Back to linux PTS page

Accepted linux 4.19.118-2+deb10u1 (source) into proposed-updates->stable-new, proposed-updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 07 Jun 2020 17:42:22 +0200
Source: linux
Architecture: source
Version: 4.19.118-2+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 960271
Changes:
 linux (4.19.118-2+deb10u1) buster-security; urgency=high
 .
   [ Salvatore Bonaccorso ]
   * selinux: properly handle multiple messages in selinux_netlink_send()
     (CVE-2020-10751)
   * fs/namespace.c: fix mountpoint reference counter race (CVE-2020-12114)
   * USB: core: Fix free-while-in-use bug in the USB S-Glibrary
     (CVE-2020-12464)
   * [x86] KVM: SVM: Fix potential memory leak in svm_cpu_init()
     (CVE-2020-12768)
   * scsi: sg: add sg_remove_request in sg_write (CVE-2020-12770)
   * USB: gadget: fix illegal array access in binding with UDC (CVE-2020-13143)
   * netlabel: cope with NULL catmap (CVE-2020-10711)
   * fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()
     (CVE-2020-10732)
   * kernel/relay.c: handle alloc_percpu returning NULL in relay_open
     (CVE-2019-19462)
   * mm: Fix mremap not considering huge pmd devmap (CVE-2020-10757)
   * [x86] KVM: nVMX: Always sync GUEST_BNDCFGS when it comes from vmcs01
   * KVM: Introduce a new guest mapping API
   * [arm64] kvm: fix compilation on aarch64
   * [s390x] kvm: fix compilation on s390
   * [s390x] kvm: fix compile on s390 part 2
   * KVM: Properly check if "page" is valid in kvm_vcpu_unmap
   * [x86] kvm: Introduce kvm_(un)map_gfn() (CVE-2019-3016)
   * [x86] kvm: Cache gfn to pfn translation (CVE-2019-3016)
   * [x86] KVM: Make sure KVM_VCPU_FLUSH_TLB flag is not missed (CVE-2019-3016)
   * [x86] KVM: Clean up host's steal time structure (CVE-2019-3016)
   * include/uapi/linux/swab.h: fix userspace breakage, use __BITS_PER_LONG for
     swap (Closes: #960271)
 .
   [ Ben Hutchings ]
   * propagate_one(): mnt_set_mountpoint() needs mount_lock
   * [x86] Add support for mitigation of Special Register Buffer Data Sampling
     (SRBDS) (CVE-2020-0543):
     - x86/cpu: Add 'table' argument to cpu_matches()
     - x86/speculation: Add Special Register Buffer Data Sampling (SRBDS)
       mitigation
     - x86/speculation: Add SRBDS vulnerability and mitigation documentation
     - x86/speculation: Add Ivy Bridge to affected list
   * [x86] speculation: Do not match steppings, to avoid an ABI change
Checksums-Sha1:
 7b6472fffa7d64e804c53d6b35bf073f4e228a0b 189318 linux_4.19.118-2+deb10u1.dsc
 5a7f4e3de9d484263eb7d907b527122d5a1f3051 107469088 linux_4.19.118.orig.tar.xz
 05924f5a3555c886889b62ff08588331e8f13222 3306732 linux_4.19.118-2+deb10u1.debian.tar.xz
 c0820d2a37e9a62aae88c34d503272b851ff0f09 47384 linux_4.19.118-2+deb10u1_source.buildinfo
Checksums-Sha256:
 955087d295f3a75078f5ffcd46168cb2852345683af30cc22ce1b2db583609d7 189318 linux_4.19.118-2+deb10u1.dsc
 353b99a93364cc9c54cd889acc71ffd3190101ad67f19238150691a3c6f95aaf 107469088 linux_4.19.118.orig.tar.xz
 d77e14c94986c0ef783588fb0829ff69a5e4bc3ae678c4f2e6aad8184db29edf 3306732 linux_4.19.118-2+deb10u1.debian.tar.xz
 9e0bec126ef0d291f6e95eb47dd7daf1d968ceb2cf4cf0c4e60567d8cab1271a 47384 linux_4.19.118-2+deb10u1_source.buildinfo
Files:
 b83432bce17ce82303c8eb3bc263b2f8 189318 kernel optional linux_4.19.118-2+deb10u1.dsc
 12f0a53ac0579cb01404de3bc62224c3 107469088 kernel optional linux_4.19.118.orig.tar.xz
 5ed5360704d2addae3a0a08b5fdec438 3306732 kernel optional linux_4.19.118-2+deb10u1.debian.tar.xz
 ab7d58e03dcc3475652781407cdcf2f0 47384 kernel optional linux_4.19.118-2+deb10u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl7dDR9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EDyQP/0Ux7Fb3IUiiGi9O8LgjXtZHYWUgI5zV
WTR50kVgLFai4hrlZsnt3KamOErjFjo3oYVnfAsHNBnkgXxGOYAnH9tV+HLC1GzO
PeZ7GHEM+OdvW8CmPjn6tTdni+EoyXcP0rTZ3kpKGVmr5kdTLfX0gsw/XLPGW+pe
k+E7mBCWaGWDn2HkGkN7/SEbcy9D6F7lNQqNI1tnFMXJSo+fBeVCV4lCjDROQaSE
Vr3IEgMurRYbv5Lw9icDQKYmT/DssMSPSjqMKlGSYowgtadwvnpXz8R05rwyyJG7
YlCFIUcagHbD8OrUna1+xDSUPEGxqF35qe45722VNltn7VTgWFRsPM5YkXvDEizZ
X38jLD0uwHESgTkH5BGFaFqu8cC6zkUdDkdhrU/u2L8pOttQLPq3ngKaqxKprty7
FlTogEXQqft7RwxBE9ckdCS1NUdaB6Gn7S5fKH9iOLPYeAL4pLm5xZZVxPCS0dXz
OKBLjxWAnUNG08hcKiPihmEF54EgHh+s2RZDrkSURgVP8qgxGaig17OKEK9Irunh
yKq0rZEQwCKMPc/YbQ/LWTYcW82QF2rXCe0qpEKn6nAhj7+3cKYHrVPTg31OuxMS
feSEYrtvf9Hok+bSkgCMG92joMFV4wWAq+EqnpQrpS4nhplw/2+U0rdJBTAGSCun
vLXZdrLK8uyb
=dcY4
-----END PGP SIGNATURE-----