Back to linux-signed-amd64 PTS page

Accepted linux-signed-amd64 6.1.38+3 (source) into proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted linux-signed-amd64 6.1.38+3 (source) into proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sat, 12 Aug 2023 12:20:38 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: linux-signed-amd64_6.1.38+3_source.changes
Debian-source: linux-signed-amd64
Debian-suite: proposed-updates
Debian-version: 6.1.38+3
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=h3g2XcYFoOskS8cupIpFliTWmum+xIuc8acf2HfKuKI=; b=r4PPqJX5b4P1NYiqM3XlEXJwCQ grnosdIki6ltqvREyj88uzOUcSkUgRRdGoz5+N8IGIO50q1hnhHJgSnD3fWo4xH9WVvsHl5yQ2dMw hMDpV2JEBHMMCJTjC806xzRuPOL0BQ95HYGL/58S12lBRo8JrwrNUIKTLzTaoBqHzTOb99dY1nQNO tDG2i1LTzw2rzXMtXIc+7hQLz9sr/m6n4wxFORvJT2aVtSQ5maO65ykHG/sDEeQG3DeqE5NUvYQf1 MDWy1Jr9kLn5s5dRRV2ty3HdFlF4bRfkTH16rRSF9unHtHCDD1KEknNxPDLtqjp7iDZa8fWrAi4RH ivzoESIQ==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1qUnbi-00D6iR-Re@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 07 Aug 2023 23:01:57 +0200
Source: linux-signed-amd64
Architecture: source
Version: 6.1.38+3
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Changes:
 linux-signed-amd64 (6.1.38+3) bookworm-security; urgency=high
 .
   * Sign kernel from linux 6.1.38-3
 .
   [ Salvatore Bonaccorso ]
   * [x86] Add mitigations for Gather Data Sampling (GDS) (CVE-2022-40982)
     - init: Provide arch_cpu_finalize_init()
     - x86/cpu: Switch to arch_cpu_finalize_init()
     - ARM: cpu: Switch to arch_cpu_finalize_init()
     - ia64/cpu: Switch to arch_cpu_finalize_init()
     - loongarch/cpu: Switch to arch_cpu_finalize_init()
     - m68k/cpu: Switch to arch_cpu_finalize_init()
     - mips/cpu: Switch to arch_cpu_finalize_init()
     - sh/cpu: Switch to arch_cpu_finalize_init()
     - sparc/cpu: Switch to arch_cpu_finalize_init()
     - um/cpu: Switch to arch_cpu_finalize_init()
     - init: Remove check_bugs() leftovers
     - init: Invoke arch_cpu_finalize_init() earlier
     - init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
     - x86/init: Initialize signal frame size late
     - x86/fpu: Remove cpuinfo argument from init functions
     - x86/fpu: Mark init functions __init
     - x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
     - x86/speculation: Add Gather Data Sampling mitigation
     - x86/speculation: Add force option to GDS mitigation
     - x86/speculation: Add Kconfig option for GDS
     - KVM: Add GDS_NO support to KVM
     - x86/mem_encrypt: Unbreak the AMD_MEM_ENCRYPT=n build
     - x86/xen: Fix secondary processors' FPU initialization
     - x86/mm: fix poking_init() for Xen PV guests
     - x86/mm: Use mm_alloc() in poking_init()
     - mm: Move mm_cachep initialization to mm_init()
     - x86/mm: Initialize text poking earlier
     - Documentation/x86: Fix backwards on/off logic about YMM support
   * [x86] Add a Speculative RAS Overflow (SRSO) mitigation (CVE-2023-20569)
     - x86/bugs: Increase the x86 bugs vector size to two u32s
     - x86/srso: Add a Speculative RAS Overflow mitigation
     - x86/srso: Add IBPB_BRTYPE support
     - x86/srso: Add SRSO_NO support
     - x86/srso: Add IBPB
     - x86/srso: Add IBPB on VMEXIT
     - x86/srso: Fix return thunks in generated code
     - x86/srso: Add a forgotten NOENDBR annotation
   * Bump ABI to 11
 .
   [ Ben Hutchings ]
   * [x86] Add missing pieces of SRSO mitigation:
     - x86/cpu, kvm: Add support for CPUID_80000021_EAX
     - x86/srso: Tie SBPB bit setting to microcode patch detection
Checksums-Sha1:
 4db021dee395e986cfe7f79e6d383d84e85df64a 8482 linux-signed-amd64_6.1.38+3.dsc
 44610c2d4af999fb8d5eeedfc8edd1b7aded89f6 3034864 linux-signed-amd64_6.1.38+3.tar.xz
Checksums-Sha256:
 a8b4ce490dfadbf7ea8e3b5769e5a572a431fa48f172c817ed7b61108f4fe8c7 8482 linux-signed-amd64_6.1.38+3.dsc
 885db6bbc334efea5de6ad5127b46defb67f36b3d13a5655912d8b2bfb4048f4 3034864 linux-signed-amd64_6.1.38+3.tar.xz
Files:
 3a15fb9b3170f5c343c5a60a649263f7 8482 kernel optional linux-signed-amd64_6.1.38+3.dsc
 85a503efcaef9da292be2d82ff6ea836 3034864 kernel optional linux-signed-amd64_6.1.38+3.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEfKFfvHEI+gkU+E+di0FRiLdONzYFAmTSctkACgkQi0FRiLdO
NzaDug//epooFsarxUTu5/uu34njaydmyFljVah+tBaCxhTlyTjeWnIIaKb39Qu7
KxJFr5/sJhIt4L1LhAivgZwaWX4x6ZgB8d7dsvMzYYnwFNorPVCBO0jZi5K1FwtC
JYmGXctGzrwNx68EY1CVufoIR6UFGdPd5JviMDlEBspq/HQ2893WsjW0Ajmncz5A
1ZP4TiEzxTdgrZcQvF1nRWA/dMzL1rMXiU20s/g2+fNqi0Y37QiUyDS2dkL586E3
85lK703WROmO+tUSDHKX3/S1izjduyDzTrxlHUUYuT7ArqYEK64fx6YPltWnswn7
PuX4dQD7SDU/U7K9GBI5Oo0mtjXOohRz/+MqLiUaFaWvhkGlmQSdoIb5vcgLOGCT
lnEup67RBVl7KfHBc+TnPTdZUHDCd+v487apbxAEW9k3aX+Xbhih1oVxf/FVDJFp
dIkqFCUl0ZGBMDm/56D6kRpE/r4zI0Z5mcJTK3vF0IrEQoNyWaSkXtyb/G6gXoNL
UtcxFNeIebJSs6WAmSqPx+Vyx59tP0+HLrHkqSpbbYMLTGycImBq9V6J1KpOQDkr
2j10wwOlm7k+RsIiC+/3rWxbxVdMgtH62o2Paa8m0m9AHvSGsJHpjdRbgojZhf08
2kxw4cljQrvLxWiAIYYRE0+nIXqy+ueudv2RRV7VaUk9sQS3Ghg=
=Y2xl
-----END PGP SIGNATURE-----