-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 23 Sep 2021 22:35:21 +0200 Source: linux Binary: linux-doc linux-doc-5.10 linux-headers-5.10.0-8-common linux-headers-5.10.0-8-common-rt linux-source linux-source-5.10 linux-support-5.10.0-8 Architecture: all Version: 5.10.46-5 Distribution: bullseye-security Urgency: high Maintainer: all Build Daemon (x86-grnet-02) Changed-By: Salvatore Bonaccorso Description: linux-doc - Linux kernel specific documentation (meta-package) linux-doc-5.10 - Linux kernel specific documentation for version 5.10 linux-headers-5.10.0-8-common - Common header files for Linux 5.10.0-8 linux-headers-5.10.0-8-common-rt - Common header files for Linux 5.10.0-8-rt linux-source - Linux kernel source (meta-package) linux-source-5.10 - Linux kernel source for version 5.10 with Debian patches linux-support-5.10.0-8 - Support files for Linux 5.10 Closes: 993948 993978 Changes: linux (5.10.46-5) bullseye-security; urgency=high . * virtio_console: Assure used length from device is limited (CVE-2021-38160) * NFSv4: Initialise connection to the server in nfs4_alloc_client() (CVE-2021-38199) * tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. (CVE-2021-3679) * [poewrpc*] KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow (CVE-2021-37576) * ovl: prevent private clone if bind mount is not allowed (CVE-2021-3732) * [x86] KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) * [x86] KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) * bpf: Fix integer overflow involving bucket_size (CVE-2021-38166) * ath: Use safer key clearing with key cache entries (CVE-2020-3702) * ath9k: Clear key cache explicitly on disabling hardware (CVE-2020-3702) * ath: Export ath_hw_keysetmac() (CVE-2020-3702) * ath: Modify ath_key_delete() to not need full key entry (CVE-2020-3702) * ath9k: Postpone key cache entry deletion for TXQ frames reference it (CVE-2020-3702) * btrfs: fix NULL pointer dereference when deleting device by invalid id (CVE-2021-3739) * net: qrtr: fix another OOB Read in qrtr_endpoint_post (CVE-2021-3743) * vt_kdsetmode: extend console locking (CVE-2021-3753) * ext4: fix race writing to an inline_data file while its xattrs are changing (CVE-2021-40490) * dccp: don't duplicate ccid when cloning dccp sock (CVE-2020-16119) * io_uring: ensure symmetry in handling iter types in loop_rw_iter() (CVE-2021-41073) * netfilter: nftables: avoid potential overflows on 32bit arches * netfilter: nf_tables: initialize set before expression setup (Closes: #993978) * netfilter: nftables: clone set element expression template * bnx2x: Fix enabling network interfaces without VFs (Closes: #993948) Checksums-Sha1: a1fd26833ea6d586a5b99e824a926cfaa6fb868e 30062964 linux-doc-5.10_5.10.46-5_all.deb 595d0611168ce4b30b2a319d38ff8e2f66458858 1104 linux-doc_5.10.46-5_all.deb 7640c8ce1ccb45c1e3cc359edb7f41e2800a8786 7167524 linux-headers-5.10.0-8-common-rt_5.10.46-5_all.deb 99e0d6bfe15cb7a95c543e5dab885371b2d620a1 8829708 linux-headers-5.10.0-8-common_5.10.46-5_all.deb bad95c7a4ceff9518baf9e718f45aec603ace33c 120730996 linux-source-5.10_5.10.46-5_all.deb 13faaeed989c53070831b673f309b3fccc38343d 1096 linux-source_5.10.46-5_all.deb 320c282f96db06a7e6a8db9ea6e7c026c9c997d2 380076 linux-support-5.10.0-8_5.10.46-5_all.deb 35640e68d14fdfa55c291a69814208a49c33caa1 12035 linux_5.10.46-5_all-buildd.buildinfo Checksums-Sha256: 699e9f2c3d559b200d17c81c02b75fd0be56baa6fcc6180e0e55e66775029bed 30062964 linux-doc-5.10_5.10.46-5_all.deb 92cc88d778600c13dc1ef5d41727f63117dc45fd9aed1bd0b574b0cf729a1d4e 1104 linux-doc_5.10.46-5_all.deb e5b93de5dc722c91779132fb9d8e82c3fe74c2a3cc225dd2bd99d7e083e52088 7167524 linux-headers-5.10.0-8-common-rt_5.10.46-5_all.deb 24db66d81e203b2e2e8647f9cd6b5976fb4fd60e7d0d39978c81b05d94223360 8829708 linux-headers-5.10.0-8-common_5.10.46-5_all.deb f6f57184c393c8c99385087b6e364628e3cdebd5542447901ea2ac33194c6dd4 120730996 linux-source-5.10_5.10.46-5_all.deb 2fdbc78a8e8f04eb50ee0f6e1dc7cc3ff9f66aa4febf7e22df554588caabcbcb 1096 linux-source_5.10.46-5_all.deb daa4b282cd086c8dc87d2a149be045e6fa3eb284ec138bfd3fd8040153d03c40 380076 linux-support-5.10.0-8_5.10.46-5_all.deb 9bbff43d9797957638ec6804d86d14609a01e789eb316722617f75ae5cd665fd 12035 linux_5.10.46-5_all-buildd.buildinfo Files: 8f91b901101cec3e1ea887ffa3e15567 30062964 doc optional linux-doc-5.10_5.10.46-5_all.deb d696f29e9828a986fe5996d6a786fa49 1104 doc optional linux-doc_5.10.46-5_all.deb 2fe04358efd74a93404ad082c037948c 7167524 kernel optional linux-headers-5.10.0-8-common-rt_5.10.46-5_all.deb 237f832f794e6380b6afbe6969c10aae 8829708 kernel optional linux-headers-5.10.0-8-common_5.10.46-5_all.deb b15169a4ce8ca53d57bdd8d48a72cdcd 120730996 kernel optional linux-source-5.10_5.10.46-5_all.deb c19cdb124d6b2e3f122c77c25bab03b4 1096 kernel optional linux-source_5.10.46-5_all.deb 4cd04cd5dc426d1d9ae19d69b8adb8bc 380076 devel optional linux-support-5.10.0-8_5.10.46-5_all.deb 0d3d0ba7dd028b94484302f384e86455 12035 kernel optional linux_5.10.46-5_all-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEqQcRQHTGP4qt3opGks26TWZ8cfMFAmFM9C4ACgkQks26TWZ8 cfNTZQ//ZazAQVNxXYN7BlqjbUiOta5N7o8DtBCIEaLSgFyEoTlUc+SqFEjJ5ZF1 eG2WNAnZDD29Tm4psPZpBcUrdcJSWZIH7TRjDmy9x8d5i3MlEptnSjdmor/HE7uO avQgEeXEz8zIaSsWL6pRhPxbb4psr6Zchroi8/4mN/wBC7QyjRTqTvCINmaRXjmA 1CuyR9m0bN1gOY4BJHPLDHPgFb5LTUtxGuRmgL5NwhwkC30w5t/6mzcuDt23ex2j KwP3bPHX46lPVf5jHEIRUlCch3TRJTdn4AN6GsglpBhTv944IuY7QRQyKy3M/4iI 8Vz+WovNd4Aw3Mg7zDnbbbrD6kRL2fcPeM1WqEsgp2Dwv6IEOqIRXzOnHAICTSBk sINqEG3oNNkdSo5i0iJhbuZSE0k5BLzDZBKOwXXdnhXUhAbUg3VPC05BqSpt67CI RcC2Ka8Y5bgGaEl9LbaBOq1Xglw1DsXTPSiXI79kkpv53ZCwiAypRJ+vo22UDMll 7RahljN3YLbZzuRP/orLSWXav0V/1haASa/qOEsm4gXqQ7sgQ4b5jHahuPrsuhLu 1AFmCrcGftt2X62wnfyUeDJvbD9pv1SWUNZNPV0QL6IlT5FP6YJh42LjNEuYMje+ xxCXa5YmBFFXWMHKeaMxEJdfBHlNCu/+Vt/Lrb9b3KB+NuB3nHw= =8MnP -----END PGP SIGNATURE-----