Accepted chromium 123.0.6312.122-1~deb12u1 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 10 Apr 2024 21:21:05 -0400 Source: chromium Architecture: source Version: 123.0.6312.122-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: Debian Chromium Team Changed-By: Andres Salomon Changes: chromium (123.0.6312.122-1~deb12u1) bookworm-security; urgency=high . * New upstream security release. - CVE-2024-3157: Out of bounds write in Compositing. Reported by DarkNavy. - CVE-2024-3516: Heap buffer overflow in ANGLE. Reported by Bao (zx) Pham and Toan (suto) Pham of Qrious Secure. - CVE-2024-3515: Use after free in Dawn. Reported by wgslfuzz. Checksums-Sha1: 9f336ce8840fd7e0ae63a06ba9d866adcc319e14 3742 chromium_123.0.6312.122-1~deb12u1.dsc 1f6fd5536698bea14b6d5749f11a385123ae046c 836565308 chromium_123.0.6312.122.orig.tar.xz 207df4bdf8e35e54ed3fad6f40329ee07eff7892 409588 chromium_123.0.6312.122-1~deb12u1.debian.tar.xz 5598d082f7386112d947e4fa7154554ddd18dfd8 21674 chromium_123.0.6312.122-1~deb12u1_source.buildinfo Checksums-Sha256: 3a128c1e6aeb02bb0fc509d5a545fd4a2b0f6cb6faa291c5dee8194d5c0abc60 3742 chromium_123.0.6312.122-1~deb12u1.dsc fb7b2fb79c74b2dff59ac996f59039c9c52bd048dbcf1678471d271e7b02d87d 836565308 chromium_123.0.6312.122.orig.tar.xz 9ce82f79f26d03d9b040e2c0813be31fb499a1653a40a555e54cf30b7ff4b05d 409588 chromium_123.0.6312.122-1~deb12u1.debian.tar.xz d1b79c16c4d7ee649713c9f58af5e6e1454ea048fd5dc559f652770e6ca3c7a8 21674 chromium_123.0.6312.122-1~deb12u1_source.buildinfo Files: ed62ccaf8a7a866ff23389c3898ad27e 3742 web optional chromium_123.0.6312.122-1~deb12u1.dsc 35be7ca6b97155d3fe8bbb15ecfca767 836565308 web optional chromium_123.0.6312.122.orig.tar.xz 9f55a036c81c593e5b7022b4e32797e2 409588 web optional chromium_123.0.6312.122-1~deb12u1.debian.tar.xz 49ea4385da11de3dcffe890c2848fd7d 21674 web optional chromium_123.0.6312.122-1~deb12u1_source.buildinfo -BEGIN PGP SIGNATURE- iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmYXiSgUHGRpbGluZ2Vy QGRlYmlhbi5vcmcACgkQZF0CR8NudjeIOQ//Q0DwrQnn2zf4xssH9JIbarE0gGy4 Z5ivVvZ8QDbms2QQT35echhBpmTOih0JJRta2c/9WdPP6Y8Z+Jq4hx9nUiv7bvWn s1IxnBH8+1iTDVI7VfaW0Fhjgy4tZgdSiv20TtXfRCuTfwbIxl0FxsY0Sgdxdr2q 7CyYlj+JLHMulkzKJsl46FNljSKVCiVKslnf3fT3UYwsHe/wLT3K9ToilrsgukPD tSK5yWeBOylA3fvtcX9cuM09ONaDQryp9ja6KMgUeV/2A9yQRCFBbrM8BT/Hg5BI IUT+jxJG77LNECcXvAzpocSzVIUzbOiMhfGNcVi2N34mfQ/rKBjRJf8cPlmiGKaI dGO+u7MfLTT9E5LMcl59TWqHudOfM3sLyczzrGahbFLZhaTk8dkOdsPHxOUTdV3Q jIL0OWx2tqCkKD2tBCF4OXCPxDa+XL+TkN0kWdPtROn/HuXeijcLs1r6KOklliTP TPTGd4n69y5MolXXvYN5q8hKPNuAiKK5zRQXoWiQ05s3zQfcB6RSgF9RxtU8UCor PANG4JCuinJnDFOgm3GGCH77NR6H93zDEBH/uYCItsQvAADRnXv3Nnl69htQ9M7n psaUT1p06blwg0Qafvt6f3U2uQN5EeFutFEC4jMnROEly+Cz2MZCKyvsZmSDqhO6 yst3p2uNcTMclpg= =1mUv -END PGP SIGNATURE- pgppzPvuCpL76.pgp Description: PGP signature
Accepted linux 6.1.85-1 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 11 Apr 2024 23:17:03 +0200 Source: linux Architecture: source Version: 6.1.85-1 Distribution: bookworm-security Urgency: high Maintainer: Debian Kernel Team Changed-By: Salvatore Bonaccorso Closes: 1065320 1068675 1068770 Changes: linux (6.1.85-1) bookworm-security; urgency=high . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.83 - md: fix data corruption for raid456 when reshape restart while grow up - md/raid10: prevent soft lockup while flush writes - io_uring/unix: drop usage of io_uring socket - io_uring: drop any code related to SCM_RIGHTS - nfsd: allow nfsd_file_get to sanely handle a NULL pointer - nfsd: don't open-code clear_and_wake_up_bit - nfsd: NFSD_FILE_KEY_INODE only needs to find GC'ed entries - nfsd: simplify test_bit return in NFSD_FILE_KEY_FULL comparator - nfsd: don't kill nfsd_files because of lease break error - nfsd: add some comments to nfsd_file_do_acquire - nfsd: don't take/put an extra reference when putting a file - nfsd: update comment over __nfsd_file_cache_purge - nfsd: allow reaping files still under writeback - NFSD: Convert filecache to rhltable - nfsd: simplify the delayed disposal list code - NFSD: Fix problem of COMMIT and NFS4ERR_DELAY in infinite loop - NFSD: Add an nfsd4_encode_nfstime4() helper - nfsd: Fix creation time serialization order - [arm64] media: rkisp1: Fix IRQ handling due to shared interrupts - perf/arm-cmn: Workaround AmpereOneX errata AC04_MESH_1 (incorrect child count) - ASoC: rt5645: Make LattePanda board DMI match more precise - [x86] ASoC: amd: yc: Fix non-functional mic on Lenovo 82UU - [x86] xen: Add some null pointer checking to smp.c - [mips*] Clear Cause.BD in instruction_pointer_set - HID: multitouch: Add required quirk for Synaptics 0xcddc device - gen_compile_commands: fix invalid escape sequence warning - [arm64] sve: Lower the maximum allocation for the SVE ptrace regset - soc: microchip: Fix POLARFIRE_SOC_SYS_CTRL input prompt - RDMA/mlx5: Fix fortify source warning while accessing Eth segment - RDMA/mlx5: Relax DEVX access upon modify commands - [x86] mm: Move is_vsyscall_vaddr() into asm/vsyscall.h - [x86] mm: Disallow vsyscall page read for copy_from_kernel_nofault() - net/iucv: fix the allocation size of iucv_path_table array - block: sed-opal: handle empty atoms when parsing response - dm-verity, dm-crypt: align "struct bvec_iter" correctly - [arm64] dts: Fix dtc interrupt_provider warnings - btrfs: fix data races when accessing the reserved amount of block reserves - btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve - net: smsc95xx: add support for SYS TEC USB-SPEmodule1 - wifi: mac80211: only call drv_sta_rc_update for uploaded stations - [x86] ASoC: amd: yc: Add Lenovo ThinkBook 21J0 into DMI quirk table - scsi: mpt3sas: Prevent sending diag_reset when the controller is ready - ALSA: hda/realtek - ALC285 reduce pop noise from Headphone port - drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series - [x86] ASoC: amd: yc: Fix non-functional mic on Lenovo 21J2 - Bluetooth: mgmt: Fix limited discoverable off timeout - firewire: core: use long bus reset on gap count error - [arm64] tegra: Set the correct PHY mode for MGBE - [x86] ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet - Input: gpio_keys_polled - suppress deferred probe error for gpio - [x86] ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC - [x86] ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode - [x86] ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak - fs: Fix rw_hint validation - [s390x] dasd: add autoquiesce feature - [s390x] dasd: Use dev_*() for device log messages - [s390x] dasd: fix double module refcount decrement - rcu/exp: Fix RCU expedited parallel grace period kworker allocation failure recovery - rcu/exp: Handle RCU expedited grace period kworker allocation failure - nbd: null check for nla_nest_start - fs/select: rework stack allocation hack for clang - md: Don't clear MD_CLOSING when the raid is about to stop - lib/cmdline: Fix an invalid format specifier in an assertion msg - lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg - time: test: Fix incorrect format specifier - rtc: test: Fix invalid format specifier. - io_uring/net: unify how recvmsg and sendmsg copy in the msghdr - io_uring/net: move receive multishot out of the generic msghdr path - io_uring/net: fix overflow check in io_recvm
Accepted linux-signed-amd64 6.1.85+1 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 11 Apr 2024 23:17:03 +0200 Source: linux-signed-amd64 Architecture: source Version: 6.1.85+1 Distribution: bookworm-security Urgency: high Maintainer: Debian Kernel Team Changed-By: Salvatore Bonaccorso Changes: linux-signed-amd64 (6.1.85+1) bookworm-security; urgency=high . * Sign kernel from linux 6.1.85-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.83 - md: fix data corruption for raid456 when reshape restart while grow up - md/raid10: prevent soft lockup while flush writes - io_uring/unix: drop usage of io_uring socket - io_uring: drop any code related to SCM_RIGHTS - nfsd: allow nfsd_file_get to sanely handle a NULL pointer - nfsd: don't open-code clear_and_wake_up_bit - nfsd: NFSD_FILE_KEY_INODE only needs to find GC'ed entries - nfsd: simplify test_bit return in NFSD_FILE_KEY_FULL comparator - nfsd: don't kill nfsd_files because of lease break error - nfsd: add some comments to nfsd_file_do_acquire - nfsd: don't take/put an extra reference when putting a file - nfsd: update comment over __nfsd_file_cache_purge - nfsd: allow reaping files still under writeback - NFSD: Convert filecache to rhltable - nfsd: simplify the delayed disposal list code - NFSD: Fix problem of COMMIT and NFS4ERR_DELAY in infinite loop - NFSD: Add an nfsd4_encode_nfstime4() helper - nfsd: Fix creation time serialization order - [arm64] media: rkisp1: Fix IRQ handling due to shared interrupts - perf/arm-cmn: Workaround AmpereOneX errata AC04_MESH_1 (incorrect child count) - ASoC: rt5645: Make LattePanda board DMI match more precise - [x86] ASoC: amd: yc: Fix non-functional mic on Lenovo 82UU - [x86] xen: Add some null pointer checking to smp.c - [mips*] Clear Cause.BD in instruction_pointer_set - HID: multitouch: Add required quirk for Synaptics 0xcddc device - gen_compile_commands: fix invalid escape sequence warning - [arm64] sve: Lower the maximum allocation for the SVE ptrace regset - soc: microchip: Fix POLARFIRE_SOC_SYS_CTRL input prompt - RDMA/mlx5: Fix fortify source warning while accessing Eth segment - RDMA/mlx5: Relax DEVX access upon modify commands - [x86] mm: Move is_vsyscall_vaddr() into asm/vsyscall.h - [x86] mm: Disallow vsyscall page read for copy_from_kernel_nofault() - net/iucv: fix the allocation size of iucv_path_table array - block: sed-opal: handle empty atoms when parsing response - dm-verity, dm-crypt: align "struct bvec_iter" correctly - [arm64] dts: Fix dtc interrupt_provider warnings - btrfs: fix data races when accessing the reserved amount of block reserves - btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve - net: smsc95xx: add support for SYS TEC USB-SPEmodule1 - wifi: mac80211: only call drv_sta_rc_update for uploaded stations - [x86] ASoC: amd: yc: Add Lenovo ThinkBook 21J0 into DMI quirk table - scsi: mpt3sas: Prevent sending diag_reset when the controller is ready - ALSA: hda/realtek - ALC285 reduce pop noise from Headphone port - drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series - [x86] ASoC: amd: yc: Fix non-functional mic on Lenovo 21J2 - Bluetooth: mgmt: Fix limited discoverable off timeout - firewire: core: use long bus reset on gap count error - [arm64] tegra: Set the correct PHY mode for MGBE - [x86] ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet - Input: gpio_keys_polled - suppress deferred probe error for gpio - [x86] ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC - [x86] ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode - [x86] ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak - fs: Fix rw_hint validation - [s390x] dasd: add autoquiesce feature - [s390x] dasd: Use dev_*() for device log messages - [s390x] dasd: fix double module refcount decrement - rcu/exp: Fix RCU expedited parallel grace period kworker allocation failure recovery - rcu/exp: Handle RCU expedited grace period kworker allocation failure - nbd: null check for nla_nest_start - fs/select: rework stack allocation hack for clang - md: Don't clear MD_CLOSING when the raid is about to stop - lib/cmdline: Fix an invalid format specifier in an assertion msg - lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg - time: test: Fix incorrect format specifier - rtc: test: Fix invalid format specifier. - io_uring/net: unify how recvmsg and sendmsg copy in the msghdr - io_uring/net: move receive multishot out of the generic msghdr path - io_uring/n
Accepted linux-signed-arm64 6.1.85+1 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 11 Apr 2024 23:17:03 +0200 Source: linux-signed-arm64 Architecture: source Version: 6.1.85+1 Distribution: bookworm-security Urgency: high Maintainer: Debian Kernel Team Changed-By: Salvatore Bonaccorso Changes: linux-signed-arm64 (6.1.85+1) bookworm-security; urgency=high . * Sign kernel from linux 6.1.85-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.83 - md: fix data corruption for raid456 when reshape restart while grow up - md/raid10: prevent soft lockup while flush writes - io_uring/unix: drop usage of io_uring socket - io_uring: drop any code related to SCM_RIGHTS - nfsd: allow nfsd_file_get to sanely handle a NULL pointer - nfsd: don't open-code clear_and_wake_up_bit - nfsd: NFSD_FILE_KEY_INODE only needs to find GC'ed entries - nfsd: simplify test_bit return in NFSD_FILE_KEY_FULL comparator - nfsd: don't kill nfsd_files because of lease break error - nfsd: add some comments to nfsd_file_do_acquire - nfsd: don't take/put an extra reference when putting a file - nfsd: update comment over __nfsd_file_cache_purge - nfsd: allow reaping files still under writeback - NFSD: Convert filecache to rhltable - nfsd: simplify the delayed disposal list code - NFSD: Fix problem of COMMIT and NFS4ERR_DELAY in infinite loop - NFSD: Add an nfsd4_encode_nfstime4() helper - nfsd: Fix creation time serialization order - [arm64] media: rkisp1: Fix IRQ handling due to shared interrupts - perf/arm-cmn: Workaround AmpereOneX errata AC04_MESH_1 (incorrect child count) - ASoC: rt5645: Make LattePanda board DMI match more precise - [x86] ASoC: amd: yc: Fix non-functional mic on Lenovo 82UU - [x86] xen: Add some null pointer checking to smp.c - [mips*] Clear Cause.BD in instruction_pointer_set - HID: multitouch: Add required quirk for Synaptics 0xcddc device - gen_compile_commands: fix invalid escape sequence warning - [arm64] sve: Lower the maximum allocation for the SVE ptrace regset - soc: microchip: Fix POLARFIRE_SOC_SYS_CTRL input prompt - RDMA/mlx5: Fix fortify source warning while accessing Eth segment - RDMA/mlx5: Relax DEVX access upon modify commands - [x86] mm: Move is_vsyscall_vaddr() into asm/vsyscall.h - [x86] mm: Disallow vsyscall page read for copy_from_kernel_nofault() - net/iucv: fix the allocation size of iucv_path_table array - block: sed-opal: handle empty atoms when parsing response - dm-verity, dm-crypt: align "struct bvec_iter" correctly - [arm64] dts: Fix dtc interrupt_provider warnings - btrfs: fix data races when accessing the reserved amount of block reserves - btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve - net: smsc95xx: add support for SYS TEC USB-SPEmodule1 - wifi: mac80211: only call drv_sta_rc_update for uploaded stations - [x86] ASoC: amd: yc: Add Lenovo ThinkBook 21J0 into DMI quirk table - scsi: mpt3sas: Prevent sending diag_reset when the controller is ready - ALSA: hda/realtek - ALC285 reduce pop noise from Headphone port - drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series - [x86] ASoC: amd: yc: Fix non-functional mic on Lenovo 21J2 - Bluetooth: mgmt: Fix limited discoverable off timeout - firewire: core: use long bus reset on gap count error - [arm64] tegra: Set the correct PHY mode for MGBE - [x86] ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet - Input: gpio_keys_polled - suppress deferred probe error for gpio - [x86] ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC - [x86] ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode - [x86] ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak - fs: Fix rw_hint validation - [s390x] dasd: add autoquiesce feature - [s390x] dasd: Use dev_*() for device log messages - [s390x] dasd: fix double module refcount decrement - rcu/exp: Fix RCU expedited parallel grace period kworker allocation failure recovery - rcu/exp: Handle RCU expedited grace period kworker allocation failure - nbd: null check for nla_nest_start - fs/select: rework stack allocation hack for clang - md: Don't clear MD_CLOSING when the raid is about to stop - lib/cmdline: Fix an invalid format specifier in an assertion msg - lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg - time: test: Fix incorrect format specifier - rtc: test: Fix invalid format specifier. - io_uring/net: unify how recvmsg and sendmsg copy in the msghdr - io_uring/net: move receive multishot out of the generic msghdr path - io_uring/n
Accepted xorg-server 2:21.1.7-3+deb12u6 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 04 Apr 2024 11:59:35 +0200 Source: xorg-server Architecture: source Version: 2:21.1.7-3+deb12u6 Distribution: bookworm-security Urgency: high Maintainer: Debian X Strike Force Changed-By: Julien Cristau Changes: xorg-server (2:21.1.7-3+deb12u6) bookworm-security; urgency=high . * CVE-2024-31080: Heap buffer overread/data leakage in ProcXIGetSelectedEvents * CVE-2024-31081: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice * CVE-2024-31082: Heap buffer overread/data leakage in ProcAppleDRICreatePixmap * CVE-2024-31083: User-after-free in ProcRenderAddGlyphs Checksums-Sha1: 777030628095a34ba5fc14970d74d407b4297f7b 4268 xorg-server_21.1.7-3+deb12u6.dsc 869271bab71882db6eb08bdb875881965959c7a4 184514 xorg-server_21.1.7-3+deb12u6.diff.gz Checksums-Sha256: 99da57621d8d1e7b619399d792e4f827ea9f065c2a7943166fe9c266a5374b2d 4268 xorg-server_21.1.7-3+deb12u6.dsc 59d0ed65aaf9f506cb1dc25bfcd65d8382aaf8bda5d745f22fd422b0a4b2f668 184514 xorg-server_21.1.7-3+deb12u6.diff.gz Files: a2f115d396a5b86347cb7d06d536b769 4268 x11 optional xorg-server_21.1.7-3+deb12u6.dsc b2a19c9315363c616d9170e2f25c001e 184514 x11 optional xorg-server_21.1.7-3+deb12u6.diff.gz -BEGIN PGP SIGNATURE- iQJIBAEBCgAyFiEEVXgdqzTmGgnvuIvhnbAjVVb4z60FAmYOez0UHGpjcmlzdGF1 QGRlYmlhbi5vcmcACgkQnbAjVVb4z60hLhAApe0Apb/RB37kjDkEkztuxgOg/V0O ZtatlS2qWQvYAxvRopzRL1frkuXkkPndd4g6L1lr/yvRznJdtENA7SKVAeYcOAg8 oWoWfgUCEx8lQiUig1N4LzObiDVt9PdZblxJRWHG4qKtGFXi4eN3EC+G5qbU86Fy l4nPR7PLFKO1rYMORmLByzCnwaLqc9PG0MJI++7Nx4BRej7Xq9REjoBYGtjNYW6M uCSdI6ex2Q0eAXjgltBbWd7JkkFwrg/a7Q/pz/fzVp6/L4WL6rCGV42VFJTCoLqt JszzZd9xG2cjlshMzVrxK9wrj1Krc2qQd3VT3uNqpMdOec/4qB92Dch911HRP3TR ye2rIfgVfH8wUD/EaeF4Fx4IPDQR90qDN2cQxlpchkn/CVyNW1/s5j8JxRiNOUiv Vu7Rm9KbczUXK6tqBLJi3xOUCPBPu5SulbMBfqogvq8qala9HSr5/xuk53iDeARC t/uJiu28Sra7fBK8rgr5vqHtc5KcghuUbp1O/CGHrLmJ7ANYoRyh3hXkvz1jgNDc 7iDcsKEIRqGkbrxRAXUUVcfQlx3FEvILjtZeQ67N6sOfvUavmUEEJZoY1jrbWewy HpDBaQbe+pCgG9fG40RXBm8OopxU9psftAewVAZ0zubRJsPSZ3IcmgV2mEYT9ZDG Mvdwv4TgbmXq6M4= =TFbW -END PGP SIGNATURE- pgpqAn3fFTgwO.pgp Description: PGP signature
Accepted linux-signed-i386 6.1.85+1 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 11 Apr 2024 23:17:03 +0200 Source: linux-signed-i386 Architecture: source Version: 6.1.85+1 Distribution: bookworm-security Urgency: high Maintainer: Debian Kernel Team Changed-By: Salvatore Bonaccorso Changes: linux-signed-i386 (6.1.85+1) bookworm-security; urgency=high . * Sign kernel from linux 6.1.85-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.83 - md: fix data corruption for raid456 when reshape restart while grow up - md/raid10: prevent soft lockup while flush writes - io_uring/unix: drop usage of io_uring socket - io_uring: drop any code related to SCM_RIGHTS - nfsd: allow nfsd_file_get to sanely handle a NULL pointer - nfsd: don't open-code clear_and_wake_up_bit - nfsd: NFSD_FILE_KEY_INODE only needs to find GC'ed entries - nfsd: simplify test_bit return in NFSD_FILE_KEY_FULL comparator - nfsd: don't kill nfsd_files because of lease break error - nfsd: add some comments to nfsd_file_do_acquire - nfsd: don't take/put an extra reference when putting a file - nfsd: update comment over __nfsd_file_cache_purge - nfsd: allow reaping files still under writeback - NFSD: Convert filecache to rhltable - nfsd: simplify the delayed disposal list code - NFSD: Fix problem of COMMIT and NFS4ERR_DELAY in infinite loop - NFSD: Add an nfsd4_encode_nfstime4() helper - nfsd: Fix creation time serialization order - [arm64] media: rkisp1: Fix IRQ handling due to shared interrupts - perf/arm-cmn: Workaround AmpereOneX errata AC04_MESH_1 (incorrect child count) - ASoC: rt5645: Make LattePanda board DMI match more precise - [x86] ASoC: amd: yc: Fix non-functional mic on Lenovo 82UU - [x86] xen: Add some null pointer checking to smp.c - [mips*] Clear Cause.BD in instruction_pointer_set - HID: multitouch: Add required quirk for Synaptics 0xcddc device - gen_compile_commands: fix invalid escape sequence warning - [arm64] sve: Lower the maximum allocation for the SVE ptrace regset - soc: microchip: Fix POLARFIRE_SOC_SYS_CTRL input prompt - RDMA/mlx5: Fix fortify source warning while accessing Eth segment - RDMA/mlx5: Relax DEVX access upon modify commands - [x86] mm: Move is_vsyscall_vaddr() into asm/vsyscall.h - [x86] mm: Disallow vsyscall page read for copy_from_kernel_nofault() - net/iucv: fix the allocation size of iucv_path_table array - block: sed-opal: handle empty atoms when parsing response - dm-verity, dm-crypt: align "struct bvec_iter" correctly - [arm64] dts: Fix dtc interrupt_provider warnings - btrfs: fix data races when accessing the reserved amount of block reserves - btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve - net: smsc95xx: add support for SYS TEC USB-SPEmodule1 - wifi: mac80211: only call drv_sta_rc_update for uploaded stations - [x86] ASoC: amd: yc: Add Lenovo ThinkBook 21J0 into DMI quirk table - scsi: mpt3sas: Prevent sending diag_reset when the controller is ready - ALSA: hda/realtek - ALC285 reduce pop noise from Headphone port - drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series - [x86] ASoC: amd: yc: Fix non-functional mic on Lenovo 21J2 - Bluetooth: mgmt: Fix limited discoverable off timeout - firewire: core: use long bus reset on gap count error - [arm64] tegra: Set the correct PHY mode for MGBE - [x86] ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet - Input: gpio_keys_polled - suppress deferred probe error for gpio - [x86] ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC - [x86] ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode - [x86] ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak - fs: Fix rw_hint validation - [s390x] dasd: add autoquiesce feature - [s390x] dasd: Use dev_*() for device log messages - [s390x] dasd: fix double module refcount decrement - rcu/exp: Fix RCU expedited parallel grace period kworker allocation failure recovery - rcu/exp: Handle RCU expedited grace period kworker allocation failure - nbd: null check for nla_nest_start - fs/select: rework stack allocation hack for clang - md: Don't clear MD_CLOSING when the raid is about to stop - lib/cmdline: Fix an invalid format specifier in an assertion msg - lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg - time: test: Fix incorrect format specifier - rtc: test: Fix invalid format specifier. - io_uring/net: unify how recvmsg and sendmsg copy in the msghdr - io_uring/net: move receive multishot out of the generic msghdr path - io_uring/net
Accepted trafficserver 9.2.4+ds-0+deb12u1 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 13 Apr 2024 11:21:19 +0200 Source: trafficserver Architecture: source Version: 9.2.4+ds-0+deb12u1 Distribution: bookworm-security Urgency: medium Maintainer: Jean Baptiste Favre Changed-By: Jean Baptiste Favre Closes: 1068417 Changes: trafficserver (9.2.4+ds-0+deb12u1) bookworm-security; urgency=medium . * New upstream version 9.2.4+ds * Refresh d/patches for 9.2.4 release * CVEs fix (Closes: #1068417) - CVE-2024-31309: HTTP/2 CONTINUATION DoS attack Checksums-Sha1: 6e5ee8e9dcb447167fc51f205fc7aa4079d8bf9c 3024 trafficserver_9.2.4+ds-0+deb12u1.dsc cd8b0489c081639feab09a8b6b2ee35187bc9237 8946216 trafficserver_9.2.4+ds.orig.tar.xz 07bb1879ce7bd25836ffa6e9f9bd69c1da79434b 35920 trafficserver_9.2.4+ds-0+deb12u1.debian.tar.xz 30a5558923240e4cbf8b0e5e5963df0d018f3605 12785 trafficserver_9.2.4+ds-0+deb12u1_source.buildinfo Checksums-Sha256: da6bc838544fb3a59f812a46dcfd3c88c9124c07591d287c9bd033e808c05bd5 3024 trafficserver_9.2.4+ds-0+deb12u1.dsc 9eb6089cfb91d07eb2b44d26c6f37ed1071fd1eb19113e6870afeefdc801cda7 8946216 trafficserver_9.2.4+ds.orig.tar.xz ea1321713b68ae05f04256ecdd35e48e653f9415b4f073202b8e55fff42154f8 35920 trafficserver_9.2.4+ds-0+deb12u1.debian.tar.xz f1e816ed062ca2d7c8907175270af614034dca1e40b4ac6db9d943804e131911 12785 trafficserver_9.2.4+ds-0+deb12u1_source.buildinfo Files: 15e0de4e8662bc8879a922e803e8d77b 3024 web optional trafficserver_9.2.4+ds-0+deb12u1.dsc 0e061f5cdca0150fb748ae34e6fb 8946216 web optional trafficserver_9.2.4+ds.orig.tar.xz 83f96627c72a08dbc595e9bb1dc44db5 35920 web optional trafficserver_9.2.4+ds-0+deb12u1.debian.tar.xz a0a8f048d8e97ec67ab2ef40c384adbc 12785 web optional trafficserver_9.2.4+ds-0+deb12u1_source.buildinfo -BEGIN PGP SIGNATURE- iQKTBAEBCgB9FiEEToRbojDLTUSJBphHtN1Tas99hzcFAmYaVIZfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDRF ODQ1QkEyMzBDQjRENDQ4OTA2OTg0N0I0REQ1MzZBQ0Y3RDg3MzcACgkQtN1Tas99 hze/vA//aaLprYJOSyqBGa7LIM2IUd+2hIbdiRWTN/6kHIzSngLbUF+I37bEgZcz aFT4GrqXioBSwYyMrj2WipZR/tKDJbJpo+glzOqwLmCqFyNWe+TtEZ0pUfnd1gEW m9r6XlftZXZ8yU9LeCtQQ5N9Z/KR1iYTrSKrq2ryq7yey2HdNfq4sYsgZoQ/yplv D4iRfc2HvrAq3X3w5Ai9LlpXtavXuy9+17c8MgOXU9ZzQpmYZHDyXwS5yOcVqtUe oO5lkjK6kZ8gD8DlXmz4wJpKgJ2mHyWdgvSMX6mn5VzGS40qIOxng025E5rvGDfw y7fkJPhq1Yq6p3WEtV8ZWZ4xgdSJpx3ZzEuBKJakucBCTmRIHrpGPK5rVfsbZDId x+x+vQvsoBl00wvh5j+aecDXfnBkfR+P0xytD4+tgJ+qI3J4UHsMB948bV1aOXmc ONsP0RD97mQyJ+hEfV4ewVBnQ69T6MEOmKLfVcv9tpGzQO51SRaIVhIQbOqybeCC ojxBuzrFbtfhlwAMyUZnTRWjnulETA3SpEQdekBOP85GSuinRvoj6k2Ukjpo+q53 k/VX0Ux6pWM91OQSOmICB2lrzCD6ZNFFFC2GSx8eBr3h5qscjjmT59XrmZ3AJr6w F7uwGrwnv9gKIEhOug5u5bvNf1KR3ZXaGmYv77ihAiuCCx7O6Jo= =FLQO -END PGP SIGNATURE- pgphY4XuorqnZ.pgp Description: PGP signature
Accepted xorg-server 2:21.1.7-3+deb12u7 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 10 Apr 2024 11:02:46 +0200 Source: xorg-server Architecture: source Version: 2:21.1.7-3+deb12u7 Distribution: bookworm-security Urgency: high Maintainer: Debian X Strike Force Changed-By: Julien Cristau Changes: xorg-server (2:21.1.7-3+deb12u7) bookworm-security; urgency=high . * render: Avoid possible double-free in ProcRenderAddGlyphs() Checksums-Sha1: 5659bf4f30f709d72d5f2045b293cdfc8c71 4268 xorg-server_21.1.7-3+deb12u7.dsc bd3d7146939d78bdfa640961746c63d4d1735c47 185581 xorg-server_21.1.7-3+deb12u7.diff.gz Checksums-Sha256: 59bf0934b01c9123c883d9c1bd7d123d96690e6843527e0fdeb0a4fee53d5c03 4268 xorg-server_21.1.7-3+deb12u7.dsc 8b453342fb4aac5be8efc6df79a6b17ad35131ec8a3a96a174e162e6d95691e5 185581 xorg-server_21.1.7-3+deb12u7.diff.gz Files: 5e852b6b85ba7860861732724d64068d 4268 x11 optional xorg-server_21.1.7-3+deb12u7.dsc dfa27d225b5dc06801fb5756294bb5c2 185581 x11 optional xorg-server_21.1.7-3+deb12u7.diff.gz -BEGIN PGP SIGNATURE- iQJIBAEBCgAyFiEEVXgdqzTmGgnvuIvhnbAjVVb4z60FAmYWlK0UHGpjcmlzdGF1 QGRlYmlhbi5vcmcACgkQnbAjVVb4z622rBAAo+nsaOG23PMu2eVh3ff2i/txUDTo un1Ufgi+VP4Y9JoB/EoF7Hdr8cW+F6OCakl0yc88wbXoHsNFQVodm5JLRoJAe3tv GX9o+qdPS6zbX+T9m2hd3QsrR9SfXrqQ+O+OXk7ACyj+NIIqEUUPQuy7BNZl1IeS qD/za/p78d3dlwinpeOc4hP9DnlYXWYTR5D2FGCf+Ntd3Od5MpCUiaCa1757npLG NU9jwbNPS+/6rgbYnhXUlVx/NijdVKfA/uFRD1rMSoKrSchYh1Vt3hRPEtpkMKry HqcyATnM+Z5WNs5sGyTqIbraReHXJhEMK5zB60e1sWlEZGbk8dhFsulylyC7grlS upvIU39WckGC2etlCmCD2x89bxj+3F9aY31uEwQZ+g/SqgIBfVLWBi1cVUadzHgC A4RE4s/olBu1nyVKZj8YkpCDmT028tBKnsBA70Wn1/HYRBwot8bhtgtagfasJq1b FNX5NMy943r084jb7pEJG1kUjoFAHiF6g0/fu1oUZEuj9QoA1QMvTciGFaMyZ8Rt af9P3Am3zBBxwIQ4UF2K+OZov6/cO5aK1ASEf2FfhL8HR/QiMfCw0GCue9qqbGGI hmWSJhdKytP/WG4Tcibi+dIEiofrYIXvyRQzvfiZltBsVp4mSXDDo7AfSy1Oo4bM nlHiZcahI9rEIIc= =yJA3 -END PGP SIGNATURE- pgp6_9EnwPkHC.pgp Description: PGP signature
