fix adapter crash due to wrong MC size - cxgb4: fix large delays in PTP synchronization - ipv6: fix restrict IPV6_ADDRFORM operation - macsec: avoid to set wrong mtu - macvlan: fix null dereference in macvlan_device_event() - net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node - [arm64,armhf] net: stmmac: dwmac-meson8b: Add missing boundary to RGMII TX clock array - sched: etf: do not assume all sockets are full blown - tcp: cache line align MAX_TCP_HEADER - team: fix hang in team_mode_get() - vrf: Fix IPv6 with qdisc and xfrm - [armhf] net: dsa: b53: Lookup VID in ARL searches when VLAN is enabled - [armhf] net: dsa: b53: Fix ARL register definitions - [armhf] net: dsa: b53: Rework ARL bin logic - [armhf] net: dsa: b53: b53_arl_rw_op() needs to select IVL or SVL - xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish - vrf: Check skb for XFRM_TRANSFORMED flag - KEYS: Avoid false positive ENOMEM error on key read - ALSA: hda: Remove ASUS ROG Zenith from the blacklist - ALSA: usb-audio: Add static mapping table for ALC1220-VB-based mobos - ALSA: usb-audio: Add connector notifier delegation - [armhf] iio: st_sensors: rely on odr mask to know if odr can be set - USB: sisusbvga: Change port variable from signed to unsigned - USB: Add USB_QUIRK_DELAY_CTRL_MSG and USB_QUIRK_DELAY_INIT for Corsair K70 RGB RAPIDFIRE - USB: early: Handle AMD's spec-compliant identifiers, too - USB: hub: Fix handling of connect changes during sleep - vmalloc: fix remap_vmalloc_range() bounds checks - mm/hugetlb: fix a addressing exception caused by huge_pte_offset - mm/ksm: fix NULL pointer dereference when KSM zero page is enabled - ALSA: hda/realtek - Fix unexpected init_amp override - ALSA: hda/realtek - Add new codec supported for ALC245 - ALSA: usb-audio: Fix usb audio refcnt leak when getting spdif - ALSA: usb-audio: Filter out unsupported sample rates on Focusrite devices - tpm/tpm_tis: Free IRQ if probing fails - [s390x] KVM: Return last valid slot if approx index is out-of-bounds - KVM: Check validity of resolved slot when searching memslots - [x86] KVM: VMX: Enable machine check support for 32bit targets - tty: hvc: fix buffer overflow during hvc_alloc(). - [x86] tty: rocket, avoid OOB access - usb-storage: Add unusual_devs entry for JMicron JMS566 - audit: check the length of userspace generated audit records - ASoC: dapm: fixup dapm kcontrol widget - iwlwifi: pcie: actually release queue memory in TVQM - iwlwifi: mvm: beacon statistics shouldn't go backwards - [armel,armhf] ARM: imx: provide v7_cpu_resume() only on ARM_CPU_SUSPEND=y - [powerpc*] setup_64: Set cache-line-size based on cache-block-size - [i386] staging: comedi: dt2815: fix writing hi byte of analog output - [x86] staging: comedi: Fix comedi_device refcnt leak in comedi_open - vt: don't hardcode the mem allocation upper bound - vt: don't use kmalloc() for the unicode screen buffer - [x86] staging: vt6656: Don't set RCR_MULTICAST or RCR_BROADCAST by default. - [x86] staging: vt6656: Fix calling conditions of vnt_set_bss_mode - [x86] staging: vt6656: Fix drivers TBTT timing counter. - [x86] staging: vt6656: Fix pairwise key entry save. - [x86] staging: vt6656: Power save stop wake_up_count wrap around. - cdc-acm: close race betrween suspend() and acm_softint - cdc-acm: introduce a cool down - UAS: no use logging any details in case of ENODEV - UAS: fix deadlock in error handling and PM flushing work - [arm64,armhf] usb: dwc3: gadget: Fix request completion check - usb: f_fs: Clear OS Extended descriptor counts to zero in ffs_data_reset() - xhci: prevent bus suspend if a roothub port detected a over-current condition - xfs: Fix deadlock between AGI and AGF with RENAME_WHITEOUT https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.120 - mtd: cfi: fix deadloop in cfi_cmdset_0002.c do_write_buffer - [arm*] binder: take read mode of mmap_sem in binder_alloc_free_page() - [arm64,armhf] usb: dwc3: gadget: Do link recovery for SS and SSP - nfsd: memory corruption in nfsd4_lock() - rxrpc: Fix DATA Tx to disable nofrag for UDP on AF_INET6 socket - net/cxgb4: Check the return from t4_query_params properly - xfs: acquire superblock freeze protection on eofblocks scans - svcrdma: Fix trace point use-after-free race - svcrdma: Fix leak of svc_rdma_recv_ctxt objects - PCI: Avoid ASMedia XHCI USB PME# from D0 defect - [s390x] net/mlx5: Fix failing fw tracer allocation on s390 - perf/core: fix parent pid/tid in task exit events - [i386] bpf, x86_32: Fix incorrect encoding in BPF_LDX zero-extension - mm: shmem: disable interrupt when acquiring info->lock in userfaultfd_copy path - xfs: clear PF_MEMALLOC before exiting xfsaild thread - [x86] bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B - [armhf] net: fec: set GPR bit on suspend by DT configuration. - [x86] hyperv: report value of misc_features - xfs: fix partially uninitialized structure in xfs_reflink_remap_extent - ALSA: hda: Keep the controller initialization even if no codecs found - ALSA: hda: Explicitly permit using autosuspend if runtime PM is supported - scsi: target: fix PR IN / READ FULL STATUS for FC - scsi: target: tcmu: reset_ring should reset TCMU_DEV_BIT_BROKEN - xen/xenbus: ensure xenbus_map_ring_valloc() returns proper grant status - ALSA: hda: call runtime_allow() for all hda controllers - [arm64] Delete the space separator in __emit_inst - ext4: use matching invalidatepage in ext4_writepage - ext4: increase wait time needed before reuse of deleted inode numbers - ext4: convert BUG_ON's to WARN_ON's in mballoc.c - hwmon: (jc42) Fix name to have no illegal characters - [i386] bpf, x86_32: Fix clobbering of dst for BPF_JSET - qed: Fix use after free in qed_chain_free - ext4: check for non-zero journal inum in ext4_calculate_overhead https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.121 - drm/edid: Fix off-by-one in DispID DTD pixel clock - drm/qxl: qxl_release leak in qxl_draw_dirty_fb() - drm/qxl: qxl_release leak in qxl_hw_surface_alloc() - drm/qxl: qxl_release use after free - btrfs: fix block group leak when removing fails - ALSA: hda/realtek - Two front mics on a Lenovo ThinkCenter - ALSA: usb-audio: Correct a typo of NuPrime DAC-10 USB ID - ALSA: hda/hdmi: fix without unlocked before return - ALSA: pcm: oss: Place the plugin buffer overflow checks correctly (Closes: #960493) - PM: ACPI: Output correct message on target power state - PM: hibernate: Freeze kernel threads in software_resume() - dm writecache: fix data corruption when reloading the target - dm multipath: use updated MPATHF_QUEUE_IO on mapping for bio-based mpath - scsi: qla2xxx: set UNLOADING before waiting for session deletion - scsi: qla2xxx: check UNLOADING before posting async work - RDMA/mlx5: Set GRH fields in query QP on RoCE - RDMA/mlx4: Initialize ib_spec on the stack - RDMA/core: Prevent mixed use of FDs between shared ufiles - RDMA/core: Fix race between destroy and release FD object - [amd64,arm64] vfio: avoid possible overflow in vfio_iommu_type1_pin_pages - [amd64,arm64] vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() - [arm64] iommu/qcom: Fix local_base status check - scsi: target/iblock: fix WRITE SAME zeroing - [amd64] iommu/amd: Fix legacy interrupt remapping for x2APIC-enabled system - nfs: Fix potential posix_acl refcnt leak in nfs3_set_acl - btrfs: fix partial loss of prealloc extent past i_size after fsync - btrfs: transaction: Avoid deadlock due to bad initialization timing of fs_info::journal_info - mmc: cqhci: Avoid false "cqhci: CQE stuck on" by not open-coding timeout loop - [arm64] mmc: sdhci-xenon: fix annoying 1.8V regulator warning - mmc: sdhci-pci: Fix eMMC driver strength for BYT-based controllers - [arm64] mmc: sdhci-msm: Enable host capabilities pertains to R1b response - [armhf] mmc: meson-mx-sdio: Set MMC_CAP_WAIT_WHILE_BUSY - [armhf] mmc: meson-mx-sdio: remove the broken ->card_busy() op https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.122 - vhost: vsock: kick send_pkt worker once device is started - [powerpc*] pci/of: Parse unassigned resources - [x86] ASoC: topology: Check return value of pcm_new_ver - [armhf] ASoC: sgtl5000: Fix VAG power-on handling - [arm64,armhf] usb: dwc3: gadget: Properly set maxpacket limit - [x86] ASoC: codecs: hdac_hdmi: Fix incorrect use of list_for_each_entry - wimax/i2400m: Fix potential urb refcnt leak - [armhf] net: stmmac: fix enabling socfpga's ptp_ref_clock - [armhf] net: stmmac: Fix sub-second increment - cifs: protect updating server->dstaddr with a spinlock - [s390x] ftrace: fix potential crashes when switching tracers - sctp: Fix SHUTDOWN CTSN Ack in the peer restart case - drm/amdgpu: Fix oops when pp_funcs is unset in ACPI event - lib: devres: add a helper function for ioremap_uc - [x86] mfd: intel-lpss: Use devm_ioremap_uc for MMIO - ALSA: hda: Match both PCI ID and SSID for driver blacklist - [x86] platform: GPD pocket fan: Fix error message when temp-limits are out of range - mac80211: add ieee80211_is_any_nullfunc() - cgroup, netclassid: remove double cond_resched - drm/atomic: Take the atomic toys away from X https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.123 - USB: serial: qcserial: Add DW5816e support - tracing/kprobes: Fix a double initialization typo - vt: fix unicode console freeing with a common interface - fq_codel: fix TCA_FQ_CODEL_DROP_BATCH_SIZE sanity checks - net: macsec: preserve ingress frame ordering - net/mlx4_core: Fix use of ENOSPC around mlx4_counter_alloc() - net_sched: sch_skbprio: add message validation to skbprio_change() - net: usb: qmi_wwan: add support for DW5816e - sch_choke: avoid potential panic in choke_reset() - sch_sfq: validate silly quantum values - tipc: fix partial topology connection closure - bnxt_en: Fix VLAN acceleration handling in bnxt_fix_features(). - net/mlx5: Fix forced completion access non initialized command entry - net/mlx5: Fix command entry leak in Internal Error State - bnxt_en: Improve AER slot reset. - bnxt_en: Fix VF anti-spoof filter setup. - net: stricter validation of untrusted gso packets - HID: wacom: Read HID_DG_CONTACTMAX directly for non-generic devices - sctp: Fix bundling of SHUTDOWN with COOKIE-ACK - HID: usbhid: Fix race between usbhid_close() and usbhid_stop() - USB: uas: add quirk for LaCie 2Big Quadra - USB: serial: garmin_gps: add sanity checking for data length - tracing: Add a vmalloc_sync_mappings() for safe measure - [arm64,armhf] KVM: vgic: Fix limit condition when writing to GICD_I[CS]ACTIVER - [arm64] KVM: Fix 32bit PC wrap-around - [arm64] hugetlb: avoid potential NULL dereference - mm/page_alloc: fix watchdog soft lockups during set_zone_contiguous() - [x86] KVM: VMX: Explicitly reference RCX as the vmx_vcpu pointer in asm blobs - [x86] KVM: VMX: Mark RCX, RDX and RSI as clobbered in vmx_vcpu_run()'s asm blob - batman-adv: fix batadv_nc_random_weight_tq - batman-adv: Fix refcnt leak in batadv_show_throughput_override - batman-adv: Fix refcnt leak in batadv_store_throughput_override - batman-adv: Fix refcnt leak in batadv_v_ogm_process - [amd64] x86/entry/64: Fix unwind hints in register clearing code - [amd64] x86/entry/64: Fix unwind hints in kernel exit path - [amd64] x86/entry/64: Fix unwind hints in rewind_stack_do_exit() - [amd64] x86/unwind/orc: Don't skip the first frame for inactive tasks - [amd64] x86/unwind/orc: Prevent unwinding before ORC initialization - [amd64] x86/unwind/orc: Fix error path for bad ORC entry type - [amd64] x86/unwind/orc: Fix premature unwind stoppage due to IRET frames - netfilter: nat: never update the UDP checksum when it's 0 - netfilter: nf_osf: avoid passing pointer to local var - scripts/decodecode: fix trapping instruction formatting - ipc/mqueue.c: change __do_notify() to bypass check_kill_permission() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.124 - [arm64,armhf] net: dsa: Do not make user port errors fatal - shmem: fix possible deadlocks on shmlock_user_lock - virtio-blk: handle block_device_operations callbacks after hot unplug - mmc: sdhci-acpi: Add SDHCI_QUIRK2_BROKEN_64_BIT_DMA for AMDI0040 - net: fix a potential recursive NETDEV_FEAT_CHANGE - net: phy: fix aneg restart in phy_ethtool_set_eee - pppoe: only process PADT targeted at local interfaces - Revert "ipv6: add mtu lock check in __ip6_rt_update_pmtu" - tcp: fix error recovery in tcp_zerocopy_receive() - virtio_net: fix lockdep warning on 32 bit - [x86,arm64] hinic: fix a bug of ndo_stop - net: ipv4: really enforce backoff for redirects - netprio_cgroup: Fix unlimited memory leak of v2 cgroups - net: tcp: fix rx timestamp behavior for tcp_recvmsg - tcp: fix SO_RCVLOWAT hangs with fat skbs - [i386] dmaengine: pch_dma.c: Avoid data race between probe and irq handler - [x86] cpufreq: intel_pstate: Only mention the BIOS disabling turbo mode once - ALSA: hda/hdmi: fix race in monitor detection during probe - drm/qxl: lost qxl_bo_kunmap_atomic_page in qxl_image_init_helper() - ipc/util.c: sysvipc_find_ipc() incorrectly updates position index - ALSA: hda/realtek - Fix S3 pop noise on Dell Wyse - gfs2: Another gfs2_walk_metadata fix - [x86] pinctrl: baytrail: Enable pin configuration setting for GPIO chip - [x86] pinctrl: cherryview: Add missing spinlock usage in chv_gpio_irq_handler - i40iw: Fix error handling in i40iw_manage_arp_cache() - mmc: core: Check request type before completing the request - mmc: block: Fix request completion in the CQE timeout path - NFS: Fix fscache super_cookie index_key from changing after umount - nfs: fscache: use timespec64 in inode auxdata - NFSv4: Fix fscache cookie aux_data to ensure change_attr is included - [arm64] fix the flush_icache_range arguments in machine_kexec - netfilter: nft_set_rbtree: Introduce and use nft_rbtree_interval_start() - IB/mlx4: Test return value of calls to ib_get_cached_pkey - ALSA: hda/realtek - Limit int mic boost for Thinkpad T530 - ALSA: rawmidi: Fix racy buffer resize under concurrent accesses - ALSA: usb-audio: Add control message quirk delay for Kingston HyperX headset - usb: core: hub: limit HUB_QUIRK_DISABLE_AUTOSUSPEND to USB5534B - [arm64,armhf] usb: host: xhci-plat: keep runtime active when removing host - usb: xhci: Fix NULL pointer dereference when enqueuing trbs from urb sg list - cifs: fix leaked reference on requeued write - exec: Move would_dump into flush_old_exec - [arm64,armhf] clk: rockchip: fix incorrect configuration of rk3228 aclk_gpu* clocks - [arm64,armhf] dwc3: Remove check for HWO flag in dwc3_gadget_ep_reclaim_trb_sg() - Revert "ALSA: hda/realtek: Fix pop noise on ALC225" - clk: Unlink clock if failed to prepare or enable - [arm64] dts: rockchip: Replace RK805 PMIC node name with "pmic" on rk3328 boards - [x86] KVM: Fix off-by-one error in kvm_vcpu_ioctl_x86_setup_mce https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.125 - i2c: dev: Fix the race between the release of i2c_dev and cdev - fix multiplication overflow in copy_fdtable() - ubifs: remove broken lazytime support - [amd64] iommu/amd: Fix over-read of ACPI UID from IVRS table - ubi: Fix seq_file usage in detailed_erase_block_info debugfs file - HID: multitouch: add eGalaxTouch P80H84 support - HID: alps: Add AUI1657 device ID - HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead - scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV - scsi: qla2xxx: Delete all sessions before unregister local nvme port - configfs: fix config_item refcnt leak in configfs_rmdir() - vhost/vsock: fix packet delivery order to monitoring devices - [amd64] aquantia: Fix the media type of AQC100 ethernet controller in the driver - component: Silence bind error on -EPROBE_DEFER - [ppc64el] scsi: ibmvscsi: Fix WARN_ON during event pool release - HID: i2c-hid: reset Synaptics SYNA2393 on resume - [x86] apic: Move TSC deadline timer debug printk - gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() - HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A keyboard-dock - ceph: fix double unlock in handle_cap_export() - [arm64,armhf] stmmac: fix pointer check after utilization in stmmac_interrupt - USB: core: Fix misleading driver bug report - [x86] platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA - padata: Replace delayed timer with immediate workqueue in padata_reorder - padata: initialize pd->cpu with effective cpumask - padata: purge get_cpu and reorder_via_wq from padata_do_serial - ALSA: iec1712: Initialize STDSP24 properly when using the model=staudio option - ALSA: pcm: fix incorrect hw_base increase - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Xtreme - ALSA: hda/realtek - Add more fixup entries for Clevo machines - [armhf] drm/etnaviv: fix perfmon domain interation - apparmor: Fix use-after-free in aa_audit_rule_init - apparmor: fix potential label refcnt leak in aa_change_profile - apparmor: Fix aa_label refcnt leak in policy_update - [arm64] dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()' - [powerpc*] Remove STRICT_KERNEL_RWX incompatibility with RELOCATABLE - [powerpc*] 64s: Disable STRICT_KERNEL_RWX - [amd64,arm64] nfit: Add Hyper-V NVDIMM DSM command set to white list - [x86,arm64] libnvdimm/btt: Remove unnecessary code in btt_freelist_init - [x86,arm64] libnvdimm/btt: Fix LBA masking during 'free list' population - [x86] thunderbolt: Drop duplicated get_switch_at_route() - cxgb4: free mac_hlist properly - cxgb4/cxgb4vf: Fix mac_hlist initialization and free - brcmfmac: abort and release host after error - Revert "gfs2: Don't demote a glock until its revokes are written" - misc: rtsx: Add short delay after exit from ASPM - [x86] mei: release me_cl object reference - rxrpc: Fix a memory leak in rxkad_verify_response() - rxrpc: Trace discarded ACKs - rxrpc: Fix ack discard https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.126 - ax25: fix setsockopt(SO_BINDTODEVICE) - __netif_receive_skb_core: pass skb by reference - net: inet_csk: Fix so_reuseport bind-address cache in tb->fast* - net: ipip: fix wrong address family in init error path - net/mlx5: Add command entry handling completion - net: revert "net: get rid of an signed integer overflow in ip_idents_reserve()" - net sched: fix reporting the first-time use timestamp - r8152: support additional Microsoft Surface Ethernet Adapter variant - sctp: Don't add the shutdown timer if its already been added - sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and socket is closed - net/mlx5e: Update netdev txq on completions during closure - net/mlx5: Annotate mutex destroy for root ns - net: sun: fix missing release regions in cas_init_one(). - net/mlx4_core: fix a memory leak bug. - [armhf] dts: rockchip: fix phy nodename for rk3228-evb - [arm64] dts: rockchip: fix status for &gmac2phy in rk3328-evb.dts - [arm64,armhf] gpio: tegra: mask GPIO IRQs during IRQ shutdown - ALSA: usb-audio: add mapping for ASRock TRX40 Creator - gfs2: move privileged user check to gfs2_quota_lock_check - cachefiles: Fix race between read_waiter and read_copier involving op->to_do - [arm64] usb: dwc3: pci: Enable extcon driver for Intel Merrifield - usb: gadget: legacy: fix redundant initialization warnings - IB/i40iw: Remove bogus call to netdev_master_upper_dev_get() - cifs: Fix null pointer check in cifs_read - Input: usbtouchscreen - add support for BonXeon TP - Input: evdev - call input_flush_device() on release(), not flush() - Input: xpad - add custom init packet for Xbox One S controllers - Input: i8042 - add ThinkPad S230u to i8042 reset list - Input: synaptics-rmi4 - really fix attn_data use-after-free - Input: synaptics-rmi4 - fix error return code in rmi_driver_probe() - [armel,armhf] 8970/1: decompressor: increase tag size - [arm*] 8843/1: use unified assembler in headers - gpio: exar: Fix bad handling for ida_simple_get error path - IB/qib: Call kobject_put() when kobject_init_and_add() fails - [armhf] dts/imx6q-bx50v3: Set display interface clock parents - [armel,armhf] dts: bcm2835-rpi-zero-w: Fix led polarity - mmc: block: Fix use-after-free issue for rpmb - ALSA: hwdep: fix a left shifting 1 by 31 UB bug - ALSA: hda/realtek - Add a model for Thinkpad T570 without DAC workaround - ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC - exec: Always set cap_ambient in cap_bprm_set_creds - ALSA: usb-audio: Quirks for Gigabyte TRX40 Aorus Master onboard audio - ALSA: hda/realtek - Add new codec supported for ALC287 - libceph: ignore pool overlay and cache logic on redirects - IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode - mm: remove VM_BUG_ON(PageSlab()) from page_mapcount() - include/asm-generic/topology.h: guard cpumask_of_node() macro argument - iommu: Fix reference count leak in iommu_group_alloc. - mmc: core: Fix recursive locking issue in CQE recovery path - RDMA/core: Fix double destruction of uobject - mac80211: mesh: fix discovery timer re-arming issue / crash - [x86] dma: Fix max PFN arithmetic overflow on 32 bit systems - [x86] copy_xstate_to_kernel(): don't leave parts of destination uninitialized - xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input - xfrm: call xfrm_output_gso when inner_protocol is set in xfrm_output - xfrm interface: fix oops when deleting a x-netns interface - xfrm: fix a warning in xfrm_policy_insert_list - xfrm: fix a NULL-ptr deref in xfrm_local_error - xfrm: fix error in comment - vti4: eliminated some duplicate code. - ip_vti: receive ipip packet by calling ip_tunnel_rcv - netfilter: nft_reject_bridge: enable reject with bridge vlan - netfilter: ipset: Fix subcounter update skip - netfilter: nfnetlink_cthelper: unbreak userspace helper support - netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code - esp6: get the right proto for transport mode in esp6_gso_encap - bnxt_en: Fix accumulation of bp->net_stats_prev. - xsk: Add overflow check for u64 division, stored into u32 - qlcnic: fix missing release in qlcnic_83xx_interrupt_test. - bonding: Fix reference count leak in bond_sysfs_slave_add. - netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build - mm/vmalloc.c: don't dereference possible NULL pointer in __vunmap() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.127 - Revert "cgroup: Add memory barriers to plug cgroup_rstat_updated() race window" - libnvdimm: Fix endian conversion issues  - HID: sony: Fix for broken buttons on DS3 USB dongles - HID: i2c-hid: add Schneider SCL142ALM to descriptor override - p54usb: add AirVasT USB stick device-id - mmc: fix compilation of user API - scsi: ufs: Release clock if DMA map fails - airo: Fix read overflows sending packets - [x86] drm/i915: fix port checks for MST support on gen >= 11 - [arm64] scsi: hisi_sas: Check sas_port before using it - [powerpc*] powernv: Avoid re-registration of imc debugfs directory - [s390x] ftrace: save traced function caller - drm/edid: Add Oculus Rift S to non-desktop list - [s390x] mm: fix set_huge_pte_at() for empty ptes - null_blk: return error for invalid zone size - [arm64] net: ethernet: stmmac: Enable interface clocks on probe for IPQ806x - [arm64,armhf] net: smsc911x: Fix runtime PM imbalance on error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.128 - devinet: fix memleak in inetdev_init() - l2tp: add sk_family checks to l2tp_validate_socket - l2tp: do not use inet_hash()/inet_unhash() - net: usb: qmi_wwan: add Telit LE910C1-EUX composition - vsock: fix timeout in vsock_accept() - net: check untrusted gso_size at kernel entry - USB: serial: qcserial: add DW5816e QDL support - USB: serial: usb_wwan: do not resubmit rx urb on fatal errors - USB: serial: option: add Telit LE910C1-EUX compositions - [arm64,armhf] usb: musb: start session in resume for host port - [arm64,armhf] usb: musb: Fix runtime PM imbalance on error - vt: keyboard: avoid signed integer overflow in k_ascii (CVE-2020-13974) - tty: hvc_console, fix crashes on parallel open/close - staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK - CDC-ACM: heed quirk also in error handling - [arm64] nvmem: qfprom: remove incorrect write support - uprobes: ensure that uprobe->offset and ->ref_ctr_offset are properly aligned - Revert "net/mlx5: Annotate mutex destroy for root ns" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.129 - ipv6: fix IPV6_ADDRFORM operation logic - net_failover: fixed rollback in net_failover_open() - bridge: Avoid infinite loop when suppressing NS messages with invalid options - vxlan: Avoid infinite loop when suppressing NS messages with invalid options - tun: correct header offsets in napi frags mode - make 'user_access_begin()' do 'access_ok()' (CVE-2018-20669) - [x86] uaccess: Inhibit speculation past access_ok() in user_access_begin() - lib: Reduce user_access_begin() boundaries in strncpy_from_user() and strnlen_user() - btrfs: merge btrfs_find_device and find_device (CVE-2019-18885) - btrfs: Detect unbalanced tree with empty leaf before crashing btree operations - [armel,armhf] 8977/1: ptrace: Fix mask for thumb breakpoint hook - sched/fair: Don't NUMA balance for kthreads - Input: synaptics - add a second working PNP_ID for Lenovo T470s - [powerpc*] xive: Clear the page tables for the ESB IO mapping - ath9k_htc: Silence undersized packet warnings - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated - [x86] cpu/amd: Make erratum #1054 a legacy erratum - perf probe: Accept the instance number of kretprobe event - mm: add kvfree_sensitive() for freeing sensitive data objects - aio: fix async fsync creds - btrfs: tree-checker: Check level for leaves and nodes - [x86] Fix jiffies ODR violation - [x86] PCI: Mark Intel C620 MROMs as having non-compliant BARs - [x86] speculation: Prevent rogue cross-process SSBD shutdown (CVE-2020-10766) - [x86] reboot/quirks: Add MacBook6,1 reboot quirk - efi/efivars: Add missing kobject_put() in sysfs entry creation error path - [i386] ALSA: es1688: Add the missed snd_card_free() - ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines - ALSA: usb-audio: Fix inconsistent card PM state after resume - ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt Dock - [arm64,x86] ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile() - [amd64,arm64] ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe() - [arm64] ACPI: GED: add support for _Exx / _Lxx handler methods - [arm64,x86] ACPI: PM: Avoid using power resources if there are none for D0 - cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages - nilfs2: fix null pointer dereference at nilfs_segctor_do_construct() - [arm*] spi: bcm2835aux: Fix controller unregister order - PM: runtime: clk: Fix clk_pm_runtime_get() error path - [arm64] crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated - ALSA: pcm: disallow linking stream to itself - [x86] {mce,mm}: Unmap the entire page if the whole page is affected and poisoned - [x86] KVM: Fix APIC page invalidation race - [x86] kvm: Fix L1TF mitigation for shadow MMU - [x86] KVM: x86/mmu: Consolidate "is MMIO SPTE" code - [x86] KVM: only do L1TF workaround on affected processors - [x86] speculation: Change misspelled STIPB to STIBP - [x86] speculation: Add support for STIBP always-on preferred mode - [x86] speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS. (CVE-2020-10767) - [x86] speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches. (CVE-2020-10768) - spi: No need to assign dummy value in spi_unregister_controller() - spi: Fix controller unregister order - [amd64] spi: pxa2xx: Fix controller unregister order - [arm*] spi: bcm2835: Fix controller unregister order - [amd64] spi: pxa2xx: Balance runtime PM enable/disable on error - [amd64] spi: pxa2xx: Fix runtime PM ref imbalance on probe error - crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req() - crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() - crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() - ovl: initialize error in ovl_copy_xattr - proc: Use new_inode not new_inode_pseudo - [x86] KVM: nSVM: fix condition for filtering async PF - [x86] KVM: nSVM: leave ASID aside in copy_vmcb_control_area - [x86] KVM: nVMX: Consult only the "basic" exit reason when routing nested exit - [arm64] KVM: Make vcpu_cp1x() work on Big Endian hosts - scsi: megaraid_sas: TM command refire leads to controller firmware crash - ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx - ath9k: Fix use-after-free Write in ath9k_htc_rx_msg - ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb - mm/slub: fix a memory leak in sysfs_slab_add() - fat: don't allow to mount if the FAT length == 0 - perf: Add cond_resched() to task_function_call() - [x86] agp/intel: Reinforce the barrier after GTT updates - [arm64] mmc: sdhci-msm: Clear tuning done flag while hs400 tuning - mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card() - xen/pvcalls-back: test for errors when calling backend_connect() - [arm64] KVM: Synchronize sysreg state on injecting an AArch32 exception - [arm64] ACPI: GED: use correct trigger type field in _Exx / _Lxx handling - [arm64] drm: bridge: adv7511: Extend list of audio sample rates - [x86] crypto: ccp -- don't "select" CONFIG_DMADEVICES - media: si2157: Better check for running tuner in init - [amd64] spi: pxa2xx: Apply CS clk quirk to BXT - [amd64] net: atlantic: make hw_get_regs optional - net: ena: fix error returning in ena_com_get_hash_function() - [arm64] insn: Fix two bugs in encoding 32-bit logical immediates - ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K - Bluetooth: Add SCO fallback for invalid LMP parameters error - [armhf] clocksource: dw_apb_timer: Make CPU-affiliation being optional - [armhf] clocksource: dw_apb_timer_of: Fix missing clockevent timers - btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums - batman-adv: Revert "disable ethtool link speed detection when auto negotiation off" - [armhf] mmc: meson-mx-sdio: trigger a soft reset after a timeout or CRC error - [x86] kvm/hyper-v: Explicitly align hcall param for kvm_hyperv_exit - [x86] net: vmxnet3: fix possible buffer overflow caused by bad DMA value in vmxnet3_get_rss() - brcmfmac: fix wrong location to get firmware feature - e1000: Distribute switch variables for initialization - dt-bindings: display: mediatek: control dpi pins mode to avoid leakage - audit: fix a net reference leak in audit_send_reply() - media: dvb: return -EREMOTEIO on i2c transfer failure. - [mips*] Make sparse_init() using top-down allocation - Bluetooth: btbcm: Add 2 missing models to subver tables - audit: fix a net reference leak in audit_list_rules_send() - netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported - exit: Move preemption fixup up, move blocking operations down - sched/core: Fix illegal RCU from offline CPUs - drivers/perf: hisi: Fix typo in events attribute array - [armhf] net: allwinner: Fix use correct return type for ndo_start_xmit() - xfs: clean up the error handling in xfs_swap_extents - Crypto/chcr: fix for ccm(aes) failed test - [mips*] cm: Fix an invalid error code of INTVN_*_ERR - xfs: reset buffer write failure state on successful completion - xfs: fix duplicate verification from xfs_qm_dqflush() - [x86] platform/x86: intel-vbtn: Use acpi_evaluate_integer() - [x86] platform/x86: intel-vbtn: Split keymap into buttons and switches parts - [x86] platform/x86: intel-vbtn: Do not advertise switches to userspace if they are not there - [x86] platform/x86: intel-vbtn: Also handle tablet-mode switch on "Detachable" and "Portable" chassis-types - nvme: refine the Qemu Identify CNS quirk - ath10k: Remove msdu from idr when management pkt send fails - [arm64] wcn36xx: Fix error handling path in 'wcn36xx_probe()' - net: qed*: Reduce RX and TX default ring count when running inside kdump kernel - mt76: avoid rx reorder buffer overflow - md: don't flush workqueue unconditionally in md_open - veth: Adjust hard_start offset on redirect XDP frames - net/mlx5e: IPoIB, Drop multicast packets that this interface sent - rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup() - mwifiex: Fix memory corruption in dump_station - [x86] boot: Correct relocation destination on old linkers - [x86] mm: Stop printing BRK addresses - btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a new qgroup - macvlan: Skip loopback packets in RX handler - PCI: Don't disable decoding when mmio_always_on is set - [mips*] Fix IRQ tracing when call handle_fpe() and handle_msa_fpe() - bcache: fix refcount underflow in bcache_device_free() - [arm64] mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk - mmc: via-sdmmc: Respect the cmd->busy_timeout from the mmc core - ixgbe: fix signed-integer-overflow warning - [armhf] mmc: sdhci-esdhc-imx: fix the mask for tuning start point - cpuidle: Fix three reference count leaks - [x86] platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32() - [x86] platform/x86: intel-hid: Add a quirk to support HP Spectre X2 (2015) - [x86] platform/x86: intel-vbtn: Only blacklist SW_TABLET_MODE on the 9 / "Laptop" chasis-type - btrfs: include non-missing as a qualifier for the latest_bdev - btrfs: send: emit file capabilities after chown - mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked() - mm: initialize deferred pages with interrupts enabled - ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max - ext4: fix error pointer dereference - ext4: fix race between ext4_sync_parent() and rename() - PCI: Avoid Pericom USB controller OHCI/EHCI PME# defect - PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0 - PCI: Avoid FLR for AMD Starship USB 3.0 - PCI: Add ACS quirk for iProc PAXB - PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints - PCI: Remove unused NFP32xx IDs - [x86] hwmon/k10temp, x86/amd_nb: Consolidate shared device IDs - [x86] amd_nb: Add PCI device IDs for family 17h, model 30h - PCI: add USR vendor id and use it in r8169 and w6692 driver - PCI: Move Synopsys HAPS platform device IDs - PCI: Move Rohm Vendor ID to generic list - misc: pci_endpoint_test: Add the layerscape EP device support - misc: pci_endpoint_test: Add support to test PCI EP in AM654x - PCI: Add Synopsys endpoint EDDA Device ID - PCI: Add NVIDIA GPU multi-function power dependencies - PCI: Enable NVIDIA HDA controllers - [x86] amd_nb: Add PCI device IDs for family 17h, model 70h - ALSA: lx6464es - add support for LX6464ESe pci express variant - PCI: Add Genesys Logic, Inc. Vendor ID - PCI: Add Amazon's Annapurna Labs vendor ID - PCI: vmd: Add device id for VMD device 8086:9A0B - [x86] amd_nb: Add Family 19h PCI IDs - PCI: Add Loongson vendor ID - serial: 8250_pci: Move Pericom IDs to pci_ids.h - PCI: Make ACS quirk implementations more uniform - PCI: Unify ACS quirk desired vs provided checking - PCI: Generalize multi-function power dependency device links - btrfs: fix error handling when submitting direct I/O bio - btrfs: fix wrong file range cleanup after an error filling dealloc range - PCI: Program MPS for RCiEP devices - e1000e: Disable TSO for buffer overrun workaround - e1000e: Relax condition to trigger reset for ME workaround - carl9170: remove P2P_GO support - media: go7007: fix a miss of snd_card_free (CVE-2019-20810) - Bluetooth: hci_bcm: fix freeing not-requested IRQ - b43legacy: Fix case where channel status is corrupted - b43: Fix connection problem with WPA3 - b43_legacy: Fix connection problem with WPA3 - igb: Report speed and duplex as unknown when device is runtime suspended - [arm64,armhf] power: vexpress: add suppress_bind_attrs to true - [armhf] pinctrl: samsung: Correct setting of eint wakeup mask on s5pv210 - [armhf] pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs - gnss: sirf: fix error return code in sirf_probe() - dm crypt: avoid truncating the logical block size - kernel/cpu_pm: Fix uninitted local in cpu_pm - [armhf] tegra: Correct PL310 Auxiliary Control Register initialization - [powerpc*] 64s: Don't let DT CPU features set FSCR_DSCR - [powerpc*] 64s: Save FSCR to init_task.thread.fscr after feature init - sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate registrations. - sunrpc: clean up properly in gss_mech_unregister() - [armhf] w1: omap-hdq: cleanup to add missing newline for some dev_dbg - perf probe: Do not show the skipped events - perf probe: Fix to check blacklist address correctly - perf probe: Check address correctness by map instead of _etext - perf symbols: Fix debuginfo search for Ubuntu https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.130 - [arm64,armhf] clk: sunxi: Fix incorrect usage of round_down() - [arm64,armhf] ASoC: tegra: tegra_wm8903: Support nvidia, headset property - i2c: piix4: Detect secondary SMBus controller on AMD AM4 chipsets - [x86] iio: pressure: bmp280: Tolerate IRQ before registering - [arm64] clk: qcom: msm8916: Fix the address location of pll->config_reg - [arm64] backlight: lp855x: Ensure regulators are disabled on probe failure - [armhf] ASoC: davinci-mcasp: Fix dma_chan refcnt leak when getting dma type - [armel] integrator: Add some Kconfig selections - scsi: qedi: Check for buffer overflow in qedi_set_path() - ALSA: hda/realtek - Introduce polarity for micmute LED GPIO - [i386] ALSA: isa/wavefront: prevent out of bounds write in ioctl - PCI: Allow pci_resize_resource() for devices on root bus - scsi: qla2xxx: Fix issue with adapter's stopping state - [x86] iio: bmp280: fix compensation of humidity - f2fs: report delalloc reserve as non-free in statfs for project quota - [x86] i2c: pxa: clear all master action bits in i2c_pxa_stop_message() - [armhf] clk: samsung: Mark top ISP and CAM clocks on Exynos542x as critical - usblp: poison URBs upon disconnect - serial: 8250: Fix max baud limit in generic 8250 port - dm mpath: switch paths in dm_blk_ioctl() code path - [arm64] PCI: aardvark: Don't blindly enable ASPM L0s and don't write to read-only register - vfio/pci: fix memory leaks in alloc_perm_bits() - RDMA/mlx5: Add init2init as a modify command - scsi: lpfc: Fix lpfc_nodelist leak when processing unsolicited event - [powerpc*] perf/hv-24x7: Fix inconsistent output values incase multiple hv-24x7 events run - nfsd: Fix svc_xprt refcnt leak when setup callback client failed - [amd64] PCI: vmd: Filter resource type bits from shadow register - [powerpc*] crashkernel: Take "mem=" option into account - yam: fix possible memory leak in yam_init_driver - apparmor: fix introspection of of task mode for unconfined tasks - apparmor: check/put label on apparmor_sk_clone_security() - scsi: sr: Fix sr_probe() missing deallocate of device minor - [powerpc*] scsi: ibmvscsi: Don't send host info in adapter info MAD after LPM - apparmor: fix nnp subset test for unconfined - [x86] purgatory: Disable various profiling and sanitizing options - scsi: qedi: Do not flush offload work if ARP not resolved - [armhf] dts: sun8i-h2-plus-bananapi-m2-zero: Fix led polarity - scsi: qedf: Fix crash when MFW calls for protocol stats while function is still probing - [arm64] firmware: qcom_scm: fix bogous abuse of dma-direct internals - ALSA: usb-audio: Improve frames size computation - ALSA: usb-audio: Fix racy list management in output queue - [s390x] qdio: put thinint indicator after early error - tty: hvc: Fix data abort due to race in hvc_open - [armhf] thermal/drivers/ti-soc-thermal: Avoid dereferencing ERR_PTR - [arm64,armhf] usb: dwc3: gadget: Properly handle failed kick_transfer - [mips64el,mipsel] staging: sm750fb: add missing case while setting FB_VISUAL - [arm64,i386] i2c: pxa: fix i2c_pxa_scream_blue_murder() debug output - [arm*] serial: amba-pl011: Make sure we initialize the port.lock spinlock - drivers: base: Fix NULL pointer exception in __platform_driver_probe() if a driver developer is foolish - PCI/ASPM: Allow ASPM on links to PCIe-to-PCI/PCI-X Bridges - scsi: qla2xxx: Fix warning after FC target reset - scsi: mpt3sas: Fix double free warnings - [arm64,armhf] pinctrl: rockchip: fix memleak in rockchip_dt_node_to_map - [armhf] clk: ti: composite: fix memory leak - PCI: Fix pci_register_host_bridge() device_register() error handling - [powerpc*] Don't initialise init_task->thread.regs - tty: n_gsm: Fix SOF skipping - tty: n_gsm: Fix waking up upper tty layer when room available - HID: Add quirks for Trust Panora Graphic Tablet - ipmi: use vzalloc instead of kmalloc for user creation - [powerpc*] pseries/ras: Fix FWNMI_VALID off by one - vfio-pci: Mask cap zero - usb/ohci-platform: Fix a warning when hibernating - [arm64] drm/msm/mdp5: Fix mdp5_init error path for failed mdp5_kms allocation - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT8-A tablet - [armhf] USB: host: ehci-mxc: Add error handling in ehci_mxc_drv_probe() - tty: n_gsm: Fix bogus i++ in gsm_data_kick - scsi: target: tcmu: Userspace must not complete queued commands - [powerpc*] 64s/pgtable: fix an undefined behaviour - dm zoned: return NULL if dmz_get_zone_for_reclaim() fails to find a zone - PCI/PTM: Inherit Switch Downstream Port PTM settings from Upstream Port - [arm64,armhf] PCI: dwc: Fix inner MSI IRQ domain registration - IB/cma: Fix ports memory leak in cma_configfs - [arm*] usb: dwc2: gadget: move gadget resume after the core is in L0 state - usb: gadget: Fix issue with config_ep_by_speed function - RDMA/iw_cxgb4: cleanup device debugfs entries on ULD remove - [x86] apic: Make TSC deadline timer detection message visible - scsi: target: tcmu: Fix a use after free in tcmu_check_expired_queue_cmd() - [arm*] clk: bcm2835: Fix return type of bcm2835_register_gate - [ppc64el] KVM: Book3S HV: Ignore kmemleak false positives - net: sunrpc: Fix off-by-one issues in 'rpc_ntop6' - NFSv4.1 fix rpc_call_done assignment for BIND_CONN_TO_SESSION - of: Fix a refcounting bug in __of_attach_node_sysfs() - rxrpc: Adjust /proc/net/rxrpc/calls to display call->debug_id not user_ID - gfs2: Allow lock_nolock mount to specify jid=X - scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj - scsi: ufs: Don't update urgent bkops level when toggling auto bkops - [armhf] pinctrl: freescale: imx: Fix an error handling path in 'imx_pinctrl_probe()' - geneve: change from tx_error to tx_dropped on missing metadata - lib/zlib: remove outdated and incorrect pre-increment optimization - blktrace: use errno instead of bi_status - blktrace: fix endianness in get_pdu_int() - blktrace: fix endianness for blk_log_remap() - gfs2: fix use-after-free on transaction ail lists - drivers/perf: hisi: Fix wrong value for all counters enable - afs: Fix memory leak in afs_put_sysnames() - ASoC: core: only convert non DPCM link to DPCM link - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT10-A tablet - ASoC: rt5645: Add platform-data for Asus T101HA - [arm64,armhf] drm/sun4i: hdmi ddc clk: Fix size of m divider - [x86] idt: Keep spurious entries unset in system_vectors - net/filter: Permit reading NET in load_bytes_relative when MAC not set - xdp: Fix xsk_generic_xmit errno - [arm64,armhf] usb/xhci-plat: Set PM runtime as active on resume - usb: host: ehci-platform: add a quirk to avoid stuck - usb/ehci-platform: Set PM runtime as active on resume - perf report: Fix NULL pointer dereference in hists__fprintf_nr_sample_events() - ext4: stop overwrite the errcode in ext4_setup_super - bcache: fix potential deadlock problem in btree_gc_coalesce (CVE-2020-12771) - afs: Fix non-setting of mtime when writing into mmap - afs: afs_write_end() should change i_size under the right lock - block: Fix use-after-free in blkdev_get() - [arm64] hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints - libata: Use per port sync for detach - drm: encoder_slave: fix refcouting error for modules - drm/dp_mst: Reformat drm_dp_check_act_status() a bit - drm/qxl: Use correct notify port address when creating cursor ring - selinux: fix double free - ext4: fix partial cluster initialization when splitting extent - ext4: avoid race conditions when remounting with options that change dax - drm/dp_mst: Increase ACT retry timeout to 3s - block: nr_sects_write(): Disable preemption on seqcount write - mtd: rawnand: Pass a nand_chip object to nand_scan() - mtd: rawnand: Pass a nand_chip object to nand_release() - mtd: rawnand: diskonchip: Fix the probe error path - [armel,armhf] mtd: rawnand: orion: Fix the probe error path - [s390x] fix syscall_get_error for compat processes - [x86] drm/i915: Whitelist context-local timestamp in the gen9 cmdparser - [x86] drm/i915/icl+: Fix hotplug interrupt disabling after storm detection - crypto: algif_skcipher - Cap recv SG list at ctx->used - crypto: algboss - don't wait during notifier callback - kprobes: Fix to protect kick_kprobe_optimizer() by kprobe_mutex - e1000e: Do not wake up the system via WOL if device wakeup is disabled - [mips*] net: octeon: mgmt: Repair filling of RX ring - kretprobe: Prevent triggering kretprobe from within kprobe_flush_task - sched/rt, net: Use CONFIG_PREEMPTION.patch - net: core: device_rename: Use rwsem instead of a seqcount - md: add feature flag MD_FEATURE_RAID0_LAYOUT - [x86] kvm: Move kvm_set_mmio_spte_mask() from x86.c to mmu.c - [x86] kvm: Fix reserved bits related calculation errors caused by MKTME - [x86] KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.131 - net: be more gentle about silly gso requests coming from user - block/bio-integrity: don't free 'buf' if bio_integrity_add_page() failed - fanotify: fix ignore mask logic for events on child and on dir - [armhf] mtd: rawnand: marvell: Fix the condition on a return code - net: sched: export __netdev_watchdog_up() - [x86] EDAC/amd64: Add Family 17h Model 30h PCI IDs - [arm64,armhf] i2c: tegra: Cleanup kerneldoc comments - [arm64,armhf] i2c: tegra: Add missing kerneldoc for some fields - [arm64,armhf] i2c: tegra: Fix Maximum transfer size - ALSA: hda/realtek - Enable the headset of ASUS B9450FA with ALC294 - ALSA: hda/realtek: Enable mute LED on an HP system - ALSA: hda/realtek - Enable micmute LED on and HP system - apparmor: don't try to replace stale label in ptraceme check (Closes: #963493) - [ppc64el] ibmveth: Fix max MTU limit - mld: fix memory leak in ipv6_mc_destroy_dev() - net: bridge: enfore alignment for ethernet address - net: fix memleak in register_netdevice() - net: place xmit recursion in softnet data - net: use correct this_cpu primitive in dev_recursion_level - net: increment xmit_recursion level in dev_direct_xmit() - net: usb: ax88179_178a: fix packet alignment padding - rxrpc: Fix notification call on completion of discarded calls - sctp: Don't advertise IPv4 addresses if ipv6only is set on the socket - tcp: don't ignore ECN CWR on pure ACK - tcp: grow window for OOO packets only for SACK flows - tg3: driver sleeps indefinitely when EEH errors exceed eeh_max_freezes - ip6_gre: fix use-after-free in ip6gre_tunnel_lookup() - net: phy: Check harder for errors in get_phy_id() - ip_tunnel: fix use-after-free in ip_tunnel_lookup() - sch_cake: don't try to reallocate or unshare skb unconditionally - sch_cake: fix a few style nits - tcp_cubic: fix spurious HYSTART_DELAY exit upon drop in min RTT - sch_cake: don't call diffserv parsing code when it is not needed - net: Fix the arp error in some cases - net: Do not clear the sock TX queue in sk_set_socket() - net: core: reduce recursion limit value - [arm*] usb: dwc2: Postponed gadget registration to the udc class driver - usb: add USB_QUIRK_DELAY_INIT for Logitech C922 - USB: ehci: reopen solution for Synopsys HC bug - xhci: Poll for U0 after disabling USB2 LPM - [armhf] usb: host: ehci-exynos: Fix error check in exynos_ehci_probe() - ALSA: usb-audio: add quirk for Denon DCD-1500RE - ALSA: usb-audio: add quirk for Samsung USBC Headset (AKG) - ALSA: usb-audio: Fix OOB access of mixer element list - [s390x] scsi: zfcp: Fix panic on ERP timeout for previously dismissed ERP action - xhci: Fix incorrect EP_STATE_MASK - xhci: Fix enumeration issue when setting max packet size for FS devices. - xhci: Return if xHCI doesn't support LPM - cdc-acm: Add DISABLE_ECHO quirk for Microchip/SMSC chip - loop: replace kill_bdev with invalidate_bdev - IB/mad: Fix use after free when destroying MAD agent - cifs/smb3: Fix data inconsistent when punch hole - cifs/smb3: Fix data inconsistent when zero file range - xfrm: Fix double ESP trailer insertion in IPsec crypto offload. - efi/esrt: Fix reference count leak in esre_create_sysfs_entry. - [armhf] regualtor: pfuze100: correct sw1a/sw2 on pfuze3000 - [armhf] ASoC: fsl_ssi: Fix bclk calculation for mono channel - [armhf] dts: Fix duovero smsc interrupt for suspend - regmap: Fix memory leak from regmap_register_patch - rxrpc: Fix handling of rwind from an ACK packet - RDMA/qedr: Fix KASAN: use-after-free in ucma_event_handler+0x532 - RDMA/cma: Protect bind_list and listen_list while finding matching cm id - RDMA/mad: Fix possible memory leak in ib_mad_post_receive_mads() - net: qed: fix left elements count calculation - net: qed: fix NVMe login fails over VFs - net: qed: fix excessive QM ILT lines consumption - cxgb4: move handling L2T ARP failures to caller - [armhf] imx5: add missing put_device() call in imx_suspend_alloc_ocram() - netfilter: ipset: fix unaligned atomic access - i2c: core: check returned size of emulated smbus block read - sched/deadline: Initialize ->dl_boosted - sched/core: Fix PI boosting between RT and DEADLINE tasks - ata/libata: Fix usage of page address by page_address in ata_scsi_mode_select_xlat function - net: alx: fix race condition in alx_remove - [s390x] ptrace: fix setting syscall number - [s390x] vdso: fix vDSO clock_getres() - kbuild: improve cc-option to clean up all temporary files - blktrace: break out of blktrace setup on concurrent calls - ALSA: hda: Add NVIDIA codec IDs 9a & 9d through a0 to patch table - ALSA: hda/realtek - Add quirk for MSI GE63 laptop - [x86,arm64] ACPI: sysfs: Fix pm_profile_attr type - [x86] KVM: Fix MSR range of APIC registers in X2APIC mode - [x86] KVM: nVMX: Plumb L2 GPA through to PML emulation - [amd64] x86/asm/64: Align start of __clear_user() loop to 16-bytes - btrfs: fix data block group relocation failure due to concurrent scrub - btrfs: fix failure of RWF_NOWAIT write into prealloc extent beyond eof - mm/slab: use memzero_explicit() in kzfree() - ocfs2: avoid inode removal while nfsd is accessing it - ocfs2: load global_inode_alloc - ocfs2: fix value of OCFS2_INVALID_SLOT - ocfs2: fix panic on nfs server over ocfs2 - [arm64] perf: Report the PC value in REGS_ABI_32 mode - tracing: Fix event trigger to accept redundant spaces - ring-buffer: Zero out time extend if it is nested and not absolute - drm/radeon: fix fb_div check in ni_init_smc_spll_table() - [x86,arm64] Staging: rtl8723bs: prevent buffer overflow in update_sta_support_rate() - sunrpc: fixed rollback in rpc_gssd_dummy_populate() - SUNRPC: Properly set the @subbuf parameter of xdr_buf_subsegment() - pNFS/flexfiles: Fix list corruption if the mirror count changes - NFSv4 fix CLOSE not waiting for direct IO compeletion - dm writecache: correct uncommitted_block when discarding uncommitted entry - dm writecache: add cond_resched to loop in persistent_memory_claim() - xfs: add agf freeblocks verify in xfs_agf_verify (CVE-2020-12655) - Revert "tty: hvc: Fix data abort due to race in hvc_open" . [ Salvatore Bonaccorso ] * [rt] Add new signing key for Tom Zanussi * nfsd: apply umask on fs without ACL support (Closes: #962254) * [rt] Update to 4.19.120-rt52: - tasklet: Address a race resulting in double-enqueue - hrtimer: fix logic for when grabbing softirq_expiry_lock can be elided * [rt] Update to 4.19.124-rt53 * [rt] Update to 4.19.127-rt55: - fs/dcache: Include swait.h header - mm: slub: Always flush the delayed empty slubs in flush_all() - tasklet: Fix UP case for tasklet CHAINED state * usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect (CVE-2020-15393) . [ Ben Hutchings ] * [rt] Update "net: move xmit_recursion to per-task variable on -RT" to apply on top of "net: place xmit recursion in softnet data" * [rt] Drop "net: Add a mutex around devnet_rename_seq", redundant with "net: Introduce net_rwsem to protect net_namespace_list" * [rt] Drop idle task related parts of "sched: Move mmdrop to RCU on RT", redundant with "sched/core: Fix illegal RCU from offline CPUs" * Bump ABI to 10 . [ YunQiang Su ] * [mips*]: Do not enable MIPS_O32_FP64_SUPPORT, since golang hasn't been migrated to FPXX yet and this breaks the golang packages on Octeon hardware. In turns this disables MSA on 32-bit kernels. . [ Luca Boccassi ] * [cloud] Enable INFINIBAND configs for HyperV/Azure (Closes: #958300) linux (4.19.118-2+deb10u1) buster-security; urgency=high . [ Salvatore Bonaccorso ] * selinux: properly handle multiple messages in selinux_netlink_send() (CVE-2020-10751) * fs/namespace.c: fix mountpoint reference counter race (CVE-2020-12114) * USB: core: Fix free-while-in-use bug in the USB S-Glibrary (CVE-2020-12464) * [x86] KVM: SVM: Fix potential memory leak in svm_cpu_init() (CVE-2020-12768) * scsi: sg: add sg_remove_request in sg_write (CVE-2020-12770) * USB: gadget: fix illegal array access in binding with UDC (CVE-2020-13143) * netlabel: cope with NULL catmap (CVE-2020-10711) * fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() (CVE-2020-10732) * kernel/relay.c: handle alloc_percpu returning NULL in relay_open (CVE-2019-19462) * mm: Fix mremap not considering huge pmd devmap (CVE-2020-10757) * [x86] KVM: nVMX: Always sync GUEST_BNDCFGS when it comes from vmcs01 * KVM: Introduce a new guest mapping API * [arm64] kvm: fix compilation on aarch64 * [s390x] kvm: fix compilation on s390 * [s390x] kvm: fix compile on s390 part 2 * KVM: Properly check if "page" is valid in kvm_vcpu_unmap * [x86] kvm: Introduce kvm_(un)map_gfn() (CVE-2019-3016) * [x86] kvm: Cache gfn to pfn translation (CVE-2019-3016) * [x86] KVM: Make sure KVM_VCPU_FLUSH_TLB flag is not missed (CVE-2019-3016) * [x86] KVM: Clean up host's steal time structure (CVE-2019-3016) * include/uapi/linux/swab.h: fix userspace breakage, use __BITS_PER_LONG for swap (Closes: #960271) . [ Ben Hutchings ] * propagate_one(): mnt_set_mountpoint() needs mount_lock * [x86] Add support for mitigation of Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543): - x86/cpu: Add 'table' argument to cpu_matches() - x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation - x86/speculation: Add SRBDS vulnerability and mitigation documentation - x86/speculation: Add Ivy Bridge to affected list * [x86] speculation: Do not match steppings, to avoid an ABI change linux (4.19.118-2+deb10u1~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports; no further changes required . linux (4.19.118-2+deb10u1) buster-security; urgency=high . [ Salvatore Bonaccorso ] * selinux: properly handle multiple messages in selinux_netlink_send() (CVE-2020-10751) * fs/namespace.c: fix mountpoint reference counter race (CVE-2020-12114) * USB: core: Fix free-while-in-use bug in the USB S-Glibrary (CVE-2020-12464) * [x86] KVM: SVM: Fix potential memory leak in svm_cpu_init() (CVE-2020-12768) * scsi: sg: add sg_remove_request in sg_write (CVE-2020-12770) * USB: gadget: fix illegal array access in binding with UDC (CVE-2020-13143) * netlabel: cope with NULL catmap (CVE-2020-10711) * fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() (CVE-2020-10732) * kernel/relay.c: handle alloc_percpu returning NULL in relay_open (CVE-2019-19462) * mm: Fix mremap not considering huge pmd devmap (CVE-2020-10757) * [x86] KVM: nVMX: Always sync GUEST_BNDCFGS when it comes from vmcs01 * KVM: Introduce a new guest mapping API * [arm64] kvm: fix compilation on aarch64 * [s390x] kvm: fix compilation on s390 * [s390x] kvm: fix compile on s390 part 2 * KVM: Properly check if "page" is valid in kvm_vcpu_unmap * [x86] kvm: Introduce kvm_(un)map_gfn() (CVE-2019-3016) * [x86] kvm: Cache gfn to pfn translation (CVE-2019-3016) * [x86] KVM: Make sure KVM_VCPU_FLUSH_TLB flag is not missed (CVE-2019-3016) * [x86] KVM: Clean up host's steal time structure (CVE-2019-3016) * include/uapi/linux/swab.h: fix userspace breakage, use __BITS_PER_LONG for swap (Closes: #960271) . [ Ben Hutchings ] * propagate_one(): mnt_set_mountpoint() needs mount_lock * [x86] Add support for mitigation of Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543): - x86/cpu: Add 'table' argument to cpu_matches() - x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation - x86/speculation: Add SRBDS vulnerability and mitigation documentation - x86/speculation: Add Ivy Bridge to affected list * [x86] speculation: Do not match steppings, to avoid an ABI change linux-latest (105+deb10u5) buster; urgency=medium . * Update to 4.19.0-10 linux-signed-amd64 (4.19.132+1) buster; urgency=medium . * Sign kernel from linux 4.19.132-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.132 - btrfs: fix a block group ref counter leak after failure to remove block group - mm: fix swap cache node allocation mask - [x86] EDAC/amd64: Read back the scrub rate PCI register on F15h - usbnet: smsc95xx: Fix use-after-free after removal - mm/slub.c: fix corrupted freechain in deactivate_slab() - mm/slub: fix stack overruns with SLUB_STATS - [s390x] debug: avoid kernel warning on too large number of pages - nvme-multipath: set bdi capabilities once - nvme-multipath: fix deadlock between ana_work and scan_work - crypto: af_alg - fix use-after-free in af_alg_accept() due to bh_lock_sock() - [arm64] drm/msm/dpu: fix error return code in dpu_encoder_init - cxgb4: use unaligned conversion for fetching timestamp - cxgb4: parse TC-U32 key values and masks natively - cxgb4: use correct type for all-mask IP address comparison - cxgb4: fix SGE queue dump destination buffer context - [x86] hwmon: (acpi_power_meter) Fix potential memory leak in acpi_power_meter_add() - [arm64,armhf] drm: sun4i: hdmi: Remove extra HPD polling - virtio-blk: free vblk-vqs in error path of virtblk_probe() - SMB3: Honor 'posix' flag for multiuser mounts - nvme: fix a crash in nvme_mpath_add_disk - i2c: algo-pca: Add 0x78 as SCL stuck low status for PCA9665 - Revert "ALSA: usb-audio: Improve frames size computation" - SMB3: Honor 'seal' flag for multiuser mounts - SMB3: Honor persistent/resilient handle flags for multiuser mounts - SMB3: Honor lease disabling for multiuser mounts - cifs: Fix the target file was deleted when rename failed. - [mips*] Add missing EHB in mtc0 -> mfc0 sequence for DSPen - [arm64,armhf] irqchip/gic: Atomically update affinity - dm zoned: assign max_io_len correctly - efi: Make it possible to disable efivar_ssdt entirely . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.132-rt59 * Revert "ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb" (Closes: #964153, #964480) * efi: Restrict efivar_ssdt_load when the kernel is locked down (CVE-2019-20908) * certs: Rotate to use the Debian Secure Boot Signer 2020 certificate * e1000e: Add support for Comet Lake (Closes: #965365) linux-signed-amd64 (4.19.131+2) buster; urgency=medium . * Sign kernel from linux 4.19.131-2 . [ Aurelien Jarno ] * Revert "mips: Add udelay lpj numbers adjustment", since it causes the build to fail with CONFIG_CPU_FREQ=y. linux-signed-amd64 (4.19.131+1) buster; urgency=medium . * Sign kernel from linux 4.19.131-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.119 - ext4: fix extent_status fragmentation for plain files - [arm64] drm/msm: Use the correct dma_sync calls harder - vti4: removed duplicate log message. - [arm64] Add part number for Neoverse N1 - [arm64] errata: Hide CTR_EL0.DIC on systems affected by Neoverse-N1 #1542419 - [arm64] Fake the IminLine size on systems affected by Neoverse-N1 #1542419 - [arm64] compat: Workaround Neoverse-N1 #1542419 for compat user-space - watchdog: reset last_hw_keepalive time at start - scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login - scsi: lpfc: Fix crash in target side cable pulls hitting WAIT_FOR_UNREG - ceph: return ceph_mdsc_do_request() errors from __get_parent() - ceph: don't skip updating wanted caps when cap is stale - scsi: iscsi: Report unbind session event when the target has been removed - [x86] ASoC: Intel: atom: Take the drv->lock mutex before calling sst_send_slot_map() - nvme: fix deadlock caused by ANA update wrong locking - ipc/util.c: sysvipc_find_ipc() should increase position index - [s390x] cio: avoid duplicated 'ADD' uevents - loop: Better discard support for block devices - [powerpc*] Revert "powerpc/64: irq_work avoid interrupt when called with hardware irqs enabled" - [arm*] pwm: bcm2835: Dynamically allocate base - perf/core: Disable page faults when getting phys address - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN MPWIN895CL tablet - xhci: Ensure link state is U3 after setting USB_SS_PORT_LS_U3 - virtio-blk: improve virtqueue error to BLK_STS - scsi: smartpqi: fix call trace in device discovery - PCI/ASPM: Allow re-enabling Clock PM - [x86] KVM: VMX: Zero out *all* general purpose registers after VM-Exit - cxgb4: fix adapter crash due to wrong MC size - cxgb4: fix large delays in PTP synchronization - ipv6: fix restrict IPV6_ADDRFORM operation - macsec: avoid to set wrong mtu - macvlan: fix null dereference in macvlan_device_event() - net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node - [arm64,armhf] net: stmmac: dwmac-meson8b: Add missing boundary to RGMII TX clock array - sched: etf: do not assume all sockets are full blown - tcp: cache line align MAX_TCP_HEADER - team: fix hang in team_mode_get() - vrf: Fix IPv6 with qdisc and xfrm - [armhf] net: dsa: b53: Lookup VID in ARL searches when VLAN is enabled - [armhf] net: dsa: b53: Fix ARL register definitions - [armhf] net: dsa: b53: Rework ARL bin logic - [armhf] net: dsa: b53: b53_arl_rw_op() needs to select IVL or SVL - xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish - vrf: Check skb for XFRM_TRANSFORMED flag - KEYS: Avoid false positive ENOMEM error on key read - ALSA: hda: Remove ASUS ROG Zenith from the blacklist - ALSA: usb-audio: Add static mapping table for ALC1220-VB-based mobos - ALSA: usb-audio: Add connector notifier delegation - [armhf] iio: st_sensors: rely on odr mask to know if odr can be set - USB: sisusbvga: Change port variable from signed to unsigned - USB: Add USB_QUIRK_DELAY_CTRL_MSG and USB_QUIRK_DELAY_INIT for Corsair K70 RGB RAPIDFIRE - USB: early: Handle AMD's spec-compliant identifiers, too - USB: hub: Fix handling of connect changes during sleep - vmalloc: fix remap_vmalloc_range() bounds checks - mm/hugetlb: fix a addressing exception caused by huge_pte_offset - mm/ksm: fix NULL pointer dereference when KSM zero page is enabled - ALSA: hda/realtek - Fix unexpected init_amp override - ALSA: hda/realtek - Add new codec supported for ALC245 - ALSA: usb-audio: Fix usb audio refcnt leak when getting spdif - ALSA: usb-audio: Filter out unsupported sample rates on Focusrite devices - tpm/tpm_tis: Free IRQ if probing fails - [s390x] KVM: Return last valid slot if approx index is out-of-bounds - KVM: Check validity of resolved slot when searching memslots - [x86] KVM: VMX: Enable machine check support for 32bit targets - tty: hvc: fix buffer overflow during hvc_alloc(). - [x86] tty: rocket, avoid OOB access - usb-storage: Add unusual_devs entry for JMicron JMS566 - audit: check the length of userspace generated audit records - ASoC: dapm: fixup dapm kcontrol widget - iwlwifi: pcie: actually release queue memory in TVQM - iwlwifi: mvm: beacon statistics shouldn't go backwards - [armel,armhf] ARM: imx: provide v7_cpu_resume() only on ARM_CPU_SUSPEND=y - [powerpc*] setup_64: Set cache-line-size based on cache-block-size - [i386] staging: comedi: dt2815: fix writing hi byte of analog output - [x86] staging: comedi: Fix comedi_device refcnt leak in comedi_open - vt: don't hardcode the mem allocation upper bound - vt: don't use kmalloc() for the unicode screen buffer - [x86] staging: vt6656: Don't set RCR_MULTICAST or RCR_BROADCAST by default. - [x86] staging: vt6656: Fix calling conditions of vnt_set_bss_mode - [x86] staging: vt6656: Fix drivers TBTT timing counter. - [x86] staging: vt6656: Fix pairwise key entry save. - [x86] staging: vt6656: Power save stop wake_up_count wrap around. - cdc-acm: close race betrween suspend() and acm_softint - cdc-acm: introduce a cool down - UAS: no use logging any details in case of ENODEV - UAS: fix deadlock in error handling and PM flushing work - [arm64,armhf] usb: dwc3: gadget: Fix request completion check - usb: f_fs: Clear OS Extended descriptor counts to zero in ffs_data_reset() - xhci: prevent bus suspend if a roothub port detected a over-current condition - xfs: Fix deadlock between AGI and AGF with RENAME_WHITEOUT https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.120 - mtd: cfi: fix deadloop in cfi_cmdset_0002.c do_write_buffer - [arm*] binder: take read mode of mmap_sem in binder_alloc_free_page() - [arm64,armhf] usb: dwc3: gadget: Do link recovery for SS and SSP - nfsd: memory corruption in nfsd4_lock() - rxrpc: Fix DATA Tx to disable nofrag for UDP on AF_INET6 socket - net/cxgb4: Check the return from t4_query_params properly - xfs: acquire superblock freeze protection on eofblocks scans - svcrdma: Fix trace point use-after-free race - svcrdma: Fix leak of svc_rdma_recv_ctxt objects - PCI: Avoid ASMedia XHCI USB PME# from D0 defect - [s390x] net/mlx5: Fix failing fw tracer allocation on s390 - perf/core: fix parent pid/tid in task exit events - [i386] bpf, x86_32: Fix incorrect encoding in BPF_LDX zero-extension - mm: shmem: disable interrupt when acquiring info->lock in userfaultfd_copy path - xfs: clear PF_MEMALLOC before exiting xfsaild thread - [x86] bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B - [armhf] net: fec: set GPR bit on suspend by DT configuration. - [x86] hyperv: report value of misc_features - xfs: fix partially uninitialized structure in xfs_reflink_remap_extent - ALSA: hda: Keep the controller initialization even if no codecs found - ALSA: hda: Explicitly permit using autosuspend if runtime PM is supported - scsi: target: fix PR IN / READ FULL STATUS for FC - scsi: target: tcmu: reset_ring should reset TCMU_DEV_BIT_BROKEN - xen/xenbus: ensure xenbus_map_ring_valloc() returns proper grant status - ALSA: hda: call runtime_allow() for all hda controllers - [arm64] Delete the space separator in __emit_inst - ext4: use matching invalidatepage in ext4_writepage - ext4: increase wait time needed before reuse of deleted inode numbers - ext4: convert BUG_ON's to WARN_ON's in mballoc.c - hwmon: (jc42) Fix name to have no illegal characters - [i386] bpf, x86_32: Fix clobbering of dst for BPF_JSET - qed: Fix use after free in qed_chain_free - ext4: check for non-zero journal inum in ext4_calculate_overhead https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.121 - drm/edid: Fix off-by-one in DispID DTD pixel clock - drm/qxl: qxl_release leak in qxl_draw_dirty_fb() - drm/qxl: qxl_release leak in qxl_hw_surface_alloc() - drm/qxl: qxl_release use after free - btrfs: fix block group leak when removing fails - ALSA: hda/realtek - Two front mics on a Lenovo ThinkCenter - ALSA: usb-audio: Correct a typo of NuPrime DAC-10 USB ID - ALSA: hda/hdmi: fix without unlocked before return - ALSA: pcm: oss: Place the plugin buffer overflow checks correctly (Closes: #960493) - PM: ACPI: Output correct message on target power state - PM: hibernate: Freeze kernel threads in software_resume() - dm writecache: fix data corruption when reloading the target - dm multipath: use updated MPATHF_QUEUE_IO on mapping for bio-based mpath - scsi: qla2xxx: set UNLOADING before waiting for session deletion - scsi: qla2xxx: check UNLOADING before posting async work - RDMA/mlx5: Set GRH fields in query QP on RoCE - RDMA/mlx4: Initialize ib_spec on the stack - RDMA/core: Prevent mixed use of FDs between shared ufiles - RDMA/core: Fix race between destroy and release FD object - [amd64,arm64] vfio: avoid possible overflow in vfio_iommu_type1_pin_pages - [amd64,arm64] vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() - [arm64] iommu/qcom: Fix local_base status check - scsi: target/iblock: fix WRITE SAME zeroing - [amd64] iommu/amd: Fix legacy interrupt remapping for x2APIC-enabled system - nfs: Fix potential posix_acl refcnt leak in nfs3_set_acl - btrfs: fix partial loss of prealloc extent past i_size after fsync - btrfs: transaction: Avoid deadlock due to bad initialization timing of fs_info::journal_info - mmc: cqhci: Avoid false "cqhci: CQE stuck on" by not open-coding timeout loop - [arm64] mmc: sdhci-xenon: fix annoying 1.8V regulator warning - mmc: sdhci-pci: Fix eMMC driver strength for BYT-based controllers - [arm64] mmc: sdhci-msm: Enable host capabilities pertains to R1b response - [armhf] mmc: meson-mx-sdio: Set MMC_CAP_WAIT_WHILE_BUSY - [armhf] mmc: meson-mx-sdio: remove the broken ->card_busy() op https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.122 - vhost: vsock: kick send_pkt worker once device is started - [powerpc*] pci/of: Parse unassigned resources - [x86] ASoC: topology: Check return value of pcm_new_ver - [armhf] ASoC: sgtl5000: Fix VAG power-on handling - [arm64,armhf] usb: dwc3: gadget: Properly set maxpacket limit - [x86] ASoC: codecs: hdac_hdmi: Fix incorrect use of list_for_each_entry - wimax/i2400m: Fix potential urb refcnt leak - [armhf] net: stmmac: fix enabling socfpga's ptp_ref_clock - [armhf] net: stmmac: Fix sub-second increment - cifs: protect updating server->dstaddr with a spinlock - [s390x] ftrace: fix potential crashes when switching tracers - sctp: Fix SHUTDOWN CTSN Ack in the peer restart case - drm/amdgpu: Fix oops when pp_funcs is unset in ACPI event - lib: devres: add a helper function for ioremap_uc - [x86] mfd: intel-lpss: Use devm_ioremap_uc for MMIO - ALSA: hda: Match both PCI ID and SSID for driver blacklist - [x86] platform: GPD pocket fan: Fix error message when temp-limits are out of range - mac80211: add ieee80211_is_any_nullfunc() - cgroup, netclassid: remove double cond_resched - drm/atomic: Take the atomic toys away from X https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.123 - USB: serial: qcserial: Add DW5816e support - tracing/kprobes: Fix a double initialization typo - vt: fix unicode console freeing with a common interface - fq_codel: fix TCA_FQ_CODEL_DROP_BATCH_SIZE sanity checks - net: macsec: preserve ingress frame ordering - net/mlx4_core: Fix use of ENOSPC around mlx4_counter_alloc() - net_sched: sch_skbprio: add message validation to skbprio_change() - net: usb: qmi_wwan: add support for DW5816e - sch_choke: avoid potential panic in choke_reset() - sch_sfq: validate silly quantum values - tipc: fix partial topology connection closure - bnxt_en: Fix VLAN acceleration handling in bnxt_fix_features(). - net/mlx5: Fix forced completion access non initialized command entry - net/mlx5: Fix command entry leak in Internal Error State - bnxt_en: Improve AER slot reset. - bnxt_en: Fix VF anti-spoof filter setup. - net: stricter validation of untrusted gso packets - HID: wacom: Read HID_DG_CONTACTMAX directly for non-generic devices - sctp: Fix bundling of SHUTDOWN with COOKIE-ACK - HID: usbhid: Fix race between usbhid_close() and usbhid_stop() - USB: uas: add quirk for LaCie 2Big Quadra - USB: serial: garmin_gps: add sanity checking for data length - tracing: Add a vmalloc_sync_mappings() for safe measure - [arm64,armhf] KVM: vgic: Fix limit condition when writing to GICD_I[CS]ACTIVER - [arm64] KVM: Fix 32bit PC wrap-around - [arm64] hugetlb: avoid potential NULL dereference - mm/page_alloc: fix watchdog soft lockups during set_zone_contiguous() - [x86] KVM: VMX: Explicitly reference RCX as the vmx_vcpu pointer in asm blobs - [x86] KVM: VMX: Mark RCX, RDX and RSI as clobbered in vmx_vcpu_run()'s asm blob - batman-adv: fix batadv_nc_random_weight_tq - batman-adv: Fix refcnt leak in batadv_show_throughput_override - batman-adv: Fix refcnt leak in batadv_store_throughput_override - batman-adv: Fix refcnt leak in batadv_v_ogm_process - [amd64] x86/entry/64: Fix unwind hints in register clearing code - [amd64] x86/entry/64: Fix unwind hints in kernel exit path - [amd64] x86/entry/64: Fix unwind hints in rewind_stack_do_exit() - [amd64] x86/unwind/orc: Don't skip the first frame for inactive tasks - [amd64] x86/unwind/orc: Prevent unwinding before ORC initialization - [amd64] x86/unwind/orc: Fix error path for bad ORC entry type - [amd64] x86/unwind/orc: Fix premature unwind stoppage due to IRET frames - netfilter: nat: never update the UDP checksum when it's 0 - netfilter: nf_osf: avoid passing pointer to local var - scripts/decodecode: fix trapping instruction formatting - ipc/mqueue.c: change __do_notify() to bypass check_kill_permission() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.124 - [arm64,armhf] net: dsa: Do not make user port errors fatal - shmem: fix possible deadlocks on shmlock_user_lock - virtio-blk: handle block_device_operations callbacks after hot unplug - mmc: sdhci-acpi: Add SDHCI_QUIRK2_BROKEN_64_BIT_DMA for AMDI0040 - net: fix a potential recursive NETDEV_FEAT_CHANGE - net: phy: fix aneg restart in phy_ethtool_set_eee - pppoe: only process PADT targeted at local interfaces - Revert "ipv6: add mtu lock check in __ip6_rt_update_pmtu" - tcp: fix error recovery in tcp_zerocopy_receive() - virtio_net: fix lockdep warning on 32 bit - [x86,arm64] hinic: fix a bug of ndo_stop - net: ipv4: really enforce backoff for redirects - netprio_cgroup: Fix unlimited memory leak of v2 cgroups - net: tcp: fix rx timestamp behavior for tcp_recvmsg - tcp: fix SO_RCVLOWAT hangs with fat skbs - [i386] dmaengine: pch_dma.c: Avoid data race between probe and irq handler - [x86] cpufreq: intel_pstate: Only mention the BIOS disabling turbo mode once - ALSA: hda/hdmi: fix race in monitor detection during probe - drm/qxl: lost qxl_bo_kunmap_atomic_page in qxl_image_init_helper() - ipc/util.c: sysvipc_find_ipc() incorrectly updates position index - ALSA: hda/realtek - Fix S3 pop noise on Dell Wyse - gfs2: Another gfs2_walk_metadata fix - [x86] pinctrl: baytrail: Enable pin configuration setting for GPIO chip - [x86] pinctrl: cherryview: Add missing spinlock usage in chv_gpio_irq_handler - i40iw: Fix error handling in i40iw_manage_arp_cache() - mmc: core: Check request type before completing the request - mmc: block: Fix request completion in the CQE timeout path - NFS: Fix fscache super_cookie index_key from changing after umount - nfs: fscache: use timespec64 in inode auxdata - NFSv4: Fix fscache cookie aux_data to ensure change_attr is included - [arm64] fix the flush_icache_range arguments in machine_kexec - netfilter: nft_set_rbtree: Introduce and use nft_rbtree_interval_start() - IB/mlx4: Test return value of calls to ib_get_cached_pkey - ALSA: hda/realtek - Limit int mic boost for Thinkpad T530 - ALSA: rawmidi: Fix racy buffer resize under concurrent accesses - ALSA: usb-audio: Add control message quirk delay for Kingston HyperX headset - usb: core: hub: limit HUB_QUIRK_DISABLE_AUTOSUSPEND to USB5534B - [arm64,armhf] usb: host: xhci-plat: keep runtime active when removing host - usb: xhci: Fix NULL pointer dereference when enqueuing trbs from urb sg list - cifs: fix leaked reference on requeued write - exec: Move would_dump into flush_old_exec - [arm64,armhf] clk: rockchip: fix incorrect configuration of rk3228 aclk_gpu* clocks - [arm64,armhf] dwc3: Remove check for HWO flag in dwc3_gadget_ep_reclaim_trb_sg() - Revert "ALSA: hda/realtek: Fix pop noise on ALC225" - clk: Unlink clock if failed to prepare or enable - [arm64] dts: rockchip: Replace RK805 PMIC node name with "pmic" on rk3328 boards - [x86] KVM: Fix off-by-one error in kvm_vcpu_ioctl_x86_setup_mce https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.125 - i2c: dev: Fix the race between the release of i2c_dev and cdev - fix multiplication overflow in copy_fdtable() - ubifs: remove broken lazytime support - [amd64] iommu/amd: Fix over-read of ACPI UID from IVRS table - ubi: Fix seq_file usage in detailed_erase_block_info debugfs file - HID: multitouch: add eGalaxTouch P80H84 support - HID: alps: Add AUI1657 device ID - HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead - scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV - scsi: qla2xxx: Delete all sessions before unregister local nvme port - configfs: fix config_item refcnt leak in configfs_rmdir() - vhost/vsock: fix packet delivery order to monitoring devices - [amd64] aquantia: Fix the media type of AQC100 ethernet controller in the driver - component: Silence bind error on -EPROBE_DEFER - [ppc64el] scsi: ibmvscsi: Fix WARN_ON during event pool release - HID: i2c-hid: reset Synaptics SYNA2393 on resume - [x86] apic: Move TSC deadline timer debug printk - gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() - HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A keyboard-dock - ceph: fix double unlock in handle_cap_export() - [arm64,armhf] stmmac: fix pointer check after utilization in stmmac_interrupt - USB: core: Fix misleading driver bug report - [x86] platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA - padata: Replace delayed timer with immediate workqueue in padata_reorder - padata: initialize pd->cpu with effective cpumask - padata: purge get_cpu and reorder_via_wq from padata_do_serial - ALSA: iec1712: Initialize STDSP24 properly when using the model=staudio option - ALSA: pcm: fix incorrect hw_base increase - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Xtreme - ALSA: hda/realtek - Add more fixup entries for Clevo machines - [armhf] drm/etnaviv: fix perfmon domain interation - apparmor: Fix use-after-free in aa_audit_rule_init - apparmor: fix potential label refcnt leak in aa_change_profile - apparmor: Fix aa_label refcnt leak in policy_update - [arm64] dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()' - [powerpc*] Remove STRICT_KERNEL_RWX incompatibility with RELOCATABLE - [powerpc*] 64s: Disable STRICT_KERNEL_RWX - [amd64,arm64] nfit: Add Hyper-V NVDIMM DSM command set to white list - [x86,arm64] libnvdimm/btt: Remove unnecessary code in btt_freelist_init - [x86,arm64] libnvdimm/btt: Fix LBA masking during 'free list' population - [x86] thunderbolt: Drop duplicated get_switch_at_route() - cxgb4: free mac_hlist properly - cxgb4/cxgb4vf: Fix mac_hlist initialization and free - brcmfmac: abort and release host after error - Revert "gfs2: Don't demote a glock until its revokes are written" - misc: rtsx: Add short delay after exit from ASPM - [x86] mei: release me_cl object reference - rxrpc: Fix a memory leak in rxkad_verify_response() - rxrpc: Trace discarded ACKs - rxrpc: Fix ack discard https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.126 - ax25: fix setsockopt(SO_BINDTODEVICE) - __netif_receive_skb_core: pass skb by reference - net: inet_csk: Fix so_reuseport bind-address cache in tb->fast* - net: ipip: fix wrong address family in init error path - net/mlx5: Add command entry handling completion - net: revert "net: get rid of an signed integer overflow in ip_idents_reserve()" - net sched: fix reporting the first-time use timestamp - r8152: support additional Microsoft Surface Ethernet Adapter variant - sctp: Don't add the shutdown timer if its already been added - sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and socket is closed - net/mlx5e: Update netdev txq on completions during closure - net/mlx5: Annotate mutex destroy for root ns - net: sun: fix missing release regions in cas_init_one(). - net/mlx4_core: fix a memory leak bug. - [armhf] dts: rockchip: fix phy nodename for rk3228-evb - [arm64] dts: rockchip: fix status for &gmac2phy in rk3328-evb.dts - [arm64,armhf] gpio: tegra: mask GPIO IRQs during IRQ shutdown - ALSA: usb-audio: add mapping for ASRock TRX40 Creator - gfs2: move privileged user check to gfs2_quota_lock_check - cachefiles: Fix race between read_waiter and read_copier involving op->to_do - [arm64] usb: dwc3: pci: Enable extcon driver for Intel Merrifield - usb: gadget: legacy: fix redundant initialization warnings - IB/i40iw: Remove bogus call to netdev_master_upper_dev_get() - cifs: Fix null pointer check in cifs_read - Input: usbtouchscreen - add support for BonXeon TP - Input: evdev - call input_flush_device() on release(), not flush() - Input: xpad - add custom init packet for Xbox One S controllers - Input: i8042 - add ThinkPad S230u to i8042 reset list - Input: synaptics-rmi4 - really fix attn_data use-after-free - Input: synaptics-rmi4 - fix error return code in rmi_driver_probe() - [armel,armhf] 8970/1: decompressor: increase tag size - [arm*] 8843/1: use unified assembler in headers - gpio: exar: Fix bad handling for ida_simple_get error path - IB/qib: Call kobject_put() when kobject_init_and_add() fails - [armhf] dts/imx6q-bx50v3: Set display interface clock parents - [armel,armhf] dts: bcm2835-rpi-zero-w: Fix led polarity - mmc: block: Fix use-after-free issue for rpmb - ALSA: hwdep: fix a left shifting 1 by 31 UB bug - ALSA: hda/realtek - Add a model for Thinkpad T570 without DAC workaround - ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC - exec: Always set cap_ambient in cap_bprm_set_creds - ALSA: usb-audio: Quirks for Gigabyte TRX40 Aorus Master onboard audio - ALSA: hda/realtek - Add new codec supported for ALC287 - libceph: ignore pool overlay and cache logic on redirects - IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode - mm: remove VM_BUG_ON(PageSlab()) from page_mapcount() - include/asm-generic/topology.h: guard cpumask_of_node() macro argument - iommu: Fix reference count leak in iommu_group_alloc. - mmc: core: Fix recursive locking issue in CQE recovery path - RDMA/core: Fix double destruction of uobject - mac80211: mesh: fix discovery timer re-arming issue / crash - [x86] dma: Fix max PFN arithmetic overflow on 32 bit systems - [x86] copy_xstate_to_kernel(): don't leave parts of destination uninitialized - xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input - xfrm: call xfrm_output_gso when inner_protocol is set in xfrm_output - xfrm interface: fix oops when deleting a x-netns interface - xfrm: fix a warning in xfrm_policy_insert_list - xfrm: fix a NULL-ptr deref in xfrm_local_error - xfrm: fix error in comment - vti4: eliminated some duplicate code. - ip_vti: receive ipip packet by calling ip_tunnel_rcv - netfilter: nft_reject_bridge: enable reject with bridge vlan - netfilter: ipset: Fix subcounter update skip - netfilter: nfnetlink_cthelper: unbreak userspace helper support - netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code - esp6: get the right proto for transport mode in esp6_gso_encap - bnxt_en: Fix accumulation of bp->net_stats_prev. - xsk: Add overflow check for u64 division, stored into u32 - qlcnic: fix missing release in qlcnic_83xx_interrupt_test. - bonding: Fix reference count leak in bond_sysfs_slave_add. - netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build - mm/vmalloc.c: don't dereference possible NULL pointer in __vunmap() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.127 - Revert "cgroup: Add memory barriers to plug cgroup_rstat_updated() race window" - libnvdimm: Fix endian conversion issues  - HID: sony: Fix for broken buttons on DS3 USB dongles - HID: i2c-hid: add Schneider SCL142ALM to descriptor override - p54usb: add AirVasT USB stick device-id - mmc: fix compilation of user API - scsi: ufs: Release clock if DMA map fails - airo: Fix read overflows sending packets - [x86] drm/i915: fix port checks for MST support on gen >= 11 - [arm64] scsi: hisi_sas: Check sas_port before using it - [powerpc*] powernv: Avoid re-registration of imc debugfs directory - [s390x] ftrace: save traced function caller - drm/edid: Add Oculus Rift S to non-desktop list - [s390x] mm: fix set_huge_pte_at() for empty ptes - null_blk: return error for invalid zone size - [arm64] net: ethernet: stmmac: Enable interface clocks on probe for IPQ806x - [arm64,armhf] net: smsc911x: Fix runtime PM imbalance on error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.128 - devinet: fix memleak in inetdev_init() - l2tp: add sk_family checks to l2tp_validate_socket - l2tp: do not use inet_hash()/inet_unhash() - net: usb: qmi_wwan: add Telit LE910C1-EUX composition - vsock: fix timeout in vsock_accept() - net: check untrusted gso_size at kernel entry - USB: serial: qcserial: add DW5816e QDL support - USB: serial: usb_wwan: do not resubmit rx urb on fatal errors - USB: serial: option: add Telit LE910C1-EUX compositions - [arm64,armhf] usb: musb: start session in resume for host port - [arm64,armhf] usb: musb: Fix runtime PM imbalance on error - vt: keyboard: avoid signed integer overflow in k_ascii (CVE-2020-13974) - tty: hvc_console, fix crashes on parallel open/close - staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK - CDC-ACM: heed quirk also in error handling - [arm64] nvmem: qfprom: remove incorrect write support - uprobes: ensure that uprobe->offset and ->ref_ctr_offset are properly aligned - Revert "net/mlx5: Annotate mutex destroy for root ns" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.129 - ipv6: fix IPV6_ADDRFORM operation logic - net_failover: fixed rollback in net_failover_open() - bridge: Avoid infinite loop when suppressing NS messages with invalid options - vxlan: Avoid infinite loop when suppressing NS messages with invalid options - tun: correct header offsets in napi frags mode - make 'user_access_begin()' do 'access_ok()' (CVE-2018-20669) - [x86] uaccess: Inhibit speculation past access_ok() in user_access_begin() - lib: Reduce user_access_begin() boundaries in strncpy_from_user() and strnlen_user() - btrfs: merge btrfs_find_device and find_device (CVE-2019-18885) - btrfs: Detect unbalanced tree with empty leaf before crashing btree operations - [armel,armhf] 8977/1: ptrace: Fix mask for thumb breakpoint hook - sched/fair: Don't NUMA balance for kthreads - Input: synaptics - add a second working PNP_ID for Lenovo T470s - [powerpc*] xive: Clear the page tables for the ESB IO mapping - ath9k_htc: Silence undersized packet warnings - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated - [x86] cpu/amd: Make erratum #1054 a legacy erratum - perf probe: Accept the instance number of kretprobe event - mm: add kvfree_sensitive() for freeing sensitive data objects - aio: fix async fsync creds - btrfs: tree-checker: Check level for leaves and nodes - [x86] Fix jiffies ODR violation - [x86] PCI: Mark Intel C620 MROMs as having non-compliant BARs - [x86] speculation: Prevent rogue cross-process SSBD shutdown (CVE-2020-10766) - [x86] reboot/quirks: Add MacBook6,1 reboot quirk - efi/efivars: Add missing kobject_put() in sysfs entry creation error path - [i386] ALSA: es1688: Add the missed snd_card_free() - ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines - ALSA: usb-audio: Fix inconsistent card PM state after resume - ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt Dock - [arm64,x86] ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile() - [amd64,arm64] ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe() - [arm64] ACPI: GED: add support for _Exx / _Lxx handler methods - [arm64,x86] ACPI: PM: Avoid using power resources if there are none for D0 - cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages - nilfs2: fix null pointer dereference at nilfs_segctor_do_construct() - [arm*] spi: bcm2835aux: Fix controller unregister order - PM: runtime: clk: Fix clk_pm_runtime_get() error path - [arm64] crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated - ALSA: pcm: disallow linking stream to itself - [x86] {mce,mm}: Unmap the entire page if the whole page is affected and poisoned - [x86] KVM: Fix APIC page invalidation race - [x86] kvm: Fix L1TF mitigation for shadow MMU - [x86] KVM: x86/mmu: Consolidate "is MMIO SPTE" code - [x86] KVM: only do L1TF workaround on affected processors - [x86] speculation: Change misspelled STIPB to STIBP - [x86] speculation: Add support for STIBP always-on preferred mode - [x86] speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS. (CVE-2020-10767) - [x86] speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches. (CVE-2020-10768) - spi: No need to assign dummy value in spi_unregister_controller() - spi: Fix controller unregister order - [amd64] spi: pxa2xx: Fix controller unregister order - [arm*] spi: bcm2835: Fix controller unregister order - [amd64] spi: pxa2xx: Balance runtime PM enable/disable on error - [amd64] spi: pxa2xx: Fix runtime PM ref imbalance on probe error - crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req() - crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() - crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() - ovl: initialize error in ovl_copy_xattr - proc: Use new_inode not new_inode_pseudo - [x86] KVM: nSVM: fix condition for filtering async PF - [x86] KVM: nSVM: leave ASID aside in copy_vmcb_control_area - [x86] KVM: nVMX: Consult only the "basic" exit reason when routing nested exit - [arm64] KVM: Make vcpu_cp1x() work on Big Endian hosts - scsi: megaraid_sas: TM command refire leads to controller firmware crash - ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx - ath9k: Fix use-after-free Write in ath9k_htc_rx_msg - ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb - mm/slub: fix a memory leak in sysfs_slab_add() - fat: don't allow to mount if the FAT length == 0 - perf: Add cond_resched() to task_function_call() - [x86] agp/intel: Reinforce the barrier after GTT updates - [arm64] mmc: sdhci-msm: Clear tuning done flag while hs400 tuning - mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card() - xen/pvcalls-back: test for errors when calling backend_connect() - [arm64] KVM: Synchronize sysreg state on injecting an AArch32 exception - [arm64] ACPI: GED: use correct trigger type field in _Exx / _Lxx handling - [arm64] drm: bridge: adv7511: Extend list of audio sample rates - [x86] crypto: ccp -- don't "select" CONFIG_DMADEVICES - media: si2157: Better check for running tuner in init - [amd64] spi: pxa2xx: Apply CS clk quirk to BXT - [amd64] net: atlantic: make hw_get_regs optional - net: ena: fix error returning in ena_com_get_hash_function() - [arm64] insn: Fix two bugs in encoding 32-bit logical immediates - ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K - Bluetooth: Add SCO fallback for invalid LMP parameters error - [armhf] clocksource: dw_apb_timer: Make CPU-affiliation being optional - [armhf] clocksource: dw_apb_timer_of: Fix missing clockevent timers - btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums - batman-adv: Revert "disable ethtool link speed detection when auto negotiation off" - [armhf] mmc: meson-mx-sdio: trigger a soft reset after a timeout or CRC error - [x86] kvm/hyper-v: Explicitly align hcall param for kvm_hyperv_exit - [x86] net: vmxnet3: fix possible buffer overflow caused by bad DMA value in vmxnet3_get_rss() - brcmfmac: fix wrong location to get firmware feature - e1000: Distribute switch variables for initialization - dt-bindings: display: mediatek: control dpi pins mode to avoid leakage - audit: fix a net reference leak in audit_send_reply() - media: dvb: return -EREMOTEIO on i2c transfer failure. - [mips*] Make sparse_init() using top-down allocation - Bluetooth: btbcm: Add 2 missing models to subver tables - audit: fix a net reference leak in audit_list_rules_send() - netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported - exit: Move preemption fixup up, move blocking operations down - sched/core: Fix illegal RCU from offline CPUs - drivers/perf: hisi: Fix typo in events attribute array - [armhf] net: allwinner: Fix use correct return type for ndo_start_xmit() - xfs: clean up the error handling in xfs_swap_extents - Crypto/chcr: fix for ccm(aes) failed test - [mips*] cm: Fix an invalid error code of INTVN_*_ERR - xfs: reset buffer write failure state on successful completion - xfs: fix duplicate verification from xfs_qm_dqflush() - [x86] platform/x86: intel-vbtn: Use acpi_evaluate_integer() - [x86] platform/x86: intel-vbtn: Split keymap into buttons and switches parts - [x86] platform/x86: intel-vbtn: Do not advertise switches to userspace if they are not there - [x86] platform/x86: intel-vbtn: Also handle tablet-mode switch on "Detachable" and "Portable" chassis-types - nvme: refine the Qemu Identify CNS quirk - ath10k: Remove msdu from idr when management pkt send fails - [arm64] wcn36xx: Fix error handling path in 'wcn36xx_probe()' - net: qed*: Reduce RX and TX default ring count when running inside kdump kernel - mt76: avoid rx reorder buffer overflow - md: don't flush workqueue unconditionally in md_open - veth: Adjust hard_start offset on redirect XDP frames - net/mlx5e: IPoIB, Drop multicast packets that this interface sent - rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup() - mwifiex: Fix memory corruption in dump_station - [x86] boot: Correct relocation destination on old linkers - [x86] mm: Stop printing BRK addresses - btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a new qgroup - macvlan: Skip loopback packets in RX handler - PCI: Don't disable decoding when mmio_always_on is set - [mips*] Fix IRQ tracing when call handle_fpe() and handle_msa_fpe() - bcache: fix refcount underflow in bcache_device_free() - [arm64] mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk - mmc: via-sdmmc: Respect the cmd->busy_timeout from the mmc core - ixgbe: fix signed-integer-overflow warning - [armhf] mmc: sdhci-esdhc-imx: fix the mask for tuning start point - cpuidle: Fix three reference count leaks - [x86] platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32() - [x86] platform/x86: intel-hid: Add a quirk to support HP Spectre X2 (2015) - [x86] platform/x86: intel-vbtn: Only blacklist SW_TABLET_MODE on the 9 / "Laptop" chasis-type - btrfs: include non-missing as a qualifier for the latest_bdev - btrfs: send: emit file capabilities after chown - mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked() - mm: initialize deferred pages with interrupts enabled - ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max - ext4: fix error pointer dereference - ext4: fix race between ext4_sync_parent() and rename() - PCI: Avoid Pericom USB controller OHCI/EHCI PME# defect - PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0 - PCI: Avoid FLR for AMD Starship USB 3.0 - PCI: Add ACS quirk for iProc PAXB - PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints - PCI: Remove unused NFP32xx IDs - [x86] hwmon/k10temp, x86/amd_nb: Consolidate shared device IDs - [x86] amd_nb: Add PCI device IDs for family 17h, model 30h - PCI: add USR vendor id and use it in r8169 and w6692 driver - PCI: Move Synopsys HAPS platform device IDs - PCI: Move Rohm Vendor ID to generic list - misc: pci_endpoint_test: Add the layerscape EP device support - misc: pci_endpoint_test: Add support to test PCI EP in AM654x - PCI: Add Synopsys endpoint EDDA Device ID - PCI: Add NVIDIA GPU multi-function power dependencies - PCI: Enable NVIDIA HDA controllers - [x86] amd_nb: Add PCI device IDs for family 17h, model 70h - ALSA: lx6464es - add support for LX6464ESe pci express variant - PCI: Add Genesys Logic, Inc. Vendor ID - PCI: Add Amazon's Annapurna Labs vendor ID - PCI: vmd: Add device id for VMD device 8086:9A0B - [x86] amd_nb: Add Family 19h PCI IDs - PCI: Add Loongson vendor ID - serial: 8250_pci: Move Pericom IDs to pci_ids.h - PCI: Make ACS quirk implementations more uniform - PCI: Unify ACS quirk desired vs provided checking - PCI: Generalize multi-function power dependency device links - btrfs: fix error handling when submitting direct I/O bio - btrfs: fix wrong file range cleanup after an error filling dealloc range - PCI: Program MPS for RCiEP devices - e1000e: Disable TSO for buffer overrun workaround - e1000e: Relax condition to trigger reset for ME workaround - carl9170: remove P2P_GO support - media: go7007: fix a miss of snd_card_free (CVE-2019-20810) - Bluetooth: hci_bcm: fix freeing not-requested IRQ - b43legacy: Fix case where channel status is corrupted - b43: Fix connection problem with WPA3 - b43_legacy: Fix connection problem with WPA3 - igb: Report speed and duplex as unknown when device is runtime suspended - [arm64,armhf] power: vexpress: add suppress_bind_attrs to true - [armhf] pinctrl: samsung: Correct setting of eint wakeup mask on s5pv210 - [armhf] pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs - gnss: sirf: fix error return code in sirf_probe() - dm crypt: avoid truncating the logical block size - kernel/cpu_pm: Fix uninitted local in cpu_pm - [armhf] tegra: Correct PL310 Auxiliary Control Register initialization - [powerpc*] 64s: Don't let DT CPU features set FSCR_DSCR - [powerpc*] 64s: Save FSCR to init_task.thread.fscr after feature init - sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate registrations. - sunrpc: clean up properly in gss_mech_unregister() - [armhf] w1: omap-hdq: cleanup to add missing newline for some dev_dbg - perf probe: Do not show the skipped events - perf probe: Fix to check blacklist address correctly - perf probe: Check address correctness by map instead of _etext - perf symbols: Fix debuginfo search for Ubuntu https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.130 - [arm64,armhf] clk: sunxi: Fix incorrect usage of round_down() - [arm64,armhf] ASoC: tegra: tegra_wm8903: Support nvidia, headset property - i2c: piix4: Detect secondary SMBus controller on AMD AM4 chipsets - [x86] iio: pressure: bmp280: Tolerate IRQ before registering - [arm64] clk: qcom: msm8916: Fix the address location of pll->config_reg - [arm64] backlight: lp855x: Ensure regulators are disabled on probe failure - [armhf] ASoC: davinci-mcasp: Fix dma_chan refcnt leak when getting dma type - [armel] integrator: Add some Kconfig selections - scsi: qedi: Check for buffer overflow in qedi_set_path() - ALSA: hda/realtek - Introduce polarity for micmute LED GPIO - [i386] ALSA: isa/wavefront: prevent out of bounds write in ioctl - PCI: Allow pci_resize_resource() for devices on root bus - scsi: qla2xxx: Fix issue with adapter's stopping state - [x86] iio: bmp280: fix compensation of humidity - f2fs: report delalloc reserve as non-free in statfs for project quota - [x86] i2c: pxa: clear all master action bits in i2c_pxa_stop_message() - [armhf] clk: samsung: Mark top ISP and CAM clocks on Exynos542x as critical - usblp: poison URBs upon disconnect - serial: 8250: Fix max baud limit in generic 8250 port - dm mpath: switch paths in dm_blk_ioctl() code path - [arm64] PCI: aardvark: Don't blindly enable ASPM L0s and don't write to read-only register - vfio/pci: fix memory leaks in alloc_perm_bits() - RDMA/mlx5: Add init2init as a modify command - scsi: lpfc: Fix lpfc_nodelist leak when processing unsolicited event - [powerpc*] perf/hv-24x7: Fix inconsistent output values incase multiple hv-24x7 events run - nfsd: Fix svc_xprt refcnt leak when setup callback client failed - [amd64] PCI: vmd: Filter resource type bits from shadow register - [powerpc*] crashkernel: Take "mem=" option into account - yam: fix possible memory leak in yam_init_driver - apparmor: fix introspection of of task mode for unconfined tasks - apparmor: check/put label on apparmor_sk_clone_security() - scsi: sr: Fix sr_probe() missing deallocate of device minor - [powerpc*] scsi: ibmvscsi: Don't send host info in adapter info MAD after LPM - apparmor: fix nnp subset test for unconfined - [x86] purgatory: Disable various profiling and sanitizing options - scsi: qedi: Do not flush offload work if ARP not resolved - [armhf] dts: sun8i-h2-plus-bananapi-m2-zero: Fix led polarity - scsi: qedf: Fix crash when MFW calls for protocol stats while function is still probing - [arm64] firmware: qcom_scm: fix bogous abuse of dma-direct internals - ALSA: usb-audio: Improve frames size computation - ALSA: usb-audio: Fix racy list management in output queue - [s390x] qdio: put thinint indicator after early error - tty: hvc: Fix data abort due to race in hvc_open - [armhf] thermal/drivers/ti-soc-thermal: Avoid dereferencing ERR_PTR - [arm64,armhf] usb: dwc3: gadget: Properly handle failed kick_transfer - [mips64el,mipsel] staging: sm750fb: add missing case while setting FB_VISUAL - [arm64,i386] i2c: pxa: fix i2c_pxa_scream_blue_murder() debug output - [arm*] serial: amba-pl011: Make sure we initialize the port.lock spinlock - drivers: base: Fix NULL pointer exception in __platform_driver_probe() if a driver developer is foolish - PCI/ASPM: Allow ASPM on links to PCIe-to-PCI/PCI-X Bridges - scsi: qla2xxx: Fix warning after FC target reset - scsi: mpt3sas: Fix double free warnings - [arm64,armhf] pinctrl: rockchip: fix memleak in rockchip_dt_node_to_map - [armhf] clk: ti: composite: fix memory leak - PCI: Fix pci_register_host_bridge() device_register() error handling - [powerpc*] Don't initialise init_task->thread.regs - tty: n_gsm: Fix SOF skipping - tty: n_gsm: Fix waking up upper tty layer when room available - HID: Add quirks for Trust Panora Graphic Tablet - ipmi: use vzalloc instead of kmalloc for user creation - [powerpc*] pseries/ras: Fix FWNMI_VALID off by one - vfio-pci: Mask cap zero - usb/ohci-platform: Fix a warning when hibernating - [arm64] drm/msm/mdp5: Fix mdp5_init error path for failed mdp5_kms allocation - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT8-A tablet - [armhf] USB: host: ehci-mxc: Add error handling in ehci_mxc_drv_probe() - tty: n_gsm: Fix bogus i++ in gsm_data_kick - scsi: target: tcmu: Userspace must not complete queued commands - [powerpc*] 64s/pgtable: fix an undefined behaviour - dm zoned: return NULL if dmz_get_zone_for_reclaim() fails to find a zone - PCI/PTM: Inherit Switch Downstream Port PTM settings from Upstream Port - [arm64,armhf] PCI: dwc: Fix inner MSI IRQ domain registration - IB/cma: Fix ports memory leak in cma_configfs - [arm*] usb: dwc2: gadget: move gadget resume after the core is in L0 state - usb: gadget: Fix issue with config_ep_by_speed function - RDMA/iw_cxgb4: cleanup device debugfs entries on ULD remove - [x86] apic: Make TSC deadline timer detection message visible - scsi: target: tcmu: Fix a use after free in tcmu_check_expired_queue_cmd() - [arm*] clk: bcm2835: Fix return type of bcm2835_register_gate - [ppc64el] KVM: Book3S HV: Ignore kmemleak false positives - net: sunrpc: Fix off-by-one issues in 'rpc_ntop6' - NFSv4.1 fix rpc_call_done assignment for BIND_CONN_TO_SESSION - of: Fix a refcounting bug in __of_attach_node_sysfs() - rxrpc: Adjust /proc/net/rxrpc/calls to display call->debug_id not user_ID - gfs2: Allow lock_nolock mount to specify jid=X - scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj - scsi: ufs: Don't update urgent bkops level when toggling auto bkops - [armhf] pinctrl: freescale: imx: Fix an error handling path in 'imx_pinctrl_probe()' - geneve: change from tx_error to tx_dropped on missing metadata - lib/zlib: remove outdated and incorrect pre-increment optimization - blktrace: use errno instead of bi_status - blktrace: fix endianness in get_pdu_int() - blktrace: fix endianness for blk_log_remap() - gfs2: fix use-after-free on transaction ail lists - drivers/perf: hisi: Fix wrong value for all counters enable - afs: Fix memory leak in afs_put_sysnames() - ASoC: core: only convert non DPCM link to DPCM link - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT10-A tablet - ASoC: rt5645: Add platform-data for Asus T101HA - [arm64,armhf] drm/sun4i: hdmi ddc clk: Fix size of m divider - [x86] idt: Keep spurious entries unset in system_vectors - net/filter: Permit reading NET in load_bytes_relative when MAC not set - xdp: Fix xsk_generic_xmit errno - [arm64,armhf] usb/xhci-plat: Set PM runtime as active on resume - usb: host: ehci-platform: add a quirk to avoid stuck - usb/ehci-platform: Set PM runtime as active on resume - perf report: Fix NULL pointer dereference in hists__fprintf_nr_sample_events() - ext4: stop overwrite the errcode in ext4_setup_super - bcache: fix potential deadlock problem in btree_gc_coalesce (CVE-2020-12771) - afs: Fix non-setting of mtime when writing into mmap - afs: afs_write_end() should change i_size under the right lock - block: Fix use-after-free in blkdev_get() - [arm64] hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints - libata: Use per port sync for detach - drm: encoder_slave: fix refcouting error for modules - drm/dp_mst: Reformat drm_dp_check_act_status() a bit - drm/qxl: Use correct notify port address when creating cursor ring - selinux: fix double free - ext4: fix partial cluster initialization when splitting extent - ext4: avoid race conditions when remounting with options that change dax - drm/dp_mst: Increase ACT retry timeout to 3s - block: nr_sects_write(): Disable preemption on seqcount write - mtd: rawnand: Pass a nand_chip object to nand_scan() - mtd: rawnand: Pass a nand_chip object to nand_release() - mtd: rawnand: diskonchip: Fix the probe error path - [armel,armhf] mtd: rawnand: orion: Fix the probe error path - [s390x] fix syscall_get_error for compat processes - [x86] drm/i915: Whitelist context-local timestamp in the gen9 cmdparser - [x86] drm/i915/icl+: Fix hotplug interrupt disabling after storm detection - crypto: algif_skcipher - Cap recv SG list at ctx->used - crypto: algboss - don't wait during notifier callback - kprobes: Fix to protect kick_kprobe_optimizer() by kprobe_mutex - e1000e: Do not wake up the system via WOL if device wakeup is disabled - [mips*] net: octeon: mgmt: Repair filling of RX ring - kretprobe: Prevent triggering kretprobe from within kprobe_flush_task - sched/rt, net: Use CONFIG_PREEMPTION.patch - net: core: device_rename: Use rwsem instead of a seqcount - md: add feature flag MD_FEATURE_RAID0_LAYOUT - [x86] kvm: Move kvm_set_mmio_spte_mask() from x86.c to mmu.c - [x86] kvm: Fix reserved bits related calculation errors caused by MKTME - [x86] KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.131 - net: be more gentle about silly gso requests coming from user - block/bio-integrity: don't free 'buf' if bio_integrity_add_page() failed - fanotify: fix ignore mask logic for events on child and on dir - [armhf] mtd: rawnand: marvell: Fix the condition on a return code - net: sched: export __netdev_watchdog_up() - [x86] EDAC/amd64: Add Family 17h Model 30h PCI IDs - [arm64,armhf] i2c: tegra: Cleanup kerneldoc comments - [arm64,armhf] i2c: tegra: Add missing kerneldoc for some fields - [arm64,armhf] i2c: tegra: Fix Maximum transfer size - ALSA: hda/realtek - Enable the headset of ASUS B9450FA with ALC294 - ALSA: hda/realtek: Enable mute LED on an HP system - ALSA: hda/realtek - Enable micmute LED on and HP system - apparmor: don't try to replace stale label in ptraceme check (Closes: #963493) - [ppc64el] ibmveth: Fix max MTU limit - mld: fix memory leak in ipv6_mc_destroy_dev() - net: bridge: enfore alignment for ethernet address - net: fix memleak in register_netdevice() - net: place xmit recursion in softnet data - net: use correct this_cpu primitive in dev_recursion_level - net: increment xmit_recursion level in dev_direct_xmit() - net: usb: ax88179_178a: fix packet alignment padding - rxrpc: Fix notification call on completion of discarded calls - sctp: Don't advertise IPv4 addresses if ipv6only is set on the socket - tcp: don't ignore ECN CWR on pure ACK - tcp: grow window for OOO packets only for SACK flows - tg3: driver sleeps indefinitely when EEH errors exceed eeh_max_freezes - ip6_gre: fix use-after-free in ip6gre_tunnel_lookup() - net: phy: Check harder for errors in get_phy_id() - ip_tunnel: fix use-after-free in ip_tunnel_lookup() - sch_cake: don't try to reallocate or unshare skb unconditionally - sch_cake: fix a few style nits - tcp_cubic: fix spurious HYSTART_DELAY exit upon drop in min RTT - sch_cake: don't call diffserv parsing code when it is not needed - net: Fix the arp error in some cases - net: Do not clear the sock TX queue in sk_set_socket() - net: core: reduce recursion limit value - [arm*] usb: dwc2: Postponed gadget registration to the udc class driver - usb: add USB_QUIRK_DELAY_INIT for Logitech C922 - USB: ehci: reopen solution for Synopsys HC bug - xhci: Poll for U0 after disabling USB2 LPM - [armhf] usb: host: ehci-exynos: Fix error check in exynos_ehci_probe() - ALSA: usb-audio: add quirk for Denon DCD-1500RE - ALSA: usb-audio: add quirk for Samsung USBC Headset (AKG) - ALSA: usb-audio: Fix OOB access of mixer element list - [s390x] scsi: zfcp: Fix panic on ERP timeout for previously dismissed ERP action - xhci: Fix incorrect EP_STATE_MASK - xhci: Fix enumeration issue when setting max packet size for FS devices. - xhci: Return if xHCI doesn't support LPM - cdc-acm: Add DISABLE_ECHO quirk for Microchip/SMSC chip - loop: replace kill_bdev with invalidate_bdev - IB/mad: Fix use after free when destroying MAD agent - cifs/smb3: Fix data inconsistent when punch hole - cifs/smb3: Fix data inconsistent when zero file range - xfrm: Fix double ESP trailer insertion in IPsec crypto offload. - efi/esrt: Fix reference count leak in esre_create_sysfs_entry. - [armhf] regualtor: pfuze100: correct sw1a/sw2 on pfuze3000 - [armhf] ASoC: fsl_ssi: Fix bclk calculation for mono channel - [armhf] dts: Fix duovero smsc interrupt for suspend - regmap: Fix memory leak from regmap_register_patch - rxrpc: Fix handling of rwind from an ACK packet - RDMA/qedr: Fix KASAN: use-after-free in ucma_event_handler+0x532 - RDMA/cma: Protect bind_list and listen_list while finding matching cm id - RDMA/mad: Fix possible memory leak in ib_mad_post_receive_mads() - net: qed: fix left elements count calculation - net: qed: fix NVMe login fails over VFs - net: qed: fix excessive QM ILT lines consumption - cxgb4: move handling L2T ARP failures to caller - [armhf] imx5: add missing put_device() call in imx_suspend_alloc_ocram() - netfilter: ipset: fix unaligned atomic access - i2c: core: check returned size of emulated smbus block read - sched/deadline: Initialize ->dl_boosted - sched/core: Fix PI boosting between RT and DEADLINE tasks - ata/libata: Fix usage of page address by page_address in ata_scsi_mode_select_xlat function - net: alx: fix race condition in alx_remove - [s390x] ptrace: fix setting syscall number - [s390x] vdso: fix vDSO clock_getres() - kbuild: improve cc-option to clean up all temporary files - blktrace: break out of blktrace setup on concurrent calls - ALSA: hda: Add NVIDIA codec IDs 9a & 9d through a0 to patch table - ALSA: hda/realtek - Add quirk for MSI GE63 laptop - [x86,arm64] ACPI: sysfs: Fix pm_profile_attr type - [x86] KVM: Fix MSR range of APIC registers in X2APIC mode - [x86] KVM: nVMX: Plumb L2 GPA through to PML emulation - [amd64] x86/asm/64: Align start of __clear_user() loop to 16-bytes - btrfs: fix data block group relocation failure due to concurrent scrub - btrfs: fix failure of RWF_NOWAIT write into prealloc extent beyond eof - mm/slab: use memzero_explicit() in kzfree() - ocfs2: avoid inode removal while nfsd is accessing it - ocfs2: load global_inode_alloc - ocfs2: fix value of OCFS2_INVALID_SLOT - ocfs2: fix panic on nfs server over ocfs2 - [arm64] perf: Report the PC value in REGS_ABI_32 mode - tracing: Fix event trigger to accept redundant spaces - ring-buffer: Zero out time extend if it is nested and not absolute - drm/radeon: fix fb_div check in ni_init_smc_spll_table() - [x86,arm64] Staging: rtl8723bs: prevent buffer overflow in update_sta_support_rate() - sunrpc: fixed rollback in rpc_gssd_dummy_populate() - SUNRPC: Properly set the @subbuf parameter of xdr_buf_subsegment() - pNFS/flexfiles: Fix list corruption if the mirror count changes - NFSv4 fix CLOSE not waiting for direct IO compeletion - dm writecache: correct uncommitted_block when discarding uncommitted entry - dm writecache: add cond_resched to loop in persistent_memory_claim() - xfs: add agf freeblocks verify in xfs_agf_verify (CVE-2020-12655) - Revert "tty: hvc: Fix data abort due to race in hvc_open" . [ Salvatore Bonaccorso ] * [rt] Add new signing key for Tom Zanussi * nfsd: apply umask on fs without ACL support (Closes: #962254) * [rt] Update to 4.19.120-rt52: - tasklet: Address a race resulting in double-enqueue - hrtimer: fix logic for when grabbing softirq_expiry_lock can be elided * [rt] Update to 4.19.124-rt53 * [rt] Update to 4.19.127-rt55: - fs/dcache: Include swait.h header - mm: slub: Always flush the delayed empty slubs in flush_all() - tasklet: Fix UP case for tasklet CHAINED state * usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect (CVE-2020-15393) . [ Ben Hutchings ] * [rt] Update "net: move xmit_recursion to per-task variable on -RT" to apply on top of "net: place xmit recursion in softnet data" * [rt] Drop "net: Add a mutex around devnet_rename_seq", redundant with "net: Introduce net_rwsem to protect net_namespace_list" * [rt] Drop idle task related parts of "sched: Move mmdrop to RCU on RT", redundant with "sched/core: Fix illegal RCU from offline CPUs" * Bump ABI to 10 . [ YunQiang Su ] * [mips*]: Do not enable MIPS_O32_FP64_SUPPORT, since golang hasn't been migrated to FPXX yet and this breaks the golang packages on Octeon hardware. In turns this disables MSA on 32-bit kernels. . [ Luca Boccassi ] * [cloud] Enable INFINIBAND configs for HyperV/Azure (Closes: #958300) linux-signed-amd64 (4.19.118+2+deb10u1) buster-security; urgency=high . * Sign kernel from linux 4.19.118-2+deb10u1 . [ Salvatore Bonaccorso ] * selinux: properly handle multiple messages in selinux_netlink_send() (CVE-2020-10751) * fs/namespace.c: fix mountpoint reference counter race (CVE-2020-12114) * USB: core: Fix free-while-in-use bug in the USB S-Glibrary (CVE-2020-12464) * [x86] KVM: SVM: Fix potential memory leak in svm_cpu_init() (CVE-2020-12768) * scsi: sg: add sg_remove_request in sg_write (CVE-2020-12770) * USB: gadget: fix illegal array access in binding with UDC (CVE-2020-13143) * netlabel: cope with NULL catmap (CVE-2020-10711) * fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() (CVE-2020-10732) * kernel/relay.c: handle alloc_percpu returning NULL in relay_open (CVE-2019-19462) * mm: Fix mremap not considering huge pmd devmap (CVE-2020-10757) * [x86] KVM: nVMX: Always sync GUEST_BNDCFGS when it comes from vmcs01 * KVM: Introduce a new guest mapping API * [arm64] kvm: fix compilation on aarch64 * [s390x] kvm: fix compilation on s390 * [s390x] kvm: fix compile on s390 part 2 * KVM: Properly check if "page" is valid in kvm_vcpu_unmap * [x86] kvm: Introduce kvm_(un)map_gfn() (CVE-2019-3016) * [x86] kvm: Cache gfn to pfn translation (CVE-2019-3016) * [x86] KVM: Make sure KVM_VCPU_FLUSH_TLB flag is not missed (CVE-2019-3016) * [x86] KVM: Clean up host's steal time structure (CVE-2019-3016) * include/uapi/linux/swab.h: fix userspace breakage, use __BITS_PER_LONG for swap (Closes: #960271) . [ Ben Hutchings ] * propagate_one(): mnt_set_mountpoint() needs mount_lock * [x86] Add support for mitigation of Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543): - x86/cpu: Add 'table' argument to cpu_matches() - x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation - x86/speculation: Add SRBDS vulnerability and mitigation documentation - x86/speculation: Add Ivy Bridge to affected list * [x86] speculation: Do not match steppings, to avoid an ABI change linux-signed-amd64 (4.19.118+2+deb10u1~bpo9+1) stretch-backports; urgency=medium . * Sign kernel from linux 4.19.118-2+deb10u1~bpo9+1 . * Rebuild for stretch-backports; no further changes required linux-signed-arm64 (4.19.132+1) buster; urgency=medium . * Sign kernel from linux 4.19.132-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.132 - btrfs: fix a block group ref counter leak after failure to remove block group - mm: fix swap cache node allocation mask - [x86] EDAC/amd64: Read back the scrub rate PCI register on F15h - usbnet: smsc95xx: Fix use-after-free after removal - mm/slub.c: fix corrupted freechain in deactivate_slab() - mm/slub: fix stack overruns with SLUB_STATS - [s390x] debug: avoid kernel warning on too large number of pages - nvme-multipath: set bdi capabilities once - nvme-multipath: fix deadlock between ana_work and scan_work - crypto: af_alg - fix use-after-free in af_alg_accept() due to bh_lock_sock() - [arm64] drm/msm/dpu: fix error return code in dpu_encoder_init - cxgb4: use unaligned conversion for fetching timestamp - cxgb4: parse TC-U32 key values and masks natively - cxgb4: use correct type for all-mask IP address comparison - cxgb4: fix SGE queue dump destination buffer context - [x86] hwmon: (acpi_power_meter) Fix potential memory leak in acpi_power_meter_add() - [arm64,armhf] drm: sun4i: hdmi: Remove extra HPD polling - virtio-blk: free vblk-vqs in error path of virtblk_probe() - SMB3: Honor 'posix' flag for multiuser mounts - nvme: fix a crash in nvme_mpath_add_disk - i2c: algo-pca: Add 0x78 as SCL stuck low status for PCA9665 - Revert "ALSA: usb-audio: Improve frames size computation" - SMB3: Honor 'seal' flag for multiuser mounts - SMB3: Honor persistent/resilient handle flags for multiuser mounts - SMB3: Honor lease disabling for multiuser mounts - cifs: Fix the target file was deleted when rename failed. - [mips*] Add missing EHB in mtc0 -> mfc0 sequence for DSPen - [arm64,armhf] irqchip/gic: Atomically update affinity - dm zoned: assign max_io_len correctly - efi: Make it possible to disable efivar_ssdt entirely . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.132-rt59 * Revert "ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb" (Closes: #964153, #964480) * efi: Restrict efivar_ssdt_load when the kernel is locked down (CVE-2019-20908) * certs: Rotate to use the Debian Secure Boot Signer 2020 certificate * e1000e: Add support for Comet Lake (Closes: #965365) linux-signed-arm64 (4.19.131+2) buster; urgency=medium . * Sign kernel from linux 4.19.131-2 . [ Aurelien Jarno ] * Revert "mips: Add udelay lpj numbers adjustment", since it causes the build to fail with CONFIG_CPU_FREQ=y. linux-signed-arm64 (4.19.131+1) buster; urgency=medium . * Sign kernel from linux 4.19.131-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.119 - ext4: fix extent_status fragmentation for plain files - [arm64] drm/msm: Use the correct dma_sync calls harder - vti4: removed duplicate log message. - [arm64] Add part number for Neoverse N1 - [arm64] errata: Hide CTR_EL0.DIC on systems affected by Neoverse-N1 #1542419 - [arm64] Fake the IminLine size on systems affected by Neoverse-N1 #1542419 - [arm64] compat: Workaround Neoverse-N1 #1542419 for compat user-space - watchdog: reset last_hw_keepalive time at start - scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login - scsi: lpfc: Fix crash in target side cable pulls hitting WAIT_FOR_UNREG - ceph: return ceph_mdsc_do_request() errors from __get_parent() - ceph: don't skip updating wanted caps when cap is stale - scsi: iscsi: Report unbind session event when the target has been removed - [x86] ASoC: Intel: atom: Take the drv->lock mutex before calling sst_send_slot_map() - nvme: fix deadlock caused by ANA update wrong locking - ipc/util.c: sysvipc_find_ipc() should increase position index - [s390x] cio: avoid duplicated 'ADD' uevents - loop: Better discard support for block devices - [powerpc*] Revert "powerpc/64: irq_work avoid interrupt when called with hardware irqs enabled" - [arm*] pwm: bcm2835: Dynamically allocate base - perf/core: Disable page faults when getting phys address - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN MPWIN895CL tablet - xhci: Ensure link state is U3 after setting USB_SS_PORT_LS_U3 - virtio-blk: improve virtqueue error to BLK_STS - scsi: smartpqi: fix call trace in device discovery - PCI/ASPM: Allow re-enabling Clock PM - [x86] KVM: VMX: Zero out *all* general purpose registers after VM-Exit - cxgb4: fix adapter crash due to wrong MC size - cxgb4: fix large delays in PTP synchronization - ipv6: fix restrict IPV6_ADDRFORM operation - macsec: avoid to set wrong mtu - macvlan: fix null dereference in macvlan_device_event() - net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node - [arm64,armhf] net: stmmac: dwmac-meson8b: Add missing boundary to RGMII TX clock array - sched: etf: do not assume all sockets are full blown - tcp: cache line align MAX_TCP_HEADER - team: fix hang in team_mode_get() - vrf: Fix IPv6 with qdisc and xfrm - [armhf] net: dsa: b53: Lookup VID in ARL searches when VLAN is enabled - [armhf] net: dsa: b53: Fix ARL register definitions - [armhf] net: dsa: b53: Rework ARL bin logic - [armhf] net: dsa: b53: b53_arl_rw_op() needs to select IVL or SVL - xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish - vrf: Check skb for XFRM_TRANSFORMED flag - KEYS: Avoid false positive ENOMEM error on key read - ALSA: hda: Remove ASUS ROG Zenith from the blacklist - ALSA: usb-audio: Add static mapping table for ALC1220-VB-based mobos - ALSA: usb-audio: Add connector notifier delegation - [armhf] iio: st_sensors: rely on odr mask to know if odr can be set - USB: sisusbvga: Change port variable from signed to unsigned - USB: Add USB_QUIRK_DELAY_CTRL_MSG and USB_QUIRK_DELAY_INIT for Corsair K70 RGB RAPIDFIRE - USB: early: Handle AMD's spec-compliant identifiers, too - USB: hub: Fix handling of connect changes during sleep - vmalloc: fix remap_vmalloc_range() bounds checks - mm/hugetlb: fix a addressing exception caused by huge_pte_offset - mm/ksm: fix NULL pointer dereference when KSM zero page is enabled - ALSA: hda/realtek - Fix unexpected init_amp override - ALSA: hda/realtek - Add new codec supported for ALC245 - ALSA: usb-audio: Fix usb audio refcnt leak when getting spdif - ALSA: usb-audio: Filter out unsupported sample rates on Focusrite devices - tpm/tpm_tis: Free IRQ if probing fails - [s390x] KVM: Return last valid slot if approx index is out-of-bounds - KVM: Check validity of resolved slot when searching memslots - [x86] KVM: VMX: Enable machine check support for 32bit targets - tty: hvc: fix buffer overflow during hvc_alloc(). - [x86] tty: rocket, avoid OOB access - usb-storage: Add unusual_devs entry for JMicron JMS566 - audit: check the length of userspace generated audit records - ASoC: dapm: fixup dapm kcontrol widget - iwlwifi: pcie: actually release queue memory in TVQM - iwlwifi: mvm: beacon statistics shouldn't go backwards - [armel,armhf] ARM: imx: provide v7_cpu_resume() only on ARM_CPU_SUSPEND=y - [powerpc*] setup_64: Set cache-line-size based on cache-block-size - [i386] staging: comedi: dt2815: fix writing hi byte of analog output - [x86] staging: comedi: Fix comedi_device refcnt leak in comedi_open - vt: don't hardcode the mem allocation upper bound - vt: don't use kmalloc() for the unicode screen buffer - [x86] staging: vt6656: Don't set RCR_MULTICAST or RCR_BROADCAST by default. - [x86] staging: vt6656: Fix calling conditions of vnt_set_bss_mode - [x86] staging: vt6656: Fix drivers TBTT timing counter. - [x86] staging: vt6656: Fix pairwise key entry save. - [x86] staging: vt6656: Power save stop wake_up_count wrap around. - cdc-acm: close race betrween suspend() and acm_softint - cdc-acm: introduce a cool down - UAS: no use logging any details in case of ENODEV - UAS: fix deadlock in error handling and PM flushing work - [arm64,armhf] usb: dwc3: gadget: Fix request completion check - usb: f_fs: Clear OS Extended descriptor counts to zero in ffs_data_reset() - xhci: prevent bus suspend if a roothub port detected a over-current condition - xfs: Fix deadlock between AGI and AGF with RENAME_WHITEOUT https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.120 - mtd: cfi: fix deadloop in cfi_cmdset_0002.c do_write_buffer - [arm*] binder: take read mode of mmap_sem in binder_alloc_free_page() - [arm64,armhf] usb: dwc3: gadget: Do link recovery for SS and SSP - nfsd: memory corruption in nfsd4_lock() - rxrpc: Fix DATA Tx to disable nofrag for UDP on AF_INET6 socket - net/cxgb4: Check the return from t4_query_params properly - xfs: acquire superblock freeze protection on eofblocks scans - svcrdma: Fix trace point use-after-free race - svcrdma: Fix leak of svc_rdma_recv_ctxt objects - PCI: Avoid ASMedia XHCI USB PME# from D0 defect - [s390x] net/mlx5: Fix failing fw tracer allocation on s390 - perf/core: fix parent pid/tid in task exit events - [i386] bpf, x86_32: Fix incorrect encoding in BPF_LDX zero-extension - mm: shmem: disable interrupt when acquiring info->lock in userfaultfd_copy path - xfs: clear PF_MEMALLOC before exiting xfsaild thread - [x86] bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B - [armhf] net: fec: set GPR bit on suspend by DT configuration. - [x86] hyperv: report value of misc_features - xfs: fix partially uninitialized structure in xfs_reflink_remap_extent - ALSA: hda: Keep the controller initialization even if no codecs found - ALSA: hda: Explicitly permit using autosuspend if runtime PM is supported - scsi: target: fix PR IN / READ FULL STATUS for FC - scsi: target: tcmu: reset_ring should reset TCMU_DEV_BIT_BROKEN - xen/xenbus: ensure xenbus_map_ring_valloc() returns proper grant status - ALSA: hda: call runtime_allow() for all hda controllers - [arm64] Delete the space separator in __emit_inst - ext4: use matching invalidatepage in ext4_writepage - ext4: increase wait time needed before reuse of deleted inode numbers - ext4: convert BUG_ON's to WARN_ON's in mballoc.c - hwmon: (jc42) Fix name to have no illegal characters - [i386] bpf, x86_32: Fix clobbering of dst for BPF_JSET - qed: Fix use after free in qed_chain_free - ext4: check for non-zero journal inum in ext4_calculate_overhead https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.121 - drm/edid: Fix off-by-one in DispID DTD pixel clock - drm/qxl: qxl_release leak in qxl_draw_dirty_fb() - drm/qxl: qxl_release leak in qxl_hw_surface_alloc() - drm/qxl: qxl_release use after free - btrfs: fix block group leak when removing fails - ALSA: hda/realtek - Two front mics on a Lenovo ThinkCenter - ALSA: usb-audio: Correct a typo of NuPrime DAC-10 USB ID - ALSA: hda/hdmi: fix without unlocked before return - ALSA: pcm: oss: Place the plugin buffer overflow checks correctly (Closes: #960493) - PM: ACPI: Output correct message on target power state - PM: hibernate: Freeze kernel threads in software_resume() - dm writecache: fix data corruption when reloading the target - dm multipath: use updated MPATHF_QUEUE_IO on mapping for bio-based mpath - scsi: qla2xxx: set UNLOADING before waiting for session deletion - scsi: qla2xxx: check UNLOADING before posting async work - RDMA/mlx5: Set GRH fields in query QP on RoCE - RDMA/mlx4: Initialize ib_spec on the stack - RDMA/core: Prevent mixed use of FDs between shared ufiles - RDMA/core: Fix race between destroy and release FD object - [amd64,arm64] vfio: avoid possible overflow in vfio_iommu_type1_pin_pages - [amd64,arm64] vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() - [arm64] iommu/qcom: Fix local_base status check - scsi: target/iblock: fix WRITE SAME zeroing - [amd64] iommu/amd: Fix legacy interrupt remapping for x2APIC-enabled system - nfs: Fix potential posix_acl refcnt leak in nfs3_set_acl - btrfs: fix partial loss of prealloc extent past i_size after fsync - btrfs: transaction: Avoid deadlock due to bad initialization timing of fs_info::journal_info - mmc: cqhci: Avoid false "cqhci: CQE stuck on" by not open-coding timeout loop - [arm64] mmc: sdhci-xenon: fix annoying 1.8V regulator warning - mmc: sdhci-pci: Fix eMMC driver strength for BYT-based controllers - [arm64] mmc: sdhci-msm: Enable host capabilities pertains to R1b response - [armhf] mmc: meson-mx-sdio: Set MMC_CAP_WAIT_WHILE_BUSY - [armhf] mmc: meson-mx-sdio: remove the broken ->card_busy() op https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.122 - vhost: vsock: kick send_pkt worker once device is started - [powerpc*] pci/of: Parse unassigned resources - [x86] ASoC: topology: Check return value of pcm_new_ver - [armhf] ASoC: sgtl5000: Fix VAG power-on handling - [arm64,armhf] usb: dwc3: gadget: Properly set maxpacket limit - [x86] ASoC: codecs: hdac_hdmi: Fix incorrect use of list_for_each_entry - wimax/i2400m: Fix potential urb refcnt leak - [armhf] net: stmmac: fix enabling socfpga's ptp_ref_clock - [armhf] net: stmmac: Fix sub-second increment - cifs: protect updating server->dstaddr with a spinlock - [s390x] ftrace: fix potential crashes when switching tracers - sctp: Fix SHUTDOWN CTSN Ack in the peer restart case - drm/amdgpu: Fix oops when pp_funcs is unset in ACPI event - lib: devres: add a helper function for ioremap_uc - [x86] mfd: intel-lpss: Use devm_ioremap_uc for MMIO - ALSA: hda: Match both PCI ID and SSID for driver blacklist - [x86] platform: GPD pocket fan: Fix error message when temp-limits are out of range - mac80211: add ieee80211_is_any_nullfunc() - cgroup, netclassid: remove double cond_resched - drm/atomic: Take the atomic toys away from X https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.123 - USB: serial: qcserial: Add DW5816e support - tracing/kprobes: Fix a double initialization typo - vt: fix unicode console freeing with a common interface - fq_codel: fix TCA_FQ_CODEL_DROP_BATCH_SIZE sanity checks - net: macsec: preserve ingress frame ordering - net/mlx4_core: Fix use of ENOSPC around mlx4_counter_alloc() - net_sched: sch_skbprio: add message validation to skbprio_change() - net: usb: qmi_wwan: add support for DW5816e - sch_choke: avoid potential panic in choke_reset() - sch_sfq: validate silly quantum values - tipc: fix partial topology connection closure - bnxt_en: Fix VLAN acceleration handling in bnxt_fix_features(). - net/mlx5: Fix forced completion access non initialized command entry - net/mlx5: Fix command entry leak in Internal Error State - bnxt_en: Improve AER slot reset. - bnxt_en: Fix VF anti-spoof filter setup. - net: stricter validation of untrusted gso packets - HID: wacom: Read HID_DG_CONTACTMAX directly for non-generic devices - sctp: Fix bundling of SHUTDOWN with COOKIE-ACK - HID: usbhid: Fix race between usbhid_close() and usbhid_stop() - USB: uas: add quirk for LaCie 2Big Quadra - USB: serial: garmin_gps: add sanity checking for data length - tracing: Add a vmalloc_sync_mappings() for safe measure - [arm64,armhf] KVM: vgic: Fix limit condition when writing to GICD_I[CS]ACTIVER - [arm64] KVM: Fix 32bit PC wrap-around - [arm64] hugetlb: avoid potential NULL dereference - mm/page_alloc: fix watchdog soft lockups during set_zone_contiguous() - [x86] KVM: VMX: Explicitly reference RCX as the vmx_vcpu pointer in asm blobs - [x86] KVM: VMX: Mark RCX, RDX and RSI as clobbered in vmx_vcpu_run()'s asm blob - batman-adv: fix batadv_nc_random_weight_tq - batman-adv: Fix refcnt leak in batadv_show_throughput_override - batman-adv: Fix refcnt leak in batadv_store_throughput_override - batman-adv: Fix refcnt leak in batadv_v_ogm_process - [amd64] x86/entry/64: Fix unwind hints in register clearing code - [amd64] x86/entry/64: Fix unwind hints in kernel exit path - [amd64] x86/entry/64: Fix unwind hints in rewind_stack_do_exit() - [amd64] x86/unwind/orc: Don't skip the first frame for inactive tasks - [amd64] x86/unwind/orc: Prevent unwinding before ORC initialization - [amd64] x86/unwind/orc: Fix error path for bad ORC entry type - [amd64] x86/unwind/orc: Fix premature unwind stoppage due to IRET frames - netfilter: nat: never update the UDP checksum when it's 0 - netfilter: nf_osf: avoid passing pointer to local var - scripts/decodecode: fix trapping instruction formatting - ipc/mqueue.c: change __do_notify() to bypass check_kill_permission() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.124 - [arm64,armhf] net: dsa: Do not make user port errors fatal - shmem: fix possible deadlocks on shmlock_user_lock - virtio-blk: handle block_device_operations callbacks after hot unplug - mmc: sdhci-acpi: Add SDHCI_QUIRK2_BROKEN_64_BIT_DMA for AMDI0040 - net: fix a potential recursive NETDEV_FEAT_CHANGE - net: phy: fix aneg restart in phy_ethtool_set_eee - pppoe: only process PADT targeted at local interfaces - Revert "ipv6: add mtu lock check in __ip6_rt_update_pmtu" - tcp: fix error recovery in tcp_zerocopy_receive() - virtio_net: fix lockdep warning on 32 bit - [x86,arm64] hinic: fix a bug of ndo_stop - net: ipv4: really enforce backoff for redirects - netprio_cgroup: Fix unlimited memory leak of v2 cgroups - net: tcp: fix rx timestamp behavior for tcp_recvmsg - tcp: fix SO_RCVLOWAT hangs with fat skbs - [i386] dmaengine: pch_dma.c: Avoid data race between probe and irq handler - [x86] cpufreq: intel_pstate: Only mention the BIOS disabling turbo mode once - ALSA: hda/hdmi: fix race in monitor detection during probe - drm/qxl: lost qxl_bo_kunmap_atomic_page in qxl_image_init_helper() - ipc/util.c: sysvipc_find_ipc() incorrectly updates position index - ALSA: hda/realtek - Fix S3 pop noise on Dell Wyse - gfs2: Another gfs2_walk_metadata fix - [x86] pinctrl: baytrail: Enable pin configuration setting for GPIO chip - [x86] pinctrl: cherryview: Add missing spinlock usage in chv_gpio_irq_handler - i40iw: Fix error handling in i40iw_manage_arp_cache() - mmc: core: Check request type before completing the request - mmc: block: Fix request completion in the CQE timeout path - NFS: Fix fscache super_cookie index_key from changing after umount - nfs: fscache: use timespec64 in inode auxdata - NFSv4: Fix fscache cookie aux_data to ensure change_attr is included - [arm64] fix the flush_icache_range arguments in machine_kexec - netfilter: nft_set_rbtree: Introduce and use nft_rbtree_interval_start() - IB/mlx4: Test return value of calls to ib_get_cached_pkey - ALSA: hda/realtek - Limit int mic boost for Thinkpad T530 - ALSA: rawmidi: Fix racy buffer resize under concurrent accesses - ALSA: usb-audio: Add control message quirk delay for Kingston HyperX headset - usb: core: hub: limit HUB_QUIRK_DISABLE_AUTOSUSPEND to USB5534B - [arm64,armhf] usb: host: xhci-plat: keep runtime active when removing host - usb: xhci: Fix NULL pointer dereference when enqueuing trbs from urb sg list - cifs: fix leaked reference on requeued write - exec: Move would_dump into flush_old_exec - [arm64,armhf] clk: rockchip: fix incorrect configuration of rk3228 aclk_gpu* clocks - [arm64,armhf] dwc3: Remove check for HWO flag in dwc3_gadget_ep_reclaim_trb_sg() - Revert "ALSA: hda/realtek: Fix pop noise on ALC225" - clk: Unlink clock if failed to prepare or enable - [arm64] dts: rockchip: Replace RK805 PMIC node name with "pmic" on rk3328 boards - [x86] KVM: Fix off-by-one error in kvm_vcpu_ioctl_x86_setup_mce https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.125 - i2c: dev: Fix the race between the release of i2c_dev and cdev - fix multiplication overflow in copy_fdtable() - ubifs: remove broken lazytime support - [amd64] iommu/amd: Fix over-read of ACPI UID from IVRS table - ubi: Fix seq_file usage in detailed_erase_block_info debugfs file - HID: multitouch: add eGalaxTouch P80H84 support - HID: alps: Add AUI1657 device ID - HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead - scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV - scsi: qla2xxx: Delete all sessions before unregister local nvme port - configfs: fix config_item refcnt leak in configfs_rmdir() - vhost/vsock: fix packet delivery order to monitoring devices - [amd64] aquantia: Fix the media type of AQC100 ethernet controller in the driver - component: Silence bind error on -EPROBE_DEFER - [ppc64el] scsi: ibmvscsi: Fix WARN_ON during event pool release - HID: i2c-hid: reset Synaptics SYNA2393 on resume - [x86] apic: Move TSC deadline timer debug printk - gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() - HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A keyboard-dock - ceph: fix double unlock in handle_cap_export() - [arm64,armhf] stmmac: fix pointer check after utilization in stmmac_interrupt - USB: core: Fix misleading driver bug report - [x86] platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA - padata: Replace delayed timer with immediate workqueue in padata_reorder - padata: initialize pd->cpu with effective cpumask - padata: purge get_cpu and reorder_via_wq from padata_do_serial - ALSA: iec1712: Initialize STDSP24 properly when using the model=staudio option - ALSA: pcm: fix incorrect hw_base increase - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Xtreme - ALSA: hda/realtek - Add more fixup entries for Clevo machines - [armhf] drm/etnaviv: fix perfmon domain interation - apparmor: Fix use-after-free in aa_audit_rule_init - apparmor: fix potential label refcnt leak in aa_change_profile - apparmor: Fix aa_label refcnt leak in policy_update - [arm64] dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()' - [powerpc*] Remove STRICT_KERNEL_RWX incompatibility with RELOCATABLE - [powerpc*] 64s: Disable STRICT_KERNEL_RWX - [amd64,arm64] nfit: Add Hyper-V NVDIMM DSM command set to white list - [x86,arm64] libnvdimm/btt: Remove unnecessary code in btt_freelist_init - [x86,arm64] libnvdimm/btt: Fix LBA masking during 'free list' population - [x86] thunderbolt: Drop duplicated get_switch_at_route() - cxgb4: free mac_hlist properly - cxgb4/cxgb4vf: Fix mac_hlist initialization and free - brcmfmac: abort and release host after error - Revert "gfs2: Don't demote a glock until its revokes are written" - misc: rtsx: Add short delay after exit from ASPM - [x86] mei: release me_cl object reference - rxrpc: Fix a memory leak in rxkad_verify_response() - rxrpc: Trace discarded ACKs - rxrpc: Fix ack discard https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.126 - ax25: fix setsockopt(SO_BINDTODEVICE) - __netif_receive_skb_core: pass skb by reference - net: inet_csk: Fix so_reuseport bind-address cache in tb->fast* - net: ipip: fix wrong address family in init error path - net/mlx5: Add command entry handling completion - net: revert "net: get rid of an signed integer overflow in ip_idents_reserve()" - net sched: fix reporting the first-time use timestamp - r8152: support additional Microsoft Surface Ethernet Adapter variant - sctp: Don't add the shutdown timer if its already been added - sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and socket is closed - net/mlx5e: Update netdev txq on completions during closure - net/mlx5: Annotate mutex destroy for root ns - net: sun: fix missing release regions in cas_init_one(). - net/mlx4_core: fix a memory leak bug. - [armhf] dts: rockchip: fix phy nodename for rk3228-evb - [arm64] dts: rockchip: fix status for &gmac2phy in rk3328-evb.dts - [arm64,armhf] gpio: tegra: mask GPIO IRQs during IRQ shutdown - ALSA: usb-audio: add mapping for ASRock TRX40 Creator - gfs2: move privileged user check to gfs2_quota_lock_check - cachefiles: Fix race between read_waiter and read_copier involving op->to_do - [arm64] usb: dwc3: pci: Enable extcon driver for Intel Merrifield - usb: gadget: legacy: fix redundant initialization warnings - IB/i40iw: Remove bogus call to netdev_master_upper_dev_get() - cifs: Fix null pointer check in cifs_read - Input: usbtouchscreen - add support for BonXeon TP - Input: evdev - call input_flush_device() on release(), not flush() - Input: xpad - add custom init packet for Xbox One S controllers - Input: i8042 - add ThinkPad S230u to i8042 reset list - Input: synaptics-rmi4 - really fix attn_data use-after-free - Input: synaptics-rmi4 - fix error return code in rmi_driver_probe() - [armel,armhf] 8970/1: decompressor: increase tag size - [arm*] 8843/1: use unified assembler in headers - gpio: exar: Fix bad handling for ida_simple_get error path - IB/qib: Call kobject_put() when kobject_init_and_add() fails - [armhf] dts/imx6q-bx50v3: Set display interface clock parents - [armel,armhf] dts: bcm2835-rpi-zero-w: Fix led polarity - mmc: block: Fix use-after-free issue for rpmb - ALSA: hwdep: fix a left shifting 1 by 31 UB bug - ALSA: hda/realtek - Add a model for Thinkpad T570 without DAC workaround - ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC - exec: Always set cap_ambient in cap_bprm_set_creds - ALSA: usb-audio: Quirks for Gigabyte TRX40 Aorus Master onboard audio - ALSA: hda/realtek - Add new codec supported for ALC287 - libceph: ignore pool overlay and cache logic on redirects - IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode - mm: remove VM_BUG_ON(PageSlab()) from page_mapcount() - include/asm-generic/topology.h: guard cpumask_of_node() macro argument - iommu: Fix reference count leak in iommu_group_alloc. - mmc: core: Fix recursive locking issue in CQE recovery path - RDMA/core: Fix double destruction of uobject - mac80211: mesh: fix discovery timer re-arming issue / crash - [x86] dma: Fix max PFN arithmetic overflow on 32 bit systems - [x86] copy_xstate_to_kernel(): don't leave parts of destination uninitialized - xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input - xfrm: call xfrm_output_gso when inner_protocol is set in xfrm_output - xfrm interface: fix oops when deleting a x-netns interface - xfrm: fix a warning in xfrm_policy_insert_list - xfrm: fix a NULL-ptr deref in xfrm_local_error - xfrm: fix error in comment - vti4: eliminated some duplicate code. - ip_vti: receive ipip packet by calling ip_tunnel_rcv - netfilter: nft_reject_bridge: enable reject with bridge vlan - netfilter: ipset: Fix subcounter update skip - netfilter: nfnetlink_cthelper: unbreak userspace helper support - netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code - esp6: get the right proto for transport mode in esp6_gso_encap - bnxt_en: Fix accumulation of bp->net_stats_prev. - xsk: Add overflow check for u64 division, stored into u32 - qlcnic: fix missing release in qlcnic_83xx_interrupt_test. - bonding: Fix reference count leak in bond_sysfs_slave_add. - netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build - mm/vmalloc.c: don't dereference possible NULL pointer in __vunmap() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.127 - Revert "cgroup: Add memory barriers to plug cgroup_rstat_updated() race window" - libnvdimm: Fix endian conversion issues  - HID: sony: Fix for broken buttons on DS3 USB dongles - HID: i2c-hid: add Schneider SCL142ALM to descriptor override - p54usb: add AirVasT USB stick device-id - mmc: fix compilation of user API - scsi: ufs: Release clock if DMA map fails - airo: Fix read overflows sending packets - [x86] drm/i915: fix port checks for MST support on gen >= 11 - [arm64] scsi: hisi_sas: Check sas_port before using it - [powerpc*] powernv: Avoid re-registration of imc debugfs directory - [s390x] ftrace: save traced function caller - drm/edid: Add Oculus Rift S to non-desktop list - [s390x] mm: fix set_huge_pte_at() for empty ptes - null_blk: return error for invalid zone size - [arm64] net: ethernet: stmmac: Enable interface clocks on probe for IPQ806x - [arm64,armhf] net: smsc911x: Fix runtime PM imbalance on error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.128 - devinet: fix memleak in inetdev_init() - l2tp: add sk_family checks to l2tp_validate_socket - l2tp: do not use inet_hash()/inet_unhash() - net: usb: qmi_wwan: add Telit LE910C1-EUX composition - vsock: fix timeout in vsock_accept() - net: check untrusted gso_size at kernel entry - USB: serial: qcserial: add DW5816e QDL support - USB: serial: usb_wwan: do not resubmit rx urb on fatal errors - USB: serial: option: add Telit LE910C1-EUX compositions - [arm64,armhf] usb: musb: start session in resume for host port - [arm64,armhf] usb: musb: Fix runtime PM imbalance on error - vt: keyboard: avoid signed integer overflow in k_ascii (CVE-2020-13974) - tty: hvc_console, fix crashes on parallel open/close - staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK - CDC-ACM: heed quirk also in error handling - [arm64] nvmem: qfprom: remove incorrect write support - uprobes: ensure that uprobe->offset and ->ref_ctr_offset are properly aligned - Revert "net/mlx5: Annotate mutex destroy for root ns" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.129 - ipv6: fix IPV6_ADDRFORM operation logic - net_failover: fixed rollback in net_failover_open() - bridge: Avoid infinite loop when suppressing NS messages with invalid options - vxlan: Avoid infinite loop when suppressing NS messages with invalid options - tun: correct header offsets in napi frags mode - make 'user_access_begin()' do 'access_ok()' (CVE-2018-20669) - [x86] uaccess: Inhibit speculation past access_ok() in user_access_begin() - lib: Reduce user_access_begin() boundaries in strncpy_from_user() and strnlen_user() - btrfs: merge btrfs_find_device and find_device (CVE-2019-18885) - btrfs: Detect unbalanced tree with empty leaf before crashing btree operations - [armel,armhf] 8977/1: ptrace: Fix mask for thumb breakpoint hook - sched/fair: Don't NUMA balance for kthreads - Input: synaptics - add a second working PNP_ID for Lenovo T470s - [powerpc*] xive: Clear the page tables for the ESB IO mapping - ath9k_htc: Silence undersized packet warnings - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated - [x86] cpu/amd: Make erratum #1054 a legacy erratum - perf probe: Accept the instance number of kretprobe event - mm: add kvfree_sensitive() for freeing sensitive data objects - aio: fix async fsync creds - btrfs: tree-checker: Check level for leaves and nodes - [x86] Fix jiffies ODR violation - [x86] PCI: Mark Intel C620 MROMs as having non-compliant BARs - [x86] speculation: Prevent rogue cross-process SSBD shutdown (CVE-2020-10766) - [x86] reboot/quirks: Add MacBook6,1 reboot quirk - efi/efivars: Add missing kobject_put() in sysfs entry creation error path - [i386] ALSA: es1688: Add the missed snd_card_free() - ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines - ALSA: usb-audio: Fix inconsistent card PM state after resume - ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt Dock - [arm64,x86] ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile() - [amd64,arm64] ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe() - [arm64] ACPI: GED: add support for _Exx / _Lxx handler methods - [arm64,x86] ACPI: PM: Avoid using power resources if there are none for D0 - cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages - nilfs2: fix null pointer dereference at nilfs_segctor_do_construct() - [arm*] spi: bcm2835aux: Fix controller unregister order - PM: runtime: clk: Fix clk_pm_runtime_get() error path - [arm64] crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated - ALSA: pcm: disallow linking stream to itself - [x86] {mce,mm}: Unmap the entire page if the whole page is affected and poisoned - [x86] KVM: Fix APIC page invalidation race - [x86] kvm: Fix L1TF mitigation for shadow MMU - [x86] KVM: x86/mmu: Consolidate "is MMIO SPTE" code - [x86] KVM: only do L1TF workaround on affected processors - [x86] speculation: Change misspelled STIPB to STIBP - [x86] speculation: Add support for STIBP always-on preferred mode - [x86] speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS. (CVE-2020-10767) - [x86] speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches. (CVE-2020-10768) - spi: No need to assign dummy value in spi_unregister_controller() - spi: Fix controller unregister order - [amd64] spi: pxa2xx: Fix controller unregister order - [arm*] spi: bcm2835: Fix controller unregister order - [amd64] spi: pxa2xx: Balance runtime PM enable/disable on error - [amd64] spi: pxa2xx: Fix runtime PM ref imbalance on probe error - crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req() - crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() - crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() - ovl: initialize error in ovl_copy_xattr - proc: Use new_inode not new_inode_pseudo - [x86] KVM: nSVM: fix condition for filtering async PF - [x86] KVM: nSVM: leave ASID aside in copy_vmcb_control_area - [x86] KVM: nVMX: Consult only the "basic" exit reason when routing nested exit - [arm64] KVM: Make vcpu_cp1x() work on Big Endian hosts - scsi: megaraid_sas: TM command refire leads to controller firmware crash - ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx - ath9k: Fix use-after-free Write in ath9k_htc_rx_msg - ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb - mm/slub: fix a memory leak in sysfs_slab_add() - fat: don't allow to mount if the FAT length == 0 - perf: Add cond_resched() to task_function_call() - [x86] agp/intel: Reinforce the barrier after GTT updates - [arm64] mmc: sdhci-msm: Clear tuning done flag while hs400 tuning - mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card() - xen/pvcalls-back: test for errors when calling backend_connect() - [arm64] KVM: Synchronize sysreg state on injecting an AArch32 exception - [arm64] ACPI: GED: use correct trigger type field in _Exx / _Lxx handling - [arm64] drm: bridge: adv7511: Extend list of audio sample rates - [x86] crypto: ccp -- don't "select" CONFIG_DMADEVICES - media: si2157: Better check for running tuner in init - [amd64] spi: pxa2xx: Apply CS clk quirk to BXT - [amd64] net: atlantic: make hw_get_regs optional - net: ena: fix error returning in ena_com_get_hash_function() - [arm64] insn: Fix two bugs in encoding 32-bit logical immediates - ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K - Bluetooth: Add SCO fallback for invalid LMP parameters error - [armhf] clocksource: dw_apb_timer: Make CPU-affiliation being optional - [armhf] clocksource: dw_apb_timer_of: Fix missing clockevent timers - btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums - batman-adv: Revert "disable ethtool link speed detection when auto negotiation off" - [armhf] mmc: meson-mx-sdio: trigger a soft reset after a timeout or CRC error - [x86] kvm/hyper-v: Explicitly align hcall param for kvm_hyperv_exit - [x86] net: vmxnet3: fix possible buffer overflow caused by bad DMA value in vmxnet3_get_rss() - brcmfmac: fix wrong location to get firmware feature - e1000: Distribute switch variables for initialization - dt-bindings: display: mediatek: control dpi pins mode to avoid leakage - audit: fix a net reference leak in audit_send_reply() - media: dvb: return -EREMOTEIO on i2c transfer failure. - [mips*] Make sparse_init() using top-down allocation - Bluetooth: btbcm: Add 2 missing models to subver tables - audit: fix a net reference leak in audit_list_rules_send() - netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported - exit: Move preemption fixup up, move blocking operations down - sched/core: Fix illegal RCU from offline CPUs - drivers/perf: hisi: Fix typo in events attribute array - [armhf] net: allwinner: Fix use correct return type for ndo_start_xmit() - xfs: clean up the error handling in xfs_swap_extents - Crypto/chcr: fix for ccm(aes) failed test - [mips*] cm: Fix an invalid error code of INTVN_*_ERR - xfs: reset buffer write failure state on successful completion - xfs: fix duplicate verification from xfs_qm_dqflush() - [x86] platform/x86: intel-vbtn: Use acpi_evaluate_integer() - [x86] platform/x86: intel-vbtn: Split keymap into buttons and switches parts - [x86] platform/x86: intel-vbtn: Do not advertise switches to userspace if they are not there - [x86] platform/x86: intel-vbtn: Also handle tablet-mode switch on "Detachable" and "Portable" chassis-types - nvme: refine the Qemu Identify CNS quirk - ath10k: Remove msdu from idr when management pkt send fails - [arm64] wcn36xx: Fix error handling path in 'wcn36xx_probe()' - net: qed*: Reduce RX and TX default ring count when running inside kdump kernel - mt76: avoid rx reorder buffer overflow - md: don't flush workqueue unconditionally in md_open - veth: Adjust hard_start offset on redirect XDP frames - net/mlx5e: IPoIB, Drop multicast packets that this interface sent - rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup() - mwifiex: Fix memory corruption in dump_station - [x86] boot: Correct relocation destination on old linkers - [x86] mm: Stop printing BRK addresses - btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a new qgroup - macvlan: Skip loopback packets in RX handler - PCI: Don't disable decoding when mmio_always_on is set - [mips*] Fix IRQ tracing when call handle_fpe() and handle_msa_fpe() - bcache: fix refcount underflow in bcache_device_free() - [arm64] mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk - mmc: via-sdmmc: Respect the cmd->busy_timeout from the mmc core - ixgbe: fix signed-integer-overflow warning - [armhf] mmc: sdhci-esdhc-imx: fix the mask for tuning start point - cpuidle: Fix three reference count leaks - [x86] platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32() - [x86] platform/x86: intel-hid: Add a quirk to support HP Spectre X2 (2015) - [x86] platform/x86: intel-vbtn: Only blacklist SW_TABLET_MODE on the 9 / "Laptop" chasis-type - btrfs: include non-missing as a qualifier for the latest_bdev - btrfs: send: emit file capabilities after chown - mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked() - mm: initialize deferred pages with interrupts enabled - ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max - ext4: fix error pointer dereference - ext4: fix race between ext4_sync_parent() and rename() - PCI: Avoid Pericom USB controller OHCI/EHCI PME# defect - PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0 - PCI: Avoid FLR for AMD Starship USB 3.0 - PCI: Add ACS quirk for iProc PAXB - PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints - PCI: Remove unused NFP32xx IDs - [x86] hwmon/k10temp, x86/amd_nb: Consolidate shared device IDs - [x86] amd_nb: Add PCI device IDs for family 17h, model 30h - PCI: add USR vendor id and use it in r8169 and w6692 driver - PCI: Move Synopsys HAPS platform device IDs - PCI: Move Rohm Vendor ID to generic list - misc: pci_endpoint_test: Add the layerscape EP device support - misc: pci_endpoint_test: Add support to test PCI EP in AM654x - PCI: Add Synopsys endpoint EDDA Device ID - PCI: Add NVIDIA GPU multi-function power dependencies - PCI: Enable NVIDIA HDA controllers - [x86] amd_nb: Add PCI device IDs for family 17h, model 70h - ALSA: lx6464es - add support for LX6464ESe pci express variant - PCI: Add Genesys Logic, Inc. Vendor ID - PCI: Add Amazon's Annapurna Labs vendor ID - PCI: vmd: Add device id for VMD device 8086:9A0B - [x86] amd_nb: Add Family 19h PCI IDs - PCI: Add Loongson vendor ID - serial: 8250_pci: Move Pericom IDs to pci_ids.h - PCI: Make ACS quirk implementations more uniform - PCI: Unify ACS quirk desired vs provided checking - PCI: Generalize multi-function power dependency device links - btrfs: fix error handling when submitting direct I/O bio - btrfs: fix wrong file range cleanup after an error filling dealloc range - PCI: Program MPS for RCiEP devices - e1000e: Disable TSO for buffer overrun workaround - e1000e: Relax condition to trigger reset for ME workaround - carl9170: remove P2P_GO support - media: go7007: fix a miss of snd_card_free (CVE-2019-20810) - Bluetooth: hci_bcm: fix freeing not-requested IRQ - b43legacy: Fix case where channel status is corrupted - b43: Fix connection problem with WPA3 - b43_legacy: Fix connection problem with WPA3 - igb: Report speed and duplex as unknown when device is runtime suspended - [arm64,armhf] power: vexpress: add suppress_bind_attrs to true - [armhf] pinctrl: samsung: Correct setting of eint wakeup mask on s5pv210 - [armhf] pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs - gnss: sirf: fix error return code in sirf_probe() - dm crypt: avoid truncating the logical block size - kernel/cpu_pm: Fix uninitted local in cpu_pm - [armhf] tegra: Correct PL310 Auxiliary Control Register initialization - [powerpc*] 64s: Don't let DT CPU features set FSCR_DSCR - [powerpc*] 64s: Save FSCR to init_task.thread.fscr after feature init - sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate registrations. - sunrpc: clean up properly in gss_mech_unregister() - [armhf] w1: omap-hdq: cleanup to add missing newline for some dev_dbg - perf probe: Do not show the skipped events - perf probe: Fix to check blacklist address correctly - perf probe: Check address correctness by map instead of _etext - perf symbols: Fix debuginfo search for Ubuntu https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.130 - [arm64,armhf] clk: sunxi: Fix incorrect usage of round_down() - [arm64,armhf] ASoC: tegra: tegra_wm8903: Support nvidia, headset property - i2c: piix4: Detect secondary SMBus controller on AMD AM4 chipsets - [x86] iio: pressure: bmp280: Tolerate IRQ before registering - [arm64] clk: qcom: msm8916: Fix the address location of pll->config_reg - [arm64] backlight: lp855x: Ensure regulators are disabled on probe failure - [armhf] ASoC: davinci-mcasp: Fix dma_chan refcnt leak when getting dma type - [armel] integrator: Add some Kconfig selections - scsi: qedi: Check for buffer overflow in qedi_set_path() - ALSA: hda/realtek - Introduce polarity for micmute LED GPIO - [i386] ALSA: isa/wavefront: prevent out of bounds write in ioctl - PCI: Allow pci_resize_resource() for devices on root bus - scsi: qla2xxx: Fix issue with adapter's stopping state - [x86] iio: bmp280: fix compensation of humidity - f2fs: report delalloc reserve as non-free in statfs for project quota - [x86] i2c: pxa: clear all master action bits in i2c_pxa_stop_message() - [armhf] clk: samsung: Mark top ISP and CAM clocks on Exynos542x as critical - usblp: poison URBs upon disconnect - serial: 8250: Fix max baud limit in generic 8250 port - dm mpath: switch paths in dm_blk_ioctl() code path - [arm64] PCI: aardvark: Don't blindly enable ASPM L0s and don't write to read-only register - vfio/pci: fix memory leaks in alloc_perm_bits() - RDMA/mlx5: Add init2init as a modify command - scsi: lpfc: Fix lpfc_nodelist leak when processing unsolicited event - [powerpc*] perf/hv-24x7: Fix inconsistent output values incase multiple hv-24x7 events run - nfsd: Fix svc_xprt refcnt leak when setup callback client failed - [amd64] PCI: vmd: Filter resource type bits from shadow register - [powerpc*] crashkernel: Take "mem=" option into account - yam: fix possible memory leak in yam_init_driver - apparmor: fix introspection of of task mode for unconfined tasks - apparmor: check/put label on apparmor_sk_clone_security() - scsi: sr: Fix sr_probe() missing deallocate of device minor - [powerpc*] scsi: ibmvscsi: Don't send host info in adapter info MAD after LPM - apparmor: fix nnp subset test for unconfined - [x86] purgatory: Disable various profiling and sanitizing options - scsi: qedi: Do not flush offload work if ARP not resolved - [armhf] dts: sun8i-h2-plus-bananapi-m2-zero: Fix led polarity - scsi: qedf: Fix crash when MFW calls for protocol stats while function is still probing - [arm64] firmware: qcom_scm: fix bogous abuse of dma-direct internals - ALSA: usb-audio: Improve frames size computation - ALSA: usb-audio: Fix racy list management in output queue - [s390x] qdio: put thinint indicator after early error - tty: hvc: Fix data abort due to race in hvc_open - [armhf] thermal/drivers/ti-soc-thermal: Avoid dereferencing ERR_PTR - [arm64,armhf] usb: dwc3: gadget: Properly handle failed kick_transfer - [mips64el,mipsel] staging: sm750fb: add missing case while setting FB_VISUAL - [arm64,i386] i2c: pxa: fix i2c_pxa_scream_blue_murder() debug output - [arm*] serial: amba-pl011: Make sure we initialize the port.lock spinlock - drivers: base: Fix NULL pointer exception in __platform_driver_probe() if a driver developer is foolish - PCI/ASPM: Allow ASPM on links to PCIe-to-PCI/PCI-X Bridges - scsi: qla2xxx: Fix warning after FC target reset - scsi: mpt3sas: Fix double free warnings - [arm64,armhf] pinctrl: rockchip: fix memleak in rockchip_dt_node_to_map - [armhf] clk: ti: composite: fix memory leak - PCI: Fix pci_register_host_bridge() device_register() error handling - [powerpc*] Don't initialise init_task->thread.regs - tty: n_gsm: Fix SOF skipping - tty: n_gsm: Fix waking up upper tty layer when room available - HID: Add quirks for Trust Panora Graphic Tablet - ipmi: use vzalloc instead of kmalloc for user creation - [powerpc*] pseries/ras: Fix FWNMI_VALID off by one - vfio-pci: Mask cap zero - usb/ohci-platform: Fix a warning when hibernating - [arm64] drm/msm/mdp5: Fix mdp5_init error path for failed mdp5_kms allocation - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT8-A tablet - [armhf] USB: host: ehci-mxc: Add error handling in ehci_mxc_drv_probe() - tty: n_gsm: Fix bogus i++ in gsm_data_kick - scsi: target: tcmu: Userspace must not complete queued commands - [powerpc*] 64s/pgtable: fix an undefined behaviour - dm zoned: return NULL if dmz_get_zone_for_reclaim() fails to find a zone - PCI/PTM: Inherit Switch Downstream Port PTM settings from Upstream Port - [arm64,armhf] PCI: dwc: Fix inner MSI IRQ domain registration - IB/cma: Fix ports memory leak in cma_configfs - [arm*] usb: dwc2: gadget: move gadget resume after the core is in L0 state - usb: gadget: Fix issue with config_ep_by_speed function - RDMA/iw_cxgb4: cleanup device debugfs entries on ULD remove - [x86] apic: Make TSC deadline timer detection message visible - scsi: target: tcmu: Fix a use after free in tcmu_check_expired_queue_cmd() - [arm*] clk: bcm2835: Fix return type of bcm2835_register_gate - [ppc64el] KVM: Book3S HV: Ignore kmemleak false positives - net: sunrpc: Fix off-by-one issues in 'rpc_ntop6' - NFSv4.1 fix rpc_call_done assignment for BIND_CONN_TO_SESSION - of: Fix a refcounting bug in __of_attach_node_sysfs() - rxrpc: Adjust /proc/net/rxrpc/calls to display call->debug_id not user_ID - gfs2: Allow lock_nolock mount to specify jid=X - scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj - scsi: ufs: Don't update urgent bkops level when toggling auto bkops - [armhf] pinctrl: freescale: imx: Fix an error handling path in 'imx_pinctrl_probe()' - geneve: change from tx_error to tx_dropped on missing metadata - lib/zlib: remove outdated and incorrect pre-increment optimization - blktrace: use errno instead of bi_status - blktrace: fix endianness in get_pdu_int() - blktrace: fix endianness for blk_log_remap() - gfs2: fix use-after-free on transaction ail lists - drivers/perf: hisi: Fix wrong value for all counters enable - afs: Fix memory leak in afs_put_sysnames() - ASoC: core: only convert non DPCM link to DPCM link - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT10-A tablet - ASoC: rt5645: Add platform-data for Asus T101HA - [arm64,armhf] drm/sun4i: hdmi ddc clk: Fix size of m divider - [x86] idt: Keep spurious entries unset in system_vectors - net/filter: Permit reading NET in load_bytes_relative when MAC not set - xdp: Fix xsk_generic_xmit errno - [arm64,armhf] usb/xhci-plat: Set PM runtime as active on resume - usb: host: ehci-platform: add a quirk to avoid stuck - usb/ehci-platform: Set PM runtime as active on resume - perf report: Fix NULL pointer dereference in hists__fprintf_nr_sample_events() - ext4: stop overwrite the errcode in ext4_setup_super - bcache: fix potential deadlock problem in btree_gc_coalesce (CVE-2020-12771) - afs: Fix non-setting of mtime when writing into mmap - afs: afs_write_end() should change i_size under the right lock - block: Fix use-after-free in blkdev_get() - [arm64] hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints - libata: Use per port sync for detach - drm: encoder_slave: fix refcouting error for modules - drm/dp_mst: Reformat drm_dp_check_act_status() a bit - drm/qxl: Use correct notify port address when creating cursor ring - selinux: fix double free - ext4: fix partial cluster initialization when splitting extent - ext4: avoid race conditions when remounting with options that change dax - drm/dp_mst: Increase ACT retry timeout to 3s - block: nr_sects_write(): Disable preemption on seqcount write - mtd: rawnand: Pass a nand_chip object to nand_scan() - mtd: rawnand: Pass a nand_chip object to nand_release() - mtd: rawnand: diskonchip: Fix the probe error path - [armel,armhf] mtd: rawnand: orion: Fix the probe error path - [s390x] fix syscall_get_error for compat processes - [x86] drm/i915: Whitelist context-local timestamp in the gen9 cmdparser - [x86] drm/i915/icl+: Fix hotplug interrupt disabling after storm detection - crypto: algif_skcipher - Cap recv SG list at ctx->used - crypto: algboss - don't wait during notifier callback - kprobes: Fix to protect kick_kprobe_optimizer() by kprobe_mutex - e1000e: Do not wake up the system via WOL if device wakeup is disabled - [mips*] net: octeon: mgmt: Repair filling of RX ring - kretprobe: Prevent triggering kretprobe from within kprobe_flush_task - sched/rt, net: Use CONFIG_PREEMPTION.patch - net: core: device_rename: Use rwsem instead of a seqcount - md: add feature flag MD_FEATURE_RAID0_LAYOUT - [x86] kvm: Move kvm_set_mmio_spte_mask() from x86.c to mmu.c - [x86] kvm: Fix reserved bits related calculation errors caused by MKTME - [x86] KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.131 - net: be more gentle about silly gso requests coming from user - block/bio-integrity: don't free 'buf' if bio_integrity_add_page() failed - fanotify: fix ignore mask logic for events on child and on dir - [armhf] mtd: rawnand: marvell: Fix the condition on a return code - net: sched: export __netdev_watchdog_up() - [x86] EDAC/amd64: Add Family 17h Model 30h PCI IDs - [arm64,armhf] i2c: tegra: Cleanup kerneldoc comments - [arm64,armhf] i2c: tegra: Add missing kerneldoc for some fields - [arm64,armhf] i2c: tegra: Fix Maximum transfer size - ALSA: hda/realtek - Enable the headset of ASUS B9450FA with ALC294 - ALSA: hda/realtek: Enable mute LED on an HP system - ALSA: hda/realtek - Enable micmute LED on and HP system - apparmor: don't try to replace stale label in ptraceme check (Closes: #963493) - [ppc64el] ibmveth: Fix max MTU limit - mld: fix memory leak in ipv6_mc_destroy_dev() - net: bridge: enfore alignment for ethernet address - net: fix memleak in register_netdevice() - net: place xmit recursion in softnet data - net: use correct this_cpu primitive in dev_recursion_level - net: increment xmit_recursion level in dev_direct_xmit() - net: usb: ax88179_178a: fix packet alignment padding - rxrpc: Fix notification call on completion of discarded calls - sctp: Don't advertise IPv4 addresses if ipv6only is set on the socket - tcp: don't ignore ECN CWR on pure ACK - tcp: grow window for OOO packets only for SACK flows - tg3: driver sleeps indefinitely when EEH errors exceed eeh_max_freezes - ip6_gre: fix use-after-free in ip6gre_tunnel_lookup() - net: phy: Check harder for errors in get_phy_id() - ip_tunnel: fix use-after-free in ip_tunnel_lookup() - sch_cake: don't try to reallocate or unshare skb unconditionally - sch_cake: fix a few style nits - tcp_cubic: fix spurious HYSTART_DELAY exit upon drop in min RTT - sch_cake: don't call diffserv parsing code when it is not needed - net: Fix the arp error in some cases - net: Do not clear the sock TX queue in sk_set_socket() - net: core: reduce recursion limit value - [arm*] usb: dwc2: Postponed gadget registration to the udc class driver - usb: add USB_QUIRK_DELAY_INIT for Logitech C922 - USB: ehci: reopen solution for Synopsys HC bug - xhci: Poll for U0 after disabling USB2 LPM - [armhf] usb: host: ehci-exynos: Fix error check in exynos_ehci_probe() - ALSA: usb-audio: add quirk for Denon DCD-1500RE - ALSA: usb-audio: add quirk for Samsung USBC Headset (AKG) - ALSA: usb-audio: Fix OOB access of mixer element list - [s390x] scsi: zfcp: Fix panic on ERP timeout for previously dismissed ERP action - xhci: Fix incorrect EP_STATE_MASK - xhci: Fix enumeration issue when setting max packet size for FS devices. - xhci: Return if xHCI doesn't support LPM - cdc-acm: Add DISABLE_ECHO quirk for Microchip/SMSC chip - loop: replace kill_bdev with invalidate_bdev - IB/mad: Fix use after free when destroying MAD agent - cifs/smb3: Fix data inconsistent when punch hole - cifs/smb3: Fix data inconsistent when zero file range - xfrm: Fix double ESP trailer insertion in IPsec crypto offload. - efi/esrt: Fix reference count leak in esre_create_sysfs_entry. - [armhf] regualtor: pfuze100: correct sw1a/sw2 on pfuze3000 - [armhf] ASoC: fsl_ssi: Fix bclk calculation for mono channel - [armhf] dts: Fix duovero smsc interrupt for suspend - regmap: Fix memory leak from regmap_register_patch - rxrpc: Fix handling of rwind from an ACK packet - RDMA/qedr: Fix KASAN: use-after-free in ucma_event_handler+0x532 - RDMA/cma: Protect bind_list and listen_list while finding matching cm id - RDMA/mad: Fix possible memory leak in ib_mad_post_receive_mads() - net: qed: fix left elements count calculation - net: qed: fix NVMe login fails over VFs - net: qed: fix excessive QM ILT lines consumption - cxgb4: move handling L2T ARP failures to caller - [armhf] imx5: add missing put_device() call in imx_suspend_alloc_ocram() - netfilter: ipset: fix unaligned atomic access - i2c: core: check returned size of emulated smbus block read - sched/deadline: Initialize ->dl_boosted - sched/core: Fix PI boosting between RT and DEADLINE tasks - ata/libata: Fix usage of page address by page_address in ata_scsi_mode_select_xlat function - net: alx: fix race condition in alx_remove - [s390x] ptrace: fix setting syscall number - [s390x] vdso: fix vDSO clock_getres() - kbuild: improve cc-option to clean up all temporary files - blktrace: break out of blktrace setup on concurrent calls - ALSA: hda: Add NVIDIA codec IDs 9a & 9d through a0 to patch table - ALSA: hda/realtek - Add quirk for MSI GE63 laptop - [x86,arm64] ACPI: sysfs: Fix pm_profile_attr type - [x86] KVM: Fix MSR range of APIC registers in X2APIC mode - [x86] KVM: nVMX: Plumb L2 GPA through to PML emulation - [amd64] x86/asm/64: Align start of __clear_user() loop to 16-bytes - btrfs: fix data block group relocation failure due to concurrent scrub - btrfs: fix failure of RWF_NOWAIT write into prealloc extent beyond eof - mm/slab: use memzero_explicit() in kzfree() - ocfs2: avoid inode removal while nfsd is accessing it - ocfs2: load global_inode_alloc - ocfs2: fix value of OCFS2_INVALID_SLOT - ocfs2: fix panic on nfs server over ocfs2 - [arm64] perf: Report the PC value in REGS_ABI_32 mode - tracing: Fix event trigger to accept redundant spaces - ring-buffer: Zero out time extend if it is nested and not absolute - drm/radeon: fix fb_div check in ni_init_smc_spll_table() - [x86,arm64] Staging: rtl8723bs: prevent buffer overflow in update_sta_support_rate() - sunrpc: fixed rollback in rpc_gssd_dummy_populate() - SUNRPC: Properly set the @subbuf parameter of xdr_buf_subsegment() - pNFS/flexfiles: Fix list corruption if the mirror count changes - NFSv4 fix CLOSE not waiting for direct IO compeletion - dm writecache: correct uncommitted_block when discarding uncommitted entry - dm writecache: add cond_resched to loop in persistent_memory_claim() - xfs: add agf freeblocks verify in xfs_agf_verify (CVE-2020-12655) - Revert "tty: hvc: Fix data abort due to race in hvc_open" . [ Salvatore Bonaccorso ] * [rt] Add new signing key for Tom Zanussi * nfsd: apply umask on fs without ACL support (Closes: #962254) * [rt] Update to 4.19.120-rt52: - tasklet: Address a race resulting in double-enqueue - hrtimer: fix logic for when grabbing softirq_expiry_lock can be elided * [rt] Update to 4.19.124-rt53 * [rt] Update to 4.19.127-rt55: - fs/dcache: Include swait.h header - mm: slub: Always flush the delayed empty slubs in flush_all() - tasklet: Fix UP case for tasklet CHAINED state * usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect (CVE-2020-15393) . [ Ben Hutchings ] * [rt] Update "net: move xmit_recursion to per-task variable on -RT" to apply on top of "net: place xmit recursion in softnet data" * [rt] Drop "net: Add a mutex around devnet_rename_seq", redundant with "net: Introduce net_rwsem to protect net_namespace_list" * [rt] Drop idle task related parts of "sched: Move mmdrop to RCU on RT", redundant with "sched/core: Fix illegal RCU from offline CPUs" * Bump ABI to 10 . [ YunQiang Su ] * [mips*]: Do not enable MIPS_O32_FP64_SUPPORT, since golang hasn't been migrated to FPXX yet and this breaks the golang packages on Octeon hardware. In turns this disables MSA on 32-bit kernels. . [ Luca Boccassi ] * [cloud] Enable INFINIBAND configs for HyperV/Azure (Closes: #958300) linux-signed-arm64 (4.19.118+2+deb10u1) buster-security; urgency=high . * Sign kernel from linux 4.19.118-2+deb10u1 . [ Salvatore Bonaccorso ] * selinux: properly handle multiple messages in selinux_netlink_send() (CVE-2020-10751) * fs/namespace.c: fix mountpoint reference counter race (CVE-2020-12114) * USB: core: Fix free-while-in-use bug in the USB S-Glibrary (CVE-2020-12464) * [x86] KVM: SVM: Fix potential memory leak in svm_cpu_init() (CVE-2020-12768) * scsi: sg: add sg_remove_request in sg_write (CVE-2020-12770) * USB: gadget: fix illegal array access in binding with UDC (CVE-2020-13143) * netlabel: cope with NULL catmap (CVE-2020-10711) * fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() (CVE-2020-10732) * kernel/relay.c: handle alloc_percpu returning NULL in relay_open (CVE-2019-19462) * mm: Fix mremap not considering huge pmd devmap (CVE-2020-10757) * [x86] KVM: nVMX: Always sync GUEST_BNDCFGS when it comes from vmcs01 * KVM: Introduce a new guest mapping API * [arm64] kvm: fix compilation on aarch64 * [s390x] kvm: fix compilation on s390 * [s390x] kvm: fix compile on s390 part 2 * KVM: Properly check if "page" is valid in kvm_vcpu_unmap * [x86] kvm: Introduce kvm_(un)map_gfn() (CVE-2019-3016) * [x86] kvm: Cache gfn to pfn translation (CVE-2019-3016) * [x86] KVM: Make sure KVM_VCPU_FLUSH_TLB flag is not missed (CVE-2019-3016) * [x86] KVM: Clean up host's steal time structure (CVE-2019-3016) * include/uapi/linux/swab.h: fix userspace breakage, use __BITS_PER_LONG for swap (Closes: #960271) . [ Ben Hutchings ] * propagate_one(): mnt_set_mountpoint() needs mount_lock * [x86] Add support for mitigation of Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543): - x86/cpu: Add 'table' argument to cpu_matches() - x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation - x86/speculation: Add SRBDS vulnerability and mitigation documentation - x86/speculation: Add Ivy Bridge to affected list * [x86] speculation: Do not match steppings, to avoid an ABI change linux-signed-arm64 (4.19.118+2+deb10u1~bpo9+1) stretch-backports; urgency=medium . * Sign kernel from linux 4.19.118-2+deb10u1~bpo9+1 . * Rebuild for stretch-backports; no further changes required linux-signed-i386 (4.19.132+1) buster; urgency=medium . * Sign kernel from linux 4.19.132-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.132 - btrfs: fix a block group ref counter leak after failure to remove block group - mm: fix swap cache node allocation mask - [x86] EDAC/amd64: Read back the scrub rate PCI register on F15h - usbnet: smsc95xx: Fix use-after-free after removal - mm/slub.c: fix corrupted freechain in deactivate_slab() - mm/slub: fix stack overruns with SLUB_STATS - [s390x] debug: avoid kernel warning on too large number of pages - nvme-multipath: set bdi capabilities once - nvme-multipath: fix deadlock between ana_work and scan_work - crypto: af_alg - fix use-after-free in af_alg_accept() due to bh_lock_sock() - [arm64] drm/msm/dpu: fix error return code in dpu_encoder_init - cxgb4: use unaligned conversion for fetching timestamp - cxgb4: parse TC-U32 key values and masks natively - cxgb4: use correct type for all-mask IP address comparison - cxgb4: fix SGE queue dump destination buffer context - [x86] hwmon: (acpi_power_meter) Fix potential memory leak in acpi_power_meter_add() - [arm64,armhf] drm: sun4i: hdmi: Remove extra HPD polling - virtio-blk: free vblk-vqs in error path of virtblk_probe() - SMB3: Honor 'posix' flag for multiuser mounts - nvme: fix a crash in nvme_mpath_add_disk - i2c: algo-pca: Add 0x78 as SCL stuck low status for PCA9665 - Revert "ALSA: usb-audio: Improve frames size computation" - SMB3: Honor 'seal' flag for multiuser mounts - SMB3: Honor persistent/resilient handle flags for multiuser mounts - SMB3: Honor lease disabling for multiuser mounts - cifs: Fix the target file was deleted when rename failed. - [mips*] Add missing EHB in mtc0 -> mfc0 sequence for DSPen - [arm64,armhf] irqchip/gic: Atomically update affinity - dm zoned: assign max_io_len correctly - efi: Make it possible to disable efivar_ssdt entirely . [ Salvatore Bonaccorso ] * [rt] Update to 4.19.132-rt59 * Revert "ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb" (Closes: #964153, #964480) * efi: Restrict efivar_ssdt_load when the kernel is locked down (CVE-2019-20908) * certs: Rotate to use the Debian Secure Boot Signer 2020 certificate * e1000e: Add support for Comet Lake (Closes: #965365) linux-signed-i386 (4.19.131+2) buster; urgency=medium . * Sign kernel from linux 4.19.131-2 . [ Aurelien Jarno ] * Revert "mips: Add udelay lpj numbers adjustment", since it causes the build to fail with CONFIG_CPU_FREQ=y. linux-signed-i386 (4.19.131+1) buster; urgency=medium . * Sign kernel from linux 4.19.131-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.119 - ext4: fix extent_status fragmentation for plain files - [arm64] drm/msm: Use the correct dma_sync calls harder - vti4: removed duplicate log message. - [arm64] Add part number for Neoverse N1 - [arm64] errata: Hide CTR_EL0.DIC on systems affected by Neoverse-N1 #1542419 - [arm64] Fake the IminLine size on systems affected by Neoverse-N1 #1542419 - [arm64] compat: Workaround Neoverse-N1 #1542419 for compat user-space - watchdog: reset last_hw_keepalive time at start - scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login - scsi: lpfc: Fix crash in target side cable pulls hitting WAIT_FOR_UNREG - ceph: return ceph_mdsc_do_request() errors from __get_parent() - ceph: don't skip updating wanted caps when cap is stale - scsi: iscsi: Report unbind session event when the target has been removed - [x86] ASoC: Intel: atom: Take the drv->lock mutex before calling sst_send_slot_map() - nvme: fix deadlock caused by ANA update wrong locking - ipc/util.c: sysvipc_find_ipc() should increase position index - [s390x] cio: avoid duplicated 'ADD' uevents - loop: Better discard support for block devices - [powerpc*] Revert "powerpc/64: irq_work avoid interrupt when called with hardware irqs enabled" - [arm*] pwm: bcm2835: Dynamically allocate base - perf/core: Disable page faults when getting phys address - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN MPWIN895CL tablet - xhci: Ensure link state is U3 after setting USB_SS_PORT_LS_U3 - virtio-blk: improve virtqueue error to BLK_STS - scsi: smartpqi: fix call trace in device discovery - PCI/ASPM: Allow re-enabling Clock PM - [x86] KVM: VMX: Zero out *all* general purpose registers after VM-Exit - cxgb4: fix adapter crash due to wrong MC size - cxgb4: fix large delays in PTP synchronization - ipv6: fix restrict IPV6_ADDRFORM operation - macsec: avoid to set wrong mtu - macvlan: fix null dereference in macvlan_device_event() - net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node - [arm64,armhf] net: stmmac: dwmac-meson8b: Add missing boundary to RGMII TX clock array - sched: etf: do not assume all sockets are full blown - tcp: cache line align MAX_TCP_HEADER - team: fix hang in team_mode_get() - vrf: Fix IPv6 with qdisc and xfrm - [armhf] net: dsa: b53: Lookup VID in ARL searches when VLAN is enabled - [armhf] net: dsa: b53: Fix ARL register definitions - [armhf] net: dsa: b53: Rework ARL bin logic - [armhf] net: dsa: b53: b53_arl_rw_op() needs to select IVL or SVL - xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish - vrf: Check skb for XFRM_TRANSFORMED flag - KEYS: Avoid false positive ENOMEM error on key read - ALSA: hda: Remove ASUS ROG Zenith from the blacklist - ALSA: usb-audio: Add static mapping table for ALC1220-VB-based mobos - ALSA: usb-audio: Add connector notifier delegation - [armhf] iio: st_sensors: rely on odr mask to know if odr can be set - USB: sisusbvga: Change port variable from signed to unsigned - USB: Add USB_QUIRK_DELAY_CTRL_MSG and USB_QUIRK_DELAY_INIT for Corsair K70 RGB RAPIDFIRE - USB: early: Handle AMD's spec-compliant identifiers, too - USB: hub: Fix handling of connect changes during sleep - vmalloc: fix remap_vmalloc_range() bounds checks - mm/hugetlb: fix a addressing exception caused by huge_pte_offset - mm/ksm: fix NULL pointer dereference when KSM zero page is enabled - ALSA: hda/realtek - Fix unexpected init_amp override - ALSA: hda/realtek - Add new codec supported for ALC245 - ALSA: usb-audio: Fix usb audio refcnt leak when getting spdif - ALSA: usb-audio: Filter out unsupported sample rates on Focusrite devices - tpm/tpm_tis: Free IRQ if probing fails - [s390x] KVM: Return last valid slot if approx index is out-of-bounds - KVM: Check validity of resolved slot when searching memslots - [x86] KVM: VMX: Enable machine check support for 32bit targets - tty: hvc: fix buffer overflow during hvc_alloc(). - [x86] tty: rocket, avoid OOB access - usb-storage: Add unusual_devs entry for JMicron JMS566 - audit: check the length of userspace generated audit records - ASoC: dapm: fixup dapm kcontrol widget - iwlwifi: pcie: actually release queue memory in TVQM - iwlwifi: mvm: beacon statistics shouldn't go backwards - [armel,armhf] ARM: imx: provide v7_cpu_resume() only on ARM_CPU_SUSPEND=y - [powerpc*] setup_64: Set cache-line-size based on cache-block-size - [i386] staging: comedi: dt2815: fix writing hi byte of analog output - [x86] staging: comedi: Fix comedi_device refcnt leak in comedi_open - vt: don't hardcode the mem allocation upper bound - vt: don't use kmalloc() for the unicode screen buffer - [x86] staging: vt6656: Don't set RCR_MULTICAST or RCR_BROADCAST by default. - [x86] staging: vt6656: Fix calling conditions of vnt_set_bss_mode - [x86] staging: vt6656: Fix drivers TBTT timing counter. - [x86] staging: vt6656: Fix pairwise key entry save. - [x86] staging: vt6656: Power save stop wake_up_count wrap around. - cdc-acm: close race betrween suspend() and acm_softint - cdc-acm: introduce a cool down - UAS: no use logging any details in case of ENODEV - UAS: fix deadlock in error handling and PM flushing work - [arm64,armhf] usb: dwc3: gadget: Fix request completion check - usb: f_fs: Clear OS Extended descriptor counts to zero in ffs_data_reset() - xhci: prevent bus suspend if a roothub port detected a over-current condition - xfs: Fix deadlock between AGI and AGF with RENAME_WHITEOUT https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.120 - mtd: cfi: fix deadloop in cfi_cmdset_0002.c do_write_buffer - [arm*] binder: take read mode of mmap_sem in binder_alloc_free_page() - [arm64,armhf] usb: dwc3: gadget: Do link recovery for SS and SSP - nfsd: memory corruption in nfsd4_lock() - rxrpc: Fix DATA Tx to disable nofrag for UDP on AF_INET6 socket - net/cxgb4: Check the return from t4_query_params properly - xfs: acquire superblock freeze protection on eofblocks scans - svcrdma: Fix trace point use-after-free race - svcrdma: Fix leak of svc_rdma_recv_ctxt objects - PCI: Avoid ASMedia XHCI USB PME# from D0 defect - [s390x] net/mlx5: Fix failing fw tracer allocation on s390 - perf/core: fix parent pid/tid in task exit events - [i386] bpf, x86_32: Fix incorrect encoding in BPF_LDX zero-extension - mm: shmem: disable interrupt when acquiring info->lock in userfaultfd_copy path - xfs: clear PF_MEMALLOC before exiting xfsaild thread - [x86] bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B - [armhf] net: fec: set GPR bit on suspend by DT configuration. - [x86] hyperv: report value of misc_features - xfs: fix partially uninitialized structure in xfs_reflink_remap_extent - ALSA: hda: Keep the controller initialization even if no codecs found - ALSA: hda: Explicitly permit using autosuspend if runtime PM is supported - scsi: target: fix PR IN / READ FULL STATUS for FC - scsi: target: tcmu: reset_ring should reset TCMU_DEV_BIT_BROKEN - xen/xenbus: ensure xenbus_map_ring_valloc() returns proper grant status - ALSA: hda: call runtime_allow() for all hda controllers - [arm64] Delete the space separator in __emit_inst - ext4: use matching invalidatepage in ext4_writepage - ext4: increase wait time needed before reuse of deleted inode numbers - ext4: convert BUG_ON's to WARN_ON's in mballoc.c - hwmon: (jc42) Fix name to have no illegal characters - [i386] bpf, x86_32: Fix clobbering of dst for BPF_JSET - qed: Fix use after free in qed_chain_free - ext4: check for non-zero journal inum in ext4_calculate_overhead https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.121 - drm/edid: Fix off-by-one in DispID DTD pixel clock - drm/qxl: qxl_release leak in qxl_draw_dirty_fb() - drm/qxl: qxl_release leak in qxl_hw_surface_alloc() - drm/qxl: qxl_release use after free - btrfs: fix block group leak when removing fails - ALSA: hda/realtek - Two front mics on a Lenovo ThinkCenter - ALSA: usb-audio: Correct a typo of NuPrime DAC-10 USB ID - ALSA: hda/hdmi: fix without unlocked before return - ALSA: pcm: oss: Place the plugin buffer overflow checks correctly (Closes: #960493) - PM: ACPI: Output correct message on target power state - PM: hibernate: Freeze kernel threads in software_resume() - dm writecache: fix data corruption when reloading the target - dm multipath: use updated MPATHF_QUEUE_IO on mapping for bio-based mpath - scsi: qla2xxx: set UNLOADING before waiting for session deletion - scsi: qla2xxx: check UNLOADING before posting async work - RDMA/mlx5: Set GRH fields in query QP on RoCE - RDMA/mlx4: Initialize ib_spec on the stack - RDMA/core: Prevent mixed use of FDs between shared ufiles - RDMA/core: Fix race between destroy and release FD object - [amd64,arm64] vfio: avoid possible overflow in vfio_iommu_type1_pin_pages - [amd64,arm64] vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() - [arm64] iommu/qcom: Fix local_base status check - scsi: target/iblock: fix WRITE SAME zeroing - [amd64] iommu/amd: Fix legacy interrupt remapping for x2APIC-enabled system - nfs: Fix potential posix_acl refcnt leak in nfs3_set_acl - btrfs: fix partial loss of prealloc extent past i_size after fsync - btrfs: transaction: Avoid deadlock due to bad initialization timing of fs_info::journal_info - mmc: cqhci: Avoid false "cqhci: CQE stuck on" by not open-coding timeout loop - [arm64] mmc: sdhci-xenon: fix annoying 1.8V regulator warning - mmc: sdhci-pci: Fix eMMC driver strength for BYT-based controllers - [arm64] mmc: sdhci-msm: Enable host capabilities pertains to R1b response - [armhf] mmc: meson-mx-sdio: Set MMC_CAP_WAIT_WHILE_BUSY - [armhf] mmc: meson-mx-sdio: remove the broken ->card_busy() op https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.122 - vhost: vsock: kick send_pkt worker once device is started - [powerpc*] pci/of: Parse unassigned resources - [x86] ASoC: topology: Check return value of pcm_new_ver - [armhf] ASoC: sgtl5000: Fix VAG power-on handling - [arm64,armhf] usb: dwc3: gadget: Properly set maxpacket limit - [x86] ASoC: codecs: hdac_hdmi: Fix incorrect use of list_for_each_entry - wimax/i2400m: Fix potential urb refcnt leak - [armhf] net: stmmac: fix enabling socfpga's ptp_ref_clock - [armhf] net: stmmac: Fix sub-second increment - cifs: protect updating server->dstaddr with a spinlock - [s390x] ftrace: fix potential crashes when switching tracers - sctp: Fix SHUTDOWN CTSN Ack in the peer restart case - drm/amdgpu: Fix oops when pp_funcs is unset in ACPI event - lib: devres: add a helper function for ioremap_uc - [x86] mfd: intel-lpss: Use devm_ioremap_uc for MMIO - ALSA: hda: Match both PCI ID and SSID for driver blacklist - [x86] platform: GPD pocket fan: Fix error message when temp-limits are out of range - mac80211: add ieee80211_is_any_nullfunc() - cgroup, netclassid: remove double cond_resched - drm/atomic: Take the atomic toys away from X https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.123 - USB: serial: qcserial: Add DW5816e support - tracing/kprobes: Fix a double initialization typo - vt: fix unicode console freeing with a common interface - fq_codel: fix TCA_FQ_CODEL_DROP_BATCH_SIZE sanity checks - net: macsec: preserve ingress frame ordering - net/mlx4_core: Fix use of ENOSPC around mlx4_counter_alloc() - net_sched: sch_skbprio: add message validation to skbprio_change() - net: usb: qmi_wwan: add support for DW5816e - sch_choke: avoid potential panic in choke_reset() - sch_sfq: validate silly quantum values - tipc: fix partial topology connection closure - bnxt_en: Fix VLAN acceleration handling in bnxt_fix_features(). - net/mlx5: Fix forced completion access non initialized command entry - net/mlx5: Fix command entry leak in Internal Error State - bnxt_en: Improve AER slot reset. - bnxt_en: Fix VF anti-spoof filter setup. - net: stricter validation of untrusted gso packets - HID: wacom: Read HID_DG_CONTACTMAX directly for non-generic devices - sctp: Fix bundling of SHUTDOWN with COOKIE-ACK - HID: usbhid: Fix race between usbhid_close() and usbhid_stop() - USB: uas: add quirk for LaCie 2Big Quadra - USB: serial: garmin_gps: add sanity checking for data length - tracing: Add a vmalloc_sync_mappings() for safe measure - [arm64,armhf] KVM: vgic: Fix limit condition when writing to GICD_I[CS]ACTIVER - [arm64] KVM: Fix 32bit PC wrap-around - [arm64] hugetlb: avoid potential NULL dereference - mm/page_alloc: fix watchdog soft lockups during set_zone_contiguous() - [x86] KVM: VMX: Explicitly reference RCX as the vmx_vcpu pointer in asm blobs - [x86] KVM: VMX: Mark RCX, RDX and RSI as clobbered in vmx_vcpu_run()'s asm blob - batman-adv: fix batadv_nc_random_weight_tq - batman-adv: Fix refcnt leak in batadv_show_throughput_override - batman-adv: Fix refcnt leak in batadv_store_throughput_override - batman-adv: Fix refcnt leak in batadv_v_ogm_process - [amd64] x86/entry/64: Fix unwind hints in register clearing code - [amd64] x86/entry/64: Fix unwind hints in kernel exit path - [amd64] x86/entry/64: Fix unwind hints in rewind_stack_do_exit() - [amd64] x86/unwind/orc: Don't skip the first frame for inactive tasks - [amd64] x86/unwind/orc: Prevent unwinding before ORC initialization - [amd64] x86/unwind/orc: Fix error path for bad ORC entry type - [amd64] x86/unwind/orc: Fix premature unwind stoppage due to IRET frames - netfilter: nat: never update the UDP checksum when it's 0 - netfilter: nf_osf: avoid passing pointer to local var - scripts/decodecode: fix trapping instruction formatting - ipc/mqueue.c: change __do_notify() to bypass check_kill_permission() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.124 - [arm64,armhf] net: dsa: Do not make user port errors fatal - shmem: fix possible deadlocks on shmlock_user_lock - virtio-blk: handle block_device_operations callbacks after hot unplug - mmc: sdhci-acpi: Add SDHCI_QUIRK2_BROKEN_64_BIT_DMA for AMDI0040 - net: fix a potential recursive NETDEV_FEAT_CHANGE - net: phy: fix aneg restart in phy_ethtool_set_eee - pppoe: only process PADT targeted at local interfaces - Revert "ipv6: add mtu lock check in __ip6_rt_update_pmtu" - tcp: fix error recovery in tcp_zerocopy_receive() - virtio_net: fix lockdep warning on 32 bit - [x86,arm64] hinic: fix a bug of ndo_stop - net: ipv4: really enforce backoff for redirects - netprio_cgroup: Fix unlimited memory leak of v2 cgroups - net: tcp: fix rx timestamp behavior for tcp_recvmsg - tcp: fix SO_RCVLOWAT hangs with fat skbs - [i386] dmaengine: pch_dma.c: Avoid data race between probe and irq handler - [x86] cpufreq: intel_pstate: Only mention the BIOS disabling turbo mode once - ALSA: hda/hdmi: fix race in monitor detection during probe - drm/qxl: lost qxl_bo_kunmap_atomic_page in qxl_image_init_helper() - ipc/util.c: sysvipc_find_ipc() incorrectly updates position index - ALSA: hda/realtek - Fix S3 pop noise on Dell Wyse - gfs2: Another gfs2_walk_metadata fix - [x86] pinctrl: baytrail: Enable pin configuration setting for GPIO chip - [x86] pinctrl: cherryview: Add missing spinlock usage in chv_gpio_irq_handler - i40iw: Fix error handling in i40iw_manage_arp_cache() - mmc: core: Check request type before completing the request - mmc: block: Fix request completion in the CQE timeout path - NFS: Fix fscache super_cookie index_key from changing after umount - nfs: fscache: use timespec64 in inode auxdata - NFSv4: Fix fscache cookie aux_data to ensure change_attr is included - [arm64] fix the flush_icache_range arguments in machine_kexec - netfilter: nft_set_rbtree: Introduce and use nft_rbtree_interval_start() - IB/mlx4: Test return value of calls to ib_get_cached_pkey - ALSA: hda/realtek - Limit int mic boost for Thinkpad T530 - ALSA: rawmidi: Fix racy buffer resize under concurrent accesses - ALSA: usb-audio: Add control message quirk delay for Kingston HyperX headset - usb: core: hub: limit HUB_QUIRK_DISABLE_AUTOSUSPEND to USB5534B - [arm64,armhf] usb: host: xhci-plat: keep runtime active when removing host - usb: xhci: Fix NULL pointer dereference when enqueuing trbs from urb sg list - cifs: fix leaked reference on requeued write - exec: Move would_dump into flush_old_exec - [arm64,armhf] clk: rockchip: fix incorrect configuration of rk3228 aclk_gpu* clocks - [arm64,armhf] dwc3: Remove check for HWO flag in dwc3_gadget_ep_reclaim_trb_sg() - Revert "ALSA: hda/realtek: Fix pop noise on ALC225" - clk: Unlink clock if failed to prepare or enable - [arm64] dts: rockchip: Replace RK805 PMIC node name with "pmic" on rk3328 boards - [x86] KVM: Fix off-by-one error in kvm_vcpu_ioctl_x86_setup_mce https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.125 - i2c: dev: Fix the race between the release of i2c_dev and cdev - fix multiplication overflow in copy_fdtable() - ubifs: remove broken lazytime support - [amd64] iommu/amd: Fix over-read of ACPI UID from IVRS table - ubi: Fix seq_file usage in detailed_erase_block_info debugfs file - HID: multitouch: add eGalaxTouch P80H84 support - HID: alps: Add AUI1657 device ID - HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead - scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV - scsi: qla2xxx: Delete all sessions before unregister local nvme port - configfs: fix config_item refcnt leak in configfs_rmdir() - vhost/vsock: fix packet delivery order to monitoring devices - [amd64] aquantia: Fix the media type of AQC100 ethernet controller in the driver - component: Silence bind error on -EPROBE_DEFER - [ppc64el] scsi: ibmvscsi: Fix WARN_ON during event pool release - HID: i2c-hid: reset Synaptics SYNA2393 on resume - [x86] apic: Move TSC deadline timer debug printk - gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() - HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A keyboard-dock - ceph: fix double unlock in handle_cap_export() - [arm64,armhf] stmmac: fix pointer check after utilization in stmmac_interrupt - USB: core: Fix misleading driver bug report - [x86] platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA - padata: Replace delayed timer with immediate workqueue in padata_reorder - padata: initialize pd->cpu with effective cpumask - padata: purge get_cpu and reorder_via_wq from padata_do_serial - ALSA: iec1712: Initialize STDSP24 properly when using the model=staudio option - ALSA: pcm: fix incorrect hw_base increase - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Xtreme - ALSA: hda/realtek - Add more fixup entries for Clevo machines - [armhf] drm/etnaviv: fix perfmon domain interation - apparmor: Fix use-after-free in aa_audit_rule_init - apparmor: fix potential label refcnt leak in aa_change_profile - apparmor: Fix aa_label refcnt leak in policy_update - [arm64] dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()' - [powerpc*] Remove STRICT_KERNEL_RWX incompatibility with RELOCATABLE - [powerpc*] 64s: Disable STRICT_KERNEL_RWX - [amd64,arm64] nfit: Add Hyper-V NVDIMM DSM command set to white list - [x86,arm64] libnvdimm/btt: Remove unnecessary code in btt_freelist_init - [x86,arm64] libnvdimm/btt: Fix LBA masking during 'free list' population - [x86] thunderbolt: Drop duplicated get_switch_at_route() - cxgb4: free mac_hlist properly - cxgb4/cxgb4vf: Fix mac_hlist initialization and free - brcmfmac: abort and release host after error - Revert "gfs2: Don't demote a glock until its revokes are written" - misc: rtsx: Add short delay after exit from ASPM - [x86] mei: release me_cl object reference - rxrpc: Fix a memory leak in rxkad_verify_response() - rxrpc: Trace discarded ACKs - rxrpc: Fix ack discard https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.126 - ax25: fix setsockopt(SO_BINDTODEVICE) - __netif_receive_skb_core: pass skb by reference - net: inet_csk: Fix so_reuseport bind-address cache in tb->fast* - net: ipip: fix wrong address family in init error path - net/mlx5: Add command entry handling completion - net: revert "net: get rid of an signed integer overflow in ip_idents_reserve()" - net sched: fix reporting the first-time use timestamp - r8152: support additional Microsoft Surface Ethernet Adapter variant - sctp: Don't add the shutdown timer if its already been added - sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and socket is closed - net/mlx5e: Update netdev txq on completions during closure - net/mlx5: Annotate mutex destroy for root ns - net: sun: fix missing release regions in cas_init_one(). - net/mlx4_core: fix a memory leak bug. - [armhf] dts: rockchip: fix phy nodename for rk3228-evb - [arm64] dts: rockchip: fix status for &gmac2phy in rk3328-evb.dts - [arm64,armhf] gpio: tegra: mask GPIO IRQs during IRQ shutdown - ALSA: usb-audio: add mapping for ASRock TRX40 Creator - gfs2: move privileged user check to gfs2_quota_lock_check - cachefiles: Fix race between read_waiter and read_copier involving op->to_do - [arm64] usb: dwc3: pci: Enable extcon driver for Intel Merrifield - usb: gadget: legacy: fix redundant initialization warnings - IB/i40iw: Remove bogus call to netdev_master_upper_dev_get() - cifs: Fix null pointer check in cifs_read - Input: usbtouchscreen - add support for BonXeon TP - Input: evdev - call input_flush_device() on release(), not flush() - Input: xpad - add custom init packet for Xbox One S controllers - Input: i8042 - add ThinkPad S230u to i8042 reset list - Input: synaptics-rmi4 - really fix attn_data use-after-free - Input: synaptics-rmi4 - fix error return code in rmi_driver_probe() - [armel,armhf] 8970/1: decompressor: increase tag size - [arm*] 8843/1: use unified assembler in headers - gpio: exar: Fix bad handling for ida_simple_get error path - IB/qib: Call kobject_put() when kobject_init_and_add() fails - [armhf] dts/imx6q-bx50v3: Set display interface clock parents - [armel,armhf] dts: bcm2835-rpi-zero-w: Fix led polarity - mmc: block: Fix use-after-free issue for rpmb - ALSA: hwdep: fix a left shifting 1 by 31 UB bug - ALSA: hda/realtek - Add a model for Thinkpad T570 without DAC workaround - ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC - exec: Always set cap_ambient in cap_bprm_set_creds - ALSA: usb-audio: Quirks for Gigabyte TRX40 Aorus Master onboard audio - ALSA: hda/realtek - Add new codec supported for ALC287 - libceph: ignore pool overlay and cache logic on redirects - IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode - mm: remove VM_BUG_ON(PageSlab()) from page_mapcount() - include/asm-generic/topology.h: guard cpumask_of_node() macro argument - iommu: Fix reference count leak in iommu_group_alloc. - mmc: core: Fix recursive locking issue in CQE recovery path - RDMA/core: Fix double destruction of uobject - mac80211: mesh: fix discovery timer re-arming issue / crash - [x86] dma: Fix max PFN arithmetic overflow on 32 bit systems - [x86] copy_xstate_to_kernel(): don't leave parts of destination uninitialized - xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input - xfrm: call xfrm_output_gso when inner_protocol is set in xfrm_output - xfrm interface: fix oops when deleting a x-netns interface - xfrm: fix a warning in xfrm_policy_insert_list - xfrm: fix a NULL-ptr deref in xfrm_local_error - xfrm: fix error in comment - vti4: eliminated some duplicate code. - ip_vti: receive ipip packet by calling ip_tunnel_rcv - netfilter: nft_reject_bridge: enable reject with bridge vlan - netfilter: ipset: Fix subcounter update skip - netfilter: nfnetlink_cthelper: unbreak userspace helper support - netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code - esp6: get the right proto for transport mode in esp6_gso_encap - bnxt_en: Fix accumulation of bp->net_stats_prev. - xsk: Add overflow check for u64 division, stored into u32 - qlcnic: fix missing release in qlcnic_83xx_interrupt_test. - bonding: Fix reference count leak in bond_sysfs_slave_add. - netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build - mm/vmalloc.c: don't dereference possible NULL pointer in __vunmap() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.127 - Revert "cgroup: Add memory barriers to plug cgroup_rstat_updated() race window" - libnvdimm: Fix endian conversion issues  - HID: sony: Fix for broken buttons on DS3 USB dongles - HID: i2c-hid: add Schneider SCL142ALM to descriptor override - p54usb: add AirVasT USB stick device-id - mmc: fix compilation of user API - scsi: ufs: Release clock if DMA map fails - airo: Fix read overflows sending packets - [x86] drm/i915: fix port checks for MST support on gen >= 11 - [arm64] scsi: hisi_sas: Check sas_port before using it - [powerpc*] powernv: Avoid re-registration of imc debugfs directory - [s390x] ftrace: save traced function caller - drm/edid: Add Oculus Rift S to non-desktop list - [s390x] mm: fix set_huge_pte_at() for empty ptes - null_blk: return error for invalid zone size - [arm64] net: ethernet: stmmac: Enable interface clocks on probe for IPQ806x - [arm64,armhf] net: smsc911x: Fix runtime PM imbalance on error https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.128 - devinet: fix memleak in inetdev_init() - l2tp: add sk_family checks to l2tp_validate_socket - l2tp: do not use inet_hash()/inet_unhash() - net: usb: qmi_wwan: add Telit LE910C1-EUX composition - vsock: fix timeout in vsock_accept() - net: check untrusted gso_size at kernel entry - USB: serial: qcserial: add DW5816e QDL support - USB: serial: usb_wwan: do not resubmit rx urb on fatal errors - USB: serial: option: add Telit LE910C1-EUX compositions - [arm64,armhf] usb: musb: start session in resume for host port - [arm64,armhf] usb: musb: Fix runtime PM imbalance on error - vt: keyboard: avoid signed integer overflow in k_ascii (CVE-2020-13974) - tty: hvc_console, fix crashes on parallel open/close - staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK - CDC-ACM: heed quirk also in error handling - [arm64] nvmem: qfprom: remove incorrect write support - uprobes: ensure that uprobe->offset and ->ref_ctr_offset are properly aligned - Revert "net/mlx5: Annotate mutex destroy for root ns" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.129 - ipv6: fix IPV6_ADDRFORM operation logic - net_failover: fixed rollback in net_failover_open() - bridge: Avoid infinite loop when suppressing NS messages with invalid options - vxlan: Avoid infinite loop when suppressing NS messages with invalid options - tun: correct header offsets in napi frags mode - make 'user_access_begin()' do 'access_ok()' (CVE-2018-20669) - [x86] uaccess: Inhibit speculation past access_ok() in user_access_begin() - lib: Reduce user_access_begin() boundaries in strncpy_from_user() and strnlen_user() - btrfs: merge btrfs_find_device and find_device (CVE-2019-18885) - btrfs: Detect unbalanced tree with empty leaf before crashing btree operations - [armel,armhf] 8977/1: ptrace: Fix mask for thumb breakpoint hook - sched/fair: Don't NUMA balance for kthreads - Input: synaptics - add a second working PNP_ID for Lenovo T470s - [powerpc*] xive: Clear the page tables for the ESB IO mapping - ath9k_htc: Silence undersized packet warnings - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated - [x86] cpu/amd: Make erratum #1054 a legacy erratum - perf probe: Accept the instance number of kretprobe event - mm: add kvfree_sensitive() for freeing sensitive data objects - aio: fix async fsync creds - btrfs: tree-checker: Check level for leaves and nodes - [x86] Fix jiffies ODR violation - [x86] PCI: Mark Intel C620 MROMs as having non-compliant BARs - [x86] speculation: Prevent rogue cross-process SSBD shutdown (CVE-2020-10766) - [x86] reboot/quirks: Add MacBook6,1 reboot quirk - efi/efivars: Add missing kobject_put() in sysfs entry creation error path - [i386] ALSA: es1688: Add the missed snd_card_free() - ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines - ALSA: usb-audio: Fix inconsistent card PM state after resume - ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt Dock - [arm64,x86] ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile() - [amd64,arm64] ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe() - [arm64] ACPI: GED: add support for _Exx / _Lxx handler methods - [arm64,x86] ACPI: PM: Avoid using power resources if there are none for D0 - cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages - nilfs2: fix null pointer dereference at nilfs_segctor_do_construct() - [arm*] spi: bcm2835aux: Fix controller unregister order - PM: runtime: clk: Fix clk_pm_runtime_get() error path - [arm64] crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated - ALSA: pcm: disallow linking stream to itself - [x86] {mce,mm}: Unmap the entire page if the whole page is affected and poisoned - [x86] KVM: Fix APIC page invalidation race - [x86] kvm: Fix L1TF mitigation for shadow MMU - [x86] KVM: x86/mmu: Consolidate "is MMIO SPTE" code - [x86] KVM: only do L1TF workaround on affected processors - [x86] speculation: Change misspelled STIPB to STIBP - [x86] speculation: Add support for STIBP always-on preferred mode - [x86] speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS. (CVE-2020-10767) - [x86] speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches. (CVE-2020-10768) - spi: No need to assign dummy value in spi_unregister_controller() - spi: Fix controller unregister order - [amd64] spi: pxa2xx: Fix controller unregister order - [arm*] spi: bcm2835: Fix controller unregister order - [amd64] spi: pxa2xx: Balance runtime PM enable/disable on error - [amd64] spi: pxa2xx: Fix runtime PM ref imbalance on probe error - crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req() - crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() - crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() - ovl: initialize error in ovl_copy_xattr - proc: Use new_inode not new_inode_pseudo - [x86] KVM: nSVM: fix condition for filtering async PF - [x86] KVM: nSVM: leave ASID aside in copy_vmcb_control_area - [x86] KVM: nVMX: Consult only the "basic" exit reason when routing nested exit - [arm64] KVM: Make vcpu_cp1x() work on Big Endian hosts - scsi: megaraid_sas: TM command refire leads to controller firmware crash - ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx - ath9k: Fix use-after-free Write in ath9k_htc_rx_msg - ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb - mm/slub: fix a memory leak in sysfs_slab_add() - fat: don't allow to mount if the FAT length == 0 - perf: Add cond_resched() to task_function_call() - [x86] agp/intel: Reinforce the barrier after GTT updates - [arm64] mmc: sdhci-msm: Clear tuning done flag while hs400 tuning - mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card() - xen/pvcalls-back: test for errors when calling backend_connect() - [arm64] KVM: Synchronize sysreg state on injecting an AArch32 exception - [arm64] ACPI: GED: use correct trigger type field in _Exx / _Lxx handling - [arm64] drm: bridge: adv7511: Extend list of audio sample rates - [x86] crypto: ccp -- don't "select" CONFIG_DMADEVICES - media: si2157: Better check for running tuner in init - [amd64] spi: pxa2xx: Apply CS clk quirk to BXT - [amd64] net: atlantic: make hw_get_regs optional - net: ena: fix error returning in ena_com_get_hash_function() - [arm64] insn: Fix two bugs in encoding 32-bit logical immediates - ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K - Bluetooth: Add SCO fallback for invalid LMP parameters error - [armhf] clocksource: dw_apb_timer: Make CPU-affiliation being optional - [armhf] clocksource: dw_apb_timer_of: Fix missing clockevent timers - btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums - batman-adv: Revert "disable ethtool link speed detection when auto negotiation off" - [armhf] mmc: meson-mx-sdio: trigger a soft reset after a timeout or CRC error - [x86] kvm/hyper-v: Explicitly align hcall param for kvm_hyperv_exit - [x86] net: vmxnet3: fix possible buffer overflow caused by bad DMA value in vmxnet3_get_rss() - brcmfmac: fix wrong location to get firmware feature - e1000: Distribute switch variables for initialization - dt-bindings: display: mediatek: control dpi pins mode to avoid leakage - audit: fix a net reference leak in audit_send_reply() - media: dvb: return -EREMOTEIO on i2c transfer failure. - [mips*] Make sparse_init() using top-down allocation - Bluetooth: btbcm: Add 2 missing models to subver tables - audit: fix a net reference leak in audit_list_rules_send() - netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported - exit: Move preemption fixup up, move blocking operations down - sched/core: Fix illegal RCU from offline CPUs - drivers/perf: hisi: Fix typo in events attribute array - [armhf] net: allwinner: Fix use correct return type for ndo_start_xmit() - xfs: clean up the error handling in xfs_swap_extents - Crypto/chcr: fix for ccm(aes) failed test - [mips*] cm: Fix an invalid error code of INTVN_*_ERR - xfs: reset buffer write failure state on successful completion - xfs: fix duplicate verification from xfs_qm_dqflush() - [x86] platform/x86: intel-vbtn: Use acpi_evaluate_integer() - [x86] platform/x86: intel-vbtn: Split keymap into buttons and switches parts - [x86] platform/x86: intel-vbtn: Do not advertise switches to userspace if they are not there - [x86] platform/x86: intel-vbtn: Also handle tablet-mode switch on "Detachable" and "Portable" chassis-types - nvme: refine the Qemu Identify CNS quirk - ath10k: Remove msdu from idr when management pkt send fails - [arm64] wcn36xx: Fix error handling path in 'wcn36xx_probe()' - net: qed*: Reduce RX and TX default ring count when running inside kdump kernel - mt76: avoid rx reorder buffer overflow - md: don't flush workqueue unconditionally in md_open - veth: Adjust hard_start offset on redirect XDP frames - net/mlx5e: IPoIB, Drop multicast packets that this interface sent - rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup() - mwifiex: Fix memory corruption in dump_station - [x86] boot: Correct relocation destination on old linkers - [x86] mm: Stop printing BRK addresses - btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a new qgroup - macvlan: Skip loopback packets in RX handler - PCI: Don't disable decoding when mmio_always_on is set - [mips*] Fix IRQ tracing when call handle_fpe() and handle_msa_fpe() - bcache: fix refcount underflow in bcache_device_free() - [arm64] mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk - mmc: via-sdmmc: Respect the cmd->busy_timeout from the mmc core - ixgbe: fix signed-integer-overflow warning - [armhf] mmc: sdhci-esdhc-imx: fix the mask for tuning start point - cpuidle: Fix three reference count leaks - [x86] platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32() - [x86] platform/x86: intel-hid: Add a quirk to support HP Spectre X2 (2015) - [x86] platform/x86: intel-vbtn: Only blacklist SW_TABLET_MODE on the 9 / "Laptop" chasis-type - btrfs: include non-missing as a qualifier for the latest_bdev - btrfs: send: emit file capabilities after chown - mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked() - mm: initialize deferred pages with interrupts enabled - ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max - ext4: fix error pointer dereference - ext4: fix race between ext4_sync_parent() and rename() - PCI: Avoid Pericom USB controller OHCI/EHCI PME# defect - PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0 - PCI: Avoid FLR for AMD Starship USB 3.0 - PCI: Add ACS quirk for iProc PAXB - PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints - PCI: Remove unused NFP32xx IDs - [x86] hwmon/k10temp, x86/amd_nb: Consolidate shared device IDs - [x86] amd_nb: Add PCI device IDs for family 17h, model 30h - PCI: add USR vendor id and use it in r8169 and w6692 driver - PCI: Move Synopsys HAPS platform device IDs - PCI: Move Rohm Vendor ID to generic list - misc: pci_endpoint_test: Add the layerscape EP device support - misc: pci_endpoint_test: Add support to test PCI EP in AM654x - PCI: Add Synopsys endpoint EDDA Device ID - PCI: Add NVIDIA GPU multi-function power dependencies - PCI: Enable NVIDIA HDA controllers - [x86] amd_nb: Add PCI device IDs for family 17h, model 70h - ALSA: lx6464es - add support for LX6464ESe pci express variant - PCI: Add Genesys Logic, Inc. Vendor ID - PCI: Add Amazon's Annapurna Labs vendor ID - PCI: vmd: Add device id for VMD device 8086:9A0B - [x86] amd_nb: Add Family 19h PCI IDs - PCI: Add Loongson vendor ID - serial: 8250_pci: Move Pericom IDs to pci_ids.h - PCI: Make ACS quirk implementations more uniform - PCI: Unify ACS quirk desired vs provided checking - PCI: Generalize multi-function power dependency device links - btrfs: fix error handling when submitting direct I/O bio - btrfs: fix wrong file range cleanup after an error filling dealloc range - PCI: Program MPS for RCiEP devices - e1000e: Disable TSO for buffer overrun workaround - e1000e: Relax condition to trigger reset for ME workaround - carl9170: remove P2P_GO support - media: go7007: fix a miss of snd_card_free (CVE-2019-20810) - Bluetooth: hci_bcm: fix freeing not-requested IRQ - b43legacy: Fix case where channel status is corrupted - b43: Fix connection problem with WPA3 - b43_legacy: Fix connection problem with WPA3 - igb: Report speed and duplex as unknown when device is runtime suspended - [arm64,armhf] power: vexpress: add suppress_bind_attrs to true - [armhf] pinctrl: samsung: Correct setting of eint wakeup mask on s5pv210 - [armhf] pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs - gnss: sirf: fix error return code in sirf_probe() - dm crypt: avoid truncating the logical block size - kernel/cpu_pm: Fix uninitted local in cpu_pm - [armhf] tegra: Correct PL310 Auxiliary Control Register initialization - [powerpc*] 64s: Don't let DT CPU features set FSCR_DSCR - [powerpc*] 64s: Save FSCR to init_task.thread.fscr after feature init - sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate registrations. - sunrpc: clean up properly in gss_mech_unregister() - [armhf] w1: omap-hdq: cleanup to add missing newline for some dev_dbg - perf probe: Do not show the skipped events - perf probe: Fix to check blacklist address correctly - perf probe: Check address correctness by map instead of _etext - perf symbols: Fix debuginfo search for Ubuntu https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.130 - [arm64,armhf] clk: sunxi: Fix incorrect usage of round_down() - [arm64,armhf] ASoC: tegra: tegra_wm8903: Support nvidia, headset property - i2c: piix4: Detect secondary SMBus controller on AMD AM4 chipsets - [x86] iio: pressure: bmp280: Tolerate IRQ before registering - [arm64] clk: qcom: msm8916: Fix the address location of pll->config_reg - [arm64] backlight: lp855x: Ensure regulators are disabled on probe failure - [armhf] ASoC: davinci-mcasp: Fix dma_chan refcnt leak when getting dma type - [armel] integrator: Add some Kconfig selections - scsi: qedi: Check for buffer overflow in qedi_set_path() - ALSA: hda/realtek - Introduce polarity for micmute LED GPIO - [i386] ALSA: isa/wavefront: prevent out of bounds write in ioctl - PCI: Allow pci_resize_resource() for devices on root bus - scsi: qla2xxx: Fix issue with adapter's stopping state - [x86] iio: bmp280: fix compensation of humidity - f2fs: report delalloc reserve as non-free in statfs for project quota - [x86] i2c: pxa: clear all master action bits in i2c_pxa_stop_message() - [armhf] clk: samsung: Mark top ISP and CAM clocks on Exynos542x as critical - usblp: poison URBs upon disconnect - serial: 8250: Fix max baud limit in generic 8250 port - dm mpath: switch paths in dm_blk_ioctl() code path - [arm64] PCI: aardvark: Don't blindly enable ASPM L0s and don't write to read-only register - vfio/pci: fix memory leaks in alloc_perm_bits() - RDMA/mlx5: Add init2init as a modify command - scsi: lpfc: Fix lpfc_nodelist leak when processing unsolicited event - [powerpc*] perf/hv-24x7: Fix inconsistent output values incase multiple hv-24x7 events run - nfsd: Fix svc_xprt refcnt leak when setup callback client failed - [amd64] PCI: vmd: Filter resource type bits from shadow register - [powerpc*] crashkernel: Take "mem=" option into account - yam: fix possible memory leak in yam_init_driver - apparmor: fix introspection of of task mode for unconfined tasks - apparmor: check/put label on apparmor_sk_clone_security() - scsi: sr: Fix sr_probe() missing deallocate of device minor - [powerpc*] scsi: ibmvscsi: Don't send host info in adapter info MAD after LPM - apparmor: fix nnp subset test for unconfined - [x86] purgatory: Disable various profiling and sanitizing options - scsi: qedi: Do not flush offload work if ARP not resolved - [armhf] dts: sun8i-h2-plus-bananapi-m2-zero: Fix led polarity - scsi: qedf: Fix crash when MFW calls for protocol stats while function is still probing - [arm64] firmware: qcom_scm: fix bogous abuse of dma-direct internals - ALSA: usb-audio: Improve frames size computation - ALSA: usb-audio: Fix racy list management in output queue - [s390x] qdio: put thinint indicator after early error - tty: hvc: Fix data abort due to race in hvc_open - [armhf] thermal/drivers/ti-soc-thermal: Avoid dereferencing ERR_PTR - [arm64,armhf] usb: dwc3: gadget: Properly handle failed kick_transfer - [mips64el,mipsel] staging: sm750fb: add missing case while setting FB_VISUAL - [arm64,i386] i2c: pxa: fix i2c_pxa_scream_blue_murder() debug output - [arm*] serial: amba-pl011: Make sure we initialize the por